200830112 九、發明說明: 【發明所屬之技術領域】 本發明係關於數位權利管理(Digital Rights Management,DRM),特別係關於一種即時式控管資訊安全 之方法。 【先前技術】 在現今#訊數位化時代,網際網路與電腦已成為各行 乂必備JL具’ 4多個人資料與重要的組織文件都藉由電 必^之方式處理與儲存。文件以電子型式製作與傳輸勢所 然而,由於電腦與網際網路(Internet)科技之方便,衍 生許多問題’例如對於電子文件檔案的管理與保密,電子 文件之‘案特點為複製容易,且易於藉由網際網路或電子 I5件之方式政佈’故因此對於機密文件之保密有1必 ==需要-套有效㈣訊安全_,以善加保護機密 廷于文件。 數位内容權利管理(Digital Rights Manage_t,DRM) 係藉由軟體或硬體之方法限生 之方4⑯制其數位内容使用方式之統 ^舉例而言,限制某份文件不得列印、修改或刪除,或 ,制某段影>1僅能於某地區播放等,上述皆為現今普遍之 2内容權利管理之功能。例如,AdobeA⑽ 〇ff1Ce、Windows Media Player #等軟體,依程度上之不 同’皆具備了部份之功能。 200830112 止業内使用之網路系統,大多都透過企業内部區域網 路(Intranet)加以連結,由複數個使用者端與一個伺服器端 所構成彼此間資料的流量相當驚人,所以造成管理不易。 。而近年來為了避免企業内部資料透過網際網路外流, 提七、了二手^又來解決上述的問題,譬如:防火牆、防毒 私式的貝Λ安全系、統’避免駭客入侵或是企業員工透過網 際網路以不正行為造成資料外洩。 、六?而」上述之技術並無法完備的防堵機密之資訊外 花費α午夕^力而無法有效控管其企業内之資訊,每一 天總是會有新病毒或技術產生,逃避其權限之控管。現今 之技術亚未有一完善之方法來改善上述之問題。 【發明内容】 為解決前述之問題,本發明主要 管資訊安全之方法,應用於-Clle讀_架構,^月^ rr透過'網路介面與複數個用戶端通訊其= :二過面接收該用戶端連線之要求與該用戶端身 對=網路介面’傳送權限政策至該用戶端;該 檔案執行一操作程序,同時間,透過網路 :二==端傳送之信息;透過該伺服端主機之 認該操作程序之與㈣之權限政策,確 序之權限後,傳送帳號資料二二乍::關確認該操作程 該用戶端;若該用戶端具有權限策至 戶端自動解密該文件檔案;該用戶端完成=程:用 6 200830112 自動加密該文件檔案;接收自 程序之文件紀錄。料“用戶端傳送之該完成操作 本發明之-優點為可同時控管複數個用 個用戶端使用者之不同,個 依…、各 J個別對其榷限作控管,而非僅只 月匕對多數個用戶端使用單-權限控管。 戶滅ΪΓ月之另一優點為可即時監控用戶端之操作,-用 〜呆作檔案或程式時,同時 田用 用戶端的伺服主機,確切A 、、5心至監控 防止資料外狀情事 用〜權限政策,可即時地 加解密方卜式本:優點為,其加密之方式為透明式 l ^文權限政策控管時,不須再有住仃/ 作之行為,可簡化用戶端操作之程序,且=== 覺任何異狀。 ^且用戶&將不會察 【實施方式】 應理= ί = ”例與隨附之圖示詳述於下, 此除文中之較之較佳實施例僅為例示之用,因 實施例中。且本:: 發明亦可廣泛地應用在其他 申請專利矿鬥月:i不文限於任何實施例’應以隨附之 月庫已圍及其同等領域而定。 佳實=本專利說明書中,「較佳實施例」意指描述關於較 ,例之特殊特徵、結構或特性,在本發明中, 貫施例數目,至少盍一伽n 々个知U其車又佳 實施例中,X Rp —,、、、。因此,本說明書中出現「較佳 殊特徵、1構^必須完全參照同一實施例。再者,其特 …構或特性可使用任何適當方法組合於任一較佳 200830112 實施例中。 參照第-圖’為本發明之一應用例示之系統架構圖 100。於較佳實施例,本發明之即時式控管資訊安全之方 法,應用於一 Client-Server架構。一伺服端主機:二:: 一網路介面120與複數個用戶端13〇通訊。用戶端13〇為 一具備網路功能之電腦系統或終端設備。其網路:面 可包括為-廣域網路(Wide Area Net贈k,Wan)或區域網 路(Local Area Network,LAN)形式之網路介面。 如眾所了解,飼服端主機11〇與用戶端i3〇得包含處 理器、資料庫、記憶體、顯示單元、輸出入單元以及網路 連結功能,此為一般電腦系統所應具備之單元,但為避免 核糊焦點故不贅述’此應為了解該項技藝者所應了解。 伺服端主機110可透過網路介面12〇對於一個或多個 之用戶端主機i3G做權限控管。具體述之,伺服端主機ιι〇 可利用TCIVUDP,透過一飼服端主機ιι〇之控制介面(未 顯不)與用戶端130通訊。此控制介面係用以主控對其用戶 端no之控管功能與程序。於較佳實施例,飼服端主機㈣ 二掛載^能程式,透過此控制介面直接檢閱伺服端主機 110之處理效能與硬碟空間。 於較佳實施例,控制介面可包含一網路(Web)介面之管 由舰端主機之管理者操作,負責用戶端130帳 ::制疋欲官理之文件權限政策(policy)或其權限政策 次加密文件、檢視用戶# 13G與列管文件之紀錄 、J犯。推限政策範本係定義一文件之基本權限,套用 8 200830112 於一群組内之用戶端或為指定特定人士之用戶端。 當用戶端13G對-文件槽案或程式執行—操作程序 程式或文件檔案被啟動’同時間,用戶端130透過 =面m’立即連線至伺服主機11〇,用戶端13〇傳送 至伺服鳊主機110’透過伺服端主機之 :(未顯示),查詢此用戶端130之帳號身份與其權限政策、’ :==13〇之權限政策是否符合伺服端主機11。所 f i,發、130之權限政策,經由伺服端主機no確認 戶端…3〇,其操作程序是否符合此用 策。而後’藉由安裝於用戶物之應 端主機110之權限政策主動設定其權 不而文件作者再次指定權限。 機序符合權限政策,服端主 部之應用程式,執行用戶端13。之二=内 (丁削啊ent Flle Eneryptlon TFE)之透^式私案加选技術 13°之操作權限。所謂透明式係指用::v=二戶端 主機指令後執行,其執行程序或過程二用=Ί 二:二視覺方式知悉此指令之執行程序狀態。200830112 IX. INSTRUCTIONS: [Technical Field of the Invention] The present invention relates to Digital Rights Management (DRM), and more particularly to a method for controlling information security in an instant. [Prior Art] In the era of digital data, the Internet and computers have become a must-have JL. More than 4 people's data and important organizational documents are processed and stored by means of electricity. The file is electronically produced and transmitted. However, due to the convenience of computer and Internet technology, many problems arise. 