Security and privacy issues in the Portable Document Format

Authors:
Aniello Castiglione;Alfredo De Santis;Claudio Soriente
Affiliations:
Dipartimento di Informatica ed Applicazioni, Universití di Salerno, Via Ponte don Melillo 1, I-84084 Fisciano (Salerno), Italy;Dipartimento di Informatica ed Applicazioni, Universití di Salerno, Via Ponte don Melillo 1, I-84084 Fisciano (Salerno), Italy;Dipartimento di Informatica ed Applicazioni, Universití di Salerno, Via Ponte don Melillo 1, I-84084 Fisciano (Salerno), Italy and Facultad de Informática, Universidad Politécnica d ...
Venue:
Journal of Systems and Software
Year:
2010

Citing 8
Cited 4

PostScript language reference (3rd ed.)

PostScript language reference (3rd ed.)
Extraction, layout analysis and classification of diagrams in PDF documents

ICDAR '03 Proceedings of the Seventh International Conference on Document Analysis and Recognition - Volume 2
A format design case study: PDF

Proceedings of the fifteenth ACM conference on Hypertext and hypermedia
Editorial: Single- versus double-blind reviewing

ACM Transactions on Database Systems (TODS)
Taking advantages of a disadvantage: Digital forensics and steganography using document metadata

Journal of Systems and Software
Extracting reusable document components for variable data printing

Proceedings of the 2007 ACM symposium on Document engineering
Improving publication quality by reducing bias with double-blind reviewing and author response

ACM SIGPLAN Notices
Information Leakage Caused by Hidden Data in Published Documents

IEEE Security and Privacy

A high quality image sharing with steganography and adaptive authentication scheme

Journal of Systems and Software
An asynchronous covert channel using spam

Computers & Mathematics with Applications
Text analysis for detecting terrorism-related articles on the web

Journal of Network and Computer Applications
A secure file sharing service for distributed computing environments

The Journal of Supercomputing

Quantified Score

Hi-index	0.00

Visualization

Abstract

The Portable Document Format (PDF) was developed by Adobe in the early nineties and today it is the de-facto standard for electronic document exchange. It allows reliable reproductions of published materials on any platform and it is used by many governmental and educational institutions, as well as companies and individuals. PDF documents are also credited with being more secure than other document formats such as Microsoft Compound Document File Format or Rich Text Format. This paper investigates the Portable Document Format and shows that it is not immune from some privacy related issues that affect other popular document formats. From a PDF document, it is possible to retrieve any text or object previously deleted or modified, extract user information and perform some actions that may be used to violate user privacy. There are several applications of such an issue. One of them is relevant to the scientific community and it pertains to the ability to overcome the blind review process of a paper, revealing information related to the anonymous referee (e.g., the IP address of the referee).