I am looking for a simple digital rights management solution. Is there a way to tie a PDF document to a specified computer so another computer may not open the file?
The solution does not have to be foolproof, just a preventative roadblock to help stop people from sharing the file (passwords wont work because users will simply share passwords). Also, functionality of Reader 10 must be preserved.
I found a solution here:
http://www.armjisoft.com/?page=pdfownerguard
The server edition satisfies my needs but as you can see it is $5,000.
The solution also needs to be scalable to a large amount of PDFs being sold.
Please help,
ThankyouThankyouThankyou!
PDF Security Simple DRM Solution
2011-08-09 16:13:30
My Product Information:
Acrobat Standard 10.0.1, Windows
Acrobat Standard 10.0.1, Windows
2011-08-10 02:01:47
#2
Sorry, but George's post is utterly wrong.
Firstly, certificate-based encryption does *nothing* to tie the document access to a particular computer, it ties it to a certificate - anyone with a copy of the certificate can open the file, and self-signed certificates can be given to anyone. It's not DRM, it's not scalable, and it's not realistic for any public-use case as the recipients will not be in a position to pre-qualify their IDs with your distribution system. George's comment about "no added expense" with personal certificates misses the point - you cannot automate the process, so you will have to employ people to process every request individually.
Adobe's DRM solution is LiveCycle Rights Management ES2 - it's *fully* integrated into Acrobat and Adobe Reader already, needs no plugins, no recipient interaction, it's 100% secure and can be scaled to handle millions of documents. It runs on an enterprise server, either as a hosted solution or on your own hardware - DRM is not a desktop application. It's not cheap, but enterprise-class DRM never is.
Firstly, certificate-based encryption does *nothing* to tie the document access to a particular computer, it ties it to a certificate - anyone with a copy of the certificate can open the file, and self-signed certificates can be given to anyone. It's not DRM, it's not scalable, and it's not realistic for any public-use case as the recipients will not be in a position to pre-qualify their IDs with your distribution system. George's comment about "no added expense" with personal certificates misses the point - you cannot automate the process, so you will have to employ people to process every request individually.
Adobe's DRM solution is LiveCycle Rights Management ES2 - it's *fully* integrated into Acrobat and Adobe Reader already, needs no plugins, no recipient interaction, it's 100% secure and can be scaled to handle millions of documents. It runs on an enterprise server, either as a hosted solution or on your own hardware - DRM is not a desktop application. It's not cheap, but enterprise-class DRM never is.
2011-08-11 00:41:59
#3
It's hard to tell what you consider to be utterly wrong, considering most of your response echos points I made in mine, but it may be best if I explained why I responded with what I did.
Three things in the OP's post led me to believe that an alternative to a DRM approach may be worth considering:
1. The OP needed "just a roadblock", not enterprise class DRM.
2. The OP seemed to be balking at the $5000 price tag of one DRM solution.
3. The number of users, number of documents, and number of documents per time period was not specified.
I tried to make it clear that it was for the OP to decide whether certificate security would suit his needs. I tried to present it as a ~possible~ alternative to DRM. I've suggested this before to folks and some have found it feasible and others have not. For those who did, it was utterly right. It may be feasible for providing three $500 documents/day to professionals, but certainly not 500,000 one dollar documents/year to the general public.
I did not claim certificate security is DRM nor did I claim it would allow a document to only be tied to a single machine. I made it clear how installing a digital ID file on another machine would allow the document to be opened on that machine. I made it clear that setting up certificate security involves a number of manual steps and did not say or imply it could be automated.
As for suggesting Adobe's LiveCycle Rights Management product, which is certainly at the top of the DRM heap, did you expect it would be more likely to be accepted by someone already concerned about the $5000 cost of a competing product? Feel free to consider that rhetorical.
Three things in the OP's post led me to believe that an alternative to a DRM approach may be worth considering:
1. The OP needed "just a roadblock", not enterprise class DRM.
2. The OP seemed to be balking at the $5000 price tag of one DRM solution.
3. The number of users, number of documents, and number of documents per time period was not specified.
I tried to make it clear that it was for the OP to decide whether certificate security would suit his needs. I tried to present it as a ~possible~ alternative to DRM. I've suggested this before to folks and some have found it feasible and others have not. For those who did, it was utterly right. It may be feasible for providing three $500 documents/day to professionals, but certainly not 500,000 one dollar documents/year to the general public.
I did not claim certificate security is DRM nor did I claim it would allow a document to only be tied to a single machine. I made it clear how installing a digital ID file on another machine would allow the document to be opened on that machine. I made it clear that setting up certificate security involves a number of manual steps and did not say or imply it could be automated.
As for suggesting Adobe's LiveCycle Rights Management product, which is certainly at the top of the DRM heap, did you expect it would be more likely to be accepted by someone already concerned about the $5000 cost of a competing product? Feel free to consider that rhetorical.
2011-08-12 14:47:31
#4
Thank you both for the replies. You both are right in certain ways. My requirements are as follows:
-Cheap
-Scalable
-Semi-automated
*I will be dealing with many PDFs
This I know is usually expensive BUT, what I do NOT need is a perfect system. I do not care if it is beatable at all, just that it presents a roadblock.
Maybe not a DRM solution in the traditional sense, but merely a simple programming trick. Something of that ilk.
THANK YOU :)
-Cheap
-Scalable
-Semi-automated
*I will be dealing with many PDFs
This I know is usually expensive BUT, what I do NOT need is a perfect system. I do not care if it is beatable at all, just that it presents a roadblock.
Maybe not a DRM solution in the traditional sense, but merely a simple programming trick. Something of that ilk.
THANK YOU :)
2011-08-13 03:31:25
#5
I'm aware that DRM and LiveCycle are complex topics, and so far we haven't published much to clearly-explain their roles and technological foundations, but I'm working on it - lots of exciting new stuff on the way!
What you need to understand about DRM is that there _cannot_ be a "cheap" version - to run DRM means someone has to maintain a server and the associated databases, and in order for the system to be secure, the encryption keys cannot ever be revealed, even to the customers. It's why open-source DRM is impossible, and the maintenance and development cost of DRM software is higher than for other types of product. Adobe does offer flexible pricing (which is why the LC page doesn't quote any RRP) but these products are aimed firmly at the enterprise, where a five-digit price tag is perfectly acceptable for what the software delivers. Compared to consumer software it sounds insane to pay that much for one item; but enterprises work on cost of loss, not cost of purchase. The ticket price of LC is written down in one tax year, but the potential costs to the company of one valuable document leaking out could run into the millions.
The engine behind DRM just "is" - while you can in some cases "rent" a hosted DRM package under a Software-as-a-Service (SaaS) model, there is no "DRM-lite". You can't buy a personal edition of LiveCycle, or a cheaper version with a shorter hash key, just as you can't buy a discounted version of your anti-virus software that only bothers to detect half the infections. Adobe did in the past consider rollout of their own hosted SaaS LCDRM service via a subscriptions model similar to Acrobat.com, but for several reasons that program has closed and I cannot comment on whether it will return. If someone only has a couple of documents to protect there are third-party DRM providers, but they don't scale and don't automate unless you raid the bank. The only remaining option is to sell your content through someone else, such as an eBook publisher, who already has an online distribution and DRM system in place - but that of course depends on what the documents contain.
Justin7: What we're saying is that your list of requirements simply cannot be done any other way - the concept of tying a single copy of a file to a user or computer *is* DRM. Trying any non-DRM system (passwords, certificates, etc.) is just not going to work, as you have already found out. We couldn't even fake it enough for a novice user to be tricked. Add automation and scaling to handle "many PDFs" into the mix and you are defining enterprise-class software, so even if you don't think of your particular case that way you're stuck with the price tag that phrase carries.
And sorry George, but when Justin asks "Is there a way to tie a PDF document to a specified computer so another computer may not open the file?" and you respond with "Something that will work with just Acrobat is to use certificate security as the security method" you cannot then claim that "I did not claim certificate security is DRM nor did I claim it would allow a document to only be tied to a single machine".
What you need to understand about DRM is that there _cannot_ be a "cheap" version - to run DRM means someone has to maintain a server and the associated databases, and in order for the system to be secure, the encryption keys cannot ever be revealed, even to the customers. It's why open-source DRM is impossible, and the maintenance and development cost of DRM software is higher than for other types of product. Adobe does offer flexible pricing (which is why the LC page doesn't quote any RRP) but these products are aimed firmly at the enterprise, where a five-digit price tag is perfectly acceptable for what the software delivers. Compared to consumer software it sounds insane to pay that much for one item; but enterprises work on cost of loss, not cost of purchase. The ticket price of LC is written down in one tax year, but the potential costs to the company of one valuable document leaking out could run into the millions.
The engine behind DRM just "is" - while you can in some cases "rent" a hosted DRM package under a Software-as-a-Service (SaaS) model, there is no "DRM-lite". You can't buy a personal edition of LiveCycle, or a cheaper version with a shorter hash key, just as you can't buy a discounted version of your anti-virus software that only bothers to detect half the infections. Adobe did in the past consider rollout of their own hosted SaaS LCDRM service via a subscriptions model similar to Acrobat.com, but for several reasons that program has closed and I cannot comment on whether it will return. If someone only has a couple of documents to protect there are third-party DRM providers, but they don't scale and don't automate unless you raid the bank. The only remaining option is to sell your content through someone else, such as an eBook publisher, who already has an online distribution and DRM system in place - but that of course depends on what the documents contain.
Justin7: What we're saying is that your list of requirements simply cannot be done any other way - the concept of tying a single copy of a file to a user or computer *is* DRM. Trying any non-DRM system (passwords, certificates, etc.) is just not going to work, as you have already found out. We couldn't even fake it enough for a novice user to be tricked. Add automation and scaling to handle "many PDFs" into the mix and you are defining enterprise-class software, so even if you don't think of your particular case that way you're stuck with the price tag that phrase carries.
And sorry George, but when Justin asks "Is there a way to tie a PDF document to a specified computer so another computer may not open the file?" and you respond with "Something that will work with just Acrobat is to use certificate security as the security method" you cannot then claim that "I did not claim certificate security is DRM nor did I claim it would allow a document to only be tied to a single machine".
They will have to supply their password (as opposed to one you set) whenever they want to open your encrypted document. If they sent the PDF to someone else, it would not open unless they also copied and installed their digital identity file (.pfx, .p12 file) on the other machine and provided their password. Whether this is sufficiently secure or scalable for your uses is for you to decide.
Any reasonably secure DRM solution involves a bit of administrative overhead and may involve each user installing a custom plug-in (e.g., FileOpen), using a server-based PDF viewer (e.g., LockLizard), and someone maintaining a server that provides the mechanism for this type of security. In the scenario discussed above it involves the user setting up and transmitting the digital certificate to you and then you applying the security and sending them the secured document, but no server is involved and there's no added expense.