| STREAMING |
| The following are samples of video streaming. Please ignore the video content. This is a sample. | |
|
| 1. Embedding the video by html. | Here |
| - This the simplest approach to streaming media. However, it does expose the location of the video for downloads if necessary. A person with slight coding expertise can reverse engineer the HTML code to resolve the location of the video file used and download it. This is not recommended. |
| 2. Embedding the video by html via directx. | No Sample |
| - Not very usefull, same issues as (2) |
| 3. Showing the video in ASP.NET as an image. | Here |
| - Does not work with most image types. |
| 4. Using a custom ASP.NET control. | Here |
| - Allows streaming of Windows media player, Quick time and Realplayer content. Hides the location of the AVI files to prevent download. Cannot be embedded into normal pages. A custom control will have to be created. |
| 5 Using a custom ASP.NET control V2. | Here |
| - Allows streaming of Windows media player, Quick time and Realplayer content. Hides the location of the AVI files to prevent download. Cannot be embedded into normal pages. A custom control will have to be created. |
|
|
| SECURITY |
| How can we prevent theft of the avi files? |
| People can download video streamed to users by directly accessing the source location. Click the following link for an example. Here |
| We can protect against this in the following manners: |
| 1. Not including the name of the source file in the source html (see above). |
| 2. Only streaming the video to users who are logged in - The more users who have access to the video the more chance that a user is malicious. |
| 3. Encrypting the file name of the video. - Often it is unnecessary to encrypt or protect video. The only way that file can be found on a website is by searching for the files by name. Files called "default.html" and "video.avi" will be found very easily. However, encrypted files names which are random, alphanumeric and over 25 letters long are very, very secure. |
| 4. Using a .NET handler to secure a folder in the website. - A .NET handler can be used to require that a user is logged onto the website before they can access the content for a specific folder. |
| 5. File encryption. - This is not recommended. This will ensure that even if a malicious user was able to download the secure content it would not be useable unless the 25 digit, alphanumeric key was also known. However, this comes at a large performance hit, since it can take up to ten minutes to decrypt a encrypted 10MB file. It is also difficult to find an encryption proces that can be streamed. The whole file must be decrypted before it can be sent, which means that all of the delay due to decryption is upfront. |
| 6. Secure transport. - This is not recommended. Most secure video providers (e.g. Netflix) stream video over HTTPS rather than HTTP. This means that if the message is captured in transit the message could not be decoded and so would be useless. This can be done, but I do not think is necessary and may incure an additional cost. |
|
|
| Secure.htm | Here |
| AVI_to_MPEG-4.avi | Here |