Microsoft Offers Security Tool for Pending Server

By Clint Boulton (Send Email)
Posted Feb 21, 2003


In a continuation of its strategy to tighten security for its software products, Microsoft Friday unveiled a new technology for Windows Server 2003 that will help organizations better secure such confidential documents as financial reports.

Designating rights for who can access what has become increasinly important following a year drenched in corporate scandals. The Redmond, Wash. software maker thinks it has just the ticket in Windows Rights Management Services (RMS), an ASP.NET Web service built on the Microsoft .NET Framework to work with applications to provide policy rights for Web content and sensitive corporate reports. UPDATE: The new rights management technology will provide additional document protection for enterprises and employees.

With Windows RMS, users can control the forwarding, copying and printing of documents, as well as expiration rules, for portals, word processing or e-mail applications. They can be crafted so that users will be able to designate who can access specific content and what kinds of access rights they can have. Rights and policy are managed by the server, while clients running applications equipped with RMS allow users to apply rights with a mouse click.

Moreover, RMS can function with business processes via Web services because the technology relies on Extensible Rights Markup Language (XrML), an emerging language for securely specifying and managing rights and conditions associated with digital content and services.

Ronald Schmelzer, senior analyst for XML and Web services research firm ZapThink, discussed Microsoft's play with internetnews.com.

"The approach Microsoft is taking is to use a centralized system that can be accessed via Web Services. This single trusted source would control all the important steps in the DRM process. In essence, it would be an end-to-end, closed-loop system as exists in a number of major DRM products from companies such as those that used to be produced by InterTrust," Schmelzer said. "In this DRM environment the system has to package rights, encrypt the content, put it in a central repository, provide means for activation on the receiving end, issue licenses, and provide a way to inform the rendering application (Adobe, RealPlayer, etc.) about the terms of the license such as number of times to view, rights to print, and expiration. This monolithic model for DRM, while secure and doable, presents a number of hurdles to the adoption of this important piece of functionality that can enable trustworthy computing going forward.

What hurdles? Schmelzer said DRM will evolve so that best of breed components will be developed by different parties in order to drive interoperability, a model that breaks the current closed-loop mindset of DRM providers.

"In order for this approach to work, a single rights management language is needed, such as the Extensible Rights Markup Language (XrML) promoted and produced by ContentGuard, rather than a monolithic trust model," Schmelzer said. "Interoperability of business models as well as between platforms and formats is needed so that DRM as a technology can get the traction it deserves in the marketplace. In essence, this is an evolution of DRM rather than a replacement. The end result will be a greater adoption of DRM technology used in a wider realm, such as in protecting and metering Web Services resources."

Microsoft has been chided in the last year or so for the deluge of vulnerabilities security experts, hackers and crackers have found or exploited in its servers, but its announcement Friday is indicative of the importance software firms have been placing on security, particularity in the Web services space, where it is considered one of the main barriers to adoption. Microsoft has made great efforts to improve, through its Trustworthy Computing initiative, and has enhanced certain digital rights management tools in its portfolio, especially for Windows Media.

Mike Nash, corporate vice president of the Security Business Unit at Microsoft, said the technology was born out of repeated customer requests for something to safeguard their business data.

"What's really compelling about Rights Management technology is that it enables businesses to protect the information they most worry might leak -- either deliberately or inadvertently -- by putting persistent protections in the documents themselves," Nash said in a statement.

Microsoft will release two software development kits in the second quarter of 2003 to enable developers to begin to build rights management capabilities into applications for Windows clients. A beta of Windows Rights Management Services will be made public next week.

Page 1 of 1


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.