SlideShare a Scribd company logo

OpenOffice.org/StarOffice & DRM, OMC Workshop 2006

Malte Timmermann
Malte Timmermann
Technology
1 of 20
Download to read offline
Sun OMC Workshop 2006-03-15, Santa Clara OpenOffice.org & StarOffice DRM Malte Timmermann Technical Architect Sun Microsystems GmbH ©Sun Microsystems, Inc. - All Rights Reserved
About the Speaker • Technical Architect in StarOffice/OpenOffice.org Development • Working on StarOffice since 1991 • Main focus: Core Development > Accessibility > Security (Digital Signatures. DRM soon) > Performance > Past: EditEngine, VCL, Help System, BasicIDE, ... ©Sun Microsystems, Inc. - All Rights Reserved
About this presentation • Some general information about document protection > Based on my best current knowledge, no DReaM specific things included > Hope to learn here what Office Suite customers really need ;) • Evaluation of potentialities, no concrete plans for StarOffice or OpenOffice.org right now! ©Sun Microsystems, Inc. - All Rights Reserved
Agenda • What is StarOffice / OpenOffice.org? • Why Document Protection? • Permissions and Restrictions • StarOffice / OpenOffice.org Solutions? • Conclusion • Q&A ©Sun Microsystems, Inc. - All Rights Reserved
What is StarOffice / OpenOffice.org? • Integrated productivity suite with word processor, spreadsheet, presentation, drawing, database, ... • Open Source > StarOffice code base is available as OpenOffice.org under the LGPL license • Multi Platform > Sun supports StarOffice on Windows, Linux, Solaris > OpenOffice.org available for more platforms • Support for different languages > CJK and CTL > Right to Left and Vertical Writing ©Sun Microsystems, Inc. - All Rights Reserved
What is StarOffice / OpenOffice.org? • Interoperable with MS Office documents > Can read and write MS Office files > Comparable feature set • Native format is OASIS OpenDocument Format > Open XML standard for documents > ISO standardization is in progress • Create (accessible) PDF files > Tagged PDF, TOC, Hyperlinks, Controls • Digital Signatures > W3C DSIG, open standard ©Sun Microsystems, Inc. - All Rights Reserved
Why Document Protection? • Content producers want to sell content and want to make sure that it's only used by customers who paid for it > Ebooks (as well as Music, Movies, ...) > Avoid free distribution / piracy • Companies want to protect their documents so that they can only be read by authorized people > Confidential information > Avoid unauthorized usage ©Sun Microsystems, Inc. - All Rights Reserved
Different Scenarios • Content sellers often don't know much about their customers > User authentication is quite difficult > No trust in user (customer) > They trust more in certain applications > They lock the content to these applications > Even to certain devices! > Customers don't like this strong restrictions for paid content! > What happens if I buy new devices? > What happens if the content provider / licensee goes away? – DRM == Digital *Restrictions* Managements ;) ©Sun Microsystems, Inc. - All Rights Reserved
Different Scenarios • Companies know their employees > User authentication is quite easy > Companies (should) trust their employees > User authentication is enough, no locking into certain software necessary > Use any device or software! ©Sun Microsystems, Inc. - All Rights Reserved
Document Protection Basics • Encryption > Content is encrypted > Key distribution necessary > Encrypted within the data file > Encrypted within separate license file > Licensing Server (Authentication and key exchange) • Security can be enhanced with using a “Trusted Platform” > This need TPM and the full stack of hard/software, signed applications > Hard to achieve, but without that people with permission to open the file have a good chance to remove protections ©Sun Microsystems, Inc. - All Rights Reserved
Document Protection Key Distribution • Public Key Infrastructure (PKI) > Deploy document decryption key within the media file or an external license file > Decryption key itself is encrypted with the users public key, only this user can decrypt it with his private key > Can be provided for multiple users > Advantage: > No complex server infrastructure needed, use existing PKI > Disadvantages > Needs modification of media file on each distribution, or distribution of separate license files > No rights revocation possible after file is deployed > No document time-out possible ©Sun Microsystems, Inc. - All Rights Reserved
