HOME

TheInfoList



Click Here for Items Related To - Information Rights Management
OR:
Information Rights Management on:   [Wikipedia]   [Google]   [Amazon]

Information rights management (IRM) is a subset of
digital rights management Digital rights management (DRM) is the management of legal access to digital content. Various tools or technological protection measures (TPM) such as access control technologies can restrict the use of proprietary hardware and copyrighted work ...
(DRM), technologies that protect sensitive information from unauthorized access. It is sometimes referred to as E-DRM or Enterprise Digital Rights Management. This can cause confusion, because
digital rights management Digital rights management (DRM) is the management of legal access to digital content. Various tools or technological protection measures (TPM) such as access control technologies can restrict the use of proprietary hardware and copyrighted work ...
(DRM) technologies are typically associated with business-to-consumer systems designed to protect
rich media Interactive media normally refers to products and services on digital computer-based systems which respond to the user's actions by presenting content such as text, moving image, animation, video and audio. Since its early conception, various ...
such as music and video. IRM is a technology which allows for information (mostly in the form of documents) to be ‘remote controlled’. This means that information and its control can now be separately created, viewed, edited and distributed. A true IRM system is typically used to protect information in a business-to-business model, such as financial data, intellectual property and executive communications. IRM currently applies mainly to documents and emails.


Features

IRM technologies typically have a number of features that allow an owner to control, manage and secure information from unwanted access.


Information encryption

Information rights management solutions use
encryption In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can d ...
to prevent unauthorized access. A key or password can be used to control access to the encrypted data.


Permissions management

Once a document is encrypted against unauthorized users, an IRM user can apply certain access permissions that permit or deny a user from taking certain actions on a piece of information. Some of these standard permissions are included below. * Strong in use protection, such as controlling copy & paste, preventing
screenshot screenshot (also known as screen capture or screen grab) is a digital image that shows the contents of a computer display. A screenshot is created by the operating system or software running on the device powering the display. Additionally, s ...
s, printing, editing. * A rights model/policy which allows for easy mapping of business classifications to information. * Offline use allowing for users to create/access IRM sealed documents without needing network access for certain periods of time. * Full auditing of both access to documents as well as changes to the rights/policy by business users. It also allows users to change or revoke access permissions without sharing the document again.


Examples

An example of IRM in use would be to secure a sensitive engineering document being distributed in an environment where the document's recipients could not necessarily be trusted. Alternatively, an e-mail could be secured with IRM. If an email is accidentally forwarded to an untrusted party, only authorized users can gain access. A well designed IRM system will not limit the ability for information to be shared. Rules are enforced only when people attempt to gain access. This is important as often people share sensitive information with users who should legitimately have access but don't. Technology must facilitate control over sensitive information in such a situation. IRM is far more secure than shared secret
password A password, sometimes called a passcode (for example in Apple devices), is secret data, typically a string of characters, usually used to confirm a user's identity. Traditionally, passwords were expected to be memorized, but the large number of ...
s. Key management is used to protect the information whilst it is at rest on a
hard disk A hard disk drive (HDD), hard disk, hard drive, or fixed disk is an electro-mechanical data storage device that stores and retrieves digital data using magnetic storage with one or more rigid rapidly rotating platters coated with magn ...
,
network drive In computing, a file server (or fileserver) is a computer attached to a network that provides a location for shared disk access, i.e. storage of computer files (such as text, image, sound, video) that can be accessed by the workstations that are ab ...
or other storage device. IRM continues to protect and control access to the document when it is in use. Functionality such as preventing screen shots, disallowing the copying of data from the secure document to an insecure environment and guarding the information from programmatic attack, are key elements of an effective IRM solution.


Naming conventions

Information rights management is also known by the following names: * Enterprise Rights Management * Enterprise DRM or Enterprise Digital Rights Management * Document Rights Management * Intelligent Rights Management


See also

* Digital rights management *
Always-on DRM Always-on DRM or always-online DRM is a form of DRM that requires a consumer to remain connected to a server, especially through an internet connection, to use a particular product. The practice is also referred to as persistent online authentica ...
*
Copyright infringement Copyright infringement (at times referred to as piracy) is the use of works protected by copyright without permission for a usage where such permission is required, thereby infringing certain exclusive rights granted to the copyright holder, s ...
*
Encryption In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can de ...
*
Advanced Encryption Standard The Advanced Encryption Standard (AES), also known by its original name Rijndael (), is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001. AES is a varian ...
*
Rpmsg An rpmsg file is a restricted-permission message with an extension of rpmsg. It is used to implement Information Rights Management, IRM for Outlook messages with the aim of controlling access to content via encryption and access controls, and re ...


References

{{reflist Digital rights management