How to secure the PDF / Adobe LiveCycle Form, to prevent the end user to import data.

[tarekahf]

I am developing a critical form which will pull data from Back-End
System automatically, and allow the user to update only certain
fields. Eventually, the form will be submitted using regular Submit
Button to a server which will extract all the data and write to SQL
Server.

I can make certain fields as read-only or protected. But, the user can
still use Acrobat to Save the Form off-line, use Import/Export, modify
the Data outside the form, and import the modified data back to the
form. Then the user can navigate to the website used to render the
initial form, then he can open the PDF form using IE File-Open, and
submit as if it were submitted from the Browser. I have done this
myself and it worked ...!!!!!

As you can see, this is really a big problem...!!!

How can we prevent the end-user from using Acrobat menu "Import Form
Data" to modify the data of the PDF Form outside the Form Logic ?

Tarek.

[Duane Nickull]

Make it into a PDF portfolio and policy protect the PDF’s that have immutable requirements?  You might have to re-design the entire way the forms are presented and interacted with but it would theoretically work.  Another way is to hide the immutable fields or add duplicate fields and make the hold the values, then on the “submit” event, write the correct data back to those fields.

Woud that work?

D

--
You received this message because you are subscribed to the Google Groups "Adobe LiveCycle Developers" group.
To post to this group, send email to live...@googlegroups.com.
To unsubscribe from this group, send email to livecycle+...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/livecycle?hl=en.

---
Adobe LiveCycle Enterprise Architecture - http://www.adobe.com/products/livecycle/
TV Show - http://tv.adobe.com/show/duanes-world/
Blog – http://technoracle.blogspot.com/
Music – http://22ndcenturyofficial.com/
Twitter – http://twitter.com/duanechaos/
“That’s all I have time for”

[tarekahf]

Thanks for the reply, Duane,

I cannot tell how a PDF Portfolio will be of help ?!

I want to secure certain number of Bound Form Fields from being
edited, even if the user will try to Import Data using Acrobat.

Also, I do not want to do any major redesign of my work. I am using a
LiveCycle ES Desinger Form, and I want to continue using this form,
but I only want to secure such fields during the entire life cycle of
the Form.

I don't think that hiding fields or creating duplicate fields will be
of help, becuase in the end, I am depending on the Form Data Model
which is submitted to the Server. If the user will import a new Model
using XML File, then it doesn't matter if the field is read-only or
hidden.

I am thinking of one of the following solutions:

1. Use check sum algorithm to verify the status of secured fields. The
check sum will be calculated on the server as soon as the form is
created, and the check sum value will be bound the form and also saved
on the server. Everytime the form is submitted, I will recalculate the
checksum and confirm if it was changed.

2. Using Adobe LiveCycle ES Digital Signature Services. As soon as the
form is created, I will only the Fields to be secured. Since I am
using ASP.NET, then I have to use Web Services to Generate the PDF and
sign the Fields to be secured.

Any feedback will be appreciated.

Tarek.

On Feb 7, 7:13 am, Duane Nickull <dnick...@adobe.com> wrote:
> Make it into a PDF portfolio and policy protect the PDF's that have immutable requirements?  You might have to re-design the entire way the forms are presented and interacted with but it would theoretically work.  Another way is to hide the immutable fields or add duplicate fields and make the hold the values, then on the "submit" event, write the correct data back to those fields.
>
> Woud that work?
>
> D
>

> On 2/6/11 6:57 AM, "tarekahf" <tarek...@fastmail.fm> wrote:
>
> I am developing a critical form which will pull data from Back-End
> System automatically, and allow the user to update only certain
> fields. Eventually, the form will be submitted using regular Submit
> Button to a server which will extract all the data and write to SQL
> Server.
>
> I can make certain fields as read-only or protected. But, the user can
> still use Acrobat to Save the Form off-line, use Import/Export, modify
> the Data outside the form, and import the modified data back to the
> form. Then the user can navigate to the website used to render the
> initial form, then he can open the PDF form using IE File-Open, and
> submit as if it were submitted from the Browser. I have done this
> myself and it worked ...!!!!!
>
> As you can see, this is really a big problem...!!!
>
> How can we prevent the end-user from using Acrobat menu "Import Form
> Data" to modify the data of the PDF Form outside the Form Logic ?
>
> Tarek.
>
> --
> You received this message because you are subscribed to the Google Groups "Adobe LiveCycle Developers" group.
> To post to this group, send email to live...@googlegroups.com.
> To unsubscribe from this group, send email to livecycle+...@googlegroups.com.

> For more options, visit this group athttp://groups.google.com/group/livecycle?hl=en.

>
> ---
> Adobe LiveCycle Enterprise Architecture -http://www.adobe.com/products/livecycle/
> TV Show -http://tv.adobe.com/show/duanes-world/

> Blog -http://technoracle.blogspot.com/
> Music -http://22ndcenturyofficial.com/
> Twitter -http://twitter.com/duanechaos/

[Hemant]

Hi Tarek,

This is one of the interesting issue which requires greater attention..

For your queries what i believe:

1. Use check sum algorithm to verify the status of secured fields. The 
check sum will be calculated on the server as soon as the form is 
created, and the check sum value will be bound the form and also saved 
on the server. Everytime the form is submitted, I will recalculate the 
checksum and confirm if it was changed. 

