PDF In-Depth

The Keys to Your Cottage: an overview of PDF document security

About the Author
 

Narayan Sainaney

Narayan Sainaney is President and CTO of Vitrium Systems, which offers a suite of Web based software to control document security. Narayan formerly worked on Acrobat, Pagemaker, Illustrator, and MS Office. He has 5 years of Digital Rights Management (DRM) experience and...  More


 

 
 

From its inception, the primary mandate of Adobe's Portable Document Format (PDF) has been to guarantee print fidelity irrespective of which application is used to create a document. PDF's principle goal is to ensure the widest possible distribution of documents, while only requiring readers to have minimal software in order to view and print them. PDF excels at maintaining usability through these aforementioned areas. While PDF excels at the above, Adobe's PDF security has been controversial since its inception in 1994.

Security experts expend a great deal of energy pointing out that Adobe's PDF security is weak and can be easily broken. Adobe has always claimed, however, that security should be provided by the PDF viewing application (such as Adobe Acrobat Reader) and is therefore not the responsibility of the file format itself. Adobe Acrobat Standard Security Handler's security relies upon viewing applications ensure that readers honor the wishes of the publisher. Since security is the role of the viewing application and not of the file format, PDF's core mandate remains print fidelity and portability; the problem is retaining this core mandate once security features come into play.

Security and usability are always at odds, though most security experts fail to point this out. When choosing security for a room, for example, one could choose either a door with a simple lock or a door with a complex series of locks, like the ones found on a vault. Both kinds of doors provide security but they differ in their degree of security and usability. One would not use a vault door to secure their tool shed just as one would not use a door with a simple lock to secure the back room of a bank. The same challenge applies to electronic document security.

Business decision makers need to strike a balance between usability and security - a balance that must be tailored to meet specific needs.

Key Management --The Keys to Your Cottage

Most documents on security address the issue of key management. In reference to electronic security, a key refers to a number that is required in order to decode data. For the sake of simplicity here, we will use the analogy of a physical key to a valuable asset, such as a cottage in the country, to clarify how electronic document keys are managed.

Suppose you live four hours from your cottage in the country and you have a friend who lives a further four hours away. You wish to let your friend stay at your cottage for the weekend. How do you plan to get the keys for your cottage to your friend? This problem is referred to as key exchange amongst security experts. There are a handful of options for exchanging keys; each has its benefits and disadvantages.

Key Exchange -- Handing over the keys: The "Secret Rock" Option

One option for key exchange is to hide a key under a rock near your cottage. All you would have to do is call your friend and inform him or her where to find it.

This is, by far, the most convenient option for you. From a security perspective, however, the secret rock option is quite vulnerable to attack. A potential thief would only have to repetitively search rocks near your cottage or hide in the bushes and watch while your friend looks for the key in order to know where to find the key in the future.




PDF In-Depth Free Product Trials Ubiquitous PDF

Debenu Quick PDF Library

Get products to market faster with this amazing PDF developer SDK. Over 900 functions and an equally...

Download free demo

Back to the past, 15 years ago! Open Publish 2002

Looking back to 2002, it's amazing how much of the prediction became a reality. Take a read and see what you think!

September 14, 2017
Platinum Sponsor





Search Planet PDF
more searching options...
Planet PDF Newsletter
Most Popular Articles
Featured Product

Debenu PDF Aerialist

The ultimate plug-in for Adobe Acrobat. Advanced splitting, merging, stamping, bookmarking, and link control. Take Acrobat to the next level.

Features

Adding a PDF Stamp Comment

OK, so you want to stamp your document. Maybe you need to give reviewers some advice about the document's status or sensitivity. This tip from author Ted Padova demonstrates how to add stamps with the Stamp Tool along with related comments.