Become a Member My Atlas
Insights
Training
Advisory & Negotiation
Free Resources
About
Contact Us
Search
Become a Member

Updated: July 11, 2020 (November 12, 2007)

  Charts & Illustrations

Protecting Content with RMS

My Atlas / Charts & Illustrations

378 wordsTime to read: 2 min
Rob Helm by
Rob Helm
Rob Helm by
Rob Helm

As managing vice president, Rob Helm covers Microsoft collaboration and content management. His 25-plus years of experience analyzing Microsoft’s technology... more

Rights Management Services (RMS) uses encryption to protect content from unauthorized users. Shown here is a simplified view of an RMS system where the sender of an e-mail message (top) protects that message so it’s accessible only by another RMS user, the intended receiver (bottom).

The major components of the system are as follows:

RMS-enabled applications such as Outlook work with RMS to encrypt and decrypt protected content and enforce restrictions placed on the content (e.g., “do not forward”).

RMS servers distribute content encryption keys in the form of licenses. RMS servers also issue digital certificates to authenticate users, devices, applications, and other participants in the RMS system so that documents can be decrypted and opened only by authorized participants.

Active Directory is typically used to authenticate users and computers to RMS so that they can receive their RMS certificates initially.

An RMS client on each device manages communication between applications and RMS servers and protects secret keys in a lockbox component.

Atlas Members have full access

Get access to this and thousands of other unbiased analyses, roadmaps, decision kits, infographics, reference guides, and more, all included with membership. Comprehensive access to the most in-depth and unbiased expertise for Microsoft enterprise decision-making is waiting.

Membership Options

Already have an account? Login Now