This commit is contained in:
Xingyu Wang 2021-05-26 23:57:05 +08:00
parent 7654aedaf7
commit ae92d23640
2 changed files with 145 additions and 147 deletions

View File

@ -1,147 +0,0 @@
[#]: subject: (5 ways to protect your documents with open source software)
[#]: via: (https://opensource.com/article/21/4/secure-documents-open-source)
[#]: author: (Ksenia Fedoruk https://opensource.com/users/ksenia-fedoruk)
[#]: collector: (lujun9972)
[#]: translator: (wxy)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
5 ways to protect your documents with open source software
======
Control your own data so that unauthorized users can't access it.
![Filing papers and documents][1]
Users have every right to be concerned about the safety and security of their data. When you create data on a computer, it's reasonable to want exclusive control over it.
There are many ways to protect your documents. At the filesystem level, you can [encrypt your hard drive][2] or [just a file][3]. A good office suite affords you many more options, though, and I've gathered five of the methods I use to secure my documents with open source software.
### 5 ways to secure your docs
#### 1\. Keeping documents in secure cloud storage services
Self-hosting an open source content management system (CMS) platform gives you complete control over your data. All your data stays on your server, and you control who has access to it.
**Options:** [Nextcloud][4], [ownCloud][5], [Pydio][6], and [Seafile][7]
All of these offer functionality for storing, syncing, and sharing documents and folders, managing content, file versioning, and so on. They can easily replace Dropbox, Google Drive, and other proprietary cloud storage that place your data on servers you don't own, maintain, or govern.
The open source self-hosted options listed above are compliant with GDPR and other international regulations that protect user data. They offer backup and data recovery options, auditing and monitoring tools, permissions management, and data encryption.
![Pydio audit control][8]
Audit control in Pydio Cells. (Source: [Pydio.com][9])
#### 2\. Enabling encryption at rest, in transit, and end-to-end
We often speak of data encryption in general terms, but there are several aspects to consider when encrypting files:
* With **encryption at rest** (or disk encryption), you can protect data stored within your infrastructure or on your hard drive.
* **Encryption in transit** protects data as traffic when it's using protocols like HTTPS. It protects your data from being intercepted and transformed as it moves from one location to another. This is important when you upload documents to your cloud.
* **End-to-end encryption** (E2EE) protects data by encrypting it on one end and decrypting it on the other. No third party can read your documents, even if they interfere in the process and get access to the files unless they have the decryption key.
**Options:** CryptPad, ownCloud, ONLYOFFICE Workspace, Nextcloud, and Seafile
ownCloud, ONLYOFFICE Workspace, Nextcloud, and Seafile support all three layers of encryption. They differ in how they implement end-to-end encryption:
* In ownCloud, there's an E2EE plugin that allows you to encrypt folder sharing.
* In Nextcloud, there's a folder-level option available in the desktop client.
* Seafile provides client-side E2EE by creating encrypted libraries.
* [ONLYOFFICE Workspace][10] not only allows you to encrypt your documents while storing and sharing them, but it also permits you to securely co-edit them in real time in Private Rooms. The encryption data is automatically generated and transferred and is encrypted itself—you don't have to keep or remember any passwords.
* [CryptPad][11], as its name suggests, is completely private. All content is encrypted and decrypted by your browser. This means documents, chats, and files are unreadable outside the session where you are logged in. Even the service administrators can't get your information.
![Encrypted CryptPad storage][12]
Encrypted CryptPad storage. (Source: [Cryptpad.fr][13])
#### 3\. Using digital signatures
Digital signatures allow you to verify that you originated a document's content and no alterations have been made to it.
**Options:** LibreOffice Writer, ONLYOFFICE Desktop Editors, OpenESignForms, and SignServer
[LibreOffice][14] and [ONLYOFFICE][15] suites provide an integrated tool to digitally sign documents. You can add a signature line that is visible in the document text and allows you to request signatures from other users.
Once you apply a digital signature, no one can edit the document. If someone changes the document, the signature becomes invalid, so you'll know the content was modified.
In ONLYOFFICE, you can sign OOXML files (e.g., DOCX, XLSX, PPTX) in LibreOffice as ODFs and PDFs. If you try to sign an OOXML document in LibreOffice, the signature will be marked with "only parts of the document are signed."
