SlideShare a Scribd company logo

Ensuring Content Security with Cloud Channel Playout

AmagiMedia
AmagiMedia

Ensuring Content Security With CLOUDPORT Channel Amagi’s CLOUDPORT moves entire playout to a secure public cloud. The cloud-based playout model helps TV networks improve their broadcast ROI, launch This white paper, discusses the security requirements for content localization, and how STORM platform is best positioned to address them. Amagi’s STORM infrastructure encompasses: 1. Content identification system 2. Local content preparation & delivery 3. STORM web application 4. STORM IRDs

Technology
1 of 10
Download to read offline
White Paper Ensuring content security with CLOUDPORT Channel Playout Platform
What’s Inside Page 2 1Introduction to CLOUDPORT playout management platform 3Amagi’s security framework 2Security requirements for content broadcast 4Conclusion & corporate information C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved.
Introduction Amagi CLOUDPORT moves entire playout to a secure public cloud. The cloud-based playout model helps TV networks improve their broadcast ROI, launch and localize channels on the go, and address disaster recovery needs cost-effectively. Amagi’s CLOUDPORT Infrastructure encompasses: • Content preparation servers ( Transcode & Transport servers) • Web based playout management tools • Cloud-based backbone for content delivery, management, and monitoring • CLOUDPORT playout server Page 3 CLOUDPORT Channel Playout Server This white paper discusses the security requirements for content broadcast, and how Amagi’s CLOUDPORT platform is best positioned to address them. C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved. Managing broadcast operations can be challenging with traditional models due to their slower time to market, high CAPEX and OPEX, and lack of flexibility to localize channels or scale operations efficiently. Amagi has built a next generation cloud- based playout platform that can be used to launch and operate channels over satellite, cable, IPTV and OTT. CLOUDPORT is a comprehensive end-to-end platform suitable for 24x7 playout for live and non-live channels. CLOUDPORT can be set up either as a playout on the cloud or be deployed at the headends as edge playout platform. The entire system can be managed remotely using a Web-based UI. 1
Security Requirements for Content Broadcasting Security needs related to content broadcasting have to be thought through from an end-to-end system perspective. The key requirements are: • Public cloud providers and third-party service providers do not have access to media content, except when provisioned by the TV network on its behalf, for specific operational requirements. • Robust and secure login, administration and approval procedures are in place to protect TV Network operations. All related content is protected against unauthorized access by employees and tertiary staff inside the TV network’s premises. • The system is expected to have security audit trails and logs for post-incident analysis and periodic review procedures. • The digital identities of all service providers and devices at affiliate headends are authenticated, and remain genuine over the lifetime of the service. Page 4 Computing & protecting data • All media content is secure from any unauthorized access. • Media on the Playout Server is completely protected, including but not limited to the willful hacking of the Playout Server by third parties. • End-to-end chain starting from TV network facility to Playout Servers is inaccessible for public access, and is secure from any attacks - willful or otherwise. C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved. 2
Amagi’s Security Framework Page 5 AES 256 bit encryption for transport to cloud • AWS security infrastructure • SSL & role based rights • Authentication • Isolated instances for storage, application & database for each customer • AES-256 bit encryption for content • 128 bit TEA content encryption • Secure embedded Linux • SSL • Firewall • Authentication • SSL Amagi has created a security framework to address the aforementioned security requirements for content broadcasting. All media content is secure from any unauthorized access. CLOUDPORT uses multiple layers of security to prevent unauthorized access to content. For ingest and upload to the cloud, content is encrypted using AES-256 bit encryption. CLOUDPORT uses ExpeDat, (A solution similar to Aspera or for fast file transfer.) Know more about ExpeDat: http://www.dataexpedition.com/expedat/ C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved. 3
Amagi’s Security Framework Media on the Playout Server is completely protected, including but not limited to the willful hacking of the Playout Server by third parties. The final SDI output of playout is presented for further processing by a distribution plant. No access and visibility to the media files or schedules is provided, as the content is stored as AES 128-bit encrypted files on the playout server, ensuring that the content is not retrievable even if the storage units of the playout server are physically removed. All CLOUDPORT playout server operations are automated, and do not require operator assistance other than for standard remote functions (e.g. Power On/Off). The playout server incudes proprietary hardware and software, which can only be administered and operated by trained Amagi personnel. All communications from the playout server to the cloud (including content download) occur over an encrypted private VPN connection to the AWS cloud instance. The playout server runs Secure Embedded Linux, which is configured for highly secure remote access by Amagi’s customer-specific support team over an encrypted VPN tunnel. At the application level, access-rights based on roles prevent the access and modification of any content or schedule. End-to-end chain starting from TV network facility up to Playout Servers is inaccessible for public access and is secure from any attacks willful or otherwise. The end-to-end CLOUDPORT system comprises of the Content Preparation Server used for provisioning content to playout, cloud based application, content storage on the cloud, and the edge-based playout and monitoring servers. Page 6 The Content Preparation Servers at any given broadcaster’s facility receive content in the broadcaster’s preferred choice of file format before transcoding and uploading that content to the AWS Cloud. The Content Preparation Servers are located within the TV network facility and adhere strictly to the TV network’s Information Security policies. On the cloud, each customer has a separate and isolated instance for CLOUDPORT Web Application, Database, and AWS S3 and Glacier Storage. Content residing on the cloud storage is secured using AES-256 bit encryption. This prevents shared access to data and any consequent impact. Administrative access to these instances is exclusively available to authorized Amagi personnel. The CLOUDPORT application uses role based user access management rights for its various features, thereby ensuring authorized access and action for content, schedules and playout. For example, a user with Scheduler rights has no access to download/upload content. The content is transported utilizing either SSL or secure Expedat content transfer protocols. On the CLOUDPORT Edge Playout Server, content is encrypted and stored using 128-bit encryption. During playout, in-memory runtime decryption is done for a 128-bit block size, which is subsequently played out and replaced. C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved.
Amagi’s Security Framework Public cloud providers and third- party service providers do not have access to media content, except when provisioned by the TV network on its behalf for specific operational requirements. All content stored on the cloud is encrypted, and the keys are generated and made available only for the CLOUDPORT application, based on the actions of users with access rights. Access rights are never shared with public cloud providers and/or third-party service providers. Robust and secure login, administration and approval procedures are in place to protect TV Network operations. All related content must be protected from unauthorized access from employees and tertiary personnel inside the TV Network’s premises. Amagi’s managed services and employees are governed by a well-defined Information Security policy that encompasses the information security management processes, organization, content security, access controls, physical and environmental security, communications security, and systems security. The system is expected to have security audit trails and logs for post- incident analysis and periodic review procedures CLOUDPORT maintains highly detailed audit logs at both system and user access levels. Consequently, user actions can be traced for post-incident analysis or procedural reviews. Page 7 The CLOUDPORT application, content and databases reside on the highly secure AWS Cloud, with security policy that covers platform, access controls, processes and audits for Network Security. Further information about Amazon’s AWS Security Policy: https://appirio.com/pdf/amazon-web-services- security.pdf All devices connected to the cloud are protected by enterprise grade local firewalls (Configured by Amagi), which are not accessible via external internet-enabled networks. Authentication systems are used for accessing real-time IP streams for video- monitoring and maintaining compliance archives. The playout server communicates with the AWS Cloud using a secure VPN tunnel which is configured to allow connections exclusively from the Amagi-AWS Cloud instances. C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved.
Amagi’s Security Framework The digital identities of all service providers and devices at affiliate headends are authenticated and remain genuine over the lifetime of the service. The CLOUDPORT servers and devices communicate over SSL, thereby ensuring encryption of all traffic. By design, playout servers (devices) can be configured exclusively by Amagi, utilizing identities and tools that are never disclosed to end-users. These devices use proprietary handshakes and authentication APIs for sourcing of content and playlists, thereby preventing any unauthenticated access to the system. Moreover, the support team constantly monitors devices and the system for all activities, including internal system processes. This puts any extraordinary activity under review. Page 7C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved.
Conclusion & Corporate Information By design, Amagi CLOUPORT has been built as an end-to-end secure system. The system uses existing, time-tested and standards-based approaches to security to ensuring enterprise grade security for all broadcast operations. Page 8 About Amagi Amagi is a next-generation media technology company that provides cloud broadcast and targeted advertising platforms to customers globally. Amagi enables TV networks to create a complete broadcast workflow on the cloud, with support for content preparation, storage, archival, playout, delivery, and monetization at a fraction of the cost compared with traditional broadcast models. Using Amagi’s award-winning, patented technologies, advertisers can target audiences at a regional and individual level across traditional TV and OTT multiscreen platforms. Amagi has deployments in over 25 countries for leading TV networks, and is India’s largest TV ad network supporting more than 2,500 brands. Amagi is headquartered in Bangalore, India, with offices in Hong Kong, London, New York City, and Tokyo. C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved. 4
About Author Srividhya Srinivasan is co-founder, and heads technology and operations for Amagi. She is a passionate technologist and leads new product development and engineering at Amagi. A stickler for precision, she is responsible for ensuring that Amagi stays one step ahead of the curve. Know more about security features of Amagi cloud platforms C ontact Amagi www.amagi.com C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved.

