adobe pdf and livecycle es security
DESCRIPTION
An overview of how electronic signature objects are generated and used within PDF documents including the overview of Aodbe LiveCycle ES's ability to programmatically work with them server side.TRANSCRIPT
2007 Adobe Systems Incorporated. All Rights Reserved.1
MAX 2007CONNECT. DISCOVER. INSPIRE.
LiveCycle Digital Security and Certification
Duane Nickull,
Sr. Technology Evangelist - Adobe Systems
2007 Adobe Systems Incorporated. All Rights Reserved.2
Abstract (Remove)
This session will focus on the persistent rights management and document security technologies in the LiveCycle Enterprise Suite. The components explored will include LiveCycle Digital Signatures ES and LiveCycle Rights Management (formerly Policy Server). The thrust of the talk will focus on LiveCycle ES as a service oriented platform for delivering key interactions with remote clients but will also showcase core capabilities and delve quickly into SDK's and API's for developers.
2007 Adobe Systems Incorporated. All Rights Reserved.3
Today’s Agenda – one hour
Architecture Dive – Adobe LiveCycle ES Security Architecture
Digital Signatures
LiveCycle Digital Signatures – Intro, Deployment, API’s
Adobe LiveCycle Rights Management – Intro, Architecture for deployment, Demo
Acrobat Digital Signature API Reference – Review
Resources: Adobe Developer Network
Google Groups (LiveCycle)
2007 Adobe Systems Incorporated. All Rights Reserved.4
Old model for enterprise architecture (simple)
Server
Client
2007 Adobe Systems Incorporated. All Rights Reserved.5
Enterprise 2.0
Definition: An adoption of Web 2.0 design patterns by Enterprises
Abstract Model for connecting and integrating capabilities and users
Patterns of interaction
“Don't treat software as an artifact, but as a process of engagement with your users. “
- Tim O’Reilly
Users
Services
Capabilities
Client Applications/Runtimes
Connectivity/Reachability
SOA
2007 Adobe Systems Incorporated. All Rights Reserved.6
LiveCycle ES Architecture
2007 Adobe Systems Incorporated. All Rights Reserved.7
The Genesis of LiveCycle ES
I want to connect these world!
Distributors& Agencies
Internal Processes ERP / ECM / CRM / BPM / Accounting
Customers& Citizens
Suppliers &Contractors
2007 Adobe Systems Incorporated. All Rights Reserved.8
Closing the Engagement Gap with LiveCycle
Distributors& Agencies
Internal Processes ERP / ECM / CRM / BPM / Accounting
Customers& Citizens
Suppliers &Contractors
Document Output Electronic Forms Rich InternetApplications
Enterprise RightsManagement Digital Signatures “Human-centric” BPM
LiveCycleScalable engagement services
2007 Adobe Systems Incorporated. All Rights Reserved.9
The Adobe technology platform architecture
ServiceTier
Resource Tier EISEIS DatabasesDatabases DirectoriesDirectories ECM Repository
ECM Repository
MessageQueues
MessageQueues
LegacySystemsLegacy
Systems
Design &DevelopmentTools
FlexBuilder
Eclipse
Notepad
LiveCycle Designer
ClientApplicationTier
HTTP/S, Sockets, AMF, RTMP,SOAP, WS*, REST, …
Printing & Scanning
Reader AcrobatConnect
BrowsersFlashPlayer
FlexAIR (Apollo)
Acrobat
WorkBench
Service Invocation Layer
Service ContainerRegistry
Service Provider Interface
LC Core Services
3rd PartyServices
Other?
?…
LC DataServices
2007 Adobe Systems Incorporated. All Rights Reserved.10
Adobe LiveCycle ES Service Components
ServiceTier
Service Invocation Layer
Service ContainerRegistry
Service Provider Interface
LC Core Services
3rd PartyServices
FormsForms Process ManagementProcess Management
Production PrintProduction PrintBarcoded FormsBarcoded Forms
PDF GeneratorPDF GeneratorReader ExtensionsReader Extensions
Common Administration, Orchestration, Security, EncryptionCommon Administration, Orchestration, Security, Encryption
OutputOutput
Rights ManagementRights Management
Digital SignaturesDigital Signatures
Data ServicesData Services
2007 Adobe Systems Incorporated. All Rights Reserved.11
LC ES Digital Signature Ecosystem
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
2007 Adobe Systems Incorporated. All Rights Reserved.12
LiveCycle Invocation
2007 Adobe Systems Incorporated. All Rights Reserved.13
Digital Signatures
Adobe LiveCycle Document Security Server
2007 Adobe Systems Incorporated. All Rights Reserved.14
Digital Signatures
DSig enables recipients to verify the integrity of an electronic document.
Integrity subject to many types of attacks. Mechanisms to combat include:
Parity Bits or Cyclical Redundancy Checking (CRC) functions - works well for intentional modifications but clever hackers can circumvent.
