KR100556304B1 - Method and System for Keeping off Illegal Copy of Digital Contents by using the file system information Data - Google Patents

Abstract

The present invention relates to a method and system for preventing illegal copying of digital content using file system information data, and encrypting file system information in a corresponding file or digital content at the time when the file or digital content is generated or downloaded to a computer or digital storage device. After inserting, the file system information loaded in the operating system and the file system information encrypted in the file or digital content are used when the computer or the computing system uses the file or digital content in which the file system information is encrypted. By comparing and analyzing the files and determining whether the files or digital contents are illegally copied, it is possible to move files within the same system, but to copy digital contents using a file copy on the same system, such as a floppy disk or CD. The present invention relates to a method and system for fundamentally preventing the duplication of digital content to a portable storage device and illegal copying and distribution of digital content through a local area network (LAN) or the Internet.

Digital content, piracy, operating system

Description

Method and System for Keeping Off Illegal Copy of Digital Contents by using the file system information Data}             

1 is a simple block diagram of the Windows 98 architecture.

FIG. 2 is a block diagram illustrating the window core portion of FIG. 1 in more detail. FIG.

FIG. 3 is a simple configuration diagram of a logical location of FAT, which is a representative file system of a hard disk, which is a read / write storage device of Windows 98.

FIG. 4 is a simple positional view of a long file name (LFN) in which some file system information is stored in a FAT32 file system typically used in Windows 98. As shown in FIG.

5 is a simple block diagram of a method of encrypting and inserting file system information into a file at the time a file is created.

FIG. 6 is a simple flowchart illustrating a case of inserting encrypted FAT32 file system information into a specific portion of a file such as a header by using file generation information, last file modification information, and the like for a large amount of original data.                 

7 is a process of encrypting original data by encrypting FAT32 file system information encrypted using file creation information and last file modification information on a large amount of original data using a method such as watermarking, and then recording the same on a hard disk. Here is a simple flow chart.

FIG. 8 reads a file stored in a hard disk into a memory and compares and analyzes the encrypted file system information inserted in the file with the actual file system information of the file managed by the kernel. A simple block diagram of how to determine if a file is a copied or pirated file.

9 is a simple flowchart illustrating a process of checking whether a file is a copy or an illegal copy through file system comparison analysis after reading a file including encrypted file system information from a hard disk.

10 is a simple block diagram of a process of inserting encrypted file system information using FSI mounted on a client to digital content downloaded from a content providing server on the Internet.

11 is a simple flowchart illustrating a process of inserting encrypted file system information for data transmitted from a content providing server to a client.

12 is a process of retransmitting a digital content through a CCM storing a transmission result for a case in which the digital content is deleted from the client and needs to be recovered because the digital content is deleted from the client or the transmission is not completed. Here is a simple flow chart.                 

FIG. 13 is a simplified illustration of a process of encrypting file system information using FSI for digital content transmitted to a client through a content providing server and inserting the file system information into the transmitted original data.

14 is an exemplary diagram illustrating an error in a process in which an FSI of a client inserts an encrypted file system into original data received from a content providing server.

Fig. 15 is a simple block diagram of a method for creating an installation file and an installation program in which encrypted file system information is inserted using the installation CD creation software equipped with FSI, and recording the same on a CD.

FIG. 16 is an exemplary diagram for manufacturing an installation file and an installation program for original files in dedicated software for producing a software installation CD in which encrypted file system information is inserted in the same manner as in FIG. 15.

Fig. 17 is a simple flowchart showing a process of creating an installation file and an installation program in which encrypted file system information is inserted using the installation CD production software loaded with FSI, and recording this onto a CD.

<Description of main parts of drawing>

   1000: Content Database (D / B) 1010: FSI Database (D / B)

   1020: client database (D / B) 1030: server daemon

   1040: client side FSI manager 1050: client side content manager                 

   1060: TCP / IP

The present invention encrypts and inserts file system information into a corresponding file or digital content at the time a file or digital content is generated or downloaded to a computer or digital storage device, and then the file is encrypted in the computer or computing system. Or in the case of using digital content, by comparing and analyzing the file system information installed in the operating system with the file system information encrypted in the file or digital content, and determining whether the file or digital content is illegally copied. Files can be moved within the same system, but digital content replication using file copy on the same system, digital content replication to removable storage devices such as floppy disks or CDs, and over a local area network or the Internet Digi It relates to a method and system to fundamentally block the illegal copying and distribution of content.

Due to the development of information and communication fields such as computer technology and network infrastructure, the computer and internet users are increasing rapidly. As such computer and internet users are recognized as the recipients of digital contents, they have been using text information, images, Various contents such as audio and video are being digitized or contents that can only be used as digitized media. However, the development of the information and communication field includes a technology that can mass-represent the digital contents described above without damaging the original and distribute them indefinitely, and prevent the illegal copying and distribution of such digital contents and report the copyright. There is an increasing demand for technology to do so, and various demands for preventing illegal copying and distribution of digital contents have been announced due to such a demand.

In order to prevent the illegal copying and distribution of the digital contents described above, only a legitimate user can access the digital contents through a process called user authentication, and a cryptographic key through the encryption process called scramble and descramble. Digital content can only be used by legitimate users and authorized systems, and digital information can be inserted directly to track copyright information. Digital Rights Management (DRM) technology that encrypts digital content so that it is executed only by legitimate users who have paid royalties, watermarking technology that prevents copying by tracking illegal copying and distribution by including copyright information in digital content, and By manipulating the properties of digital content, such as limiting the run time or print functions include (Digital Property Protection) DPP technology to prevent piracy.

DRM is a management method that performs license authentication, copyright and approval history management, content usage rights and approval enforcement, and payment for the use of content through an authorized content delivery environment and network infrastructure. It is a digital content management technology that generates digital content as an encrypted file and distributes it through a portable storage device such as the Internet or a CD, and then permits the use of the content only to a legitimate user who pays the fee for the digital content. The digital content distributed through DRM can be freely redistributed by the user, and the digital content can not be used without paying the fee as a way to pay the fee in the process of using the digital content.

However, the method of simply encrypting digital content files to prevent illegal copying by using existing general encryption technology can be destroyed relatively easily by improper methods, and the user who has obtained the right to use the content through a legal process Redistribution of the corresponding digital content with the authentication key of, or stealing the authentication key in an inappropriate manner has the disadvantage that the original copy can not be prevented.

