SlideShare a Scribd company logo

OpenOffice.org/StarOffice & DRM, OMC Workshop 2006

Malte Timmermann
Malte Timmermann

Malte Timmermann from Sun Microsystems gave a presentation on digital rights management (DRM) solutions for StarOffice and OpenOffice.org. He discussed how DRM could restrict document access and permissions using public key infrastructure or a licensing server for key distribution. However, full security is difficult without a trusted platform since restrictions can be bypassed by modifying software. For internal company documents, a document management system may better suit access control needs compared to DRM. The presentation concluded that DRM support could be provided for different systems but may not fully prevent unauthorized use and could restrict accessibility if not implemented carefully.

Technology
1 of 20
Download to read offline
Sun OMC Workshop 2006-03-15, Santa Clara OpenOffice.org & StarOffice DRM Malte Timmermann Technical Architect Sun Microsystems GmbH ©Sun Microsystems, Inc. - All Rights Reserved
About the Speaker • Technical Architect in StarOffice/OpenOffice.org Development • Working on StarOffice since 1991 • Main focus: Core Development > Accessibility > Security (Digital Signatures. DRM soon) > Performance > Past: EditEngine, VCL, Help System, BasicIDE, ... ©Sun Microsystems, Inc. - All Rights Reserved
About this presentation • Some general information about document protection > Based on my best current knowledge, no DReaM specific things included > Hope to learn here what Office Suite customers really need ;) • Evaluation of potentialities, no concrete plans for StarOffice or OpenOffice.org right now! ©Sun Microsystems, Inc. - All Rights Reserved
Agenda • What is StarOffice / OpenOffice.org? • Why Document Protection? • Permissions and Restrictions • StarOffice / OpenOffice.org Solutions? • Conclusion • Q&A ©Sun Microsystems, Inc. - All Rights Reserved
What is StarOffice / OpenOffice.org? • Integrated productivity suite with word processor, spreadsheet, presentation, drawing, database, ... • Open Source > StarOffice code base is available as OpenOffice.org under the LGPL license • Multi Platform > Sun supports StarOffice on Windows, Linux, Solaris > OpenOffice.org available for more platforms • Support for different languages > CJK and CTL > Right to Left and Vertical Writing ©Sun Microsystems, Inc. - All Rights Reserved
What is StarOffice / OpenOffice.org? • Interoperable with MS Office documents > Can read and write MS Office files > Comparable feature set • Native format is OASIS OpenDocument Format > Open XML standard for documents > ISO standardization is in progress • Create (accessible) PDF files > Tagged PDF, TOC, Hyperlinks, Controls • Digital Signatures > W3C DSIG, open standard ©Sun Microsystems, Inc. - All Rights Reserved
Why Document Protection? • Content producers want to sell content and want to make sure that it's only used by customers who paid for it > Ebooks (as well as Music, Movies, ...) > Avoid free distribution / piracy • Companies want to protect their documents so that they can only be read by authorized people > Confidential information > Avoid unauthorized usage ©Sun Microsystems, Inc. - All Rights Reserved
Different Scenarios • Content sellers often don't know much about their customers > User authentication is quite difficult > No trust in user (customer) > They trust more in certain applications > They lock the content to these applications > Even to certain devices! > Customers don't like this strong restrictions for paid content! > What happens if I buy new devices? > What happens if the content provider / licensee goes away? – DRM == Digital *Restrictions* Managements ;) ©Sun Microsystems, Inc. - All Rights Reserved
Different Scenarios • Companies know their employees > User authentication is quite easy > Companies (should) trust their employees > User authentication is enough, no locking into certain software necessary > Use any device or software! ©Sun Microsystems, Inc. - All Rights Reserved
Document Protection Basics • Encryption > Content is encrypted > Key distribution necessary > Encrypted within the data file > Encrypted within separate license file > Licensing Server (Authentication and key exchange) • Security can be enhanced with using a “Trusted Platform” > This need TPM and the full stack of hard/software, signed applications > Hard to achieve, but without that people with permission to open the file have a good chance to remove protections ©Sun Microsystems, Inc. - All Rights Reserved
