In a continuation of its strategy to tighten security for its software
products, Microsoft Friday unveiled a new technology for Windows Server 2003 that
will help organizations better secure such confidential documents as
financial reports.
Designating rights for who can access what has become increasinly important
following a year drenched in corporate scandals. The Redmond, Wash. software
maker thinks it has just the ticket in Windows Rights Management Services
(RMS), an ASP.NET Web service built on the Microsoft .NET Framework to work
with applications to provide policy rights for Web content and sensitive
corporate reports.
With Windows RMS, users can control the forwarding, copying and printing of documents, as
well as expiration rules, for portals, word processing or e-mail applications. They can be crafted so that users will be able to designate who can access specific content and
what kinds of access rights they can have. Rights and policy are managed by
the server, while clients running applications equipped with RMS allow users
to apply rights with a mouse click.
Moreover, RMS can function with business processes via Web services because
the technology relies on Extensible Rights
Markup Language (XrML), an emerging language for securely specifying and
managing rights and conditions associated with digital content and services.
Ronald Schmelzer, senior analyst for XML and Web services research firm ZapThink, discussed Microsoft’s play with internetnews.com.
“The approach Microsoft is taking is to use a centralized system that can be
accessed via Web Services. This single trusted source would control all the
important steps in the DRM process. In essence, it would be an end-to-end,
closed-loop system as exists in a number of major DRM products from
companies such as those that used to be produced by InterTrust,” Schmelzer said. “In this DRM
environment the system has to package rights, encrypt the content, put it in
a central repository, provide means for activation on the receiving end,
issue licenses, and provide a way to inform the rendering application
(Adobe, RealPlayer, etc.) about the terms of the license such as number of
times to view, rights to print, and expiration. This monolithic model for
DRM, while secure and doable, presents a number of hurdles to the adoption
of this important piece of functionality that can enable trustworthy
computing going forward.
What hurdles? Schmelzer said DRM will evolve so that best of breed components will be
developed by different parties in order to drive interoperability, a model that breaks the current closed-loop mindset of DRM providers.
“In order for this approach to work, a single rights management language is needed, such
as the Extensible Rights Markup Language (XrML) promoted and produced by
ContentGuard, rather than a monolithic trust model,” Schmelzer said. “Interoperability of
business models as well as between platforms and formats is needed so that
DRM as a technology can get the traction it deserves in the marketplace. In
essence, this is an evolution of DRM rather than a replacement. The end
result will be a greater adoption of DRM technology used in a wider realm,
such as in protecting and metering Web Services resources.”
Microsoft has been chided in the last year or so for the deluge of
vulnerabilities security experts, hackers and crackers have found or
exploited in its servers, but its announcement Friday is indicative of the
importance software firms have been placing on security, particularity in
the Web services space, where it is considered one of the main barriers to
adoption. Microsoft has made great efforts to improve, through its Trustworthy Computing initiative, and has enhanced
certain digital rights management tools in its portfolio, especially for
Windows Media.
Mike Nash, corporate vice president of the Security Business Unit at
Microsoft, said the technology was born out of repeated customer requests
for something to safeguard their business data.
“What’s really compelling about Rights Management technology is that it
enables businesses to protect the information they most worry might leak —
either deliberately or inadvertently — by putting persistent protections in
the documents themselves,” Nash said in a statement.
Microsoft will release two software development kits in the second quarter
of 2003 to enable developers to begin to build rights management
capabilities into applications for Windows clients. A beta of Windows Rights
Management Services will be made public next week.