'For example, the management and confidentiality of electronic file files, the electronic file's case is easy to copy and easy to copy. By means of the Internet or electronic I5 pieces of government's policy, therefore, the confidentiality of confidential documents must be == need-set effective (four) security_to protect the confidentiality of the documents. Digital Rights Managed (DRM) is a method of limiting the use of digital content by means of software or hardware. For example, restricting a document from being printed, modified or deleted. Or, the production of a certain paragraph > 1 can only be played in a certain area, etc., all of which are the functions of content rights management that are currently common. For example, AdobeA(10) 〇ff1Ce, Windows Media Player # and other softwares have some functions depending on the degree. 200830112 Most of the network systems used in the industry are connected through the intranet of the enterprise. The traffic between the users and the server is quite amazing, which makes management difficult. . In recent years, in order to avoid the internal data flow of the enterprise through the Internet, mentioning the second-hand ^ to solve the above problems, such as: firewall, anti-virus private-style security system, to avoid hacking invasion or corporate employees Data leakage caused by improper behavior through the Internet. ,six? However, the above-mentioned technology is not comprehensive enough to prevent the use of confidential information, and it is impossible to effectively control the information in its enterprise. Every day, there will always be new viruses or technologies generated, and the control of its authority will be evaded. . Today's technology Asia does not have a sophisticated way to improve the above problems. SUMMARY OF THE INVENTION In order to solve the foregoing problems, the present invention mainly relates to a method for information security, which is applied to a -Clle read_architecture, and a network interface communicates with a plurality of client terminals via a network interface. The client connection request and the user's body pair = network interface 'transfer permission policy to the user side; the file performs an operation procedure, at the same time, through the network: two == end of the transmitted information; through the servo The end host recognizes the operation procedure and the permission policy of (4), after confirming the authority, the account information is transmitted two or two:: confirm the operation of the user terminal; if the user has the authority policy to automatically decrypt the user File file; the client finishes = Cheng: automatically encrypts the file file with 6 200830112; receives the file record from the program. It is expected that the user terminal transmits the completed operation of the present invention - the advantage is that the user can be controlled at the same time by a plurality of user users, and each of them is controlled by the individual, rather than only the new moon. The use of single-privilege control for most clients. Another advantage of the user is that it can monitor the operation of the client in real time, - when using ~ as a file or program, while using the server of the client, the exact A, 5 heart to monitoring to prevent data outside the situation ~ permission policy, can be immediately encrypted and decrypted style: the advantage is that its encryption method is transparent l ^ text permission policy control, no need to live The behavior of the user can simplify the procedure of the user-side operation, and === feels any abnormality. ^And the user & will not be inspected [implementation] ought = ί = "" and the accompanying graphic details In the following, the preferred embodiment of the present invention is for illustrative purposes only, as in the embodiment. And this: The invention can also be widely applied to other patent-pending mines: i is not limited to any embodiment' should be based on the accompanying monthly library and its equivalent fields.