=>    I think this will help.. but applying check sum for an individual field will not be of worth.. though i would like your share such implementations with all of us.

2. Using Adobe LiveCycle ES Digital Signature Services. As soon as the 
form is created, I will only the Fields to be secured. Since I am 
using ASP.NET, then I have to use Web Services to Generate the PDF and 
sign the Fields to be secured. 

        => if you are pulling data from Back-End System automatically may be using web service  then i think protected fields will be changed at the initialization script and thus the Digital Signature can be tampered by itself.

     Also to my knowledge we shouldn't put signatures on the forms which have initialization script or Dynamic forms as it can tamper documents easily.

Based on your requirement i have created a sample PDF form wherein i have disabled the Export data Tab.

Kindly try exporting data from the attached sample PDF.

Again if you tamper it then we can think further on it.. but if you cannot then you can use this as one of the solution to consider.. :)

Regards,

Hemant Garg.

[tarekahf]

Dear Hemant,

Oh my God ! I am thrilled ...!!!!!!

How did you do that ???!!!

I searched the Internet and Adobe On-line Help System, I didn't find
any where how you can prevent then end user to Import Data.

But, I did not search for how to prevent the user to Export Data
though.

It seems that you have used Acrobat Security, with Password
Protection, to prevent Data Copying, right ?

But, if some how the end user could figure out how the Data Looks
Like, then he can import the data.

I think this can be done if the developer will leak a copy of the XML
File, but this is very unlikely.

I think this is a great quick solution. But for ultimate solution, I
think we have to use either checksum or Digital Signature.

Here are the steps for using Digital Signature:

1. Desing the Form with Hidden Digital Signature to lock the Fields to
be secured.

2. Call Web Service to get Data in XML.

3. Call LC Web service to generate PDF from XML and Template PDF.
Result is unsigned PDF populated with Data from Server.

4. Call LC Web service to sign the generated PDF which will lock the
fields to be secured.

5. Now the result is the PDF Signed and the secured fields are lock.
The user will continue editing the form as per the business logic, and
finally he has to sign the form after approval. So the form will have
2 or more digital signatures.

The only problem with the above is that after singing the form, the
end user will no longer be able to add file attachments.

Is there a way to prevent the end user to use the Import Data menu
command ?

Tarek.

>  Sample PDF.pdf
> 121KViewDownload

[tarekahf]

I found a quick way to implement checksum in .NET:

http://jeffbarnes.net/blog/post/2007/01/12/File-Checksum-using-NET.aspx

Tarek.

[Hemant]

Hi Tarek,

Yes.. i used Acrobat Security, with Password Protection, to prevent
Export Data..

Further to my knowledge there is no way to prevent Import Data since
it will also prevent User to fill the forms as well..
I.e. filling the forms usage rights is some how related/mapped to
Import data as well..

Request Adobe Guys to give us more clarity on this..

Further If you have planned to use Digital signatures then i can help
to attach the File in the Signed PDF.. :)
But for that matter you have to switch to Acrobat/Reader 9.2 or
later..
Below is the sample code:

var objectAsFile = util.readFileIntoStream({bEncodeBase64:true}); //
gets the file and encode to base64 algorithm.
TextField1.rawValue = util.stringFromStream(objectAsFile);

So here you see i have an attachment in the text field instead of the
Attachment Tab which is never detected by certified/signed PDF...
Since certified PDFs cannot add file attachments above
method("util.readFileIntoStream()") allows to embed attachments in
their XML form data stream rather than as PDF file attachments.

Hope this helps you!!

Regards,
Hemant Garg

[tarekahf]

Thank you Hemant,

The info you provided is really very helpful.

The fact that I can add File Attachments into Fields is great ! It is
actually very natural.

So, you mean that this code:

var objectAsFile = util.readFileIntoStream({bEncodeBase64:true}); //
gets the file and encode to base64 algorithm.
TextField1.rawValue = util.stringFromStream(objectAsFile);

Will present the user with a Dialog Box to allow him select the file
to attach ?

And, how I can save the file back from the PDF to disk ?

Could you please point me to full documentation (URL) about the
above ?

I think this requires Reader Rights if the user has only Adobe
Reader ? What is the min version needed to enable the required Reader
Rights ?

Tarek.

[Hemant]

Hi Tarek,

Even i'm looking for a way to save back the file to disk and with the
same filename used while attaching to textField.
No Reader rights are required to use the util.readFileIntoStream()
method.

Following are the URLs i referred :
http://acrobatusers.com/tutorials/importing-and-exporting-pdf-file-attachments-acrobat-javascript
http://blogs.adobe.com/formfeed/2009/10/new_reader_92_api.html
http://blogs.adobe.com/formfeed/2009/08/base64_encode_a_pdf_attachment.html

Reader version 9.2 is required for the above function to execute.

Further xfa.event.prevText event can be used for protected fields to
reassign the previous values in case they are changes thru importing
data.
But here i'm not able to manage this script for imported data since
all the data in the textfields are wiped out(even for "no binding
data" textfields) once you import XML inot PDF.
Though you can try if xfa.event.prevText helps you to restore the
previous values if the values are being changed on importing data xml
since can be simplest method to prevent data modifications.

Regards,
Hemant Garg

[Lakhan Agarwal]

Hi hemant,

I want to extract pdf form data to xml in php. Please suggest me any idea.

Thanks