About setting up Streaming Media Server and DRM Encryption

In the past month, we have been studying the combination of msmediaserver and DRM. The main purpose is to set up a streaming media website. The most important function of a website is video protection.

I started to study what technologies can be used to encrypt and decrypt videos. Three solutions I initially identified:

The first is Microsoft's DRM encryption method, which requires a dedicated Certificate Server. The principle is to encrypt and package videos with certificates, because the packaged video will add a verification header to the video header, you can go to the fixed certificate distribution page to request a certificate. This method was originally outdated many years ago, in addition, you need to purchase Microsoft certificates every year, but video protection is a good solution. The disadvantage is that only media player can be used to play videos.

Second: Use the playreadly method of Microsoft, which should be an upgraded version of DRM. This service is powerful and supports mobile video encryption and can be perfectly integrated with Silverlight. But unfortunately, I have never seen this thing. At least Chinese Microsoft hasn't started buying this item yet. I have heard that Microsoft Research Institute has used it to provide a solution for China Telecom.

Third: Self-encoding decoder. This method requires C or pure language encoding decoder, and ActiveX must be used to enable client Decoding in the browser. However, this method is not selected because the development period is short.

In the end, we chose the first method for various reasons:

During the implementation process, we found that the DRM Certificate Server's distribution of certificate response time is a relatively slow process, which should be at the s level. Therefore, in a large video website, the speed of this impact is certainly not good, I do not do it through LB, because the certificate encryption and decryption is symmetric, you can only decrypt the certificate by encrypting it. The decryption process is related to the decryption server. Therefore, LB is a big challenge.

Finally, we analyze the entire process of DRM.

Package: raw video-pack (add the challege of the certificate to the video header)-generate the DRM encrypted video

Decryption: the DRM encrypted video is decrypted by Media Player request on the page-"page to receive the challege string-" decrypts the video through the local certificate and generates the public licesen-"returns to the client-" installs the certificate through js-"and plays the video

Since we started to write articles in the process of generating certificates, I used the pre-issued certificate method and the certificate distribution method.

Pre-issued certificate method: We use Windows Services to pre-Generate and save the certificate in the database. The user reads data during access.

Real-time mode: a certificate is distributed once upon a user request.

Finally, this method is used to meet the user's needs and large usage requirements.