Creating and Implementing MS Office Security

摘要

The preeminence of MS Office in terms of functionality arrived with Office 95. That version was sufficiently functional to perform most desktop office processing and management tasks. However, its then-new document structures based on an object data model since used in all future versions created the security lapses addressed in this article. Feature and functional advances since Office 95 clearly have value, but are increasingly aimed at workflow efficiency and integration; Microsoft Corporation is positioning Office as a platform for delivery of new services within a collaborative environment. Although security is a stated strategic objective for Microsoft, a lack of fundamental data security undermines all of its products. As such, MS Office represents a critical commercial off-the-shelf (COTS) platform, albeit with a significant inherent risk because of workflows and object data model design flaws.