Makes Case for Serverless Architecture in Video Security at NAB 2019

Serverless architectures are permeating the broadcasting space as service providers migrate to cloud based IP infrastructures, because of their inherent scalability and ability to absorb peaks and troughs in demand cost effectively on a pay as you go basis. They are peculiarly conducive for security, which can help broadcasters and operators cope with the considerable headache of maintaining levels of protection against hacking and content theft as they migrate to the cloud and rely ever more on OTT distribution over the Internet.

The benefits of serverless architectures, such as AWS (Amazon Web Services) Lambda, will be explained at NAB 2019 by Abhinav Srivastava, Head of Information Security at, Wednesday, April 10 • 11:20 AM - 11:40 AM as part of the cloud-based video review and collaboration platform. Speaking at the Broadcast Engineering and Information Technology (BEIT) conference for NAB 2019, for which The Broadcast Bridge is media partner, Srivastava will outline challenges for video service providers associated with migration of security to the cloud and how the serverless approach helps meet them.

But the first point Srivastava should make clear is that serverless is a misleading term because it implies somehow that the implementation magically manages without any computational platform. It merely means that the implementation is serverless from the customer’s point of view as all the servers are hosted by the cloud provider, such as AWS. It is really just another way of referring to a public cloud as implemented today with the emphasis being that all the computation is outsourced to it.

However, there are some associated technical features that make serverless approaches convenient for developing business logic, while being less costly than previous approaches based on virtual machines using commodity hardware or containers inhouse, as Srivastava explained in advance of his NAB presentation. “Serverless is based on an event driven architecture that allows you to process events as they happen, with small units of code, or functions, that make it easier to reason, focus on logic and identify vulnerabilities,” he said.

In this sense serverless is aligned with the trend towards microservices and DevOps methods where software is developed in small chunks and tested as they are implemented so that there is feedback over much shorter time scales from the field to the teams that develop the code.

There is also the scaling factor. “The advantage of serverless is that you don't need to worry about scaling your infrastructure to meet peak demand,” said Srivastava. “As a developer, your main concern is with writing the business logic. Once you do that, you rely completely on the cloud provider to orchestrate and run infrastructure and runtime for you.”

Then on the security front, the main focus of the talk, Srivastava is discussing how the event-driven model of serverless helps deploy competing different technologies in parallel, providing adaptable protection. “The security industry is fast moving,” Srivastava explained. “New companies are constantly being built and are adopting new tools and technologies. Given the pace of this development, it is often difficult to compare all the tools and technologies. In a non-serverless environment, it can be challenging to use multiple technologies for the same purpose due to performance and compatibility issues.

However, with serverless, coupled with the message bus architecture, you can have multiple tools processing the same event in parallel without affecting each individual tool's performance. For example, you can run multiple anti-virus tools at the same time and even scan the same file without the tools affecting one another. You can even use majority voting to decide if a file is infected or not. This offers security operators and developers more flexibility in implementing solutions that use different tools, quickly.”

The message bus architecture referred to here provides a layer of middleware allowing multiple processes to access a body of data in parallel and is an essential component of microservices where a system has multiple components.

Despite being a strong advocate, Srivastava admits the serverless approach is not fit for all use cases. “Serverless does have some limitations,” he conceded. “For example: AWS Lambda times out after 15 minutes so any workload that requires processing time longer than that will not be suitable to run as a function. Similarly, workloads that are memory intensive and require gigabytes of memory are not suitable either.”

However, as Srivastava pointed out, serverless is still relatively new technology and providers are developing fixes to overcome some of the limitations.

You might also like...

NAB 22 BEIT Conferences Detail TV Engineering Progress

People visit NAB Shows for many reasons. Some are there to investigate and examine new solutions. Some are shopping with a budget ready to spend. Others visit to gather ideas and figures for next year’s budget. Many visit to a…

Protecting Premium Content OTT & VOD Distribution - Part 2

Protecting high value media content is a major priority for any broadcaster working with OTT and VOD. In the previous article in this series we looked at the three challenges facing broadcasters and in this article we dig deeper into…

Protecting Premium Content OTT & VOD Distribution - Part 1

The complexity of modern OTT and VOD distribution has increased massively in recent years. The adoption of internet streaming gives viewers unparalleled freedom to consume their favorite live and pre-recorded media when they want, where they want, and how they…

TV Industry Can Claw Back $28 Billion Per Year From Sports Pirates

The TV industry, including pay TV operators, rights holders and new streaming providers, could recoup $28.3 billion a year from pirates by luring consumers back to legitimate video services.

MovieLabs Updates Enhanced Content Protection Specification

MovieLabs has released the latest Version 1.3 of its enhanced content security specifications for 4K, HDR and premium window content, with additional guidance on disabling debugging interfaces and handling security software updates.