charliekraus

The Role of IP-based Geolocation Data in Protecting Content

Blog Post created by charliekraus on Feb 17, 2017

There are multiple benefits to knowing where web visitors are coming from. For an ecommerce web site, knowing where potential customers are allows pre-population of country code on forms, displaying different languages, and presenting regional specific content. OTT video services may have licensed content that has limits on where it can be viewed, and geolocation information provides a way to enforce the restrictions. For those of you not familiar with geolocation, it is the matching of an IP address to a geographical location. This third in the series of security technology blogs (the previous two covered DDoS Attack Interception and WAF), will focus on geolocation as it pertains to protecting and accessing content.

 

Where you can get an IP-based geolocation database?

 

There are a several commercially available geolocation databases. Ip2location, MaxMind, and IPligence offer fee-based databases that can be easily integrated into web applications. Most geolocation database vendors offer APIs and example codes in multiple programming languages to retrieve geolocation data from the database.

 

There are also freely available geolocation databases. Some vendors offering commercial geolocation database also offer a Lite or Community edition that provides IP-to-Country mappings. Ip2Country.net and Webhosting.info offer free IP-to-Country databases that can be integrated into web applications.

 

 

How accurate is IP-based geolocation?

Accuracy of geolocation database varies depending on which database you use. According to IPlocation.net, for IP-to-country databases, some vendors claim to offer 98% to 99% accuracy, although typical Ip2Country database accuracy is more like 95%. For IP-to-Region or City, the range is anywhere from 50% to 75% if neighboring cities are included. Considering that there is no official source of IP-to-Region information, 50+% accuracy is pretty good.

 

How Content Delivery Networks use Geolocation data

The primary use of geolocation data by CDNs is to control access to website origins based on user location. In the case of the Limelight CDN, our integrated geolocation database has accuracy down to postal codes and latitude/longitude. For example, a media company live streaming a sports event may have regional blackout restrictions in their licensing agreement. Using geolocation data, the CDN will block access to the streams for users in the blackout region. Most licensed video on-demand content comes with regional viewing restrictions, so delivery CDNs will use the same method as in the live streaming example to enforce the agreements. A very important additional service CDNs perform as part of enforcing regional viewing restrictions, is allowing or denying access if an end user is utilizing a known Anonymizer service. An anonymizer allows a user to disguise their location to gain access to blacked-out content.

 

More to Come

The next blog in this series will cover securing content in motion with HTTPS. Also, there will be more to come about events that may occur related to security issues.  See you here next week!

Outcomes