RU2758668C1 - Method and system for protection of digital information displayed on the screen of electronic devices - Google Patents

Abstract

FIELD: data protection.SUBSTANCE: invention relates to digital data protection, in particular confidential and sensitive information displayed on the screen of an electronic device, through the introduction of digital tags (DT). The claimed result is achieved by using a computer-implemented method for protecting data displayed on the screens of computing devices (CD), performed using a processor and containing steps in which: a digital tag (DT) is created in the form of a graphical interface element of a given bit dimension, containing at least data identifying the CD and/or the user of the CD, and reference points; a transparent protective layer is formed that is not perceived by the human eye, which is formed by placing the DT in the form of a fractal pattern that fills the entire space of the CD screen; the formed protective layer is applied to the image displayed on the CD screen.EFFECT: increase in the stability of information protection due to the fractal principle of forming a protective layer based on digital tags.13 cl, 8 dwg

Description

FIELD OF TECHNOLOGY

[0001] The claimed technical solution relates to the field of protecting digital data, in particular confidential and sensitive information displayed on the screen of an electronic device, by embedding digital tags (DM).

LEVEL OF TECHNOLOGY

[0002] The use of digital brains in the field of digital information protection is a common solution, in which encoded information is embedded in the image, allowing to identify its belonging or the person responsible for its leakage and / or unauthorized access.

[0003] Typically, such approaches use a given graphic element or area of an image containing a CM. Moreover, such a mark can be both distinguishable and indistinguishable to the human eye. One example of such technology is steganography.

[0004] An analogue of the proposed solution is the principle of forming a protective layer based on the CM, disclosed in US patent 9,239,910 (Markany Inc, 01.19.2016). The solution is to create an invisible protective layer consisting of digital labels, which is used as a background layer, displayed on the device screen and invisible to the user.

[0005] The disadvantage of the existing approach is its insufficient efficiency due to the fact that for the formation of the protective layer, a CM is used, which is a text or graphic primitive selected from a database and used for subsequent generation of filling the space. This leads to the fact that such layer formation becomes sensitive to quality and during the subsequent capture of the image on the screen using an external device, for example, a smartphone or camera camera, when changing the angle or capturing a part of the screen with a protective layer, subsequently removing the CM and establishing the fact of leakage data becomes complex or impossible.

SUMMARY OF THE INVENTION

[0006] The proposed approach allows to solve the technical problem of reducing the stability (robustness) of the method of protecting digital data when they are fixed by external means from different angles and quality of shooting, which critically affects the subsequent decoding of data from digital tags.

[0007] The technical result consists in increasing the efficiency of information protection on the screen of devices by improving the stability of recognition of embedded digital marks in the form of a fractal pattern that forms a protective layer.

[0008] The claimed result is achieved through the implementation of a computer-implemented method for protecting data displayed on the screen of computing devices (VU), performed using a processor and containing the steps at which: form a digital mark (DM) in the form of a graphical interface element of a given bit dimension containing at least data identifying the VC and / or the VC user, and reference points;

a transparent protective layer is formed, which is not perceived by the human eye, which is formed by placing the CM in the form of a fractal pattern that fills the entire space of the VU screen;

the formed protective layer is applied to the image displayed on the VU screen.

[0009] In one of the particular examples of the method implementation, the CM is generated by coding in contrast channels at least one color scheme.

[0010] In another particular example of the implementation of the method, the fractal pattern of the layer is formed by the recursive method of constructing the digital brain.

[0011] In another particular example of the method implementation, the CM has at least one nesting level.

[0012] In another particular example of implementation of the method, the digital brain additionally contains information about the time.

[0013] In another particular example of the implementation of the method, the data identifying the user is selected from the group: personnel number, name, photograph, or combinations thereof.

[0014] In another particular example of the implementation of the method, the data identifying the VU is selected from the group: IP address, MAC address, unique identifier, or combinations thereof.

[0015] The claimed technical result is also achieved through a computer-implemented method for identifying data protected by the above method, which is performed using a processor and contains the steps at which: an image is obtained containing at least part of the information displayed on the VC screen;

carry out preprocessing of the obtained image, during which it processes the geometry of the image, perform channel correction in at least one color palette;

decoding of the preprocessed image is carried out, during which the reference points of the CM are identified and information is extracted from the CM.

[0016] In one of the particular examples of the implementation of the method, at the stage of processing the geometry of the image, its rotation and perspective correction are performed.

[0017] In another particular example of implementation of the method, when correcting perspective, a pixel-by-pixel binary interpolation of image channels of at least one color scheme and image size correction is performed to maintain its proportions.

[0018] In another particular embodiment of the method, the image is obtained from an external device.

