复制保护Excel数据 [英] Copyprotecting Excel Data
问题描述
我的客户有一个非常精确的要求.客户收到包含公司敏感数据的excel/pdf文档.然后将其分发给一些管理人员和外部捐助者,以将数据告知他们.
有什么方法可以防止这些人为自己保留数据副本吗?例如.没有打印屏幕,复制和粘贴,打印.另外,数据只能在20分钟内可用,此后屏幕必须关闭且无法再次打开.
我当前的想法是编写一个ASP应用程序,该应用程序将读取和显示数据20分钟或直到用户关闭窗口为止,以先到者为准.然后使用javascript禁用打印屏幕,并使gridview只读,以防止复制和粘贴.
这是实现这一目标的唯一方法吗?或者我想念一种更简单的方法吗?只能选择自定义应用程序组件.
自定义的ASP应用程序将执行此操作,您不仅要阻止打印屏幕,还要保存页面. (实际上...切断了上下文菜单的显示能力!)您将需要一个服务来提供文档,并且该服务的任务是使数据可用性超时并且仅查看一次.您还需要一个用于文档创建者的组件,该组件将定义谁可以看到该文档并提供文档以提供服务.这样,您的服务可以发送电子邮件并开始计时.
似乎拥有如此敏感的数据,他们应该将人们拉进一个房间,然后给他们看一张幻灯片.这是他们完全保护信息的唯一方法. :)他们在安全方面的第一件事是安全漏洞的最大威胁来自内部.
好吧,我不知道您将如何阻止任何事情在ASP或ASP.NET和JavaScript中.它是关于存在代码限制最严格的环境的.它的功能非常有限.
您正在执行的操作的问题在于您正在枚举不良".您正在尝试编写代码以防御一组已知的攻击媒介.但是那些你不认识的人呢?
仅仅禁用正常的打印屏幕不会阻止某人使用另一个屏幕捕获应用程序,也不能阻止所有这些应用程序.
您要阻止某人使用远程桌面和/或远程协助吗?
认真地说,要达到这些要求的唯一方法是,将计算机设置为自助服务机模式并锁定在高安全性的房间中,并且它是唯一可以对其服务器进行任何访问的计算机从中获取数据.
所有访问都应记录下来,并审核使用情况.
真的吗?这是什么地方?mod?
-------------------------------------------------- -------------------
安全性的问题在于它存在.对任何锁的最大威胁是锁本身的存在.如果该锁不存在,则无法将其断开.
非常感谢您的输入.该应用程序适用于医院团体,因此包含患者相关信息.这就是为什么需要高安全性的原因.
Hi, I have a client with a very precise requirement. The client receives an excel/pdf document with sensitive company data. This then gets distributed to some managers and external benefactors to inform them of the data.
Is there any way to prevent these people from keeping a copy of the data for themselves? eg. No printscreen, copy and paste, print. Also the data must only be available for 20min whereafter the screen must close and not be openable again.
My current idea is to write an asp app that will read and display the data for 20mins or until the user closes the window whichever comes first. Then use javascript to disable the printscreen and have the gridview read-only to prevent copy and paste.
Is this the only way to achieve this or is there an easier way I am missing?
With all the requirements that you have surrounding these documents, I don''t see that you have any choice but a custom application component.
The custom asp app will do it and you want to not only block print screen but also save page. (Actually ... cut off the ability for the context menu to display at all!) You would need a service to serve up the document and the service would have the task of timing out data availability as well as viewing only once. You would also need a component for the creator of the document who will define who can see it and provide the document to feed the service. That way your service can send out the email and start the clock ticking.
Seems with such sensitive data they should just pull the people into a room and show them a slide. That is the only way they could totally secure the information. :) The number one thing they teach in security is that the biggest threat of security breach comes from within.
Well, I don''t see how you''re going to stop anything in ASP or ASP.NET and JavaScript. It''s about the most code-restricted environment there is. It''s capabilities are very limited.
The problem with what you''re doing is that you are "enumerating badness". You are trying to code to defend against a set of known attack vectors. But what about the ones you don''t know of?
Simply disabling the normal print-screen will not stop someone from using another screen capture app, nor can you block all of those as well.
Are you going to stop someone from using Remote Desktop and/or Remote Assistance?
Seriously, the only way you''re going to achieve these requirements is if the machine is setup in kiosk mode and is locked in a high-security room and it''s the only machine that has any kind of access to the server it''s getting data from.
All access should be logged and usage audited.
Really? What is this place? The Department of Defense?
---------------------------------------------------------------------
The problem with security is that it exists. The greatest threat to any lock is the existence of the lock itself. If the lock doesn''t exist, you can''t break it.
Thanks a lot for your input. The application is for a hospital group so it contains patient relevant information. That is why the high amount of security is necessary.
这篇关于复制保护Excel数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
