SlideShare a Scribd company logo

Red Office Documents Security Proposal

Z
Zhi Guan
Technology
1 of 14
Download to read offline
RedOffice Document Security Guan Zhi ★ Peking Univ.
About RedOffice RedOffice is the proprietary office suit based on OpenOffice.org provided by the company RedFlag2000 in China. The features of RedOffice include better chinese language and localization support chinese style documents support and etc.
OpenOffice Document Security The current OpenOffice security mechanisms include: Password based encryption, defined in “Open Document Format for Office Applications (OpenDocument) v1.0 Specification” section 16.3. Digital signature based on PKI, provided in OpenOffice.org 3.0, menu:file:digital signatures ...
Our Aim is ... To enhance RedOffice/OpenOffice documents security with cryptography.
What is Required Compared with PDF document, OpenOffice document lacks: Certificate based document encryption. GUI supported key/certificate generation and management. Graphical digital signature display. And even more ...
Password Generator In password based encryption, users always choose very weak passwords, which makes the encrypted documents easily broken. Password generator is a program/extension which helps the user to generate more secure and easily remembered passwords.
Certificate Based Encryption With certificate based encryption an Office author can encrypt a document with multiple recipient’s certificates. For a group of users to share documents, certificate based encryption is much more easier and secure than password based encryption.
Key/Certificate Management Current OpenOffice.org requires the user to import certificates and private keys for digital signature generation, while does not provide certificate management functionalities. Certificate Extension: Certificate and key pair generation utilities for RedOffice/OpenOffice.org.
Crypto Framework Extension A cryptographic framework extension for RedOffice/ OpenOffice.org. The cryptographic API is based on the PKCS #11: Cryptographic Token Interface Standard, supported on both Windows and Linux. Third party cryptographic algorithms, modules and hardware tokens such as smart card and USB key can be integrated into RedOffice/OpenOffice.org.
Advance Cryptography Identity based encryption, for simplicity of public key management. Attribute based encryption, for simplicity of document sharing and access control based on document encryption.
Paper Based Security When a document is printed on the paper, all the security attributes are disappeared. With printed 1-D or 2-D barcode, the security attributes can be reserved on the printed paper documents.
Key Management Service Basically, it is a PKI Certificate Authority with additional functionalities. Generation, distribution, management of keys and certificates. Supporting advanced cryptography and key policies.
Document Security Service An ordinary office user only know who is the document recipient, without the detailed knowledge of how to protect the document. Document security service is an online service to provide RedOffice/OpenOffice.org documents with automated public key encryption, digital signature and other security attributes. The service will choose what kind of security mechanisms and policies should be applied to the document, and executes the corresponding security operations.
END for more details, connect <guanzhi@infosec.pku.edu.cn>

Recommended

Balancing Customer Privacy with Transparency
Balancing Customer Privacy with TransparencyBalancing Customer Privacy with Transparency
Balancing Customer Privacy with Transparencypzb
 
Chapter 5
Chapter 5Chapter 5
Chapter 5shivz3
 
MODRNA WG Update - April 2021
MODRNA WG Update - April 2021MODRNA WG Update - April 2021
MODRNA WG Update - April 2021Bjorn Hjelm
 
4SO customer presentation
4SO customer presentation4SO customer presentation
4SO customer presentationDedi Ben-Natan
 
Format of proposal
Format of proposalFormat of proposal
Format of proposalprajotmorajkar
 
Format for writing dissertation proposal
Format for writing dissertation proposalFormat for writing dissertation proposal
Format for writing dissertation proposalEssayAcademy
 
Proposal format
Proposal formatProposal format
Proposal formatAnand Nca
 
Technical and Financial Proposal-Consultancy Services for the Preparation of ...
Technical and Financial Proposal-Consultancy Services for the Preparation of ...Technical and Financial Proposal-Consultancy Services for the Preparation of ...
Technical and Financial Proposal-Consultancy Services for the Preparation of ...Shahadat Hossain Shakil
 

Recommended

Balancing Customer Privacy with Transparency
Balancing Customer Privacy with TransparencyBalancing Customer Privacy with Transparency
Balancing Customer Privacy with Transparencypzb
 
Chapter 5
Chapter 5Chapter 5
Chapter 5shivz3
 
MODRNA WG Update - April 2021
MODRNA WG Update - April 2021MODRNA WG Update - April 2021
MODRNA WG Update - April 2021Bjorn Hjelm
 
4SO customer presentation
4SO customer presentation4SO customer presentation
4SO customer presentationDedi Ben-Natan
 
Format of proposal
Format of proposalFormat of proposal
Format of proposalprajotmorajkar
 
Format for writing dissertation proposal
Format for writing dissertation proposalFormat for writing dissertation proposal
Format for writing dissertation proposalEssayAcademy
 
Proposal format
Proposal formatProposal format
Proposal formatAnand Nca
 
Technical and Financial Proposal-Consultancy Services for the Preparation of ...
Technical and Financial Proposal-Consultancy Services for the Preparation of ...Technical and Financial Proposal-Consultancy Services for the Preparation of ...
Technical and Financial Proposal-Consultancy Services for the Preparation of ...Shahadat Hossain Shakil
 
Lobodms Integration
Lobodms IntegrationLobodms Integration
Lobodms IntegrationConnecting Software
 
Digital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFDigital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFiText Group nv
 
Liferay Integration
Liferay IntegrationLiferay Integration
Liferay IntegrationConnecting Software
 
Adobe PDF and LiveCycle ES Security
Adobe PDF and LiveCycle ES SecurityAdobe PDF and LiveCycle ES Security
Adobe PDF and LiveCycle ES Securityguest2a5a03
 
Alfresco Integration
Alfresco IntegrationAlfresco Integration
Alfresco IntegrationConnecting Software
 
Presentation
PresentationPresentation
PresentationAndrew Militsenko
 
Thawte Code Signing Certificate Feature and Benefits
Thawte Code Signing Certificate Feature and BenefitsThawte Code Signing Certificate Feature and Benefits
Thawte Code Signing Certificate Feature and BenefitsCodeSigningStore
 
LincDoc Enterprise Edition brochure
LincDoc Enterprise Edition brochureLincDoc Enterprise Edition brochure
LincDoc Enterprise Edition brochureDan O'Leary
 
LibreOffice/OpenOffice.org - non coding extensions
LibreOffice/OpenOffice.org - non coding extensionsLibreOffice/OpenOffice.org - non coding extensions
LibreOffice/OpenOffice.org - non coding extensionsKálmán "KAMI" Szalai
 
Digital Signatures solution by ComsignTrust
Digital Signatures solution by ComsignTrustDigital Signatures solution by ComsignTrust
Digital Signatures solution by ComsignTrustZeev Shetach
 
ODFKit
ODFKitODFKit
ODFKitAlexandro Colorado
 
2016 Readium LCP workshop at EPUB Summit
2016 Readium LCP workshop at EPUB Summit2016 Readium LCP workshop at EPUB Summit
2016 Readium LCP workshop at EPUB SummitLaurent Le Meur
 
Clou doc brochure_eng_20150406(전자메일첨부용)
Clou doc brochure_eng_20150406(전자메일첨부용)Clou doc brochure_eng_20150406(전자메일첨부용)
Clou doc brochure_eng_20150406(전자메일첨부용)sang yoo
 
Why ClouDoc to protect CAD files?
Why ClouDoc to protect CAD files? Why ClouDoc to protect CAD files?
Why ClouDoc to protect CAD files? Sang Yoo
 
Digital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFDigital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFiText Group nv
 
Securing broker less publish subscribe systems using identity-based encryption
Securing broker less publish subscribe systems using identity-based encryptionSecuring broker less publish subscribe systems using identity-based encryption
Securing broker less publish subscribe systems using identity-based encryptionLeMeniz Infotech
 
Narrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardNarrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardConference Papers
 
Public key authentication is the most secure colution and utilizes a.pdf
Public key authentication is the most secure colution and utilizes a.pdfPublic key authentication is the most secure colution and utilizes a.pdf
Public key authentication is the most secure colution and utilizes a.pdfmohammadirfan136964
 
presentation_finals
presentation_finalspresentation_finals
presentation_finalsShivashish Kumar
 
Badusha_Profile
Badusha_ProfileBadusha_Profile
Badusha_ProfileMohammed Badusha
 
USB Token Design and Implementation
USB Token Design and ImplementationUSB Token Design and Implementation
USB Token Design and ImplementationZhi Guan
 
CPK Theory And Parctice
CPK Theory And ParcticeCPK Theory And Parctice
CPK Theory And ParcticeZhi Guan
 

More Related Content

Similar to Red Office Documents Security Proposal

Digital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFDigital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFiText Group nv
 
Adobe PDF and LiveCycle ES Security
Adobe PDF and LiveCycle ES SecurityAdobe PDF and LiveCycle ES Security
Adobe PDF and LiveCycle ES Securityguest2a5a03
 
Thawte Code Signing Certificate Feature and Benefits
Thawte Code Signing Certificate Feature and BenefitsThawte Code Signing Certificate Feature and Benefits
Thawte Code Signing Certificate Feature and BenefitsCodeSigningStore
 
LincDoc Enterprise Edition brochure
LincDoc Enterprise Edition brochureLincDoc Enterprise Edition brochure
LincDoc Enterprise Edition brochureDan O'Leary
 
LibreOffice/OpenOffice.org - non coding extensions
LibreOffice/OpenOffice.org - non coding extensionsLibreOffice/OpenOffice.org - non coding extensions
LibreOffice/OpenOffice.org - non coding extensionsKálmán "KAMI" Szalai
 
Digital Signatures solution by ComsignTrust
Digital Signatures solution by ComsignTrustDigital Signatures solution by ComsignTrust
Digital Signatures solution by ComsignTrustZeev Shetach
 
2016 Readium LCP workshop at EPUB Summit
2016 Readium LCP workshop at EPUB Summit2016 Readium LCP workshop at EPUB Summit
2016 Readium LCP workshop at EPUB SummitLaurent Le Meur
 
Clou doc brochure_eng_20150406(전자메일첨부용)
Clou doc brochure_eng_20150406(전자메일첨부용)Clou doc brochure_eng_20150406(전자메일첨부용)
Clou doc brochure_eng_20150406(전자메일첨부용)sang yoo
 
Why ClouDoc to protect CAD files?
Why ClouDoc to protect CAD files? Why ClouDoc to protect CAD files?
Why ClouDoc to protect CAD files? Sang Yoo
 
Digital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFDigital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFiText Group nv
 
Securing broker less publish subscribe systems using identity-based encryption
Securing broker less publish subscribe systems using identity-based encryptionSecuring broker less publish subscribe systems using identity-based encryption
Securing broker less publish subscribe systems using identity-based encryptionLeMeniz Infotech
 
Narrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardNarrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardConference Papers
 
Public key authentication is the most secure colution and utilizes a.pdf
Public key authentication is the most secure colution and utilizes a.pdfPublic key authentication is the most secure colution and utilizes a.pdf
Public key authentication is the most secure colution and utilizes a.pdfmohammadirfan136964
 

Similar to Red Office Documents Security Proposal (20)

Lobodms Integration
Lobodms IntegrationLobodms Integration
Lobodms Integration
 
Digital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFDigital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDF
 
Liferay Integration
Liferay IntegrationLiferay Integration
Liferay Integration
 
Adobe PDF and LiveCycle ES Security
Adobe PDF and LiveCycle ES SecurityAdobe PDF and LiveCycle ES Security
Adobe PDF and LiveCycle ES Security
 
Alfresco Integration
Alfresco IntegrationAlfresco Integration
Alfresco Integration
 
Presentation
PresentationPresentation
Presentation
 
Thawte Code Signing Certificate Feature and Benefits
Thawte Code Signing Certificate Feature and BenefitsThawte Code Signing Certificate Feature and Benefits
Thawte Code Signing Certificate Feature and Benefits
 