One way hash (fixed length value) - unique fingerprint can detect if document has been altered by re-computing the hash (commonly MD5, SHA-1, SHA-256)
Message Authentication Codes (MAC) - prevent hacker from intercepting, modifying and attaching new hash. Symmetric key is connected to the MAC then hashed (HMAC). Without the key, attacker cannot forge new message.
2007 Adobe Systems Incorporated. All Rights Reserved.15
How it works - Signing PDF Documents
2007 Adobe Systems Incorporated. All Rights Reserved.16
ByteRange and Signature value
2007 Adobe Systems Incorporated. All Rights Reserved.17
The PDF Save/Hash/Update Process
Hash computed over entire PDF file
byte 0 to last, excluding signature
Signature placed in PDF:
PDF -> disk worst case space left for sig value.
Once sig value is known (offsets in file), ByteRange array overwritten with absolutes. NOTE: byte offsets MUST NOT change, extra bytes overwritten with spaces.
Hash of entire file computed using SHA-1.
Hash encrypted with signer’s private key
PKCS#7 signature object generated.
Signature object placed in file on disk, overwrites placeholder value. Space not used for the signature object is overwritten with spaces.
PDF re-loaded in Acrobat. Ensures in-memory and disk versions match.
2007 Adobe Systems Incorporated. All Rights Reserved.18
Multiple Signatures
2007 Adobe Systems Incorporated. All Rights Reserved.19
Dsig Check list
Public Key Infrastructure (PKI)
Certificate Revocation List (CRL)
Online Certificate Status Protocol (OCSP)
2007 Adobe Systems Incorporated. All Rights Reserved.20
PKI mechanisms
Public Key Cryptography Standards (PKCS) - set of standard protocols used by PKI vendors including RSA encryption, cryptographic syntax for S/MIME, extended certificate syntax and more.
Registration Authority (RA) - background checks of people, PDP authentication.
Certificate Repositories;, Key update, backup, recover, history; Cross-certification and Time stamping.
2007 Adobe Systems Incorporated. All Rights Reserved.21
Demo
Adobe Acrobat
Custom Communications Form Sample Simple signing and break signature value.
2007 Adobe Systems Incorporated. All Rights Reserved.22
Adobe LiveCycle Digital Signatures
2007 Adobe Systems Incorporated. All Rights Reserved.23
LiveCycle Digital Signatures
Server used for: Publishing "certified" documents that can prove the authenticity
and integrity of the document.
Control the changes that are permitted in documents as they flow through a business process with a certification signature.
Digitally sign documents before they are archived to improve compliance metrics.
Automate the signature validation process for PDF documents.
Leverage existing investments in public key infrastructure (PKI) protocols.
2007 Adobe Systems Incorporated. All Rights Reserved.24
For developers
http://livedocs.adobe.com/
2007 Adobe Systems Incorporated. All Rights Reserved.25
Samples - retrieve Dsig field names
import java.util.*;
import java.io.FileInputStream;
import com.adobe.livecycle.signatures.client.*;
import com.adobe.livecycle.signatures.client.types.*;
import com.adobe.idp.Document;
import com.adobe.idp.dsc.clientsdk.ServiceClientFactory;
public class GetSignatureFields {
public static void main(String[] args) {
try {
//Set connection properties required to invoke LiveCycle ES Properties connectionProps = new Properties();
connectionProps.setProperty("DSC_DEFAULT_EJB_ENDPOINT", "jnp://localhost:1099");
connectionProps.setProperty("DSC_TRANSPORT_PROTOCOL","EJB");
connectionProps.setProperty("DSC_SERVER_TYPE", "JBoss");
connectionProps.setProperty("DSC_CREDENTIAL_USERNAME", "administrator");
connectionProps.setProperty("DSC_CREDENTIAL_PASSWORD", "password");
2007 Adobe Systems Incorporated. All Rights Reserved.26
Samples - retrieve Dsig field names (2)
//Create a ServiceClientFactory instance
ServiceClientFactory myFactory
ServiceClientFactory.createInstance(connectionProps);
//Create a SignatureServiceClient object
SignatureServiceClient signClient = new SignatureServiceClient(myFactory);
//Specify a PDF document that contains signature fields
FileInputStream fileInputStream = new FileInputStream("C:\\Adobe\\Loan.pdf");
Document inDoc = new Document (fileInputStream);
//Retrieve the name of the document’s signature fields
List fieldNames = signClient.getSignatureFieldList(inDoc);
2007 Adobe Systems Incorporated. All Rights Reserved.27
Samples - retrieve Dsig field names (3)
//Obtain the name of each signature field by iterating List
Iterator iter = fieldNames.iterator();
int i = 0 ;
String fieldName="";
while (iter.hasNext()) {
PDFSignatureField signatureField = (PDFSignatureField)iter.next();
fieldName = signatureField.getName();
System.out.println("The name of the signature field is " +fieldName);
i++;
}
}catch (Exception ee) {
ee.printStackTrace();
}
2007 Adobe Systems Incorporated. All Rights Reserved.28
Adobe LiveCycle Rights Management
2007 Adobe Systems Incorporated. All Rights Reserved.29
Securing information is important ”not optional”
Mandatory compliance with: Sarbanes-Oxley (Section 404) (USA)
NASD 2711 (USA)
BS1779 – (UK)
ITAR Export Control
Directive 95/46/EC of the European Parliament
California's Information Practices Act (SB 1386)
SEC Rule 17a-4
HIPAA
Personal Information Protection and Electronic Documents Act (Canada)
Protect corporate image / brand trust Employee turnover increases risk; mobile workstations, theft of laptops etc.
