AnsweredAssumed Answered

Document Level Security

Question asked by sudipto on Sep 22, 2009
Latest reply on Jan 14, 2011 by komatineni
I am in the process of evaluating a content management solution at one of our large customers who is particularly keen on an open source solution.



But at the same time security is also a concern:



Here is what I am looking at. I need to store contents into the content management solution unencrypted so as to allow indexing and searching. But my solution needs to have in place a system by which it can do an email push of documents as also web based access of the documents. But there is a concern that once the document has got pushed into e mails or user has downloaded the email into their file system, they should not be able to leak the content to unauthorized persons.



I know of an implementation where content before storage is converted to a pdf and is then watermarked so that if the data gets leaked the source of leakage can at least be discovered.



I was tempted to think of a situation like sharepoint which can have windows RMS solutions implemented and then have a gateway solution like gigatrust or liquid machine to enable rights protection. What kind of document level security is inherently supported by Alfresco. How is the security maintained once the document is outside the alfresco boundary? If there is no internal document level security, is there a way in which it can integrate with a commercially available document security solution? If you could send me a detailed write-up on this (perhaps with architecture) it would make it simpler for me to solution the same to the customer.

Outcomes