Watermarking was originally intended to mark a work using water, special inks, or medicines that are indistinguishable to the naked eye in order to prove ownership of the book or work of art, but in the present invention, Watermarking technology refers to a digital watermarking technology that inserts watermarking information into content in the form of digital data existing on a computer or the Internet. Watermarking technology is a method of displaying ownership or copyright by inserting information that cannot be distinguished by human senses into digital content as described above, and information or computer that cannot distinguish copyright information of the digital content by human sense system. Due to the limitations of the device, it is a technology for inserting into digital content data in the form of information that cannot be processed in digital content, thereby preventing illegal copying. The digital contents to which the watermarking is applied include text data, images, audio, and video, and are also used for various forgery and alteration prevention systems of digital data. Among them, representative watermarking techniques applied to digital contents are described as follows.

Text watermarking is a technique of inserting a watermark by changing the shape of letters used in the content little by little, adjusting the space between letters, or arbitrarily adjusting the line spacing. The method of inserting a watermark by changing it. However, text watermarking cannot distinguish whether or not a watermark is inserted into the unsupported font, and even if the font is supported, it cannot be detected by forgering a part.

Image watermarking is a technology that inserts copyright information, which is difficult to distinguish from human vision, into image data by using the property of human visual system (HVS). There are visible watermarking and invisible watermarking, and invisible watermarking includes spatial domain watermarking and frequency domain watermarking. Visible watermarking, however, has the disadvantage of losing the original image, while spatial plane watermarking is relatively simple to insert or extract watermarks, while general signal processing, nonlinear filtering, rotation, cutting, moving, zooming in, zooming out, and transformation Watermark is more likely to be lost due to the same image processing and simple content compression.In frequency plane watermarking, the algorithm is complicated and the content size is used because complex algorithms such as Fourier transform are used during watermark insertion and extraction. Compared with this, a large amount of computation is required.

Audio watermarking is a technology that inserts copyright information into noise data that is hard to be distinguished by human hearing using the property of Human Autitory System (HAS), which requires more than 10MB of storage space per minute. Audio data can be compressed to tens of kilobytes using various compression codecs, and audio watermarking and compression codecs are used to solve the copyright problem caused by unlimited distribution of compressed audio data over the Internet. Meet the requirements for robustness and inaudibility. Audio watermarking, however, does not offer a fundamental solution to prevent the duplication of audio data from CD to MP3, the most representative audio media. Rejection and legal issues from consumers are fundamentally prevented from copying from CD to MP3. The disadvantage is that even authorized reproduction for personal use is impossible.

Similar to image watermarking, video watermarking inserts copyright information into video data using HVS or copyright information into video data using HVS and HAS. It has a feature to be detected. However, video watermarking, like image watermarking, is likely to be lost during compression and image processing, and has a disadvantage of requiring a lot of computational processes for real-time watermarking detection.

DPP technology partially compensates for the shortcomings of watermarking described above, and is a form of copyright protection technology that is more aggressive than DRM, and installs a software shield on the user's computer to prevent illegal copying so that only the legitimate user can download or use the content. Technology.

DPP can limit the usage time, frequency of use, duration of use, printing, and copy and paste of the contents by using the attributes of digital contents, and prevent the contents from being saved on the hard disk by using streaming techniques. In addition, even a legitimate user is required to go through an additional authentication process to redistribute the content, thereby protecting the copyright of the digital content. In addition, unlike DRM, DPP protects the copyright of the content by using the property of digital content itself, so it can be applied not only to the existing Internet of client server system but also to peer-to-peer (P2P), a data transmission system for individuals. In addition, since digital contents can be used only by installing a software shield on a computer, it is possible to collectively manage not only a specific file but also multiple files.

However, since the DPP technology protects copyright by using digital content attributes, it is more active than DRM and can be operated in a P2P system. However, the DPP technology is easily exposed to inappropriate manipulation of the content itself. have. To compensate for this drawback, DPP includes a function that destroys the digital content itself at the moment of attempting to operate the digital content inappropriately by using a software protection film installed on the computer. However, if you remove the software shield and attempt to manipulate the content in an inappropriate manner after downloading the digital content, the digital content is exposed unprotected, and there is no fundamental way to prevent redistribution of the manipulated digital content. .

An object of the present invention is to encrypt and insert the file system information into the file or digital content at the time when the file or digital content is created or downloaded to a computer or digital storage device to solve the above problems, the computer or computing When a file or digital content whose file system information is encrypted is used in a system, the file system information loaded in the operating system is compared with the file system information encrypted in the file or digital content, and the file or information is encrypted. By determining whether digital content is illegally copied, you can move files within the same system, but you can copy digital content using file copy from the same system, digital content to a removable storage device such as a floppy disk or CD, and so on. It is a method and system to fundamentally block the illegal copying and distribution of digital content over a LAN (Local Area Network) or the Internet to provide.

Still another object of the present invention is a method of inserting encrypted file system information into a corresponding digital content using a file system information insertion unit in the process of downloading and storing digital content provided by a server on the Internet in a client and encrypted file system information. By creating a software installation CD using the installation program production software, that is, the installation program production file system information inserting unit, the software is copied or illegally copied to a storage device such as a hard disk, and the software is distributed through a communication network such as the Internet. It is to provide a method for preventing the source.

The present invention provides a method for preventing piracy using a file system installed in an operating system. The present invention provides a digital content creator using an anti-piracy technology through a file system in a computer or digital storage device. ), And use this generator to encrypt and insert file system information into the file or digital content at the time the file or digital content is created or downloaded to the computer or digital storage device, and then In the case of using a file or digital content in which file system information is encrypted, the file system information stored in the operating system is compared with the file system information encrypted in the file or digital content. How to determine whether the content is pirated, and limit the use for files or digital content piracy and the will for that add-on.

The present invention is LINUX mounted on a large-capacity computer including Microsoft's DOS (Disk Operating System) mounted on personal and business computers and UNIX-based operating systems, individuals and workstations mounted on all Windows operating systems, workstations and large-capacity computers. For all operating systems, including the family of operating systems and real-time operating systems on wireless communications devices, PDAs, and electronics, illegal copying can be achieved by inserting the operating system's file system information into files or digital content. Includes all cases to prevent.

Hereinafter, the technical features of the present invention will be described using a Microsoft Windows 98 operating system (hereinafter referred to as Windows 98), which is installed in personal and business computers. As described above, the present invention provides a specific operating system or file system. It is not limited to.

Figure 1 is a simple block diagram of the Windows 98 architecture.

The file systems available to Microsoft's Windows family include file systems such as FAT (File Allocation Table) and NTFS (NT File System) for storage devices that can be read and written like hard disks. There are file systems such as CDFS (CD File System) and UDF (Universal Disk Format) for read-only storage devices such as DVD (Digital Video Disk). FAT, the readable and writable file system of the Windows family, can be used with FAT12, DOS or FAT16 used in Windows 3.1 and Windows 95, and in mass storage devices since Windows 95 OSR2. It can be divided into FAT32 and the like.

The user interface tool and 32-bit shell 100 are responsible for delivering commands from the user or application 105 to the Windows 98 core 110 at the outermost portion of the Windows 98 operating system. MS-DOS, 16-bit, And by providing the same architecture level for 32-bit applications, each application 105 provides an interface for accessing the Windows 98 core 110, and provides internal computing, network, intranet, and Internet access. It provides an interface for accessing data existing on the screen. Thus, all applications 105 and digital content running on Windows 98 can access the Windows 98 core 110 only through user interface tools and 32-bit shells 100.

FIG. 2 is a block diagram showing the embodiment of the Windows core 110 of FIG.

The Windows 98 core 110 is composed of a user 200, a graphics device interface 210, a kernel 220, and the like, and includes a user 200, a GDI 210, a kernel ( 220 is a pair of 16-bit DLL (Dynamic Link Libraries) and 32-bit DLL to run both 16-bit code applications and 32-bit applications on Windows 98. This is to support the 16-bit code used in previous versions of Windows in Windows 98, which consists of 32-bit I / O subsystems and device drivers, such as networking and file systems. The role is described as follows.

User 200 manages user input from input devices such as keyboards and mice, user interfaces such as windows, icons, and menus, and peripherals such as sound drivers, timers, and communication ports in Windows 98. In order to access the device, applications and digital components operating in Windows 98 must pass through the user components of the Windows 98 core 110.

The GDI 210 manages graphic output devices such as monitor screens and printers, and allows the output devices to interact with the operating system through device drivers independent of monitors and printers. In order to access a device or output graphics to the device, the device must pass through the GDI 210.

The kernel 220 may perform input / output operations including a file input / output service, interrupt processing for a process that competitively requests a kernel service, a task scheduler for determining a kernel processing time of the process, granting permission according to the task schedule, memory, or storage. It provides the operating system with practical functions such as address space management, virtual memory management, and system call management for the device.It is loaded into the protected area in memory when the operating system starts to run all applications and Perform and manage the work practically.

The kernel 220 can be accessed by the application 105 via the virtual device manager 120, the file system manager 125, the configuration manager 130, and the WDM driver manager 135 under the Windows 98 core 110. It is a path that must be taken in order to access the device driver 140 and the hardware 145, and all applications and digital contents operable in Windows 98 can perform their respective given functions only through the kernel 220, and the kernel ( No work can be performed normally without going through 220). If a particular application 105, process, or digital content attempts to process a task without passing through the kernel 220, or attempts to maliciously manipulate some of the kernel 220's functionality, the kernel 220 may perform the task. Manage as an exception and execute or not execute.

In particular, when the operating system reads or writes a file or digital content to a storage device, the kernel 220 substantially reads the file or digital content from the storage device in response to a request of an application and a process or a digital content. It plays a role of loading on a computer or writing to a storage device, and plays a substantial role of adding, updating, and deleting files or digital contents changed in the process to the file system. As a result, the contents of the file system mounted in the operating system cannot be changed by a specific application or process, and the kernel 220 loaded in a protected area in memory as the operating system starts even when attempting to change for a malicious purpose. The exception is treated as an exception and is rejected. If a malicious operation on the kernel 220 itself is attempted or changed, the corresponding file or digital content cannot be accessed because the entire operating system is destroyed or changed.

The virtual machine manager 120 serves to allow an application 105 or a process to access a hardware device through a virtual machine (VM) loaded on memory. Instead of directly accessing the hardware device 105 or a process, the kernel 220 and a virtual device (VM) loaded on the memory provide an interface for using the hardware device. Windows 98 includes a DOS VM for MS-DOS applications, a Win16 VM for 16-bit applications, and a Win32 VM for 32-bit applications. Both Win16 VMs and Win32 VMs are called System VMs. Thus, all applications and digital content running on Windows 98, even if it is a DOS mode program, cannot access the hardware 145 without going through the VM.

For example, when data is received through a device such as a network card or a communication port, the kernel 220 may process any process through the virtual device driver until the received data is loaded into memory and stored as a file. By protecting the data from arbitrary access, it prevents manipulation of the original data. That is, the data downloaded through the Internet can not arbitrarily manipulate the data until the data is stored in the form of a file, or in the case of stream data, in a real-time playback program. Even if a malicious approach is made to manipulate, the kernel 220 throws an exception and essentially blocks this access.

The registry 115 serves as a database that stores information necessary for operating an operating system, and although the registry 115 stores information throughout the operation of the Windows 98 system, the present invention is intended to be achieved by operating the registry 115. It cannot alter the contents of the file system.

The installable file system manager 125 serves to make various file systems such as FAT, CDFS, and UDF used in Windows 98 compatible with each other, and exists on a network through a network redirector. It provides an interface for accessing files, and provides an interface for compatibility with other file systems that cannot be loaded in Windows 98 such as NTFS.

The file system manager, like other managers in the same hierarchy of the Windows 98 architecture, is managed by the kernel 220 of the Windows 98 core 110 and file system drivers for cases where files or specific digital content are written to the storage device. The data is written to the storage device through the File System Driver and the Block I / O Subsystem, and the information is added or updated in the file system. In this process, external processes accessed for malicious purposes are blocked by the kernel, and all applications and processes running on Windows 98 can access the file only after the file is successfully stored and the handle is returned to Windows. can do.

The configuration manager 130 manages each device to operate without collision by using the structural features of the bus and devices existing on the system, and the Win32 Driver Model (WDM) driver manager. 135 serves to ensure that various functions provided by the hardware manufacturer are normally performed in Windows 98. With respect to multimedia content, such an administrator is called when the corresponding digital content is required to be executed or to achieve a specific purpose. Like the registry 115, the administrators cannot tamper with the contents of the file system.

3 is a simple configuration diagram of a logical location of a FAT, which is a representative file system of a hard disk, which is a read / write storage device of Windows 98.

FAT is a type of file arrangement table in which an operating system maintains and manages files in a hard disk. The FAT provides a location map of clusters in which files are stored, and a cluster is a logical storage unit on a hard disk for files managed by the operating system. Files stored on the hard disk occupy at least one cluster. In the case of large files, the files are divided into several clusters. However, even if a file is divided into several clusters, the cluster is not necessarily stored continuously, but is stored separately in various places on the hard disk. The FAT stores this information, and the user does not know where a particular file is stored on the hard disk. If the file needs to be read, the operating system or kernel 220 reads the file by referring to the FAT. Come.

The logical location on the hard disk for the FAT is located between the boot sector and the root folder as shown in FIG. 3, and all folders and files created by the operating system and the user are stored after the root folder. In other words, in any case, applications and processes running on Windows 98 cannot access the FAT between the boot sector and the root folder. If there are any applications and processes in this area that are accessed for arbitrary manipulation, the kernel 220 Blocks this through an exception.

However, with the development of computer technology, some computer viruses, malicious hacking programs, etc. may use the loopholes in the operating system to invade this area. This is one of several possibilities that can arise because computer code uses logical address values. However, even malicious processes accessed through such improper methods cannot manipulate FAT information, and if some or all of the FAT information is manipulated, the operating system will not operate normally, and in some cases it may be necessary to reinstall the system. Occurs. Computer viruses and malicious hacking programs can also be easily removed through antivirus programs.

FIG. 4 is a simple positional view of a long file name (LFN) in which some file system information is stored in a FAT32 file system typically used in Windows 98.

Figure 4 shows the case where the LFN called The quick brown.fox is stored. In FAT32, partition information and BIOS information (in addition to the short file entry, the first long file entry, and the second long file entry included in Figure 4) are displayed. File attributes such as system entries, volume IDs, and various attribute information such as read-only or write attributes for the file, which store various system information such as BPB, Drive Parameter Block (DPB), etc. It contains an entry. 4 is for the file information mainly changed, updated, and called by the kernel 220 when the file is created, copied, or deleted among the various FAT32 information as described above, and the present invention is not limited to the above file system information. Does not.

FAT32 includes short file entries for compatibility with 8.3 Short File Names (SFNs) used in FAT16 and includes file creation times and dates, It contains the date of last use, the last modification time and date, the cluster information where the file is stored, and the file size. The file system information is stored in the FAT at the time the file is created, and is updated from time to time whenever the file is copied, used, or changed.

For example, if the user edits the LFN called The quick brown.fox stored as Quick 4, as shown in Figure 4, the cluster information for the file and the SFN called THEQUI ~ 1, FOX are retained, but the LFN, The date of last use, file creation time and date are automatically changed by the kernel 220. If you copy a file called The quick brown.fox to a different directory, the LFN called The quick brown.fox remains the same, but the SFN, last used date, file creation time and date, and the cluster's cluster information are stored in the kernel. Is changed automatically.

However, if you use a file called The quick brown.fox or move it to a different directory, only the last use date is changed, and the rest of the file system information, such as file creation time and date, last modification time and date, and cluster information, remains the same. maintain.

The present invention encrypts and inserts file system information automatically changed and updated by the kernel 220 into a file when the file is generated, and when the file is encrypted and inserted into the file at the time of using the file. It provides a method of determining whether a file is duplicated by comparing and analyzing the file system information of the file system and the file system information stored in the file system at the time the file is used.

The present invention provides a method for preventing illegal copying through the above method, but the file system information used by the present invention is not limited to the information included in FIG. Only file information included in FIG. 4 is automatically changed by the kernel 220 when a file is copied, and is used because it is most suitable for explaining the features of the present invention, and the file system used by the present invention. The information includes all the information of the file system that is installed and used in the operating system.

Hereinafter, in order to explain the features of the present invention, information such as file generation information, last usage information, and last modification information which are automatically changed by the kernel 220 at the time of copying and changing the file are provided through the file system information. Describe the features of this.

5 is a simple block diagram of a method of encrypting and inserting file system information into a file at the time a file is created.

In order to insert an encrypted file system into a specific file, the computer or operating system must be equipped with an encrypted File System Insertion (FSI) 500, which is created by the operating system manufacturer or the software manufacturer. Supplied.

The FSI extracts the file system information to be used in the file through the kernel 220 of the operating system when the original data existing in the memory is stored on the hard disk, and uses the public key encryption method, the secret key encryption method, and The encryption code is generated through an encryption method such as watermarking. The encryption code generated at this time depends on the characteristics and type of the file, and select the most optimized method to prevent malicious manipulation of the file from the outside.

Once the encryption code for the file system information is generated, the FSI locks the original data to make it inaccessible to other applications and processes while the encryption code is being inserted into the file. System security for this process is made in the protection mode of the operating system, the kernel 220 blocks access from the outside through an exception occurs.

When the system locks on the original data and access from the outside is blocked, the FSI processes the data in a form that can be applied to encrypted file system information. This process depends on the characteristics of the file and the encryption method applied. When processing is completed on the original data, the encrypted file system information is inserted into the data.

The FSI, if the encrypted file system information is normally inserted into the file through the above process, causes the operating system to write the file to the hard disk. Until the recording is completed, the system lock on the file is not released, the file is normally written to the hard disk, and the final verification is made that the file system information encrypted and inserted by FSI matches the information of the actual file system. After that, the system lock is released.

6 and 7 are representative flowcharts of a process of inserting encrypted file system information into original data.

The flowcharts of FIGS. 6 and 7 are for storing a large file in the process of inserting file system information using FAT32, and in the case of using a small file and other file systems, a file system information insertion method suitable for each operating system and file system is used. do. Therefore, in the present invention, the process of inserting the file system information into the original data is not limited to the case of FIGS. 6 and 7.

The file system information used in FIGS. 6 and 7 includes file creation information such as file creation time and date, last usage information such as last used date, and last modification information such as last file modification time and date. The last modified information includes both time and date, the minimum unit time is second, the last usage information includes only date, and the minimum unit time is day.

If the size of the original data is less than a few megabytes, the time required to extract the necessary information from the file system, generate the encryption code, insert it into the file, and write it to the hard disk depends on the file creation information and the last modified information. It can be done in a minimum of 1 second. However, if the size of the original data reaches tens of megabytes to hundreds of megabytes, the time required to store the file through the above process may take several seconds to several tens of seconds, which is flexible depending on the computer system resources. In addition, the time taken to insert the encryption code into the original data may vary depending on the encryption method.

That is, the method of inserting encrypted file system information into the original data includes inserting an encryption key into a specific part such as a header of a file, encrypting a part or all of the data of a file by a method such as watermarking, etc. There are many differences in the time of processing or inserting the encryption code for each case.

FIG. 6 is a simple flowchart illustrating a case of inserting encrypted FAT32 file system information into a specific part of a file such as a header by using file generation information, last file modification information, and the like for a large amount of original data.

In order to insert encrypted file system information into the original data, first load the original data into memory (600), and set the lock on the original data through the kernel 220 so that external applications or processes cannot access it. After that (605), the original data is processed to insert the encrypted file system information (615).

When the original data processing is completed, the FSI acquires a handle (Handle) for storing the original data on the hard disk 220 from the Windows 98 (610), and stores the original data on the hard disk (620). At this time, the file system information on the original data is automatically generated by the kernel 220, and the FSI extracts the file system information (625) and encrypts the data according to a given rule (630). In operation 635, the original data recorded on the hard disk is inserted into an encrypted file system at a position allocated in the process of processing the original data.

When the insertion of the encrypted file system information is completed, the FSI verifies whether the file system information inserted in the file is synchronized with the file system information of the actual file by comparing and analyzing the file system information (640). If the encrypted file system information and the actual file system are synchronized during this process, the original data is deleted from memory (645), unlocked (655), and the handle of the file is returned to Windows 98 ( 660 Allows other applications and processes access. However, if it is not synchronized, the file system information extracted from the file system, encrypted, and inserted at a given location is repeated to synchronize the file system information inserted into the file with the actual file system information.

7 is a process of encrypting FAT32 file system information encrypted with original data using a method such as watermarking using file creation information and last file modification information for a large amount of original data, and then recording the data onto a hard disk. Here is a simple flow chart.

In order to insert encrypted file system information into the original data, first load the original data into memory (700), lock the corresponding original data through the kernel 220 (705), and then load the original data onto the hard disk. A handle for storing is obtained from Windows 98 (710).

Once the handle to the original data is obtained, the kernel 220 automatically generates file system information for that file, and the FSI extracts this file system information (715), encrypts it (720), and writes it to the original data. A schedule is created for insertion (725). The insertion schedule of encrypted file system information is because, in the case of large source data, the start time and completion time of file storage are not synchronized within the minimum unit time of file creation and last modification information. After enough testing, this information is used to schedule the task so that the file system information is inserted into the original data at the moment the file is saved.

When the inserted schedule of the encrypted file system information is created, the FSI performs an encryption process using the file system on the original data according to the given schedule (730) and records it on the hard disk (735). In addition, the FSI verifies that the file system information inserted into the corresponding file is compared with the file system information of the actual file (740).

If the encrypted file system information and the actual file system are synchronized in this process, the original data is deleted from memory (745), unlocked (755), and the handle of the file is returned to Windows 98 ( 760 Allows other applications and processes access. However, if it is not synchronized, the file system information and the actual file inserted into the file are repeated by creating a schedule for inserting the encrypted file system information again, encrypting the original data, and storing it on the hard disk. Synchronize system information.

8 reads a file stored in a hard disk into memory, compares and analyzes the encrypted file system information inserted in the file with the actual file system information of the file managed by the kernel 220. A simple block diagram of how to determine if a file is an original file, a copied or pirated file.

In order to decrypt the encrypted file system information inserted in the file stored in the hard disk, and to analyze it with the current file system information, the file system information analysis unit (FSA) 800) must be mounted, which is supplied by the operating system manufacturer or the corresponding software manufacturer.

The FSA 800 is mounted on a computer or operating system using digital content or files in which encrypted file system information is inserted, and exists in the form of software or a process. When the FSA 800 exists on a hard disk in the form of a file, since the encrypted file system information according to the present invention is stored in an inserted form, malicious manipulation of the FSA 800 is fundamentally performed by the present invention. If it is present in the form of software, the software is loaded into the FSA 800 at the same time that the software is executed and then copied or copied to the digital content or file into which the encrypted file system information used in the software is inserted. It checks for illegal copying and if it exists in the form of a process, it is loaded into the memory at the same time as the operating system is started, and whether or not to copy or illegally insert digital contents and files inserted with encrypted file system information until the operating system is shut down. Check it.

In particular, in the case of the FSA 800 loaded into memory as the operating system is started in the form of a process, the FSA 800 operates in the system protection mode of Windows 98, and it is known that malicious manipulation is applied to the FSA 800 itself by the kernel 220. Block at source.

In order for the FSA 800 to use encrypted file system information to determine whether the digital content or file is a copy or an illegal copy, the FSA 800 must first read the file from the hard disk and load it into memory. ) To block other applications or processes from accessing the file. Thereafter, all operations of the FSA 800 are performed in a protected mode in which a system lock is applied, and system security for this process is protected through an exception of the kernel 220.

When the file is loaded into the memory through the above process, the FSA 800 extracts encrypted file system information from the file and then decrypts the file. When decryption ends and the file system information inserted in the file is generated, the FSA 800 extracts the current file system information on the file, and the information inserted in the file and the information extracted from the current file system are extracted. Comparative analysis checks whether the file is a copy or an illegal copy.

If the file is the original, it allows the requesting application or process to use it, but if it is a copy or a pirated copy, the file is deleted from memory and the user is notified by a message.

9 is a simple flowchart illustrating a process of checking whether a file is a copy or an illegal copy through file system comparison analysis after reading a file including encrypted file system information from a hard disk.

The flowchart shows an FSA 800 mounted in an application and a process for reading a file, or an FSA 800 that is called when reading each file including file system information encrypted by being loaded in an operating system. Extracts the file system information contained in the file using the file, decrypts the password applied to the file system information, and compares it with the current file system information to determine whether the file is original.

The FSA 800 mounted inside an application and a process is a file system analyzer included in a software or a process using a file or digital content including encrypted file system information, and is produced by the developer of the software and process. And copy or illegally copy files or digital contents used in the corresponding software and processes, and the FSA 800 mounted in the operating system is a file system analysis unit included in the operating system by an operating system manufacturer. In the process of loading a file or digital content that includes encrypted file system information in a shell or kernel 220 between an application program and the kernel 220 on an operating system architecture, the file or digital content is generated. Copy or piracy Check if it is.

In order to load the file stored in the hard disk into the memory as described above, the FSA 800 must obtain a handle for the file from Windows (900). After the handle is normally obtained, the file is transferred to the hard disk through the kernel 220. Read from (905). Once the file is read from the hard disk, the FSA 800 locks the file (910), thereby excluding the external application or process from accessing the file and removing the encrypted file system information inserted into the file. Extract (915). The FSA 800 decrypts the extracted file system information by the given rule (920) to confirm the original file system information attached at the time when the file is created (925).

If the decryption is normally performed and the extracted file system information is confirmed to be the original file system information at the time when the file is created (950), the FSA 800 determines the current file system information of the file from the operating system's file system. It is extracted (955).

However, if you cannot extract file system information from a file, decrypt the extracted file system information, or verify that the original file system information that was decrypted is not preserved in the normal state (930), the FSA (800) outputs the decryption impossible message (935), after deleting the information and data (940) of the file loaded in the memory, and the file existing on the hard disk (945), unlock the file In step 990, the handle is returned to the operating system (995).

When the original file system information included in the file is extracted through the above process, the FSA 800 obtains the current file system information of the file from the file system of the operating system (925), and the original file system is included in the file. The file system information is compared and analyzed (950). If the original file system information included in the file and the file system information acquired in the current operating system match, the FSA 800 extracts the original data from the file (955), loads it into memory (980), and then uses it. Authorization (985), unlocking the file (990), and returning the handle of the file to the operating system (995) allow the requesting application or process to use the file or digital content.

However, if the file system information does not match (960), or if the original file system information is verified that the original file system information has been manipulated, the FSA 800 outputs an unavailable message for the file (965), and the file is stored in memory. After completely deleting the information and data 970 and the file existing on the hard disk (975), the file is unlocked (990) and the handle is returned to the operating system (995).

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings. However, the following embodiments are one of several methods for most appropriately explaining the present invention, and the present invention is not limited to the following embodiments.

The first embodiment of the present invention relates to a method of inserting encrypted file system information into the digital content using FSI in the process of downloading and storing the digital content provided by the server on the Internet to the client, the second embodiment is encryption By creating software for installation program that inserts the file system information, that is, software installation CD using FSI for installation program, software is copied or illegally copied to a storage device such as a hard disk and distributed through a network such as the Internet. It's about how to prevent that from happening.

FIG. 10 is a simple block diagram of a process of inserting encrypted file system information using FSI mounted on a client to digital content downloaded from a content providing server on the Internet.

This block diagram is a simple block diagram of a process of generating original digital content in which encrypted file system information is inserted into a client. The process of inserting encrypted file system information into digital content downloaded from a content providing server on the Internet is shown. It is not limited to the case of FIG.

The content delivery server on the Internet is equipped with a server daemon 1030, such as an HTTP server daemon that supports the World Wide Web (WWW) or an FTP server daemon that supports File Transfer Protocol (FTP). The server daemon 1030 includes a client. The content D / B 1000 provided to the user is connected.

The server may include a Client Side FSI Manger (CSFM) 1040 that retrieves and manages the FSI 500 mounted on the client, and a Client Contents Manager that manages a client downloading content; CCM (1050) is installed, the CSFM (1040) is connected to the FSI D / B (1010) that stores the latest version of the FSI module that can be used in each operating system, the CCM (1050) is connected to the client The client D / B 1020 that stores information about the transmitted content is connected.

The client is equipped with a web browser capable of browsing the content providing server, an FSI 500 for downloading digital content transmitted from the content providing server, and inserting and storing encrypted file system information therein. The structure and function of the FSI 500 mounted on the client are the same as in Fig. 5, and in this embodiment, the client-side FSI 500 is provided to the client by the content providing server.

The client and the content providing server are connected to the Internet supporting the TCP / IP (Transmission Control Protocol / Internet Protocol) 1060 protocol, and the TCP / IP 1060 basically supports a packet switched network.

Therefore, all digital content transmitted on the Internet is divided and transmitted in a small size which is efficient for transmission by the TCP layer of TCP / IP 1060, and each packet is divided into TCP / IP devices installed in a computer receiving the packet. Reassembled into original digital content at the TCP layer of IP 1060. From the file system point of view of the packet receiving computer, this process is similar to the process of creating new digital content, that is, a new file, and the packet data reassembled in the TCP layer plays the same role as the original data of FIG.

The CSFM 1040 detects whether the client is equipped with the FSI 500 necessary for the client to receive digital content from the content providing server, and the client does not have the FSI 500 installed, or an older version of the FSI 500 is installed. ) Is used to transmit and mount the latest version of the FSI 500 to the client through the FSI D / B, and file system information is normally stored in the client-side FSI 500 for the transmitted digital content. It manages whether it is encrypted and inserted. Therefore, the client-side FSI 500 and the content-providing server-side CSFM 1040 must be synchronized in order to transmit and manage content from the content providing server to the client normally, and through this synchronized system, the CSFM 1040 is encrypted at the client. Check if the file system information is inserted into the digital content normally.

If the client is not equipped with the FSI 500, the client-side FSI 500 and the CSFM 1040 of the content providing server are not synchronized, or the synchronization is manipulated or destroyed during digital content transmission, the transmitted digital content Is not stored on the client, and deletes the original data already loaded in memory.

The CCM 1050 transmits the digital content from the content providing server to the client, and after the encrypted file system information is normally inserted into the digital content, the CCM 1050 refers to the CSFM 1040 and the client-side FSI 500 to the client. It plays a role of managing content information. The embodiment of the present invention verifies the validity of the original digital content only with respect to the digital content downloaded to the client, and prevents copying and illegal copying. However, various problems that occur in the client may cause the original digital content to be lost or destroyed in the storage device. In such a case, the original digital content recovery is fundamentally impossible.

The CCM 1050 provides a method for recovering original digital content by retransmitting the same digital content to the corresponding client in such a case, allowing only the retransmission of the same digital content to the same client, Retransmissions to other clients are not allowed.

After the client-side FSI 500 is synchronized with the CSFM 1040 of the content providing server, the encrypted file system information is inserted into the digital content transmitted from the content providing server in the same process as in FIG. 5 through the management of the CSFM 1040. And, by transmitting the result to the CCM (1050), it prevents illegal copying of the transmitted digital content, and then serves to recover the lost digital content.

11 is a simple flowchart illustrating a process of inserting encrypted file system information with respect to data transmitted from a content providing server to a client.

When the client accesses and logs in to the content providing server (1100), the CSFM 1040 of the content providing server checks whether the FSI 500 is mounted on the client (1101). If the latest version of the FSI 500 supporting the content provided by the content providing server is installed, the CSFM 1040 of the content providing server synchronizes with the FSI 500 of the client (1102) to transmit digital content. And condition to insert encrypted file system information.

However, if the client is not equipped with the FSI 500 (1103), is equipped with an FSI 500 that is incompatible with the CSFM 1040, or is equipped with an older version of the FSI 500, then the CSFM 1040 is By transmitting and installing the latest version of the FSI 500 to the client (1104), the CSFM 1040 of the content providing server and the client's FSI 500 are automatically synchronized (1102), and encrypted file system information can be inserted. Create a condition that can

When the CSFM 1040 of the content providing server and the FSI 500 of the client are synchronized through the above process, the content providing server may normally perform the digital content request requested by the client (1105). Therefore, after the CSFM 1040 of the content providing server and the FSI 500 of the client are synchronized, when the digital content transmission is requested from the client to the content providing server, the CSFM 1040 may determine the FSI (based on the time when the transmission request is transmitted). Check if it is synchronized with the operation 500 again (1106).

If it is confirmed that the CSFM 1040 of the content providing server and the FSI 500 of the client are normally synchronized, the CSFM 1040 may determine that an external application or process is responsible for the data currently transmitted through the FSI 500 of the client. After the lock is set to prevent access (1107), the digital content is transmitted through TCP / IP (1112).

However, if the client does not confirm that the CSFM 1040 of the content providing server and the FSI 500 of the client are normally synchronized based on the time at which the client requests digital content transmission (1108), the CSFM 1040 may determine that the FSI 500 of the client is in sync. Outputs a message indicating that the digital content cannot be downloaded (1109), deletes all information and data on the digital content (1110), and transmits the result to the CCM 1050 of the content providing server (1109). 1111).

The above data transmission process is applied to each data packet and digital content and is repeated until the transmission of all packets and digital content is completed. If the digital content is provided from the content providing server to the client through the above process, the FSI 500 of the client encrypts and inserts the file system into the original data restored through the TCP layer of TCP / IP (1113). . If the encrypted file system information is normally inserted in the original data, the FSI 500 sends the result to the CCM 1050 (1115) and then unlocks the original data (1120) to external applications and processes. To allow access.

However, if an error occurs in the process of encrypting the file system and inserting it into the original data (1116), the FSI 500 outputs a file system insertion error message (1117) and deletes the corresponding digital contents from the memory and the hard disk. After 1118, the result is transmitted to CCM 1050 (1119).

FIG. 12 shows the digital contents through the CCM 1050 which stores the transmission result for the case where the digital contents are deleted from the client for normal digital content licensee and need to be recovered or retransmitted because the transmission is not completed. Here is a simple flow chart for the retransmission process.

This flowchart assumes that the client is equipped with the latest version of the FSI 500 provided by the content providing server.

When the client server requests digital content retransmission from the content providing server (1200), the CSFM 1040 of the content providing server checks whether it is synchronized with the client-side FSI 500 (1201), and the CCM ( It is determined whether the digital content is retransmitted with reference to the information of 1050 (1202).

The CCM 1050 stores the transmission result of all digital content transmitted to the client and the network information of the client. When the client needs to recover due to the loss of the original digital content, the CCM 1050 receives the digital content through a normal method. When the operation is not completed, retransmission is allowed for the case where the same client requests retransmission by referring to the network information of the client.

However, if the CSFM 1040 of the content providing server and the FSI 500 of the client are not synchronized (1203) or if the retransmission condition is not satisfied, a non-retransmission message for the operation is output to the client (1204). After the corresponding digital content is deleted from the memory and the hard disk (1205), the result is stored in the CCM 1050 again (1206).

If retransmission of the digital content is allowed in the above process, the CSFM 1040 sets a lock on the data retransmitted through the FSI 500 of the client (1207), and retransmits the digital content to the client (1209).

If the digital content retransmission is normally completed through this process, the client side FSI 500 inserts the encrypted file system information into the retransmitted original data (1210), and transmits the result to the CCM 1050 (1212). After storing that the retransmission has been performed normally, by unlocking the retransmitted original data (1217), the digital content is dropped for normal use on the client, but the reverse of the case where the encrypted file system information cannot be inserted ( 1213. After outputting an error message (1214), the digital content is deleted from the memory and the hard disk (1215), and the result is stored in the CCM (1050) (1216).

FIG. 13 is a simple illustration of a process of encrypting file system information using an FSI 500 for digital content transmitted to a client through a content providing server and inserting the file system information into the transmitted original data.

The digital content download dialog shown in FIG. 13 is provided by the content providing server or by downloading the digital content using the FSI 500 compatible with the CSFM 1040 of the content providing server. This is the case where the original data is generated after receiving the content and the file system information is encrypted and inserted.

The client side FSI 500 is a file system information inserter necessary for the client to download a file. If the FSI 500 does not exist in the client due to the nature of the present embodiment, data transmission from the content providing server is essentially prohibited. You may not download the content in any way. This is because the data transfer from the content providing server to the client uses the existing TCP / IP underlying, but the server daemon 1030 of the content providing server and the web browser do not communicate data, but the server daemon of the content providing server. This is because the CSFM 1040 connected to the 1030 and the content D / B and the FSI 500 module connected to the web browser of the client communicate.

FIG. 14 is an exemplary diagram of an error occurring when the FSI 500 of the client inserts an encrypted file system into original data received from a content providing server.

If an error occurs in the process of encrypting the file system information in the client-side FSI 500 and inserting the file system information into the original data, spyware is installed in the client or the FSI 500 itself is manipulated in a malicious manner. Most of the time you try to destroy the purpose. This is because, as shown in Figs. 11 and 12, when the content providing server transmits to the client, the content providing server always manages the client's FSI 500 and updates the client FSI 500 with the latest version of the FSI 500. Except as described above, an error may not occur in the process of inserting the encrypted file system information due to a structural problem.

Therefore, if an error occurs in the process of encrypting the file system information in the original data and inserting it into the original data, the FSI 500 outputs an error message as shown in Fig. 14 as described in Figs. After the information is permanently deleted from the memory and the hard disk, it is transmitted to the CCM 1050 of the content providing server for management.

Fig. 15 is a simple block diagram of a method of creating an installation file and an installation program in which encrypted file system information is inserted using the installation CD production software on which the FSI 500 is mounted, and recording the same onto a CD.

Figure 15 creates an installation file by inserting encrypted file system information into the original file stored on the hard disk of the computer making the installation CD, and installs the software through a series of compilation processes and data compression for the installation file. After the required compressed file is created, the installer installs the software with the required FSA 800 in the process of extracting and installing the compressed file, and encrypts and inserts the file system information into the generated installer. After the program is copied or illegally copied to a storage device, such as a hard disk, the present invention relates to a method for preventing the illegal distribution and exploitation through a communication network such as the Internet.