Document Protection Key Distribution • Public Key Infrastructure (PKI) > Deploy document decryption key within the media file or an external license file > Decryption key itself is encrypted with the users public key, only this user can decrypt it with his private key > Can be provided for multiple users > Advantage: > No complex server infrastructure needed, use existing PKI > Disadvantages > Needs modification of media file on each distribution, or distribution of separate license files > No rights revocation possible after file is deployed > No document time-out possible ©Sun Microsystems, Inc. - All Rights Reserved
Document Protection Key Distribution • Rights Management or Licensing Server > Keys and rights are managed on server > User is authenticated by some server, software receives decryption key from server > Advantage: > Dynamic rights managements, access rights can be changed any time after document deployment > Can also be done role based, roles can changed any time > Time-out for documents possible > Document always remains the same > Disadvantages > Complex server infrastructure with secure key exchange needed ©Sun Microsystems, Inc. - All Rights Reserved
Permissions and Restrictions • Licensing Server and PKI can only guarantee the basic permission, if the user is allowed (able) to open the document > Time period can be used on key request with licensing server • Restrictions like “can't print, save as, ...” are only application logic, cannot be enforced by any server! > Application can be modified to not apply restrictions > Restrictions may lock out Assistive Technology! • Trusted Platform is needed for full security > But what is with the “Analog Gap”? User can still copy... ©Sun Microsystems, Inc. - All Rights Reserved
StarOffice/OpenOffice.org Solutions ? • Preconditions: > We have an Open Source Client, which can be modified by anyone > We don't want to lock the user into certain environments > (Currently) no trusted platform and signed applications, so only basic permissions possible > We might offer the “Restrictions” as a convenience feature, but it must be clear that the software can quite easily be modified to ignore the restriction > But even this might fit the needs of companies for 'inhouse usage', policies can do the rest ©Sun Microsystems, Inc. - All Rights Reserved
StarOffice/OpenOffice.org Solutions ? • Key Distribution > PKI based solution? > This might be a convenient solution for personal usage, to protect private documents or to pass encrypted documents to certain people without the need of key distribution > Server based solution? > This is what companies need for their internal documents > No special protection against software modifications should be needed for internal documents > Do we really need DRM then? – It might help for managing document life cycle and for protecting stolen or leaked documents > Wouldn't a Document Management System be the better solution here? ©Sun Microsystems, Inc. - All Rights Reserved
StarOffice/OpenOffice.org Solutions ? • Platforms for server based solution > Open Rights Management solution? > Not existent right now, but this is the preferred way to go > Adobe Lifecycle Server? > Server support for multiple platforms, including Solaris > Microsoft Rights Management Server? > Only Windows > But might be needed for migration projects or heterogeneous environments ©Sun Microsystems, Inc. - All Rights Reserved
StarOffice/OpenOffice.org Solutions ? • Should OpenOffice.org & StarOffice be able to load DRM protected MS Office documents? > Only possible if user authentication is enough > Be aware – that makes it much easier for people to remove MS document restrictions! ©Sun Microsystems, Inc. - All Rights Reserved
Conclusion • For private use, the PKI solution just for document encryption could be nice > But that is not DRM • StarOffice might support different DRM systems > But it doesn't help much to protect only StarOffice files, DRM for all used file formats would be needed in a company > We must make sure to not lock out Assistive Technology! > People can still use the “Analog Gap” for copying the content • What about using Document Management Systems instead? > StarOffice and OpenOffice.org should have good support for and integration with Document Management Systems ©Sun Microsystems, Inc. - All Rights Reserved
Q/A ©Sun Microsystems, Inc. - All Rights Reserved
OpenOffice.org & StarOffice DRM Malte Timmermann Malte.Timmermann@sun.com ©Sun Microsystems, Inc. - All Rights Reserved

