Shortly before the start of the SMPTE 2016 Annual Technical Conference & Exhibition, NewBay editors spoke with Bruce Devlin about his session “Security in the Cloud With IMF.”
TV TECHNOLOGY:How has security evolved alongside new distribution channels of content?
BRUCE DEVLIN: Security seems to evolve based on the revelation of vulnerabilities and also based on design against threat. I see some excellent work in companies like Amazon who are building a security ecosystem that appears to be very strong, but is not necessarily compatible with their competitors’ implementations. I think we will see a couple of major developments coming soon—first is "best practice" for media organizations to be aware of the different security requirements for their organization, and secondly will be the technology to address those requirements, e.g. encryption authentication and trust.
TVT:Should content owners just assume that some security breaches are the cost of the convenience of new, automated versioning technology?
BD: Like all aspects of a business, if you're informed, then you can make good decisions. There will never be (and never has been) perfect security. Content theft has occurred forever. What has changed now is the ability to do it on an industrial scale from a distance. The canny businessman accepts that breaches will continue to occur and will put in place operational practice, good system design and technology to mitigate the effects of the breach. Just like protecting our homes—it is a practical impossibility to keep all burglars out, but we don't have to leave a pile of $100 bills in the hallway to welcome them.
TVT:The advantages to one master/automated versioning are obvious, but is there any kind of security advantage to having content exist in multiple masters for multiple formats (if something is pirated, it's not “reformattable” for every possible display)?
BD: That is an astute observation. By splitting the content up into separate chunks and allowing multiple keys to be used, this is one strategy where the effects of a breach can be mitigated.
TVT:Assuming all parties adopt the recommended protocols: Since recent history tells us there's no such thing as absolute, 100 percent security, where would the weakest link (the most vulnerable part of the chain) be?
BD: It is often the humans who circumvent the best practices because it takes too much time or is just "a pain."
TVT:Is there life for IMF outside of film and television production?
BD: Yes, absolutely—many different types of business and security content need the sorts of tools in IMF for both versioning and tracking. I think it will have a long and rich life.
Bruce is the founder of Mr. MXF Ltd. and co-founder of The Media Bay. He has several consultancy roles including chief media scientist at Dalet and advisor to media companies on technical and business issues.