Microsoft RMS – A Step Forward in Secure Information Delivery

By Mike Nash, Corporate Vice President, Microsoft Security Business Unit

On This Page

Introduction:
How I use RMS:
Benefits to IT Pros:
How it Works:
Summary:

Introduction:

Today, the pervasive delivery of information across the Internet, coupled with regulation and increasing threats of unauthorized access are driving a need for better information protection. Microsoft’s Rights Management Services (RMS) provides protection of enterprises’ sensitive information without the added burdens most of today’s information protection products impose.

How I use RMS:

My day involves communication with my staff, senior execs, customers and partners. I send information across Microsoft and outside its walls, all with different levels of confidentiality. For example, this week alone I needed to share a roll out plan with the Microsoft field, provide interview feedback on a candidate to recruiting, and discuss deal points with legal counsel – all sensitive issues. Until recently, I had little ability to effectively manage who saw confidential information once it left my desktop. Today, when I send the field roll out plans via email, I can use the RMS features to apply permissions to the information, ensuring that only the Microsoft field views these plans – they cannot be forwarded, printed, copied or edited unless I give them permission to do so. Now, with RMS I can control the access to such sensitive data, preventing it from ending up in the “wrong hands”.

RMS is information protection technology that works with RMS-enabled applications and browsers to help safeguard digital information from unauthorized use. Using RMS, I can establish persistent usage policies, controlling forward, print, copy and edit rights. The system even allows rights to be time sensitive, with access expiring after a preset amount of time has passed. These features give me confidence that confidential information is only getting to the people who need it. For my field roll out plan, I have set the viewing rights to expire in a month, as we will be releasing an updated plan then, and I want to ensure the field focuses on the revised plan.

Additionally, the simple user interface allows me to apply rights within the RMS-enabled applications I use every day (such as Office Word 2003, Excel 2003, Outlook 2003, and PowerPoint 2003), increasing the likelihood that I will secure my communications appropriately. I also benefit from pre-defined RMS usage policy templates to help me support corporate usage policies on for information such as sales forecasts or corporate strategic plans. For my field rollout plan, I was able to use a pre-defined RMS usage policy template created especially for field wide communications.

Benefits to IT Pros:

However, not all the benefits accrue to me. For IT Pro’s, RMS supports multiple goals simultaneously, offering the right level of protection for most enterprise content delivery needs at the right cost.

First, RMS was designed to reduce the IT Admin burden most content delivery systems impose.
Administrators do not need to manage unique directories to store usernames or define access rights – RMS leverages the existing directory infrastructure, limiting new admin requirements. Additionally, usage log audits are a snap, as the system provides an SQL based audit log, storing details on each authorized or unauthorized request for a use license. Tools for centralized policy management, including centrally controlled revocation and exclusion as well as centrally defined usage templates, enable you to effectively manage overall security needs. You can instantly revoke all rights for rogue users, or conversely define a usage template for a common scenario, in both cases providing greater assurance that company security needs are being met.

Second, IT pros do not need to install and maintain a separate set of applications to create and view rights protected information. These features are built into applications in the Office 2003 system and also into Internet Explorer via a downloadable add-on available via the Windows Update website, simplifying client management and application support.

Third, the TCO of adding Microsoft’s RMS solution to your infrastructure is a fraction of other information protection alternatives. Because of its integrated design, RMS allows you to add content protection functionality as part of a normal upgrade cycle. Experts from Yankee group (“Secure Content Delivery Protects Shared, Transmitted and Post Delivery Digital Assets”, March 2003 Yankee Group Report) recommend adding content delivery programs as part of overall application upgrades or new deployments in order to reduce deployment costs. Deploying RMS in conjunction with an upgrade to Win Server 2003 /Office 2003 adds both the RMS infrastructure and the client to utilize this infrastructure simultaneously.

How it Works:

RMS runs on Windows Server 2003, with clients available in the 2003 Office Suite, or Internet Explorer. The underlying system is based on XrML as the common language for expressing rights. This underpinning provides a simple to use, universal method for expressing digital rights information. RMS uses Active Directory as the source of RMS user account information, and can use biometrics, smart cards or other authentication methods to validate users. Additionally information can be shared with external users by granting rights to these users against their certified Microsoft Passport accounts. With RMS, information is encrypted using public/private key pairs. The public key resides on the RMS server and the private key and matching certificate within the client computer “lockbox”.

When a user creates a rights-protected file, they define (in an application user interface) a set of usage rights for various recipients. They may also set additional usage policies such as time expiration conditions. The application calls into the RMS client APIs to generate a symmetric key and encrypt the file with it. The RMS client APIs also generate and digitally sign the XrML publishing license containing the user’s specified usage policies and the symmetric key which has been itself encrypted to the RMS server. The publishing license is returned to the application which inserts it into the metadata of the file. Besides the user who authored the file, only the RMS server to which the file was published can decrypt the file. When a recipient receives the file, their RMS-enabled application sends a request for a use license to the RMS server and includes their RMS account certificate and the publishing license from the file. The RMS server validates that the recipient is authorized and creates a use license. The server encrypts the file’s symmetric key to the user’s public key, specifies the rights this user has, puts both of these in the use license, signs the use license, and then returns it to the recipient’s client computer. The application then calls into the RMS client APIs to validate the license and the user’s certificate, and if all is clear, allows the issued right or rights to be exercised and the file to be decrypted and rendered.

Summary:

Ease of use for both end users and IT pro’s, coupled with low TCO, make Windows RMS the right solution to protect information from unauthorized use.