KR20030084798A - Document security system - Google Patents

Abstract

PURPOSE: A document security system is provided to perfectly evade a risk for the document outflow by an insider, to minimize the network management, and to protect the intellectual property of a company through the safe management of an original document file. CONSTITUTION: A user computer(200) has a document security agent(210) generating a user ID key. A document security server(100) is connected to the user computer(200) and a document database storing the document file, registers the user ID key transmitted from the user computer(100), and downloads the document file to the user computer(100) by encrypting the document file through the registered user ID key. The user ID key is generated by using the information extracted from the hardware information of the user computer(100).

Description

Document security system {DOCUMENT SECURITY SYSTEM}

The present invention relates to a document security system that limits the reading, storage, copying and output of documents by setting the authority for each user in order to prevent unauthorized leakage of document information in the enterprise, etc., compared to the existing document security system The present invention relates to a document security system that improves security and stability, and also improves user convenience.

Recently, many companies, government offices, schools, financial institutions, advanced technology research institutes use internal knowledge management (KMS) or electronic document management systems (EDMS) to access internal documents. It manages and shares information to improve work efficiency.

However, electronic document materials are attached in an atypical format and stored in a database, and users are distributing them illegally in addition to using them as information sharing to increase work efficiency. Some of the materials shared by the knowledge management system are documentable materials that can be shared in general, but the internal and external sources of research institutes and major departments can cause catastrophic losses to the company in case of insider carelessness or intentional leakage.

As a conventional document security system for preventing the leakage of such documents, a user downloads from an administrator using an encryption algorithm for an original document stored in a knowledge management system or an electronic document management system (hereinafter referred to as a document management system). There is a document security system that can restrict reading, saving, copying and printing according to user control policy (Access Control Logic) at the point of receiving.

According to such document security system, it is possible to fundamentally prevent illegal use among users, preventing external distribution, and preventing the use of information when leaking data through CD copy. Therefore, it prevents illegal activities such as selling confidential technology such as source codes of IT companies, business plans, drawings, account books, strategic plans, and research papers to floppy disks, CDs, emails, etc. and selling them to competitors. .

Such a conventional document security system is designed based on a digital rights management (DRM) technology. DRM is a system technology that securely delivers various contents in a network from a content provider (CP) to a client and prevents the customer from illegally distributing contents.

The most important technology in the DRM system is encryption technology, which encrypts the content or document using information unique to the customer as an encryption key so that it cannot be decrypted even if it is copied and transferred to a third party. Of course, DRM requires additional technologies such as content usage rule control technology and billing technology.

Briefly describing the above-described conventional document security system, a document security system is composed of a document security server and a server-client structure of each client computer. The document security server is composed of several service modules, and includes, for example, a key module for registering and managing a user's key, a document encryption and distribution module for encrypting and distributing documents.

To briefly describe a process performed in a conventional document security system, a user first registers user unique information and user key information in a document security server, which is stored in a user DB connected to a document security server. The user selects and requests a document file to be downloaded to the document management system using a client program. The document security server communicates with the document management system to set information on the requested document file, user information and the corresponding authority, and encrypts only the document file requester's PC using the registered key information of the user. The document file is generated, and the generated document file is transmitted to the user through the document management system. The user uses the document under conditions limited by the set document permission. The document file transmitted from the system to the user's computer is an encrypted file format changed to a new extension different from the original extension, and the document can be viewed and used through the document security agent program installed in the user's computer.

The present invention relates to an improvement of the conventional document security system as described above, and the present invention provides a document security system that improves the security and stability, and also improves the user's convenience compared to the conventional document security system For the purpose of

The novel and distinctive features of the present invention and the novel and progressive effects thereby will be described in detail in the specification below.

1 is a block diagram showing the overall configuration of a document security system according to the present invention.

2 is a flowchart illustrating a process performed at a client side of a document security system according to the present invention.

3 is a flowchart illustrating a process performed in connection with a key module of a document security system according to the present invention.

4 is a flowchart illustrating a process performed in connection with a packager module of a document security system according to the present invention.

5 illustrates a document file format according to the present invention.

6 is a flowchart illustrating a process performed in connection with an event module of a document security system according to the present invention.

7 is a flowchart illustrating a process performed in association with a time synchronization module of a document security system according to the present invention.

