Solved

Auto-Lock a file based on date

Posted on 2009-04-14
8
843 Views
Last Modified: 2013-11-15
I have a client that sends files to organizations with time sensitive data.  She doesn't want folks to be able to open the file after a certain date that she specifies.  These files are simple Excel files, but could be PDF, DOC, or even ZIP files.  She wants a program she can run, select a file she will send, and specify in the application that the selected file should lock itself so it can't be opened in 10 days.  Then she wants to send that file to these organizations.
0
Comment
Question by:hazenweber
  • 4
  • 3
8 Comments
 
LVL 33

Accepted Solution

by:
Dave Howe earned 250 total points
ID: 24143466
this has been tried several times, but isn't really practical.

the key criteria are that the file must be (and remain) locked, must be viewable only (so not printed, copyable or screenshottable) and must be dependent on a trusted clock (i.e. one on the internet or other external source, not the local pc, where the user could just set the clock back)

the last company to try and field a solution in this space was "disappearing, inc" which did time-limited emails - I think they had been officially "in the field" for three days when the first posted crack allowed offline copy of their "self deleting" emails, so they are moving more to an integrated DLP solution and have changed the company name to reflect this.

it is believed that it would be possible, by combining the trusted rendering path (used to try and discourage copying of movies) and Trusted Computing (where the cpu itself acts in support of the vendors instead of the owner of the machine) to prevent rendered documents being captured in digital form - which would leave really only screen photography (webcam and OCR could recover documents with a high degree of reliability) - but there are obviously privacy and security issues with handing over fundamental control over your machine to a third party (microsoft, for example) particularly if it could be in their commercial interests to abuse that, and for a number of potential customers (banks, for example) that would violate a number of laws. In any case, if such a platform were made the only available purchase choice from now, you would still expect a proportion of your customer base to be using "old" technology five years from now, so in the near term it isn't an option.
0
 
LVL 2

Expert Comment

by:SadiDev
ID: 24193120
Till now it is not possible to apply any individual file (by using generic software).
But you can use/create any container/host (customized) program that will contain the file (encrypted) and make the file viewable for certain time, but never write file to the disk and prohibit any copy/snap/print. The problem is, why other organization blindly trust an executable file (which they can not control)?
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 24197741
sadidev: the problem there is ensuring that the clock is accurate - otherwise, you just set the clock back into the "valid" period and the file opens...
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 2

Assisted Solution

by:SadiDev
SadiDev earned 250 total points
ID: 24200363
Yes, there is depend on trusted clock. Only internet/server clock can be trusted not the local computer. Sorry I did not mentioned it.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 24202336
not even an internet clock can really be trusted - you need to run your own server, at which point you are probably better off just doing what invisible inc did - host the content on the server and allow it to be viewable though an applet.
0
 
LVL 2

Expert Comment

by:SadiDev
ID: 24202424
Actually nothing can be 100% secure. Trusted server can be spoofed. Of course there are always better way to secure something. We can make something, that might be harder to break. Anyway thank you (DaveHowe) for pointing to it more specifically.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 24203099
trusted server can't be spoofed, provided you use PKI - but as I say, if you have to run a server anyway, host the content locally to the server, access it though a java applet or flash applet, and all the client has to do is pass a couple of parameters (document id and auth string) to read the document up to the point the server is told to no longer accept that auth string.

anything else is asking for the local applet to be hacked to not bother checking the date.
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
There's a lot of hype surrounding blockchain technology. Here's how it works and some of the novel ways it' s now being used - including for data protection.
An overview on how to enroll an hourly employee into the employee database and how to give them access into the clock in terminal.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question