Windows Rights Management Service: not ready for prime time
I recently spent a while experimenting with the digital rights management
technology that's built into Microsoft Office 2003. This is a combination of
Office's own Integrated Rights Management (IRM) layer, plus Windows
Rights Managment Service (RMS), a free add-on to Windows Server 2003. If you
want to play along at home, you'll also need to have the Windows
Rights Management Client Software installed on each PC where you'll be using
Setup is a bit tedious, but not especially difficult (though don't bother
trying to test the client software inside a VMware or VirtualPC virtual machine;
it won't work). Once you have all the bits talking to each other, you can choose
to place any Word, Excel, or PowerPoint document under IRM control. This lets
you specify which users on your network should be able to read the document, and
which ones should be able to edit it (there are also provisions for working with
users outside of your network, as well as for limiting the distribution of
It's all based in a fairly elegant scheme of public keys and encryption. If
you're interested in the finer details, take a look at the Technical
Overview of Windows RMS white paper. There's also an SDK
so that you can tie your own applications into this scheme.
But honestly, I'd say don't bother just yet. The problem is that the PC and
Windows architectures are just too open for this stuff to represent much more
than a false sense of security at the moment. For example, IRM works as
advertised to keep a user from editing or copying a protected document. This
seems like the ideal way to keep company-confidential stuff from leaking.
Except...it only took me thirty seconds to fire up a screen-capture utility and
get my own copy of a document that way. Add in some OCR, and you'd have a nice,
editable copy of the original, protected or not.
Some of this will be mitigated by Microsoft's Next-Generation
Secure Computing Base (formerly known as "Palladium"), if it ever comes to
pass. In that environment, it should be possible for an application to prevent
the screen-capture scenario from succeeding. But even then, don't be too
convinced by the siren song of digital rights management. Show me a document on
screen, take your eyes off me for a moment...and I'll take out a digital camera
and get my own copy.
What is the lesson for developers? Some problems really are not the sort of thing
that we can solve purely by writing code. For rights management schemes to work,
we'll need to put together code, legislation, and best practices in physical
security, to say the least. When software bumps up against the real world, be
prepared to get your nose bruised.
Mike Gunderloy has been developing software for a quarter-century now, and writing about it for nearly as long. He walked away from a .NET development career in 2006 and has been a happy Rails user ever since. Mike blogs at A Fresh Cup.