1. Technical Field
The present invention relates to a security processing system, more particularly to a security processing system and method for HLS transmissions.
2. Description of the Related Art
Streaming refers to transmitting contents such as video or audio contents from a server to a client over a network such as the Internet. The term “streaming” was derived based on the observation that the transmitted data flows like a stream. The server separates a video content into packets that can be sent over a network, and the client assembles the packets and restores the original form before replay the video content. Here, the replaying of the content and the receiving of the packets occur concurrently, and the series of associated packets are referred to as a “stream”.
Streaming, which involves replaying a content while the client is downloading it, is distinguished from a simple file transfer, which involves first receiving the entire video content and replaying the video afterwards. The client replays the content while receiving packets from the server, and then deletes the replayed data. A few examples of protocols for streaming files include the HTTP (Hypertext Transfer Protocol), FTP (File Transfer Protocol), RTP (Real-time Transport Protocol), RTSP (Real Time Streaming Protocol), HLS (HTTP Live Streaming), etc. Here, HTTP and FTP are essentially file transfer protocols, while RTP and RTSP are protocols for real-time file streaming.
Among the protocols above, HLS provides high security by employing an actual streaming method, instead of the conventional progressive download method, to prevent illegal copying of contents and by using the AES-128 data encryption technique to prevent unauthorized replaying.
By applying HLS, it is possible to provide video streaming services tailored to a mobile communication environment for various service providers in the fields of e-Learning, broadcasting, UCC, entertainment, etc. With a convenient environment established in which users may freely enjoy video contents even while moving, there have been increased sales of contents and increased amounts of data used, forecasting a potential for new areas of profit making.
It has been pointed out, however, that there is a problem in content security, because when a content supported by HLS is encrypted, the key information used in the content encryption is transmitted to a terminal together with the content information, and the key information can be easily extracted for decrypting the encrypted content. To complement this problem, it has been proposed to use HTTPS when transmitting the key information, but while HTTPS allows user authentication, it does not allow content authentication. As it is impossible to authenticate contents even when providing security by way of HTTPS, there is a need for content-based security, such as for controlling viewing authorization per content.