Solved

Auto-Lock a file based on date

Posted on 2009-04-14
8
852 Views
Last Modified: 2013-11-15
I have a client that sends files to organizations with time sensitive data.  She doesn't want folks to be able to open the file after a certain date that she specifies.  These files are simple Excel files, but could be PDF, DOC, or even ZIP files.  She wants a program she can run, select a file she will send, and specify in the application that the selected file should lock itself so it can't be opened in 10 days.  Then she wants to send that file to these organizations.
0
Comment
Question by:hazenweber
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 33

Accepted Solution

by:
Dave Howe earned 250 total points
ID: 24143466
this has been tried several times, but isn't really practical.

the key criteria are that the file must be (and remain) locked, must be viewable only (so not printed, copyable or screenshottable) and must be dependent on a trusted clock (i.e. one on the internet or other external source, not the local pc, where the user could just set the clock back)

the last company to try and field a solution in this space was "disappearing, inc" which did time-limited emails - I think they had been officially "in the field" for three days when the first posted crack allowed offline copy of their "self deleting" emails, so they are moving more to an integrated DLP solution and have changed the company name to reflect this.

it is believed that it would be possible, by combining the trusted rendering path (used to try and discourage copying of movies) and Trusted Computing (where the cpu itself acts in support of the vendors instead of the owner of the machine) to prevent rendered documents being captured in digital form - which would leave really only screen photography (webcam and OCR could recover documents with a high degree of reliability) - but there are obviously privacy and security issues with handing over fundamental control over your machine to a third party (microsoft, for example) particularly if it could be in their commercial interests to abuse that, and for a number of potential customers (banks, for example) that would violate a number of laws. In any case, if such a platform were made the only available purchase choice from now, you would still expect a proportion of your customer base to be using "old" technology five years from now, so in the near term it isn't an option.
0
 
LVL 2

Expert Comment

by:SadiDev
ID: 24193120
Till now it is not possible to apply any individual file (by using generic software).
But you can use/create any container/host (customized) program that will contain the file (encrypted) and make the file viewable for certain time, but never write file to the disk and prohibit any copy/snap/print. The problem is, why other organization blindly trust an executable file (which they can not control)?
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 24197741
sadidev: the problem there is ensuring that the clock is accurate - otherwise, you just set the clock back into the "valid" period and the file opens...
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 2

Assisted Solution

by:SadiDev
SadiDev earned 250 total points
ID: 24200363
Yes, there is depend on trusted clock. Only internet/server clock can be trusted not the local computer. Sorry I did not mentioned it.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 24202336
not even an internet clock can really be trusted - you need to run your own server, at which point you are probably better off just doing what invisible inc did - host the content on the server and allow it to be viewable though an applet.
0
 
LVL 2

Expert Comment

by:SadiDev
ID: 24202424
Actually nothing can be 100% secure. Trusted server can be spoofed. Of course there are always better way to secure something. We can make something, that might be harder to break. Anyway thank you (DaveHowe) for pointing to it more specifically.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 24203099
trusted server can't be spoofed, provided you use PKI - but as I say, if you have to run a server anyway, host the content locally to the server, access it though a java applet or flash applet, and all the client has to do is pass a couple of parameters (document id and auth string) to read the document up to the point the server is told to no longer accept that auth string.

anything else is asking for the local applet to be hacked to not bother checking the date.
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question