Red Office Documents Security Proposal

•

1 like•273 views

Zhi Guan

Technology

RedOffice Document Security
Guan Zhi ★ Peking Univ.

About RedOffice
RedOffice is the proprietary office suit based on OpenOffice.org
provided by the company RedFlag2000 in China.
The features of RedOffice include
better chinese language and localization support
chinese style documents support and etc.

OpenOffice Document Security
The current OpenOffice security mechanisms include:
Password based encryption, defined in “Open Document
Format for Office Applications (OpenDocument) v1.0
Specification” section 16.3.
Digital signature based on PKI, provided in OpenOffice.org
3.0, menu:file:digital signatures ...

Our Aim is ...
To enhance RedOffice/OpenOffice documents security with
cryptography.

What is Required
Compared with PDF document, OpenOffice document lacks:
Certificate based document encryption.
GUI supported key/certificate generation and management.
Graphical digital signature display.
And even more ...

Password Generator
In password based encryption, users always choose very weak
passwords, which makes the encrypted documents easily broken.
Password generator is a program/extension which helps the user
to generate more secure and easily remembered passwords.

Certificate Based Encryption
With certificate based encryption an Office author can encrypt a
document with multiple recipient’s certificates.
For a group of users to share documents, certificate based
encryption is much more easier and secure than password based
encryption.

Key/Certificate Management
Current OpenOffice.org requires the user to import certificates
and private keys for digital signature generation, while does not
provide certificate management functionalities.
Certificate Extension: Certificate and key pair generation utilities
for RedOffice/OpenOffice.org.

Crypto Framework Extension
A cryptographic framework extension for RedOffice/
OpenOffice.org.
The cryptographic API is based on the PKCS #11: Cryptographic
Token Interface Standard, supported on both Windows and
Linux.
Third party cryptographic algorithms, modules and hardware
tokens such as smart card and USB key can be integrated into
RedOffice/OpenOffice.org.

Advance Cryptography
Identity based encryption, for simplicity of public key
management.
Attribute based encryption, for simplicity of document sharing
and access control based on document encryption.

Paper Based Security
When a document is printed on the paper, all the security
attributes are disappeared.
With printed 1-D or 2-D barcode, the security attributes can be
reserved on the printed paper documents.

Key Management Service
Basically, it is a PKI Certificate Authority with additional
functionalities.
Generation, distribution, management of keys and certificates.
Supporting advanced cryptography and key policies.

Document Security Service
An ordinary office user only know who is the document recipient,
without the detailed knowledge of how to protect the document.
Document security service is an online service to provide
RedOffice/OpenOffice.org documents with automated public key
encryption, digital signature and other security attributes.
The service will choose what kind of security mechanisms and
policies should be applied to the document, and executes the
corresponding security operations.

END
for more details, connect <guanzhi@infosec.pku.edu.cn>

Similar to Red Office Documents Security Proposal

Connect Bridge allows you to connect to lobodms from any software. Integrate lobodms with a CRM, ERP, CMS, marketing automation software and email. The integration is live and bi-directional. Connect Bridge allows synchronization of more than 2 systems in a single integration. Integrate lobodms into the company's system landscape. Contact us at office@connecting-software.com or visit http://connecting-software.com/

Lobodms Integration

Connecting Software

These are the slides that were be presented at a GlobalSign customer event in Leuven on September 16, 2014. In my talk, I explained why digital signatures are important. I introduced the audience to the basic concepts used when signing documents and showed how these concepts are used in the context of PDF. Furthermore, I discussed different architectures to implement a digital signature solution, as well as how digital signatures can be used in a workflow and how we can create digital signatures for the long term.

