Executive Summary
For creators of digital content—e-books, sensitive financial reports, or technical manuals—encryption is often seen as the ultimate solution. This is a dangerous misconception. Encryption only protects content *at rest*. The moment a valid user decrypts a file to view it, all protection is lost. A user can freely copy, print, screenshot, or re-distribute the now-plaintext content. This paper defines **True Information Rights Management (IRM)** as a system that manages permissions *during use*, not just during transit or storage, and details how FLS Fortress achieves this.
The Decryption Fallacy
Standard content delivery works like this: 1. The content (e.g., a PDF) is encrypted. 2. A valid user downloads the file. 3. Their viewer application uses a key (or their credentials) to decrypt the file. 4. The file is now open and in plaintext in the computer's memory.
At step 4, the publisher has lost all control. The user can print the document to a new "virtual" PDF, copy-paste the entire text into a new file, or simply take screenshots. The initial encryption has been defeated not by a hacker, but by a valid user exceeding their intended permissions.
True IRM: Controlling Permissions-in-Use
A true IRM solution understands that the threat isn't just interception; it's *misuse*. This requires a secure viewer or reader application that actively enforces a set of rules *while the user is interacting with the content*.
FLS Fortress provides this capability through our client library. When you build your e-book reader or document viewer with our library, you gain the power to enforce granular, server-defined policies.
The FLS Fortress IRM Policy
When you create a license policy in your Mission Control dashboard, you don't just define *if* a user can open a file; you define *how* they can use it. Our `IRMPolicy` allows you to control permissions on a per-license basis:
- Disable Printing: Prevent the user from printing the document, or allow only a single, watermarked "draft" copy.
- Disable Copy/Paste: Block clipboard access, stopping the user from easily lifting content.
- Enforce Dynamic Watermarking: Deter casual piracy by dynamically rendering the user's email, name, or license key as a watermark across the page. This makes users far less likely to share a screenshot that is directly attributable to them.
- Active Screenshot/Recording Defense: Our library can actively detect and block common screen-capture and recording software, protecting your high-value visual content.
Server-Authoritative, Offline-Capable
This is where the FLS Fortress architecture shines. These IRM rules are not hard-coded into your application. They are stored on our server and delivered to the client inside a secure, signed "blob" upon successful activation.
This means you can: 1. **Change Permissions Remotely:** Did a user refund their purchase? You can instantly revoke their license, and the next time their app connects, all permissions are gone. 2. **Support Offline Use:** The signed "blob" is stored securely on the user's device. They can continue to view their document offline, and the IRM rules (e.g., "no printing") will be enforced by the library *without* needing an internet connection. 3. **Enforce Time-Based Expiration:** A license for a textbook can be set to expire at the end of a semester. Even if the user's device is offline, the server-authoritative timestamp in the signed blob ensures the content will lock on the correct date.
Conclusion
Encryption is a lock. IRM is a security guard. A lock only stops someone from getting in; a guard monitors what they do once they are inside. FLS Fortress provides the active, intelligent guard your valuable content deserves.