Wowza Community

How to accomplish PHLS/PHDS + SWF verification level security in Wowza?

Hi,

I would like to know if/how Wowza can provide the equivalent of the security features of PHLS/PHDS by Adobe Media Server 5? We are in need of a solution that doesn’t require the full Adobe Access or Silverlight or Widewine, but still provides ample security, so that our content is protected.

Our project requires secure streaming of audio content (AAC) to authorized users on authorized devices, for Windows/OSX and iOS/Android. It would be preferable to keep the player in the browser, but if required, we can develop native desktop software and mobile applications. One of the drawbacks of AMS is the mobile playback. PHLS isn’t supported on iOS, unless you get their expensive Primetime player. PHDS on Android is also a question, especially how they took flash out of the new Android versions.

If there is anybody on the forum who has had experience in both AMS and Wowza and can shed some light on the different security features of Wowza (excluding it’s DRM Addon) in comparison to AMS, I would love to hear from you.

Thank you

David

Hi David,

I don’t have answers to your comparison questions, but take a look at this Overview of Wowza Security as a starting place and reference for what Wowza offers.

Richard

Hi Richard,

Thank you very much for responding. Could you confirm my assumptions below?

Wowza can offer the following security without the DRM Addon for streaming HLS to desktop flash players and iOS/Android applications:

  1. Streamlock or our own SSL for secured streaming. Would HLS streaming under https work the same way as described for HDS here? https://www.wowza.com/docs/how-to-set-up-adobe-hds-playback-across-https-ssl . Do you know of any issues that can come up with installing our own certificate?

  2. The HLS segments can be encrypted using AES-128. Could you clarify, that in an on-demand situation, the encryption is something that takes place in real-time anytime a media file is requested, or encryption is done beforehand on each media? If the encryption is done beforehand, how is this accomplished?

  3. SWF protection is only for flash players.

  4. Securetoken only works for RTMPE/RTMPTE? Any way to implement this or something similar for HLS?

  5. If we wanted to generate user specific url to each stream, we can utilize the StreamNameAlias addon to remap an incoming request?

  6. If we wanted to restrict streams for each user for a specific geoip, we can utilize the GeoIP Locking feature.

Am I missing something?

Thanks

David