Recommended

Alexander Antukh. (In)security of Appliances
Alexander Antukh. (In)security of AppliancesAlexander Antukh. (In)security of Appliances
Alexander Antukh. (In)security of AppliancesPositive Hack Days
 
Microsoft Palladium
Microsoft PalladiumMicrosoft Palladium
Microsoft PalladiumSuryakanta Rout
 
ngscb
ngscbngscb
ngscb
Manish Sinha
 
palladium
palladiumpalladium
palladiumGulnaz shaik
 
ITrust Security Operating Center (SOC) - Datasheet EN
ITrust Security Operating Center (SOC) - Datasheet ENITrust Security Operating Center (SOC) - Datasheet EN
ITrust Security Operating Center (SOC) - Datasheet EN
ITrust - Cybersecurity as a Service
 
Red Hat Openstack Certification Program
Red Hat Openstack Certification ProgramRed Hat Openstack Certification Program
Red Hat Openstack Certification Program
Alessandro Silva
 
Check Point designing a security
Check Point designing a securityCheck Point designing a security
Check Point designing a security
Group of company MUK
 
Microsoft Palladium.
Microsoft Palladium.Microsoft Palladium.
Microsoft Palladium.
Anurag Sharma
 

Recommended

Alexander Antukh. (In)security of Appliances
Alexander Antukh. (In)security of AppliancesAlexander Antukh. (In)security of Appliances
Alexander Antukh. (In)security of AppliancesPositive Hack Days
 
Microsoft Palladium
Microsoft PalladiumMicrosoft Palladium
Microsoft PalladiumSuryakanta Rout
 
ngscb
ngscbngscb
ngscb
Manish Sinha
 
palladium
palladiumpalladium
palladiumGulnaz shaik
 
ITrust Security Operating Center (SOC) - Datasheet EN
ITrust Security Operating Center (SOC) - Datasheet ENITrust Security Operating Center (SOC) - Datasheet EN
ITrust Security Operating Center (SOC) - Datasheet EN
ITrust - Cybersecurity as a Service
 
Red Hat Openstack Certification Program
Red Hat Openstack Certification ProgramRed Hat Openstack Certification Program
Red Hat Openstack Certification Program
Alessandro Silva
 
Check Point designing a security
Check Point designing a securityCheck Point designing a security
Check Point designing a security
Group of company MUK
 
Microsoft Palladium.
Microsoft Palladium.Microsoft Palladium.
Microsoft Palladium.
Anurag Sharma
 
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
GetInData
 
Fuji Overview
Fuji OverviewFuji Overview
Fuji Overview
Eduardo Pelegri-Llopart
 
Predicting Startup Market Trends based on the news and social media - Albert ...
Predicting Startup Market Trends based on the news and social media - Albert ...Predicting Startup Market Trends based on the news and social media - Albert ...
Predicting Startup Market Trends based on the news and social media - Albert ...
GetInData
 
Troubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkersTroubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote Workers
eG Innovations
 
Digital Rights Management One For Sharepoint
Digital Rights Management One For SharepointDigital Rights Management One For Sharepoint
Digital Rights Management One For Sharepoint
pabatan
 
Not my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructureNot my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructure
Yshay Yaacobi
 
AppGate Getting Started Resources for Telarus Partners
AppGate Getting Started Resources for Telarus PartnersAppGate Getting Started Resources for Telarus Partners
AppGate Getting Started Resources for Telarus Partners
SaraPia5
 
[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answers[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answers
OWASP
 
MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019
Ieva Navickaite
 
Webinar: How to Design Primary Storage for GDPR
Webinar: How to Design Primary Storage for GDPRWebinar: How to Design Primary Storage for GDPR
Webinar: How to Design Primary Storage for GDPR
Storage Switzerland
 
Advanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applicationsAdvanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applications
Rogue Wave Software
 
2012 02-04 fosdem 2012 - guvnor and j bpm designer
2012 02-04 fosdem 2012 - guvnor and j bpm designer 2012 02-04 fosdem 2012 - guvnor and j bpm designer
2012 02-04 fosdem 2012 - guvnor and j bpm designer
marcolof
 
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
eG Innovations
 
Secure Developer Access at Decisiv
Secure Developer Access at DecisivSecure Developer Access at Decisiv
Secure Developer Access at Decisiv
Teleport
 
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdfUC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
Wlamir Molinari
 
ArchivePod a legacy data solution when migrating to the #CLOUD
ArchivePod a legacy data solution when migrating to the #CLOUDArchivePod a legacy data solution when migrating to the #CLOUD
ArchivePod a legacy data solution when migrating to the #CLOUD
Garet Keller
 
Getting Started with IBM i Security: Securing PC Access
Getting Started with IBM i Security: Securing PC AccessGetting Started with IBM i Security: Securing PC Access
Getting Started with IBM i Security: Securing PC Access
HelpSystems
 
Citrix troubleshooting 101
Citrix troubleshooting 101Citrix troubleshooting 101
Citrix troubleshooting 101
eG Innovations
 
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Codemotion
 
12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and Performance12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and Performance
Elogic Magento Development
 
2014 12-08 - odf plugfest - operations based odf editing with ox documents
2014 12-08 - odf plugfest - operations based odf editing with ox documents2014 12-08 - odf plugfest - operations based odf editing with ox documents
2014 12-08 - odf plugfest - operations based odf editing with ox documents
Malte Timmermann
 
OX Documents Explained
OX Documents ExplainedOX Documents Explained
OX Documents Explained
Malte Timmermann
 

More Related Content

Similar to OpenOffice.org/StarOffice & DRM, OMC Workshop 2006

NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
GetInData
 
Fuji Overview
Fuji OverviewFuji Overview
Fuji Overview
Eduardo Pelegri-Llopart
 
Predicting Startup Market Trends based on the news and social media - Albert ...
Predicting Startup Market Trends based on the news and social media - Albert ...Predicting Startup Market Trends based on the news and social media - Albert ...
Predicting Startup Market Trends based on the news and social media - Albert ...
GetInData
 
Troubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkersTroubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote Workers
eG Innovations
 
Digital Rights Management One For Sharepoint
Digital Rights Management One For SharepointDigital Rights Management One For Sharepoint
Digital Rights Management One For Sharepoint
pabatan
 
Not my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructureNot my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructure
Yshay Yaacobi
 
AppGate Getting Started Resources for Telarus Partners
AppGate Getting Started Resources for Telarus PartnersAppGate Getting Started Resources for Telarus Partners
AppGate Getting Started Resources for Telarus Partners
SaraPia5
 
[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answers[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answers
OWASP
 
MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019
Ieva Navickaite
 
Webinar: How to Design Primary Storage for GDPR
Webinar: How to Design Primary Storage for GDPRWebinar: How to Design Primary Storage for GDPR
Webinar: How to Design Primary Storage for GDPR
Storage Switzerland
 
Advanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applicationsAdvanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applications
Rogue Wave Software
 
2012 02-04 fosdem 2012 - guvnor and j bpm designer
2012 02-04 fosdem 2012 - guvnor and j bpm designer 2012 02-04 fosdem 2012 - guvnor and j bpm designer
2012 02-04 fosdem 2012 - guvnor and j bpm designer
marcolof
 
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
eG Innovations
 
Secure Developer Access at Decisiv
Secure Developer Access at DecisivSecure Developer Access at Decisiv
Secure Developer Access at Decisiv
Teleport
 
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdfUC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
Wlamir Molinari
 
ArchivePod a legacy data solution when migrating to the #CLOUD
ArchivePod a legacy data solution when migrating to the #CLOUDArchivePod a legacy data solution when migrating to the #CLOUD
ArchivePod a legacy data solution when migrating to the #CLOUD
Garet Keller
 
Getting Started with IBM i Security: Securing PC Access
Getting Started with IBM i Security: Securing PC AccessGetting Started with IBM i Security: Securing PC Access
Getting Started with IBM i Security: Securing PC Access
HelpSystems
 
Citrix troubleshooting 101
Citrix troubleshooting 101Citrix troubleshooting 101
Citrix troubleshooting 101
eG Innovations
 
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Codemotion
 
12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and Performance12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and Performance
Elogic Magento Development
 

Similar to OpenOffice.org/StarOffice & DRM, OMC Workshop 2006 (20)

NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
 
Fuji Overview
Fuji OverviewFuji Overview
Fuji Overview
 
Predicting Startup Market Trends based on the news and social media - Albert ...
Predicting Startup Market Trends based on the news and social media - Albert ...Predicting Startup Market Trends based on the news and social media - Albert ...
Predicting Startup Market Trends based on the news and social media - Albert ...
 
Troubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote WorkersTroubleshooting the Most Common Citrix Complaints for Remote Workers
Troubleshooting the Most Common Citrix Complaints for Remote Workers
 
Digital Rights Management One For Sharepoint
Digital Rights Management One For SharepointDigital Rights Management One For Sharepoint
Digital Rights Management One For Sharepoint
 
Not my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructureNot my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructure
 
AppGate Getting Started Resources for Telarus Partners
AppGate Getting Started Resources for Telarus PartnersAppGate Getting Started Resources for Telarus Partners
AppGate Getting Started Resources for Telarus Partners
 
[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answers[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answers
 
MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019MuleSoft Manchester Meetup #2 slides 29th October 2019
MuleSoft Manchester Meetup #2 slides 29th October 2019
 
Webinar: How to Design Primary Storage for GDPR
Webinar: How to Design Primary Storage for GDPRWebinar: How to Design Primary Storage for GDPR
Webinar: How to Design Primary Storage for GDPR
 
Advanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applicationsAdvanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applications
 
2012 02-04 fosdem 2012 - guvnor and j bpm designer
2012 02-04 fosdem 2012 - guvnor and j bpm designer 2012 02-04 fosdem 2012 - guvnor and j bpm designer
2012 02-04 fosdem 2012 - guvnor and j bpm designer
 
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
Citrix Troubleshooting 101: How to Resolve and Prevent Business-Impacting Cit...
 
