What technologies are recommended to build this particular document distribution model? The target audience per document is only around 5. However, they associate with each other, so the model must prevent unauthorized sharing. Simply providing login access to those who have legally obtained it, is not secure enough as the login can be shared.
The plan:
- User downloads a PDF generated on a remote server (website) to their desktop to be opened in vanilla Adobe Reader.
- The PDF is generated with a simple Username/Password login page, and a number of content pages where the content is hidden until a successful login is entered.
- The login SUBMIT button connects to the remote server for validation.
- Once validated, a sort of key is returned, which unlocks the hidden pages for viewing while the PDF is still open.
- Security is enacted to control how many computers or IP addresses are allowed to open the PDF. I have found this is done by a DRM such as ADC or LiveCycle Rights Management ES2 (not sure which) and a Javascript cookie, which I'm guessing is embedded into the document?
My question is what is the ideal tool/method for each step? My strength is PHP, but I have found that for serving, a PHP/MySQL server isn't suitable for serving and generating PDFs. But I can learn! I just need some guidance.
Many thanks to anyone who can help!
1 - There are PDF libraries for Perl, PHP and java to create dynamic PDF documents and deliver them as downloads, however none of them can interface to a DRM solution. For a starting point in PHP PDF scripting, visit FPDF.ORG.2,3,4 - It's not possible to "hide" pages within a PDF file - that isn't part of the ISO specification. A file is either opened or not. The only realistic way to implement partially-secured content would be to place the extra pages as a second PDF, attached to the first, and apply additional open-only security to that second PDF. The scripting PDF libraries in general use can't cope with processing attachments in that way.
5 - Adobe LiveCycle DRM (Policy Server) can limit access to a PDF file based on the identity of the logged-in user (who authenticates with a username and password). It cannot restrict by IP address, nor can it restrict the number of copies a person downloads. You can revoke a file, or automatically expire it after a set period, but you can't control the number of duplicates. In addition you can't (easily) integrate LCDRM with dynamically-created PDF files from another source such as a website script.
Copy-control DRM is available through the Adobe Digital Editions client application (connecting to a server running Content Server 4) - however access to that program is not a practicable option for individual users, and integrating Co4 into a dynamic document workflow is an extremely complex task.