![Digital signature in ONLYOFFICE][16]
Digital signature in ONLYOFFICE. (Source: [ONLYOFFICE Help Center][17])
[SignServer][18] and [Open eSignForms][19] are free electronic signature services that you can use if you don't need to sign a document right in the editor. Both tools allow you to work with documents, and SignServer also enables you to sign code, including Java, and apply time stamping.
#### 4\. Watermarking
Watermarks avoid unauthorized redistribution of your content and protect any confidential information your files might contain.
**Options:** Collabora Online in Nextcloud or ONLYOFFICE Docs in Nextcloud
[ONLYOFFICE Docs][20] and [Collabora][21], when integrated with Nextcloud, allow you to embed a watermark in your documents, spreadsheets, and presentations. To activate watermarking, you have to log into your Nextcloud instance as an admin and go to **Secure view settings** on the solution's Settings page.
You can replace the default watermark with your own text using the placeholders. The watermark will be displayed individually for each user when opening a file. You can also define groups to differentiate users who will see the watermark and select the types of shares that must show the watermark.
![Watermark][22]
Watermarking (Ksenia Fedoruk, [CC BY-SA 4.0][23])
You can also insert watermarks in your docs in the LibreOffice and ONLYOFFICE desktop apps. However, in this case, it's just a text or an image placed under the main text layer, so anyone can remove it easily.
#### 5\. Protecting documents with passwords
Password protection allows you to store and exchange local files securely. If someone accesses your desktop or gets the protected file via email or another method, they won't be able to open it without knowing the password.
**Options:** Apache OpenOffice, LibreOffice, and ONLYOFFICE Desktop Editors
All three solutions offer you the ability to set a password for your sensitive documents.
If a protected doc is important to you, it is strongly recommended you save the password using a password manager or memorize it because LibreOffice, ONLYOFFICE, and [OpenOffice][24] don't offer a password-recovery option. So, if you forget or lose the password, there is no ability to restore or reset it and open the file.
### Your data belongs to you
Protect your documents using one or more of these methods to stay safer online. It's the 21st century, and computing is too advanced to risk giving your data to a service outside your control. Use open source and take ownership of your digital life.
What are your favorite tools for working securely with docs? Please share them in the comments.
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/4/secure-documents-open-source
作者:[Ksenia Fedoruk][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/ksenia-fedoruk
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/documents_papers_file_storage_work.png?itok=YlXpAqAJ (Filing papers and documents)