Secure Developer Access at Decisiv
Secure Developer Access at DecisivSecure Developer Access at Decisiv
Secure Developer Access at Decisiv
 
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdfUC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
 
ArchivePod a legacy data solution when migrating to the #CLOUD
ArchivePod a legacy data solution when migrating to the #CLOUDArchivePod a legacy data solution when migrating to the #CLOUD
ArchivePod a legacy data solution when migrating to the #CLOUD
 
Getting Started with IBM i Security: Securing PC Access
Getting Started with IBM i Security: Securing PC AccessGetting Started with IBM i Security: Securing PC Access
Getting Started with IBM i Security: Securing PC Access
 
Citrix troubleshooting 101
Citrix troubleshooting 101Citrix troubleshooting 101
Citrix troubleshooting 101
 
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
Ron Munitz - The Ultimate Android Security Checklist - Codemotion Rome 2015
 
12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and Performance12 Ways to Improve Magento 2 Security and Performance
12 Ways to Improve Magento 2 Security and Performance
 

More from Malte Timmermann

2014 12-08 - odf plugfest - operations based odf editing with ox documents
2014 12-08 - odf plugfest - operations based odf editing with ox documents2014 12-08 - odf plugfest - operations based odf editing with ox documents
2014 12-08 - odf plugfest - operations based odf editing with ox documents
Malte Timmermann
 
OX Documents Explained
OX Documents ExplainedOX Documents Explained
OX Documents Explained
Malte Timmermann
 
OpenOffice.org and ODF Accessibility Today (OOoCon 2008 Bejing)
OpenOffice.org and ODF Accessibility Today (OOoCon 2008 Bejing)OpenOffice.org and ODF Accessibility Today (OOoCon 2008 Bejing)
OpenOffice.org and ODF Accessibility Today (OOoCon 2008 Bejing)Malte Timmermann
 
OpenOffice.org and ODF Accessibility, ABI Workshop 2006
OpenOffice.org and ODF Accessibility, ABI Workshop 2006OpenOffice.org and ODF Accessibility, ABI Workshop 2006
OpenOffice.org and ODF Accessibility, ABI Workshop 2006Malte Timmermann
 
OpenOffice.org Digital Signatures, OOoCon 2004
OpenOffice.org Digital Signatures, OOoCon 2004OpenOffice.org Digital Signatures, OOoCon 2004
OpenOffice.org Digital Signatures, OOoCon 2004Malte Timmermann
 
OpenOffice.org and ODF Accessibility, OOoCon 2006
OpenOffice.org and ODF Accessibility, OOoCon 2006OpenOffice.org and ODF Accessibility, OOoCon 2006
OpenOffice.org and ODF Accessibility, OOoCon 2006Malte Timmermann
 
Linux Accessibility Workshop, Sun Accessibility
Linux Accessibility Workshop, Sun AccessibilityLinux Accessibility Workshop, Sun Accessibility
Linux Accessibility Workshop, Sun AccessibilityMalte Timmermann
 
Sun ODF Plugin for MS Office
Sun ODF Plugin for MS OfficeSun ODF Plugin for MS Office
Sun ODF Plugin for MS OfficeMalte Timmermann
 

More from Malte Timmermann (8)

2014 12-08 - odf plugfest - operations based odf editing with ox documents
2014 12-08 - odf plugfest - operations based odf editing with ox documents2014 12-08 - odf plugfest - operations based odf editing with ox documents
2014 12-08 - odf plugfest - operations based odf editing with ox documents
 
OX Documents Explained
OX Documents ExplainedOX Documents Explained
OX Documents Explained
 
OpenOffice.org and ODF Accessibility Today (OOoCon 2008 Bejing)
OpenOffice.org and ODF Accessibility Today (OOoCon 2008 Bejing)OpenOffice.org and ODF Accessibility Today (OOoCon 2008 Bejing)
OpenOffice.org and ODF Accessibility Today (OOoCon 2008 Bejing)
 
