UPM researchers Facultad de Informática ScienceDaily (22 February 2011) compile information about the security and privacy for authors or readers of PDF documents, the most popular format for publishing digital documents.
This work by researchers Facultad de Informática of the Universidad Politécnica de Madrid surveys security privacy threats related to digital document publication. It handles information related to publisher, it is revealed after the document is sent over the Internet, as well as information related to the reader may be downloaded every time they open for examination. The work focuses on primarily the PDF format is the most popular document format document for publishing a digital document.
Publishing digital documents on the Internet is a serious security and privacy threats to editors and readers. Previous research by scholars laboratory distributed systems of UPM Facultad de Informática discusses popular document formats information through Microsoft Office. This study focuses on PDF format, which is the de facto standard for exchanging a digital document. Many institutions around the world have adopted PDF as a standard, and have their has been estimated that billions of PDF documents are published, or downloaded every day. Results of this study were published in Journal of systems and software.
Published documents may include additional data related to the author, such as user name, placing the document on the connector computer and also deleted documents before publication.
Some of this information, such as user name or the last day of the Conference are called document meta-data, applications, use reader or editor to improve the user experience; However, they lead to privacy breaches, mainly because the authors are not aware of their discovery to publish the document. Other sensitive information was leaked due to poor design of the document template. For example, when a paragraph of document is deleted, the PDF will not remove the applications of the paragraph, but instead mark it as "invisible". In this way, the calling application did not imagine the deleted when the document is opened for reading. Hence the deleted data is saved with the document, can be read by any malicious user knows where to find it. UPM researchers developed several tools to extract information from PDF documents that are inaccessible to a regular document.
Preventing information loss
There are many popular events that publication of the document is far more information than game publishers is to communicate. For example, the temporary authority of coalition in Iraq publish PDF Sgrena incident in "Calipari" May 2005. Black boxes were used to hide the names of some of the people involved in the incident, but all were easily by copying the text from the original document into a text editor. A number of companies and institutions has distributed guidelines to prevent information loss in documents published after the media reporting news about documents published on the Internet containing sensitive information should not be made.
In terms of reader, open a downloaded PDF document can reveal sensitive information like the IP address of the user's computer, potentially username and any other information that is stored on the computer that is used to open the document. The reason for this is the interactive features of applications in PDF. You can run multiple actions at once, like to connect to the Web site or read data from disk automatically every time the PDF is opened for reading. Ideally, you should warn the user risks of photography, has requested the certificate. This study has many settings that, especially when you open a PDF document inside a Web browser, not caused to the user or the agreement without notice. Their work, researchers UPM vmtoda how do I retrieve and of information about each user who downloads and reads of the PDF.
Finally, the researchers believe the PDF template UPM is a powerful document exchange medium. The main purpose of their work is to make users aware of the risks that they face every time they publish a document on the Web to provide guidance effective to reduce the leakage of sensitive information.
Email or share this story:
Story source:
The story above printed (with adapting to editing by a team of the day-to-day science) materials provided by Facultad de Informática de la Universidad Politécnica de Madrid.
a journal:
- Aniello Castiglione, Alfredo de Santis, Claudio Soriente. Security and privacy in Portable Document Format. Journal of systems and software, 2010; 83 (10): doai 1813: 10.1016/j. jss. .062 04 2010.
Note: you mentioned if not counting, the source is when instead.
Disclaimer: opinions in this article do not necessarily reflect those of its employees or ScienceDaily.
Many a time it becomes necessary for us to write protect our USB flash drive for protection against viruses and other malicious programs. Because flash drives are so popular and widely used for moving data between computers, it is the primary objective of attackers as a means to get infections spread around the world. Also, since USB drive is read-only memory (ROM), the data inside can be easily modified or deleted by malicious programs.
