Secure Product Creation Processes (SP²)
Term
2007 - 2009
Mission
Protecting intellectual property becomes more and more important in increasingly globally distributed development processes. While the outward protection of the IT infrastructure (Perimeter-Security) is highly developed, the delivery of confidential data to cooperation partners does generally still take place without any protection mechanisms. Once the data (e.g. CAD models) leaves the company, it is usually out of the owner’s control.
Enterprise Rights Management (ERM)
The focus of the group’s work is placed on the use of Enterprise Rights Management (ERM) for a secure data exchange. ERM allows data utilization to be controlled - only people who have explicit authorization are permitted to read, modify or save data. The challenge here is to create and establish an open approach that avoids the creation of stand-alone solutions and can be implemented throughout the industry. This requires a high level of harmonization between users and vendors to avoid competing approaches and the resulting "friction losses". In addition, in spite of the inherent complexity such an ERM system has to be user-friendly for users as well as administrators, in order not to fail because of lacking acceptance.
The challenges and solutions were described in a White Paper. Based on the results of a business case analysis a reference process and a reference architecture were specified and the legal implications of using ERM were examined.
Currently, focus is being placed on completing and refining the reference architecture and reference processes. These are then to be validated though pilot applications in the industry, which are currently under preparation. The insights gained by the group will be summarized in a ProSTEP iViP Recommendation and published in Q2/2010.
Products