Recommended

CERTIFIED DATA CENTRE PROFESSIONAL
CERTIFIED DATA CENTRE PROFESSIONALCERTIFIED DATA CENTRE PROFESSIONAL
CERTIFIED DATA CENTRE PROFESSIONALDee Smith & Associates
 
Improvements in Data Center Management
Improvements in Data Center ManagementImprovements in Data Center Management
Improvements in Data Center ManagementScottMadden, Inc.
 
Cloud Deployment
Cloud DeploymentCloud Deployment
Cloud DeploymentTushar Choudhary
 
Planning A Cloud Implementation
Planning A Cloud ImplementationPlanning A Cloud Implementation
Planning A Cloud ImplementationRex Wang
 
Cloud RAN and Evolution to 5G
Cloud RAN and Evolution to 5GCloud RAN and Evolution to 5G
Cloud RAN and Evolution to 5GSmall Cell Forum
 
ESCo market development: Business models, innovations and lessons learned
ESCo market development: Business models, innovations and lessons learnedESCo market development: Business models, innovations and lessons learned
ESCo market development: Business models, innovations and lessons learnedIEA DSM Implementing Agreement (IA)
 
The Advanced Distribution Management System (ADMS)
The Advanced Distribution Management System (ADMS)The Advanced Distribution Management System (ADMS)
The Advanced Distribution Management System (ADMS)Schneider Electric
 
Different architecture topology for dynamics 365 retail
Different architecture topology for dynamics 365 retailDifferent architecture topology for dynamics 365 retail
Different architecture topology for dynamics 365 retailSonny56
 

Recommended

CERTIFIED DATA CENTRE PROFESSIONAL
CERTIFIED DATA CENTRE PROFESSIONALCERTIFIED DATA CENTRE PROFESSIONAL
CERTIFIED DATA CENTRE PROFESSIONALDee Smith & Associates
 
Improvements in Data Center Management
Improvements in Data Center ManagementImprovements in Data Center Management
Improvements in Data Center ManagementScottMadden, Inc.
 
