Persistent Protection Using E-DRM Technology
Jason Sohn @ Fasoo
06/18/2008
Executive Summary
• Strategic Value Proposition of Enterprise DRM (E-DRM)
– Protect your knowledge assets and client’s confidential information even from insiders and after the delivery
– Fully utilize your IT investments
– Take most out of your partners and clients
– Comply with regulatory compliances
Increased Risk of Losing Confidential Information
• The volume of documents shared explodes due to the successful adoption of document distribution/management systems
• Loss of data from insiders are increasing dramatically
Emergence of high
technology
Documents shared
Info
rmati
on
leak
E-mail, CMS, PDM, ERP etc.
Document leak is just a click away~
Are you protected?
• Existing security solutions are effective to protect from hackers (outsiders) but fail to prevent document leak by authorized users (insiders)
Authorized User
Authorized User
Unauthorized User
File-server Application Systems(CMS, KMS, etc.)
Unauthorized User
Unauthorized UserUnauthorized User
Partner
Hackers
Firewall, IDS, VPN, Date encryption, Authentication, ACL, PKI, …
A Glance at Enterprise DRM
• You can control document usages
E-DRM for Persistent Protection of Documents
• A solution that protects information persistently, even after it has been delivered, and it is strongly required in the market.
• E-DRM enables persistent control of document use
– Who and where (Device, Network address, …)
– How (View, Print, Print watermark, Edit, Copy/Paste, Screen capture, Revoke, …)
– When (Set period, How long, How many, …)
• E-DRM traces the log of document usages
• E-DRM covers all perimeters: PC, File-server, Application Systems, E-mail, FTP, CD/DVD/USB, Web, etc.
• E-DRM is the only systematic solution against document leak by the authorized users (solution for insider threat management).
Data Encryption Is Not Enough
• The encryption key needs to be delivered securely
• After decryption, the content is out of control. It can be used and forwarded freely
Content ContentEncrypted Content
Encryption Decryption
Key Management
Rendering Applications
Architecture Model of Enterprise DRM Technology
• Content use is governed by DRM Client according to the policy of DRM Server
• Key delivery is automated by DRM Server
Content Rendering Applications
DRM Packager
DRM Server
Metadata
Identifier
Metadata
Signature
Secure ContainerEncrypted Content
Policy
License
License
Metadata
Signature
Secure Container
Deployment @ S Group
• Ad-hoc DRM (Securing deliverable file w/o managing
– was deployed for all S Group companies’ E-mail systems since November, 2006
• Server DRM (ERM encryption @ download/upload from Apps)
– was deployed since May, 2002 for more than 50 S Group Companies and expected to complete for all S Group companies before 2008. (S Electronics, SDI, SDS, Life Insurance, Fire & Marine Insurance, Corning, Semiconductor, Electro Mechanics, Heavy Industries, Networks, Foundation, SERI, Card, Total, Fund, etc.)
• PC DRM (Enforce automatic ERM encryption from all PC)
– was deployed since December, 2006 for 3 S Group Companies and expected to complete for all S Group companies before 2009 (S Electronics, Life Insurance, Engineering, etc.)
Benefits @ S Group
• E-DRM systems
– are successfully deployed and running under S Group companies’ environment that has more than “300,000 active users, 1,000,000 total transactions and 100,000 file packaging transactions per day on average. Allowing S to have complete protection of their documents and application systems including MS Office, PDF, various CAD apps, PLM, KMS, CMS, Web Collaboration, etc. against both outsiders & insiders.
• S Group’s security infrastructure
– is now considered as a best practice benchmarking case to raise strategic value of organization by fully utilizing inter-organization communication, knowledge management and comply with regulations.
Strategic Value of E-DRM Technology
Inter-organization Communication
Knowledge Management Regulatory Compliance
Competitive
Advantage