佳实= In this patent specification, the "preferred embodiment" is intended to describe a particular feature, structure, or characteristic of the invention. In the present invention, the number of embodiments is at least one gamma. In a further preferred embodiment, X Rp —, , , , . Therefore, in the present specification, "the preferred features, "1" must refer to the same embodiment in its entirety. Further, its configuration or characteristics may be combined in any of the preferred embodiments of 200830112 using any suitable method. FIG. 2 is a system architecture diagram 100 illustrating an application of the present invention. In a preferred embodiment, the method for real-time control information security of the present invention is applied to a Client-Server architecture. A server host: 2:: The network interface 120 communicates with a plurality of client terminals 13. The client terminal 13 is a computer system or terminal device with network function. The network: the surface can be included as a wide area network (Wide Area Net gift k, Wan) Or a network interface in the form of a local area network (LAN). As is known, the host terminal 11〇 and the client i3 include a processor, a database, a memory, a display unit, and an input/output unit. And the network connection function, this is the unit that the general computer system should have, but to avoid the focus of the nuclear paste, it is not described here. This should be understood by the skilled person. The server host 110 can access the network interface 1 2〇 Privilege control for one or more client hosts i3G. Specifically, the server ιι UDP can use TCIVUDP to control the interface (not shown) and the client 130 through a feeding terminal host ιι〇 The control interface is used to control the control functions and procedures of the user terminal no. In the preferred embodiment, the feeding terminal host (4) two mounts the power program, and directly checks the server host 110 through the control interface. Processing efficiency and hard disk space. In a preferred embodiment, the control interface can include a network (Web) interface managed by the administrator of the ship's host, responsible for the client's 130 account: Permission policy (policy) or its permission policy sub-encrypted file, view user # 13G and management file records, J criminal. The deduction policy model defines the basic permissions of a file, and applies 8 200830112 to a user group in a group. Or to specify the user of a specific person. When the client 13G pairs - file slot or program execution - the operating program or file file is activated ' at the same time, the client 130 immediately connects to the server host 11 via the face m' The user terminal 13 transmits to the servo host 110' through the server host: (not shown), and queries the account identity of the client 130 and its permission policy, and the permission policy of ':==13〇 matches the server host 11 The fi, the right, the 130's permission policy, confirm the client...3〇 via the server host no, the operation procedure is in accordance with this policy. Then, the user's permission policy installed by the user host 110 is actively set. The author of the file does not specify the authority again. The machine program conforms to the permission policy, the application of the main part of the service end, and the execution of the user terminal 13. The second (inside the ft ent Flle Eneryptlon TFE) 13° operating authority. The so-called transparent type refers to::v=two-client execution after the host command, and its execution program or process two uses =Ί two: two visual methods to know the execution program status of this instruction.
