This lets you encrypt individual Dynamic Adaptive Streaming over HTTP (DASH) media segments, before delivering them to a requesting client. Here's an overview of how it works:
Key decryption information is included in the media manifest file.
Your media player requests your media, processes the manifest, and requests the key.
Akamai, acting as the key server, provides the decryption key, if the user is authenticated and authorized to play the content.
The player uses the decryption key to decrypt and play the media segments.
Media encryption uses session-level encryption. This means that the stream is encrypted for each user playback session, based on the stream, user, and time or date. Every new request for a stream is considered an individual session, which typically involves a request for the stream manifest. The decryption key is created per session and it's sent out dynamically when a new session is initiated. Each new session is independently encrypted with unique keys, and each separate user needs to access a separate key to decrypt the content.
For complete usage details, see Setup ME for DASH.