IT202100018851A1 - Process of managing and monitoring digital documents in secure mode - Google Patents

Description

Patent application for an invention entitled ?Protection system for managing and monitoring digital documents?

DESCRIPTION

The subject of this patent application is a management and monitoring process in protected documents in digital format.

In particular, the subject of this patent application is a management and monitoring process in protected to ensure accurate control of the information contained in these documents.

FIELD OF APPLICATION

The invention object of the present patent application finds application in the sector of information management, in particular of the information contained in documents in digital format.

In particular, the invention object of the present patent application finds application in the whole series of contexts in which it is necessary to protect information contained in a document in digital format and transferred by means of distributed digital documents, independently of infrastructures created ad hoc .

The privileged field of application of the process object of this patent application can consider the business world, with particular reference to those activities? intrinsically linked to the ability company to keep the information confidential, whether it refers to internal industrial processes - by way of example but not limited to companies in the engineering sector - or whether it integrates a working collaboration with third parties? by way of example but not limitation company? consultants and service providers - are therefore referable to? productive of others.

AND? in fact, is it known how much the loss of confidential information represents a high economic risk within multiple activities? corporate. The so-called ?data leak? can? be attributed, in the case of digital documents, to the lack of diligence in the sharing process but can it? otherwise? refer to the voluntary fact of a subject moved by the desire to damage the? activity? corporate. Last but not least, the risk can be attributed to an activity? of illegitimate infiltration that puts unauthorized subjects in contact with unprotected documents containing information not intended for dissemination (man in the middle).

Although we have focused on the realities? of? enterprise, the? innovation will be able? see fields of application also in individual contexts, working and otherwise, where the information is private and yet needs to be distributed within a limited circle of subjects.

In particular, the process covered by this patent application is aimed at a broad customer portfolio ranging from freelancers to the corporate world, up to the public sector.

By way of example only and not exhaustively, the following are some examples of application of the process object of this patent application in the sectors mentioned above:

- corporate environment: exchange of digital documents concerning corporate information, such as highly innovative projects (e.g. industrial processes), personal data or reports containing privileged information. In particular can? be suggested as a best practice for documents covered by NDA or inserted in MOG 231, as well as? documentation included in Patent Box files.

- freelancers/consultants: exchange of digital documents concerning M&A operations, investigations, patent projects, special disputes, etc.;

- public sector: exchange of digital documents concerning confidential information, such as medical records in the health sector, investigations in the defense/police/intelligence sector, personal data and processed with highly innovative content managed by university institutes, etc.

STATE OF ART

State of the art ? notes a series of different solutions aimed at achieving the objective of protecting the information contained in digital documents.

Currently known solutions can be identified in two macro-categories described below. - Digital Rights Management software or creation of appropriate management systems that require the user to install additional software on each device or specific software for viewing as well as rights? for managing permissions on a particular document. In traditional DRM systems so? mentioned, the documents are treated through a cryptographic process as well as? through the alteration of the final document with respect to its original state. Therefore, at the end of the process the document is not? more usable through the software with which ? was created because in addition to being processed by encryption - and which therefore requires a cryptographic key to make the document intelligible - it is associated with a user profile which defines the access permissions (e.g. number of possible readings, date of end of validity? of the document, authorization to print, devices authorized to use the document). Furthermore, with respect to what has been said, it is also necessary to modify the extension of the document, which results in the installation of a specific application for viewing. This application? able to make the document usable by inserting a license key? deriving from the cryptographic process - and to actively manage the permissions on the document.

The main disadvantage of the aforementioned systems is that the end user must install a specific application on his terminal, requiring a technological effort that is not always appreciated by the user of digital information.

- Cloud-based systems, i.e. management systems that do not require installation on each device and which are made available in the cloud.

The main disadvantage of the above systems is that for their use a network connection is required which allows, through a remote server, the control and management of the permissions on the document to be protected, significantly limiting its use in case of absence of connection.

Further disadvantages of the solutions known to date consist in the fact that the systems known to date lack functional implementations such as, for example, anti-tampering technologies, understood as a self-destruction system of the content which is activated when an attempt is made reverse engineering, or integration with forensic watermark technologies with probative value, i.e. a digital watermark that uniquely identifies the document with its recipient. It should be noted that the activation of the anti-tampering does not destroy the watermark, which therefore remains proof of the existence of the document and of the exchange.