LincDoc Enterprise Edition brochure
LincDoc Enterprise Edition brochureLincDoc Enterprise Edition brochure
LincDoc Enterprise Edition brochure
 
LibreOffice/OpenOffice.org - non coding extensions
LibreOffice/OpenOffice.org - non coding extensionsLibreOffice/OpenOffice.org - non coding extensions
LibreOffice/OpenOffice.org - non coding extensions
 
Digital Signatures solution by ComsignTrust
Digital Signatures solution by ComsignTrustDigital Signatures solution by ComsignTrust
Digital Signatures solution by ComsignTrust
 
ODFKit
ODFKitODFKit
ODFKit
 
2016 Readium LCP workshop at EPUB Summit
2016 Readium LCP workshop at EPUB Summit2016 Readium LCP workshop at EPUB Summit
2016 Readium LCP workshop at EPUB Summit
 
Clou doc brochure_eng_20150406(전자메일첨부용)
Clou doc brochure_eng_20150406(전자메일첨부용)Clou doc brochure_eng_20150406(전자메일첨부용)
Clou doc brochure_eng_20150406(전자메일첨부용)
 
Why ClouDoc to protect CAD files?
Why ClouDoc to protect CAD files? Why ClouDoc to protect CAD files?
Why ClouDoc to protect CAD files?
 
Digital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFDigital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDF
 
Securing broker less publish subscribe systems using identity-based encryption
Securing broker less publish subscribe systems using identity-based encryptionSecuring broker less publish subscribe systems using identity-based encryption
Securing broker less publish subscribe systems using identity-based encryption
 
Narrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardNarrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forward
 
Public key authentication is the most secure colution and utilizes a.pdf
Public key authentication is the most secure colution and utilizes a.pdfPublic key authentication is the most secure colution and utilizes a.pdf
Public key authentication is the most secure colution and utilizes a.pdf
 
presentation_finals
presentation_finalspresentation_finals
presentation_finals
 
Badusha_Profile
Badusha_ProfileBadusha_Profile
Badusha_Profile
 

More from Zhi Guan

USB Token Design and Implementation
USB Token Design and ImplementationUSB Token Design and Implementation
USB Token Design and ImplementationZhi Guan
 
CPK Theory And Parctice
CPK Theory And ParcticeCPK Theory And Parctice
CPK Theory And ParcticeZhi Guan
 
CPK Cryptosystem In Solaris
CPK Cryptosystem In SolarisCPK Cryptosystem In Solaris
CPK Cryptosystem In SolarisZhi Guan
 
Graphical Passwords
Graphical PasswordsGraphical Passwords
Graphical PasswordsZhi Guan
 
CPK in Eurocrypt 2007 Rump Session
CPK in Eurocrypt 2007 Rump SessionCPK in Eurocrypt 2007 Rump Session
CPK in Eurocrypt 2007 Rump SessionZhi Guan
 
A Survey of Identity-Based Encryption
A Survey of Identity-Based EncryptionA Survey of Identity-Based Encryption
A Survey of Identity-Based EncryptionZhi Guan
 
Ph D Proposal, Cloud Computing Security
Ph D Proposal, Cloud Computing SecurityPh D Proposal, Cloud Computing Security
Ph D Proposal, Cloud Computing SecurityZhi Guan
 
ICDCS‘08 WebIBC
ICDCS‘08 WebIBCICDCS‘08 WebIBC
ICDCS‘08 WebIBCZhi Guan
 
Crypto With OpenSSL
Crypto With OpenSSLCrypto With OpenSSL
Crypto With OpenSSLZhi Guan
 
Code Signing with CPK
Code Signing with CPKCode Signing with CPK
Code Signing with CPKZhi Guan
 

More from Zhi Guan (11)

USB Token Design and Implementation
USB Token Design and ImplementationUSB Token Design and Implementation
USB Token Design and Implementation
 
CPK Theory And Parctice
CPK Theory And ParcticeCPK Theory And Parctice
CPK Theory And Parctice
 
CPK Cryptosystem In Solaris
CPK Cryptosystem In SolarisCPK Cryptosystem In Solaris
CPK Cryptosystem In Solaris
 
