Super-scalable video authorisation

Streaming video and content for large populations require a different type of authorisation management: due to the high bandwidth requirements it is undesirable to maintain user sessions and to interrupt the streaming with a proxy to enforce digital rights management.

In fact, you want to avoid that millions of sessions need to be maintained on your content server or that millions of user profiles need to be kept on your content server. Yet, you want to verify the viewer’s rights to view your streaming video before every video block is streamed to the user’s device.

miaa PolicyGate issues identity-less access tokens that enable stateless sessions and anonymous rights control. The access token contains sufficient information to decide whether to stream another block or not. There is no need for caching user profiles and user sessions and no need to verify against an external system on a continuous basis, such as digital rights management.

Using the bearer access-tokens of miaa PolicyGate, access by tens of millions of viewers can be verified without the need for server-side storage of sessions.