News

Windows Rights Management Service: not ready for prime time

• By Mike Gunderloy
• March 4, 2004

I recently spent a while experimenting with the digital rights management technology that's built into Microsoft Office 2003. This is a combination of Office's own Integrated Rights Management (IRM) layer, plus Windows Rights Managment Service (RMS), a free add-on to Windows Server 2003. If you want to play along at home, you'll also need to have the Windows Rights Management Client Software installed on each PC where you'll be using this stuff.

Setup is a bit tedious, but not especially difficult (though don't bother trying to test the client software inside a VMware or VirtualPC virtual machine; it won't work). Once you have all the bits talking to each other, you can choose to place any Word, Excel, or PowerPoint document under IRM control. This lets you specify which users on your network should be able to read the document, and which ones should be able to edit it (there are also provisions for working with users outside of your network, as well as for limiting the distribution of e-mail messages.

It's all based in a fairly elegant scheme of public keys and encryption. If you're interested in the finer details, take a look at the Technical Overview of Windows RMS white paper. There's also an SDK so that you can tie your own applications into this scheme.

But honestly, I'd say don't bother just yet. The problem is that the PC and Windows architectures are just too open for this stuff to represent much more than a false sense of security at the moment. For example, IRM works as advertised to keep a user from editing or copying a protected document. This seems like the ideal way to keep company-confidential stuff from leaking. Except...it only took me thirty seconds to fire up a screen-capture utility and get my own copy of a document that way. Add in some OCR, and you'd have a nice, editable copy of the original, protected or not.

Some of this will be mitigated by Microsoft's Next-Generation Secure Computing Base (formerly known as "Palladium"), if it ever comes to pass. In that environment, it should be possible for an application to prevent the screen-capture scenario from succeeding. But even then, don't be too convinced by the siren song of digital rights management. Show me a document on screen, take your eyes off me for a moment...and I'll take out a digital camera and get my own copy.

What is the lesson for developers? Some problems really are not the sort of thing that we can solve purely by writing code. For rights management schemes to work, we'll need to put together code, legislation, and best practices in physical security, to say the least. When software bumps up against the real world, be prepared to get your nose bruised.