Download - Guido Hettema (Akamai) | TU - Hack & Attacks
![Page 1: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/1.jpg)
Media Security Solutions Overview
Guido Hettema, Service Line Manager Benelux
![Page 2: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/2.jpg)
©2014 AKAMAI | FASTER FORWARDTM
Market Dynamics
• Market Dynamics
– Content owners demand security requirements for premium content to broadcasters and
distributors
• Two types often used:
– Transport encryption (streaming) – (SSL/TLS)
– Digital rights management (DRM) (Offline) – expensive, complex, overkill for streaming
only.
![Page 3: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/3.jpg)
©2014 AKAMAI | FASTER FORWARDTM
Grow revenue opportunities with fast, personalized
web experiences and manage complexity from peak
demand, mobile devices and data collection.
So what should we look out for ?
![Page 4: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/4.jpg)
©2014 AKAMAI | FASTER FORWARDTM
Common vulnerabilities
• Link Sharing - Unauthorized users obtain access to premium/paid content, bypassing a
retailer's business model.
• Deep Linking – A hacker decompiles the player and posts hidden links to his own site in
order to monetize the content.
• Player Hijacking – Theft of the player, followed by copying it to a different website,
thereby bypassing attributions to the origin site.
• Stream Ripping - Theft of the actual content from the stream while it is being delivered
to client systems.
• Stealing from Cache - Theft of the content from a browser, player cache or disk.
• Content Tampering - Modification of the actual content (e.g., replacing/injecting
unwanted advertisements into the stream).
![Page 5: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/5.jpg)
©2014 AKAMAI | FASTER FORWARDTM
Grow revenue opportunities with fast, personalized
web experiences and manage complexity from peak
demand, mobile devices and data collection.
How do we secure Live and
On Demand content ?
![Page 6: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/6.jpg)
©2014 AKAMAI | FASTER FORWARDTM
Secure HD
![Page 7: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/7.jpg)
©2014 AKAMAI | FASTER FORWARDTM
Grow revenue opportunities with fast, personalized
web experiences and manage complexity from peak
demand, mobile devices and data collection.Token Auth
![Page 8: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/8.jpg)
©2014 AKAMAI | FASTER FORWARDTM
Token Auth Workflow
“SecureHD’s Token Authorization
security mechanism can be used
to provide
a hybrid token scheme in which a
combination of a short TTL URL
token and a long TTL cookiebased
token is used”
![Page 9: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/9.jpg)
©2014 AKAMAI | FASTER FORWARDTM
Grow revenue opportunities with fast, personalized
web experiences and manage complexity from peak
demand, mobile devices and data collection.Player Verification
![Page 10: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/10.jpg)
©2014 AKAMAI | FASTER FORWARDTM
Player Verification
“HDS dynamic streaming
workflow using
HD Player Verification security
mechanism.”
![Page 11: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/11.jpg)
©2014 AKAMAI | FASTER FORWARDTM
Grow revenue opportunities with fast, personalized
web experiences and manage complexity from peak
demand, mobile devices and data collection.Media Encryption
![Page 12: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/12.jpg)
©2014 AKAMAI | FASTER FORWARDTM
Media Encryption
• Content is encrypted in transit and at
rest
• Limits the content breach by using
unique encryption key per session
• Multi-factor decryption mechanism for
stronger security
• Supports message integrity to detect
content tempering
• Provides breach response
![Page 13: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/13.jpg)
©2014 AKAMAI | FASTER FORWARDTM
Grow revenue opportunities with fast, personalized
web experiences and manage complexity from peak
demand, mobile devices and data collection.Content Targeting
![Page 14: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/14.jpg)
©2014 AKAMAI | FASTER FORWARDTM
Content targeting
“Based on the Akamai
EdgeScape service, SecureHD’s
Content Targeting protects
against content access in specific
geographic areas. At a standard
level of service, EdgeScape
provides geo-based protection
based on continent, country, or
region within an individual
country.”
Looking up the end user’s IP address in
Akamai’s EdgeScape Database.
Akamai Edge Server Side Implementation
Origin Server-Side Implementation
2 ways to do it:
![Page 15: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/15.jpg)
©2014 AKAMAI | FASTER FORWARDTM
Grow revenue opportunities with fast, personalized
web experiences and manage complexity from peak
demand, mobile devices and data collection.Summary
![Page 16: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/16.jpg)
©2014 AKAMAI | FASTER FORWARDTM
Summary
![Page 17: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/17.jpg)
©2014 AKAMAI | FASTER FORWARDTM
Grow revenue opportunities with fast, personalized
web experiences and manage complexity from peak
demand, mobile devices and data collection.Thank you !
![Page 18: Guido Hettema (Akamai) | TU - Hack & Attacks](https://reader030.vdocuments.mx/reader030/viewer/2022032616/55a8feb11a28ab95278b4857/html5/thumbnails/18.jpg)
©2014 AKAMAI | FASTER FORWARDTM