UNCLASSIFIED Matthew Bruce, Senior Solutions Consultant, Adobe Using Logic, Strategy, and DRM to Protect and Manage Content.

Slides:



Advertisements
Similar presentations
2011 NetIS Presentation The Complete ePublishing Platform Designed for the 21 st Century.
Advertisements

Symantec App Center 1 Silvester Drobnič
Access Control Chapter 3 Part 3 Pages 209 to 227.
The twenty-four/seven database Oracle Database Security David Yahalom Senior database consultant
Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
Secure Lync mobile Authentication
Meraki Mobile Device Management
2010/2011 NetIS™ Presentation The Complete ePublishing Platform Designed for the 21 st Century.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Digital Rights Management © Knowledge Books & Software, 2012.
Persistent Protection Using E-DRM Technology Jason Fasoo 06/18/2008.
Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Understanding Active Directory
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
FIT3105 Security and Identity Management Lecture 1.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.
1 © Copyright 2007 EMC Corporation. All rights reserved. EMC Documentum Information Rights Management EMC Content Management and Archiving.
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
Box User Days 1 – 2 april Box Enterprise Leuven –What? –Why? –How? Box Essentials –Adding content –Finding what you need.
Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.
Your storage on the ground; Your files in the cloud.
RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.
1 © Copyright 2008 EMC Corporation. All rights reserved. David Mendel Sr. Product Marketing Manager EMC Corporation June 2008 EMC Documentum Information.
Cosmos Security Feature Overview Product Planning Group Samsung IT Solutions Business 12 July 2010.
Secure Data Sharing What is it Where is it What is the Risk – Strategic > What Policy should be enforced > How can the process be Audited > Ongoing Process.
1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.
DEP350 Windows ® Rights Management (Part 1): Introduction, Concepts, And Technology Marco DeMello Group Program Manager Windows Trusted Platforms & Infrastructure.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
James Lewis and Simon Waight Office 365 security: everywhere you need it to be PRD33 1.
Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Go mobile. Stay in control. Craig Morris EMPOWER ENTERPRISE MOBILITY.
Your data, protected and under control wherever they go SealPath Enterprise – IRM
Short Customer Presentation September The Company  Storgrid delivers a secure software platform for creating secure file sync and sharing solutions.
EMS in action Hugh Simpson-Wells and Mark Riley 2016 Redmond Summit | Identity Without Boundaries
1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.
Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD
Managing Devices in the Enterprise: From EMS zero to Hero in only 60 minutes Ken Goossens Herman Arnedo Mahr.
Secure Connected Infrastructure
Secure your complete data lifecycle using Azure Information Protection
The time to address enterprise mobility is now
Contract Lifecycle Management In the Disruptive Age
Hotspot Shield Protect Your Online Identity
A Winning Combination !! and Good afternoon…
Deployment Planning Services
Azure RMS Deep Dive.
Power BI Security Best Practices
Secure your complete data lifecycle using Azure Information Protection
Rights Management Services (RMS)
9/14/2018 2:22 AM THR2026 Set up secure and efficient collaboration for your organization with Office 365 Joe Davies Senior Content Developer Brenda Carter.
Introduction to Soonr by ….
An Innovative Distributive Training and Information Platform
IoO Student Computer Facilities Bath Street Campus
With IvSign, Office 365 Users Can Digitally Sign Word Documents in the Cloud from Any Device Without Having to Install Any Digital Certificates OFFICE.
11/15/2018 3:42 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Access and Information Protection Product Overview October 2013
Microsoft Ignite NZ October 2016 SKYCITY, Auckland
ABOUT ME MY NAME IS DIOSDADO MACASAET OR DON
K!M SAA LOGICAL SECURITY Strong Adaptive Authentication
Protecting your data with Azure AD
4/9/2019 5:05 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS.
4/9/ :42 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Microsoft Data Insights Summit
worlds largest IT service provider
Presentation transcript:

UNCLASSIFIED Matthew Bruce, Senior Solutions Consultant, Adobe Using Logic, Strategy, and DRM to Protect and Manage Content

UNCLASSIFIED Agenda  Introduction  Digital Rights Management: Authentication / Authorization / Auditing  Why does DRM exist? …a brief history.  How does DRM Work?  Insider Threats / Hackers / Data Leakage and Spillage  Snowden and Manning  OPM Data Breach  AshleyMadison.com  Misuse of Sensitive Materials  Applying DRM  Conclusion

UNCLASSIFIED Introduction: Matthew Bruce  Solutions Consultant at Adobe Systems  20+ Years in DoD:  Intelligence Community (NSA, DIA)  DoD (Pentagon, DISA)  Army.mil, BrainLine.org, IASE.Disa.mil  SIGINT Analyst / CryptaAnalyst, US Army