Digital Signatures: how it's done in PDF

iText Group nv

Liferay Integration

Connecting Software

Adobe PDF and LiveCycle ES Security

guest2a5a03

Connect Bridge allows to connect from any software to Alfresco. Integrate Alfresco with your CRM, ERP, DMS, marketing automation and email. Integration is live and bi- directional. Connect Bridge allows synchronization of more than 2 systems in a single integration. Integrate Alfresco into the company system's landscape. Contact us on office@connecting-software.com or visit http://connecting-software.com/

Alfresco Integration

Connecting Software

Presentation

Andrew Militsenko

Thawte Code Signing Certificate Feature and Benefits

CodeSigningStore

Based on brief user input, LincDoc EE engages its advanced business logic engine to swiftly fashion complex documents from a repository of pre-approved language, addenda, paragraphs, sections or other types of business critical data. And with LincDoc EE's granular version tracking, authorized editors can track the entire lifespan of documents and never publish an incorrect version. All documents work together with Laserfiche, can be routed in multiple formats and their data can mesh easily with existing databases.

LincDoc Enterprise Edition brochure

Dan O'Leary

LibreOffice/OpenOffice.org - non coding extensions

Kálmán "KAMI" Szalai

Digital Signatures solution by ComsignTrust

Zeev Shetach

ODFKit

Alexandro Colorado

2016 Readium LCP workshop at EPUB Summit

Laurent Le Meur

Why ClouDoc to protect CAD files?

Sang Yoo

Clou doc brochure_eng_20150406(전자메일첨부용)

sang yoo

Digital Signatures: how it's done in PDF

iText Group nv

Securing broker less publish subscribe systems using identity-based encryption

LeMeniz Infotech

Narrative of digital signature technology and moving forward

Conference Papers

Public key authentication is the most secure colution and utilizes a public key cryptography(PKI) system, using both public and private keys.A PKI is certainly the easiest solution from the users prespective.It mainly supports the distribution and identification of public encryption keys, enabling users and computers to both securely exchange data over networks such as the internet and verify the identity of the other party. Without PKI , sensitive information can still be encrypted ( ensuring confidentiality) and exchanged but there would be no assurance of the identity(authentication) of the other party. Any form of sensitive data exchanged over the internet is relianton PKI for security. Elements of PKI A typical PKI consists of hardware, software , policies and standards to manage the creation,admisinstration , distribution and revocation of keys and digital certificates. Digital certificates are at the heart of PKI as they affrim the identity of the certificate subject that bind the identity to the public key contained in the certificate. Following are the elements of the PKI: Certificate Authority (CA) Registration authority A certificate database , it mainly stores the certificate requests and issues and revokes certificates. A certificate store , which resides on a local computer as a place to store issues certificates and private keys. --------------------------************************----------------------------- To connect many distant employees at once, all office locations must be able to access the same network resource. Most time iof we will would house the core infrastucture needed to establish the network, such as the servers and databases. Generally Wide area network (WAN) to connect the remote offices. WAN are used to connect Local area network(LAN) for disparate offices together. However installation and overhead of LNS and WANS is expensive. To over come this Virtual private networks that run over the internet. VPN it mainly provides secure connections between individual users and their organizations network over and their organizations network over the internet, have several upsides. They provide more secure site to site connections. They provide information transfer much faster that WAN\'s and most importantly to small and medimum sized business, VPN\'s are much lessexpensive since you can use a single leased line to the internet for each ofice, cutting down on broadband cost. While VPN\'s are highly recommended and trusted a new technology gaining traction with compaines is the remote desktop. Remote dsktops requires software or an operating system that allows aplications to run remotely on a server, but to be displayed locally simultaneously. This network server hosts remote files and application in a secure location , ensuring your data is never lost , even when something happens to device you are working on. Solution Public key authentication is the most secure colution and utilizes a public key cryptography(PKI) sy.

