Authorized Online and Offline Document Access Bounded to Hardware and User
摘要
Electronic documents play a key role in information exchange within an organization's network and with customers or clients. These documents often contain proprietary and private content that needs to be secured and protected from unauthorized access. Securing documents helps organizations gain client/customer(s) trust, and adhere to global privacy protection laws/standards like HIPAA, CCPA, etc. Researchers focused importantly on authentication, authorization, and controlled access of documents through cryptography, feature access (like printing, copying, etc.), permission control (cloud and on-prem), password protection, watermarking, document tracking, etc. There is limited research on internal threats through malicious users, where authorized users gain document access and share the document with unauthorized users by passing the protection layers. Researchers attempted to address these concerns in silos, like document binding to a user or hardware and metadata binding for offline authorization etc. In this paper, researchers try to protect the documents from malicious internal users attempting to share with un-authorized users, in this direction it is proposed to use Superencipherment, Trusted Platform Module (TPM), TinySiamese Network for embeddings, Biometric key generation, and Document XML (Embedding Metadata), to secure the document. This approach will bind the document to an authorized user and the hardware where it is downloaded at the same time. The encryption keys are generated dynamically, and are not stored, hence less risk of losing or key hacking. Authorization metadata is bound to the document securely so that offline access can be controlled and validated. Overall, this approach increases document security by preventing unauthorized sharing.