50 %
50 %
Information about dadfao35235r
Health & Medicine

Published on March 3, 2014

Author: ThomasDang




SECURE  WEB  PLAYER  (PROTOTYPE)   Kaltura KCBB & Youtube CLAS player Security Features What Does It Do? Mediaspace Basic security for preventing third-party HTTPS over SSL/TLS – Encrypting Yes Yes the connection that transports the prevent any attempt by the users who had video Yes viewing (via a packet sniffer) of video. Won’t permission to view the video to get and share the download link or the file. Yes No Yes No Yes Partial support via Connect CWL login Access control by department, course, group, and user ~ ~ Silently hiding the direct actual filename are all not shown guessing this direct link is similar to guessing a 11 character+number+symbol technology via server-side URL password and also knowing the parameters rewriting and proxy Yes secure. However, without this flavor code, to the browser or any client-side Yes at the direct URL in Kaltura, which is not provider number, flavor code, and No Prevent using client-side debuggers to get download URL entirely, service to the Kaltura REST service Aggressively prevent and No No Yes overwrite end-point and Prevent accessing the temporary file on the intermediate caching by multiple browser, such as via browser add-ons methods Page 1 of 2

SECURE  WEB  PLAYER  (PROTOTYPE)   The video download process of No No Yes the player involves a handshake protocol with the server and also a session-unique token. Prevent spoofing of HTTP request (ie. Faking the browser traffic) such as with traffic testing tools like JMeter. Semi-transparent watermark overlayed on top of the video that No Yes contains the viewer’s first name & screencap and share the video without last name from the federated No Deter screencapping. If some users permission, their names will show. auth system (Shibboleth) Encode the video being sent to the player (not to be confused with SSL connection encryption), No, but with some obfuscation No No to make it more tedious to break at this level and have the player decode when play with a key hidden deep in the compacted javascript or Flash code, so that even if someone could download the video, the Deter sophisticated attempts by a user who had permission to view the video to download a video, such as by setting up a local HTTPS proxy (Paros, Squid) and configure the proxy to ignore nointermediate-caching directives in the request headers. Caveat: The word “Deter” is used instead of video is still unplayable. “Prevent”, because with current technology, there “You can put a lock on your circumvention. Even an encrypted video still apartment, and another lock on the building. This will not stop a tank from destroying the building, but most will find that it’s not worthwhile.” (colloquial IT saying) Page 2 of 2 is no surefire method against this level of DRMneeds a public key, and decompiling and examining the client-side player code will eventually reveal this. A determined expert will be able to overcome in-code obfuscation of the key as well.

Add a comment

Related presentations