KR20160019723A - Contents protection method and computer program thereof - Google Patents

Abstract

Provided is a content protection method for limiting and disapproving the reading of the content, by checking whether the ambient environment of a terminal for reading the content is an environment which is not allowed to read the content, and a computer program thereof. The content protection method according to an embodiment of the present invention comprises: a step of allowing a terminal to open a content; a step of allowing the terminal to activate a sensor equipped in the terminal; a step of allowing the terminal to analyze measurement data measured by the sensor and find out security violations; and a step of disapproving the reading of the content when the terminal finds out the security violations.

Description

[0001] DESCRIPTION [0002] CONTENT PROTECTION METHOD AND COMPUTER PROGRAM [0003]

The present invention is a method and a computer program for protecting contents from unauthorized copying and the like. More specifically, the present invention relates to a method and a computer program for protecting contents from unauthorized duplication or the like through identification of an external environment of a terminal in which the contents are browsed.

The so-called DRM (Digital Rights Management) technology includes a technique of allowing only a user having a proper authority to view the content to be browsed and controlling the reading terminal so that an unacceptable behavior can not be performed even during reading. As DRM technology has developed to protect copyright and protect trade secrets, technology for controlling the viewing terminal itself to protect contents has been continuously developed.

However, there is an attempt to illegally duplicate the content displayed by the viewing terminal from the outside. There is a need to provide a technology that can respond appropriately to such attempts.

Korean Patent Publication No. 2002-0003843

SUMMARY OF THE INVENTION The present invention provides a method of protecting content by sensing a surrounding environment of a terminal used for browsing contents and determining whether to allow viewing of the contents according to the surrounding environment.

According to another aspect of the present invention, there is provided an information processing apparatus including a sensor driving code in a content and defining an environment in which the content can be browsed through the sensor driving code, thereby enabling the content to actively protect itself Method.

Another object of the present invention is to provide a method and apparatus for preventing content from being leaked out of an inappropriate behavior outside the terminal during browsing of the content even if the browsing of the content is normally permitted, And to provide a method of continuously monitoring the surrounding environment even while the reading is in progress.

Another object of the present invention is to provide a method and apparatus for sensing a surrounding environment of a terminal used for browsing contents and determining whether or not to allow viewing of the contents according to a surrounding environment, May be performed in a background mode to continuously monitor the surrounding environment during the browsing of the contents in order to prevent the contents of the contents from being leaked through inappropriate actions from outside the terminal during the browsing of the contents Agent computer program.

The technical objects of the present invention are not limited to the above-mentioned technical problems, and other technical subjects not mentioned can be clearly understood by those skilled in the art from the following description.

According to an aspect of the present invention, there is provided a method of protecting content, the method comprising: opening a content in a terminal; activating a sensor provided in the terminal; Analyzing the measurement data to find a security violation, and disallowing the terminal to view the content when the security violation is detected.

In one embodiment, the content includes a sensor driving code, and activating a sensor included in the terminal may include activating a sensor provided in the terminal by executing the sensor driving code. At this time, in the step of activating the sensor provided in the terminal by executing the sensor driving code, the security agent application installed in the terminal executes the sensor driving code at the time of accessing the contents to activate the sensor provided in the terminal .

In one embodiment, the step of activating the sensor included in the terminal includes activating a camera provided in the terminal, and the step of analyzing the measurement data measured by the sensor and discovering a security violation comprises: And determining that the security violation has been detected when detecting the prohibited entity designated in advance by the camera. At this time, a camera may be included in the pre-designated forbidden object.

In one embodiment, the content further includes viewing permission position information, and the step of activating the sensor provided in the terminal includes activating a position sensor provided in the terminal, The step of analyzing data and discovering a security violation step may include determining a current location of the terminal by the location sensor, and if the determined location is not included in the viewing permission location information included in the content, It may be determined that it is found.

In one embodiment, activating a sensor included in the terminal includes activating a location sensor included in the terminal, and analyzing measurement data measured by the sensor to find a security violation And determining that the security violation has been detected when the positioning sensor fails to detect the current position of the terminal or fails to activate the positioning sensor.

