A Study on Document Password Management using the Trust-Chain Based SPT (Work-in-Progress)

Abstract

The password setting of the MS-Office document file is a representative security countermeasure which is commonly used. Especially in the SOHO (Small Office Home Office) company case, the password for the MS-Office document file could be the affordable and solitary solution for the document security. By setting the password of the document, the owner of the file can ensure the confidentiality and integrity of the content of the document file. However, there are issues in this simple security mechanism such as the dependency of the strength of passwords and the difficulty of the password management. In this work, we propose two mechanisms for overcoming these two issues by adding simple but effective mechanisms named the SPT (Secure Password Translation) and the chain of trust. The SPT generates passwords for the MS-Office document files and the generated password has enough strength that the government regulation requires. For the preserving the integrity of the passwords and software components, we propose the chain of trust. By using these mechanisms, SOHO companies can preserve the confidentiality and integrity of the document files. In addition, the implementation of the trust-chain based SPT is easy and affordable to deploy. The contribution of this work is in proposing the design of software for managing passwords of the MS-Office document using SPT and the chain of trust.