Prevent Phishing (customer relations ruined)
Mitigate the risk of espionage Removes the temptation and mitigates accidental disclosure.
2007 Adobe Systems Incorporated. All Rights Reserved.30
Author
Secure Pipe Approach
Access Control Approach
File System
Unauthorized Users
Recipient
Lack persistent access controls to prevent information re-distribution
Cannot dynamically change rights/access after distribution
Shortcomings of Current Information Assurance Approaches
2007 Adobe Systems Incorporated. All Rights Reserved.31
Adobe® LiveCycle™ Rights Management
Controls
Who can open a document
What they can do with it
Expiration/revocation
Version control
Auditing
Works with Adobe Acrobat, Microsoft Office and CATIA
2007 Adobe Systems Incorporated. All Rights Reserved.32
Adobe provides persistent protection for information
2007 Adobe Systems Incorporated. All Rights Reserved.33
Adobe’s Contribution to Information Assurance
Data is secured at the document level, throughout its lifecycle
Document authenticity/integrity can be verified at any time
Only the intended recipients can view protected documents
A chain of custody is maintained for all documents via an audit trail
Protected documents are easily shared across organizations
2007 Adobe Systems Incorporated. All Rights Reserved.34
Security technologies
2007 Adobe Systems Incorporated. All Rights Reserved.35
Secure Messaging (WS-Security)
2007 Adobe Systems Incorporated. All Rights Reserved.36
Deployment Architecture – within enterprise
2007 Adobe Systems Incorporated. All Rights Reserved.37
Deployment Architecture – external use
2007 Adobe Systems Incorporated. All Rights Reserved.38
Demo !
LiveCycle Rights Management
2007 Adobe Systems Incorporated. All Rights Reserved.39
Orchestrating Security
And demo…
2007 Adobe Systems Incorporated. All Rights Reserved.40
Digital Signature Plug in Architecture
Adobe Acrobat implements digital signatures using plug-ins for generic functions common to all digital signatures.
Support for specific kinds of signatures (signing methods): Public-private key (PPK)
Handwriting
Biometrics (retinal scans, fingerprints)
…
Development Kit (SDK):
http://partners.adobe.com/asn/developer/acrosdk/main.html
2007 Adobe Systems Incorporated. All Rights Reserved.41
Digital Signature Plug in Architecture
2007 Adobe Systems Incorporated. All Rights Reserved.42
Q & A
Contacts: [email protected] (Blog: http://technoracle.blogspot.com)
References: LiveCycle Developer Centre: http://www.adobe.com/devnet/livecycle/
Google Groups - LiveCycle Developers Group
2007 Adobe Systems Incorporated. All Rights Reserved.43
2007 Adobe Systems Incorporated. All Rights Reserved.44
Architecture Summary – LiveCycle ES
LC ES is a true platform.
Core services for PDF security, rights management, generation and various core libraries.
Service invocation layer calls underlying capabilities and APIs.
Operations exposed by Invocation later for the PDF Encryption Service may be called locally or remotely.
Remote callers can use: Watch Folder
Web Services
EJB’s
Other…
PDF Encryption Service exposed via a Developer SDK used for integration with Third Party Applications.
2007 Adobe Systems Incorporated. All Rights Reserved.45
Advanced Encryption Standard (AES)
How it actually works
2007 Adobe Systems Incorporated. All Rights Reserved.46
AES
AES has a fixed block size of 128 bits and a key size of 128, 192 or 256 bits.
The key is expanded using Rijndael's key schedule.
Most of AES calculations are done in a special finite field.
Operates on a 4×4 array of bytes (the State)
For encryption, each round of AES (except the last round) consists of four stages:
SubBytes, ShiftRows, MixColumns and AddRoundKey
The final round omits the MixColumns stage.
2007 Adobe Systems Incorporated. All Rights Reserved.47
Building an AES Cypher – Stages 1 & 2
Subbyte: Non-linear substitution step where each byte is replaced with another according to a lookup table.