[2]: https://opensource.com/article/21/3/encryption-luks
[3]: https://opensource.com/article/21/3/luks-truecrypt
[4]: https://nextcloud.com/
[5]: https://owncloud.com/
[6]: https://pydio.com/
[7]: https://www.seafile.com/en/home/
[8]: https://opensource.com/sites/default/files/uploads/pydiocells.png (Pydio audit control)
[9]: http://pydio.com
[10]: https://www.onlyoffice.com/workspace.aspx
[11]: https://cryptpad.fr/
[12]: https://opensource.com/sites/default/files/uploads/cryptdrive.png (Encrypted CryptPad storage)
[13]: http://cryptpad.fr
[14]: https://www.libreoffice.org/
[15]: https://www.onlyoffice.com/desktop.aspx
[16]: https://opensource.com/sites/default/files/uploads/onlyoffice_digitalsig.png (Digital signature in ONLYOFFICE)
[17]: http://helpcenter.onlyoffice.com
[18]: https://www.signserver.org/
[19]: https://github.com/OpenESignForms
[20]: https://www.onlyoffice.com/office-for-nextcloud.aspx
[21]: https://www.collaboraoffice.com/
[22]: https://opensource.com/sites/default/files/uploads/onlyoffice_watermark.png (Watermark)
[23]: https://creativecommons.org/licenses/by-sa/4.0/
[24]: https://www.openoffice.org/

View File

@ -0,0 +1,145 @@
[#]: subject: (5 ways to protect your documents with open source software)
[#]: via: (https://opensource.com/article/21/4/secure-documents-open-source)
[#]: author: (Ksenia Fedoruk https://opensource.com/users/ksenia-fedoruk)
[#]: collector: (lujun9972)
[#]: translator: (wxy)
[#]: reviewer: (wxy)
[#]: publisher: ( )
[#]: url: ( )
用开源软件保护你的文件的 5 种方法
======
> 控制你自己的数据,使未经授权的用户无法访问它。
![归档文件和文档][1]
用户完全有权利关心他们数据的安全和保障。当你在计算机上创建数据时,希望对其进行独家控制是合理的。
有许多方法保护你的文件。在文件系统层面,你可以 [加密你的硬盘][2] 或 [只是加密一个文件][3]。不过,一个好的办公套件为你提供了更多的选择,我收集了五种我用开源软件保护文件的方法。
### 5 种保护你的文件的方法
#### 1、将文件保存在安全的云存储服务中
自托管一个开源的内容管理系统CMS平台可以让你完全控制你的数据。你的所有数据都留在你的服务器上你可以控制谁可以访问它。
**选项:** [Nextcloud][4]、[ownCloud][5]、[Pydio][6] 和 [Seafile][7]
所有这些都提供了存储、同步和共享文件和文件夹、管理内容、文件版本等功能。它们可以很容易地取代 Dropbox、Google Drive 和其他专有的云存储,不用将你的数据放在你不拥有、不维护、不管理的服务器上。
上面列出的开源的自托管方式符合 GDPR 和其他保护用户数据的国际法规。它们提供备份和数据恢复选项、审计和监控工具、权限管理和数据加密。
![Pydio 审计控制][8]
*Pydio 细胞中的审计控制。(来源:[Pydio.com][9])*
#### 2、启用静态、传输和端到端的加密功能
我们经常笼统地谈论数据加密,但在加密文件时有几个方面需要考虑:
* 通过**静态加密**(或磁盘加密),你可以保护存储在你的基础设施内或硬盘上的数据。
* 在使用 HTTPS 等协议时,**传输加密**会保护流量形式的数据。它可以保护你的数据在从一个地方移动到另一个地方时不被拦截和转换。当你把文件上传到你的云端时,这很重要。
* **端到端加密**E2EE通过在一端加密在另一端解密来保护数据。除非有解密密钥否则任何第三方都无法读取你的文件即使他们干扰了这个过程并获得了这个文件的权限。
**选项:** CryptPad、ownCloud、ONLYOFFICE 工作区、Nextcloud 和 Seafile
ownCloud、ONLYOFFICE 工作区、Nextcloud 和 Seafile 支持所有三层的加密。但它们在实现端到端加密的方式上有所不同。
* 在 ownCloud 中,有一个 E2EE 插件,允许你对文件夹共享进行加密。
* 在 Nextcloud 中,桌面客户端有一个文件夹级别的选项。
* Seafile 通过创建加密库来提供客户端的 E2EE。
* [ONLYOFFICE 工作区][10] 不仅允许你在存储和共享文件时对其进行加密,而且还允许你在“私人房间”中实时安全地共同编辑文件。加密数据是自动生成和传输的,并且是自己加密的 —— 你不需要保留或记住任何密码。
* 正如其名称所示,[CryptPad][11] 是完全私有的。所有的内容都是由你的浏览器进行加密和解密的。这意味着文件、聊天记录和文件在你登录的会话之外是无法阅读的。即使是服务管理员也无法得到你的信息。
![加密的 CryptPad 存储][12]
*加密的 CryptPad 存储。(来源:[Cryptpad.fr][13])*
#### 3、使用数字签名
数字签名可以让你验证你是文件内容的原作者,并且没有对其进行过修改。