Document Protection Key Distribution • Rights Management or Licensing Server > Keys and rights are managed on server > User is authenticated by some server, software receives decryption key from server > Advantage: > Dynamic rights managements, access rights can be changed any time after document deployment > Can also be done role based, roles can changed any time > Time-out for documents possible > Document always remains the same > Disadvantages > Complex server infrastructure with secure key exchange needed ©Sun Microsystems, Inc. - All Rights Reserved
Permissions and Restrictions • Licensing Server and PKI can only guarantee the basic permission, if the user is allowed (able) to open the document > Time period can be used on key request with licensing server • Restrictions like “can't print, save as, ...” are only application logic, cannot be enforced by any server! > Application can be modified to not apply restrictions > Restrictions may lock out Assistive Technology! • Trusted Platform is needed for full security > But what is with the “Analog Gap”? User can still copy... ©Sun Microsystems, Inc. - All Rights Reserved
StarOffice/OpenOffice.org Solutions ? • Preconditions: > We have an Open Source Client, which can be modified by anyone > We don't want to lock the user into certain environments > (Currently) no trusted platform and signed applications, so only basic permissions possible > We might offer the “Restrictions” as a convenience feature, but it must be clear that the software can quite easily be modified to ignore the restriction > But even this might fit the needs of companies for 'inhouse usage', policies can do the rest ©Sun Microsystems, Inc. - All Rights Reserved
StarOffice/OpenOffice.org Solutions ? • Key Distribution > PKI based solution? > This might be a convenient solution for personal usage, to protect private documents or to pass encrypted documents to certain people without the need of key distribution > Server based solution? > This is what companies need for their internal documents > No special protection against software modifications should be needed for internal documents > Do we really need DRM then? – It might help for managing document life cycle and for protecting stolen or leaked documents > Wouldn't a Document Management System be the better solution here? ©Sun Microsystems, Inc. - All Rights Reserved
StarOffice/OpenOffice.org Solutions ? • Platforms for server based solution > Open Rights Management solution? > Not existent right now, but this is the preferred way to go > Adobe Lifecycle Server? > Server support for multiple platforms, including Solaris > Microsoft Rights Management Server? > Only Windows > But might be needed for migration projects or heterogeneous environments ©Sun Microsystems, Inc. - All Rights Reserved
StarOffice/OpenOffice.org Solutions ? • Should OpenOffice.org & StarOffice be able to load DRM protected MS Office documents? > Only possible if user authentication is enough > Be aware – that makes it much easier for people to remove MS document restrictions! ©Sun Microsystems, Inc. - All Rights Reserved
Conclusion • For private use, the PKI solution just for document encryption could be nice > But that is not DRM • StarOffice might support different DRM systems > But it doesn't help much to protect only StarOffice files, DRM for all used file formats would be needed in a company > We must make sure to not lock out Assistive Technology! > People can still use the “Analog Gap” for copying the content • What about using Document Management Systems instead? > StarOffice and OpenOffice.org should have good support for and integration with Document Management Systems ©Sun Microsystems, Inc. - All Rights Reserved
Q/A ©Sun Microsystems, Inc. - All Rights Reserved
OpenOffice.org & StarOffice DRM Malte Timmermann Malte.Timmermann@sun.com ©Sun Microsystems, Inc. - All Rights Reserved

Recommended

Alexander Antukh. (In)security of Appliances
Alexander Antukh. (In)security of AppliancesAlexander Antukh. (In)security of Appliances
Alexander Antukh. (In)security of Appliances
Positive Hack Days
 
Microsoft Palladium
Microsoft PalladiumMicrosoft Palladium
Microsoft Palladium
Suryakanta Rout
 
ngscb
ngscbngscb
ngscb
Manish Sinha
 
palladium
palladiumpalladium
palladium
Gulnaz shaik
 
ITrust Security Operating Center (SOC) - Datasheet EN
ITrust Security Operating Center (SOC) - Datasheet ENITrust Security Operating Center (SOC) - Datasheet EN
ITrust Security Operating Center (SOC) - Datasheet EN
ITrust - Cybersecurity as a Service
 
Red Hat Openstack Certification Program
Red Hat Openstack Certification ProgramRed Hat Openstack Certification Program
Red Hat Openstack Certification Program
Alessandro Silva
 
Check Point designing a security
Check Point designing a securityCheck Point designing a security
Check Point designing a security
Group of company MUK
 
Microsoft Palladium.
Microsoft Palladium.Microsoft Palladium.
Microsoft Palladium.
Anurag Sharma
 

Recommended

Alexander Antukh. (In)security of Appliances
Alexander Antukh. (In)security of AppliancesAlexander Antukh. (In)security of Appliances
Alexander Antukh. (In)security of Appliances
Positive Hack Days
 
Microsoft Palladium
Microsoft PalladiumMicrosoft Palladium
Microsoft Palladium
Suryakanta Rout
 
ngscb
ngscbngscb
ngscb
Manish Sinha
 
palladium
palladiumpalladium
palladium
Gulnaz shaik
 
ITrust Security Operating Center (SOC) - Datasheet EN
ITrust Security Operating Center (SOC) - Datasheet ENITrust Security Operating Center (SOC) - Datasheet EN
ITrust Security Operating Center (SOC) - Datasheet EN
ITrust - Cybersecurity as a Service
 
Red Hat Openstack Certification Program
Red Hat Openstack Certification ProgramRed Hat Openstack Certification Program
Red Hat Openstack Certification Program
Alessandro Silva
 
Check Point designing a security
Check Point designing a securityCheck Point designing a security
Check Point designing a security
Group of company MUK
 
Microsoft Palladium.
Microsoft Palladium.Microsoft Palladium.
Microsoft Palladium.
Anurag Sharma
 
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
GetInData
 
Fuji Overview
Fuji OverviewFuji Overview
Fuji Overview
Eduardo Pelegri-Llopart
 
Predicting Startup Market Trends based on the news and social media - Albert ...
Predicting Startup Market Trends based on the news and social media - Albert ...Predicting Startup Market Trends based on the news and social media - Albert ...
Predicting Startup Market Trends based on the news and social media - Albert ...
GetInData
 
Troubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkersTroubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote Workers
eG Innovations
 
Digital Rights Management One For Sharepoint
Digital Rights Management One For SharepointDigital Rights Management One For Sharepoint
Digital Rights Management One For Sharepoint
pabatan
 
Not my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructureNot my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructure
Yshay Yaacobi
 
AppGate Getting Started Resources for Telarus Partners
AppGate Getting Started Resources for Telarus PartnersAppGate Getting Started Resources for Telarus Partners
AppGate Getting Started Resources for Telarus Partners
SaraPia5
 
[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answers[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answers
OWASP
 
MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019
Ieva Navickaite
 
Webinar: How to Design Primary Storage for GDPR
Webinar: How to Design Primary Storage for GDPRWebinar: How to Design Primary Storage for GDPR
Webinar: How to Design Primary Storage for GDPR
Storage Switzerland
 
Advanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applicationsAdvanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applications
Rogue Wave Software
 
2012 02-04 fosdem 2012 - guvnor and j bpm designer
2012 02-04 fosdem 2012 - guvnor and j bpm designer 2012 02-04 fosdem 2012 - guvnor and j bpm designer
2012 02-04 fosdem 2012 - guvnor and j bpm designer
marcolof
 
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
eG Innovations
 
Secure Developer Access at Decisiv
Secure Developer Access at DecisivSecure Developer Access at Decisiv
Secure Developer Access at Decisiv
Teleport
 
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdfUC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
Wlamir Molinari
 
ArchivePod a legacy data solution when migrating to the #CLOUD
ArchivePod a legacy data solution when migrating to the #CLOUDArchivePod a legacy data solution when migrating to the #CLOUD
ArchivePod a legacy data solution when migrating to the #CLOUD
Garet Keller
 
Getting Started with IBM i Security: Securing PC Access
Getting Started with IBM i Security: Securing PC AccessGetting Started with IBM i Security: Securing PC Access
Getting Started with IBM i Security: Securing PC Access
HelpSystems
 
Citrix troubleshooting 101
Citrix troubleshooting 101Citrix troubleshooting 101
Citrix troubleshooting 101
eG Innovations
 
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Codemotion
 
12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and Performance12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and Performance
Elogic Magento Development
 
2014 12-08 - odf plugfest - operations based odf editing with ox documents
2014 12-08 - odf plugfest - operations based odf editing with ox documents2014 12-08 - odf plugfest - operations based odf editing with ox documents
2014 12-08 - odf plugfest - operations based odf editing with ox documents
Malte Timmermann
 
OX Documents Explained
OX Documents ExplainedOX Documents Explained
OX Documents Explained
Malte Timmermann
 

More Related Content

Similar to OpenOffice.org/StarOffice & DRM, OMC Workshop 2006

NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
GetInData
 
Predicting Startup Market Trends based on the news and social media - Albert ...
Predicting Startup Market Trends based on the news and social media - Albert ...Predicting Startup Market Trends based on the news and social media - Albert ...
Predicting Startup Market Trends based on the news and social media - Albert ...
GetInData
 
Troubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkersTroubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote Workers
eG Innovations
 
[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answers[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answers
OWASP
 
Advanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applicationsAdvanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applications
Rogue Wave Software
 
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
eG Innovations
 

Similar to OpenOffice.org/StarOffice & DRM, OMC Workshop 2006 (20)

NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
 
Fuji Overview
Fuji OverviewFuji Overview
Fuji Overview
 
Predicting Startup Market Trends based on the news and social media - Albert ...
Predicting Startup Market Trends based on the news and social media - Albert ...Predicting Startup Market Trends based on the news and social media - Albert ...
Predicting Startup Market Trends based on the news and social media - Albert ...
 
Troubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkersTroubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote Workers
 
Digital Rights Management One For Sharepoint
Digital Rights Management One For SharepointDigital Rights Management One For Sharepoint
Digital Rights Management One For Sharepoint
 
Not my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructureNot my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructure
 
AppGate Getting Started Resources for Telarus Partners
AppGate Getting Started Resources for Telarus PartnersAppGate Getting Started Resources for Telarus Partners
AppGate Getting Started Resources for Telarus Partners
 
[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answers[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answers
 
MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019
 
Webinar: How to Design Primary Storage for GDPR
Webinar: How to Design Primary Storage for GDPRWebinar: How to Design Primary Storage for GDPR
Webinar: How to Design Primary Storage for GDPR
 
Advanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applicationsAdvanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applications
 
2012 02-04 fosdem 2012 - guvnor and j bpm designer
2012 02-04 fosdem 2012 - guvnor and j bpm designer 2012 02-04 fosdem 2012 - guvnor and j bpm designer
2012 02-04 fosdem 2012 - guvnor and j bpm designer
 
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
 
Secure Developer Access at Decisiv
Secure Developer Access at DecisivSecure Developer Access at Decisiv
Secure Developer Access at Decisiv
 
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdfUC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
 
ArchivePod a legacy data solution when migrating to the #CLOUD
ArchivePod a legacy data solution when migrating to the #CLOUDArchivePod a legacy data solution when migrating to the #CLOUD
ArchivePod a legacy data solution when migrating to the #CLOUD
 
Getting Started with IBM i Security: Securing PC Access
Getting Started with IBM i Security: Securing PC AccessGetting Started with IBM i Security: Securing PC Access
Getting Started with IBM i Security: Securing PC Access
 
Citrix troubleshooting 101
Citrix troubleshooting 101Citrix troubleshooting 101
Citrix troubleshooting 101
 
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
 
12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and Performance12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and Performance
 

More from Malte Timmermann

OpenOffice.org and ODF Accessibility Today (OOoCon 2008 Bejing)
OpenOffice.org and ODF Accessibility Today (OOoCon 2008 Bejing)OpenOffice.org and ODF Accessibility Today (OOoCon 2008 Bejing)
OpenOffice.org and ODF Accessibility Today (OOoCon 2008 Bejing)
Malte Timmermann
 
OpenOffice.org and ODF Accessibility, ABI Workshop 2006
OpenOffice.org and ODF Accessibility, ABI Workshop 2006OpenOffice.org and ODF Accessibility, ABI Workshop 2006
OpenOffice.org and ODF Accessibility, ABI Workshop 2006
Malte Timmermann
 
OpenOffice.org Digital Signatures, OOoCon 2004
OpenOffice.org Digital Signatures, OOoCon 2004OpenOffice.org Digital Signatures, OOoCon 2004
OpenOffice.org Digital Signatures, OOoCon 2004
Malte Timmermann
 
OpenOffice.org and ODF Accessibility, OOoCon 2006
OpenOffice.org and ODF Accessibility, OOoCon 2006OpenOffice.org and ODF Accessibility, OOoCon 2006
OpenOffice.org and ODF Accessibility, OOoCon 2006
Malte Timmermann
 
Linux Accessibility Workshop, Sun Accessibility
Linux Accessibility Workshop, Sun AccessibilityLinux Accessibility Workshop, Sun Accessibility
Linux Accessibility Workshop, Sun Accessibility
Malte Timmermann
 
Sun ODF Plugin for MS Office
Sun ODF Plugin for MS OfficeSun ODF Plugin for MS Office
Sun ODF Plugin for MS Office
Malte Timmermann
 

More from Malte Timmermann (8)

2014 12-08 - odf plugfest - operations based odf editing with ox documents
2014 12-08 - odf plugfest - operations based odf editing with ox documents2014 12-08 - odf plugfest - operations based odf editing with ox documents
2014 12-08 - odf plugfest - operations based odf editing with ox documents
 
OX Documents Explained
OX Documents ExplainedOX Documents Explained
OX Documents Explained
 
OpenOffice.org and ODF Accessibility Today (OOoCon 2008 Bejing)
OpenOffice.org and ODF Accessibility Today (OOoCon 2008 Bejing)OpenOffice.org and ODF Accessibility Today (OOoCon 2008 Bejing)
OpenOffice.org and ODF Accessibility Today (OOoCon 2008 Bejing)
 
OpenOffice.org and ODF Accessibility, ABI Workshop 2006
OpenOffice.org and ODF Accessibility, ABI Workshop 2006OpenOffice.org and ODF Accessibility, ABI Workshop 2006
OpenOffice.org and ODF Accessibility, ABI Workshop 2006
 
OpenOffice.org Digital Signatures, OOoCon 2004
OpenOffice.org Digital Signatures, OOoCon 2004OpenOffice.org Digital Signatures, OOoCon 2004
OpenOffice.org Digital Signatures, OOoCon 2004
 
OpenOffice.org and ODF Accessibility, OOoCon 2006
OpenOffice.org and ODF Accessibility, OOoCon 2006OpenOffice.org and ODF Accessibility, OOoCon 2006
OpenOffice.org and ODF Accessibility, OOoCon 2006
 
Linux Accessibility Workshop, Sun Accessibility
Linux Accessibility Workshop, Sun AccessibilityLinux Accessibility Workshop, Sun Accessibility
Linux Accessibility Workshop, Sun Accessibility
 
Sun ODF Plugin for MS Office
Sun ODF Plugin for MS OfficeSun ODF Plugin for MS Office
Sun ODF Plugin for MS Office
 

Recently uploaded

Microsoft BitLocker Bypass Attack Method.pdf
Microsoft BitLocker Bypass Attack Method.pdfMicrosoft BitLocker Bypass Attack Method.pdf
Microsoft BitLocker Bypass Attack Method.pdf
Overkill Security
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
FIDO Alliance
 
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Paige Cruz
 
The Ultimate Prompt Engineering Guide for Generative AI: Get the Most Out of ...
The Ultimate Prompt Engineering Guide for Generative AI: Get the Most Out of ...The Ultimate Prompt Engineering Guide for Generative AI: Get the Most Out of ...
The Ultimate Prompt Engineering Guide for Generative AI: Get the Most Out of ...
SOFTTECHHUB
 
UiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewUiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overview
DianaGray10
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
FIDO Alliance
 

Recently uploaded (20)

JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
ADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptx
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage Intacct
 
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
 
Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform Engineering
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptx
 
Microsoft BitLocker Bypass Attack Method.pdf
Microsoft BitLocker Bypass Attack Method.pdfMicrosoft BitLocker Bypass Attack Method.pdf
Microsoft BitLocker Bypass Attack Method.pdf
 
Event-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream ProcessingEvent-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream Processing
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cf
 
