Document Security Papers
This section provides papers, overviews and information on digital rights management (DRM), intellectual property rights (IPR), copyright, PDF security, encryption, document security, content control, copy protection, rights management, trade secrets, plug-ins and document collaboration security.
If you would like a basic introduction to the subjects covered in this section please visit our information security learning center.
For terminology please see our information security glossary.
Encryption & Security
Introduction to Encryption
This paper covers what encryption is, why you would use it, and whether it actually does what it says on the tin. It also covers the applications it is most commonly used in and what type of encryption algorithm you should be considering as commercially appropriate.
Encryption is not enough for DRM
This paper covers why encryption is not enough to protect your electronic documents and why other factors such as the implementation of a DRM (digital rights management) system are equally important for document protection. It covers key management, enforcing time limitations, and other methods of document control.
Document encryption & DRM security
This paper covers what is document encryption and why you need it to protect documents in transit and rest. It also explores the downside of encryption and why DRM is needed to enforce document controls.
Passwords & PKI Security
This paper covers passwords and PKI security and how secure each mechanism is.
Using encryption to Secure Downloads & stop copying
This paper covers what methods can be used to secure downloads from unauthorized users, and how encryption can be more successfully used to stop copying and control unauthorized use of files once they have been downloaded.
Digital Signatures – what security do they really provide?
This paper covers why digital signatures do not provide the security that users think they do, and why reliable authentication is a real issue.
Digital Rights Management – DRM
Introduction to Digital Rights Management (DRM)
This paper covers the technology called Digital Rights Management or DRM, what it achieves and how this benefits your business. It also covers the use of encryption and cryptography in protecting and controlling digital content.
Did you know that DRM is a security mechanism?
DRM technology is actually a refinement of existing access control technologies that allows a much more granular and appropriate approach to protecting access to and use of information in a widely distributed environment, such as the Internet, than traditional methods.
History of Rights Management
This paper covers the origins of Rights Management, covering the birth of copyrights and rights management and why you need to protect your content in the digital age. It covers Digital Rights Management and DRM controls.
Should DRM have standards?
This paper covers whether DRM should have standards, and, if it should, then who should be setting the standards and what should those standards address.
Why secure dealing rooms are better implemented through DRM solutions
In any enterprise there is information that has to be kept secret, but must be distributed, and therefore has to be identified with any recipient in the event that it is ‘leaked’. This white paper addresses two examples of this requirement (boardroom secrets and mergers and acquisitions), and shows how to identify solutions that meet business needs for document protection and secure file sharing.
This paper covers how DRM can help you protect your own ideas, words, pictures and so on, whilst at the same time giving you the ability to allow other people to use your work in a reasonable, but controllable way.
Intellectual Property Protection – IPR
Protecting your Intellectual Property with DRM
How can you protect what is yours from being stolen? This paper covers how you can use Digital Rights Management (DRM) technology to protect your intellectual property (IPR).
Strategies for IPR/DRM protection and secrecy
This white paper describes the differences between information, IPR and trade secrets, and where these might apply. We discuss the practicalities for DRM controls, and what these might realistically be, and how they might be used to stop copying. Finally we look at the different market models for current copy protection products and how they work, and then conclude on the suitability of approaches. It covers Trade Secrets, intellectual property rights, document collaboration systems, content protection, and Digital Rights Management.
Copyright Protection: IPR and the Digital Revolution
This paper covers why intellectual property law is ineffective in protecting the rights of small authors and publishers. It covers intellectual property rights (IPR), licensing controls, copyright, and copyright protection.
Preventing information Leakage – the enemy is within
This paper covers why DRM is required for data leakage prevention from within and outside of the enterprise for use as an effective document control system. It covers why encryption and access control are only effective inside the enterprise to secure information.
Managing Content Distribution & life cycle with DRM
This paper covers managing distribution of confidential documents and the use of digital rights management in content life cycle. It covers the use of pure cryptography, privacy standards, confidentiality through redaction, keeping content available for a limited time, restricting content use to locations, and auditing use.
International Copyright development and Fair Use
This paper covers how International copyright differs from country to country, the development of copyright, the concept of ‘fair use’ and how all of this affects you as a publisher of content.
Facing the Copyright challenge – is digital different?
