PDFNet security controls related to data leakage, disk access, encryption

Technical Support Apryse SDK
, , , ,
1

Q:

We are using PDFNet on iOS & Android to view and markup/annotate PDFs. We want to make sure that all user data is secured and does not leak.

I noticed that PDFNet by default writes to a temp file during annotation in the viewer. Because we are writing a secure application, we want to know, if any user data can be exposed through this files.

Can you please explain PDFNet SDK options related to disk access, security, etc.

A:

  • Currently PDFNet does not write anything to disk during read/view operations.

  • By default, PDFNet writes to disk only during PDF generation or editing - this is done because PDFNet support generation of huge multi-gigabyte document what may not otherwise fit in memory. For apps that are doing only minor document edits (e.g. markup and annotation editing) disabling temp files should not be a problem.

  • You can switch disk caching with (i.e. store all new data in memory) with SetDefaultDiskCachingEnabled() - http://www.pdftron.com/pdfnet/html/classpdftron_1_1PDFNet.html#2d0c6f3d917d544814942afd23d94379:

Obj-C: [PDFNet SetDefaultDiskCachingEnabled:NO];

C++: PDFNet::SetDefaultDiskCachingEnabled(false);

In case you are concerned with data security you could also encrypt all data that goes to/from PDFNet by using custom filters (i.e. PDFDoc(Filter), doc.Save(Filter) ). For an example, please CustomFilter sample project that comes as part of the mobile SDK. This way you can secure and data that is saved to / loaded from disk using your own encryption algorithm.

of we annotate a pdf the number of streams don’t match the number of Annotations.

When caching is enabled, PDFNet assigns a single temp file per document (so even if you add/edit annotations there would be only as single temp file per doc). PDFNet does not delete old streams until the file is closed. Again, when disk cache is disabled nothing is written to disk.