Microsoft Offers Companies New Ways to Keep Secrets

R. A. Hettinga rah at shipwright.com
Mon Feb 24 18:28:10 EST 2003 

"We're from Microsoft, and..."

--------
Cheers,
RAH



http://online.wsj.com/article_print/0,,SB1046036499817775743,00.html

February 24, 2003 

Microsoft Offers Companies 
New Ways to Keep Secrets 

By DON CLARK 
Staff Reporter of THE WALL STREET JOURNAL 

Microsoft Corp. wants to help companies control access to sensitive documents. But the idea might not be welcome to corporate watchdogs. 

The Redmond, Wash., software company Friday described new technology that can be used to create programs that can enforce a range of policies against unauthorized disclosure of information. Among other things, companies or government agencies could set restrictions on what documents or text could be copied, forwarded in e-mail, printed or viewed as Web pages. 

Microsoft's technology, called Windows Rights Management Services, will use a forthcoming operating system called Windows Server 2003 and be included in a version of the Office suite of desktop programs, due in the second half of the year. The company plans to distribute tools in the second quarter to help other software developers update their products to add the security features. 

Microsoft officials said the technology was prompted by customers who worry about the ease with which employees can leak sensitive material such as business plans, new product specifications or classified information. 

"The benefit of the Internet is faster communication with authorized people," said Mike Nash, corporate vice president in Microsoft's security business unit. "The risk is accidental or deliberate disclosure of data that is company-confidential." 

The technology can effectively revoke the ability of employees to view documents, even after they have been transferred outside a company. That feature would work by requiring recipients of a sensitive file to log on to a server at regular intervals to renew rights to access it. If they are fired or resign from a company, they could no longer renew those rights, which would expire. 

Some public-policy groups aren't enthusiastic. They argue that the technology could make it harder for employees to provide evidence of corporate wrongdoing to journalists or government regulators. 

"It's clear that corporations might see it as valuable," said Seth Schoen, staff technologist at the Electronic Frontier Foundation, a civil-liberties group based in San Francisco. "It's not necessarily clear that it would be good for the public." 

An employee, for example, might be ordered to do something illegal in an e-mail that effectively self-destructs. "If the person doesn't do the thing, he can be fired," Mr. Schoen said. "If he wants to prove the boss had asked him to do something illegal, there is no record of it." 

Companies clearly have the legal right to control access to their information and computer networks, just as they might limit how employees use photocopying machines, Mr. Nash said. Microsoft is just trying to give them better tools to do so, he said. 

It is not the only one. Liquid Machines, a start-up in Lexington, Mass., last week demonstrated its own software for controlling access to documents that it expects to deliver at the end of May. While Microsoft's plans require customers to install new versions of application programs, Liquid Machines' technology can protect existing applications, including products that aren't based on Windows, said Jim Schoonmaker, its chief executive officer. 

Most such electronic locks can be evaded. An employee could use a camera to take a picture of a document on a screen, for example. Microsoft could make it harder for programmers to side-step its document-protection plan by exploiting another Microsoft-proposed technology, originally code-named Palladium, that uses chips to wall off portions of a computer's hard drive so some programs can't be easily modified, Mr. Schoen of the EFF noted. 

-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list