Explanation of symbols on the main parts of the drawings

100: document security server 110: time synchronization module

120: event module 130: key module

140: Packager module 150: Metabase

160: management tool 170: event DB

180: user DB190: license key

192: Document file 194: License file

200: client computer 210: document security agent

220: web browser 230: document security web control unit

240: application 250: document security module

260: environment file 270: DRM file

600: Signature 610: variable length header

620: file body

According to an aspect of the invention, the present invention provides a document security system, comprising: a user computer having a document security agent for generating a user unique key; And a user database connected to the document database in which the user computer and the document file are stored, register a user unique key transmitted from the user computer, and use the registered user unique key in response to a request for downloading the document file from the user computer. And a document security server for encrypting the requested document file and downloading it to the user computer, wherein the user unique key is generated using information extracted from hardware information of the user computer.

Preferably, the module for extracting the user unique key is embedded in the document security agent.

Also preferably, the user unique key is transmitted from the user computer to the document security server in encrypted form.

Also preferably, the user's unique key is encrypted by a Blowfish encryption algorithm.

Also preferably, prior to registration of the user unique key in the document security server, it is checked whether the number of user registrations can be exceeded through a license key installed in the document security server.

Also preferably, the license key is inserted into a USB key connected to the USB port of the document security server.

Also preferably, after the user's unique key is registered, a Config File including company code information of a company related to the document security server is transferred from the document security server to the user computer and stored.

According to another aspect of the present invention, the present invention provides a document security system, comprising: a user computer having a document security agent for generating a user unique key; And a user database connected to the document database in which the user computer and the document file are stored, register a user unique key transmitted from the user computer, and use the registered user unique key in response to a request for downloading the document file from the user computer. A document security server that encrypts the requested document file and downloads the document file to the user computer, wherein the encrypted document file includes a variable length header including authority setting information for controlling authority of the document of the user; It provides a document security system.

Preferably, the right to the document includes at least one of a viewing right, an editing right, a storage right, an output right, and an expiration date related right.

Also preferably, the variable length header includes a dummy field having an arbitrary size.

Also preferably, the encrypted document file comprises a signature indicating that the document file is an encrypted file.

Also preferably, the signature is not encrypted.

Also preferably, the document file is encrypted by dividing it into blocks of 4 kilobytes (Kbytes).

Also preferably, the document file stored in the document database is encrypted and stored.

Also preferably, the document file is encrypted using the user's unique key and a watermark including copyright information is inserted into the document file.

Also preferably, while encrypting the document file using the user unique key, a fingerprint including information about a legitimate user is inserted into the document file.

Also preferably, the document security server checks through the license file whether the requested document file is a document file having an extension supported by the system before encrypting the document file.

According to another aspect of the invention, the present invention provides a document security system, comprising: a user computer having a document security agent for generating a user unique key; And a user database connected to the document database in which the user computer and the document file are stored, register a user unique key transmitted from the user computer, and use the registered user unique key in response to a request for downloading the document file from the user computer. And a document security server for encrypting the requested document file and downloading the document file to the user computer, wherein the document security agent of the user computer provides information on the user's behavior of the downloaded document to the document security server. And a user's behavior information about the document transmitted to the event module is stored in an event database connected to the document security server.

Preferably, the user's actions on the document include one or more of a viewing, storing, editing and outputting of the document.

Also, preferably, when a network connection for transmitting the user's behavior information to the document security server fails, the user's behavior information is stored in a temporary database of the user's computer.

Also preferably, the user's behavior information for the document is stored in binary form in the event database.

According to another aspect of the invention, the present invention provides a document security system, comprising: a user computer having a document security agent for generating a user unique key; And a user database connected to the document database in which the user computer and the document file are stored, register a user unique key transmitted from the user computer, and use the registered user unique key in response to a request for downloading the document file from the user computer. A document security server that encrypts the requested document file and downloads it to the user computer, wherein the encrypted document file includes expiration date information about the use of the document file, and the user computer reads the document file. Access the time synchronization module included in the document security server to receive the current time information of the document security server, and compare the expiration date information with the current time information of the received document security server to use the document file. Provides a document security system for determining whether or not.

Preferably, the user computer further determines whether the document file is available by comparing the current time information of the environment file stored in the user computer with the expiration date information when the document file is read.

Also preferably, the document security agent periodically accesses the document security server to update current time information of the environment file.

In the present invention, it is preferable that the document security server and the user computer communicate with each other by HTTP protocol.

In addition, the extension of the document file encrypted by the document security server and downloaded to the user computer is preferably the same as the extension of the original document file.

In addition, the document security server includes a metabase that maintains, in memory, the configuration information referred to in performing the function of the document security server, and by an operation in which a management tool connected to the metabase writes to the metabase. The environment setting information is preferably modified.

Further, in the user computer, the user can view a plurality of encrypted documents in one program.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings.

