SlideShare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.
SlideShare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.
Successfully reported this slideshow.
Activate your 14 day free trial to unlock unlimited reading.
1.
Content Protection in UMS
(Ustream Media Server)
Zoltán Németh
Engineering Manager, Core Systems
2.
at a
glance
Live streaming
Free broadcastingSoftware as a Service
Enterprise clients with protected content
• Internal broadcasts
• Copyrighted materials
• Embed restrictions
• Monetizing
4.
UMS Ustream Media Server
Continuous connection to all clients
Real-time push-based updates
First use: viewer number display
Channel status poll
Viewer authentication and
authorization
Stream information
Java, kernel tweaks
5.
UMS The source of all information for
streaming clients
Communication over RTMP /
Websocket / HTTP
Secure is also available (WSS, HTTPS)
Current: Zorp
Next gen: own SSL termination
DNS balanced, multiple clusters
6.
Broadcaster
authentication
Upon connect, on the Ingest Server
Several methods
FMLE – like Channel Key
Ustream Session
Oauth
On fail
Reject
Allow but off air
7.
Viewer
authentication
UMS, on connect, based on Ustream
session
Locks
Password
Email capture
Geo, IP
Referer (embed)
3rd party auth integrations
Reject on fail
Revalidate in real time on changes
8.
Protecting the
content on CDN
Basic: frequently changing live URL
Shared secret based hash
Hash generated on UMS
Different hash for each viewer
Hash validated on Edge
Specific TTL
Lockhash – changes if locks are
modified