Childproof Drawings: Security Features of AutoCAD® 2004 · 2011. 8. 27. · AutoCAD® 2004 has...
Transcript of Childproof Drawings: Security Features of AutoCAD® 2004 · 2011. 8. 27. · AutoCAD® 2004 has...
1
Childproof Drawings: Security Features of AutoCAD® 2004Tom Stoeckel
AutoCAD® 2004 has introduced new security features that provide greater control over drawing protection and data integrity. Learn how to use password-based encryption to secure your drawing data. We'll also cover how to incorporate digital signatures into drawings and generate reliable information about who created the drawings andwhether they were modified since they were signed. Learn the nuts and bolts of how to incorporate these new features into your work environment.
CM12-1
Housekeeping
Questions
Session Evaluation Form
2
Childproof Drawings
Your instructor – Tom Stoeckel• Autodesk programmer for 6 years• Express Tools and AutoCAD• Digital Signatures and DWG Security
Agenda
Digital Signatures
Drawing Security
What is a digital signature?
A unique ID issued by a certificate authorityContains name, serial number, expiration date, etc.Same concept as your handwritten signature only for electronic documents• Identifies a document as being associated with a specific person
• Attaches the identity of the signer
3
Why use digital signature?
Identify the senderVerify contents were not altered since signingResponsibility for contents• A signed file cannot be rejected as invalid. The signer of a file cannot later disown the file by claiming the signature was forged.
• Electronic Signatures in Global and National Commerce Act (E-Sign) gives digital signatures the same power as handwritten ones.
How to get a digital signature
Certificate authority• Verisign (www.verisign.com)• GlobalSign (www.globalsign.net)• Search the net
Installing your signature• Automatic on download• Internet Options – Content - Certificates
Signing your drawings
Different methods but common steps• Attach digital signature checkbox• Select a valid certificate
• Requires a non-expired certificate• Choose a time service (optional)
• Add your own time server to timesrvr.txt• ADSKSIGTIMESRVR environment variable
• Add comments (optional)
Signing is a deliberate operation
4
Signing a drawing once
Save As… menu (or SAVEAS command)• Tools menu
• Security options… menu item
Only applies signature on THAT save
Signing a drawing automatically
SECURITYOPTIONS command orOptions dialog• Open and Save tab
• Security Options… button
Works on a per drawing, per session basis• Must be set for each drawing to be signed• Only applies to the current session
Signing multiple files at once
Ideal when signing a final project set of files
Can only be done from outside AutoCAD
Attach Digital Signaturesdialog• Found in OS Start menu• Multiple files at once• Digitally sign .dwg, .exe
and .zip
5
Signing an encrypted drawing
Saving invalidates a signature so…Encrypt the drawing firstThen digitally sign
Validating signatures
Digital Signature Contents dialog
What this information tells you• Whether the file was modified
since it was signed • Identity of signer • Time stamp and comments
attached to the file • Issuer (certificate authority) of
the digital ID • "Valid to" and "valid from" dates
for the digital ID
Invalidated signatures
How does a signature get invalidated?• Saving over a signed drawing• External modification of the binary .dwg file
Warning dialog
6
Validating From Windows Explorer
Properties• Right-click on signed file• Properties• Digital Signature tab
Digital Signatures icon• Windows 2000 or greater• Turning it off
• Right-click on .DWx/exe/zip• Enable/Disable Digital Signatures Icon
Manual validation from AutoCAD
Status bar iconSIGVALIDATE commandValidate Digital Signatures dialog
Automatic validation from AutoCAD
SIGWARN system variable• Options - Open and Save –
Display digital signature information …
• Always shows invalidated signatures
Validating Xrefs• Options to skip Xref
warnings
7
Drawing Security
Encrypts the entire drawing file• Option to encrypt drawing properties
Introduced in AutoCAD 2004• Only works on 2004 format• DWG, DWT and DWS
Encryption is lost when saving to an earlier version
Why use encryption?
Protect drawing data from being stolenEnsure data confidentialitySecure drawing data from modificationPrevent unauthorized viewing
When to use encryption?
Sharing sensitive data outside of the organizationTransmitting files through non-secure mediumPassword protection is superfluous on an internal network• OS permissions achieve the same goal and are easier to manage
8
Losing a Password
No password – no drawingThere is NO back doorBackup drawings before encryptionSecure your passwords
Choosing a Password
Word or phraseAny characters you chooseMore characters = more security
Choosing Encryption types
OS default is used unless otherwise specifiedEncryption providers supplied by OSThe higher the key length, the higher the protectionConfirm other computers can decrypt before sharing
9
Encrypting a drawing
Security Options dialog
Encrypting a drawing
Save As… menu (or SAVEAS command)• Tools menu• Security options… menu item
SECURITYOPTIONS commandOptions dialog• Open and Save tab
• Security Options… button
Password must be set for each drawing• Password persists until removed
Opening a secure drawing
Password request dialog
Password cache• Reuses valid passwords
during the current session
Changing/removing a password• Security Options dialog• Change or clear the
password field
10
Changes to APIs
ObjectARX• readDWGFile()• acedSyncFileOpen()• acedXrefAttach()• acedXrefOverlay()• saveAs()
ActiveX/VBA• SecurityParams object
Thank You
Turn in your session evaluation forms as you leaveEmail: [email protected]