Office二2 :用:文:應用軟體程式(例如Μ-。— ” Adobe Acrobat 等系列斂髀、_ ^ 密引擎處理’才能搜得用戶端13。之以=式加解 —其加密方式可為非對稱式力 非對稱式加密可為公開金錄、PKI、RSA、演圓曲而 9 200830112 線密碼的其中之-;而對稱式加密可以是⑽心卜丁咖 DES、DES、IDEA、RC5、CAST128 和 RC2 其中之一。 於較佳實施例,其加密之演算法採用進階加密棹準 (Advanced Encryption standard, AEs),且至少為 256β^ 之加密規格。 舰端主機110透過用戶端13〇之應用程 <,對於用 戶端之權限控管包括但不限於對其控管之文件與用戶 端130之使用者行使電子文件構案閱讀、修改、内容複製、 列印、儲存、有效之期限、離線閱讀等等文件使用權限控 管。 參照第二圖,係本發明即時式控管資訊安全方法之流 程圖,以下將按序詳述本發明之方法步驟。 首先’本發明之”式控管資訊安全方法應用於一Office 2: Use: Text: Application software program (such as Μ-.-" Adobe Acrobat and other series of convergence, _ ^ secret engine processing 'to search the client 13. The = plus solution - its encryption can be Asymmetric force-asymmetric encryption can be publicly recorded, PKI, RSA, and rounded. Among them, the symmetrical encryption can be (10) diced DES, DES, IDEA, RC5, One of CAST128 and RC2. In the preferred embodiment, the encryption algorithm uses Advanced Encryption Standard (AEs) and at least 256β^ encryption specification. The host host 110 transmits through the client terminal 13 The application<, for the user's access control includes but not limited to the file for its control and the user of the user 130 to exercise the electronic file structure reading, modification, content copying, printing, storage, valid period Refer to the second figure, which is a flowchart of the instant control information security method of the present invention. The method steps of the present invention will be sequentially described in detail below. First, the method of the present invention is controlled. tube Information security method is applied to a
Client-Server架構(參昭篦一岡、片, 再1…、、、弟圖),伺服端主機110透過網 路面120與個或多個用戶端13〇通訊。飼服端主機㈣ 幸預先設定一個或多個以上之權限政策與用戶端之㈣,並 將其資料儲存於祠服端主機110之資料庫系統内(步驟 S200)。於較佳實施例,伺服端主機…之資料庫系統可利 用Mi⑽oft的ActiveDirect〇ry建立帳號,驗證用戶端登 入之使用者身份。 於較佳實施例,伺服端主機11〇對於用戶端13〇之护 管權限可包括但不限於:禁止用戶端複製功能,且需定: 清除冒貼薄(Clipboard)儲存之内容;攔截拖戈與放下⑴哪 and Drop)功能;禁止鍵盤之pdnt如…建功能;禁止使 10 200830112 用螢幕擷取(SCreen Captu_ & ;禁止使用遠端監控程 式,例如VM Wave與VNC等程式,自遠端電腦使用榮幕 ,取魏;若文件之權限為唯讀,禁止儲存與另存新槽功 ^ ’官理列印之功能,需透過Ρ_Γ H00k;每開啟一個 檔案必須連回伺服端主機,確定權限政策;開啟文件檔案 時須將文件檐案之紀錄上傳至祠服端主機㈣之資料庫 系〔統,產生新文件檔案時,須套用伺服端主機11〇設定之 ^限政策;支援離線管理方式;#用戶端13〇與饲服端主 機連線時,伺服端主機110可取得此用戶# 130之權 限政策’對用戶端! 3〇執行遠端部署功能;檢查用戶端1 % 之時間期限’避開用戶端130改變物見避伺服端主機110 之監控。 用戶端130透過網路介面120連線至伺服端之主機 後並傳送其身分之信息供伺服端主機丨丨〇驗證。 (S21〇) i 3词服端主機110透過資料庫系統,查詢資料庫系統内 疋否有此用戶端13〇之帳號資料,驗證此用戶端 份(步驟S220)。 號σ右伺服端主機110並無查詢到此用戶端130之身份帳 '或此用戶端130之帳號身份驗證錯誤,則此用戶端 …、去广入伺服主機丨丨〇,讀取由伺服端主機11 〇設定之權 ί所列管之機密文件(步驟S23〇)。由於本發明即時式 資Λ女全方法之加解密之方式為透明式加解密,透過 女裝於用戶端13〇之檔案系統(File System)之透明式加解 11 200830112 伺服端主機110所列管之文件進行透明式加解 =130之使用者僅於文件操作過程受權限控管, Ί何察覺變動與不便之處,也無須再有任何設定。 之次^服端主機UG自資料料統内查詢到用戶端130 =二驗證其用戶端130身份成功,透過資料庫系統, 戶端nL之文件與此用戶端130相關聯之權限政策至此用 戶鳊 130(S240)。 用戶端130對一槽案執行一操作程序(步驟S25〇)。例 啟:開子文件播案。當此程式或文件被開 叫間,用戶端130透過網路介面120,自動傳送 L w至伺服主機110(步驟S260)。 :服端主機110接收用戶端13〇傳送之信息後,透過 ΐνΛ統’查詢此用戶端130之帳號身份與其權限政 所給::端130之權限政策是否符合飼服端主機no 料I备肖戶端130之權限政策,並紀錄此操作程序於資 料庫系統(步驟S270)。 uo=心後,發送信息通知用戶端 S2_ H 用戶端130之權限政策(步驟 )山。而後,藉由安裝於用戶端130之應用程式程式依照 二服機110之權限政策自動設定其權限,不需文件作 者再次指定權限(步驟S290)。 右用戶端130並無權限對此文件執行操作程序,則其 文件之密文檔(Ciphenext)無法解密,用戶端13。無法料 文件執行操作程序(步驟S3〇〇)。 /、 12 200830112 右用戶端UG有權限對此文件進行操作之程序,透過 用戶端UG内部之應用程式,執行透明式檔案加解 广技術之功能,自動解密其文件之密文檔為明文檔 (Plamtext)(步驟 S31〇)。 於用^端13G執仃操作程序並儲存後,應用程式將自動 ;為佈署之透明式加解密引擎,強 自動加密(步驟S320)。 