ShiftRows — a transposition step where each row of the state is shifted cyclically a certain number of steps.
2007 Adobe Systems Incorporated. All Rights Reserved.48
Building an AES Cypher – Stage 3
MixColumns - four bytes of each column (state) are combined using invertible linear transformation. Each column is treated as a polynomial over GF(28) and is then multiplied modulo x4 + 1 with a fixed polynomial c(x) = 3x3 + x2 + x + 2.
2007 Adobe Systems Incorporated. All Rights Reserved.49
Building an AES Cypher – Stage 4
AddRoundKey - the subkey is combined with the state. For each round, a subkey is derived from the main key using the key schedule; each subkey is the same size as the state. The subkey is added by combining each byte of the state with the corresponding byte of the subkey using bitwise XOR.
2007 Adobe Systems Incorporated. All Rights Reserved.50
Technical Notes
Supplemental
2007 Adobe Systems Incorporated. All Rights Reserved.51
Confidentiality and Encryption of Information
Encryption is the process of transforming information (plaintext) into an incomprehensible form (ciphertext). Encryption is an effective technique for managing document access.
Decryption is the reverse process that transforms ciphertext back to the original plaintext.
Cryptography refers to the two processes of encryption and decryption and its implementation is referred to as a cryptosystem.
Keys are used for encryption and decryption.
Symmetric Keys – Adobe uses 128 bit AES keys for documents.
Asymmetric Keys – Adobe uses RSA (512-, 1024-, and 2048-bit) elsewhere
Adobe also offers a hybrid approach for encryption.
2007 Adobe Systems Incorporated. All Rights Reserved.52
Other security features…
Authentication/integrity of electronic data. Parity bits or Cyclical Redundancy Checking (CRC) functions—CRC
functions work well for unintentional modifications, such as wire interference, but they can be circumvented by a clever attacker.
One-way hash—creates hash value or message digest for a message of any length. Adobe has adopted the SHA-1 and SHA-256 algorithms because of their wide acceptance as a security standard.
Message Authentication Codes (MAC)—prevents an attacker from obtaining the original message, modifying it, and attaching a new hash. In this case, a symmetric key is connected to the MAC and then hashed (HMAC). Without the key, an attacker cannot forge a new message. Adobe uses HMACs where appropriate.
2007 Adobe Systems Incorporated. All Rights Reserved.53
Security Regulations
supplementry
2007 Adobe Systems Incorporated. All Rights Reserved.56
Compliance
ITAR/Export Control The U.S. government’s International Traffic in Arms Regulations (ITAR)
govern the dissemination of a broad array of information. Among other requirements, they prohibit disclosing or transferring regulated technical data to a foreign person, whether in the United States or abroad. Companies that export products—particularly in the high-tech, aviation, and military sectors—must put in place mechanisms that prevent violations of U.S. export laws. These regulations hold companies accountable for the acts of anyone that accesses technical data. Penalties for export violations can be severe—$1M and 10 years in prison per violation, prohibitions against future exports by the company, and the loss of government contracts.
The Department of State’s Directorate of Defense Trade Controls has guidelines that suggest:
Export controlled documents should be “tagged” to identify their status Establishing a procedure to combat illegal transfers Regular audits to ensure integrity of program Procedures to investigate any potential diversions https://www.pmdtc.org/docs/itar/itar_part_125.pdf
2007 Adobe Systems Incorporated. All Rights Reserved.59
Photo assets
602007 Adobe Systems Incorporated. All Rights Reserved.
Three (long) or four (short) bullets go here to describe the image, diagram or screenshot in the pod above
*A 10 point footnote can go here, if necessary
50-50 Split Pod Layout
612007 Adobe Systems Incorporated. All Rights Reserved.
This layout is generally used for diagrams or large photos that look awkward in a pod
*A 10 point footnote can go here, if necessary
No Pod Layout
622007 Adobe Systems Incorporated. All Rights Reserved.
Useful for comparing four concepts side-by-side
*A 10 point footnote can go here, if necessary
Pod 1 Title Pod 2 Title Pod 3 Title Pod 4 Title
4 Column Split Pod Layout
632007 Adobe Systems Incorporated. All Rights Reserved.
Information goes here, and one or two images can sit in the gray area on the right
*A 10 point footnote can go here, if necessary
Pod-On-Right Layout
642007 Adobe Systems Incorporated. All Rights Reserved.
Useful for comparing four concepts
*A 10 point footnote can go here, if necessary
Four Quadrant Split Pod Layout
652007 Adobe Systems Incorporated. All Rights Reserved.
Useful for comparing two concepts side-by-side with data content below
Optional Split Pod Layout
662007 Adobe Systems Incorporated. All Rights Reserved.
Useful for comparing two concepts side-by-side with data content below
Optional Split Pod Layout