PDF Security: Keeping Honest People Honest

PDF Security: Keeping Honest People Honest

http://www.dreamstime.com/stock-photography-police-line-do-not-cross-yellow-headband-tape-murder-scene-ribbon-image43627002

Password Security on PDF files is much like the barrier tape that’s placed around crime scenes. It’s there to keep civilians from inadvertently trampling all over any evidence or leaving bits of their own DNA sprinkled about. It’s not the kind of barrier that’s going to stop a criminal determined to destroy the evidence. In fact, barrier tape does little more than help keep honest people honest.

By setting the owner password on a PDF file and restricting certain functionality, document authors can prevent unauthorized changes to the document… provided they are using a PDF viewer that respects those settings… it helps keep honest people honest… and much of the time, that’s all you really need for public documents that don’t contain sensitive information.

Restrict Editing of PDF Files using the Datalogics PDF WebAPI

Joel GeraciI’m taking a break from the usual Sample of the Week post to introduce the new DocumentRestrict service offered through the Datalogics PDF WebAPI. The Datalogics PDF WebAPI is a powerful, secure web services API that exposes a broad set of PDF functionality to web and mobile application developers. Built with proven Adobe technology and using a RESTful architecture, the PDF WebAPI enables software engineers to easily develop PDF applications via JSON and without requiring a deep understanding of the PDF specification.

The inspiration for the DocumentRestrict service was the Acrobat feature “Restrict Editing” in the “Protection” tool set. One click allows a document author to enter a password and then Acrobat applies a standard set of feature restrictions to the document. These restrictions still allow the readers of the document to interact with it by leaving comments, filling in forms or signing the file but not changing it in any other significant way. DocumentRestrict applies the same restrictions but increases the level of security by using 256-bit AES encryption.

One of the primary objectives of the Datalogics WebAPI is to not only create good PDF that can be viewed in Adobe Reader but to make that PDF 100% inter-operable with Adobe Acrobat as well. When PDF WebAPI is used to fill forms with data, it is able to also run formatting and calculation scripts just like Acrobat would. And unlike other PDF developer tools, when PDF WebAPI adds headers, footers, watermarks and backgrounds to PDF files, those document decorations are fully editable in Acrobat.

Which brings me to my point…

It quickly occurred to us that if a developer is using the PDF WebAPI to add a “Confidential” watermark to a document… that might not be the kind of document that they’d want to be editable. The PDF WebAPI can also flatten forms after populating them with data; flattened fields are no longer interactive in Adobe Reader but that doesn’t prevent Acrobat from editing the newly added page content. The DocumentRestrict service can be used by developers to restrict editing and protect that document from inadvertent tampering by users that own Acrobat and can be used alone or in conjunction with the other services.

Pro-tip: If you are using multiple PDF WebAPI services to process a single PDF file, send it through DocumentRestrict last… smiley face emoticon.

You can try out the Datalogics PDF WebAPI by signing up for a free account. Once you have your application id and key you can begin integrating all of our PDF WebAPI services into your PDF applications.

Leave a Reply

Your email address will not be published. Required fields are marked *