OTT Streaming CDN Security Best Practices

Project Status:

(roll over for info)


The working group is currently writing the document. This is a collaborative approach using Google Docs.


February 28, 2023

Estimated Completion:

April 30, 2024
  • Home
  • OTT Streaming CDN Security Best Practices

Problem Statement

Streaming operators are under constant attack from those who wish to gain unauthorized access to content, steal content, or harm the streaming operator in some way. The streaming operator CDN is one of the targets for some of these attacks. This “OTT Streaming CDN Security Best Practice” whitepaper will provide streaming operators with the information they need to appropriately secure their CDN against these attacks.

Project Description

A Content Delivery Network (CDN) is a distributed network of servers used for the delivery of assets to consumer devices. In the context of streaming services, CDNs are responsible for delivering manifest files, media content, and static files efficiently. CDNs are designed to handle the high-volume streaming of these assets across extensive geographic areas. A range of documentation is available on-line to guide OTT (Over-The-Top) streaming operators in optimizing their CDNs for enhanced content delivery to users. This involves minimizing startup delays, rebuffering events and efficiently managing operational expenses. However, limited information is available for streaming operators wishing to protect their assets and CDN from abuse. This document provides descriptions of some of the known attacks of today and best practice guidance for OTT streaming services to secure their CDN and assets.

Project Type


Project Leads


Goals and Objectives

  • Provide an overview of contemporary piracy attacks and how they can impact operational efficiency and distribution expenses.
  • Document the best practices to improve security of the CDN for streaming applications.
  • Describe methods for ensuring the security of the playback and DRM license requests.

Project Scope

This document WILL provide best practice for OTT streaming operators in the following areas:
  • Securing playback requests (Brief coverage only)
  • Securing DRM license requests (Brief coverage only)
  • Management of CDN content.
  • Protecting CDN content from unauthorized access.
  • Protecting the CDN from abuse.
  • Best practice for multi-CDN operators, logging, and forensic watermarking.
This document WILL NOT provide best practice for:
  • End-to-end security best practice for OTT streaming services.
  • CDN performance.
  • CDN availability (load-balancing/failover).
  • Non-OTT streaming applications.


The following members have contributed to this project. Click on their name to visit their profile. If they have not published their profile, the link will redirect to their LinkedIn profile.

Additional References

“OTT Streaming Security Checklist” from SVTA Privacy WG (currently in final review).


The following presentations delivered during Privacy and Protection working group sessions may provide additional information about this project.