In one embodiment, the step of activating the sensor included in the terminal includes activating a camera provided in the terminal, and the step of analyzing the measurement data measured by the sensor and discovering a security violation comprises: Detecting a person or a face in an image photographed by the camera, and determining that the security violation is detected when two or more persons are detected or two or more faces are detected as a result of the detection .

In one embodiment, the content may further include authentication information indicating biometric information of a user who is permitted to browse, and the step of analyzing the measurement data measured by the sensor to find the security violation may include: Analyzing the measurement data, performing user authentication based on the authentication information, and determining that the security violation is detected when the user authentication fails.

In one embodiment, when a security violation is detected and the content is not browsed, or a security threat is detected during browsing of the content and browsing of the content is restricted, Log records can be sent to the security server.

According to the present invention as described above, it is possible to prevent the content from being leaked by an external action of the terminal through which the content is browsed.

1 is a flowchart of a content protection method according to an embodiment of the present invention.
2 is a flowchart of a content protection method according to another embodiment of the present invention.
FIG. 3 is a flowchart detailing operations related to detecting a security violation by analyzing video sensor measurement data among the contents protection method shown in FIG. 1 or FIG. 2. FIG.
FIG. 4 is an illustration of a situation in which an operation performed by the flowchart shown in FIG. 3 is effective.
FIG. 5 is a diagram for explaining a process of analyzing an image taken by a video sensor provided in a terminal in the situation shown in FIG.
FIG. 6 is a flowchart illustrating details of operations according to an exemplary embodiment of the present invention, which is different from FIG. 3, in analyzing video sensor measurement data among the content protection methods shown in FIG. 1 or FIG. 2 to detect a security violation.
FIG. 7 is a flowchart detailing operations related to detecting a security violation by analyzing the measurement data of the location sensor among the contents protection methods shown in FIG. 1 or FIG. 2. FIG.
FIG. 8 is a flowchart detailing operations related to detecting a security violation by analyzing sensor measurement data among the content protection methods shown in FIG. 1 or FIG. 2 to perform user authentication.
9 is a diagram for explaining a sensor driving code applied in some embodiments of the present invention.
10 is a flowchart of a content protection method according to another embodiment of the present invention.
FIG. 11 is a flowchart illustrating an operation related to monitoring security threats during content browsing among the contents protection method shown in FIG.

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. BRIEF DESCRIPTION OF THE DRAWINGS The advantages and features of the present invention and the manner of achieving them will become apparent with reference to the embodiments described in detail below with reference to the accompanying drawings. The present invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art. Is provided to fully convey the scope of the invention to those skilled in the art, and the invention is only defined by the scope of the claims. Like reference numerals refer to like elements throughout the specification.

Unless defined otherwise, all terms (including technical and scientific terms) used herein may be used in a sense commonly understood by one of ordinary skill in the art to which this invention belongs. Also, commonly used predefined terms are not ideally or excessively interpreted unless explicitly defined otherwise. The terminology used herein is for the purpose of illustrating embodiments and is not intended to be limiting of the present invention. In the present specification, the singular form includes plural forms unless otherwise specified in the specification. It is noted that the terms "comprises" and / or "comprising" used in the specification are intended to be inclusive in a manner similar to the components, steps, operations, and / Or additions.

In this specification, a logic or a routine refers to a series of instructions that can be executed by a processor, and is not limited to being written by a specific programming language.

Hereinafter, a content protection method according to an embodiment of the present invention will be described with reference to FIG.

First, the contents are opened according to the operation of the user of the terminal (S100).

The terminal may be one of all types of terminals equipped with an operation means such as a processor for performing an operation for browsing contents. For example, the terminal may be a desktop computer, a notebook computer, a tablet computer, a smart phone, Clock, and so on. The content may be data previously stored in the terminal, or may be downloaded in a streaming form from a server device.

In addition, the contents are not limited to specific types of contents such as moving pictures, music, documents, and images.

Simultaneously with or after the opening of the content, the terminal activates at least one of the sensors provided in the terminal (S110). The sensor may refer to various devices, circuits, or integrated circuits that may be included in the terminal for sensing the environment of the terminal. For example, the sensor may be part of various sensors such as a position sensor module, a camera module, a microphone module, a gyro / acceleration sensor module, an air pressure sensor module, a hall sensor module, and a fingerprint sensor module.

If the activation of the sensor is unsuccessful (S115), since the security environment to be maintained at the time of reading the content can not be secured, the terminal can disallow the content browsing immediately (S140).

When the activation of the sensor is successful, the sensor measurement data reflecting the result of the measurement by the activated sensor starts to be recorded in the log record (S117). The sensor measurement data may be, for example, forward or backward image / video data of the terminal generated by the camera module, or positioning information of the terminal generated by the positioning sensor module. The log record can be understood as a data structure for recording sensor measurement data. When there are a plurality of activated sensors, all sensor measurement data generated from a plurality of sensors can be recorded in the log record. The sensor measurement data may be measured at a specific point in time and recorded in a log record, but may be continuously measured from the point of time when the sensor is activated and recorded in a log record.

If the activation of the sensor is successful, the measurement data of the sensor is analyzed to determine whether a security violation is found (S120). At this time, the analysis method and the security violation criteria according to the type of the sensor can be applied, and various analysis methods and security violation criteria can be applied according to the type of the content. Various detailed embodiments for determining whether a security violation has been found according to the analysis method and the analysis result of the measurement data of the sensor will be described later.

If a security violation is found, the content is not allowed to be viewed (S140). That is, the terminal can display the guidance message and immediately remove the user interface for content browsing. The information message may include information about the security violation.

If a security violation is found, not only the content is viewed but also the recorded log record may be transmitted to the security server (S150). For example, when the location of a terminal capable of content browsing is limited, if a user tries to browse the content out of the position of the terminal capable of browsing the content, the terminal position (for example, Information will be accumulated in the security server. The data stored in the security server can be used as basic data for various purposes to maintain security of contents.

The security server may be connected to the terminal through a network, for example, a wireless LAN or a mobile communication network. The security server may receive the log record and store the log record in a log database provided in the security server or connected to the security server.

The log record may be transmitted to the security server in a state including sensor measurement data as it is, but may be transmitted to the security server in a state including sensor measurement data converted by a predetermined method.

Meanwhile, FIG. 1 illustrates an operation (S117) related to the recording of a log record and an operation (S150) related to transmitting the security record to the security server when a security violation is detected. However, according to another embodiment, Operation S150 related to operation S117 and security server transmission of the log record upon detection of a security violation may not be performed. That is, it is optional that the sensor measurement data is transmitted to the security server when a security violation is detected at the start of content browsing.

Hereinafter, a content protection method according to another embodiment of the present invention will be described with reference to FIG. According to the present embodiment, an agent application installed in the terminal performs an operation of detecting a security violation (indicated by an agent APP in the figure).

The content has a general-purpose file format and is opened by a general-purpose viewer. In some cases, the general purpose viewer may directly execute the sensor driving code. In this case, it is apparent that the agent application may not be required for performing the embodiment.

The agent application is an application that always operates in the background mode during the operation of the terminal. The agent application filters I / O to the storage device provided in the terminal or filters data received through a network interface provided in the terminal Application. The agent application may be, for example, a DRM (Digital Rights Management) agent application.

In connection with the present embodiment, the agent application detects that the sensor drive code included in the content is READ, and executes the sensor drive code to activate the sensor, detect a security violation, Is a computer program separate from the content viewer, which performs an operation of disallowing or limiting the browsing of the content.

Preferably, the sensor driving code is included in a reserved area or a user customizable area of a header part of the contents so as not to cause an error when the contents are accessed by the general-purpose viewer .

In order for the agent application to sense the read of the sensor drive code, the sensor drive code may start and end with a predefined sensor drive code identification string. That is, the agent application can detect the sensor driving code by monitoring only the presence of the sensor driving code identification string among the data to be read.

Meanwhile, according to the present embodiment, the content may include a sensor driving code. In the context of this embodiment, the sensor driven code defines an external environment in which content must be observed in order to be viewed. For example, it may be defined that no other objects other than the person viewing the document can be found in the image photographed by the front-end camera provided in the terminal.

The sensor drive code may be executable code. The sensor driving code may be a code written in an interpreter language or a script language that does not need to be compiled. The sensor driving code may include program code for calling an API (Application Programming Interface) provided by the agent application through inter-process communication (IPC) with the agent application. The sensor driving code may be implemented in various forms other than those described above, and may be composed of binary data that is compiled and executable according to some embodiments.

Since the sensor drive code is executable code, it is possible to define various requirements environments as needed.

According to some embodiments, the agent application may intervene in an I / O command to prevent unauthorized deletion of the sensor driven code. For example, if the data to be deleted / modified includes an identification string of the sensor driving code, the deletion / modification command may be hooked and deleted.

When a user command for opening a content is input (S102), a viewer application connected to the content installed in the terminal accesses data constituting the content (S104). In this process, the viewer application reads the content data, and the sensor driving code included in the content data is also read, and the reader of the sensor driving code is detected by the agent application (S106). The agent application executes the sensor driving code. When the activation command for the specific sensor is included in the sensor driving code, the sensor designated by the execution of the activation command is activated (S112). The subsequent operation is the same as that shown in Fig.

Hereinafter, various embodiments for analyzing measurement data of the sensor to determine whether a security violation is found will be described.

3 to 6, embodiments for analyzing an external image of a terminal using a camera provided in the terminal and determining whether a security violation is found based on the analysis result will be described. In this case, if the terminal is provided with a plurality of cameras, it is preferable that the camera is limited to the one provided in the direction (front portion) in which the display of the terminal is provided. At this time, the front side image is processed in the background mode and is not actually displayed on the display of the terminal.

FIG. 3 is a flowchart of a method for disallowing or limiting the browsing of contents when the prohibited object exists around by checking whether a predetermined prohibited object is detected using image analytics in an external image of the terminal.

When the front side image of the terminal photographed by the camera provided in the terminal is acquired (S1201), the forbidden object is detected from the obtained front side image (S1203). Which objects are prohibited is specified by the commands included in the sensor driving code.

For example, when it is desired to prohibit the camera from being detected on the front side image, a function for detecting the camera shape object will be included in the sensor driving code. FIG. 4 illustrates a situation in which a user 306 viewing content through the terminal 300 reproduces the content displayed on the display of the terminal through the camera 304 without permission. 5 is a front view image of a terminal where a front side camera 302 provided in the terminal 300 is photographed. An agent application installed in the terminal 300 detects a camera shaped object 304 in the front side image Function. A technique of detecting an object of a specific shape by analyzing an image or a moving image and finding feature points such as those shown in Fig. 5 is disclosed in U.S. Patent Nos. US20140140583A1, US20140140574A1, US20140133698A1, US20140093176A1, US20140089365A1, US20140064625A1, US20140056473A1, US20140023232A1 , US20140010433A1, and the like, a person skilled in the art will be able to implement a function of detecting a camera-shaped object without difficulty using a disclosed technique. Therefore, a detailed description of an example of a function for detecting a camera-shaped object will be omitted.

Referring again to FIG. 3, when a forbidden object is detected in the front side image (S1205), the terminal determines that a security violation has been found (S1207). In the case where the method shown in FIG. 3 is performed at the content open time, if the prohibited object is not detected in the front side image, it is determined that the security violation is not found and the execution of the method shown in FIG. In the case where the method shown in FIG. 3 is performed for monitoring whether or not a security threat is found after the open, if the prohibited object is not detected in the front side image while the content browsing is continued, do.

FIG. 3 shows a case where no inhibited object is detected in the front side image

Various objects that should not exist on the front side of the terminal where the contents are browsed as well as the camera can be designated as the forbidden object, and the embodiment described with reference to FIG. 3 can be extended to the case of designating various objects as forbidden objects have.

FIG. 6 is a flowchart illustrating an example of a method for checking whether two or more persons are detected or two or more human faces are detected using image analytics in an external image of the terminal, Is prevented from being browsed.

When the front side image of the terminal photographed by the camera provided in the terminal is acquired (S1211), the person is detected from the obtained front side image (S1213).

For example, when it is intended to prohibit the detection of two or more persons on the front side image, a function for detecting a person and returning the number of detected persons will be included in the sensor driving code. Technology to analyze and detect or recognize the person for images or videos United States Patent Literature US20140140572A1, US20140139660A1, US20130301911A1, US20130251203A1, US20130250050A1, US20130235195A1, US20130201338A1, US20130148858A1, US20130136298A1, US20130039547A1, US20130022262A1, US20130002845A1, US20120274755A1, US20120163723A1, US20120155719A1, US20120020518A1, US20090097711A1 , US20090087060A1, US20090087025A1, US20090052739A1, and the like, a person skilled in the art will be able to realize a function of detecting a person without difficulty using the disclosed technology and returning the number of detected persons. Therefore, a detailed description of an example of a function for detecting the number of human bodies included in the image will be omitted.

If it is determined that there are two or more persons detected as a result of the detection of the person in the obtained front side image (S1215), it is determined that the security violation is detected (S1217).

However, since the human detection or human recognition algorithm is a detection target of a human body, at least a part of the body must be included in the frontal image. Therefore, if only the face is included in the front side image, it can be handled as not being detected. In order to prevent such a situation, the face recognition function may be supplementally performed even if the number of persons detected as a result of human detection is zero. That is, in the present embodiment, when two or more human bodies are detected on the front side image, or when two or more human faces are detected, the browsing of the contents can be prohibited or restricted.

If the method shown in FIG. 6 is performed at the time of content open, it is determined that a security violation is not found when two or more human bodies or faces are not detected in the frontal image, and the execution of the method shown in FIG. 6 When the method shown in FIG. 6 is performed for monitoring whether or not a security threat is found after the content is opened, if no two or more persons or faces are detected in the front side image while the content browsing is ongoing It continuously monitors the discovery of prohibited objects.

Analyzing image or video and technology to detect or recognize a person's face, the United States Patent Document US20140147023A1, US20140147022A1, US20140122470A1, US20140079299A1, US20140064577A1, US20140063236A1, US20140056490A1, US20140044359A1, US20140022370A1, US20140016860A1, US20140010415A1, US20140003663A1, US20130300900A1, US20130300891A1, US20130294688A1, US20130279810A1 , US20130235228A1, US20130229545A1, and the like, a person skilled in the art will be able to realize a function of detecting the face of a person without difficulty using the disclosed technology, and returning the number of detected human faces. Therefore, a detailed description of an example of the function for detecting the number of human faces included in the image will be omitted.

7 is a flowchart of an embodiment for analyzing the location of a terminal and determining if a security violation is found. This embodiment will be useful when it is desired to be able to browse contents only in a specific area.

The terminal obtains the positioning data (S1221). The positioning data may be various data used for positioning the terminal, such as GPS data, Wi-Fi Positioning System (WPS) data, and a base station signal (in the case of a technique of positioning by triangulation of a base station signal). If no positioning data can be obtained, the terminal will disallow or limit the browsing of the contents as described with reference to Fig.

Next, the terminal determines whether the position according to the positioning data is included in the reading permission position (S1223). The reading permission position can be obtained from the reading permission position information included in the content. If the position according to the positioning data is not included in the reading permission position, it can be determined that a security violation has been found (S1225).

Preferably, the read permission position information is included in a reserved area or a user customizable area of a header portion of the content so that the content is accessed by the general-purpose viewer without causing an error Do.

In the case where the method shown in FIG. 7 is performed at the content open time, if the position according to the positioning data is included in the reading permission position, it is determined that the security violation is not found and the execution of the method shown in FIG. 7 is terminated If the method shown in FIG. 7 is performed for monitoring whether security threats are found after the content is opened, even if it is determined that the position according to the positioning data is included in the reading permission position while the content browsing is ongoing, The terminal monitors whether or not the terminal leaves the reading permission position.

8 is a flowchart illustrating an embodiment of performing user authentication by analyzing measurement values of various sensors provided in a terminal. The present embodiment will be useful when it is desired to limit the content to be viewed only by a specific user. At this time, it is assumed that the content further includes user authentication information itself or access information to user authentication information. The user authentication information may be various biometric data such as face photographs, fingerprints, and iris recognition data.

First, the terminal obtains the user authentication information included in the content (S1231). The user authentication information is preferably included in a reserved area or a user customizable area of a header part of the content so as not to cause an error in accessing the content by the general viewer . On the other hand, if the user authentication information is a face image, it is not easy to include the image itself in the content because of the capacity problem. Therefore, if the data size of the user authentication information is too large to be included in the spare area or the user customizable area, a link capable of accessing the user authentication information, rather than the user authentication information itself, And may be included in the user customizable area.

Next, the terminal acquires the measured value data of the sensor corresponding to the type of the user authentication information (S1233). For example, data of the fingerprint sensor may be acquired for the user authentication information of the fingerprint type, and data of the front panel camera may be acquired for the user authentication information of the iris type.

Next, the terminal determines whether the acquired user authentication information and the measured value analysis result of the sensor coincide with each other to be identical (S1235). If the same person is not recognized, it is determined that a security violation has been found (S1237).

Although various embodiments have been described in which the measurement data of the sensor is analyzed to determine whether a security violation is found, the scope of the present invention is not limited to the described embodiments, and various sensors And can be extended to specifying various environments to be equipped for browsing contents.

On the other hand, the method of determining whether a security violation is detected by analyzing the measurement data of the sensor is not limited to a few cases, but can be performed variously according to how to configure the sensor driving code, which is a code that can be executed. That is, at least some of the methods described with reference to Figs. 3, 6, 7, and 8 may be used in combination.

9 is an example of implementation of the sensor driving code. Note that Figure 9 is marked with pseudo code.

It is assumed that the sensor driving code as shown in Fig. 9 is included in the spare area of the header part of the contents, and the contents are opened. Then, the agent application will sense the lead of the sensor drive code and execute the sensor drive code.

First, the camera module is activated by executing the camera module activation function 201. At this time, the image captured by the camera module does not need to be displayed on the terminal as mentioned above.

Next, a function 202 for determining whether a camera-shaped object is detected from the image photographed by the camera module is executed. If the execution result of the function 202 returns a TRUE value, the sensor driving code returns a FAIL value indicating that a security violation has been found and will be terminated 210. [

Next, a function 203 for returning the number of persons from the image photographed by the camera module is executed. When the function 203 returns a value of 2 or more, the sensor driving code returns a FAIL value indicating that a security violation has been found and will be terminated (210).

Next, a function 204 for returning the number of human faces from the image photographed by the camera module is executed. If the execution result of the function 204 is greater than or equal to 2, the sensor driver code returns a FAIL value indicating that a security violation has been found and will be terminated (210).

Next, a function to activate the positioning sensor (e.g., GPS receiving module) is executed (205) to confirm the position of the terminal. If the location of the terminal according to the location data is not included in the read permission location information included in the content (206), the sensor drive code will return a FAIL value, which means that a security violation has been found, and end (210).

Next, a function 207 for performing user authentication using a face is executed. As the parameter of the function 207, user authentication information included in the content can be input. As a result of the execution of the function 207, if the PASS signifying pass of user authentication is not returned, the sensor driving code returns a FAIL value indicating that a security violation has been found and will be terminated (210).

Hereinafter, a content protection method according to another embodiment of the present invention will be described with reference to FIGS. 10 to 11. FIG. The content protection method according to the present embodiment may be understood to be performed during the browsing of the content, unlike the one described with reference to FIG. 1 and FIG.

That is, according to the present embodiment, while browsing contents is allowed (S160), the agent application can monitor the occurrence of security threats using the sensor of the terminal while the reading of contents using the terminal is in progress (S170). At this time, the agent application can continuously execute the sensor driving code while the reading of the contents is in progress.

As a part of the monitoring operation, the agent application may record sensor measurement data reflecting a result measured by the sensor in a log record (S175). The sensor measurement data may be, for example, forward or backward image / video data of the terminal generated by the camera module, positioning information of the terminal generated by the positioning sensor module, sound information about the terminal generated by the microphone module Lt; / RTI > When there are a plurality of activated sensors, all sensor measurement data generated from a plurality of sensors can be recorded in the log record. The sensor measurement data may be continuously measured and recorded in a log record while content browsing is in progress.

The security threats that are continuously checked during the browsing of the content may be different from the security violation items checked at the time of opening the content, but they may be the same. For example, when the sensor driving code shown in FIG. 9 is used, when a new person other than an existing authenticated user makes an act in front of a terminal displaying content, or when an authenticated user performs an action to shoot a display of the terminal with a camera, It is determined that a security threat has been found (S180). In such a case, the agent application can perform an operation such as limiting the access of the content data so as to limit the browsing of the content (S190), or forcibly terminating the execution of the viewer application.

If a security threat is found, not only the access of the content is restricted, but also the recorded log record may be transmitted to the security server (S195). For example, when the location of a terminal capable of content browsing is limited, if a user tries to browse the content out of the position of the terminal capable of browsing the content, the terminal position (for example, Information will be accumulated in the security server. The data stored in the security server can be used for detecting a user who has acted in violation of the content security policy.

The log record may be transmitted to the security server in a state including sensor measurement data as it is, but may be transmitted to the security server in a state including sensor measurement data converted by a predetermined method.

Although it is not shown in FIG. 10, when the content viewing is permitted, the information about the security threat is guided. In case of performing the action corresponding to the security threat, the sensor measurement data may be provided to the security server A guiding message may be displayed. Such a message may alert the user not to act against security threats.

Meanwhile, FIG. 10 shows an operation (S175) related to the recording of the log record and an operation (S195) related to transmitting the security record to the security record when the security violation is detected. However, according to another embodiment, An operation (S195) related to the related operation (S175) and the security server transmission of the log record upon detection of a security violation may not be performed. That is, it is optional that the sensor measurement data is transmitted to the security server when a security violation is detected at the start of content browsing.

The sensor driving code may be different from the security threat if the instructions to be executed at the time of content opening and the instructions to be executed at the time of content browsing are implemented separately. An action that needs to be checked only while browsing of the content is in progress can be performed by the agent application. Fig. 11 shows an example of such an operation.

For example, an authenticated user can read the content of a document type, and then output the content by recording the sound. To detect such misconduct, the method shown in FIG. 11 may be performed while the browsing of the contents is maintained by the agent application.

After activation of the microphone (S1701), the micro-input sound is converted into text (S1703). Speech To Text (STT) which recognizes speech in sound and converts it into text can be utilized. If conversion to text is possible (S1705), the degree of similarity between the converted text and the text included in the content being viewed is evaluated. If it is determined that the converted text is substantially the same as some of the contents being browsed (S1707), the agent application determines that a security threat has been found (S1709).

The concepts of the present invention described above with reference to Figures 1-11 can be implemented in computer readable code on a computer readable medium. The computer readable recording medium may be, for example, a removable recording medium (CD, DVD, Blu-ray disk, USB storage device, removable hard disk) . The computer program recorded on the computer-readable recording medium may be transmitted to another computing device via a network such as the Internet and installed in the other computing device, thereby being used in the other computing device.

While the present invention has been described in connection with what is presently considered to be practical exemplary embodiments, it is to be understood that the invention is not limited to the disclosed embodiments, but, on the contrary, You will understand. It is therefore to be understood that the above-described embodiments are illustrative in all aspects and not restrictive.

Claims (19)

A step in which the terminal opens content;
The terminal activating a sensor provided in the terminal;
Analyzing measurement data measured by the terminal to find a security violation; And
And when the terminal finds the security violation, disallowing the browsing of the content.
Content protection method. The method according to claim 1,
Wherein the content includes a sensor drive code,
The step of activating the sensor provided in the terminal comprises:
And activating the sensor provided in the terminal by executing the sensor driving code.
Content protection method. 3. The method of claim 2,
Wherein the step of activating the sensor provided in the terminal by executing the sensor driving code comprises:
And activating a sensor provided in the terminal by executing the sensor driving code at a time of accessing the content by a security agent application installed in the terminal,
Content protection method. The method according to claim 1,
The step of activating the sensor provided in the terminal comprises:
Activating a camera provided in the terminal,
Wherein the step of analyzing the measurement data measured by the sensor to find a security violation comprises:
And determining that the security violation has been detected when detecting a prohibited entity previously designated in the image photographed by the camera.
Content protection method. 5. The method of claim 4,
Said predefined prohibited entity comprising a camera,
Content protection method. The method according to claim 1,
Wherein the content further includes viewing permission position information,
The step of activating the sensor provided in the terminal comprises:
And activating a positioning sensor provided in the terminal,
Wherein the step of analyzing the measurement data measured by the sensor to find a security violation comprises:
Determining the current position of the terminal by the positioning sensor and determining that the security violation has been found if the determined position is not included in the read permission position information included in the content.
Content protection method. The method according to claim 1,
The step of activating the sensor provided in the terminal comprises:
And activating a positioning sensor provided in the terminal,
Wherein the step of analyzing the measurement data measured by the sensor to find a security violation comprises:
Determining that the security violation has been detected if the location sensor fails to detect the current location of the terminal or fails to activate the location sensor.
Content protection method. The method according to claim 1,
The step of activating the sensor provided in the terminal comprises:
Activating a camera provided in the terminal,
Wherein the step of analyzing the measurement data measured by the sensor to find a security violation comprises:
Detecting a person or a face in the image photographed by the camera; And
And determining that the security violation has been detected if two or more persons are detected or two or more faces are detected as a result of the detection.
Content protection method. The method according to claim 1,
Wherein the content further includes authentication information indicating biometric information of a user who is permitted to browse,
Wherein the step of analyzing the measurement data measured by the sensor to find a security violation comprises:
Analyzing measurement data measured by the sensor to perform user authentication based on the authentication information and determining that the security violation has been found if the user authentication fails.
Content protection method. The method according to claim 1,
Wherein activating the sensor comprises:
And recording the sensor measurement data generated by the sensor after activating the sensor,
Wherein the step of denying access to the content comprises:
And transmitting the recorded sensor measurement data to a security server.
Content protection method. Allowing the terminal to view the content;
Activating a sensor provided in the terminal while the terminal is browsing the content to continuously monitor whether the threat is discovered;
And when the threat is found, the terminal restricts browsing of the content.
Content protection method. 12. The method of claim 11,
Wherein the monitoring comprises:
Activating a camera provided in the terminal,
Wherein the step of analyzing the measurement data measured by the sensor to detect a security threat comprises:
And determining that the security threat has been detected when detecting a prohibited entity previously designated in the image photographed by the camera.
Content protection method. 12. The method of claim 11,
Wherein the monitoring comprises:
Activating a camera provided in the terminal,
Wherein the step of analyzing the measurement data measured by the sensor to detect a security threat comprises:
Detecting a person or a face in the image photographed by the camera;
And determining that the security threat has been found if two or more persons are detected or two or more faces are detected as a result of the detection,
Content protection method. 12. The method of claim 11,
Wherein the monitoring comprises:
And activating a microphone provided in the terminal,
Wherein the step of analyzing the measurement data measured by the sensor to detect a security threat comprises:
Converting a sound input through the microphone into text;
And determining that the security threat has been found if the converted text is part of the content.
Content protection method. 12. The method of claim 11,
The step of allowing the terminal to view the content includes:
And recording the sensor measurement data generated by the sensor after allowing the terminal to view the content,
Wherein the step of denying access to the content comprises:
And transmitting the recorded sensor measurement data to a security server.
Content protection method. Coupled to the terminal,
Detecting an open of the content;
Activating a sensor provided in the terminal;
Analyzing the measurement data measured by the sensor to find a security violation;
Allowing the viewing of the content upon discovery of the security violation and allowing viewing of the content when the security violation is not found;
Activating a sensor provided in the terminal during the browsing of the contents to continuously monitor whether or not a security threat is detected; And
In order to execute the step of limiting the browsing of the contents by the terminal when the security threat is found,
A computer program stored on a medium. 17. The method of claim 16,
Wherein the step of detecting the opening of the content comprises:
Detecting the opening of the content by sensing a sensor driving code included in the content,
The step of activating the sensor provided in the terminal comprises:
And activating a sensor provided in the terminal by executing the sensor driving code.
A computer program stored on a medium. 17. The method of claim 16,
The sensor driving code may be a code that is included in a reserved area or a user customizable area of a header part of the contents so as not to cause an error when the contents are accessed by the general-
A computer program stored on a medium. 17. The method of claim 16,
Wherein the security threat is the same as the security violation,
A computer program stored on a medium.

Images