Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The RMS: Client-to-Server Protocol provides support for information protection through content encryption and fine-grained policy definition and enforcement. In doing so, the RMS: Client-to-Server Protocol enables end users to create and access protected information. This specification defines the RMS: Client-to-Server Protocol, which is a SOAP-based protocol that uses HTTP 1.1 as its transport.
Figure 1: Rights management roles
The Rights Management Services (RMS) system involves four active entities: the creator, the consumer, the server, and the cloud service.
The server is required to undergo a bootstrapping process to begin functioning in the RMS system. This process results in a signed server licensor certificate (SLC) for the server. In RMS 1.0, RMS 1.0 SP1, and RMS 1.0 SP2 servers, this operation involves contacting the cloud service. In RMS 2.0, this operation is done entirely offline. The creator and consumer contact the server for a bootstrapping process to acquire the RMS account certificate (RAC) and client licensor certificate (CLC) that are necessary to participate in the RMS system.
The creator builds a document and chooses an access policy for that document, either by creating it directly or by using a rights policy template to apply a predefined access policy. The creator then encrypts the document using a randomly generated content key and binds both this key and the access policy to that document in the form of a Publishing License (PL).
The consumer, upon receiving the document from the creator and opening it, supplies the server with the PL and the RMS account certificate (RAC) that was acquired during bootstrapping. If the consumer is allowed access according to the access policy in the PL, the server issues the consumer a use license (UL) that specifies the access policy for the consumer and binds the content decryption key to the consumer's RAC. The RAC key is encrypted by the key of a trusted software module called the security processor. When the consumer attempts to access the document, the security processor decides whether the requesting application on the consumer machine is capable of enforcing the access policy. If so, it supplies plain text of the document to the application along with the policy that the application is to enforce. If not, access to the content is denied.
A client can play the role of a creator, a consumer, or both, depending on implementation. The client is responsible for requesting certificates, licenses, and policies from the server. It is further responsible for enforcing authorization policies as they apply to protected information and encrypting or decrypting content as appropriate. The RMS 2.0 client also acquires rights policy templates from an RMS 2.0 server.
The cloud service role in the RMS: Client-to-Server Protocol is responsible for providing enrollment services to RMS 1.0, RMS 1.0 SP1, and RMS 1.0 SP2 servers. Enrollment is a one-time bootstrapping process to begin functioning in the RMS system; the result of which is receiving a signed SLC for the server. RMS 2.0 servers perform self-enrollment and do not contact the cloud service. The cloud service also provides activation services to RMS 1.0 clients. This is accomplished by binding an encryption key pair to the machine by way of the security processor and its SPC. Activation in RMS 1.0 SP1, RMS 1.0 SP2, and RMS 2.0 is performed by the client without contacting the cloud service. The cloud service role is not used in RMS 2.0.
The server role in the RMS: Client-to-Server Protocol is responsible for issuing certifications, keys, and authorization policies, and for signing these issued certificates and policies with keys it holds in escrow. It is further responsible for evaluating and issuing authorization policies based upon identity credentials the client provides in protocol requests.
The RMS: Client-to-Server Protocol consists of a number of service endpoints, and each endpoint provides one or more remote procedures that are related in function to each other. The web server implementation identifies and services the endpoints, and the web server describes the endpoint's interface using the Web Services Description Language ([WSDL]), which is analogous to a COM IDL.
The remote procedures are called to:
Acquire or exchange certificates.
Request an authorization policy for protected information.
Author an authorization policy for protected information.
Discover information about the server or a user that is necessary for client operation.
Manage the server remotely.
The RMS: Client-to-Server Protocol is stateless, and the methods on the protocol can be called in any order.