Cloud Deployment
Cloud DeploymentCloud Deployment
Cloud DeploymentTushar Choudhary
 
Planning A Cloud Implementation
Planning A Cloud ImplementationPlanning A Cloud Implementation
Planning A Cloud ImplementationRex Wang
 
Cloud RAN and Evolution to 5G
Cloud RAN and Evolution to 5GCloud RAN and Evolution to 5G
Cloud RAN and Evolution to 5GSmall Cell Forum
 
ESCo market development: Business models, innovations and lessons learned
ESCo market development: Business models, innovations and lessons learnedESCo market development: Business models, innovations and lessons learned
ESCo market development: Business models, innovations and lessons learnedIEA DSM Implementing Agreement (IA)
 
The Advanced Distribution Management System (ADMS)
The Advanced Distribution Management System (ADMS)The Advanced Distribution Management System (ADMS)
The Advanced Distribution Management System (ADMS)Schneider Electric
 
Different architecture topology for dynamics 365 retail
Different architecture topology for dynamics 365 retailDifferent architecture topology for dynamics 365 retail
Different architecture topology for dynamics 365 retailSonny56
 
Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...
Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...
Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...Amazon Web Services
 
Deployment Strategies Powerpoint Presentation Slides
Deployment Strategies Powerpoint Presentation SlidesDeployment Strategies Powerpoint Presentation Slides
Deployment Strategies Powerpoint Presentation SlidesSlideTeam
 
Signal-Oriented ECUs in a Centralized Service-Oriented Architecture: Scalabil...
Signal-Oriented ECUs in a Centralized Service-Oriented Architecture: Scalabil...Signal-Oriented ECUs in a Centralized Service-Oriented Architecture: Scalabil...
Signal-Oriented ECUs in a Centralized Service-Oriented Architecture: Scalabil...RealTime-at-Work (RTaW)
 
Asset Tracking and Location Technologies for Internet of Things
Asset Tracking and Location Technologies for Internet of ThingsAsset Tracking and Location Technologies for Internet of Things
Asset Tracking and Location Technologies for Internet of ThingsBrian Ray
 
Energy Management in Smart Cities
Energy Management in Smart CitiesEnergy Management in Smart Cities
Energy Management in Smart CitieseSightEnergy
 
Google App Engine
Google App EngineGoogle App Engine
Google App EngineUrmi510
 
cloud Resilience
cloud Resilience cloud Resilience
cloud Resilience Integral university, India
 
Global Advanced Driver Assistance Systems (ADAS) Market: Trends and Opportuni...
Global Advanced Driver Assistance Systems (ADAS) Market: Trends and Opportuni...Global Advanced Driver Assistance Systems (ADAS) Market: Trends and Opportuni...
Global Advanced Driver Assistance Systems (ADAS) Market: Trends and Opportuni...Daedal Research
 
Disaster Recovery in the Cloud
Disaster Recovery in the CloudDisaster Recovery in the Cloud
Disaster Recovery in the CloudAmazon Web Services
 
Smart Security Infrastructure
Smart Security InfrastructureSmart Security Infrastructure
Smart Security InfrastructureGAURAV. H .TANDON
 
VANETS Vehicular Adhoc NETworkS
VANETS Vehicular Adhoc NETworkSVANETS Vehicular Adhoc NETworkS
VANETS Vehicular Adhoc NETworkSSridhar Raghavan
 
Cloud strategy briefing 101
Cloud strategy briefing 101 Cloud strategy briefing 101
Cloud strategy briefing 101 Predrag Mitrovic
 
What is SCADA system? SCADA Solutions for IoT
What is SCADA system? SCADA Solutions for IoTWhat is SCADA system? SCADA Solutions for IoT
What is SCADA system? SCADA Solutions for IoTEmbitel Technologies (I) PVT LTD
 
Cloud Computing - Benefits and Risks
Cloud Computing - Benefits and RisksCloud Computing - Benefits and Risks
Cloud Computing - Benefits and RisksMichael Yung
 
M2M vs IoT: The Key Differences and Similarities
M2M vs IoT: The Key Differences and SimilaritiesM2M vs IoT: The Key Differences and Similarities
M2M vs IoT: The Key Differences and SimilaritiesNavjyotsinh Jadeja
 
Huawei Solutions for Smart Cities
Huawei Solutions for Smart CitiesHuawei Solutions for Smart Cities
Huawei Solutions for Smart CitiesMuhammad Rauf Akram
 
IDC - Infrastructure Consolidation
IDC - Infrastructure ConsolidationIDC - Infrastructure Consolidation
IDC - Infrastructure Consolidationpaps1
 
Application Management Services
Application Management ServicesApplication Management Services
Application Management ServicesAshish Srivastava
 
SAP AMI
SAP AMISAP AMI
SAP AMIIITian Academy
 
Huawei Smart City Overview Presentation.pptx
Huawei Smart City Overview Presentation.pptxHuawei Smart City Overview Presentation.pptx
Huawei Smart City Overview Presentation.pptxLibraryOnline1
 