In FIG. 15, the file system used in the process of producing the original file as the installation file and the file system mounted in the installation program are not file systems for the FAT-based hard disk, but CDFS for the CD on which the installation files and the installation program are mounted. In the execution phase of the installation program, the FSA 800 embedded in the installation program determines whether the files are a copy or an illegal copy through the CDFS information of the installation program and the installation file, and determines whether the files are copied or duplicated. It is also possible to determine whether the current file system referenced in order to install from a CD is FAT or CDFS.

In FIG. 15, the encrypted file system information is inserted into the installation program as well as the original file to prevent illegal copying of the original file as well as illegal copying of the installation program itself.

The original file is compressed after the encrypted file system information is inserted into the installation file, and the file system information is also inserted into the compressed file. Since the file system information mounted on the original file included in the compressed file cannot be decrypted by any method except the installation program, and even the installation program inserts encrypted file system information, The created software installers and installation files can only be installed from the original CD, and they can be copied or copied to the hard disk to change the reference file system to FAT or to change the reference file system information in any way. You will not be able to install it.

FIG. 16 is an exemplary diagram for manufacturing an installation file and an installation program for original files in dedicated software for producing a software installation CD in which encrypted file system information is inserted in the same manner as in FIG. 15.

In general, a method of making a software installation CD is to prepare an installation file and an installation program by compressing an original file on a hard disk through an installation program production software such as an installation shield, and recording the same on a CD through CD recording software.

However, in the present embodiment, in the process of producing the installation file and the installation program from the original file, the file system information of the CD on which they are recorded is encrypted and inserted into the installation file and the installation program.

Therefore, in the present embodiment, as shown in Fig. 16, in the process of producing the compressed installation file from the original file of the hard disk and generating the installation file, the CD can be written to the CD system as soon as it is inserted. That requires dedicated software.

Figure 16 is an exemplary diagram for the above operation, the buffer 100 is the ratio of the original data loaded on the hard disk in the memory to generate the original data, 200 is the encryption of the original data loaded in the memory The percentage of original data that is being processed to insert the file system information that has been processed, where 300 is the percentage of installation files compressed by inserting encrypted file system information, and 400 is the installation files recorded on the actual CD of the compressed installation files. To ratio.

After the recording of the above installation files is completed, the installation program mounts file system information together with the FSA 800 capable of decrypting the file system mounted in the installation file and is recorded last.

In FIG. 16, the installation file and the installation program are recorded on a CD by using an immediate recording, a batch recording, a batch recording, and the like. The immediate recording is a method of recording a compressed installation file as well as recording it on a CD. The recording is a method of creating an installation file and an installation program in which file system information is inserted and recording the information of the file system at the time of being recorded while recording them on a CD.

In particular, batch recording is effective when there is only one installation file or installer recorded on the CD, and batch record creates a recording schedule for each file when there are multiple installation files or installers recorded on the CD. Therefore, it is valid when writing the files.

Fig. 17 is a simple flowchart showing a process of creating an installation file and an installation program in which encrypted file system information is inserted using the installation CD production software on which the FSI 500 is mounted, and recording this onto a CD.

In order to produce an installation file and an installation program using the installation CD production software loaded with the FSI 500, and to record it on a CD, a work schedule for this operation must be prepared (1700). This is because CDFS information, which is a file system inserted into the original file and the installation program by the present flowchart, is generated while the installation file and the installation program are recorded on the CD.

For example, it does not make sense to insert file system information such as installation files and the time recorded on the CD into the installer before it is written to the CD. Therefore, time-independent file system information is encrypted and inserted in advance, but time-dependent file system information is inserted at the time of recording on a CD, or time-dependent file system information is recorded on a CD. After inserting and reserving the time, you need to schedule a task such that the file will be written to the CD at that time.

When the job schedule is written to insert the file system information into the original file and the installation program and write it to the CD in the above manner, the encrypted file system information is inserted using the installation CD authoring software equipped with the FSI 500. The process of creating files and installers, and writing them to a CD.

The original file is loaded from the hard disk into memory according to the work schedule (1705), the original data is generated and processed (1710), and the file system information is extracted (1715) and encrypted (1720) by the method determined by the work schedule. The installation file is inserted into the original data to generate an installation file (1725) and compressed (1730).

Once the compressed installation file is created, the installation CD authoring software with FSI 500 creates the installer according to the task schedule (1735), applies encrypted file system information (1740) to the installer file, and the installer itself. After the FSA 800 is mounted (1745), it verifies whether the work proceeds according to the work schedule. If all the work was performed in the same way as the work schedule, the installation CD authoring software equipped with the FSI 500 writes the installation file and the setup program to the CD according to the work schedule (1755), and then deletes the original data from the memory. (1765).

However, if it did not go exactly the same as the schedule because of problems with the operating system and other unforeseen problems in the process (1760), the installation CD authoring software with the FSI 500 recreates the task schedule. (1700), the same operation is repeated.

According to the present invention, by encrypting and inserting file system information data into digital content, file movement in the same system is possible, but digital content duplication using file copy in the same system, removable storage device such as floppy disk or CD It has the effect of blocking the duplication of digital contents into the network and illegal duplication and distribution of digital contents through LAN (Local Area Network) or the Internet, thereby preventing hacking that has been previously performed when protecting intellectual property rights on digital contents. It can protect against the same operation, and it is also effective in preventing illegal software distribution.

Claims (19)

delete delete A function of extracting file system information data to be used in a corresponding file through a kernel of an operating system when storing an original data file existing in a memory on a hard disk; Converting the extracted file system information data into an encryption code through a series of encryption methods; A function of processing the original data file to insert the encrypted file system information data after generating an encryption code for the file system information data; A file system information insertion unit (File System Insertion), characterized in that it comprises a function of inserting the encrypted file system information into the original data file after completion of the original data file processing; When the original data file into which the encrypted file system information is inserted by the file system information inserter is loaded from a hard disk or a storage device, only encrypted file system information data is extracted from the original data file into which the encrypted file system information is inserted. Function; Decrypting the encrypted file system information data and generating file system information data inserted in the file; Extracting current file system information for the file; And And a function of comparing and analyzing the information inserted in the file with information extracted from the current file system to determine whether the original data file is a copy or an illegal copy. And a digital content piracy prevention system using file system information data, comprising: a System Analyzer. delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete

Images