OpenOffice.org and ODF Accessibility, ABI Workshop 2006
OpenOffice.org and ODF Accessibility, ABI Workshop 2006OpenOffice.org and ODF Accessibility, ABI Workshop 2006
OpenOffice.org and ODF Accessibility, ABI Workshop 2006
 
OpenOffice.org Digital Signatures, OOoCon 2004
OpenOffice.org Digital Signatures, OOoCon 2004OpenOffice.org Digital Signatures, OOoCon 2004
OpenOffice.org Digital Signatures, OOoCon 2004
 
OpenOffice.org and ODF Accessibility, OOoCon 2006
OpenOffice.org and ODF Accessibility, OOoCon 2006OpenOffice.org and ODF Accessibility, OOoCon 2006
OpenOffice.org and ODF Accessibility, OOoCon 2006
 
Linux Accessibility Workshop, Sun Accessibility
Linux Accessibility Workshop, Sun AccessibilityLinux Accessibility Workshop, Sun Accessibility
Linux Accessibility Workshop, Sun Accessibility
 
Sun ODF Plugin for MS Office
Sun ODF Plugin for MS OfficeSun ODF Plugin for MS Office
Sun ODF Plugin for MS Office
 

Recently uploaded

Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 

Recently uploaded (20)

Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 

OpenOffice.org/StarOffice & DRM, OMC Workshop 2006

  • 1. Sun OMC Workshop 2006-03-15, Santa Clara OpenOffice.org & StarOffice DRM Malte Timmermann Technical Architect Sun Microsystems GmbH ©Sun Microsystems, Inc. - All Rights Reserved
  • 2. About the Speaker • Technical Architect in StarOffice/OpenOffice.org Development • Working on StarOffice since 1991 • Main focus: Core Development > Accessibility > Security (Digital Signatures. DRM soon) > Performance > Past: EditEngine, VCL, Help System, BasicIDE, ... ©Sun Microsystems, Inc. - All Rights Reserved
  • 3. About this presentation • Some general information about document protection > Based on my best current knowledge, no DReaM specific things included > Hope to learn here what Office Suite customers really need ;) • Evaluation of potentialities, no concrete plans for StarOffice or OpenOffice.org right now! ©Sun Microsystems, Inc. - All Rights Reserved
  • 4. Agenda • What is StarOffice / OpenOffice.org? • Why Document Protection? • Permissions and Restrictions • StarOffice / OpenOffice.org Solutions? • Conclusion • Q&A ©Sun Microsystems, Inc. - All Rights Reserved
  • 5. What is StarOffice / OpenOffice.org? • Integrated productivity suite with word processor, spreadsheet, presentation, drawing, database, ... • Open Source > StarOffice code base is available as OpenOffice.org under the LGPL license • Multi Platform > Sun supports StarOffice on Windows, Linux, Solaris > OpenOffice.org available for more platforms • Support for different languages > CJK and CTL > Right to Left and Vertical Writing ©Sun Microsystems, Inc. - All Rights Reserved
  • 6. What is StarOffice / OpenOffice.org? • Interoperable with MS Office documents > Can read and write MS Office files > Comparable feature set • Native format is OASIS OpenDocument Format > Open XML standard for documents > ISO standardization is in progress • Create (accessible) PDF files > Tagged PDF, TOC, Hyperlinks, Controls • Digital Signatures > W3C DSIG, open standard ©Sun Microsystems, Inc. - All Rights Reserved
  • 7. Why Document Protection? • Content producers want to sell content and want to make sure that it's only used by customers who paid for it > Ebooks (as well as Music, Movies, ...) > Avoid free distribution / piracy • Companies want to protect their documents so that they can only be read by authorized people > Confidential information > Avoid unauthorized usage ©Sun Microsystems, Inc. - All Rights Reserved
  • 8. Different Scenarios • Content sellers often don't know much about their customers > User authentication is quite difficult > No trust in user (customer) > They trust more in certain applications > They lock the content to these applications > Even to certain devices! > Customers don't like this strong restrictions for paid content! > What happens if I buy new devices? > What happens if the content provider / licensee goes away? – DRM == Digital *Restrictions* Managements ;) ©Sun Microsystems, Inc. - All Rights Reserved
  • 9. Different Scenarios • Companies know their employees > User authentication is quite easy > Companies (should) trust their employees > User authentication is enough, no locking into certain software necessary > Use any device or software! ©Sun Microsystems, Inc. - All Rights Reserved
  • 10. Document Protection Basics • Encryption > Content is encrypted > Key distribution necessary > Encrypted within the data file > Encrypted within separate license file > Licensing Server (Authentication and key exchange) • Security can be enhanced with using a “Trusted Platform” > This need TPM and the full stack of hard/software, signed applications > Hard to achieve, but without that people with permission to open the file have a good chance to remove protections ©Sun Microsystems, Inc. - All Rights Reserved
  • 11. Document Protection Key Distribution • Public Key Infrastructure (PKI) > Deploy document decryption key within the media file or an external license file > Decryption key itself is encrypted with the users public key, only this user can decrypt it with his private key > Can be provided for multiple users > Advantage: > No complex server infrastructure needed, use existing PKI > Disadvantages > Needs modification of media file on each distribution, or distribution of separate license files > No rights revocation possible after file is deployed > No document time-out possible ©Sun Microsystems, Inc. - All Rights Reserved
  • 12. Document Protection Key Distribution • Rights Management or Licensing Server > Keys and rights are managed on server > User is authenticated by some server, software receives decryption key from server > Advantage: > Dynamic rights managements, access rights can be changed any time after document deployment > Can also be done role based, roles can changed any time > Time-out for documents possible > Document always remains the same > Disadvantages > Complex server infrastructure with secure key exchange needed ©Sun Microsystems, Inc. - All Rights Reserved
  • 13. Permissions and Restrictions • Licensing Server and PKI can only guarantee the basic permission, if the user is allowed (able) to open the document > Time period can be used on key request with licensing server • Restrictions like “can't print, save as, ...” are only application logic, cannot be enforced by any server! > Application can be modified to not apply restrictions > Restrictions may lock out Assistive Technology! • Trusted Platform is needed for full security > But what is with the “Analog Gap”? User can still copy... ©Sun Microsystems, Inc. - All Rights Reserved
  • 14. StarOffice/OpenOffice.org Solutions ? • Preconditions: > We have an Open Source Client, which can be modified by anyone > We don't want to lock the user into certain environments > (Currently) no trusted platform and signed applications, so only basic permissions possible > We might offer the “Restrictions” as a convenience feature, but it must be clear that the software can quite easily be modified to ignore the restriction > But even this might fit the needs of companies for 'inhouse usage', policies can do the rest ©Sun Microsystems, Inc. - All Rights Reserved
  • 15. StarOffice/OpenOffice.org Solutions ? • Key Distribution > PKI based solution? > This might be a convenient solution for personal usage, to protect private documents or to pass encrypted documents to certain people without the need of key distribution > Server based solution? > This is what companies need for their internal documents > No special protection against software modifications should be needed for internal documents > Do we really need DRM then? – It might help for managing document life cycle and for protecting stolen or leaked documents > Wouldn't a Document Management System be the better solution here? ©Sun Microsystems, Inc. - All Rights Reserved
  • 16. StarOffice/OpenOffice.org Solutions ? • Platforms for server based solution > Open Rights Management solution? > Not existent right now, but this is the preferred way to go > Adobe Lifecycle Server? > Server support for multiple platforms, including Solaris > Microsoft Rights Management Server? > Only Windows > But might be needed for migration projects or heterogeneous environments ©Sun Microsystems, Inc. - All Rights Reserved
  • 17. StarOffice/OpenOffice.org Solutions ? • Should OpenOffice.org & StarOffice be able to load DRM protected MS Office documents? > Only possible if user authentication is enough > Be aware – that makes it much easier for people to remove MS document restrictions! ©Sun Microsystems, Inc. - All Rights Reserved
  • 18. Conclusion • For private use, the PKI solution just for document encryption could be nice > But that is not DRM • StarOffice might support different DRM systems > But it doesn't help much to protect only StarOffice files, DRM for all used file formats would be needed in a company > We must make sure to not lock out Assistive Technology! > People can still use the “Analog Gap” for copying the content • What about using Document Management Systems instead? > StarOffice and OpenOffice.org should have good support for and integration with Document Management Systems ©Sun Microsystems, Inc. - All Rights Reserved
  • 19. Q/A ©Sun Microsystems, Inc. - All Rights Reserved
  • 20. OpenOffice.org & StarOffice DRM Malte Timmermann Malte.Timmermann@sun.com ©Sun Microsystems, Inc. - All Rights Reserved