Public key authentication is the most secure colution and utilizes a.pdf

mohammadirfan136964

presentation_finals

Shivashish Kumar

Badusha_Profile

Mohammed Badusha

Recently uploaded

Presentation on how to chat with PDF using ChatGPT code interpreter

naman860154

Microsoft's Threat Matrix for Kubernetes helps organizations understand the attack surface a Kubernetes deployment introduces to their environments. This ensures that adequate detections and mitigations are in place. By covering over 40 different attacker techniques, defenders can learn about Kubernetes-specific mitigations and controls to deploy to their environments. In this session, we will explore the MS-TA9013 Host Path Mount technique, which is commonly used by attackers to perform privilege escalation in a Kubernetes cluster. Attendees will learn how attackers and defenders can: * Escape the container's host volume mount to gain persistence on an underlying node * Move laterally from the underlying node into the customer's cloud environment * Analyze Kubernetes audit logs to detect pods deployed with a hostPath mount * Deploy an admission controller that prevents new pods from using a hostPath mount

Breaking the Kubernetes Kill Chain: Host Path Mount

Puma Security, LLC

Discord is a free app offering voice, video, and text chat functionalities, primarily catering to the gaming community. It serves as a hub for users to create and join servers tailored to their interests. Discord’s ecosystem comprises servers, each functioning as a distinct online community with its own channels dedicated to specific topics or activities. Users can engage in text-based discussions, voice calls, or video chats within these channels. Understanding Discord Servers Discord servers are virtual spaces where users congregate to interact, share content, and build communities. Servers may revolve around gaming, hobbies, interests, or fandoms, providing a platform for like-minded individuals to connect. Communication Features Discord offers a range of communication tools, including text channels for messaging, voice channels for real-time audio conversations, and video channels for face-to-face interactions. These features facilitate seamless communication and collaboration. What Does NSFW Mean? The acronym NSFW stands for “Not Safe For Work,” indicating content that may be inappropriate for professional or public settings. NSFW Content NSFW content encompasses material that is sexually explicit, violent, or otherwise graphic in nature. It often includes nudity, profanity, or depictions of sensitive topics.

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

UK Journal

Heather Hedden, Senior Consultant at Enterprise Knowledge, presented “The Role of Taxonomy and Ontology in Semantic Layers” at a webinar hosted by Progress Semaphore on April 16, 2024. Taxonomies at their core enable effective tagging and retrieval of content, and combined with ontologies they extend to the management and understanding of related data. There are even greater benefits of taxonomies and ontologies to enhance your enterprise information architecture when applying them to a semantic layer. A survey by DBP-Institute found that enterprises using a semantic layer see their business outcomes improve by four times, while reducing their data and analytics costs. Extending taxonomies to a semantic layer can be a game-changing solution, allowing you to connect information silos, alleviate knowledge gaps, and derive new insights. Hedden, who specializes in taxonomy design and implementation, presented how the value of taxonomies shouldn’t reside in silos but be integrated with ontologies into a semantic layer. Learn about: - The essence and purpose of taxonomies and ontologies in information and knowledge management; - Advantages of semantic layers leveraging organizational taxonomies; and - Components and approaches to creating a semantic layer, including the integration of taxonomies and ontologies

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf

Enterprise Knowledge

As privacy and data protection regulations evolve rapidly, organizations operating in multiple jurisdictions face mounting challenges to ensure compliance and safeguard customer data. With state-specific privacy laws coming up in multiple states this year, it is essential to understand what their unique data protection regulations will require clearly. How will data privacy evolve in the US in 2024? How to stay compliant? Our panellists will guide you through the intricacies of these states' specific data privacy laws, clarifying complex legal frameworks and compliance requirements. This webinar will review: - The essential aspects of each state's privacy landscape and the latest updates - Common compliance challenges faced by organizations operating in multiple states and best practices to achieve regulatory adherence - Valuable insights into potential changes to existing regulations and prepare your organization for the evolving landscape

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc

Enterprise Knowledge’s Urmi Majumder, Principal Data Architecture Consultant, and Fernando Aguilar Islas, Senior Data Science Consultant, presented "Driving Behavioral Change for Information Management through Data-Driven Green Strategy" on March 27, 2024 at Enterprise Data World (EDW) in Orlando, Florida. In this presentation, Urmi and Fernando discussed a case study describing how the information management division in a large supply chain organization drove user behavior change through awareness of the carbon footprint of their duplicated and near-duplicated content, identified via advanced data analytics. Check out their presentation to gain valuable perspectives on utilizing data-driven strategies to influence positive behavioral shifts and support sustainability initiatives within your organization. In this session, participants gained answers to the following questions: - What is a Green Information Management (IM) Strategy, and why should you have one? - How can Artificial Intelligence (AI) and Machine Learning (ML) support your Green IM Strategy through content deduplication? - How can an organization use insights into their data to influence employee behavior for IM? - How can you reap additional benefits from content reduction that go beyond Green IM?

