![]() (Ref: How Azure RMS works - Azure Information Protection | Microsoft Docs ) Initializing the Environment This is common across all encryption key types using MSIPC clients. The following section provides an overview of how a client initiates the environment for users to begin protecting and consuming sensitive data. For more details, refer to Azure Information Protection (AIP) labeling, classification, and protection | Microsoft Docs The document metadata is not encrypted nor protected. The encrypted policy and content key are embedded into the document itself and persist through editions of the document. The content key is protected, together with the policy in the document that defines access to the content, with the tenant’s RSA key.Content keys are symmetric keys, they are used to encrypt the content itself (the plaintext).This tenant key is common to all emails and files protected by MIP and can be changed only by the MIP administrator for the tenant.The tenant key is used to encrypt other keys that in turn are used to supply protection to emails and files & provides access to users.In other words, content encrypted with MIP in a tenant, roots to the tenant key that was active at the time the content was protected. A tenant key is the root encryption key tied to a tenant.Asymmetric RSA (Rivest Shamir Adleman) algorithm with a 2048 bit ‘key’ is used to encrypt the symmetric key and thus ensure secrecy of the content. ![]() keys are used depending on the type of content.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |