|
|
|
|
Document Detective Overview
|
Document Detective is an electronic document
review and sanitization tool that meets the intent of the Government's
"100% reliable human review" criteria for transferring Microsoft Office
files, Adobe PDF files, and text files across security boundaries in
their native format. Such transfers from higher to lower
classified networks is typically called Trusted Downloading.
Document Detective runs as a desktop application on an individual
workstation, and has one interface for rigorous document reviews and
another for easy sanitization. Document Detective has been
approved and is being used at several Government and contractor
facilities for Trusted Downloading.
|
| Document Detective organizes the document contents into a
hierarchical browser view similar to the Microsoft File Explorer. Objects are
organized into folders in the left window, and the contents of an
object are shown on the right. Document Detective analyzes the document
for indicators that information might be obscured from the user's view,
and it marks those items with a red warning dot. Document
Detective looks for cropping, resizing and other geometry indicators that could
indicate hidden data. All text is checked with a regular expression
keyword scanner for words that could indicate the presence of sensitive or
classified information. |
Click on image to enlarge
|
Click on image to enlarge
|
In addition to providing all the pertinent properties about
an object, Document Detective provides a thumbnail view of graphical objects and
a graphical position indicator in the Properties View.
This helps the user identify the particular
object in the document and puts all the necessary information on a single screen.
The Object View provides a close up view of the
graphical object with zoom and pan controls for detailed examinations.
|
| Identifying the hidden information in an electronic document
is important, but sanitizing that information is equally important. The Document
Detective Content Controls work with Word, PowerPoint, and Excel to help the user sanitize
their documents quickly and efficiently. |
|
Click on image to enlarge
|
The primary tool in the Content Controls is the Flatten
Document function. The Flatten Document function can remove much of the
document's hidden data with just a few mouse clicks. Depending on the
security level selected, the Flatten Document function automatically converts
dangerous OLE objects into images, and reprocesses images such that the
resolution is 200 dpi, as displayed with any cropped areas permanently removed
from the image. |
| The Flatten Document function is very aggressive, and may
alter the document's appearance. Document Detective provides a side-by-side
review capability that lets the user compare the 'flattened' document's
view with the original document. Problems introduced by the
flattening process can be quickly identified and remedied in this view. A
special toolbar lets the user scroll through both documents in tandem, and
allows the user to accept or reject the results with the click of a button. |
Click on image to enlarge
|
| The Checklist Viewer reformats the Document Summary created by the Content Browser
into an interactive, user-friendly checklist for sanitizing and reviewing and electronic
document. The Checklist Viewer also integrates with the Content Controls and the native
application to make reviewing and sanitizing and electronic document fast and easy. The
warning messages are color coded based on the Flatten Document function's ability to resolve
the potential security issue, and the warning messages are hyperlinked to the object causing
the warning. The interactive features of the checklist make it easy to keep track of your progress
and to share information with other reviewers. The Checklist Viewer produces a Transfer Package
file that contains both the reviewed document and an auditable, PKI signed Review Certificate
that shows critical information about the review. The Transfer Package is designed to integrate
easily with existing cross-domain solutions for automated document transfers across security
boundaries.
|
Click on image to enlarge
|
Recent incidents show a widespread threat to the Government and to
commercial industry caused by the inadvertent release of sensitive and
classified information hidden in popular document formats, such as
Word, PowerPoint, Excel and PDF. Many of these incidents are
caused by Tracked Changes, which is automatically enabled by Microsoft
when a document is sent by email using Outlook. Embedded OLE
objects, especially spreadsheets, are misunderstood and frequently
contain significant amounts of hidden data. Document Detective
was written specifically to address hidden data threat, and it can
identify and sanitize over 100 types of hidden data. Document
Detective is so rigorous and thorough that it has been approved for
reviewing and sanitizing classified documents for Trusted Downloading.
|
|
|
