AuthenticationWorld.com
The business of authentication
- Authentication Categories
- Password Authentication
- Single Sign On Authentication
- Access Control Authentication
- Authentication - Enterprise Security
- Authentication Strength
- Authentication Transaction
- Authentication Management
- User Authentication
- Authentication Federation
- Authentication-Biometric
- PKI Authentication
- Token Authentication
- Wireless Authentication
- Document Authentication
- Authentication -Outsourcing
Authentication - Document Management
In the past, document management usually meant version control over documents within an enterprise, who could create, read and edit them and if there was any document protection over them. This all worked relatively well within the enterprise. Then along came the internet, extranets, B2B's, third party outsourcing and open standards based protocols.
Today, the document management industry is at the beginnings of a crossroad. Enterprises need a way to provide digital rights management to a wide variety of documents which are transiting between many enterprises. The old way of doing document management isn't working as well since you need the document management client software that the enterprise you're receiving the documents from in order to determine and manage document access.
The challenge is made even greater by the emergence of web services. Web services use XML as the document transfer mechanism between disparate applications, networks and databases. The existing web services protocols, commonly referred to as WS*, are not fined grained enough to determine things like version control, who can create the documents, open the documents, etc.
The challenge to a modern enterprise is how to then manage documents, within their enterprise, between enterprises and between the enterprise and their business partners. From an authentication perspective, how is the document protected, especially outside the enterprise, ensuring that the identities trying to open it are those identities according to the level of risk?
Existing MS Office document protection is easily bypassed. The use of id and passwords is often easily broken in three minutes or less by several, commercially available, legal, online services. The proposed Microsoft Information Rights Service, while offering more document protection from an encryption perspective, does NOT work well outside the enterprise when documents are passed back and forth.
There are some potential bright lights on the horizon. Adobe has launched in 2005 Adobe Livecycle. This is a digital rights management scheme that applies to PDF and CAD documents. It enables the enterprise the ability to set the authentication strength required, based on risk, to open the document. For example, no risk documents would be open without any authentication, low risk documents may require password while high risk documents may require id, password, digital cert and a biometric in order to open.
Livecycle also enables the use of XML, the use of digital signatures and document workflow approvals. However, there are also some limitations. For example, the documents must be converted to PDF format. This precludes the use of MS Office documents unless they are converted to PDF. While this is relatively easy to do, it does not enable good document management protection in the creating software.
Then there is the limitation of having to set separate document management policies in a silo which is separate from the identity management systems, which is separate from the network security policies. Finally, there are no open standards allowing for widespread interaction between different document management vendors products.
What the enterprise needs now is the ability to easily interoperate between different document management vendors as well as the ability to integrate the document management products seamlessly with the identity management products the enterprise is using to set authentication, authorization and audit for identities and web services. Without this, the enterprise is forced to run independent management silos and jury-rig enterprise to enterprise document management solutions.
Authentication-Outsourcing
Password Authentication Single Sign On Authentication Access Control Authentication Authentication-Enterprise Security Authentication Strength Authentication Transaction
Authentication Management User Authentication Authentication Federation Biometric Authentication PKI Authentication Token Authentication Wireless Authentication Document Authentication Authentication - Outsourcing
