• BuyDRM_WowzaStreaming_Slider_1920x450.png
  • EPIX_BlogSlider_1920x450
  • 763x430_BuyDRM_WowzaStreaming
  • 763x430_BuyDRM_EPIX
  • 378x300_BuyDRM_WowzaStreaming
  • 378x300_BuyDRM_EPIX

Creating DRM Workflows - Part 1 - Content Encryption

Posted by Christopher Levy on Nov 17, 2016 6:54:35 PM



In the coming weeks we are going to be presenting a six part series titled “Creating a DRM Workflow” authored by our CEO and Founder, Christopher Levy.


By: Christopher Levy | CEO |  BuyDRM

Deploying a DRM solution can be broken down into two major block processes; encrypting or “packaging” your content and decrypting it and playing it back. This lock and key arrangement is in place in literally thousands of locations in your daily life whether it be an ATM validating your debit card or your car door opening when you push the button on the remote.

DRM systems enable the preservation of content owners’ rights wherever the content travels acting as a portable digital media firewall. To view the content the user must be capable of receiving a license key to unlock the video files before playing them back.  This license key typically has the content owner or licensee’s digital rights expressed inside of it as rights objects. This entire secure process typically happens in less than a second.

To begin let’s look at the first step in creating a DRM workflow: Content Encryption. All content managed by an IP-based DRM system must be encrypted using the specifications designed by the DRM OEM. In the modern marketplace most solutions use a variety of technologies designed around 128 bit AES encryption using either CBC or CTR modes.

Typically a DRM provider will provide Encryption tools which are developed by the provider for use by their customers. In doing so these tools use a variety of common and proprietary technologies to format, encrypt and output the packaged content. In some cases companies use hardening technologies to ensure the security of these tools i.e. the keys they contain and how they got them and how they are using them, is not compromised.

The most common form of these tools is a command line interface packager that provides the simplest method of packaging content with modern DRM. CLI tools can provide a quick and dirty method to rapidly test packaging platforms or confirm format compatibility. They can also be scripted to work in an automated fashion. CLI tools should not be used in a full-ramped up production environment due to their lack of complexity, support hooks, error messaging etc.

Next up are conventional server side tools which provide content encryption. Typically these tools will also provide the chunking, fragmenting or muxing necessary to prepare a conventional input format like MP4 for packaging into a more typical adaptive bit rate (ABR) streaming file. Additionally, a server side encryption product will more often than not support cueing, parallel packaging, more advanced API calls, greater scalability and greater security.

These products are also more likely to include better monitoring hooks and the ability to create custom error messages as well as including more complex logging functions. These tools are the mainstay of the DRM industry and every DRM provider in the industry provides something of this sort. Typically these products are designed for ultra-fast HDD’s and in most cases the hard disk drives are the bottleneck with regards to reaching theoretical limits associated with encryption.

As the cloud becomes a greater factor in large-scale digital media deployments, more and more DRM vendors are adapting their technology to enable cloud-based encryption.  In some cases cloud encoding companies and cloud media companies have implemented their own versions of content encryption within their media workflows. We will discuss that in a later episode.  There is clear progress though with regards to existing DRM vendors adapting their technology to run in the most popular clouds.  For example, when you deploy in Amazon Web Services, the technology must be converted into an Amazon Machine Image (AMI). This AMI is then provided to the customer who can deploy it within their own Amazon Web Services account.

-Next week we will discuss 3rd Party Encoding solutions which support Content Encryption / DRM.- 


Readers Choice 2016.png


BuyDRM’s KeyOS™ Multi-DRM Platform 2016 Recognitions

 BuyDRM is proud to announce our inclusion in The 2016 Streaming Media 100: The 100 Companies That Matter Most in Online Video in 2016. This is our  fourth consecutive year of being recognized as a top innovator in the field.  BuyDRM was also recognized as the runner up for the 2016 Streaming Media Readers'  Choice Awards for DRM/Access Control Service Providers, once again proving our solutions as being one of the most comprehensive and widely deployed in the world.

Playready Widevine Fairplay

BuyDRM – Your Single Source for Multi-DRM Solutions

Offering PlayReady, Widevine, and FairPlay, we can help you deliver protected content to any device in any situation whether online or offline or both.

Established in 2001, we are a market-leading Multi-DRM service provider. Over the last fifteen years we have seen drastic changes in the content protection arena as a variety of new technologies have entered the marketplace. Through our pioneering efforts in this field and decades of experience in digital media, we have your bases covered with the KeyOS Multi-DRM Platform supporting PlayReady, Widevine, and FairPlay DRMs. KeyOS supports all of the popular consumer platforms and business models.

Want to Learn More?

If you are either just beginning your search or are a seasoned streaming media pro, we think our team can help you. 

Contact us to learn more about our solution.  We would be happy to set up a call to evaluate your scenario and find out how we can help you.  Our consultations are always free. Our KeyOS platform powers the biggest names in media across the globe and we are eager to assist you as well.

Here is more content that you might be interested in:

- [BLOG PART 2] Creating DRM Workflows - Part 2 - 3rd Party Encoding Solutions
- [BLOG PART 3] Creating DRM Workflows - Part 3 -"3rd Party Server Solutions

    Subscribe for Instant Notifications

    New call-to-action

    Posts by Topic

    see all