Auto-Lock a file based on date

Posted on 2009-04-14
Last Modified: 2013-11-15
I have a client that sends files to organizations with time sensitive data.  She doesn't want folks to be able to open the file after a certain date that she specifies.  These files are simple Excel files, but could be PDF, DOC, or even ZIP files.  She wants a program she can run, select a file she will send, and specify in the application that the selected file should lock itself so it can't be opened in 10 days.  Then she wants to send that file to these organizations.
Question by:hazenweber
  • 4
  • 3
LVL 33

Accepted Solution

Dave Howe earned 250 total points
ID: 24143466
this has been tried several times, but isn't really practical.

the key criteria are that the file must be (and remain) locked, must be viewable only (so not printed, copyable or screenshottable) and must be dependent on a trusted clock (i.e. one on the internet or other external source, not the local pc, where the user could just set the clock back)

the last company to try and field a solution in this space was "disappearing, inc" which did time-limited emails - I think they had been officially "in the field" for three days when the first posted crack allowed offline copy of their "self deleting" emails, so they are moving more to an integrated DLP solution and have changed the company name to reflect this.

it is believed that it would be possible, by combining the trusted rendering path (used to try and discourage copying of movies) and Trusted Computing (where the cpu itself acts in support of the vendors instead of the owner of the machine) to prevent rendered documents being captured in digital form - which would leave really only screen photography (webcam and OCR could recover documents with a high degree of reliability) - but there are obviously privacy and security issues with handing over fundamental control over your machine to a third party (microsoft, for example) particularly if it could be in their commercial interests to abuse that, and for a number of potential customers (banks, for example) that would violate a number of laws. In any case, if such a platform were made the only available purchase choice from now, you would still expect a proportion of your customer base to be using "old" technology five years from now, so in the near term it isn't an option.

Expert Comment

ID: 24193120
Till now it is not possible to apply any individual file (by using generic software).
But you can use/create any container/host (customized) program that will contain the file (encrypted) and make the file viewable for certain time, but never write file to the disk and prohibit any copy/snap/print. The problem is, why other organization blindly trust an executable file (which they can not control)?
LVL 33

Expert Comment

by:Dave Howe
ID: 24197741
sadidev: the problem there is ensuring that the clock is accurate - otherwise, you just set the clock back into the "valid" period and the file opens...
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails


Assisted Solution

SadiDev earned 250 total points
ID: 24200363
Yes, there is depend on trusted clock. Only internet/server clock can be trusted not the local computer. Sorry I did not mentioned it.
LVL 33

Expert Comment

by:Dave Howe
ID: 24202336
not even an internet clock can really be trusted - you need to run your own server, at which point you are probably better off just doing what invisible inc did - host the content on the server and allow it to be viewable though an applet.

Expert Comment

ID: 24202424
Actually nothing can be 100% secure. Trusted server can be spoofed. Of course there are always better way to secure something. We can make something, that might be harder to break. Anyway thank you (DaveHowe) for pointing to it more specifically.
LVL 33

Expert Comment

by:Dave Howe
ID: 24203099
trusted server can't be spoofed, provided you use PKI - but as I say, if you have to run a server anyway, host the content locally to the server, access it though a java applet or flash applet, and all the client has to do is pass a couple of parameters (document id and auth string) to read the document up to the point the server is told to no longer accept that auth string.

anything else is asking for the local applet to be hacked to not bother checking the date.

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Need to Edit a PDF 9 82
stamp tool on acrobat 1 26
deny local logon 12 62
Hardening ScreenOS 8 68
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
This video demonstrates basic masking and how to edit the mask to reveal the desired image.
An overview on how to enroll an hourly employee into the employee database and how to give them access into the clock in terminal.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now