From Drumlin Security Wiki
Jump to navigation Jump to search

Javelin Secure PDF readers and the Drumlin DRM

Digital Rights Management (DRM) systems provide the only mechanism for securing PDF files that are distributed to end users so that the files cannot be copied or forwarded for others to read. The Drumlin DRM service is an in-network facility that provides a full range of DRM support for PDF files and for which the secured files are viewed using a Javelin PDF reader on the end user device. Javelin readers can be used to open the files that are strongly encrypted using the free DrumlinPublisher software (filetypes .drmz and .drmx).

Currently Drumlin drmz files are provided for full cross-platform support (Windows, macOS, iOS/iPadOS and Android), with the drmx high-security format provided for the desktop versions - in both cases Javelin readers are required in order to authorize and view the secured PDFs. Each secured PDF has a unique documentID, embedded in its separately encrypted header block. Javelin readers inspect this documentID and check the user's device to see if it is permitted to view that particular documentID. If it is, the file is open for viewing; if not, the Javelin reader will prompt the user for either an authorization code or will check for a locally sited license file for that documentID. Note that when a secured file is authorized, it is the device that is authorized, not the user (unless license files are used - Javelin3Pro for Windows users only), and the encrypted file is not decrypted (it remains encrypted on the user's device). The code approach is the most widely used, and when a valid code is entered the user's device is enabled to view the file in a local encrypted file or similar facility (e.g. on Windows, this is stored in the Registry). In future, Javelin readers check this locally stored information to determine whether the file can be opened for viewing, so do not require an online connection to the Drumlin DRM service.

Drumlin Publisher