Personalization of TV - TechTalk by Amagi Co-Founder
Personalization of TV - TechTalk by Amagi Co-FounderPersonalization of TV - TechTalk by Amagi Co-Founder
Personalization of TV - TechTalk by Amagi Co-FounderAmagiMedia
 
Decoding TV ad metrics in India
Decoding TV ad metrics in IndiaDecoding TV ad metrics in India
Decoding TV ad metrics in IndiaAmagiMedia
 

More Related Content

What's hot

Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...
Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...
Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...Amazon Web Services
 
Deployment Strategies Powerpoint Presentation Slides
Deployment Strategies Powerpoint Presentation SlidesDeployment Strategies Powerpoint Presentation Slides
Deployment Strategies Powerpoint Presentation SlidesSlideTeam
 
Signal-Oriented ECUs in a Centralized Service-Oriented Architecture: Scalabil...
Signal-Oriented ECUs in a Centralized Service-Oriented Architecture: Scalabil...Signal-Oriented ECUs in a Centralized Service-Oriented Architecture: Scalabil...
Signal-Oriented ECUs in a Centralized Service-Oriented Architecture: Scalabil...RealTime-at-Work (RTaW)
 
Asset Tracking and Location Technologies for Internet of Things
Asset Tracking and Location Technologies for Internet of ThingsAsset Tracking and Location Technologies for Internet of Things
Asset Tracking and Location Technologies for Internet of ThingsBrian Ray
 
Energy Management in Smart Cities
Energy Management in Smart CitiesEnergy Management in Smart Cities
Energy Management in Smart CitieseSightEnergy
 
Google App Engine
Google App EngineGoogle App Engine
Google App EngineUrmi510
 
Global Advanced Driver Assistance Systems (ADAS) Market: Trends and Opportuni...
Global Advanced Driver Assistance Systems (ADAS) Market: Trends and Opportuni...Global Advanced Driver Assistance Systems (ADAS) Market: Trends and Opportuni...
Global Advanced Driver Assistance Systems (ADAS) Market: Trends and Opportuni...Daedal Research
 
Smart Security Infrastructure
Smart Security InfrastructureSmart Security Infrastructure
Smart Security InfrastructureGAURAV. H .TANDON
 
VANETS Vehicular Adhoc NETworkS
VANETS Vehicular Adhoc NETworkSVANETS Vehicular Adhoc NETworkS
VANETS Vehicular Adhoc NETworkSSridhar Raghavan
 
Cloud strategy briefing 101
Cloud strategy briefing 101 Cloud strategy briefing 101
Cloud strategy briefing 101 Predrag Mitrovic
 
Cloud Computing - Benefits and Risks
Cloud Computing - Benefits and RisksCloud Computing - Benefits and Risks
Cloud Computing - Benefits and RisksMichael Yung
 
M2M vs IoT: The Key Differences and Similarities
M2M vs IoT: The Key Differences and SimilaritiesM2M vs IoT: The Key Differences and Similarities
M2M vs IoT: The Key Differences and SimilaritiesNavjyotsinh Jadeja
 
Huawei Solutions for Smart Cities
Huawei Solutions for Smart CitiesHuawei Solutions for Smart Cities
Huawei Solutions for Smart CitiesMuhammad Rauf Akram
 
IDC - Infrastructure Consolidation
IDC - Infrastructure ConsolidationIDC - Infrastructure Consolidation
IDC - Infrastructure Consolidationpaps1
 
Application Management Services
Application Management ServicesApplication Management Services
Application Management ServicesAshish Srivastava
 
Huawei Smart City Overview Presentation.pptx
Huawei Smart City Overview Presentation.pptxHuawei Smart City Overview Presentation.pptx
Huawei Smart City Overview Presentation.pptxLibraryOnline1
 

What's hot (20)

Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...
Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...
Re-Host or Re-Architect: Understanding the Why and How of Very Different Path...
 
Deployment Strategies Powerpoint Presentation Slides
Deployment Strategies Powerpoint Presentation SlidesDeployment Strategies Powerpoint Presentation Slides
Deployment Strategies Powerpoint Presentation Slides
 
Signal-Oriented ECUs in a Centralized Service-Oriented Architecture: Scalabil...
Signal-Oriented ECUs in a Centralized Service-Oriented Architecture: Scalabil...Signal-Oriented ECUs in a Centralized Service-Oriented Architecture: Scalabil...
Signal-Oriented ECUs in a Centralized Service-Oriented Architecture: Scalabil...
 
Asset Tracking and Location Technologies for Internet of Things
Asset Tracking and Location Technologies for Internet of ThingsAsset Tracking and Location Technologies for Internet of Things
Asset Tracking and Location Technologies for Internet of Things
 
Energy Management in Smart Cities
Energy Management in Smart CitiesEnergy Management in Smart Cities
Energy Management in Smart Cities
 
Google App Engine
Google App EngineGoogle App Engine
Google App Engine
 
cloud Resilience
cloud Resilience cloud Resilience
cloud Resilience
 
Global Advanced Driver Assistance Systems (ADAS) Market: Trends and Opportuni...
Global Advanced Driver Assistance Systems (ADAS) Market: Trends and Opportuni...Global Advanced Driver Assistance Systems (ADAS) Market: Trends and Opportuni...
Global Advanced Driver Assistance Systems (ADAS) Market: Trends and Opportuni...
 
