Document Security in Web Applications

Contributed by Andres Desa
Organizations publish information online including confidential data. Data is rendered in varied formats; it can vary from simple HTML pages to documents in Adobes PDF or Microsofts Word/Excel formats. Confidential data is restricted to a set of users who have to login and be authenticated on the website. A common example of such a situation is an online banking system, wherein the personal statements of a customer are made available in a PDF file. These files contain sensitive information and as such they must not be made available to any other user. Mechanisms to protect data rendered as HTML are well established, the same thing does not hold good for document protection.
This document is in PDF format. To view it click here.
Breaking out of Prison is easier than you think
Understanding Phishing and Protecting the 8th Layer
The Journey from Unmanaged to a Managed Risk Management Program
Responsibilities and Considerations in Secrets Management