Windows 7 Architectural and Internal Security Improvements - Rights Management Services

Windows Rights Management Services (RMS) is an information-protection technology that works with RMS-enabled applications to help safeguard digital information from unauthorized use both inside and outside your private network. RMS provides persistent usage policies (also known as usage rights and conditions) that remain with a file no matter where it goes. RMS persistently protects any binary format of data, so the usage rights remain with the information—even in transport—rather than merely residing on an organization’s network.

RMS works by encrypting documents and then providing decryption keys only to authorized users with an approved RMS client. To be approved, the RMS client must enforce the usage rights assigned to a document. For example, if the document owner has specified that the contents of the document should not be copied, forwarded, or printed, the RMS client will not allow the user to take these actions. In Windows Vista and Windows 7, RMS is now integrated with the XPS format. XPS is an open, cross-platform document format that helps customers effortlessly create, share, print, archive, and protect rich digital documents. With a print driver that outputs XPS, any application can produce XPS documents that can be protected with RMS. This basic functionality significantly broadens the range of information that can be protected by RMS.

The 2007 Microsoft Office system provides even deeper integration with RMS through new developments in Microsoft SharePoint. SharePoint administrators can set access policies for the SharePoint document libraries on a per-user basis that will be inherited by RMS policies. This means that users who have “view-only” rights to access the content will have that “view-only” access (no print, copy, or paste) enforced by RMS, even when the document has been removed from the SharePoint site. Enterprise customers can set usage policies that are enforced not only when the document is at rest, but also when the information is outside the direct control of the enterprise.

Although the RMS features are built into Windows Vista and Windows 7, they can be used only with a rights management infrastructure and an application that supports RMS, such as Microsoft Office. The RMS client can also be installed on Windows 2000 and later operating systems. For more information about how to use RMS, visit

Source of Information : Windows 7 Resource Kit 2009 Microsoft Press

No comments:

Cloud storage is for blocks too, not just files

One of the misconceptions about cloud storage is that it is only useful for storing files. This assumption comes from the popularity of file...