Disaster Recovery in the Cloud
Disaster Recovery in the CloudDisaster Recovery in the Cloud
Disaster Recovery in the Cloud
 
Smart Security Infrastructure
Smart Security InfrastructureSmart Security Infrastructure
Smart Security Infrastructure
 
VANETS Vehicular Adhoc NETworkS
VANETS Vehicular Adhoc NETworkSVANETS Vehicular Adhoc NETworkS
VANETS Vehicular Adhoc NETworkS
 
Cloud strategy briefing 101
Cloud strategy briefing 101 Cloud strategy briefing 101
Cloud strategy briefing 101
 
What is SCADA system? SCADA Solutions for IoT
What is SCADA system? SCADA Solutions for IoTWhat is SCADA system? SCADA Solutions for IoT
What is SCADA system? SCADA Solutions for IoT
 
Cloud Computing - Benefits and Risks
Cloud Computing - Benefits and RisksCloud Computing - Benefits and Risks
Cloud Computing - Benefits and Risks
 
M2M vs IoT: The Key Differences and Similarities
M2M vs IoT: The Key Differences and SimilaritiesM2M vs IoT: The Key Differences and Similarities
M2M vs IoT: The Key Differences and Similarities
 
Huawei Solutions for Smart Cities
Huawei Solutions for Smart CitiesHuawei Solutions for Smart Cities
Huawei Solutions for Smart Cities
 
IDC - Infrastructure Consolidation
IDC - Infrastructure ConsolidationIDC - Infrastructure Consolidation
IDC - Infrastructure Consolidation
 
Application Management Services
Application Management ServicesApplication Management Services
Application Management Services
 
SAP AMI
SAP AMISAP AMI
SAP AMI
 
Huawei Smart City Overview Presentation.pptx
Huawei Smart City Overview Presentation.pptxHuawei Smart City Overview Presentation.pptx
Huawei Smart City Overview Presentation.pptx
 

Viewers also liked

Personalization of TV - TechTalk by Amagi Co-Founder
Personalization of TV - TechTalk by Amagi Co-FounderPersonalization of TV - TechTalk by Amagi Co-Founder
Personalization of TV - TechTalk by Amagi Co-FounderAmagiMedia
 
Decoding TV ad metrics in India
Decoding TV ad metrics in IndiaDecoding TV ad metrics in India
Decoding TV ad metrics in IndiaAmagiMedia
 
Media fragmentation and the coexistence of market information
Media fragmentation and the coexistence of market informationMedia fragmentation and the coexistence of market information
Media fragmentation and the coexistence of market informationharshtaneja
 
Geo-targeting cheat sheet | Amagi
Geo-targeting cheat sheet | AmagiGeo-targeting cheat sheet | Amagi
Geo-targeting cheat sheet | AmagiAmagiMedia
 
Tv industry in India
Tv industry in IndiaTv industry in India
Tv industry in IndiaJayesh Ughade
 
How to Embed PowerPoint Presentation Using Slideshare
How to Embed PowerPoint Presentation Using SlideshareHow to Embed PowerPoint Presentation Using Slideshare
How to Embed PowerPoint Presentation Using SlideshareJoie Ocon
 
Google drive for nonprofits webinar
Google drive for nonprofits webinarGoogle drive for nonprofits webinar
Google drive for nonprofits webinarCraig Grella
 
How to Embed a PowerPoint Presentation Using SlideShare
How to Embed a PowerPoint Presentation Using SlideShareHow to Embed a PowerPoint Presentation Using SlideShare
How to Embed a PowerPoint Presentation Using SlideShareJoie Ocon
 
How To Embed SlideShare Shows Into WordPress.com
How To Embed SlideShare Shows Into WordPress.comHow To Embed SlideShare Shows Into WordPress.com
How To Embed SlideShare Shows Into WordPress.comKathy Gill
 
State of the Word 2011
State of the Word 2011State of the Word 2011
State of the Word 2011photomatt
 
Mobile Is Eating the World (2016)
Mobile Is Eating the World (2016)Mobile Is Eating the World (2016)
Mobile Is Eating the World (2016)a16z
 

Viewers also liked (14)

Personalization of TV - TechTalk by Amagi Co-Founder
Personalization of TV - TechTalk by Amagi Co-FounderPersonalization of TV - TechTalk by Amagi Co-Founder
Personalization of TV - TechTalk by Amagi Co-Founder
 
Decoding TV ad metrics in India
Decoding TV ad metrics in IndiaDecoding TV ad metrics in India
Decoding TV ad metrics in India
 
Mass media: TELEVISION
Mass media: TELEVISIONMass media: TELEVISION
Mass media: TELEVISION
 
Media fragmentation and the coexistence of market information
Media fragmentation and the coexistence of market informationMedia fragmentation and the coexistence of market information
Media fragmentation and the coexistence of market information
 
Geo-targeting cheat sheet | Amagi
Geo-targeting cheat sheet | AmagiGeo-targeting cheat sheet | Amagi
Geo-targeting cheat sheet | Amagi
 
Tv industry in India
Tv industry in IndiaTv industry in India
Tv industry in India
 
How to Embed PowerPoint Presentation Using Slideshare
How to Embed PowerPoint Presentation Using SlideshareHow to Embed PowerPoint Presentation Using Slideshare
How to Embed PowerPoint Presentation Using Slideshare
 
Mass media - radio television
Mass media - radio televisionMass media - radio television
Mass media - radio television
 
Google drive for nonprofits webinar
Google drive for nonprofits webinarGoogle drive for nonprofits webinar
Google drive for nonprofits webinar
 