Purpose of the invention object of the present patent application? therefore that of solving the aforementioned disadvantages of the state of the art, in particular by implementing a management and monitoring process in protected digital documents, this process being such as not to require the installation of dedicated software on your device and of which? can also be used in conditions of absence of connection to the network.

Another purpose of the invention object of the present patent application? to create a process of management and monitoring in modality? protected that integrates the functions of Antitampering and forensic Watermak with probative value.

In particular, the management and monitoring process in modality? protected object of this patent application allows the general digital document to be equipped with technologies such as to make it protected and, if necessary, self-destruct without the aid of external infrastructures such as software installed in the device in which the document is managed or services provided by the network web.

According to the invention object of the present patent application, an author-distributor generates a document by means of a generic hardware device and the rights for using the document itself are transferred to the generated document.

In particular, the transfer of the rights for the use of the document are transferred by means of on-premises software, i.e. software installed directly on the computer which processes the documents in order to protect them.

Once the usage rights have been transferred to the created document, this can be distributed and shared with the subjects chosen by the author-distributor, as only the same will be able to access the content according to the permissions established in advance.

In particular, the recipients of the document are able to use the document within the limit established by the rights assigned to the specific individual or device, without installing any application and without needing to be connected to the network.

According to the invention object of this patent application, the generated document will contain the metadata necessary for the management of the permissions of a particular user who will be assigned the relative permissions and who will be? the only one authorized to access the generated document.

Furthermore, the document cos? processed ? able to collect data concerning the receiving party - whether it is the one authorized or not authorized to open the document - through a system called ?info gathering?. The collected data are: computername, username, domain, manufacturer motherboard/notebook, model motherboard/notebook, IP address v4, IP address v6, MAC address. These data are sent to the Web Server of the author of the document and collected from them in a database always pertaining to him. According to the invention object of the present patent application, the confidentiality of the generated digital document is therefore implemented through the material transformation of the document itself, which however will keep unchanged? extension and therefore readable by the systems already? owned by the end user. Furthermore, the management of usage rights according to the process covered by this patent application will not be then subject to the presence or absence of a network connection as the document will result? manageable independently from the connection to the web and exclusively on the basis of the assignments determined by the author-distributor at the time of transformation of the document.

The process of management and monitoring in modality? protected object of this patent application therefore includes the following phases:

- Generation of a forensic digital watermark and rights management data (DRM metadata) related to a digital document;

- Embedding of the generated watermark and DRM metadata, together with a specific software application in the original digital document;

- Implementation of a system that manages rights digital according to a specific classification level;

- Implementation of a Web Service that can? receive from the document in question, during viewing (when the document is opened), some metadata for statistical use; moreover, according to some specific qualifications of a technological and legal nature, these feedbacks could allow the tracking of the enhanced document;

- Implementation of a database for storing metadata regarding the use of enhanced digital documents, digital watermarks and the permissions and rights associated with them.

Can you? therefore to affirm that the technologies used by the process object of the present patent application - Watermark and DRM - are already? known and popular on the market. However according to the invention object of the present patent application:

- The Watermark used? been developed and implemented with particular characteristics, in fact it allows to identify the document in question in an unambiguous way, guarantees its integrity? and the non-repudiation? of the same, also at probative level; therefore the Watermark component pu? be identified from now on as a Forensic Watermark and the document can? be usable for evidentiary purposes;

- According to the process object of this patent application? You can keep track of document views and the data associated with them;

- Management of the Forensic Watermark and DRM directly integrated into the object itself, with an Information Centric approach (i.e. focused and centered on the information itself, rather than on the devices in which the information resides) guaranteeing the security of the object in a intrinsic;

- Guarantees the management of permissions on documents even in mode? off-line, i.e. even without any active internet connection;

- According to the process object of this patent application? possible to implement a monitoring of the operations on the document;

- The process object of this patent application allows the self-destruction function of the content to be enabled following an attempted tampering, safeguarding the content of the document from users who have never been enabled to view it.

BRIEF DESCRIPTION OF THE DRAWINGS

In Fig 1 ? shown the block diagram that illustrates the architecture of the process that allows the generation and insertion within a document of a series of metadata created ad hoc, suitable for the attribution to the document itself of the properties set out in the descriptive part of this document, which allow the management of rights and the protection of the data contained therein, as well as the monitoring of the operations on it, and in some cases the traceability? through Forensic Watermark.

In Fig 2 ? shown an example of interaction between, three different documents each opened from a different device, and the implemented system.

In Fig 3 ? shown the block diagram that illustrates in detail the application software module that executes our technology contained within the document, once opened by the user.

In Fig 4 ? an example of the data collected for monitoring operations on the applied document is shown. Figure 1 describes a block diagram illustrating the process, subject of the present patent application, said process (100) suitable for generating a document (112) equipped with Forensic Watermark and permissions? Digital Rights Management RDM necessary for the management of rights and permissions associated with the document itself. With reference to Fig 1, the process (100) comprises the first series of phases (101) in which

- the generation of the Forensic Watermark (102),

- the generation of the user profile (103) e

- the attribution (105) of the Forensic Watermark and of the user profile to the document.

In particular, in the phase of generating the unique Forensic Watermark (102), the forensic watermark is generated in a pseudo-random way through the use of known cryptographic techniques, to be associated with the document in order to uniquely identify the document itself.

In the phase of generation of the user profile (103) a profile is therefore created containing the permissions assigned to the user for managing the document.

The permissions generated in this second phase (103) therefore establish the operations granted to the end user and the set of permissions constitutes the user profile for a specific document.

According to the invention object of the present patent application, the phases of generation of the Watermark and of the permits, use cryptographic functions which will be memorized together with all the metadata, in a relational database (107) of the SQL type. In a first preferential but non-binding embodiment, the database (107)? accessible via the local network. In a second preferential but non-binding embodiment, the database (107)? accessible via the Internet.

Regardless of the preferred embodiments mentioned above, the database (107) can? also contain additional information relating to the end user who opens the document (112), such as, by way of example but not limited to, information relating to the device in use and its IP address.

In the attribution phase (105) of the Forensic Watermark and of the user profile to the document (112), the transfer of the metadata relating to the Watermark and the permissions to the document (112) in digital format takes place.

In particular, in this phase the transfer to the application program document (113) which will come inoculated within the document (112), In particular, the application software (113) contains all the information necessary for the run-time execution of the code previously transferred to the document (112) together with the security metadata containing the Forensic Watermark assigned to the user profile.

The application software (113) therefore allows automatic execution once the file (112) has been transferred to the device (111) of the user/end user. Figure 3 shows the operation of the application software (113) integrated within the document (112) applied.

When the document (112) is opened, the application program inserted in the document (113) allows for the verification that the user (114) has the necessary permissions to view and manage the document (112). Once the enabling by the user (114) and the device (111) used to open the document (112) has been positively verified, the content of the latter can be displayed (117) and enabled for all operations permitted by the user.

In this phase, the additional information described below is sent (118) to the Web Server (109), which will be stored in the Database (107) for any statistics and/or monitoring operations on the use of the document (112) itself .

At the end of the display of the document content (112), when the document (112) is closed by the user (114), the application software (113) further checks (119) the associated permissions and the management authorizations of the document by the user (114) and the device (111) of use. At the end of the above checks, the document (112) will come closed.

If one of the above checks fails, depending on the type of unsatisfied check, it can? a procedure of self-destruction of the content of the document can be started (112), effectively making the content inaccessible both to the user and to the author himself. In a mode? preferential realization, the interaction between the single phases (102,103,105) ? implemented by means of a graphical interface (104). In particular, by means of the graphical interface (104) manage the phases of creation of the Watermark (102), the phase of generation of the permits (103) and the phase of transfer (105) of the metadata to the document (112) so? such as managing and displaying data in the database (107).

By means of a suitable form (106) ? It is possible to maintain evidence of the operations carried out and save this information in a log file.

According to the invention object of the present patent application, a web server (109) interacts with the application software (113) present on the document (112) once the document (112) itself ? been opened on the device (111) of the end user in possession of the relative permissions.

According to the invention object of the present patent application, the permissions generated in the user profile generation phase (103) are expressed through a formal language which can be interpreted according to the known technique.

By way of example, but not limited to, the language used ? the xml markup language, which is the ideal format for exchanging information between systems, as well as being an extensible and self-descriptive language, independent of infrastructures (cloud, network) and platforms.

Regardless of the specific characteristics of the known language used, according to the invention which is the subject of this patent application, when the document (112) is opened by means of the application (113), the information is exchanged with the Web Server (109).

Cryptographic techniques were also used in this module. Therefore the creation of the cryptographic key ? essential for creating a user profile. The user profile will be associated with the permissions relating to a specific file: in particular, the setting of a user profile will allow? the assignment of privileges and limitations to the end user. These will be applied exclusively to the owner of the cryptographic key, which is presented to the end user as a license key to access the document.

