Adobe's Policy Server tightens document privacy

LiveCycle Policy Server applies security policies to electronic documents

Adobe Systems on Wednesday rolled out its LiveCycle Policy Server, which lets enterprise users apply policies to PDF documents to improve regulatory compliance and information privacy efforts.

Adobe's new J2EE-based Policy Server lets a PDF document's creator set policies determining who can view a document and whether the recipient can modify, copy, print, or forward the document. Through integration with LDAP-based authentication and identity management infrastructures, the LiveCycle Policy Server ensures only the intended recipients can open a protected document. In addition, permissions can be revoked, even if a document has been burned to a CD or copied to a PC, according to John Landwehr, director of security solutions and strategy at Adobe.

"The author of the policy can assign whether a recipient can view the document online or offline, and for how long," he said.

Protecting intellectual property and confidentiality of corporate information is a growing need, as government regulations and outsourcing increase, Landwehr said.

"Anytime personally identifying information is being captured in a form it is a good idea to protect it, in case a laptop is stolen or if a file is accidentally e-mailed. [With Policy Server] people can only view a document if they have authorization according to policies set on the document," Landwehr said.

Document version control, typically a sticky challenge once a document is distributed, is another benefit of the Policy Server, according to Landwehr.

"By having persistent control over who can open a document and what they can do to it, you can now manage versions of the document down to the desktop. This is great for forms that are distributed," he said

The LiveCycle Policy Server is closely integrated via Web services with Adobe Acrobat 7.0 and Adobe Reader 7.0, which were made available Wednesday as well.

"It is a Web service call made from Acrobat or Reader back to the Policy Server. Since it is a simple Web service, it can easily proxy through the firewall for Internet-facing document distribution. As long as you have an Internet connection you can view the protected document," Landwehr said.