How to Embed a PowerPoint Presentation Using SlideShare
How to Embed a PowerPoint Presentation Using SlideShareHow to Embed a PowerPoint Presentation Using SlideShare
How to Embed a PowerPoint Presentation Using SlideShare
 
satellite and cable television
satellite and cable televisionsatellite and cable television
satellite and cable television
 
How To Embed SlideShare Shows Into WordPress.com
How To Embed SlideShare Shows Into WordPress.comHow To Embed SlideShare Shows Into WordPress.com
How To Embed SlideShare Shows Into WordPress.com
 
State of the Word 2011
State of the Word 2011State of the Word 2011
State of the Word 2011
 
Mobile Is Eating the World (2016)
Mobile Is Eating the World (2016)Mobile Is Eating the World (2016)
Mobile Is Eating the World (2016)
 

Similar to Ensuring Content Security with Cloud Channel Playout

IRJET- Improving Data Storage Security and Performance in Cloud Environment
IRJET- Improving Data Storage Security and Performance in Cloud EnvironmentIRJET- Improving Data Storage Security and Performance in Cloud Environment
IRJET- Improving Data Storage Security and Performance in Cloud EnvironmentIRJET Journal
 
Anypoint platform cloud
Anypoint platform cloudAnypoint platform cloud
Anypoint platform cloudSudheer Y
 
Security Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemSecurity Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemInductive Automation
 
GraphConnect Europe 2016 - Securely Deploying Neo4j into AWS - Benjamin Nussbaum
GraphConnect Europe 2016 - Securely Deploying Neo4j into AWS - Benjamin NussbaumGraphConnect Europe 2016 - Securely Deploying Neo4j into AWS - Benjamin Nussbaum
GraphConnect Europe 2016 - Securely Deploying Neo4j into AWS - Benjamin NussbaumNeo4j
 
AWS Summit Stockholm 2014 – T2 – Understanding AWS security
AWS Summit Stockholm 2014 – T2 – Understanding AWS securityAWS Summit Stockholm 2014 – T2 – Understanding AWS security
AWS Summit Stockholm 2014 – T2 – Understanding AWS securityAmazon Web Services
 
Information Security Whitepaper
Information Security WhitepaperInformation Security Whitepaper
Information Security Whitepaperrun_frictionless
 
https://spotintelligence.com
https://spotintelligence.comhttps://spotintelligence.com
https://spotintelligence.comNeriVanOtten1
 
Privacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storagePrivacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storageShakas Technologies
 
Cloud Security for Regulated Firms - Securing my cloud and proving it
Cloud Security for Regulated Firms - Securing my cloud and proving itCloud Security for Regulated Firms - Securing my cloud and proving it
Cloud Security for Regulated Firms - Securing my cloud and proving itHentsū
 
University Management System - UMS-X1 Technical Data
University Management System - UMS-X1 Technical DataUniversity Management System - UMS-X1 Technical Data
University Management System - UMS-X1 Technical DataNasser Hassan
 
Data Security and Technical White Paper Final (1)
Data Security and Technical White Paper Final (1)Data Security and Technical White Paper Final (1)
Data Security and Technical White Paper Final (1)Lloyd SOLDATT
 
HKG18-113- Secure Data Path work with i.MX8M
HKG18-113- Secure Data Path work with i.MX8MHKG18-113- Secure Data Path work with i.MX8M
HKG18-113- Secure Data Path work with i.MX8MLinaro
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft CloudEuropean Collaboration Summit
 
Aws training in bangalore
Aws training in bangalore Aws training in bangalore
Aws training in bangalore apponix123
 
An Overview of OPC UA Security
An Overview of OPC UA SecurityAn Overview of OPC UA Security
An Overview of OPC UA SecuritySadatulla Zishan
 
SECURITY IMPLEMENTATION IN MEDIA STREAMING APPLICATIONS USING OPEN NETWORK AD...
SECURITY IMPLEMENTATION IN MEDIA STREAMING APPLICATIONS USING OPEN NETWORK AD...SECURITY IMPLEMENTATION IN MEDIA STREAMING APPLICATIONS USING OPEN NETWORK AD...
SECURITY IMPLEMENTATION IN MEDIA STREAMING APPLICATIONS USING OPEN NETWORK AD...Journal For Research
 

Similar to Ensuring Content Security with Cloud Channel Playout (20)

IRJET- Improving Data Storage Security and Performance in Cloud Environment
IRJET- Improving Data Storage Security and Performance in Cloud EnvironmentIRJET- Improving Data Storage Security and Performance in Cloud Environment
IRJET- Improving Data Storage Security and Performance in Cloud Environment
 
Anypoint platform cloud
Anypoint platform cloudAnypoint platform cloud
Anypoint platform cloud
 
Security Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemSecurity Best Practices for Your Ignition System
Security Best Practices for Your Ignition System
 
GraphConnect Europe 2016 - Securely Deploying Neo4j into AWS - Benjamin Nussbaum
GraphConnect Europe 2016 - Securely Deploying Neo4j into AWS - Benjamin NussbaumGraphConnect Europe 2016 - Securely Deploying Neo4j into AWS - Benjamin Nussbaum
GraphConnect Europe 2016 - Securely Deploying Neo4j into AWS - Benjamin Nussbaum
 
AWS Summit Stockholm 2014 – T2 – Understanding AWS security
AWS Summit Stockholm 2014 – T2 – Understanding AWS securityAWS Summit Stockholm 2014 – T2 – Understanding AWS security
AWS Summit Stockholm 2014 – T2 – Understanding AWS security
 