**选项:** LibreOffice Writer、ONLYOFFICE 桌面编辑器、OpenESignForms 和 SignServer
[LibreOffice][14] 和 [ONLYOFFICE][15] 套件提供了一个对文件数字签名的集成工具。你可以添加一个在文档文本中可见的签名行,并允许你向其他用户请求签名。
一旦你应用了数字签名,任何人都不能编辑该文件。如果有人修改文档,签名就会失效,这样你就会知道内容被修改了。
在 ONLYOFFICE 中,你可以在 LibreOffice 中签名 OOXML 文件例如DOCX、XLSX、PPTX作为 ODF 和 PDF。如果你试图在 LibreOffice 中签名一个 OOXML 文件,该签名将被标记为“只有部分文件被签署”。
![ONLYOFFICE 中的数字签名][16]
*ONLYOFFICE 中的数字签名。 (来源:[ONLYOFFICE帮助中心][17])*
[SignServer][18] 和 [Open eSignForms][19] 是免费的电子签名服务如果你不需要在编辑器中直接签名文件你可以使用它们。这两个工具都可以让你处理文档SignServer 还可以让你签名包括 Java 在内的代码,并应用时间戳。
#### 4、添加水印
水印可避免你的内容在未经授权的情况下被重新分发,并保护你的文件可能包含的任何机密信息。
**选项:**Nextcloud 中的 Collabora Online 或 ONLYOFFICE Docs
当与 Nextcloud 集成时,[ONLYOFFICE Docs][20] 和 [Collabora][21] 允许你在文件、电子表格和演示文稿中嵌入水印。要激活水印功能,必须以管理员身份登录你的 Nextcloud 实例,并在解决方案的设置页面上进入**安全视图设置**。
你可以使用占位符将默认的水印替换成你自己的文本。在打开文件时,水印将针对每个用户单独显示。你也可以定义组来区分将看到水印的用户,并选择必须显示水印的共享类型。
![水印][22]
*水印 (Ksenia Fedoruk, [CC BY-SA 4.0][23])*
你也可以在 LibreOffice 和 ONLYOFFICE 桌面应用程序中的文档中插入水印。然而,在这种情况下,它只是一个放置在主文本层下的文本或图像,任何人都可以轻易地删除它。
#### 5、用密码保护文件
密码保护允许你安全地存储和交换本地文件。如果有人访问你的桌面或通过电子邮件或其他方法得到受保护的文件,他们不知道密码就无法打开它。
**选项:** Apache OpenOffice、LibreOffice 和 ONLYOFFICE 桌面编辑器
所有这三种解决方案都提供了为你的敏感文件设置密码的能力。
如果一个受保护的文档对你很重要,强烈建议你使用密码管理器保存密码或记住它,因为 LibreOffice、ONLYOFFICE 和 [OpenOffice][24] 不提供密码恢复选项。因此,如果你忘记或丢失了密码,就没有办法恢复或重置密码并打开文件。
### 你的数据属于你
使用这些方法中的一种或多种来保护你的文件,以保持更安全的在线活动。现在是 21 世纪,计算机太先进了,不能冒险把你的数据交给你无法控制的服务。使用开源,掌握你的数字生活的所有权。
你最喜欢的安全使用文档的工具是什么?请在评论中分享它们。
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/4/secure-documents-open-source
作者:[Ksenia Fedoruk][a]
选题:[lujun9972][b]
译者:[wxy](https://github.com/wxy)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/ksenia-fedoruk
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/documents_papers_file_storage_work.png?itok=YlXpAqAJ (Filing papers and documents)
[2]: https://opensource.com/article/21/3/encryption-luks
[3]: https://opensource.com/article/21/3/luks-truecrypt
[4]: https://nextcloud.com/
[5]: https://owncloud.com/
[6]: https://pydio.com/
[7]: https://www.seafile.com/en/home/
[8]: https://opensource.com/sites/default/files/uploads/pydiocells.png (Pydio audit control)
[9]: http://pydio.com
[10]: https://www.onlyoffice.com/workspace.aspx
[11]: https://cryptpad.fr/
[12]: https://opensource.com/sites/default/files/uploads/cryptdrive.png (Encrypted CryptPad storage)
[13]: http://cryptpad.fr
[14]: https://www.libreoffice.org/
[15]: https://www.onlyoffice.com/desktop.aspx
[16]: https://opensource.com/sites/default/files/uploads/onlyoffice_digitalsig.png (Digital signature in ONLYOFFICE)
[17]: http://helpcenter.onlyoffice.com
[18]: https://www.signserver.org/
[19]: https://github.com/OpenESignForms
[20]: https://www.onlyoffice.com/office-for-nextcloud.aspx
[21]: https://www.collaboraoffice.com/
[22]: https://opensource.com/sites/default/files/uploads/onlyoffice_watermark.png (Watermark)
[23]: https://creativecommons.org/licenses/by-sa/4.0/
[24]: https://www.openoffice.org/