设〈又,午 :明(ID)、H 自動將其文件之資訊(例如文件之身份證 之資f庫rrKey、存槽時間等等)上傳至词服端主機η〇 之貝料庫糸統(步驟S330)。 對熟悉此領域技藐去,太乂 上,鈇J:廿# ^ ^ 本表月雖以較佳實例闡明如 产神^ 定本發明之精神。在不脫離本發明之 之申請專利範圍内,此範圍;=:f,均應包含在下述 構,且應做最寬廣的言全;復皿所有類似修改與類似結 舉例而έ ’本發明提及之控制模組、解密 程式模組,雖以較佳實例闡明如 有其他的選擇名稱。再者,夂插姑π 述π刀兀件可能 代替。上述之與1奸二=:同功能的元件可以相互 不違背本發明之範圍與精神。 -化與修改’並 【圖式簡單說明】 為了更完整了解本發明及其優點, 明且配合附圖,其中相同數 已參考砰細說 祁U數子表不相同元件,且中· 13 200830112 第一圖根據本發明之較佳實施例,為本發明應用之例 不之架構圖。 第二圖,根據本發明之較佳實施例,為本發明之即時 式控管資訊安全之方法之流程圖。 【主要元件符號說明】 100 即時式控管資訊安全之方法之應用例示之 架構圖 110 伺服端主機 120 網路介面 130 用戶端 步驟 S200、S210、S220、S230、S240、S250、S260、 S270 、 S280 、 S290 、 S300 、 S310 、 S320 ° 14The client-server architecture (see the first page, the first block, the second block, the other, and the other), the server host 110 communicates with one or more user terminals 13 via the road surface 120. The feeding terminal host (4) is fortunate to preset one or more rights policies and the user terminal (4), and store the data in the database system of the server host 110 (step S200). In the preferred embodiment, the database system of the server host can use Mi(10)oft's ActiveDirect〇ry to establish an account and verify the identity of the user who logs in at the client. In a preferred embodiment, the server host 11's protection authority for the client 13 may include, but is not limited to, prohibiting the client-side copy function, and needs to: clear the contents of the Clipboard storage; intercept the drag And put down (1) which and Drop) function; disable the keyboard pdnt as... build function; prohibit 10 200830112 from using the screen capture (SCreen Captu_ &; prohibit remote monitor programs, such as VM Wave and VNC, from the far end The computer uses the glory screen, take Wei; if the file's permission is read-only, it is forbidden to store and save the new slot function ^ 'The function of the official printing, need to pass Ρ _ Γ H00k; each file must be connected back to the server host to determine the permissions Policy; when opening a file file, the record of the file file must be uploaded to the database system of the service host (4). When generating a new file file, the policy set by the server host 11 must be applied; the offline management mode is supported. When the user terminal 13 is connected to the feeding terminal host, the server host 110 can obtain the permission policy of the user # 130 'to the user terminal! 3〇 perform the remote deployment function; check the client terminal 1 The % time period 'avoids the user terminal 130 to change the object to avoid the monitoring of the server host 110. The client terminal 130 connects to the host of the server through the network interface 120 and transmits the identity information for the server host 丨丨〇 (S21〇) i 3 word server host 110 through the database system, query the database system for the account data of the user terminal, verify the user terminal (step S220). No. σ right server If the host 110 does not query the identity account of the client 130 or the account authentication error of the client 130, the client terminal... goes to the server host, and the read is set by the server host 11 The confidential document listed in the right (step S23〇). Because the method of realizing the encryption and decryption of the instant method of the present invention is transparent encryption and decryption, through the file system of the women's 13th file system (File System) Transparent Addition 11 200830112 The file of the pipe listed in the server host 110 is transparently encrypted. The user of 130 is only controlled