[0019] Each of the above methods may also be implemented with a computer system comprising at least one processor and at least one memory storing machine-readable instructions that, when executed by the processor, execute any of the above methods.

BRIEF DESCRIPTION OF DRAWINGS

[0020] FIG. 1 illustrates the general principle of the stated solution.

[0021] FIG. 2 illustrates a block diagram of the claimed data protection method.

[0022] FIG. 3A illustrates an example of a fractal cover.

[0023] FIG. 3B illustrates an example of placing a layer on a device screen.

[0024] FIG. 4 illustrates a flowchart of a method for decoding information from a DM-protected image.

[0025] FIG. 5 illustrates an example of capturing image information from a device screen.

[0026] FIG. 6 illustrates the principle of decoding a digital brain from an image.

[0027] FIG. 7 illustrates a general view of a computing device.

CARRYING OUT THE INVENTION

[0028] FIG. 1 shows the general concept of the technical implementation of the claimed solution. The protection of sensitive and / or confidential information displayed on the screen (111) of the user's computing device (VU) (software) is carried out by means of the introduction of the CM (10), into which the relevant information is encoded for the subsequent establishment of the place and responsible person for unauthorized receipt of information outside the protected perimeter of the infrastructure, for example, by photographing it, filming video or capturing (screenshot) the image on the VU screen by external devices (smartphone, camera, etc.), including with subsequent printing.

[0029] As shown in FIG. 2, the claimed method (200) for protecting digital information contains a number of sequential steps. At the first stage (201), the formation of the CM (10) is carried out. Any type of information, for example, text, graphic, or their combinations, can be embedded in the digital brain (10) using binary (binary) data coding algorithms. CM (10) is formed from a combination of two contrasting colors. As a rule, the data embedded in the CM (10) is necessary to identify the VU (software) or directly the user of this device, for example, an employee who has access to sensitive information. Such data can be: personnel number, name, user photo, IP address, MAC address, unique identifier of the VU. This information can be used individually or in any combination. Additionally, information about the time and / or date can also be encoded, for example, the time of the formation of the CM (10), the current date. Information about the date and time can be dynamically changed to include the actual information during the coding of the CM (10).

[0030] CM (10) is a static element of the graphical interface of a given bit dimension. In addition to information for identifying the fact of photographing information on the screen (111), one or more reference points (11) are also introduced into the CM (10), which are necessary for the subsequent identification of the CM location (10).

[0031] Next, from the CM (10) at step (202), a protective layer (101) is formed in the form of a fractal principle of CM (10) placement, filling the entire space of the screen (111). The number of CMs (10) and the principle of fractal placement are determined based on the screen resolution (111) and the CM dimension (10). As a rule, CMs (10) are chosen of equal dimension, but they can also have an alternating order from placement to form layer (101), which also does not violate the technical implementation of the claimed solution in terms of subsequent data identification.

[0032] The protective layer (101) is formed invisible (transparent) so as not to be visible to the human eye and to hide the fact of the application of data protection on the screen (111). The transparency of the layer (101) of the created fractal pattern can be formed in various ways of adjusting graphic images, for example, by adjusting the opacity of the image (opacity), using the Alpha channel in the RGBA palette, using the Alpha channel in the HSLA palette. The selection of parameters for the formation of the invisible layer (101) is performed to overcome the discrimination threshold (https://en.wikipedia.org/wiki/Just-noticeable_difference), ensuring its invisibility to the average user.

[0033] After the formation of the protective layer (101) in step (203), it is superimposed on the display area of the screen (111) of the VD (110), so that the entire coverage area of the screen is covered by the superimposed layer (101). The use of this approach allows you to determine the value of the CM (10) in any area of the screen (111), regardless of the coordinate or scale of the screenshot or photocopy.

[0034] FIG. ZA - ZB shows an example of a formed protective layer (101) based on a set of CMs (10) with a corresponding arrangement of reference points (11). The presented example of a digital brain (10) can be created using the encoding of information in the contrast channels of the color scheme, for example, RGB, HSL, ARGB, etc. The fractal design of the image of the layer (101) can be formed by the recursive method of constructing (placing) the CM (10) and have one or several levels of nesting (recursion) of the CM (10) in each other.

[0035] As stated above, with the example shown in FIG. 3A, when forming the CM (10), two contrasting colors are used, one of which is the background of the CM (10) - logical 0, and the second is contrasting from the background color, representing logical 1. The creation of the protective layer (101) starts from the 0th the recursion level, at which the background of the CM (10) is selected larger in size than the displayed area (111) on the screen (110). After that, a recursion cycle begins, during which the size of the rectangle describing one bit of the CM (10) (hereinafter referred to as the bit rectangle) is determined in accordance with the system of equations:

Where: x is the length of the CM background, y is the width of the CM background, x 'is the length of the bit rectangle, y' is the width of the bit rectangle, 1 is the length of the bit array of the encoded message.