UNCLASSIFIED Why does DRM exist? …a brief history. Digital Millennium Copyright Act (DMCA) Music Industry Movie Industry Gaming Industry

UNCLASSIFIED ACL Digital Rights Management: Authentication / Authorization / Auditing CMS Shared Drive File System Data Repository Websites Media Storage Print Download Server Dedicated Networks Safes Mobile Screen Capture

UNCLASSIFIED Digital Rights Management: Authentication / Authorization / Auditing DRM: A set of technologies to protect and control content/data at rest and in motion. Document ID & Authenticated User  Read  Print  Modify  Validity Period  Accessibility  Revoke  Sign  Offline  Copy DRM Solution / System

UNCLASSIFIED Digital Rights Management: Authentication / Authorization / Auditing  Prove you are who you say you are:  PKI- CAC/PIV  LDAP/Active Directory  SSO  SAML  Kerberos  User Name Password  Invited User  Anonymous  Tie into Identity Manager

UNCLASSIFIED Digital Rights Management: Authentication / Authorization / Auditing  A DRM Server acts as a Policy Enforcement Point (PEP) and the Policy Decision Point (PDP)  Can pull from other services to determine authorization:  External Authorization Provider  Active Directory  Webservices  Database Lookup  A DRM server can act as the PEP and connect with an External Authorization Service Provider as the PDP Dynamically controlled by server One policy per document Can use external authorization provider Revocation: Policy level Document level Policy Uses: 1.Protection 2.Version Control 3.Tracking Only 4.Time-based Dynamically controlled by server One policy per document Can use external authorization provider Revocation: Policy level Document level Policy Uses: 1.Protection 2.Version Control 3.Tracking Only 4.Time-based

UNCLASSIFIED Digital Rights Management: Authentication / Authorization / Auditing

UNCLASSIFIED PKI User ID Employee # LDAP/AD Documents Downloads s Portals Devices NOUN (Notification Of Unusual Nuances) TimeUserEventPlace 07:001234TabletDC 08:001234TurnstileDC 08:151234LoginDC 08:301234Doc openOCONUS 08:311234Doc printOCONUS #events=50 Distance=far Credential=low assurance 3 As | Auditing: Correlation—Continuous Monitoring PEOPLE THINGS PLACES Rooms & Buildings IP address Subnets GeoIP

UNCLASSIFIED Insider Threats / Hackers / Data Leakage and Spillage Insider Threats: Snowden and Manning Both had access to sensitive content Both intentionally stole and distributed sensitive content Both had clearances Uncontrolled distribution of content is on-going… Repercussions are on-going…

UNCLASSIFIED Insider Threats / Hackers / Data Leakage and Spillage Hackers: OPM Data Breach Content not protected or encrypted Once content was stolen, no control over content Uncontrolled distribution of content is on-going… Repercussions are on-going…

UNCLASSIFIED Insider Threats / Hackers / Data Leakage and Spillage Hackers: AshleyMadison.com Content not protected or encrypted Once content was stolen, no control over content Uncontrolled distribution of content is on-going… Repercussions are on-going…

UNCLASSIFIED Insider Threats / Hackers / Data Leakage and Spillage General Misuse of Sensitive Content Content Leakage not intentional Misunderstood policy and common work-arounds Content not protected or encrypted Once content is stolen, no control over content Uncontrolled distribution of content is on-going… Repercussions are on-going…

UNCLASSIFIED Insider Threats / Hackers / Data Leakage and Spillage Network / System Security Content / Data at rest and in motion Security

UNCLASSIFIED Applying DRM: Evaluation Guide for Protection & Monitoring Recommended features to consider: Strong FIPS140 Suite B encryption (AES256) Cross-platform (Windows, Mac, iOS, Android) Multi-format (PDF, Office, CAD, custom) Ubiquitous Client Dynamic policy (change after publishing, including revocation) Continuous monitoring (advanced auditing) Automation ready (bulk automated encryption) Customization ready (client SDK, Server SPIs) Strong authentication sources (multi-domain LDAP, AD, SSO, PKI) Cloud-friendly (private and FedRAMP managed service)

UNCLASSIFIED Conclusion  Digital Rights Management: Authentication / Authorization / Auditing  Why does DRM exist? …a brief history.  How does DRM Work?  Insider Threats / Hackers / Data Leakage and Spillage  Snowden and Manning  OPM Data Breach  AshleyMadison.com  Misuse of Sensitive Materials  Applying DRM

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.