Become a Member My Atlas
Insights
Training
Advisory & Negotiation
Free Resources
About
Contact Us
Search
Become a Member

Updated: July 9, 2020 (February 4, 2008)

  Charts & Illustrations

Protecting Content with RMS

My Atlas / Charts & Illustrations

384 wordsTime to read: 2 min
Michael Cherry by
Michael Cherry
Michael Cherry by
Michael Cherry

Michael analyzed and wrote about Microsoft's operating systems, including the Windows client OS, as well as compliance and governance. Michael... more

Active Directory Rights Management Services (RMS) uses encryption to protect content from unauthorized users. Shown here is a simplified view of an RMS system in which the sender of an e-mail message (top) protects that message so that it is accessible only by another RMS user, the intended receiver (bottom).

The major components of the system are as follows:

RMS-enabled applications such as Outlook work with RMS to encrypt and decrypt protected content and enforce restrictions placed on the content (e.g., “do not forward”).

RMS servers distribute content encryption keys in the form of licenses. RMS servers also issue digital certificates to authenticate users, devices, applications, and other participants in the RMS system so that protected content can be decrypted and opened only by authorized participants.

Active Directory is typically used to authenticate users and computers to RMS so that they can receive their RMS certificates initially.

An RMS client on each device manages communication between applications and RMS servers, and protects secret keys in a lockbox component.

Atlas Members have full access

Get access to this and thousands of other unbiased analyses, roadmaps, decision kits, infographics, reference guides, and more, all included with membership. Comprehensive access to the most in-depth and unbiased expertise for Microsoft enterprise decision-making is waiting.

Membership Options

Already have an account? Login Now