Explore the world of Digital Rights Management (DRM) in websites with this informative presentation. Gain insights into the challenges of implementing DRM, the evolution of video playback on the web, and the role of HTML5 in modern video streaming. Discover the basics of using static keys and Apple HLS for content protection, as well as the issues associated with static key DRM. Finally, learn about advanced DRM solutions that address these issues, ensuring secure and efficient content delivery. Dive into this comprehensive guide to DRM in HTML5 websites and enhance your understanding of this crucial aspect of online video streaming.
2. Introduction to DRM
Definition: Digital Rights Management (DRM) is a set of access control technologies.
Purpose: To protect copyrighted digital content from unauthorized access and distribution.
Challenge: Implementing DRM effectively on websites without compromising user experience or
performance.
3. DRM in HTML5
HTML5: Latest web standard that supports native video playback.
Encrypted Media Extensions (EME): W3C standard that enables DRM in HTML5. Works with various
DRM systems (e.g. Widevine, FairPlay, PlayReady).
Media Source Extensions (MSE): Complements EME for adaptive streaming.
4. Video Playback Before HTML5
Browser plugins: Adobe Flash, Microsoft Silverlight, and QuickTime.
Platform-specific: Limited compatibility across devices and browsers.
Security issues: Plugins were often targeted by hackers.
Decline: HTML5 video element and EME gradually replaced plugins.
5. Simple DRM using Static Key and Apple HLS
Apple HLS: HTTP Live Streaming, an adaptive streaming protocol by Apple.
Static key: A single encryption key used for all video segments.
Steps:
(1) Create and encrypt segments from the source video,
(2) Create HLS playlist,
(3) Provide static key to authorized users,
(4) Implement EME to play encrypted video.
This playlist file is accepted natively as below on Apple devices. To play on other devices, HLS.js library can be
used.
<video src=”some.m3u8” />
Example playlist: https://test-streams.mux.dev/x36xhzz/x36xhzz.m3u8
6. Creating HLS playlist and segments from source video
Source: https://aws.amazon.com/blogs/networking-and-content-delivery/on-the-fly-video-conversion-amazon-cloudfront-lambdaedge-mediaconvert/
Lambda is optional. Step 4 can be invoked by video source s3 put event.
7. Submitting a MediaConvert job
Input file. E.g. video_full.mp4
Outputs to include in HLS playlist
Can use presets for different video sizes and
encodings
8. Submitting a MediaConvert job: DRM parameters
● The given static key (hex string should provide) will be used to
encrypt the video segments
● URL should return the static key as a binary content.
● If you provide an API endpoint for the URL, you can add
additional validations such as checking origin before returning the
key. Otherwise, key can be placed in s3 and serve as static
content.
10. Issues with Static Key DRM
Limited security: Static key easily compromised if discovered.
Scalability: Inefficient for large-scale video libraries or multiple user groups.
No individual user tracking: Difficult to identify specific users who leak keys.
Inflexible: No support for advanced DRM features like license expiration or content restrictions.
Lower compatibility: Not all DRM systems support static key implementation.
11. Advanced DRM Solutions to Address Issues
Dynamic Key: Unique encryption key per user or session for enhanced security.
License Server: Centralized management of encryption keys and access control.
Token-based Authentication: Verify user identity and grant access to encrypted content.
Multi-DRM Solutions: Support for multiple DRM systems (e.g. Widevine, FairPlay, PlayReady) for
wider compatibility.
Advanced Features: Time-limited licenses, content restrictions, and usage tracking.