Information Security Whitepaper
Information Security WhitepaperInformation Security Whitepaper
Information Security Whitepaper
 
https://spotintelligence.com
https://spotintelligence.comhttps://spotintelligence.com
https://spotintelligence.com
 
Zyncro security
Zyncro securityZyncro security
Zyncro security
 
Privacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storagePrivacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storage
 
Cloud Security for Regulated Firms - Securing my cloud and proving it
Cloud Security for Regulated Firms - Securing my cloud and proving itCloud Security for Regulated Firms - Securing my cloud and proving it
Cloud Security for Regulated Firms - Securing my cloud and proving it
 
University Management System - UMS-X1 Technical Data
University Management System - UMS-X1 Technical DataUniversity Management System - UMS-X1 Technical Data
University Management System - UMS-X1 Technical Data
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Data Security and Technical White Paper Final (1)
Data Security and Technical White Paper Final (1)Data Security and Technical White Paper Final (1)
Data Security and Technical White Paper Final (1)
 
HKG18-113- Secure Data Path work with i.MX8M
HKG18-113- Secure Data Path work with i.MX8MHKG18-113- Secure Data Path work with i.MX8M
HKG18-113- Secure Data Path work with i.MX8M
 
Paper1
Paper1Paper1
Paper1
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
 
Aws training in bangalore
Aws training in bangalore Aws training in bangalore
Aws training in bangalore
 
An Overview of OPC UA Security
An Overview of OPC UA SecurityAn Overview of OPC UA Security
An Overview of OPC UA Security
 
SECURITY IMPLEMENTATION IN MEDIA STREAMING APPLICATIONS USING OPEN NETWORK AD...
SECURITY IMPLEMENTATION IN MEDIA STREAMING APPLICATIONS USING OPEN NETWORK AD...SECURITY IMPLEMENTATION IN MEDIA STREAMING APPLICATIONS USING OPEN NETWORK AD...
SECURITY IMPLEMENTATION IN MEDIA STREAMING APPLICATIONS USING OPEN NETWORK AD...
 

Recently uploaded

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 

Recently uploaded (20)

