Security for Jive Video Communication

Jive provides the ability to view videos without sacrificing the security of your instance. Jive also enables you to configure your video instance with additional security features.

The Jive Video plugin enables users to upload videos into Jive. To accomplish this, Jive has partnered with a company called Twistage for video upload, encoding, storage, and playback. In order to play video assets that have been uploaded, Jive uses a flash video player that is provided by Twistage.

How Jive Makes Video Secure

Overview of Security Architecture

 The following outlines the request lifecycle for an authenticated RTMP video stream:

  1. The user attempts to view a video within Jive.
  2. While generating the video page, Jive generates an encrypted security token.
  3. When the user clicks play, the player requests the video from the CDN, passing along the security token.
  4. The CDN calls Twistage using the video ID and authentication token to verify that it can deliver the requested video content.
  5. Twistage calls a script on the Jive instance, called the "authentication callback script", passing it the video ID and the authentication token.
  6. The authentication callback script determines whether the provided authentication token is valid for viewing the provided video ID, and accepts or rejects the request with its response code.
  7. Twistage responds to the CDN's verification request accordingly, and the CDN delivers the video content to the browser or rejects the request.
  8. If your script returned an OK response code, the video plays on the page. If not, it doesn't.

How Security Tokens Work

When you open a page that contains the Twistage video player plugin, Jive generates an encrypted single-use security token that it passes to Twistage through the plugin. The token contains the following information:

Jive encrypts the security token using Advanced Encryption Standard (AES) encryption and intends for it only to be used once. When you play the video, Jive receives the token back from the CDN via Twistage and validates the following token information: