RedOffice Document Security
Guan Zhi ★ Peking Univ.
About RedOffice
RedOffice is the proprietary office suit based on OpenOffice.org
provided by the company RedFlag2000 in Ch...
OpenOffice Document Security
The current OpenOffice security mechanisms include:
Password based encryption, defined in “Op...
Our Aim is ...
To enhance RedOffice/OpenOffice documents security with
cryptography.
What is Required
Compared with PDF document, OpenOffice document lacks:
Certificate based document encryption.
GUI support...
Password Generator
In password based encryption, users always choose very weak
passwords, which makes the encrypted docume...
Certificate Based Encryption
With certificate based encryption an Office author can encrypt a
document with multiple recip...
Key/Certificate Management
Current OpenOffice.org requires the user to import certificates
and private keys for digital si...
Crypto Framework Extension
A cryptographic framework extension for RedOffice/
OpenOffice.org.
The cryptographic API is bas...
Advance Cryptography
Identity based encryption, for simplicity of public key
management.
Attribute based encryption, for s...
Paper Based Security
When a document is printed on the paper, all the security
attributes are disappeared.
With printed 1-...
Key Management Service
Basically, it is a PKI Certificate Authority with additional
functionalities.
Generation, distribut...
Document Security Service
An ordinary office user only know who is the document recipient,
without the detailed knowledge ...
END
for more details, connect <guanzhi@infosec.pku.edu.cn>
Upcoming SlideShare
Loading in …5
×

Red Office Documents Security Proposal

354 views
316 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
354
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Red Office Documents Security Proposal

  1. 1. RedOffice Document Security Guan Zhi ★ Peking Univ.
  2. 2. About RedOffice RedOffice is the proprietary office suit based on OpenOffice.org provided by the company RedFlag2000 in China. The features of RedOffice include better chinese language and localization support chinese style documents support and etc.
  3. 3. OpenOffice Document Security The current OpenOffice security mechanisms include: Password based encryption, defined in “Open Document Format for Office Applications (OpenDocument) v1.0 Specification” section 16.3. Digital signature based on PKI, provided in OpenOffice.org 3.0, menu:file:digital signatures ...
  4. 4. Our Aim is ... To enhance RedOffice/OpenOffice documents security with cryptography.
  5. 5. What is Required Compared with PDF document, OpenOffice document lacks: Certificate based document encryption. GUI supported key/certificate generation and management. Graphical digital signature display. And even more ...
  6. 6. Password Generator In password based encryption, users always choose very weak passwords, which makes the encrypted documents easily broken. Password generator is a program/extension which helps the user to generate more secure and easily remembered passwords.
  7. 7. Certificate Based Encryption With certificate based encryption an Office author can encrypt a document with multiple recipient’s certificates. For a group of users to share documents, certificate based encryption is much more easier and secure than password based encryption.
  8. 8. Key/Certificate Management Current OpenOffice.org requires the user to import certificates and private keys for digital signature generation, while does not provide certificate management functionalities. Certificate Extension: Certificate and key pair generation utilities for RedOffice/OpenOffice.org.
  9. 9. Crypto Framework Extension A cryptographic framework extension for RedOffice/ OpenOffice.org. The cryptographic API is based on the PKCS #11: Cryptographic Token Interface Standard, supported on both Windows and Linux. Third party cryptographic algorithms, modules and hardware tokens such as smart card and USB key can be integrated into RedOffice/OpenOffice.org.
  10. 10. Advance Cryptography Identity based encryption, for simplicity of public key management. Attribute based encryption, for simplicity of document sharing and access control based on document encryption.
  11. 11. Paper Based Security When a document is printed on the paper, all the security attributes are disappeared. With printed 1-D or 2-D barcode, the security attributes can be reserved on the printed paper documents.
  12. 12. Key Management Service Basically, it is a PKI Certificate Authority with additional functionalities. Generation, distribution, management of keys and certificates. Supporting advanced cryptography and key policies.
  13. 13. Document Security Service An ordinary office user only know who is the document recipient, without the detailed knowledge of how to protect the document. Document security service is an online service to provide RedOffice/OpenOffice.org documents with automated public key encryption, digital signature and other security attributes. The service will choose what kind of security mechanisms and policies should be applied to the document, and executes the corresponding security operations.
  14. 14. END for more details, connect <guanzhi@infosec.pku.edu.cn>

×