Securing streaming content

Whenever content is distributed electronically, there is some risk of it being copied, misappropriated, or redistributed. Flash Media Server offers several levels of security to protect your content and server resources that are unobtrusive, intuitive, and convenient to consumers.

Content vulnerabilities

There are a number of ways that online digital content can be compromised:

• Raiding the browser cache: Though the filenames are not easily read, it is relatively simple to retrieve video files from the browser cache. (This vulnerability is only present with progressive video delivery; streams are never cached.)
• Video URI access: Video URIs can easily be discovered using free "sniffer" utilities.
• SWF re-serving: Your SWF can be copied and re-served from another domain. SWFs can also be decompiled, often revealing your FMS address, application and stream names.
• Replay technologies: Also referred to as "stream ripping," this is the most insidious of security issues as it is more difficult to prevent. Stream ripping utilities actually intercept the data stream and record it to a file that can then be played.

FMS security architecture

As discussed earlier, streaming inherently has a higher level of security than progressive delivery, since media files are never cached to disk. Flash Media Server further enhances protection against other risks with a number of additional security features:

• User authentication using server-side ActionScript
• Authorization adaptor
• Access adaptor
• SWF verification
• Domain access control
• Custom solutions offered by content delivery networks
• Stream encryption using RTMPE or RTMPS

Let's first look at the overall security model of FMS (see Figure 4) and then examine each of the protection measures more in depth.

Figure 4. Flash media server security architecture

Page 3 of 4

Previous Page

Next Page