[0036] Next, the CM (10) begins to fill with bit rectangles, where, as mentioned above, 0 is the color of the rectangle similar to the background of the mark, 1 is the color of the rectangle that is in contrast to the background of the mark. The CM (10) is filled with all bits (over the entire CM background), during which the n-th level mark is formed. The cycle of recursion is repeated anew, for the next size of the CM (10) one bit rectangle of the current CM (10) is taken. The cycle repeats until the size of the CM (10) is equal to 1 × 1 pixel. CMs (10) in the form of bit rectangles are iterated over until all CMs (10) at all levels of recursion reach the end of the recursion.

[0037] Next, consider the process of decoding the information protected by the CM shown in FIG. 4-Fig. 6. FIG. 4 illustrates a flowchart of a method (400) for decoding information from a captured image.

[0038] At the first stage (301), an image (410) is supplied to the computing module (for example, a processor), which was made using an external device (400) and contains part or all of the information presented on the screen (111) of the VU (110) as shown in FIG. 5.

[0039] Next, the obtained image (410) goes through a processing step (302), during which geometric transformation of the image is carried out, in particular, rotation and / or perspective correction. Perspective correction is performed in two stages - pixel-by-pixel binary interpolation of image color channels (for example, RGB) to change the image perspective and image size correction to maintain proportions using the formula:

Where:

deltaX - the length of the horizontal projection of the segment between the intersection points of the diagonals of the quadrilateral and its centroid,

deltaY - the length of the vertical projection of the segment between the intersection points of the diagonals of the quadrilateral and its centroid,

top Width - the length of the horizontal projection of the top edge of the triangle,

bottomWidth - the length of the horizontal projection of the bottom edge of the quadrilateral,

leftHeight - the length of the vertical projection of the left side of the quadrilateral,

rightHeight - the length of the vertical projection of the right side of the quadrilateral.

[0040] Next, the chromaticity / saturation (saturation) of the obtained image is changed in at least one color palette to increase the contrast of the image as a whole and to detect the presence of CM (10) in a particular area of the image (410).

[0041] After that, mutual correction of the color channels of the obtained image (410) is carried out to highlight the contrasting colors selected during the coding of the CM (10). One of the contrasting colors, selected when coding the CM (10), is removed from each pixel of the resulting image.

[0042] In step (303), the position of the CM (10) is determined using the fiducials (11) identified in the image (410). The centers of the fiducials are determined (11), around which a circle of a given radius is constructed, calculated from the radius of the fiducials and the length of the encoded message, on the perimeter of which the centers of other fiducials are determined (11). From the angle of the segment between two centers to the horizontal and the length of this segment, the angle of inclination and the size of the CM are calculated (10), respectively.

[0043] From the known message length and the known CM size (10), the size of the CM bit rectangle (10) is calculated.

[0044] As shown in FIG. 6, as a result of decoding the preprocessed image (410), the CM (10) on the protective layer (101) are determined at all levels of recursion (depending on the quality of the input image).

[0045] Steps (302) - (303) are performed several times with different saturation change and color change parameters. The result is the values that are most often repeated for different parameters. This ensures reliable decoding of the color of each pixel of the resulting image in accordance with the laws of normal distribution with various correction parameters.

[0046] After reliably determining the color of each pixel in the obtained image (410), the color of the background of this CM is determined by the color of the fiducials (11), and the color of the given bit rectangle is determined by the color of the fiducial point of the CM inscribed in the bit rectangle of this CM. Having information about the color of each bit rectangle in this CM and the background color of this CM, a bit array of the encoded message is constructed.

[0047] From the bitmap of the encoded message, knowing the encoding algorithm of this message, the bitmap is converted into useful information encoded in the digital brain.

[0048] This principle of protection and subsequent decoding of information from the protective layer (101) makes it possible to more efficiently recognize the encoded information from the CM (10) and establish the IU (110) and / or the person responsible for the leakage of confidential and / or sensitive information.

[0049] FIG. 7 shows a general view of a computing device (500) suitable for performing methods (200, 300). The device (500) can be, for example, a server or other type of computing device that can be used to implement the claimed technical solution. Including being part of a cloud computing platform.

[0050] In the General case, the computing device (500) contains one or more processors (501) united by a common data exchange bus, memory means such as RAM (502) and ROM (503), input / output interfaces (504), input devices / output (505), and a device for networking (506).

