Enterprise rights management (ERM) systems are typically used to ensure that information within an enterprise complies with high-level corporate policies. In many conventional enterprise rights management systems, protected content is encrypted with keys that are stored on policy servers that ensure that requests to access protected data comply with an enterprise's data-access policies before releasing keys to requesting clients.
Many client devices within ERM systems run on commodity operating systems that are vulnerable to attack. Unfortunately, a compromised client device may result in the leak or theft of both protected content and content keys. While the loss of protected content may be damaging, the loss or theft of a content key may result in devastating losses since a single key may be used to encrypt a considerable amount of content. As such, the instant disclosure identifies needs for systems and methods for protecting enterprise rights management keys from being compromised by vulnerable client devices.