register now | login     Search   
Newsletter Signup
Ask a Question

Ask us a question.




Access Resource Library
Email a Colleague

Email this page to a colleague.
Microsoft RMS

Microsoft

Dotted Line

Microsoft is the worldwide leader in software for personal and business computing. Microsoft strives to produce innovative products and services that meet customers' evolving needs. Its vision is to empower people...moreDotted Line

Other Profiles by This Partner

Dotted Line Microsoft Authenticode Dotted Line Microsoft ISA Server Dotted Line Microsoft Outlook Web Access Dotted Line Microsoft Windows Server 2003 Certificate Server Dotted Line

Profiles

Microsoft RMS

Windows Rights Management Services (RMS)

The nCipher nShield and netHSM hardware security modules (HSMs) are fully integrated with Microsoft’s Windows Rights Management Services. This integration of an nCipher HSM with RMS protects the critical cryptographic processes used throughout the Rights Management process. The joint implementation allows an enterprise to securely manage email, documents and Web based data, safeguarding digital information from unauthorized use—both online and offline, inside and outside of the firewall. Document authors can choose from a variety of usage rights to define exactly how the document recipient can use the information and for how long. They can define who can open, modify, print, forward and/or take other actions with the information.

Securing RMS with nCipher

Microsoft RMS uses an nCipher HSM to secure the Rights Management Server(s) root private key. The RMS enabled publishing application encrypts the document to be protected and binds it to to the Publishing License that defines the usage rights for that document. The use of encryption ensures the confidentiality of the document as it is distributed. Authorized recipients request a Use License from the RMS server after authenticating themselves. Once approved, a Use License is issued to the recipient, this License includes a document decryption key that only the approved recipient is able to extract. Armed with the decryption key, and after revalidating the current status of the recipient to ensure the user’s rights have not been revoked, the recipients RMS enabled application can access the document and allow the recipient to exercise the rights over the document that they have been granted.

It is effectively impossible to break the encryption algorithms applied to the document, therefore an attacker’s attention turns to stealing the cryptographic keys, spoofing a user’s identity or corrupting the rights issuance process. The nCipher HSM secures the critical private keys used within the RMS server(s). The nCipher security module establishes a tamper-resistant security boundary within the physical RMS server platform to isolate these keys and to provide a safe environment in which to perform sensitive cryptographic operations. The security capabilities of the nCipher HSM have been independently validated to the Federal Information Processing Standard (FIPS 140-2 Level 3) and the interoperability between the HSM and the RMS software has been successfully tested by Microsoft.

Microsoft Case Study

Deploying Windows Rights Management Services
at Microsoft (Microsoft TechNet)
Search |  Sitemap |  Privacy Policy |  Legal |  Investor Relations |  News & Events |  Contact
©1996-2008 nCipher Corporation Ltd. All rights reserved

nCipher protects critical enterprise data for many of the world's most security-conscious organizations
by being an industry leader in cryptography and data security, data encryption, enterprise pki,
digital signature software, timestamp, and other data protection solutions.