A method and system for protecting video and image files processes from original files to detect skin tones of persons appearing in the media. Pixels determined to contain skin tones are blurred or blacked out, and the pixel locations and their original color values are stored in a metadata file. The metadata file is encrypted and stored with the redacted video file. Thereafter, when an authorized person wants to see an unredacted version of the video, the system decrypts the metadata and reconstituted the video, replacing the redacted pixels with their original color values, and inserting a unique watermark into the video that identifies the requesting person. The watermarked video is then provided to the requesting person.

Techniques and mechanisms described herein facilitate the efficient common storage of partially encrypted content. According to various embodiments, a client device to transmit a designated representation of a media content item via a communications interface may be received. The media content item may be associated with a plurality of representations including the designated representation. The media content item may be associated with first media content data and second media content data. The first media content data may be shared among the plurality of representations. The second media content data may be specific to the designated representation. The first media content data may be combined with the second media content data to create a designated partially encrypted media content portion associated with the designated representation via a processor. The designated partially encrypted media content portion may be transmitted to the client device via the communications interface.

Provided are methods and systems for processing information. In one example method a first frame of a first group of frames of an information transmission can be processed. The first frame can be encoded without reference to other frames of the information transmission. Additionally, a second frame can be processed in the first group of frames. The second frame can be processed with reference to a frame from a second group of frames of the information transmission.

A system and method for facilitating fast channel change in a streaming media network comprises receiving media content assets packaged in a common mezzanine distribution format (CMZF) container structure, wherein the media content asset is provided as CMZF-formatted media content in a CMZF stream scheme. Upon receipt, the CMZF-packaged media content assets are transformatted into corresponding CMZF segments stored in a local cache corresponding to a plurality of media channels. Responsive to a channel change request from a user equipment (UE) device, a unicast or multicast burst is sent comprising Reliable User Datagram Protocol (R-UDP) packets or Real-time Transport Protocol (RTP)-encapsulated partial or full virtual segments (R-SEG) generated from the CMZF segments corresponding to the requested channel.

A server apparatus supporting authenticated encryption in a network, comprising a receiver configured to receive an unencrypted segment, a processor configured to selecting an encryption key, an initialization vector, and an additional authentication data (AAD), encrypt the segment, configuring the segment for transfer in a Dynamic Adaptive Streaming over Hypertext Transfer Protocol (HTTP) (DASH) media, assign a segment number to the encrypted segment, append an authentication tag to the encrypted segment, store the encrypted segment with the appended authentication tag, and update a Media Presentation Description (MPD) associated with the encrypted segment with the appended authentication tag, wherein the MPD comprises an @aadBase attribute with an AAD base value, wherein the AAD value is the sum of the segment number and the @aadBase attribute value, and a transmitter configured to transmit the encrypted segment with the appended authentication tag to a destination.

A system and methods for permitting open access to data objects and for securing data within the data objects is disclosed. According to one embodiment of the present invention, a method for securing a data object is disclosed. According to one embodiment of the present invention, a method for securing a data object is disclosed. The method includes the steps of (1) providing a data object comprising digital data and file format information; (2) embedding independent data into a data object; and (3) scrambling the data object to degrade the data object to a predetermined signal quality level. The steps of embedding and scrambling may be performed until a predetermined condition is met. The method may also include the steps of descrambling the data object to upgrade the data object to a predetermined signal quality level, and decoding the embedded independent data.

The disclosed technology relates to broadcasting encrypted data to multiple receiver devices, where some receiver devices have long-term access to the encrypted data and some receiver devices have a temporary access to the encrypted data. Receivers having long-term access are part of a member group because these member group devices have a master key and the master key enables the member group devices to derive the necessary information to decrypt the encrypted broadcast. In contrast, devices with temporary access possess only a guest key and not master key, without a master key the devices need to receive the guest key from another device to decrypt the broadcast. Access to the encrypted stream can also be based on broadcasting multiple or single diversifiers, where a diversifier can include group identification information to assist in restricting access to the encrypted stream.

Techniques and mechanisms described herein facilitate the efficient common storage of partially encrypted content. According to various embodiments, a client device to transmit a designated representation of a media content item via a communications interface may be received. The media content item may be associated with a plurality of representations including the designated representation. The media content item may be associated with first media content data and second media content data. The first media content data may be shared among the plurality of representations. The second media content data may be specific to the designated representation. The first media content data may be combined with the second media content data to create a designated partially encrypted media content portion associated with the designated representation via a processor. The designated partially encrypted media content portion may be transmitted to the client device via the communications interface.

A system and method for providing load balanced secure media content and data delivery in a distributed computing environment is disclosed. Media content is segmented and encrypted into a set of individual encrypted segments on a centralized control center. Each individual encrypted segment has the same fixed size. The complete set of individual encrypted segments is staged to a plurality of intermediate control nodes. Individual encrypted segments are mirrored from the staged complete set to a plurality of intermediate servers. Requests are received from clients for the media content at the centralized control center. Each individual encrypted segment in the set is received from one of an intermediate control node and an intermediate server optimally sited from the requesting client. The individual encrypted segments are reassembled into the media content for media playback.

A system and method for facilitating content delivery with end-to-end encryption in a network architecture using a common intermediary mezzanine distribution format (CMZF). An edge media router (EMR) device is provided in one embodiment that is configured to receive a media content asset packaged in a CMZF container structure, wherein the media content asset is provided as CMZF-formatted media content in a CMZF stream scheme. The CMZF container structure, configured to facilitate carriage of ISOBMFF track and track metadata data objects as well as sample variants in PES payload in additional elementary streams, is operative to carry each bitrate representation of the media content asset encrypted in one or more encryption schemes at a headend. Upon receipt, the EMR device is configured to repackage the media content asset to generate one or more output formats without reencrypting the media content asset for storage at a storage node and/or for downstream delivery.