Expand my Community achievements bar.

Learn about Edge Delivery Services in upcoming GEM session

Schemes to limit document submissions

Avatar

Level 4

I'm building a form which simplifies the process of filling out multiple documents. At the root of this is a dynamic form the user fills out. The end product is a group of documents the user simply prints out.

As this is a for-profit strategy, licensing the usage of the service is important. To this point, I've been toying with the idea of having the user submit the form data (most likely as XML) to a server or web service. An integral part of this approach is user authentication via some sort of use-once-only authentication code per submission. Once an authentication code has been used, it becomes deactivated. This ensures that the end user cannot keep submitting forms with new data.

Once the code has been validated, the XML data would be parsed to the needed forms and the forms would be emailed to the end user.

In the plan above, one thing that has bothered me is the amount and the security of data passing from the end user to the the server and vice-versa. Also, technical snaffu's are more likely with that scheme, such as: What if the PDF's sent from the server do not reach the end user? Or what if the end user needs to make some minor, allowable change in a submitted form?

In a quest for simplicity and by reading various posts on this forum, I recently have come up with a different, simpler plan. Input into whether or not this would work, and any security issues which might arise would be appreciated.

In this iteration, the end product (multiple forms) would reside inside the master dynamic form as hidden subforms. Upon submission of the master form, the end user would be asked to enter a validation code. That code would be sent to the server/web service where it would be authenticated. Upon authentication, an authentication code would be emailed to the end user. The end user would input that authorization code into their master form. Upon submission of the authorization, the hidden subforms would switch to visible, already filled out and  ready to print. Simultaneously, key fields in the master subform would become locked to discourage the end user from re-using the form for other clients while at the same time leaving certain fields editable for minor changes the form might require.

One of the biggest issues I can see offhand is this: the authentication code returned by the server in response to the validation code submitted by the end user must be encrypted in a way that it can't be re-used. Is that even possible?

Another issue is one of overall document security. Since everything is contained within one pdf, if someone was intent on breaking the document security (cracking) and creating a document that anyone could use, that would be a real bummer, to say the least. If the whole validation authentication scheme is doable, is it possible to encrypt those codes within the PDF?

If you've read this far, then my hat is off to you! Any thoughts would be greatly appreciated.

Graham

7 Replies

Avatar

Former Community Member

I see a couple of issues with the approach. I never like the idea of putting all possible forms I coudl use into a single PDF as this will usually lead to performance issue (think of the size of the PDF that woudl be generated and how long that woudl take to get across the network). Now when I am ready to unlock the rest of the PDFs I make a call somewhere to get the magic code. Once I enter it how does the PDF validate that the code is good...there is nothing to compare against. For this technique to work the passcode woudl have to be baked into the PDF before the user opened it. Now I have something to compare against.

What is it you are trying to protect ....access to the PDFs?

Paul

Avatar

Level 4

>>For this technique to work the passcode woudl have to be baked into the PDF before the user opened it. Now I have something to compare against.<<

You are correct, Paul.

Baking the passcode in wouldn't be so difficult. The problem lies in how to keep the user from re-entering that passcode for multiple uses of the same form. I'm not a programmer, so I don't know how these things work. But what I hope would be doable is that, on button click, the Reader would connect to a server to see if the validation code has already been used or not. If it hasn't, then the server sends some sort of reply code which would activate a button which would unlock the rest of the form when clicked. If the validation code has already been used, the server would send an error message stating the form's validation code has expired.

This is just conjecture at this point. Considering the weakness of PDF security (see my other post: http://forums.adobe.com/thread/511372?tstart=0), I will probably not go this route anyway. But if the security issue could be worked out, this method would be preferable.

>>What is it you are trying to protect ....access to the PDFs?<<

No, this is a fledgling business idea I'm working on. It is a method to streamline data processing for legal form filing. I need to protect the final product this form would create.

Thanks for your input.

Graham

Avatar

Former Community Member

The security you speak of is definately weak but there are other options .....again I come back to the same question....what are you trying to protect?

Are you simply trying to make sure that the user only gets one submission from the form? Are you trying to make sure that only the right person can open the form? Is it something else?

Paul

Avatar

Level 4

The final product from the end user's perspective is a rash of forms for legal filings. By filling out one form (our product) and submitting the completed form to our business server, the end user will ultimately receive a number of legal forms, filled out and ready for filing, complete with extra exhibits if necessary.

If we decide to include the final legal forms as hidden subforms within the master document whereas access to them is granted via this validation scheme, we need to make sure that the end user couldn't simply use that one instance of a form for the rest of eternity, or worse, make it available to others.

So, in a word, what we are protecting are all the legal subforms which are linked to the master form.

Graham

Avatar

Former Community Member

So if you prefill the rest of the forms with data on each of the forms and then use Rights Management to protect the forms (this guarantees that only that user can open the files), then I think you have what you want .....no?

Paul

Avatar

Level 4

No, we are going with a scheme of making the process open to many and charging a little for each use. Sort of like selling 1,000,000 of something for $1 rather than 1000 of something for $100.

This is because our bread and butter clientele leans heavily toward people who are being paid very little for what they do or on a volunteer basis. If they adopt this workflow, then it will migrate to other places and may well become the mandatory method for filing in this particular genre (our biggest wish). Law firms are also candidates, but they're the icing on the cake.

Graham