David Bicknell investigates how the ever-growing reach of the World Wide Web is affecting traditional views on issues such as copyright and intellectual property rights. This article was originally published by the Institute for the Management of Information Systems in their Journal, Volume 18, issue 3, June 2008 (www.imis.org.uk) and is reproduced here in full by kind permission. All rights are acknowledged.
Adobe Acrobat Security – a brief history of PDF security development
This paper covers the development of PDF security from simple password protection mechanisms to access controls and DRM. It discusses lifecycle management, PKI and digital certificates, PDF password security, PDF encryption, PDF DRM, Adobe livecycle / policy server, and third party systems and standards for protecting PDF files.
PDF Encryption and Password Security
This paper covers the origins of Adobe PDF document security and encryption and pdf password cracks and hacks. Learn why PDF password security is not good enough to protect your PDF documents.
How Secure is Adobe PDF Security?
This paper is written by Bryan Guignard, an Adobe Certified expert. In summary he says ‘Because of the ‘respect’ model used by the PDF specification, your encrypted PDF files offer about as much strength as dried eggshells!”.
10 things you wished you had known about PDF DRM Security, but they didn’t tell you!
This paper covers what PDF DRM vendors are not telling you about their products and solutions, and what questions you should be asking. Is the PDF security software you are looking to purchase really secure? If the PDF DRM protection software you are evaluating can be simply broken then you might as well save your money.
PDF Watermarking for document security
This paper explains what types of PDF watermarks can be added to PDF documents and what type of security they provide.
Adobe LiveCycle Rights Management
This paper explains why although Adobe LiveCycle can be used effectively within an organization for protecting PDF documents it is not necessarily a good choice for publishers selling information such as ebooks and reports.
Secured PDF – options & issues when creating secured PDF files
There are many options to consider when creating a secured PDF. This paper covers the protection methods and security features available for secured PDF files.
PDF Plugins – why plugins can be dangerous for PDF DRM security
There are many reasons not to use PDF plugins when it comes to PDF DRM document security. Whilst at first they may seem an easy option, they require admin rights, can degrade the security of an application, can be circumvented, conflict with other plug-ins, and may fail to operate when the application they are plugged into is updated.
Document, Ebook, PowerPoint Security
Document Security – a guide to securing your documents
This paper explains what components make up a document security solution and which one is right for you. It covers the use of encryption, copy protection, digital rights management and document collaboration as the methods available to protect information.
Sharing Documents Securely
When sharing documents securely there are many issues that have to be considered. What kind of document control are you seeking to exert – internal use, internal and external, or purely external? Do you trust the recipients enough so you know that they will not pass documents on; how much control do you want over your documents when dealing with untrusted parties. Is encryption enough or do you need DRM to control document usage? This paper examines what Secure File Sharing platforms offer you and the advantages DRM provides over access controls and encryption.
Document Tracking and Document Control
This paper explains what document tracking is and how it can be useful to the corporate enterprise in verifying document usage. It also covers the use of document control and integrity and why this is an essential component of a document tracking system.
Data Loss Prevention and Protection
Many organizations implement a data loss prevention solution to prevent loss of data outside the enterprise. But what happens if you need to communicate securely with third parties? DRM software can provide data loss protection both inside and outside the enterprise.
Analysis of E-Book Security
This paper written by Guoyou He from Helsinki University of Technology examines the concept of e-book security and why various companies have failed to produce a secure product.
Libraries & eBook DRM Security
The issues faced by libraries (such as The British Library) in distributing digital books, and how secure electronic delivery of e books can be achieved using DRM security.
Plug-in Security – plugins a source of insecurity
This paper examines and questions the claims often made by plug-in suppliers that they are secure, giving published examples of where they are not. It demonstrates why you should not purchase a document security solution that relies on plugins.
This paper examines the types of watermarks available and how they can be used to help enforce document copy protection.
Why you should not use passwords for PowerPoint security but instead look towards DRM for a more secure solution.
Protecting ebooks against sharing and theft is a publisher’s main priority if they are going to protect their revenue stream. LockLizard ebook DRM software provides ebook protection for ebooks published in PDF and HTML formats.
PDF copy protection
PDF copy protection is just one of the components of PDF Security and PDF DRM software, applying copy protection controls to PDF documents to protect them against unauthorized sharing, theft and misuse.