Adobe LiveCycle (Archived)

DJ,

I admit "infrastructure" is a less than useful term. What I mean is the editable forms and subforms accessed through LC. How this form is structured and the underlying Javascript is the intellectual property I'd like to make sure stays secure, if possible.

Graham

I've looked into trusted functions and the security settings available in Acrobat, other than that there doesn't seem to be any magic pill that would allow the form to be distributed and functional and still leave the form completely secure. Maybe Niall or Paul can shed some more light on this. Anything I could offer you could find in the help section.

There are three ways to encrypt (secure) PDF documents and forms.  Here is a high level view of the differences...

1) Password based encryption (requires Acrobat, OR Designer OR LiveCycle ES to be applied to the document)
Not very secure, there are tools available on the internet that can crack password encryption
“Global” permissions, there is no way to assign different permission to different users

2) Encrypt with Certificates (requires Acrobat, OR LiveCycle ES to be applied to the document)
Encrypt for individual users
No support for “Groups”
Access to each user’s public key that you will be encrypting the document for is required
Protection is not dynamic
If permission changes are required the source must be re-encrypted
No way to revoke documents
Need a PKI, or some source of Digital Certificates
Certificates must have “Encryption” Key Usage2)

3)  LiveCycle Rights Management ES (requires Acrobat, AND LiveCycle Rights Management ES to be applied to the document)

Encrypt for individual users and\or Groups
Protection is dynamic (controlled from server)
If permission changes are required the source need not  be re-encrypted, thee changes can be made to the policy on the server
Protected documents can be revoked

Regards

Steve

SF,

Your second level sounds interesting to me.

What do you mean by" Protection is not dynamic"

Thanks,

Graham

It sounds to me like you are trying to protect your Javascript that is in the form. I do not know of a way to get it other than in Designer. If you put an Open password on the PDF then when a user tries to open the file in Designer they will be required to enter the password. Is this sufficient?

Paul

By dynamic, I mean that changes to the document protection policy (i.e. user permissions (print, change, copy), user access to the document) can be changed on the server, and those changes are reflected in the document the next time it is opened, without havinbg to re-apply the policy or send out a new version of the protected document.

Rights Management offers "dynamic" protection.  You can even "revoke" a document so it can no longer be opened by anyone (regardless of where the document is stored or how many copies of the document were destributed)

When you protect (encrypt) a document using digital certificates, there is no way to change the actual users or their permissions once they have been applied to the document.  You have to create a new "version" of the protected document by taking the source and applying the certificate protection to it.  There is also no way to revoke the original version of that protected document.

Does this clear things up?

Regards

Steve

Steve, yes thank you for your reply.

Paul: "If you put an Open password on the PDF then when a user tries to open the file in Designer they will be required to enter the password. Is this sufficient?"

It would be sufficient if it actually secures the document. That is what I'm writing about. There seem to be a lot of "utilities" (read: hacks) which disable the security of PDFs to varying degrees. I'm trying to ascertain if the efficacy of the built in security is sufficient.

Graham