[0051] The processor (501) (or multiple processors, multi-core processor) can be selected from a range of devices currently widely used, for example, Intel ™, AMD ™, Apple ™, Samsung Exynos ™, MediaTEK ™, Qualcomm Snapdragon ™ and etc. The processor (501) can also be a graphics processor, for example, Nvidia, AMD, Graphcore, etc.

[0052] RAM (502) is a random access memory and is intended for storing machine-readable instructions executed by the processor (501) for performing the necessary operations for logical data processing. RAM (502), as a rule, contains executable instructions of the operating system and corresponding software components (applications, software modules, etc.).

[0053] ROM (503) is one or more persistent storage devices, for example, hard disk drive (HDD), solid state data storage device (SSD), flash memory (EEPROM, NAND, etc.), optical storage media ( CD-R / RW, DVD-R / RW, BlueRay Disc, MD), etc.

[0054] Various types of I / O interfaces (504) are used to organize the operation of the components of the device (500) and to organize the operation of external connected devices. The choice of appropriate interfaces depends on the specific design of the computing device, which can be, but are not limited to: PCI, AGP, PS / 2, IrDa, Fire Wire, LPT, COM, SATA, IDE, Lightning, USB (2.0, 3.0, 3.1, micro , mini, type C), TRS / Audio jack (2.5, 3.5, 6.35), HDMI, DVI, VGA, Display Port, RJ45, RS232, etc.

[0055] To ensure user interaction with the computing device (500), various I / O means (505) are used, for example, a keyboard, display (monitor), touch display, touch pad, joystick, mouse manipulator, light pen, stylus, touch panel, trackball, speakers, microphone, augmented reality, optical sensors, tablet, light indicators, projector, camera, biometric identification (retina scanner, fingerprint scanner, voice recognition module), etc.

[0056] The networking tool (506) allows the device (500) to transmit data via an internal or external computer network, for example, an Intranet, the Internet, a LAN, and the like. One or more means (506) may be used, but not limited to: Ethernet card, GSM modem, GPRS modem, LTE modem, 5G modem, satellite communication module, NFC module, Bluetooth and / or BLE module, Wi-Fi module, and dr.

[0057] Additionally, satellite navigation aids can also be used as part of the device (500), for example, GPS, GLONASS, BeiDou, Galileo.

[0058] The presented application materials disclose preferred examples of the implementation of the technical solution and should not be construed as limiting other, particular examples of its implementation, not going beyond the scope of the claimed legal protection, which are obvious to specialists in the relevant field of technology.

Claims (19)

1. A computer-implemented method of protecting data displayed on the screen of computing devices (VU), performed using a processor and containing the stages at which: - form a digital mark (CM) in the form of a graphical interface element of a given bit dimension, containing at least data identifying the VC and / or the VC user, and reference points; - a transparent protective layer is formed, which is not perceived by the human eye, which is formed by placing the CM in the form of a fractal pattern that fills the entire space of the VU screen; - the formed protective layer is applied to the image displayed on the VU screen. 2. The method according to claim 1, characterized in that the CM is formed by coding in contrast channels of at least one color scheme. 3. The method according to claim 1, characterized in that the fractal pattern of the layer is formed by the recursive method of constructing the digital brain. 4. The method according to claim 1, characterized in that the CM has at least one nesting level. 5. The method according to claim 1, characterized in that the CM further contains information about the time. 6. The method according to claim 1, characterized in that the data identifying the user is selected from the group: personnel number, name, photograph, or combinations thereof. 7. The method according to claim 1, characterized in that the data identifying the VU is selected from the group: IP address, MAC address, unique identifier, or combinations thereof. 8. Computer-implemented method for identifying data protected by the method according to any one of paragraphs. 1-7, executed by the processor and containing the steps in which: - get an image containing at least part of the information displayed on the screen of the VU; - carry out preprocessing of the obtained image, during which the geometry of the image is processed, correcting the channels in at least one color palette; - decoding of the preprocessed image is carried out, during which the reference points of the CM are identified and information is extracted from the CM. 9. The method according to claim 8, characterized in that at the stage of processing the geometry of the image, its rotation and perspective correction are performed. 10. The method according to claim. 9, characterized in that, when correcting perspective, a pixel-by-pixel binary interpolation of image channels of at least one color scheme and image size correction is performed to preserve its proportions. 11. A method according to claim 8, characterized in that the image is obtained from an external device. 12. The system for protecting data displayed on the VU screen, containing at least one processor and at least one memory storing machine-readable instructions, which, when executed by the processor, carry out the method according to any one of claims. 1-7. 13. The system for identifying data displayed on the VU screen, containing at least one processor and at least one memory storing machine-readable instructions, which, when executed by the processor, carry out the method according to any one of claims. 9-11.

Images