Securing Cloud-Based Workflows for Premium Content Securing Cloud-Based Workflows for Premium Content

  • View
    4

  • Download
    1

Embed Size (px)

Text of Securing Cloud-Based Workflows for Premium Content Securing Cloud-Based Workflows for Premium...

  • AKAMAI WHITE PAPER

    Securing Cloud-Based Workflows for Premium Content:

    Introducing Akamai’s secure, MPAA-

    assessed workflow for transcoding, storing

    and delivering protected content in the cloud

  • Securing Cloud-Based Workflows for Premium Content 2

    INTRODUCTION 3

    THE LIMITATIONS OF IN-HOUSE WORKFLOWS 3

    CAN CLOUD-BASED WORKFLOWS BE SECURE? 5

    AKAMAI’S SECURE END-TO-END WORKFLOW FOR PREMIUM CONTENT 5

    HOW IT WORKS 6

    CLOUD-BASED WORKFLOWS: THE FUTURE OF ONLINE VIDEO 7

    TABLE OF CONTENTS

  • Securing Cloud-Based Workflows for Premium Content 3

    Introduction

    In an era of rising audience expectations and rapidly proliferating devices, delivering a compelling online viewing experience has become an increasingly difficult and expensive proposition. Faced with scalability challenges and burdened by complex processes, content service providers need workflow solutions that can help them adapt quickly to continually changing marketplace demands while minimizing capital and operational expenses.

    Cloud-based solutions are ideal for these situations, letting content providers outsource complexity and scale infrastructure on demand. Offering pay-as-you-go access to massive computing, storage and delivery resources, cloud-based workflows also minimize upfront capital expenditures as well as ongoing operating costs.

    For these very reasons, most content service providers already use cloud services to deliver their videos to audiences around the world. More and more content service providers are now migrating other phases of their content workflows – such as storage and transcoding – to the cloud as well. Doing so not only allows them to leverage instantaneously scalable, high-performance transcoding resources on demand, it also greatly reduces the cost and complexity of keeping up with device proliferation and technological advances. With cloud-based transcoding, for example, supporting additional codecs, higher screen resolutions or the latest device platform can be achieved with just a few simple mouse clicks. In addition, cloud storage offloads the headache of storing, moving and managing the rapidly increasing number of files – and file sizes – needed to accommodate the ever-advancing device marketplace.

    However, media companies with premium content must tackle significant security concerns when considering a move to the cloud. High among these is their ability to safeguard content when it is unencrypted – and therefore susceptible to theft – during the transcoding process. Concerns like these can prevent content service providers from truly considering cloud-based workflows, despite the great potential scalability and cost-savings benefits.

    Fortunately, companies no longer need to make this tradeoff. With Akamai, content service providers can now take advantage of the industry’s first secure, end-to-end cloud-based workflow that has been fully assessed by the Motion Picture Association of America (MPAA). Enabling the cloud-based transcoding, storage and delivery of premium video content, this innovative, secure workflow allows content providers to fully leverage the benefits of the cloud while protecting their digital assets all the way from source file to consumer.

    The Limitations of In-House Workflows

    Traditional, in-house video workflows typically mitigate content security risks by handling most pre-delivery processing within a centralized, secure facility. Here, the video source or mezzanine file is transcoded into many separate renditions in order to support different devices, formats, networks and DRM platforms. Since the transcoding process requires the source file to be unencrypted at some point – and thus vulnerable to theft — the content is safeguarded during this part of the workflow by processing it within a digitally, physically and operationally secure facility. Content providers who require the highest levels of safety typically use an MPAA-assessed facility.

    After the renditions are created, digital rights management (DRM) technology, such as Adobe Flash Access or Microsoft PlayReady, is applied to each file while still within the secure facility. Once this is done, the files can be safely uploaded to a content delivery network for storage and delivery. DRM protects the files from theft and unauthorized playback during storage, transit and delivery through the cloud.

  • Securing Cloud-Based Workflows for Premium Content 4

    Traditional Content Workflow

    Unfortunately, in-house workflows have a number of downsides. First, there is the high capital cost and operational complexity involved. Because transcoding is so processing-intensive, an in-house solution requires significant upfront expenditures for hardware and software. This problem is further exacerbated as screen resolutions continue their upward march toward 4K and beyond, requiring enormous source files that are increasingly unwieldy to access, move around and back up.

    In addition, it is costly to maintain and manage a complex workflow that can keep up to date with the continually expanding matrix of technologies, formats, codecs, screen sizes and so on that comprise today’s fragmented device marketplace. Accommodating a new device or format – including retrofitting the existing content library – involves acquiring new expertise and significant processing power, consuming substantial time and resources.

    Content service providers with an in-house workflow also face capacity planning challenges. Because their infrastructure is inelastic, they must accurately estimate the amount of hardware and software they will need well in advance – they cannot scale on demand. Typically, this means companies are forced spend extra and overprovision – or suffer the consequences of potentially falling behind schedule or being unable to meet demands.

    In addition, companies must provision for peak usage, adding hardware and personnel any time they need to increase capacity, even if only for a one-off event. Unfortunately, these resources then sit underutilized much of the time, going to waste.

    For most companies, it is also difficult to cost-effectively build true reliability into in-house server farms. With only one or two server locations, in-house infrastructure cannot provide the same level of fault tolerance as a truly distributed cloud infrastructure can.

    For these reasons, growing numbers of media companies are looking to leverage the cloud — not just for video delivery, but also earlier in their workflows. But while intelligent cloud infrastructures can deliver tremendous benefits and enable companies to overcome the limitations of in-house workflows, they also introduce potential security concerns, particularly for premium content providers.

    Source File

    Transcoding & DRM Wrapping

    Secure Facility DRM Proctected

    Renditions

    Cloud Storage & Delivery

  • Securing Cloud-Based Workflows for Premium Content 5

    Can Cloud-Based Workflows Be Secure?

    Premium content requires a workflow that protects it from theft and unauthorized access at every step, from the original source file all the way to the consumer. Of particular importance is the transcoding process, as it requires access to unencrypted source files that are at risk of theft. Doing this process off-site, in the cloud, raises potential security questions.

    Indeed, the very aspects of the cloud that make it so massively scalable and high performing are the same characteristics that make security challenging. The cloud is a decentralized, distributed model relying on heterogeneous third-party networks – much different from a single, secure, centralized facility where content can be processed. Because of this, cloud-based content workflows require a completely new security paradigm. In order to be viable for premium content, cloud-based workflows must:

    1. Protect the source content as it is being ingested to the cloud.

    2. Protect the content during transcoding and DRM implementation.

    3. Protect source content and created files during archive and storage.

    4. Ensure redundancy of all files in a geographically distributed manner.

    5. Protect content files as they are delivered to end users.

    6. Secure content at all times in a way that does not hamper the unique benefits of the cloud-based workflow,

    including scalability, performance and reliability.

    Akamai’s Secure End-to-End Workflow for Premium Content

    In order to provide true end-to-end protection for premium content, Akamai is pleased to introduce the industry’s first and only MPAA-assessed, secure workflow for the transcoding, storage and delivery of video through the cloud.

    Combining industry-leading expertise in securing the cloud with more than a decade of experience delivering compelling media experiences, Akamai is uniquely able to offer this solution — enabling media companies to vastly simplify their post-production workflows and infrastructure by fully leveraging the tremendous scalability and performance of the distributed cloud for the first time. Content owners need only upload their source files, and Akamai’s massively distributed, high-performance cloud platform takes care of the rest – all while keeping the premium content safe from theft.

    To provide the highest levels of protection and assurance, Akamai has voluntarily undertaken the intensive process of having its cloud-based workflow assessed under the MPAA’s Site Security Program, the