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
 
الأمن السيبراني - ما لا يسع للمستخدم جهله
الأمن السيبراني - ما لا يسع للمستخدم جهلهالأمن السيبراني - ما لا يسع للمستخدم جهله
الأمن السيبراني - ما لا يسع للمستخدم جهله
 
The Ultimate Prompt Engineering Guide for Generative AI: Get the Most Out of ...
The Ultimate Prompt Engineering Guide for Generative AI: Get the Most Out of ...The Ultimate Prompt Engineering Guide for Generative AI: Get the Most Out of ...
The Ultimate Prompt Engineering Guide for Generative AI: Get the Most Out of ...
 
AI mind or machine power point presentation
AI mind or machine power point presentationAI mind or machine power point presentation
AI mind or machine power point presentation
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
 
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
 
UiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewUiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overview
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Generative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdfGenerative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdf
 

OpenOffice.org/StarOffice & DRM, OMC Workshop 2006

  • 1. Sun OMC Workshop 2006-03-15, Santa Clara OpenOffice.org & StarOffice DRM Malte Timmermann Technical Architect Sun Microsystems GmbH ©Sun Microsystems, Inc. - All Rights Reserved
  • 2. About the Speaker • Technical Architect in StarOffice/OpenOffice.org Development • Working on StarOffice since 1991 • Main focus: Core Development > Accessibility > Security (Digital Signatures. DRM soon) > Performance > Past: EditEngine, VCL, Help System, BasicIDE, ... ©Sun Microsystems, Inc. - All Rights Reserved
  • 3. About this presentation • Some general information about document protection > Based on my best current knowledge, no DReaM specific things included > Hope to learn here what Office Suite customers really need ;) • Evaluation of potentialities, no concrete plans for StarOffice or OpenOffice.org right now! ©Sun Microsystems, Inc. - All Rights Reserved
  • 4. Agenda • What is StarOffice / OpenOffice.org? • Why Document Protection? • Permissions and Restrictions • StarOffice / OpenOffice.org Solutions? • Conclusion • Q&A ©Sun Microsystems, Inc. - All Rights Reserved
  • 5. What is StarOffice / OpenOffice.org? • Integrated productivity suite with word processor, spreadsheet, presentation, drawing, database, ... • Open Source > StarOffice code base is available as OpenOffice.org under the LGPL license • Multi Platform > Sun supports StarOffice on Windows, Linux, Solaris > OpenOffice.org available for more platforms • Support for different languages > CJK and CTL > Right to Left and Vertical Writing ©Sun Microsystems, Inc. - All Rights Reserved
  • 6. What is StarOffice / OpenOffice.org? • Interoperable with MS Office documents > Can read and write MS Office files > Comparable feature set • Native format is OASIS OpenDocument Format > Open XML standard for documents > ISO standardization is in progress • Create (accessible) PDF files > Tagged PDF, TOC, Hyperlinks, Controls • Digital Signatures > W3C DSIG, open standard ©Sun Microsystems, Inc. - All Rights Reserved
  • 7. Why Document Protection? • Content producers want to sell content and want to make sure that it's only used by customers who paid for it > Ebooks (as well as Music, Movies, ...) > Avoid free distribution / piracy • Companies want to protect their documents so that they can only be read by authorized people > Confidential information > Avoid unauthorized usage ©Sun Microsystems, Inc. - All Rights Reserved
  • 8. Different Scenarios • Content sellers often don't know much about their customers > User authentication is quite difficult > No trust in user (customer) > They trust more in certain applications > They lock the content to these applications > Even to certain devices! > Customers don't like this strong restrictions for paid content! > What happens if I buy new devices? > What happens if the content provider / licensee goes away? – DRM == Digital *Restrictions* Managements ;) ©Sun Microsystems, Inc. - All Rights Reserved
  • 9. Different Scenarios • Companies know their employees > User authentication is quite easy > Companies (should) trust their employees > User authentication is enough, no locking into certain software necessary > Use any device or software! ©Sun Microsystems, Inc. - All Rights Reserved
  • 10. Document Protection Basics • Encryption > Content is encrypted > Key distribution necessary > Encrypted within the data file > Encrypted within separate license file > Licensing Server (Authentication and key exchange) • Security can be enhanced with using a “Trusted Platform” > This need TPM and the full stack of hard/software, signed applications > Hard to achieve, but without that people with permission to open the file have a good chance to remove protections ©Sun Microsystems, Inc. - All Rights Reserved