by the file during the operation of the file. No need to detect any changes or inconveniences. set up. The second servlet host UG queries the user terminal 130 from the data system to verify that the identity of the client 130 is successful. Through the database system, the file of the client nL is associated with the user 130. (S240) The client 130 performs an operation procedure on a slot (step S25〇). Example: opening a subfile. When the program or file is opened, the client 130 automatically transmits through the network interface 120. The Lw is transmitted to the server 110 (step S260). After receiving the information transmitted by the client 13 , the server host 110 queries the account identity of the client 130 and the authority of the authority 130: Whether it meets the permission policy of the feeding end host No. I, and records the operation procedure in the database system (step S270). After uo=heart, send a message to inform the client S2_H client 130 permission policy (step) mountain. Then, the application installed on the client 130 automatically sets its authority according to the permission policy of the second server 110, and the file author is not required to specify the authority again (step S290). The right client 130 does not have permission to execute an operation program on this file, and the secret document (Ciphenext) of the file cannot be decrypted, and the client terminal 13. Unable to process the file to execute the operating program (step S3〇〇). /, 12 200830112 The right client UG has the right to operate this file. Through the application inside the client UG, the function of transparent file plus wide technology is executed, and the confidential document of the file is automatically decrypted as a clear document (Plamtext) (Step S31〇). After executing the operation program with the terminal 13G and storing it, the application will automatically; for the transparent encryption and decryption engine deployed, strong automatic encryption (step S320). Set "Your, noon: Ming (ID), H automatically uploads the information of its files (such as the ID of the document ID library rrKey, storage time, etc.) to the vocabulary host η〇 (Step S330). I am familiar with the technology in this field, too, 鈇J:廿# ^ ^ This table shows the spirit of the invention in the form of a good example. Within the scope of the patent application without departing from the invention, this range; =: f, should be included in the following structure, and should be the broadest statement; all similar modifications and similar examples of the composite dish έ And the control module and the decryption program module, although the preferred examples illustrate other alternative names. In addition, the π 姑 述 π π knife may replace. The above-mentioned elements and functions of the same can be used without departing from the scope and spirit of the invention. - 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 The first figure is an architectural diagram of an example of the application of the present invention in accordance with a preferred embodiment of the present invention. The second figure is a flow chart of a method for real-time control of information security according to a preferred embodiment of the present invention. [Main component symbol description] 100 Instant control information security method application example architecture diagram 110 server host 120 network interface 130 client step S200, S210, S220, S230, S240, S250, S260, S270, S280 , S290, S300, S310, S320 ° 14