Microsoft Windows Rights Management Services (RMS) 1.0 SP2 is an information protection technology that works with RMS-enabled applications to help safeguard digital information from unauthorized use—both online and offline, inside and outside a firewall. However, the TOE is restricted to use within a closed network environment that is not connected to the Internet.
\r\nRMS uses Windows Server 2003 features and security technologies, including encryption, certificates and authentication, to help organizations create information protection solutions. RMS provides protection of information through persistent usage policies, which remain with the information, no matter where it goes.
\r\nRMS is a set of web and operating system services designed to facilitate the management of rights-protected content. While the TOE doesn’t actually store any protected content, it generates certificates and licenses that can be used to encrypt content and enable access to those authorized to use the content. RMS provides the setup steps that enable trusted entities to use rights-protected information. It also handles administration functions.
\r\nThe TOE issues XML-based licenses that define usage rights and conditions to control access to encrypted data. The TOE is supported on Windows Server 2003 as its IT environment. Encrypted data usage rights and conditions that are defined within licenses identify individual authorized users who can view the information and how that information can be used and shared.
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Microsoft Windows Rights Management Services (RMS) 1.0 SP2 TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.3. The evaluation methodology used by the Evaluation Team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.3. Science Applications International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the product is the EAL4 family of assurance requirements, augmented with ALC_FLR.3 (Systematic flaw remediation). The product, when configured as specified in “Windows Rights Management Services (RMS) 1.0 with SP2 Security Configuration Guide”, satisfies all of the security functional requirements stated in the Microsoft Windows Rights Management Services (RMS) Security Target. A validation team on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in May 2007. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report, (report number CCEVS-VR-07-0057) prepared by CCEVS.
","environmental_strengths":"The evaluated configuration of the TOE comprises a Root Certification Server and, optionally, one or more Licensing Servers. The Microsoft-hosted RMS Enrollment Service is also included in the evaluated configuration.
\r\nMicrosoft Windows Rights Management Services (RMS) 1.0 SP2 supports the following security functions:
\r\n