I've been researching security of PDF's, and I'm a bit worried. PDF Locker, Elcomsoft PDF Recovery Software, code obfuscators.... the list of possibilities goes on and on.
It seems that my intellectual property is certainly going to be easy-pickin's for anyone with a modicum of software knowledge and more than passive curiosity.
It also seems that top level security of a PDF document is easily broken. But what about the next level, the PDF infrastructure? Is that secure?
PS. Please don't sugar coat it... if it's relatively easy to access, I'd like to know.
What do you mean by PDF infrastructure? I'm trying to learn a bit more about security myself and this is a term I've not come across. As far as completely shutting down a PDF, I'm not sure it's possible. We had some PDF's here at work that have been locked out by previous employees and I've always been able to find ways to use the previous content to update or recreate the forms. In my case it's a legitimate reason for circumventing security but everything I've seen to this point makes me think your PDF's will never be as secure as you'd like.
I've looked into trusted functions and the security settings available in Acrobat, other than that there doesn't seem to be any magic pill that would allow the form to be distributed and functional and still leave the form completely secure. Maybe Niall or Paul can shed some more light on this. Anything I could offer you could find in the help section.
There are three ways to encrypt (secure) PDF documents and forms. Here is a high level view of the differences...
1) Password based encryption (requires Acrobat, OR Designer OR LiveCycle ES to be applied to the document)
Not very secure, there are tools available on the internet that can crack password encryption
“Global” permissions, there is no way to assign different permission to different users
2) Encrypt with Certificates (requires Acrobat, OR LiveCycle ES to be applied to the document)
Encrypt for individual users
No support for “Groups”
Access to each user’s public key that you will be encrypting the document for is required
Protection is not dynamic
If permission changes are required the source must be re-encrypted
No way to revoke documents
Need a PKI, or some source of Digital Certificates
Certificates must have “Encryption” Key Usage2)
3) LiveCycle Rights Management ES (requires Acrobat, AND LiveCycle Rights Management ES to be applied to the document)
Encrypt for individual users and\or Groups
Protection is dynamic (controlled from server)
If permission changes are required the source need not be re-encrypted, thee changes can be made to the policy on the server
Protected documents can be revoked
By dynamic, I mean that changes to the document protection policy (i.e. user permissions (print, change, copy), user access to the document) can be changed on the server, and those changes are reflected in the document the next time it is opened, without havinbg to re-apply the policy or send out a new version of the protected document.
Rights Management offers "dynamic" protection. You can even "revoke" a document so it can no longer be opened by anyone (regardless of where the document is stored or how many copies of the document were destributed)
When you protect (encrypt) a document using digital certificates, there is no way to change the actual users or their permissions once they have been applied to the document. You have to create a new "version" of the protected document by taking the source and applying the certificate protection to it. There is also no way to revoke the original version of that protected document.
Does this clear things up?
Steve, yes thank you for your reply.
Paul: "If you put an Open password on the PDF then when a user tries to open the file in Designer they will be required to enter the password. Is this sufficient?"
It would be sufficient if it actually secures the document. That is what I'm writing about. There seem to be a lot of "utilities" (read: hacks) which disable the security of PDFs to varying degrees. I'm trying to ascertain if the efficacy of the built in security is sufficient.