Driving Behavioral Change for Information Management through Data-Driven Gree...

Enterprise Knowledge

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

Real Time Object Detection Using Open CV

Khem

BooK Now Call us at +918448380779 to hire a gorgeous and seductive call girl for sex. Take a Delhi Escort Service. The help of our escort agency is mostly meant for men who want sexual Indian Escorts In Delhi NCR. It should be noted that any impersonator will get 100 attention from our Young Girls Escorts in Delhi. They will assume the position of reliable allies. VIP Call Girl With Original Photos Book Tonight +918448380779 Our Cheap Price 1 Hour not available 2 Hours 5000 Full Night 8000 TAG: Call Girls in Delhi, Noida, Gurgaon, Ghaziabad, Connaught Place, Greater Kailash Delhi, Lajpat Nagar Delhi, Mayur Vihar Delhi, Chanakyapuri Delhi, New Friends Colony Delhi, Majnu Ka Tilla, Karol Bagh, Malviya Nagar, Saket, Khan Market, Noida Sector 18, Noida Sector 76, Noida Sector 51, Gurgaon Mg Road, Iffco Chowk Gurgaon, Rajiv Chowk Gurgaon All Delhi Ncr Free Home Deliver

08448380779 Call Girls In Greater Kailash - I Women Seeking Men

Delhi Call girls

CNv6 Instructor Chapter 6 Quality of Service

giselly40

08448380779 Call Girls In Civil Lines Women Seeking Men

Delhi Call girls

Scaling API-first – The story of a global engineering organization

Radu Cotescu

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Drew Madelung

Choosing the right accounts payable services provider is a strategic decision that can significantly impact your business's financial performance and operational efficiency. By considering factors such as expertise, range of services, technology infrastructure, scalability, cost, and reputation, businesses can make informed decisions and select a provider that aligns with their unique needs and objectives. Partnering with the right provider can streamline accounts payable processes, drive cost savings, and position your business for long-term success. https://katprotech.com/accounts-payable-and-purchase-order-automation/

Factors to Consider When Choosing Accounts Payable Services Providers.pptx

Katpro Technologies

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

wesley chun

What is a good lead in your organisation? Which leads are priority? What happens to leads? When sales and marketing give different answers to these questions, or perhaps aren't sure of the answers at all, frustrations build and opportunities are left on the table. Join us for an illuminating session with Cian McLoughlin, HubSpot Principal Customer Success Manager, as we look at that crucial piece of the customer journey in which leads are transferred from marketing to sales.

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

HampshireHUG

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

Delhi Call girls

Handwritten Text Recognition for manuscripts and early printed texts

Maria Levchenko

Created by Mozilla Research in 2012 and now part of Linux Foundation Europe, the Servo project is an experimental rendering engine written in Rust. It combines memory safety and concurrency to create an independent, modular, and embeddable rendering engine that adheres to web standards. Stewardship of Servo moved from Mozilla Research to the Linux Foundation in 2020, where its mission remains unchanged. After some slow years, in 2023 there has been renewed activity on the project, with a roadmap now focused on improving the engine’s CSS 2 conformance, exploring Android support, and making Servo a practical embeddable rendering engine. In this presentation, Rakhi Sharma reviews the status of the project, our recent developments in 2023, our collaboration with Tauri to make Servo an easy-to-use embeddable rendering engine, and our plans for the future to make Servo an alternative web rendering engine for the embedded devices industry. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://ossna2024.sched.com/event/1aBNF/a-year-of-servo-reboot-where-are-we-now-rakhi-sharma-igalia

A Year of the Servo Reboot: Where Are We Now?

