This article introduces you to a simple, easy to use, free, and good security software, which belongs to the role of 1 Deployment Overview 2 Introduction to Principles and Architectures
Server system, that is ADRMS Microsoft Document Security Management Service (RMS): Right Management Service, which is mainly used for encryption and permission control of office documents. For example, when opening these documents, there is an additional authentication process, which means that there is a security for these documents. Very good control, the only regret is that RMS and Windows
Live ID integration function has been closed due to an unsolvable problem. [Text] RMS was originally introduced from Windows Server 2003. In 2003, the system used RMS to be installed separately. Starting with Windows Server 2008, the RMS environment is integrated into AD, so RMS is also called ADRMS. ADRMS can support office applications as well as applications such as PDF.
The deployment of ADRMS has a basic operating environment. At the same time, when running ADRMS for management, it is clustered. Therefore, the RMS cluster will be deployed in the RMS deployment. The cluster contains two different ones. The server, which implements load balancing and redundancy, can generally be implemented by DNS polling. After building the RMS cluster environment, you can see how the end user uses the RMS runtime environment to control the permissions of the document. Even if the document is copied out, the permission settings for the document are still valid.
The RMS infrastructure is as follows: First, the office documents we open must support the RMS application. The RMS server must exist in the enterprise. In the case of opening the document, the user name and password are required. In fact, It is connected to the RMS server. Among them, the RMS permission configuration information is also saved in the database. Assuming the scenario is explained, it is easier to understand the working process: a. User name A is set in this infrastructure. User A uses RMS to save the encrypted document. You need to log in to the RMS with your own user. When you log in for the first time, RMS will be the user. A issues two certificates: the client certificate (CLC) and the rights user certificate (RAC). The information of the two certificates is saved to the RMS database and the client machine. At this point, User A can choose to specify the user to make specific access to the specified file. b. After user A is set and saved, the document processing process phase 1: the document will use a random key key (128 bits, AES encryption) to turn the document into ciphertext - this random key key will be RMS The server certificate SLC (which is a self-signed certificate generated by the certificate when it is created and configured) is encrypted. Phase 2: After completing the file encryption process, for the file, you need to make a permission access list, such as: which users can access, which users can print, and which users can copy. For this permission list, when the document is saved (the list also exists locally), the list will also be encrypted using the RMS server certificate SLC, except for the SLC, and the public key of the client certificate CLC is as described above. Encryption as a whole. After the encryption is completed, the information accessed is also in the file. The file saved by the end user is the same: the ciphertext and the encrypted key are also encrypted, and the access rights are also encrypted. c. After the file is propagated, User B gets the file and can see the file normally (because the document program supports RMS, so you can read the information and you can see that the file is encrypted)----you can then read the RMS server. The address (that is, the entry to find the license access) --- RMS server to view the access information of the file, because this information will also be stored in the database, so you can view this information through the database. User B also needs to enter the user name and password to log in when opening the document for the first time. When logging in, he will also have his own client certificate (CLC) and user certificate (RAC). After obtaining these certificates, he will request to open the document passed by user A, so Submit your own RAC (that is, personal user information) to the server. The RMS server first decrypts the access list: the list is compared with the user B who needs to open the document, and the user B is found in the list, and the file is decrypted. Then the decrypted part of the information is transmitted through the network (decryption before delivery, decryption and then encrypted with the RAC public key) to the RMS server, and finally to the user B's computer. After the delivery is completed, the private key of the RAC decrypts the file, and after decryption, the user B's own access rights can be obtained.
The students who first tasted Win8 will not find the shutdown button of Win8 for a while, although t
User response using Windows10 system, the system is activated, but the office in the system can not
in the activation win8 system error code 0X8007232B DNS name does not exist, the specific phenomenon
When watching a video using a browser, we will encounter such a thing, the Adobe Flash Player instal
Win7 users can upgrade to Win10 Preview via system update for only $30?
Win10 implements automatic shutdown through commands. No other software is required.
Windows 10 build 10149 mobile version to get started with multi-picture appreciation
How to increase the number of visitors shared by the printer in the win7 system?
Shock! Win10 official version is actually a semi-finished product
How to enter the Windows 8 system security mode
If you install the Windows 2003 operating system?
Win10 Preview 14257 Known Issues Win10 Preview 14257 Known Issues Daquan: Do not reset the computer
Where is the Win8.1 desktop IE icon? Win8.1 Desktop IE shortcut creation method
Add video compression for Win 2003
How to delete one win7 dual system? Windows7 dual system delete a method summary
How to turn off Windows Server 2003 security features
What can I do if I can't install CAD software in win7 Ultimate?
Windows 8 system set cleartype text tuner method
Win7 Ultimate solves software online problems by modifying system language and region
How does the Win10 system open the Guest guest account?
WinXP system can not access the Internet error code 105 countermeasures