  • 11. Document Protection Key Distribution • Public Key Infrastructure (PKI) > Deploy document decryption key within the media file or an external license file > Decryption key itself is encrypted with the users public key, only this user can decrypt it with his private key > Can be provided for multiple users > Advantage: > No complex server infrastructure needed, use existing PKI > Disadvantages > Needs modification of media file on each distribution, or distribution of separate license files > No rights revocation possible after file is deployed > No document time-out possible ©Sun Microsystems, Inc. - All Rights Reserved
  • 12. Document Protection Key Distribution • Rights Management or Licensing Server > Keys and rights are managed on server > User is authenticated by some server, software receives decryption key from server > Advantage: > Dynamic rights managements, access rights can be changed any time after document deployment > Can also be done role based, roles can changed any time > Time-out for documents possible > Document always remains the same > Disadvantages > Complex server infrastructure with secure key exchange needed ©Sun Microsystems, Inc. - All Rights Reserved
  • 13. Permissions and Restrictions • Licensing Server and PKI can only guarantee the basic permission, if the user is allowed (able) to open the document > Time period can be used on key request with licensing server • Restrictions like “can't print, save as, ...” are only application logic, cannot be enforced by any server! > Application can be modified to not apply restrictions > Restrictions may lock out Assistive Technology! • Trusted Platform is needed for full security > But what is with the “Analog Gap”? User can still copy... ©Sun Microsystems, Inc. - All Rights Reserved
  • 14. StarOffice/OpenOffice.org Solutions ? • Preconditions: > We have an Open Source Client, which can be modified by anyone > We don't want to lock the user into certain environments > (Currently) no trusted platform and signed applications, so only basic permissions possible > We might offer the “Restrictions” as a convenience feature, but it must be clear that the software can quite easily be modified to ignore the restriction > But even this might fit the needs of companies for 'inhouse usage', policies can do the rest ©Sun Microsystems, Inc. - All Rights Reserved
  • 15. StarOffice/OpenOffice.org Solutions ? • Key Distribution > PKI based solution? > This might be a convenient solution for personal usage, to protect private documents or to pass encrypted documents to certain people without the need of key distribution > Server based solution? > This is what companies need for their internal documents > No special protection against software modifications should be needed for internal documents > Do we really need DRM then? – It might help for managing document life cycle and for protecting stolen or leaked documents > Wouldn't a Document Management System be the better solution here? ©Sun Microsystems, Inc. - All Rights Reserved
  • 16. StarOffice/OpenOffice.org Solutions ? • Platforms for server based solution > Open Rights Management solution? > Not existent right now, but this is the preferred way to go > Adobe Lifecycle Server? > Server support for multiple platforms, including Solaris > Microsoft Rights Management Server? > Only Windows > But might be needed for migration projects or heterogeneous environments ©Sun Microsystems, Inc. - All Rights Reserved
  • 17. StarOffice/OpenOffice.org Solutions ? • Should OpenOffice.org & StarOffice be able to load DRM protected MS Office documents? > Only possible if user authentication is enough > Be aware – that makes it much easier for people to remove MS document restrictions! ©Sun Microsystems, Inc. - All Rights Reserved
  • 18. Conclusion • For private use, the PKI solution just for document encryption could be nice > But that is not DRM • StarOffice might support different DRM systems > But it doesn't help much to protect only StarOffice files, DRM for all used file formats would be needed in a company > We must make sure to not lock out Assistive Technology! > People can still use the “Analog Gap” for copying the content • What about using Document Management Systems instead? > StarOffice and OpenOffice.org should have good support for and integration with Document Management Systems ©Sun Microsystems, Inc. - All Rights Reserved
  • 19. Q/A ©Sun Microsystems, Inc. - All Rights Reserved
  • 20. OpenOffice.org & StarOffice DRM Malte Timmermann Malte.Timmermann@sun.com ©Sun Microsystems, Inc. - All Rights Reserved