There are several levels of protection of a video stream from copying, which can be implemented on the Internet.
1. Watermarks / branding. The simplest and most effective option. It can be applied to all video files, even when transferring on physical media. Cleaning the video from such protection is usually a laborious and costly process.
2. IP Restriction / One-Time Links. The next echelon of protection is the restriction of access to video or any open user parameters such as: region or country of view, browser, site with video or encrypted such as one-time links and access tokens. In this case, you will need a specialized video distribution service or your own servers. Such protection can be bypassed only by saving the video stream to a file directly in the browser or through special applications. The protection works quite efficiently and flexibly, but it is technically easier to manage than in the first case.
3. DRM and video encryption. The most advanced solutions completely encrypt the video stream and decrypt it only by the access key in the browser client. Such protection is bypassed through screen capture, but it already requires the installation of special programs and time for physical viewing and video processing.
What is DRM?
Digital Rights Management is a collection of access control and management systems, technical means of copyright protection. It is a system or a series of systems that restrict pirated access to video and audio.
DRM allows you to establish rules for how the viewer interacts with content and to determine the tariff policy, subscriber devices admissible for legal use, allow or prohibit copying and provision of content to other persons.
How does DRM work?
Protected content must be decrypted before playing. To do this, a player that plays video in a web browser or application interacts with a DRM server that prohibits or allows viewing of content on this device and issues a license containing content usage policies.
1. The video is encrypted on the server
2. A user downloads a video with browser or other app
3. The browser transmits the video to a special component for decryption
4. Content is protected from viewing / modification by the user
5. The system requests a video content license from a special server
6. The license server checks the user and makes a decision about issuing a license to him, its validity period and other parameters
7. The component receives a key to decrypt the video
8. In case of successful identification the component decrypts it;
9. The user gets limited access to the video
Thus, the user is limited in full access to the video, because the main rights to it belong to you. The license can restrict access to video by time and duration of viewing (for example, within a month, but not more than 10 hours), and also allows viewing on analog / digital devices.
DRM in the film industry
One of the first experiences of DRM was the Content Scrambling System (CSS), introduced by the DVD Forum on DVD movies in 1996. CSS used a simple encryption algorithm and required consumer electronics manufacturers to sign licensing agreements that limited the technological capabilities of the devices, such as the use of certain digital outputs that could be used to produce high-quality digital copies. Thus, the DVD Forum has taken over full control over a single type of consumer electronics capable of decoding DVDs by restricting the use of these devices. This was the case until 1999, when Jon Lech Johansen released DeCSS, which allowed a CSS-encrypted DVD to be played on a PC using a Linux operating system for which there was no software license.
Microsoft Software - Windows Vista includes a DRM system called Protected Media Path, which is used to restrict the playback of DRM-protected content by unlicensed software. In addition, PVP can encrypt information when it is transmitted to a monitor or graphics card, thus limiting the possibility of unauthorized copying.
Advanced Access Content System (AACS) - a DRM system designed for use in HD DVD and Blu-ray Disc, developed by AACS Licensing Administrator, LLC (AACS LA) - a consortium that includes Disney, Intel, Microsoft, Matsushita (Panasonic), Warner Brothers, IBM, Toshiba and Sony. In December 2006, the key used for encryption was published on the Internet by hackers, thus opening full access to AACS-protected HD DVD content. After the broken key was recalled, new broken keys were published.
As for the film industry, there is currently no single standard for DRM systems to restrict the recording of television broadcasts. The proposed standard should be published by ETSI as a formalized European standard ETSI TS 102 825.
What are the types of DRM?
There are two types of DRM: anonymous and authorized.
Anonymous DRM does not require user authorization and protects content at its storage point (e.g broadcast servers) and allows you to define general rules for its distribution and viewing. Both the media file and the metadata with access policies are protected.
In the case of anonymous DRM, it is assumed that the video service itself checks the user's authorization at the time of downloading the application or when entering the site through a browser. The DRM server assumes that anyone requesting keys from the correct application is eligible for them.
In the case of authorized DRM, the DRM server gives the user a key to start viewing and asks the content provider what kind of user it is, if this user has rights to access and whether the server can send keys further.
Authorized DRM provides a higher level of control by providing the ability to implement content monetization models that identify each individual user. Authorized DRM allows a distributor to expand the set of rules for using content and increase the number of distribution models.