Created date

Abril 16, 2012

Content type (localized)



Leveraging Device Authentication for HLS, Part II

As discussed in my last post, HLS was quite the hot topic at IP&TV World Forum this year.  HLS is rapidly gaining momentum as the standard streaming format of choice for over-the-top (OTT) video services across the broadest range of device types.  Since it is an open protocol, many solutions  and techniques are available to further optimize commercial grade service delivery. In my article for Digital TV Europe’s IP&TV World Forum Show Daily, which I’ve excerpted below, I explore the use of device authentication in combination with HLS.

Authentication mechanics for commercial video services rest on two principals: determining the integrity of the requesting entity, and authenticity of the client device.  Authentication ensures that client devices are attached to paying customers, and helps guarantee that only bona fide subscribers are able to watch protected content. After a specific content item is selected by the consumer, a simultaneous transaction occurs to obtain the necessary keys, where the unique local certificate validates the identity of the specific client involved. If the keys are legitimately available, the protected stream deliveries can be decrypted for viewing.

The persistence of authentication between viewing sessions takes the Internet TV industry beyond the outmoded computer-centric models of session-based login/password viewing control, and provides a more natural model for managing security on devices that lack native keyboards (TVs, set top boxes, etc).  The approach can also be conveniently leveraged on app-centric tablet and phone devices.

An additional advantage of the device authentication model is that it can meet the frequent studio requirement to assure that subscriber account credentials are not being illegitimately shared. Robust device authentication capabilities will likely fulfill licensing requirements which increasingly demand counting and limiting the number of devices concurrently authenticated against a given subscriber account.

When device authentication is combined with a PIN number, a two-factor authentication technique is created. Two-factor authentication techniques are especially useful when subscribers want to override existing account settings.

Enhancing Content Security and Revenue Security

As the OTT video market continues to mature, and as operators work to blend OTT into their traditional services, enhanced HLS security functionality is required to ensure effective and efficient control over delivery of premium content to OTT devices.  A proactive approach to HLS security not only puts operators in a better negotiating position for gaining rights to multi-screen content, but it also enables operators to optimize that content  for different platforms, consumer devices and customers.  Therefore, optimizing HLS security for OTT video distribution protects not only content, but helps to enhance service revenue.

Are you convinced you need enhanced HLS security on your OTT video network? Visit us at NAB 2012 and let us know your thoughts.