PDF Certificate Security

Use Cases for Certificate Security

In the following we discuss use cases which benefit from the advantages of certificate security. In most cases the following questions should be analyzed:

Is it required to include the author’s own certificate in the list of recipients? If it is not included the author won’t be able to open the protected document.

Which permission restrictions are applicable to each recipient or group of recipients?

Distribute confidential documents to a closed group of recipients

Members of a group want to exchange confidential documents so that all other group members can use the documents. The PDFs are encrypted against the certificates of all group members. If the creator of a document includes his own certificate when encrypting the file, only a single version of the document is required. Although the number of recipients is not strictly limited, it should be kept in mind that each recipient slightly enlarges the document.

In a variation of this use case some recipients (the managers) are allowed to modify the document, while regular employees are only allowed fill form fields and sign the PDF. This distinction can be achieved with separate recipient groups where each group is assigned appropriate permissions.

If the number of group members gets large (thousands of recipients), the group can be split into smaller sets. A small number of recipients in each subset minimizes the file size, while a large number of recipients in each subset reduces the number of different protected versions which must be created based on the same document.

Serially signing a confidential document

A confidential document is encrypted for a number of recipients. The recipients are expected to digitally sign the document, but are not allowed to apply any modification. To achieve this, the permissions are set to allow only signing, but no modifications. Recipients can use the same digital ID for decrypting and signing the document, provided it has been issued to allow both activities.

Digital rights management

Documents with commercial contents are distributed to paying customers. Each subscriber or buyer receives a protected PDF which has been encrypted against his personal certificate. In order to create an individual document version for each recipient, many protected versions of the same document can be created. The nomaster permission restriction is set to prevent customers from tampering with the document.

Secure storage and archiving

In this scenario an archive receives documents which must be protected. Each archived document is encrypted against the archive owner’s certificate. Only a single protected version must be created for each archived document.

Invoice and statement distribution

A customer-specific invoice, statement or transaction document is encrypted against the customer’s certificate to ensure confidentiality. A single protected version of each document is created and provided to the customer. The nomaster permission restriction is set to prevent customers from tampering with the document.