Here is a big question about video security:
- Can you replace conventional DRM with a simpler lower-cost technology?
Answer: It depends. Major film distributors require DRM. Otherwise, you can use alternative technologies that deliver strong security.
Do publishers really need DRM in an industry that has quickly adopted HLS and other Http streaming protocols? These protocols use ordinary Http service to send low to high-quality streams.
These streams are inherently more secure than previous popular protocols like RTMP because file transfer no longer is a part of the process; HLS uses m3u8 playlists, which contain hundreds or thousands of segments - not a single file. In addition to their organic structure, there are other ways to easily secure an HLS stream:
1. Aliasing - this process employs strict file access rules, by expiring file names or only permitting access via a key, not a file name or path.
2. Encryption - HLSe uses AES-128 encryption so that every separate segment in a stream is encrypted with a unique 128-bit key, making interception and playback extremely difficult.
Mathematically speaking, these technologies are probably more than sufficient to be over 99.9% effective against unauthorized access, interception, and theft. If publishers are not streaming videos belonging to major film distributors, they should consider alternative technologies that are only recently available in HLS compatible servers, such as Wowza, WMSPanel, Apache, Evostream, etc. The cost savings and simplified infrastructure could be significant.