According to the invention which is the subject of this patent application, the properties What about the security features? transferred in the phase of applying the watermark and user profile (105) ? they are unambiguous and related exclusively to the document (112) and can only be managed by the end user in possession of the relative permits.

In particular, the management of the permits regards the possibility? certain document-related operations including, but not limited to, copying content, modifying content, saving in different formats, printing, the devices on which the document is viewed, or the IP addresses of the devices on which the document is viewed.

Furthermore, in the user profile generation phase (103) it will be? Is it possible to determine the parameters of the document contents including, but not limited to, the validity? of the document, a maximum number of views allowed, a maximum number of prints allowed, the opening of the document by means of enabled devices, the opening of the document from devices with enabled IP addresses, the opening within a predetermined date.

If any of the above permissions are not satisfied, a self-destruction procedure of the content could be foreseen, which would effectively make it inaccessible to anyone.

With reference to Fig 2, by means of the process (101) object of the present patent application ? possible the generation of the Forensic Watermark (102), the generation of the user profile (103), the attribution of the Forensic Watermark and the user profile (105) and the application software (113) to a series of documents (112A, 112B, 112N ) said series of documents (112A, 112B, 112N) each being opened on a different device (111A, 111B, 111N) of a series of end users (114A, 114B, 114N).

By means of known technologies and communication protocols, or by means of any type of connection enabled by the device (111A,111B,111N) of the end user (114A, 114B, 114N) ? interaction between the document (112A, 112B, 112N) and the web server (109) is possible.

Figure 4 describes the sending and collection of information relating to the user (114), the document (112) and the device (111) used to open the document itself. Specifically, after the opening of the document (112A) and the subsequent authentication in a correct manner by the user (114A), according to the invention object of the present patent application, the document (112A) is opened in the protected, having set all the protection parameters contained in the xml representing the digital permissions.

At this point the application software (113A), running inside the document (112A) allows sending to the Web Server (109) additional information on the user (114A) and on the device (111A) used for the? opening of the document (112A).

The Web Server (109) then receives the information and manages and memorizes it in the Database (107) according to the known technique, including visualization through the graphical interface (104).

Claims (8)

1) Process of management and monitoring of digital documents in modality? protected capable of generating at least one digital document (112) equipped with a forensic watermark and related DRM permissions necessary for the management of the rights and permissions associated with the document (112), said process (100) characterized by the fact that it includes the operations of: - generation of a forensic watermark (102), - generation of a user profile (103), - attribution (105) of the forensic watermark and user profile (103) to the digital document (112), - transferring to the digital document (112) the information of a software application (113), - sending the digital document (112) to the device (111) of an end user (114), - verification of the end user?s authorizations (114) when opening the digital document (112) by means of the software application (113). 2) Process according to claim 1 characterized by the fact that in case of positive verification of the authorizations to open the digital document (112), the final user (114) displays the content of the digital document (112). 3) Process according to claim 1 characterized by the fact that in case of negative verification of the authorizations to open the digital document (112), the digital document (112) is destroyed and made inaccessible by means of the software application (113). 4) Process according to claims 1,2 characterized by the fact that the positive verification of the authorizations to open the digital document (112) by the end user (114) enables the end user (114) to carry out the permitted operations and in general user profile generation (103). 5) Process as per claims 1,2,4 characterized by the fact that when the document (112) is closed by the user (114), a further check (119) of the permissions and authorizations for managing the document takes place (112) by means of the application software (113). 6) Process according to claims 1,2,4,5 characterized by the fact that the information relating to the device (111) of the end user (114), the information relating to the end user (114) and the relative permits and qualifications are transferred to a web server (109) by means of the application software (113). 7) Process according to claims 1,2,4,5,6 characterized by the fact that the information relating to the end user (114) and the relative permits and qualifications are transferred from a web server (109) to a database (107) . 8) Process according to the previous claims characterized by the fact that the generation of a forensic watermark (102), the generation of a user profile (103), the attribution (105) of the forensic watermark and the user profile (103) to the digital document (112), the transfer to the digital document (112) of the information of a software application (113), the sending of the digital document (112) to the device (111) of an end user (114), the outcome of the verification of the end user?s authorizations (114) when opening the digital document (112) by means of the software application (113) and the management of the database (107) takes place by means of a graphical interface (104).