1 is a block diagram showing the overall configuration of a document security system according to the present invention.

The document security system according to the present invention comprises a document security server 100 and a client computer 200. The document security server 100 is connected to a knowledge management system or an electronic document management system (not shown) for storing documents such as a company, the client computer 200 is a personal PC of each user to download the document file, The document security server 100 and the client computer 200 communicate in an HTTP manner.

In the conventional document security system, a TCP / IP method was used as a communication method between a server and a client. In this regard, most companies use a firewall to secure the network. In this network, when a server and a client of a document security system communicate using TCP / IP, management inconvenience and port opening are required. There was a problem of security vulnerability. According to the present invention, the document security server 100 and the client computer 200 communicate with each other by the HTTP method, which is a general web protocol, to reduce the burden of the administrator without being restricted by the firewall, and also to secure a problem when opening a specific port. It also has the effect of preventing the fragility of the tops.

The document security server 100 includes a service module of a time synchronization module 110, an event module 120, a key module 130, and a packager module 140, and also includes a metabase 150 that maintains configuration information on a memory. ) Document security server 100 according to the present invention is connected to the event module 120, the event DB for storing the user's document actions 170 and the user DB 180 for storing the unique information and hardware key information of the user It also includes. Detailed functions and features of these components will be described later with reference to FIGS. 2 to 7.

The client computer 200 includes a document security agent 210, a document security web control unit 230 installed in the web browser 220, and a document security module 250 installed in an application program.

Hereinafter, each detailed component and novel feature of the document security system according to the present invention will be described in detail by item.

1. Client

Since the document files downloaded from the document security server 100 to the client computer 200 are all encrypted, the client computer 200 decrypts the document downloaded from the document security server 100 and shows it to the user. The authority controls the behavior of reading, editing, saving, copying, and printing documents.

Hereinafter, a process performed at the client side will be described with reference to FIG. 2. 2 is a flowchart illustrating a process performed at a client side of a document security system according to the present invention.

Referring to FIG. 2, first, a user attempts to open a document file by double-clicking a mouse on a window explorer or executing a corresponding application to open a document downloaded from the document security server 200 (S300).

Next, it is determined whether the document file to be opened by the user with reference to the environment file is a file type supported by the document security system (S310). The environment file is downloaded and stored from the document security server 100 to the client computer 200 during the key registration process of the user, which will be described in detail later.

If the document file to be opened by the user is not a file type supported by the document security system or an unencrypted file, an error message is output (S350). If the document file type is supported by the document security system, the process proceeds to step S320.

Next, the client computer 200 uses the document security agent 210 and also communicates with the time synchronization module 110 of the document security server 100 to check whether the period of use of the document has expired (S320). . A check process of whether the expiration date of the document associated with the time synchronization module 110 will be described later with reference to FIG. 7.

If the document usage period has expired, an error message is output (S350), and if it is determined that the usage period remains, the process proceeds to step S330.

Using the client computer hardware key extracted from the client computer 200 as the decryption key, the document security server 100 decrypts the encrypted document (S330). This key is generated as a hardware key of the client computer in the process of registering the user unique key with the document security server 100, and is transmitted to the document security server 100, and the document security server 100 is connected to the client computer 200. This is because the document file is encrypted using this user's unique key when downloading the document. The use of a user hardware key as a user unique key will be described later with reference to FIGS. 3 and 4.

The user can read the decrypted document (S340) and use the document according to the authority set in the document security server 100. For example, if you do not have editing rights, the user cannot edit the downloaded document (keyboard input, mouse click, copy, paste, cut, etc.). Can not. In addition, if there is no storage right, the user cannot save the downloaded document or save it under another name. If the storage right is provided, the modified content is stored including the modified contents. With respect to the client-side interface associated with each of these permission settings, in the absence of each permission, for example, the corresponding menu of the application can be made inactive.

On the other hand, the present invention has a configuration in which the encrypted document file uses the extension (for example, .doc) of the original document as it is. As described above, in the conventional document security system, the encrypted document files transmitted to the user's computer are all in the format whose extension is changed regardless of the format of the original document (for example, if the original document file is in the form of .doc), the encrypted document is encrypted. The file is modified in the form of .acap-the extension that you change is up to you.) There was a problem with the user not knowing what type of document was actually encrypted. The present invention has the effect of allowing the user to easily know what type of file the original document of the encrypted document is by using the extension of the original document file as it is. In the present invention, distinguishing encrypted documents can be distinguished from non-encrypted documents, for example, by adding a lock picture to the file icon visually in the encrypted document.

