On May 8, 2007, at 10:16 AM, Ali, Saqib wrote:

I was recently asked why not just deploy a Enterprise Right Management
solution instead of using various encryption tools to prevent data
leaks.

Any thoughts?

What problem are you trying to solve?

If you're dealing with a rights-management problem, such as how do you give someone a document that they can read on the screen but not print, you aren't going to solve that with a cryptosystem.

However, rights management systems have characteristics that are different.

Rights management systems work against polite attackers. They are useless against impolite attackers. Look at the way that entertainment rights management systems have been attacked.

The rights management system will be secure so long as no one wants to break them. There is tension between the desire to break it and the degree to which its users rely on it. At some point, this tension will snap and it's going to hurt the people who rely on it. A metaphor involving a rubber band and that smarting is likely apt.

One way this fails is the good old "analog hole." People can still take pictures of their screens.

Another way this fails is for people to rely upon rights management as a cover for sloppiness, anger, or mendacity. If you think you can revoke a message or send Mission Impossible documents, you will. Someday, someone on the receiving end will use the analog hole. Oops. Imagine the case where a tech support person tells off an obnoxious customer, who takes a picture of the screen.

Furthermore, there are subtle problems with rights-management and policy. Let's suppose that I run an organization that needs to archive documents. I therefore *must* reject documents that I cannot archive.

I have personally stuck more to having crypto be a form of access control (once you get to a document, you have it) than as use control because:

        * The former problem is hard enough
        * We know that DRM of any sort will untimately fail
        * Human nature will lead people to get into trouble *because* of
          rights management.

I think that the operational issue -- that rights management *cannot* work -- trumps everything else, and turns the social issues (if you can tell someone off and deny it, will you?) into -- into nothing other than a information bomb. You're going to end up looking like Wile E. Coyote, with a blackened face and stunned, blinking eyes.

        Jon

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to