is used to decrypt it. For further information on cryptography, a good reference is the book Applied Cryptography 1by Bruce Schneier.FIPSThe <strong>IRM</strong> Server, starting with Version 4.6, is compliant with Federal Information Processing Standards 140-2(hereafter referred to as FIPS). As part of being compliant, the <strong>IRM</strong> Server uses the FIPS certified cryptographiclibrary, RSA BSAFE® Crypto-C Micro Edition via the RSA BSAFE Micro Edition Suite (MES).With Version 4.6 – 4.7, new instances created using the <strong>IRM</strong> Server operate in FIPS mode (also true for newinstances on an upgraded <strong>IRM</strong> Server). As of Version 5.0, the administrator has a choice of whether tocreate/upgrade the instance to FIPS mode. For backwards compatibility, any <strong>IRM</strong> Server instance upgraded to V4.6does not operate in FIPS mode. As stated, an <strong>IRM</strong> Server instance in FIPS mode uses only the RSA Micro EditionSuite cryptographic library. In non-FIPS mode, the <strong>IRM</strong> Server instance uses an earlier version of the RSA BSAFEcryptographic library.Besides the cryptographic library used, here are the main differences in the operation of an <strong>IRM</strong> Server instance inFIPS mode as opposed to an instance in non-FIPS mode:•A non-FIPS <strong>IRM</strong> Server instance allows the user to select Secure Socket Layer (SSL) to connect to theLDAP directory server. A FIPS <strong>IRM</strong> Server instance requires TLS to communicate with the LDAP directory server.•A FIPS <strong>IRM</strong> Server instance communicates to the <strong>IRM</strong> clients using TLS V1.0. An <strong>IRM</strong> Server in non-FIPS mode uses SSL V3.0. During an initial connection, the <strong>IRM</strong> client may try one protocol then the other toconnect to the <strong>IRM</strong> Server. The <strong>IRM</strong> client may already know which protocol to use if the client has previouslyconnected to the <strong>IRM</strong> Server or is connecting to an <strong>IRM</strong> Server as part of the process of opening protected content.•<strong>IRM</strong> clients can open content protected by <strong>IRM</strong> Server instances in FIPS mode, as well as contentprotected by <strong>IRM</strong> Servers in non-FIPS mode. However, the <strong>IRM</strong> client is not allowed to open protected contentfrom a FIPS mode <strong>IRM</strong> server while protected content from a non-FIPS <strong>IRM</strong> Server is opened, and vice versa.An <strong>IRM</strong> Server in FIPS mode and the <strong>IRM</strong> clients that support FIPS can be part of a FIPS compliant environment.Setting up a FIPS compliant environment is beyond the scope of this document, but you can find information aboutFIPS and the RSA MES product at the RSA and Federal government websites:•http://www.rsa.com•http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2007.htm#828•http://csrc.nist.gov/groups/STM/cavp/1 ISBN 0-471-11709-9Overview of Technical Architecture Page 8
Separation of Keys and ContentMany systems that strive to extend control over information after it has been distributed have adopted an approachin which encrypted key vouchers are granted to users once they have authenticated or performed an operation suchas paying for the content. These systems encrypt the policy options and keys in a voucher that is stored on therecipient‘s system. The viewing client implements a secret algorithm to decrypt the voucher, pull out the keys, andthen decrypt the content and enforce the policy. One drawback to these systems is that a nefarious user can executeoff-line attacks to discover the secret algorithm. Once such a user has discovered this algorithm, he can generate anddistribute his own application that will crack all content protected with this scheme. There have been severalexamples of this happening. The other drawback to this approach is that once the voucher is provided to therecipient, there is no reliable way to modify or revoke his or her access. The recipient can always make a copy of thestate of the system and reproduce that state at a future time when they want to access the information.The <strong>IRM</strong> system takes a different approach. Keeping key and policy information on the <strong>IRM</strong> Server prevents offlineattacks. Furthermore, you do not need to rely on a secret algorithm for securing a voucher. Also in the <strong>IRM</strong>scheme, all time-based decisions are made based on the <strong>IRM</strong> Server‘s clock (as opposed to the local client clock),which is not subject to manipulation by a malicious user.Persistent Security & ControlUsers may e-mail, rename, and even make copies of a protected document. The information in each rendition is stillprotected. Should the information owner decide to change use permissions on protected content, all copies of theprotected content are affected. For example, the information owner can take away viewing permissions on adocument after it has been e-mailed to multiple users and stored on their PCs.Let‘s look at an example. You send out a sales document to a number of people, then later discover a critical error.In the meantime, that document has been edited, renamed and sent to even more people. As the information owner,you can revoke access permissions, at which point none of the recipients will be able to open any copy. You couldthen distribute an updated copy.Here‘s another example. You protect sensitive legal information in a document and send it to business partners andselect internal employees. At one point, you are no longer business partners with one particular company. You canrevoke access for the users in that particular company alone. All other users still have access.Time HandlingAll time-based decisions are made based on the <strong>IRM</strong> Server‘s clock as opposed to the local client clock. Theexception to this is when offline access permission is granted. This is where a user is granted the permission to viewprotected content while unable to connect to the <strong>IRM</strong> Server. Since offline access is granted for a limited amount oftime (e.g., 3 days), the client machine‘s clock is used to determine when the document was opened offline.However, should malicious users change the clock‘s time on their computer once they start working offline to gainadditional time, they invalidate all offline access permissions.Should an information owner wish to view the activity log, all times are based on the server clock but displayed inthe client‘s time zone.System ComponentsLet‘s take a closer look at the components within the <strong>IRM</strong> architecture.<strong>IRM</strong> ServerThe <strong>IRM</strong> Server is a service that accepts connections from various clients, authenticates users, and managesauthorization to, and dissemination of, encryption keys and policies for protected content. The system ensures thatOverview of Technical Architecture Page 9