At the company where I am working there are sensitive documents which are sending to some clients, business partners etc.

I am thinking of a system to record every copy operation from an protected container, I mean when such a document is copied/accessed in order to be send or for some other purpose.

To make myself clear lets assume all the these documents are in /xxx/protected_storage
Then someone which is a user on that server copies a document I want a record to be filled in a database with username, date and some other info. Something like a traking system.

There is an Samba Server and Windows clients, and the documents are accessed only from windows.

What solution do you see to this problem?
I think many companied have this problem and there should be also some solutions.

Thanks

Document storage, retrieval and tracking isn't on my list of todo's wrt security but from experience I can say companies I worked with where sloppy (and that's an understatement) wrt handling docs. So while I think this is not a question for the Linux - Security forum, it nonetheless is an interesting one.

Partially because you'll see no one wants to invest in anything fancy, partially because it has to be user friendly, partially because you'll want to have basic cross-platform displaying capabilities, the best I can think of would be on demand PDF generation, which will let registering auth data precede making the copy. PDF is cool because it can provide stuff like locking and encryption.

Ya, I think you are absolutely right.
But, a business partner from the USA sends us sensitive pdf documents, and on the document there is a note, something like: "registered copy bla bla bla"
The company is big and I don't think that every pdf document they send, is manually modified, and registered and so on. As a plus, I am sure there is also something like a watermarking system or a steganography algorithm for embedding info about the recipient so they could track if the document gets lost in the wild.

Phone-home tracking only succeeds when you are able make a call. It would get a lot "better" if the document would need to phone home to fetch a partial key to decrypt the contents but at that point it would look more like an application than a document. Steganography is AFAIK only usable passively, like "evidence" when the document is "found".

BTW, in what way are these docs "sensitive"? Is it blueprints or patent info or more like financial data?

Basically, there are a couple of pts: 1. doc integrity/tracking, 2. secure transmission.
For 1. you could use watermarking/steganography.
for 2. you could use ssh and/or encryption
At one of the banks I used to work at, we encrypted doc then ftp'd it.

For 1. you could use watermarking/steganography.
Could you explain in what ways watermarking or steganography can be used in tracking a document?


for 2. you could use ssh and/or encryption
I think that while secure transmission can be useful for in-transit it doesn't provide any guarantee against eavesdropping along the way or storage and handling once something is past the end-point. For example retrieving docs over SSL and then stashing it in a shared P2P dir. Just trying to feed the discussion...


At one of the banks I used to work at, we encrypted doc then ftp'd it.
Encryption nnnnice, FTP baaaaahhhhd...

Just a few ideas:
->Never send Microsoft Word documents outside (history tracking,..) I think even some pdf generators have some flaws.
->You can use pdftk to add watermarking/encryption or copy notice/track number or put a password on every document that goes out. I'm protecting like this every document that goes out. With this, users can't copy paste from the pdf, can't search (I'm a bitch) , they can only PRINT THEM. All this with a nice makefile. Adobe are pretty awful for doing this Maybe some pdf readers can break this..

edit:
don't dream too much, tracking document is impossible as unSpawn is waiting you to say by yourself

pdftk is a nice tool, I'll use it.
It would be great if it has a GUI. For me it is ok as it is, but for my boss maybe it is not so good...

Steganography can be used only to track documents passively. It can't call back home. This is for sure. There are some bits inserted in a file, there is no application.

They could be some technical drawings, industrial howto or simple information that only the recipient should see. Another case is when the document should not be modified easily (it contains a scanned signature etc).