October 28th, 2004 06:27 AM
I'm creating documents in word and excel which contains certain diagrams and information. I want to give maximum security to that document. The security requirements are:
a) The document should not be copied
b) should not be emailed (like save and send mail)
c) should not be saved as a new document
d) within the document the copy and paste commands should not work (ie) no one should copy the contents and paste it in another document
e) No one should print the document.
I have taken Adobe Acrobat Writer version 6.0 to convert the document into a pdf. Perhaps I could address certain security requirements said above. The addressed requirements are c,d and e of above.
Some of the vulnerabilities:
a) Using Printscreen a person can take a snapshot of the screen.
b) Using Faxviewer the document could be taken a snapshot and sent.
Can anyone suggest some ways/software to maximise the security for the document.
October 28th, 2004 07:18 AM
Will the public be able to read this document, or only certain people?
If it is only certain people, then try PGP. You can encrypt a file with a password, or with keys, which are very strong.
October 28th, 2004 02:19 PM
If a document is show on a computer screen, it can be take a picture of the screen using a digital camera. Using encryption software (Even a basic ZIP Encryption) would help you.
October 28th, 2004 03:01 PM
What your talking about, is going to be extremely hard to do...After all like SDK said, how do you prevent someone from using a digital camera to just capture the screen? Preventing copy and paste commands, file coping, preventing emailing, all these things can be prevented by hooking into the OS and stopping them. Try looking into the WIN32 API hook function if you dont mind doing some programming. There's also certain permissions and rights that have to do with ACL's and SAM's you can play with to get your result. Try researching NTFS object security. But, still ultimately the document will never complete satisfy the criteria your requesting because of the camera thing. If you intend on only distributing the document to a LAN that you administer, a 'deny all' policy, except the applications and events you choose to permit might help too.
We are a generation without a middle. We have no great war or depression. Our war is a spiritual one, our depression is our lives. We were all raised to believe that we\'ll all be millionaires and rockstars - But we won\'t.
And we are slowly learning this fact...And we are VERY pissed off about it!
October 29th, 2004 07:22 AM
Thanks friends for your inputs.
October 29th, 2004 07:49 AM
I have converted the document into pdf and I have achieved the security requirements specified in my last post except restricting someone from copying the file. With NTFS, Copying couldn't be controlled. What shall be done in this front?
October 29th, 2004 08:40 AM
Have you looked into Windows Rights Management Services.... I don't know what you setup is or anything like that... but it's a rather valid setup... There was a blurb about it in the latest (October) Windows IT Pro mag and it seems like it'd be rather useful for some corporations.. It does exactly what you want, including restricting emailing and copying... Users that do have access can have timed access so that it'll expire after a certain amount of time and so on....
Anyways check it out @ http://www.microsoft.com/windowsserv...erview/rm.mspx
IT Blog: .:Computer Defense:.
(Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".
October 29th, 2004 03:12 PM
I agree to HTRegz. With regard to Windows Rights Management Services(RMS), there should be client and server versions of the software. The client PC should be installed with the client version of RMS. Also it works only in the latest versions. I need to upgrade all the earlier versions of windows installed in my computer lab. With the existing Windows 2000, XP versions is there any possibility? My office version ranges from 2000 to 2003.