WO2017137481A1 - Dispositif de sécurité amovible et procédé pour empêcher l'exploitation et le contrôle d'accès non autorisés à des fichiers - Google Patents

Dispositif de sécurité amovible et procédé pour empêcher l'exploitation et le contrôle d'accès non autorisés à des fichiers Download PDF

Info

Publication number
WO2017137481A1
WO2017137481A1 PCT/EP2017/052826 EP2017052826W WO2017137481A1 WO 2017137481 A1 WO2017137481 A1 WO 2017137481A1 EP 2017052826 W EP2017052826 W EP 2017052826W WO 2017137481 A1 WO2017137481 A1 WO 2017137481A1
Authority
WO
WIPO (PCT)
Prior art keywords
security device
removable security
host device
file
additional data
Prior art date
Application number
PCT/EP2017/052826
Other languages
English (en)
Inventor
Julien Bachmann
Pierre Sarda
Original Assignee
Nagravision S.A.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nagravision S.A. filed Critical Nagravision S.A.
Publication of WO2017137481A1 publication Critical patent/WO2017137481A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/106Enforcing content protection by specific content processing
    • G06F21/1063Personalisation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/16Program or content traceability, e.g. by watermarking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6272Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database by registering files or documents with a third party

Definitions

  • the present disclosure generally relates to a removable security device and a method to prevent unauthorized exploitation and control access to files stored in a local or remote storage device.
  • a removable security device connectable to a personal computer may be used in order to authenticate a user of the personal computer to a remote network content server.
  • the removable security device may comprise a memory storing an interface software program configured to use an encryption / decryption key generated during an initialization phase.
  • the interface software program is executed on the personal computer for interfacing the personal computer via the network to the content server.
  • the encryption / decryption key is used by the interface software program for authenticating the user of the personal computer to the content server and for establishing a secure connection between the personal computer and the content server.
  • the removable security device may be connected to the personal computer via a standard USB (Universal Serial Bus) link.
  • the interface software program may be configured to write, during the connection to the personal computer, any temporary files in a location of the removable USB device memory and not in a standard temporary files folder of the personal computer. This ensures that after closing the secure connection to the content server and the removal of the removable security USB device, no temporary files containing confidential information may remain on the personal computer and thus provides increased security against hackers.
  • the removable security device may be based on a "USB powered computer” device as for example the device known under the name of "USB armory". This type of removable device may be designed to be connectable to a USB port of the personal computer, which may provide power and a bidirectional serial data link between the personal computer and the removable device.
  • the removable security device may comprise a central processor and an operating system. The operating system stored in a non-volatile memory manages the application software programs as well as the bidirectional serial data link.
  • a removable security device configured to prevent unauthorized exploitation of computer files stored in a local or remote storage device.
  • the removable security device as disclosed may be based on a "USB powered computer" device.
  • This type of removable device may be designed to be connectable to a host device via an USB (Universal Serial Bus) port providing power to the removable device and a bidirectional serial data link between the host device and the removable device.
  • USB Universal Serial Bus
  • the removable USB security devices or USB powered computers have the advantage of being able to present themselves as various USB devices as for example in form of a dongle having an USB type communication port to be plugged onto any host device having a corresponding USB port.
  • Other types of communication ports may be implemented, for example, Apple Lightning, FireWire IEEE 1394, etc.
  • the removable security device may be powered by other sources than the USB port of the host device as for example an internal battery or an external power supply.
  • the host device may preferably be in form of a portable personal computer (PC) also called laptop or a desktop personal computer coupled to a display screen.
  • PC portable personal computer
  • Other portable devices such tablets, smartphones, personal digital assistants (PDA) or pocket PCs may also be used as host devices.
  • the removable security device may contain components comprising at least one processor, memories and a communication link configured to exchange data with the host device.
  • An operating system stored in a memory of the removable security device manages the components and various applications described below.
  • the communication link between the host device and the removable security device may be managed by the host device as for example by using SSH (Secure Shell) connections over USB, or by using remote desktop displays as provided for example by using Microsoft ® RDP (Remote Desktop Protocol), allowing to interact from the host device with applications running on the removable security device.
  • SSH Secure Shell
  • RDP Remote Desktop Protocol
