Securing your content is Kontiki’s number one priority. And, since Kontiki’s delivery architecture is based on a distributed delivery model, the core of the platform has a built-in end-to-end security framework ensuring:
Only content that is published to the central system by an authorized publisher is delivered by Kontiki. To publish video for distribution, a publisher must authenticate by logging into to a central server. Once authenticated, the publisher can upload a video either by transferring it via SSL or having our central server(s) pull and broadcast it from the live video source such as an encoder. Videos published through Kontiki are virus checked and encrypted for storage.
Kontiki provides federated services support via SAML 2.0 integration. Authentication and access control is provided via integration with a corporate user directory such as Active Directory (or any LDAP compliant directory system). This security overlay allows administrators to govern privileges throughout the supported workflows ranging from specifying which groups of users can upload video, approve or reject published videos, police metadata, moderate comments, brand the end user experience, promote content on key pages, syndicate to existing intranet sites, create channels or assign content to channels, and more.
All video transfers within Kontiki are secure, using either the Kontiki Delivery Protocol (KDP) or SSL over HTTP. KDP is based on industry standards for signatures and encryption. Each KDP message and response is signed and encrypted using the following standards:
It is essential that an ECDN guarantees the integrity of the content delivered. A malicious user or a PC with a virus should never result in an altered copy of content propagating through the network. To avoid this, Kontiki’s ECDN generates a SHA-1 digest for every “block” of a video file published into our ECDN. This digest then becomes part of the content metadata for that content item. Every receiver of content also generates its own SHA-1 digest of each delivered block and compares it against the original SHA-1 digest that is part of the metadata. If any block fails a check, the agent will not source any more data from that server and will delete the bad blocks. Through this method, the system can guarantee a bit-perfect copy of every video stream received by every user.
Videos are encrypted as they are uploaded to Kontiki and reside in encrypted form on the central content servers. Content also remains encrypted as it resides on the PC and is decrypted on the fly only when the media player is streaming the video. This level of security helps ensure that a user can’t redistribute sensitive information and that the content will remain protected even after it is delivered to the desktop.
End-to-end security is just one of the ways that Kontiki provides our customers worldwide with the leading enterprise video solution. Learn more about delivery network, our products or our solutions.