Rights Management

The U.S. military has a neat euphemism: use control really means keeping unauthorized people from setting off nuclear weapons, accidentally or on purpose. The computing community has a similar term : rights management (RM). Depending on who you ask, RM either means preserving the ability of an information creator to control the use of that information, or it means an evil plot by nefarious corporate interests to prevent the use or dissemination of useful kinds of digital media.

The basic underpinnings of RM systems are simple: content creators get some way to include access controls in the objects they create (movies, e-mail messages, documents, and so on). Client applications or systems have some way to check what access controls are included and to decide whether or not the object can be used in various ways. The devil is in the details; different RM schemes have varying infrastructure requirements, and some allow for draconian controls that far exceed the legal limits on how information can be copied and distributed. On the surface, RM systems might not seem to have any connection to messaging, but one commonly requested capability is a way to prevent users from forwarding or copying sensitive messages; another is making messages that expire, becoming unreadable after a certain time. These are both RM features, and both are implemented (albeit simplistically) in Lotus Notes. Exchange Server 2003 doesn t provide any RM support, but the Microsoft Office System (notably Word, Excel, and Outlook) does, and Windows Server 2003 has a Rights Management Server (RMS) component that delivers the infrastructure to allow this. You ll be seeing RM mentioned in later chapters because it s often demanded in corporate environments.