Igalia

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

Recently uploaded (20)

Presentation on how to chat with PDF using ChatGPT code interpreter

Breaking the Kubernetes Kill Chain: Host Path Mount

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

Driving Behavioral Change for Information Management through Data-Driven Gree...

How to Troubleshoot Apps for the Modern Connected Worker

Real Time Object Detection Using Open CV

08448380779 Call Girls In Greater Kailash - I Women Seeking Men

CNv6 Instructor Chapter 6 Quality of Service

08448380779 Call Girls In Civil Lines Women Seeking Men

Scaling API-first – The story of a global engineering organization

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Factors to Consider When Choosing Accounts Payable Services Providers.pptx

Powerful Google developer tools for immediate impact! (2023-24 C)

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

Handwritten Text Recognition for manuscripts and early printed texts

A Year of the Servo Reboot: Where Are We Now?

Exploring the Future Potential of AI-Enabled Smartphone Processors

Red Office Documents Security Proposal

1. RedOffice Document Security Guan Zhi ★ Peking Univ.

2. About RedOffice RedOffice is the proprietary office suit based on OpenOffice.org provided by the company RedFlag2000 in China. The features of RedOffice include better chinese language and localization support chinese style documents support and etc.

3. OpenOffice Document Security The current OpenOffice security mechanisms include: Password based encryption, defined in “Open Document Format for Office Applications (OpenDocument) v1.0 Specification” section 16.3. Digital signature based on PKI, provided in OpenOffice.org 3.0, menu:file:digital signatures ...

4. Our Aim is ... To enhance RedOffice/OpenOffice documents security with cryptography.

5. What is Required Compared with PDF document, OpenOffice document lacks: Certificate based document encryption. GUI supported key/certificate generation and management. Graphical digital signature display. And even more ...

6. Password Generator In password based encryption, users always choose very weak passwords, which makes the encrypted documents easily broken. Password generator is a program/extension which helps the user to generate more secure and easily remembered passwords.

7. Certificate Based Encryption With certificate based encryption an Office author can encrypt a document with multiple recipient’s certificates. For a group of users to share documents, certificate based encryption is much more easier and secure than password based encryption.

8. Key/Certificate Management Current OpenOffice.org requires the user to import certificates and private keys for digital signature generation, while does not provide certificate management functionalities. Certificate Extension: Certificate and key pair generation utilities for RedOffice/OpenOffice.org.

9. Crypto Framework Extension A cryptographic framework extension for RedOffice/ OpenOffice.org. The cryptographic API is based on the PKCS #11: Cryptographic Token Interface Standard, supported on both Windows and Linux. Third party cryptographic algorithms, modules and hardware tokens such as smart card and USB key can be integrated into RedOffice/OpenOffice.org.

10. Advance Cryptography Identity based encryption, for simplicity of public key management. Attribute based encryption, for simplicity of document sharing and access control based on document encryption.

11. Paper Based Security When a document is printed on the paper, all the security attributes are disappeared. With printed 1-D or 2-D barcode, the security attributes can be reserved on the printed paper documents.

12. Key Management Service Basically, it is a PKI Certificate Authority with additional functionalities. Generation, distribution, management of keys and certificates. Supporting advanced cryptography and key policies.

13. Document Security Service An ordinary office user only know who is the document recipient, without the detailed knowledge of how to protect the document. Document security service is an online service to provide RedOffice/OpenOffice.org documents with automated public key encryption, digital signature and other security attributes. The service will choose what kind of security mechanisms and policies should be applied to the document, and executes the corresponding security operations.

14. END for more details, connect <guanzhi@infosec.pku.edu.cn>

Red Office Documents Security Proposal

Recommended

Recommended

More Related Content

Similar to Red Office Documents Security Proposal

Similar to Red Office Documents Security Proposal (20)

More from Zhi Guan

More from Zhi Guan (11)

Recently uploaded

Recently uploaded (20)

Red Office Documents Security Proposal