In addition, in reading a document on the client side in the security system of the present invention, the present invention supports an MDI (Multiple-Document Interface) environment.

In a conventional document security system, when a user reads an encrypted document, only one document can be viewed by one program. Accordingly, when a user wants to read a new document, there is an inconvenience of newly executing the program. That is, the program had to be executed as many as the number of documents to be viewed. However, in the present invention, when a user browses a plurality of documents, in the case of the same type of document, an encrypted document and a non-encrypted document can be used simultaneously in one program, and a plurality of non-encrypted documents can be used simultaneously. In the case of the encrypted document, the menu and the toolbar of the application are controlled according to the authority set in the document as described above.

On the other hand, the conventional document security system controlled only the "Print Scree" key of the keyboard in connection with the limitation of the screen capture, and thus could not control the utility that professionally performs the screen capture.

In the present invention, in order to prevent screen capture, the screen capture utility controls the screen capture at the Windows O / S level. Accordingly, even if the screen capture utility is used, the storing of the document as an image may be limited.

2. Key Module

Next, a process performed in relation to the key module 130 of the document security system will be described with reference to FIG. 3. 3 is a flowchart illustrating a process performed in connection with a key module of a document security system according to the present invention, and particularly relates to a process in which a user registers his or her user key with the document security server 100.

Referring to Figure 3, first, the user accesses the document security system (S400). Next, the client computer extracts a hardware key unique to the user's PC (S410). The user hardware key extracted here is used as an encryption key of the document file in the document security server 100 and used as a decryption key for decrypting the document after the user downloads the document.

In order to encrypt a document so that the document can be viewed only on a specific user's PC, a key that is dependent on the user's hardware is required. Therefore, the user's unique key as a decryption key of the document is extracted from the hardware information of the user's PC. This user hardware key is a string value unique to the user, which in the preferred embodiment of the present invention has a length of 16 bytes.

In extracting the user hardware key, the UUID module installed in the client computer 200 extracts the manufacturer, model name, production serial number, etc. of the H / W (HDD, USB, etc.), which is changed to a specific 16-byte value so that the hardware The key is generated.

In the conventional document security system, such a user hardware key is registered in a specific place of a client computer, for example, a registry, so that users can copy or convert the same. In the present invention, by allowing the document security agent 210 to embed a module for extracting such a user hardware key, the user key is transmitted to the document security server 100 only once upon registration of the key and managed. Therefore, a user cannot copy his key to another person and make it illegal to use, and also has the effect of preventing any modification to the user hardware key.

Next, the generated hardware key is bound to the user information and bound into a packet, and the packet including the hardware key is received from the client computer 200 through the HTTP communication protocol through the key module of the document security server 100 ( 130 is transmitted to (S420).

In the transmission of the hardware key from the client computer 200 to the document security server 100, the packet is encrypted and transmitted by, for example, a Blowfish encryption algorithm. By encrypting and transmitting the packet including the hardware key as described above, the risk of hacking can be prevented by protecting the transmission of the key from sniffing attempts that may be in the process of transmitting the key.

The key module 130 of the document security server 100 decrypts the received packet and checks whether there is an abnormality, and also checks a license through the USB license key 190 attached to the document security server 100. The license key 190 is a key that stores license information about a user, such as a user's registerable number, and a detailed description thereof will be described later.

Next, the user hardware key is registered and stored in the user DB 180 connected with the key module 130 (S440), and the document security server 100 transmits the processing result to the client computer to extract and register the user hardware key. The process ends.

3. Packager Module

The packager module 140 of the document security server 100 performs a function of encrypting the requested document file and transmitting it to the client.

4 is a flowchart illustrating a process performed in connection with a packager module (ie, document encryption and distribution module) of the document security system according to the present invention.

Referring to FIG. 4, first, a user accesses a document security system and requests a download of a specific document file (S500). The packager module 140 searches for a user DB to obtain information of a user who requested to download a document file ( S510).

The Microsoft Internet Information Server (IIS) in the document security server 100 of the present invention supports an Active Server Pages (ASP) component. In the document security system of the present invention, a user permission setting and a download request of a document file are performed by the ASP component. It is written as

Next, the rule manager (not shown) sets a parameter for downloading the document file by combining the document information and the authority information for the specific user (S520). For the set parameters, primary encryption is performed by the AES encryption algorithm, and secondary encryption is performed by the BASE 64 encryption algorithm. The encrypted parameters are received by the ASP component of the packager module 140, and the received encrypted parameters are first decrypted with BASE 64 and second decrypted with AES. Next, the packager module 140 checks whether the system is a document file having a supported extension by referring to the license file 194 (S530). Detailed descriptions related to the license file 194 will be described later.

The parameter decoded by the packager module 140 includes a user ID of the requesting user, and the packager module 140 stores the hardware key of the downloaded request user in the key registration process from the user DB 180 with reference to the user ID. Extract (S540).

Next, the download requested document file is encrypted through the user hardware key (S550), and the encrypted document is transmitted from the document security server 100 to the client computer 200 (S560).

Hereinafter, a detailed encryption process and file format will be described in detail.

The format of an encrypted document file according to the present invention will be described with reference to FIG. 5 illustrates a document file format according to the present invention.

Referring to FIG. 5, an encrypted document file according to the present invention includes a signature 600, a variable length header 610, and a file body 620.

Signature (Signature: 600) is information having a size of about 8 to 10 bytes with basic information indicating that the document file is an encrypted file (ie, DRM file: 270) used in the document security system. ) Part is not encrypted.

In the present invention, the client side determines whether the file is encrypted through the unencrypted signature 600 portion, and then decrypts the header portion. In the conventional security system, since the signature part does not exist as in the present invention and includes only a fixed length encrypted header having a size of 128 bytes, the header part must be decrypted when the file is opened, which increases time delay and system load. There was a problem. According to the file structure including the signature at the front of the header as in the present invention, the file opening time is reduced and the system load is reduced.

The variable length header 610 is largely composed of an entry point and a plurality of structures.

The entry point includes a header size field indicating the length of the header, a structure number field indicating the number of unit structures, and the like. The header size field is very important in a structure in which the header has a variable length.

Each structure is a block representing one meaningful DRM information. The plurality of structures included in the header 610 according to the present invention include a content information structure including a company code and an encryption time of a document, and a corresponding file. Authentication information structure including information related to the authentication, key information structure including information related to the encryption key of the file, and rule information including the user's authority to the file, that is, edit, save, output, expiration date information, etc. Structures.

In the present invention, since the header has a variable length as described above, the length of the file varies according to each document, and accordingly, the file has a more secure file structure and thus is not easily cracked.

In the conventional document security system, as described above, when a new function is added or a request from a company arises due to having a fixed length header of 128 bytes, it is difficult to accommodate it. However, in the present invention, with a variable length header 610 including a dummy field having an arbitrary size, new functions and new demands of customers can be added at any time, and even if a product is upgraded, The effect is that you can continue to use the file structure of the.

Meanwhile, the variable length header 610 portion of the present invention is encrypted using a key included in the license file 194, and a detailed description related to the license file 194 will be described later.

The file body 620 of the document file of the present invention is encrypted using the user unique key included in the header 610. According to a preferred embodiment of the present invention, a Ridendal encryption algorithm is used to encrypt a document file body, and the document file is divided into 4 Kbyte blocks. In the conventional document security system, there is a problem that the system load is increased by adopting a method of encrypting the entire data at once. In the present invention, by encrypting the document file in units of 4 KBytes, the time is reduced and the system load is increased even when encrypting and decrypting a large file, and there is an advantage that encryption is possible even in a low-spec PC.

If the file size to be encrypted is less than 128 bytes, the encryption algorithm is different from the Lindal encryption algorithm because the minimum unit of the Lindal encryption algorithm is 128 bytes. As such, the encryption algorithm is flexibly selected and used according to the file size, thereby improving the encryption performance and reducing the size of the encrypted file size.

Meanwhile, in the present invention, document files stored in the document DB of the document management system, that is, document files not yet encrypted with the user hardware key are also encrypted and stored. In this way, even if a hack comes directly from an external document management system, security of the document file is possible.

In addition, according to the present invention, the document file distributed to the user is encrypted with the user's unique key, which is dependent on the user's hardware, and when the document file is leaked, a watermark for checking information on the copyright holder and the legitimate user is provided. And a fingerprint may be inserted.

Watermarking technology is a technology that has begun to be developed for copyright protection of content, and is a technology that can be used for copyright verification when a copyright dispute occurs in the future by concealing information about the copyright holder. Watermarking technology can be divided into visible watermarking technology that can be identified with the naked eye and invisible watermarking technology that cannot be identified with the naked eye.

Fingerprinting technology inserts not only the copyright holder's information but also the user's information such as the distributor, redistributor, end consumer, etc. in order to identify the legitimate user of the content. If a user arbitrarily delivers content to a third party without permission, it is considered illegal distribution and identifies the illegal distributor based on the detected fingerprint information. That is, by applying the fingerprinting technology, it is possible to follow up who has illegally distributed the contents and hold the responsibility.

That is, the fingerprinting technique can output information about the user together in any part of the output document so that it can be used to track the leaker when an internal document is leaked in the future. The easiest way to do this is to visually print the printout time and the printout information at the bottom of the printout document, giving the user an awareness of the leak. However, since this visible information is very likely to be removed by the user, the present invention provides a function that is not visible to the user but is utilized for tracking by hiding the information inside the document.

4. Event module

The user performs a series of actions on the document downloaded from the packager module 140. Such an action may include opening, editing, storing, and outputting a document, and as described above, there may be a restriction on the action according to the authority set and encrypted in the document security server 100.

The event module 120 of the document security server 100 receives the user's actions from the client computer 200 and performs a function of storing them.

Hereinafter, a process performed in relation to the event module 120 will be described with reference to FIG. 6. 6 is a flowchart illustrating a process performed in connection with an event module of a document security system according to the present invention.

Referring to FIG. 6, first, a user performs a predetermined action (opening, editing, storing, outputting, etc.) of an encrypted and distributed document, that is, a DRM document 270 (S700). The predetermined action on the document of the user is known as the document security agent 210 (S710), and the document security agent 210 transmits the predetermined action on the document of the user to the event module (the document security server 100). In step S720, a network connection is attempted to report a message.

The network between the document security server 100 and the client computer 200 is not always active. If the network is activated and the network connection is successful, the event module 120 stores the user's behavior information transmitted from the document security agent 210 in the event DB 170 (S750).

If the network connection fails because the network is not activated, the user's behavior information is stored in the client computer 200 by creating a temporary DB (Temp DB) (S730). The document security agent 210 attempts to access the network again later, retransmits user behavior information stored in the temporary DB to the event module 120 (S740), and the retransmitted user behavior information is stored in the event DB 170 (S750). ).

Meanwhile, in the present invention, the behavior information of the user is stored in the event DB 170 in a binary form. If the user's behavior is saved as a simple text file, it is a simple text editor program that anyone can easily open and can be vulnerable to security. In the present invention, by storing the user's behavior information in a binary form in the event DB 170, the information can be viewed only through a specific dedicated utility, thereby enhancing security.

5. Time Synchronization Module

Depending on the nature of the document, it may be useful to set the rights associated with the available expiration date of the document. To this end, the authority information included in the header of the encrypted document may include expiration date information related to when the document can be viewed. However, there is a problem that a user can illegally use an expired document by deliberately changing the time of his PC to the past, that is, before the expiration date. In order to prevent this, time synchronization must be performed between the client computer 200 and the document security server 100, and the time of the document security server 100 should have priority over the time of the client computer 200. The time synchronization module 110 of the document security server 100 is a component that performs functions related to the use of the expiration date information as time information and the time synchronization.

Hereinafter, a process performed in relation to the time synchronization module 110 will be described with reference to FIG. 7. 7 is a flowchart illustrating a process performed in association with a time synchronization module of a document security system according to the present invention.

Referring to FIG. 7, first, a user attempts to open an encrypted document file (S800), and at the same time, the current time of the client computer 200 is obtained (S810). Expiry date information included in the variable-length header portion of the encrypted and distributed document file is extracted, and the extracted expiration date information is compared with the current time of the client computer 200 (S820).

If the expiration date is in the past than the current time of the client computer 200, the document is closed and the user cannot use the document (S880). Otherwise, the client computer 200 connects to the time synchronization module 110 of the document security server 100 and receives the current time of the document security server 100 (S830).

The current time of the received document security server 100 is compared with the expiration date information, and if the expiration date is past than the current time of the document security server 100, the document is closed and the user cannot use the document (S880). If not, the current time stored in the environment file 260 in the client computer is obtained (S850).

In this regard, the document security agent 210 periodically connects with the document security server 100 and the network to update the current time information of the environment file 260 with the current time information of the time synchronization module 110. That is, if the time information of the document security server 100 is more recent than the time information defined in the environment file, the current time information of the environment file is updated, thereby time between the document security server 100 and the client computer 200. Synchronization may be accomplished.

Referring to FIG. 7 again, if the expiration date is older than the current time of the environment file, the document is closed and the user cannot use the document (S880). Otherwise, the user can browse and use the document (S870).

6. License Management

The document security system of the present invention provides license management for a document security server program. The Doucument Safer License (DSL) of the present invention is issued when a purchaser of a document security system such as a company decides to purchase and purchases a product.

The document security license according to the present invention includes a user access license (UAL) which is a license for the number of users to use and a user software license (USL) which is a license for supporting user software (file extension). It consists of a combination. The provision of management of these document security licenses provides flexibility in responding to the needs of customers such as enterprises, and the appropriate license option is selected according to the function of the document security system selected by the company.

Issuance of a license is defined by license file 194 and license H / W key 190. That is, when the license issuance process is completed, a license file is created on the document security server administrator computer, and license information is inserted into a USB key connected to the USB port.

First, the license file 194 defines the type (extension) of a file to which DRM is applied, i.e., document security encryption, in the document management system of the purchasing company.

In this regard, as described above with reference to FIG. 4, when the packager module 140 of the document security server 100 performs an encryption process of a document in response to a user's request for downloading a document, the packager module 140 generates a document. Prior to encryption of the license file, the license file 194 is checked to determine whether or not the requested document file is a document file having a supported extension, and the system defined in the license file 194 is supported. If the file is not an extension file, the document file is not encrypted.

On the other hand, the environment file is generated from the document security server 100 and transmitted to the client computer 200 at the time when each client computer 200 in the present invention registers the user hardware key. As such, the environment file downloaded to the client computer 200 includes file extension license information defined in the license file. Accordingly, as described above with reference to FIG. 2, when a user attempts to open a document file at the client computer 200 end, an environment file 260 including such license information is referred to, and the system supports it. If the file is not an extension file, an error message is displayed and the document cannot be opened.

Next, the license H / W key is provided to the buyer such as an enterprise together with the license file and manages the number of end users of the document security system to which the DRM is applied in the buyer's document management system (EDMS, KMS, ..). .

In this regard, as described above with reference to FIG. 3, in the process of storing the user hardware key to the user DB 180 through the key module 130 of the document security server 100, the key is stored in the user DB 180. In the pre-storage step, the number of times a user can be registered is checked through the USB license H / W key 190, and when the number of end users is exceeded, key registration is not possible.

7. Environment file

The configuration file (Config File) includes information such as a company code, and is created when a program is installed in the document security server 100 and is stored in a specific location of the server 100. The file name of the environment file has the extension .cfg in the company code of the company. On the other hand, when the user finishes registering the user's unique key in the document security server 100, the environment file is distributed to the client computer 200 and stored.

In the conventional document security system, since only one information about the document security server that can communicate with the client computer is maintained, the user cannot download the document from other workplaces when the user needs to travel to several workplaces.

According to the present invention, the user can download and use an environment file including company code information when registering a key, and the user can additionally download an environment file of the document security server even if he or she goes to another business site and refer to the previous environment file. It is possible to use it.

In addition to the company code information, the environment file includes information on the time synchronization module, information on the event module, and support file extension information included in the license file. Accordingly, the environment file includes a time update of the client computer and an event module. It can be used to transmit user behavior information to a network, and to restrict viewing of a document on a client computer.

8. Metabase

The document security server 100 of the document security system is composed of various function modules 110, 120, 130, and 140, and there are specially defined values to refer to in performing the functions of each of these modules. This value is called an environment variable, and the environment variable may be changed during the operation of the document security server 100.

In the conventional document security system, these environment variables are stored in the Windows Registry when the server program is initially started. Therefore, if the environment setting is changed, the server process is not applied until the server program is stopped and restarted. There was a problem to stop.

In the present invention, in order to solve such a problem, the document security server 100 comprises a metabase (Metabase: 150), which is a database of environment setting information referred to in operating one or multiple processes as one information storage system. It was.

The configuration and operation of the metabase 150 is performed as follows. First, create shared memory and create a database in that shared memory with a specific structure. The metabase 150 is written using the management tool 160 to modify the value of the environment variable, and the server process performed in each function module refers to the environment variable value located in the metabase 150.

In the present invention, by introducing and referring to the metabase 150 holding the configuration information on the memory as described above, even if the configuration is changed, the configuration information is updated in real time without stopping the server process.

While the invention has been particularly shown and described with reference to the above embodiments, it has been used merely for the purpose of illustration and those of ordinary skill in the art to which the invention pertains may have as defined in the appended claims. It should be understood that various modifications may be made without departing from the spirit and scope.

As described above, according to the present invention, there is an effect of providing a document security system that improves security and stability more than the conventional document security system, and also improves user convenience.

Specifically, companies can completely avoid the risk of document leakage by insiders, and from the point of view of the administrator who operates the system, minimizing the management of the network, protecting the intellectual property of the company through the safe management of the original document file, and operating the system. You can expect the effect of nonstop.

Also, from the end user's point of view, the existing document program can be used as it is without any heterogeneity, and there is no effect of feeling inconvenience caused by the system introduction. That is, they are protected by the document security system without being disturbed at all in the existing work, that is, not even aware of using the document protection system.

Claims (28)

In document security systems, A user computer having a document security agent generating a user unique key; And The user computer and the document file are connected to a stored document database, register a user unique key transmitted from the user computer, and use the registered user unique key in response to a download request of the document file from the user computer. A document security server that encrypts the requested document file and downloads it to the user computer; And the user unique key is generated using information extracted from hardware information of the user computer. The method of claim 1, And a module for extracting the user unique key is embedded in the document security agent. The method of claim 1, And the user unique key is encrypted from the user computer to the document security server in encrypted form. The method of claim 3, wherein The encryption of the user unique key is a document security system, characterized in that by the Blowfish (Blowfish) encryption algorithm. The method of claim 1, Prior to the registration of the user unique key in the document security server, a document security system characterized in that it is checked whether or not the number of times the user can register through the license key mounted on the document security server. The method of claim 5, And the license key is inserted into a USB key connected to a USB port of the document security server. The method of claim 1, After the user's unique key is registered, a Config File including company code information of a company related to the document security server is transferred and stored from the document security server to the user computer. system. In document security systems, A user computer having a document security agent generating a user unique key; And The user computer and the document file are connected to a stored document database, register a user unique key transmitted from the user computer, and use the registered user unique key in response to a download request of the document file from the user computer. A document security server that encrypts the requested document file and downloads it to the user computer; And the encrypted document file comprises a variable length header including authority setting information for controlling the authority of the document of the user. The method of claim 8, And a right to the document includes at least one of a viewing right, an editing right, a storage right, an output right, and an expiration date related right. The method of claim 8, The variable length header includes a dummy field having a random size. The method of claim 8, The encrypted document file comprises a signature (Signature) indicating that the document file is an encrypted file. The method of claim 11, And the signature is not encrypted. The method of claim 8, And encrypting the document file is divided into blocks of 4 kilobytes (Kbytes). The method of claim 8, And a document file stored in the document database is encrypted and stored. The method of claim 8, And encrypting the document file using the user's unique key and inserting a watermark including information of the copyright holder into the document file. The method of claim 8, And encrypting the document file using the user unique key and inserting a fingerprint including information about a legitimate user in the document file. The method of claim 8, The document security server checks whether the requested document file is a document file having an extension supported by a system through a license file before encrypting the document file. In document security systems, A user computer having a document security agent generating a user unique key; And The user computer and the document file are connected to a stored document database, register a user unique key transmitted from the user computer, and use the registered user unique key in response to a download request of the document file from the user computer. A document security server that encrypts the requested document file and downloads it to the user computer; The document security agent of the user computer transmits information on the user's action on the downloaded document to an event module included in the document security server, and the user's action information on the document transmitted to the event module is Document security system, characterized in that stored in the event database connected to the document security server. The method of claim 18, A user's actions on the document may include at least one of a viewing activity, a storing action, an editing action, and an outputting action of the document. The method of claim 18, And when the network connection for transmitting the user's behavior information to the document security server fails, the user's behavior information is stored in a temporary database of the user computer. The method of claim 18, The user's behavior information for the document is stored in the event database in a binary form. In document security systems, A user computer having a document security agent generating a user unique key; And The user computer and the document file are connected to a stored document database, register a user unique key transmitted from the user computer, and use the registered user unique key in response to a download request of the document file from the user computer. A document security server that encrypts the requested document file and downloads it to the user computer; The encrypted document file includes expiration date information on the use of the document file, and the user computer accesses a time synchronization module included in the document security server at the time of reading the document file to access the current time of the document security server. And after receiving the information, comparing the expiration date information with the current time information of the received document security server to determine whether the document file can be used. The method of claim 22, And the user computer further determines whether to use the document file by comparing the current time information of the environment file stored in the user computer and the expiration date information when the document file is read. The method of claim 23, The document security agent periodically updates the current time information of the environment file by accessing the document security server. The method according to any one of claims 1 to 24, And the document security server and the user computer communicate with each other by HTTP protocol. The method according to any one of claims 1 to 24, And an extension of the document file encrypted by the document security server and downloaded to the user computer is the same as that of the original document file. The method according to any one of claims 1 to 24, The document security server includes a metabase that maintains, in memory, configuration information referred to in performing a function of the document security server. And the configuration information is modified by an operation of writing a management tool connected to the metabase to the metabase. The method according to any one of claims 1 to 24, In the user computer, a user can view a plurality of encrypted documents in one program.