|PDF Document Protection|
What are you using and why?
Let's say I have a few PDF documents that I want to allow users to purchase. I don't have the budget nor do I have the time to implement a full blown DRM (Digital Rights Management) solution. I see that Adobe offer methods to protect documents but I can't locate any publicly available pricing model on that. I've also seen a few others on the first page of results for pdf protection. The Lizard is a bit pricey for our application.
I have users who will be making a one time purchase of my manual. I don't want that manual being sent to anyone else. I only want to allow a specific number of print(s), etc.
Anyone out there working in a pdf environment and doing DRM on a basic level? If so, care to share your wisdom with those not as wise? ;)
Shameless bump! Anyone out there working with pdfs from a digital rights management perspective? What's the best way to protect your pdf from being copied, shared, etc?
I'd suggest that instead of pdf you try an ebook html compiler.
Avoid the one from antsoft, made my firewall jump repeatedly, attempting both uploads and downloads unexpectedly - there's plenty of others to choose from. Just this morning I was browsing and found what looks like a useful one for about $30. If you want really solid copy protection expect to pay closer to $100.
Alternatively get a cheaper one then a robust copy protection compiler which can be used for any future products and should, if you sniff around, have a "module" or 2 that you can give to some of the bigger payment processors such as regnow or shareit, for automated sales.
I use .NET Reactor for hardware locking and customers can buy the key instantly from shareit - but at nearly $200 that may be more than you were expecting. That is also designed for trial period stuff of course, which may not apply for a book (depends on the book).
But there are few means of truly securing a pdf.
Ah, the compiler is an option.
I'm also looking at Adobe Document Center. Don't know why I didn't dig deeper into this one...
|The AdobeŽ Document Center is a web-based application for controlling and tracking documents. Subscribers can control access and availability of documents through security policies managed by Adobe LiveCycleŽ Policy Server. |
Policies solve the challenges of sharing files that are time-and version-sensitive and for content directed to a limited audience. As a subscriber, you decide who has access to your files and for how long, and whether recipients can copy, print, and add information. You can also track usage activity on files and revoke access to files when they are obsolete.
The most significant difference between the Document Center and password- or certificate-based security measures is that policies offer persistent protection. Any changes you make in the Document Center are updated in distributed files.
I do believe this is going to give my customer the ability to do "everything" they wanted to do with their document library. And I do mean everything. ;)
I suggest if you can use PHP and the PDF plugin routines you could print the customers name within the document on the fly before the download - say on the footer "purchased from yourstore by John Doe" and also perhaps within the body of the text somewhere.
It could be edited out by someone with PDF knowledge of course but It may deter someone from giving away copies. Of course if they do you will know "who dun it"
numnutz has the best idea so far I think, and it will work well with non-Adobe PDF readers, of which there are many. After all, even with the best copy protection it is still possible to use a photocopier on the authorised printout... or screenshots and OCR if there's no printing available.
Look up Access PDF.
It's a free module which can be compiled on many different platforms.
It has a command line interface that can manipulate PDF's in many ways. It can add a user password, that will prevent anyone from opening it that doesn't know it.
If you know a bit about programming you can use something such as PHP's exec/passthru functions to init the pdftk executable that can genenerate/modify/passport-protect a source pdf on your server in a variety of ways.
[edited by: lorax at 3:00 pm (utc) on May 30, 2007]
[edit reason] no URLs please [/edit]
Okay, we signed up for Adobe Document Center, did an intial tour of the features and the solution fits our needs. Problem is, there is zero support for this "new product", none, nada.
So, we were forced to look at other solutions attempting to stay within a tight budget while we prepare a full scale DRM solution.
I finally got the client to implement some of Adobe's default protection measures (Adobe Acrobat) like the preventing of printing, selecting and copying, etc. I do realize there are programs out there that are designed to crack Adobe's basic methods but that's something we'll address when it arises.
So, we've got the pdf document squared away. Now, how do we serve that document and obfuscate the URI reference? Hmmm. Tick, tock, tick, tock... Oh, we're on Windows too, tick, tock, tick, tock. And, how do we make that document available only to users once they are logged in? Tick, tock, tick, tock...
if session("loginid") = "" then response.redirect "https://www.example.com/login/"
Const adTypeBinary = 1
sPath = "C:\temp\pdf\"
sFile = "example.pdf"
Response.ContentType = "application/pdf"
Response.AddHeader "Content-Disposition","filename=" & sFile
Set oStream = Server.CreateObject("ADODB.Stream")
oStream.Type = adTypeBinary
oStream.LoadFromFile sPath & sFile
Set objStream = Nothing
Drop the pdf at C:\temp\pdf\. Send the user through the above script and viola, you've provided an above average level of protection for your pdf document(s). My programmer tells me that this also works with .doc, .xls, etc. This is the key...
Response.ContentType = "application/pdf"
Something to do with "reading a binary file, then output to the buffer of the web browser as a pdf through the Response.ContentType.
Don't you just love challenges? Man, this was driving me crazy. It seemed so simple but we just couldn't piece it all together until the above script came into play. This is what happens when you brainstorm and everyone is Googling it. Finding the right search term(s) to uncover the solution(s) was a task in itself.
P.S. We needed to provide temporary access to document(s) that were already being sent in hard copy format via USPS. So the above worked out to be a great "simple" solution for our current pdf woes.
This is a "very basic" level of protection. I'm sure there are more efficient ways to do this but we had to work with the knowledge and tools available.
|Mint Choc Chip|
Clicklocker and CB Protect's Virtual Vault both claim to offer protection for pdf files too.