Transcription
CM12-1Childproof Drawings:Security Features of AutoCAD 2004Tom StoeckelAutoCAD 2004 has introduced new security features that providegreater control over drawing protection and data integrity. Learn howto use password-based encryption to secure your drawing data. We'llalso cover how to incorporate digital signatures into drawings andgenerate reliable information about who created the drawings andwhether they were modified since they were signed. Learn the nutsand bolts of how to incorporate these new features into your workenvironment.HousekeepingQuestionsSession Evaluation Form1
Childproof DrawingsYour instructor – Tom Stoeckel Autodesk programmer for 6 years Express Tools and AutoCAD Digital Signatures and DWG SecurityAgendaDigital SignaturesDrawing SecurityWhat is a digital signature?A unique ID issued by a certificate authorityContains name, serial number, expiration date, etc.Same concept as your handwritten signature only forelectronic documents Identifies a document as being associated with aspecific person Attaches the identity of the signer2
Why use digital signature?Identify the senderVerify contents were not altered since signingResponsibility for contents A signed file cannot be rejected as invalid. Thesigner of a file cannot later disown the file byclaiming the signature was forged. Electronic Signatures in Global and NationalCommerce Act (E-Sign) gives digital signatures thesame power as handwritten ones.How to get a digital signatureCertificate authority Verisign (www.verisign.com) GlobalSign (www.globalsign.net) Search the netInstalling your signature Automatic on download Internet Options – Content - CertificatesSigning your drawingsDifferent methods but common steps Attach digital signature checkbox Select a valid certificate Requires a non-expired certificate Choose a time service (optional) Add your own time server to timesrvr.txt ADSKSIGTIMESRVR environment variable Add comments (optional)Signing is a deliberate operation3
Signing a drawing onceSave As menu (or SAVEAS command) Tools menu Security options menu itemOnly applies signature on THAT saveSigning a drawing automaticallySECURITYOPTIONS command orOptions dialog Open and Save tab Security Options buttonWorks on a per drawing, per session basis Must be set for each drawing to be signed Only applies to the current sessionSigning multiple files at onceIdeal when signing a finalproject set of filesCan only be done fromoutside AutoCADAttach Digital Signaturesdialog Found in OS Start menu Multiple files at once Digitally sign .dwg, .exeand .zip4
Signing an encrypted drawingSaving invalidates a signature so Encrypt the drawing firstThen digitally signValidating signaturesDigital Signature Contents dialogWhat this information tells you Whether the file was modifiedsince it was signed Identity of signer Time stamp and commentsattached to the file Issuer (certificate authority) ofthe digital ID "Valid to" and "valid from" datesfor the digital IDInvalidated signaturesHow does a signature get invalidated? Saving over a signed drawing External modification of the binary .dwg fileWarning dialog5
Validating From Windows ExplorerProperties Right-click on signed file Properties DigitalSignature tabDigital Signatures icon Windows 2000 or greater Turning it off Right-click on .DWx/exe/zip Enable/Disable Digital Signatures IconManual validation from AutoCADStatus bar iconSIGVALIDATE commandValidate Digital Signatures dialogAutomatic validation from AutoCADSIGWARN system variable Options - Open and Save – Always shows invalidatedsignaturesDisplay digital signatureinformation Validating Xrefs Options to skip Xrefwarnings6
Drawing SecurityEncrypts the entire drawing file Option to encrypt drawing propertiesIntroduced in AutoCAD 2004 Only works on 2004 format DWG, DWT and DWSEncryption is lost when saving to an earlier versionWhy use encryption?Protect drawing data from being stolenEnsure data confidentialitySecure drawing data from modificationPrevent unauthorized viewingWhen to use encryption?Sharing sensitive data outside of the organizationTransmitting files through non-secure mediumPassword protection is superfluous on an internalnetwork OS permissions achieve the same goal and areeasier to manage7
Losing a PasswordNo password – no drawingThere is NO back doorBackup drawings before encryptionSecure your passwordsChoosing a PasswordWord or phraseAny characters you chooseMore characters more securityChoosing Encryption typesOS default is used unless otherwise specifiedEncryption providers supplied by OSThe higher the key length, the higher the protectionConfirm other computers can decrypt before sharing8
Encrypting a drawingSecurity Options dialogEncrypting a drawingSave As menu (or SAVEAS command) Tools menu Security options menu itemSECURITYOPTIONS commandOptions dialog Open and Save tab Security Options buttonPassword must be set for each drawing Password persists until removedOpening a secure drawingPassword request dialogPassword cache Reuses valid passwordsduring the current sessionChanging/removing apassword Security Options dialog Change or clear thepassword field9
Changes to APIsObjectARX readDWGFile() acedSyncFileOpen() acedXrefAttach() acedXrefOverlay() saveAs()ActiveX/VBA SecurityParams objectThank YouTurn in your session evaluation forms as you leaveEmail: tom.stoeckel@autodesk.com10
Express Tools and AutoCAD Digital Signatures and DWG Security Agenda Digital Signatures Drawing Security What is a digital signature? A unique ID issued by a certificate authority Contains name, serial number, expiration date, etc. Same concept as