Easy CPK
Easy CPKEasy CPK
Easy CPK
 
Graphical Passwords
Graphical PasswordsGraphical Passwords
Graphical Passwords
 
CPK in Eurocrypt 2007 Rump Session
CPK in Eurocrypt 2007 Rump SessionCPK in Eurocrypt 2007 Rump Session
CPK in Eurocrypt 2007 Rump Session
 
A Survey of Identity-Based Encryption
A Survey of Identity-Based EncryptionA Survey of Identity-Based Encryption
A Survey of Identity-Based Encryption
 
Ph D Proposal, Cloud Computing Security
Ph D Proposal, Cloud Computing SecurityPh D Proposal, Cloud Computing Security
Ph D Proposal, Cloud Computing Security
 
ICDCS‘08 WebIBC
ICDCS‘08 WebIBCICDCS‘08 WebIBC
ICDCS‘08 WebIBC
 
Crypto With OpenSSL
Crypto With OpenSSLCrypto With OpenSSL
Crypto With OpenSSL
 
Code Signing with CPK
Code Signing with CPKCode Signing with CPK
Code Signing with CPK
 

Recently uploaded

Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 

Recently uploaded (20)

E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 

Red Office Documents Security Proposal

  • 1. RedOffice Document Security Guan Zhi ★ Peking Univ.
  • 2. About RedOffice RedOffice is the proprietary office suit based on OpenOffice.org provided by the company RedFlag2000 in China. The features of RedOffice include better chinese language and localization support chinese style documents support and etc.
  • 3. OpenOffice Document Security The current OpenOffice security mechanisms include: Password based encryption, defined in “Open Document Format for Office Applications (OpenDocument) v1.0 Specification” section 16.3. Digital signature based on PKI, provided in OpenOffice.org 3.0, menu:file:digital signatures ...
  • 4. Our Aim is ... To enhance RedOffice/OpenOffice documents security with cryptography.
  • 5. What is Required Compared with PDF document, OpenOffice document lacks: Certificate based document encryption. GUI supported key/certificate generation and management. Graphical digital signature display. And even more ...
  • 6. Password Generator In password based encryption, users always choose very weak passwords, which makes the encrypted documents easily broken. Password generator is a program/extension which helps the user to generate more secure and easily remembered passwords.
  • 7. Certificate Based Encryption With certificate based encryption an Office author can encrypt a document with multiple recipient’s certificates. For a group of users to share documents, certificate based encryption is much more easier and secure than password based encryption.
  • 8. Key/Certificate Management Current OpenOffice.org requires the user to import certificates and private keys for digital signature generation, while does not provide certificate management functionalities. Certificate Extension: Certificate and key pair generation utilities for RedOffice/OpenOffice.org.
  • 9. Crypto Framework Extension A cryptographic framework extension for RedOffice/ OpenOffice.org. The cryptographic API is based on the PKCS #11: Cryptographic Token Interface Standard, supported on both Windows and Linux. Third party cryptographic algorithms, modules and hardware tokens such as smart card and USB key can be integrated into RedOffice/OpenOffice.org.
  • 10. Advance Cryptography Identity based encryption, for simplicity of public key management. Attribute based encryption, for simplicity of document sharing and access control based on document encryption.
  • 11. Paper Based Security When a document is printed on the paper, all the security attributes are disappeared. With printed 1-D or 2-D barcode, the security attributes can be reserved on the printed paper documents.
  • 12. Key Management Service Basically, it is a PKI Certificate Authority with additional functionalities. Generation, distribution, management of keys and certificates. Supporting advanced cryptography and key policies.
  • 13. Document Security Service An ordinary office user only know who is the document recipient, without the detailed knowledge of how to protect the document. Document security service is an online service to provide RedOffice/OpenOffice.org documents with automated public key encryption, digital signature and other security attributes. The service will choose what kind of security mechanisms and policies should be applied to the document, and executes the corresponding security operations.
  • 14. END for more details, connect <guanzhi@infosec.pku.edu.cn>