Enterprise Right Management vs. Traditional Encryption Tools
Jon Callas
jon at callas.org
Wed May 9 15:48:49 EDT 2007
On May 8, 2007, at 10:16 AM, Ali, Saqib wrote:
> I was recently asked why not just deploy a Enterprise Right Management
> solution instead of using various encryption tools to prevent data
> leaks.
>
> Any thoughts?
What problem are you trying to solve?
If you're dealing with a rights-management problem, such as how do
you give someone a document that they can read on the screen but not
print, you aren't going to solve that with a cryptosystem.
However, rights management systems have characteristics that are
different.
Rights management systems work against polite attackers. They are
useless against impolite attackers. Look at the way that
entertainment rights management systems have been attacked.
The rights management system will be secure so long as no one wants
to break them. There is tension between the desire to break it and
the degree to which its users rely on it. At some point, this tension
will snap and it's going to hurt the people who rely on it. A
metaphor involving a rubber band and that smarting is likely apt.
One way this fails is the good old "analog hole." People can still
take pictures of their screens.
Another way this fails is for people to rely upon rights management
as a cover for sloppiness, anger, or mendacity. If you think you can
revoke a message or send Mission Impossible documents, you will.
Someday, someone on the receiving end will use the analog hole. Oops.
Imagine the case where a tech support person tells off an obnoxious
customer, who takes a picture of the screen.
Furthermore, there are subtle problems with rights-management and
policy. Let's suppose that I run an organization that needs to
archive documents. I therefore *must* reject documents that I cannot
archive.
I have personally stuck more to having crypto be a form of access
control (once you get to a document, you have it) than as use control
because:
* The former problem is hard enough
* We know that DRM of any sort will untimately fail
* Human nature will lead people to get into trouble *because* of
rights management.
I think that the operational issue -- that rights management *cannot*
work -- trumps everything else, and turns the social issues (if you
can tell someone off and deny it, will you?) into -- into nothing
other than a information bomb. You're going to end up looking like
Wile E. Coyote, with a blackened face and stunned, blinking eyes.
Jon
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list