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 

Ensuring Content Security with Cloud Channel Playout

  • 1. White Paper Ensuring content security with CLOUDPORT Channel Playout Platform
  • 2. What’s Inside Page 2 1Introduction to CLOUDPORT playout management platform 3Amagi’s security framework 2Security requirements for content broadcast 4Conclusion & corporate information C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved.
  • 3. Introduction Amagi CLOUDPORT moves entire playout to a secure public cloud. The cloud-based playout model helps TV networks improve their broadcast ROI, launch and localize channels on the go, and address disaster recovery needs cost-effectively. Amagi’s CLOUDPORT Infrastructure encompasses: • Content preparation servers ( Transcode & Transport servers) • Web based playout management tools • Cloud-based backbone for content delivery, management, and monitoring • CLOUDPORT playout server Page 3 CLOUDPORT Channel Playout Server This white paper discusses the security requirements for content broadcast, and how Amagi’s CLOUDPORT platform is best positioned to address them. C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved. Managing broadcast operations can be challenging with traditional models due to their slower time to market, high CAPEX and OPEX, and lack of flexibility to localize channels or scale operations efficiently. Amagi has built a next generation cloud- based playout platform that can be used to launch and operate channels over satellite, cable, IPTV and OTT. CLOUDPORT is a comprehensive end-to-end platform suitable for 24x7 playout for live and non-live channels. CLOUDPORT can be set up either as a playout on the cloud or be deployed at the headends as edge playout platform. The entire system can be managed remotely using a Web-based UI. 1
  • 4. Security Requirements for Content Broadcasting Security needs related to content broadcasting have to be thought through from an end-to-end system perspective. The key requirements are: • Public cloud providers and third-party service providers do not have access to media content, except when provisioned by the TV network on its behalf, for specific operational requirements. • Robust and secure login, administration and approval procedures are in place to protect TV Network operations. All related content is protected against unauthorized access by employees and tertiary staff inside the TV network’s premises. • The system is expected to have security audit trails and logs for post-incident analysis and periodic review procedures. • The digital identities of all service providers and devices at affiliate headends are authenticated, and remain genuine over the lifetime of the service. Page 4 Computing & protecting data • All media content is secure from any unauthorized access. • Media on the Playout Server is completely protected, including but not limited to the willful hacking of the Playout Server by third parties. • End-to-end chain starting from TV network facility to Playout Servers is inaccessible for public access, and is secure from any attacks - willful or otherwise. C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved. 2
  • 5. Amagi’s Security Framework Page 5 AES 256 bit encryption for transport to cloud • AWS security infrastructure • SSL & role based rights • Authentication • Isolated instances for storage, application & database for each customer • AES-256 bit encryption for content • 128 bit TEA content encryption • Secure embedded Linux • SSL • Firewall • Authentication • SSL Amagi has created a security framework to address the aforementioned security requirements for content broadcasting. All media content is secure from any unauthorized access. CLOUDPORT uses multiple layers of security to prevent unauthorized access to content. For ingest and upload to the cloud, content is encrypted using AES-256 bit encryption. CLOUDPORT uses ExpeDat, (A solution similar to Aspera or for fast file transfer.) Know more about ExpeDat: http://www.dataexpedition.com/expedat/ C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved. 3
  • 6. Amagi’s Security Framework Media on the Playout Server is completely protected, including but not limited to the willful hacking of the Playout Server by third parties. The final SDI output of playout is presented for further processing by a distribution plant. No access and visibility to the media files or schedules is provided, as the content is stored as AES 128-bit encrypted files on the playout server, ensuring that the content is not retrievable even if the storage units of the playout server are physically removed. All CLOUDPORT playout server operations are automated, and do not require operator assistance other than for standard remote functions (e.g. Power On/Off). The playout server incudes proprietary hardware and software, which can only be administered and operated by trained Amagi personnel. All communications from the playout server to the cloud (including content download) occur over an encrypted private VPN connection to the AWS cloud instance. The playout server runs Secure Embedded Linux, which is configured for highly secure remote access by Amagi’s customer-specific support team over an encrypted VPN tunnel. At the application level, access-rights based on roles prevent the access and modification of any content or schedule. End-to-end chain starting from TV network facility up to Playout Servers is inaccessible for public access and is secure from any attacks willful or otherwise. The end-to-end CLOUDPORT system comprises of the Content Preparation Server used for provisioning content to playout, cloud based application, content storage on the cloud, and the edge-based playout and monitoring servers. Page 6 The Content Preparation Servers at any given broadcaster’s facility receive content in the broadcaster’s preferred choice of file format before transcoding and uploading that content to the AWS Cloud. The Content Preparation Servers are located within the TV network facility and adhere strictly to the TV network’s Information Security policies. On the cloud, each customer has a separate and isolated instance for CLOUDPORT Web Application, Database, and AWS S3 and Glacier Storage. Content residing on the cloud storage is secured using AES-256 bit encryption. This prevents shared access to data and any consequent impact. Administrative access to these instances is exclusively available to authorized Amagi personnel. The CLOUDPORT application uses role based user access management rights for its various features, thereby ensuring authorized access and action for content, schedules and playout. For example, a user with Scheduler rights has no access to download/upload content. The content is transported utilizing either SSL or secure Expedat content transfer protocols. On the CLOUDPORT Edge Playout Server, content is encrypted and stored using 128-bit encryption. During playout, in-memory runtime decryption is done for a 128-bit block size, which is subsequently played out and replaced. C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved.
  • 7. Amagi’s Security Framework Public cloud providers and third- party service providers do not have access to media content, except when provisioned by the TV network on its behalf for specific operational requirements. All content stored on the cloud is encrypted, and the keys are generated and made available only for the CLOUDPORT application, based on the actions of users with access rights. Access rights are never shared with public cloud providers and/or third-party service providers. Robust and secure login, administration and approval procedures are in place to protect TV Network operations. All related content must be protected from unauthorized access from employees and tertiary personnel inside the TV Network’s premises. Amagi’s managed services and employees are governed by a well-defined Information Security policy that encompasses the information security management processes, organization, content security, access controls, physical and environmental security, communications security, and systems security. The system is expected to have security audit trails and logs for post- incident analysis and periodic review procedures CLOUDPORT maintains highly detailed audit logs at both system and user access levels. Consequently, user actions can be traced for post-incident analysis or procedural reviews. Page 7 The CLOUDPORT application, content and databases reside on the highly secure AWS Cloud, with security policy that covers platform, access controls, processes and audits for Network Security. Further information about Amazon’s AWS Security Policy: https://appirio.com/pdf/amazon-web-services- security.pdf All devices connected to the cloud are protected by enterprise grade local firewalls (Configured by Amagi), which are not accessible via external internet-enabled networks. Authentication systems are used for accessing real-time IP streams for video- monitoring and maintaining compliance archives. The playout server communicates with the AWS Cloud using a secure VPN tunnel which is configured to allow connections exclusively from the Amagi-AWS Cloud instances. C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved.
  • 8. Amagi’s Security Framework The digital identities of all service providers and devices at affiliate headends are authenticated and remain genuine over the lifetime of the service. The CLOUDPORT servers and devices communicate over SSL, thereby ensuring encryption of all traffic. By design, playout servers (devices) can be configured exclusively by Amagi, utilizing identities and tools that are never disclosed to end-users. These devices use proprietary handshakes and authentication APIs for sourcing of content and playlists, thereby preventing any unauthenticated access to the system. Moreover, the support team constantly monitors devices and the system for all activities, including internal system processes. This puts any extraordinary activity under review. Page 7C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved.
  • 9. Conclusion & Corporate Information By design, Amagi CLOUPORT has been built as an end-to-end secure system. The system uses existing, time-tested and standards-based approaches to security to ensuring enterprise grade security for all broadcast operations. Page 8 About Amagi Amagi is a next-generation media technology company that provides cloud broadcast and targeted advertising platforms to customers globally. Amagi enables TV networks to create a complete broadcast workflow on the cloud, with support for content preparation, storage, archival, playout, delivery, and monetization at a fraction of the cost compared with traditional broadcast models. Using Amagi’s award-winning, patented technologies, advertisers can target audiences at a regional and individual level across traditional TV and OTT multiscreen platforms. Amagi has deployments in over 25 countries for leading TV networks, and is India’s largest TV ad network supporting more than 2,500 brands. Amagi is headquartered in Bangalore, India, with offices in Hong Kong, London, New York City, and Tokyo. C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved. 4
  • 10. About Author Srividhya Srinivasan is co-founder, and heads technology and operations for Amagi. She is a passionate technologist and leads new product development and engineering at Amagi. A stickler for precision, she is responsible for ensuring that Amagi stays one step ahead of the curve. Know more about security features of Amagi cloud platforms C ontact Amagi www.amagi.com C LOUDPORT Security White Paper | C opyright: Amagi C orporation. All Rights Reserved.