Media Security Solutions Overview

Guido Hettema, Service Line Manager Benelux

©2014 AKAMAI | FASTER FORWARDTM

Market Dynamics

• Market Dynamics

– Content owners demand security requirements for premium content to broadcasters and

distributors

• Two types often used:

– Transport encryption (streaming) – (SSL/TLS)

– Digital rights management (DRM) (Offline) – expensive, complex, overkill for streaming

only.

©2014 AKAMAI | FASTER FORWARDTM

Grow revenue opportunities with fast, personalized

web experiences and manage complexity from peak

demand, mobile devices and data collection.

So what should we look out for ?

©2014 AKAMAI | FASTER FORWARDTM

Common vulnerabilities

• Link Sharing - Unauthorized users obtain access to premium/paid content, bypassing a

retailer's business model.

• Deep Linking – A hacker decompiles the player and posts hidden links to his own site in

order to monetize the content.

• Player Hijacking – Theft of the player, followed by copying it to a different website,

thereby bypassing attributions to the origin site.

• Stream Ripping - Theft of the actual content from the stream while it is being delivered

to client systems.

• Stealing from Cache - Theft of the content from a browser, player cache or disk.

• Content Tampering - Modification of the actual content (e.g., replacing/injecting

unwanted advertisements into the stream).

©2014 AKAMAI | FASTER FORWARDTM

Grow revenue opportunities with fast, personalized

web experiences and manage complexity from peak

demand, mobile devices and data collection.

How do we secure Live and

On Demand content ?

©2014 AKAMAI | FASTER FORWARDTM

Secure HD

©2014 AKAMAI | FASTER FORWARDTM

Grow revenue opportunities with fast, personalized

web experiences and manage complexity from peak

demand, mobile devices and data collection.Token Auth

©2014 AKAMAI | FASTER FORWARDTM

Token Auth Workflow

“SecureHD’s Token Authorization

security mechanism can be used

to provide

a hybrid token scheme in which a

combination of a short TTL URL

token and a long TTL cookiebased

token is used”

©2014 AKAMAI | FASTER FORWARDTM

Grow revenue opportunities with fast, personalized

web experiences and manage complexity from peak

demand, mobile devices and data collection.Player Verification

©2014 AKAMAI | FASTER FORWARDTM

Player Verification

“HDS dynamic streaming

workflow using

HD Player Verification security

mechanism.”

©2014 AKAMAI | FASTER FORWARDTM

Grow revenue opportunities with fast, personalized

web experiences and manage complexity from peak

demand, mobile devices and data collection.Media Encryption

©2014 AKAMAI | FASTER FORWARDTM

Media Encryption

• Content is encrypted in transit and at

rest

• Limits the content breach by using

unique encryption key per session

• Multi-factor decryption mechanism for

stronger security

• Supports message integrity to detect

content tempering

• Provides breach response

©2014 AKAMAI | FASTER FORWARDTM

Grow revenue opportunities with fast, personalized

web experiences and manage complexity from peak

demand, mobile devices and data collection.Content Targeting

©2014 AKAMAI | FASTER FORWARDTM

Content targeting

“Based on the Akamai

EdgeScape service, SecureHD’s

Content Targeting protects

against content access in specific

geographic areas. At a standard

level of service, EdgeScape

provides geo-based protection

based on continent, country, or

region within an individual

country.”

Looking up the end user’s IP address in

Akamai’s EdgeScape Database.

Akamai Edge Server Side Implementation

Origin Server-Side Implementation

2 ways to do it:

©2014 AKAMAI | FASTER FORWARDTM

Grow revenue opportunities with fast, personalized

web experiences and manage complexity from peak

demand, mobile devices and data collection.Summary

©2014 AKAMAI | FASTER FORWARDTM

Summary

©2014 AKAMAI | FASTER FORWARDTM

Grow revenue opportunities with fast, personalized

web experiences and manage complexity from peak

demand, mobile devices and data collection.Thank you !

©2014 AKAMAI | FASTER FORWARDTM