Oliver Lietz, CEO at nanocosmos, takes a look at the ways that security concerns can impact a business’ approach to live streaming, highlighting that system security of server and cloud operations are becoming increasingly important, especially for monetised environments like live gaming.
A flaw in Log4j, a common Java library for logging error messages in applications, has recently been flagged as the most high-profile security vulnerability on the internet with a severity score of 10 out of 10.
News of the “Log4Shell” vulnerability, with its potential to harm millions of computers, spread fast and reminded us of the present risk of illegal takeovers of servers or accounts. The threat might not be visible, but it remains current and acts as a warning for both businesses and individuals of the need for pre-emptive action to be taken by server operation teams in-house or your cloud providers.
Since the demand for real-time live streaming platforms that enable interactivity on mobile devices in particular increased, nanocosmos has been heavily engaged in serving igaming operators around the world. The focus here is on enabling audience engagement for igaming operators by delivering the player with Adaptive Bitrate support, a global CDN, and analytics to improve quality of service.
By nature, and aside from the newly discovered Log4j threat, security measures have determined client data and infrastructure not only on the provider’s end, but also B2C on their clients’ end. However, other new topics like secure communication and streaming have become increasingly important.
Streams represent live content and content has a value – and is subject to attacks and misuse.
Content security and secure live streaming are top priorities for us and one of the areas we are focussing on in terms of our 2022 product development. We are currently running a pilot project that is going to be released soon.
Implemented as an add-on to our ultra-low latency live streaming platform, it can detect streaming irregularities based on factors such as the time a game runs. For example, if a poker game live stream runs for 24 hours, it may be a sign that the stream was hijacked. Administration in this case should be immediately notified.
The hijacking of streams is illegal and is related to copyright which needs to be protected. The other issue created by hijacking is that when streams are distributed illegally, it can create data traffic that ends up on the wrong bill. Our new security service included in nanoStream Cloud checks suspicious access and detects irregularities like usage and timing.
How secure can a live streaming platform be?
We have a couple of areas we focus on when it comes to securing work with our clients and then also the work they do when managing streams with our platform. One example is playback tokens. These are created to limit streams to a specified audience and for a specified time. This is a necessity for a live streaming platform because content has a value, hence it becomes a theft target.
nanoStream Cloud is created with security and encryption enabled by default. It supports secure access and REST APIs, content encryption, secure access with web hooks and token-based access for certain application scenarios, for robust operations 24/7 anywhere in the world.