  • Such a removable security device is aimed to be secure, and offers a secure internal working environment to store and edit files.
  • Applications e.g., word processing, spreadsheets, presentation, etc.
  • the removable security device may further comprise a network interface configured to use network connection capabilities of the host device for communicating with network resources on a local network or a public network such as Internet.
  • the network resources may comprise remote servers, virtual drives or databases being accessible by the host device through the removable security device for fetching and storing files.
  • the removable security device may thus be recognized by the host device, for example, as an active network resource with a shared network drive attached.
  • the files may be downloaded from a remote server into a memory of the removable security device and saved into the memory and/or uploaded from the memory to the remote server after processing.
  • the files are processed without being stored on the host device preventing copying onto another external memory or drive.
  • the removable security device allows files to be used on a host device without software and copyright protection to prevent potential leakage.
  • conventional anti-copy precautions fail to include protection against capturing screen shots of the content that is displayed by the host device or capturing a signal corresponding to displayed images.
  • screenshots or screen capture may be performed with an application of the host device as well as with a camera of a smartphone to capture all or part of the content.
  • the host device may be modified to redirect the signal from the display to a signal recording module.
  • An exemplary aspect of the disclosed method and device is to provide anti-copy protection by to integrating information into displayable frames generated by the removable security device that are displayable on the screen of the host device.
  • the integrated information can be used to identify the removable security device associated with unauthorized copies of the displayable frames (e.g., screenshots or image captures). These information are preferably not visible for the user.
  • the removable security device is referenced by a unique identifier registered in a database that may also associate user data with this identifier.
  • the information hereafter referred to as a watermark, may not prevent unauthorized copies (e.g., screen captures) but enables identification of the removable security device associated with a host device that displays the copied frame.
  • the watermark may also include an identifier of the host device and temporal data.
  • the watermark may be a code allowing retrieving at least the identifier of the removable security device in the database.
  • Figure 1 shows a block diagram of a removable security device coupled to a host device.
  • a remote desktop agent operating on the host device allows accessing, displaying and editing a content in which additional data may be inserted by a watermarking module implemented in the removable security device.
  • Figure 2 shows a detailed block diagram of a removable security device connectable to a host device, the removable security device allowing the host device executing a file processing application with files stored locally or in a remote server.
  • a watermarking module inserts additional data into displayable frames generated by a graphic processor of the removable security device.
  • the disclosed removable security device may preferably be connectable with a host device via a standard USB (Universal Serial Bus) port having the advantage to offer a fast bidirectional data communication link with the host device. It can also advantageously provide power to the host device.
  • the standard universal serial data bus may be for example of type USB 2.0, USB 3.0 or USB 3.1 , where the different types stand out from their throughput having a value of respectively 480 Mbit/s, 5 Gbit/s and 10 Gbit/s.
  • the removable security device 10 may comprise hardware modules such a central processor 100, memories 102, a graphic processor 104, a network interface 109 and a communication port 108 (e.g., a USB port).
  • the memory may comprise several types of memory sections such as read-only and read / write non-volatile memory 102 (i.e. non-volatile memory), and random access memory 102'.
  • the removable security device 10 further comprises various software modules loaded in non-volatile memory using hardware resources of the removable security device 10.
  • An operating system 101 manages the different hardware and software modules.
  • root of trust functions may be embedded in the operating system 101 , preferably in a hardware form.
  • Hardware root of trust offers a higher level of trust than a software root of trust which is typically more exposed to attacks by hackers.
  • the root of trust provides services (e.g., monitoring) to ensure hardware and software integrity is maintained throughout different operating modes (e.g. power-up, initialization and normal operating modes) of the removable security device 10.
  • the software modules may include an identification module 106, file processing applications 120, 121 , a remote desktop agent 107, an encryption / decryption module 103, and/or a watermarking module 105.
  • the identification module 106 can receive and store at least one user credential for authenticating a user to access resources of the removable security device 10.
  • the file processing applications 120, 121 comprise, for example, a text document editor such as Microsoft ® Word, a slide editor such as Microsoft ® Power Point, or a table editor such as Microsoft ® Excel or any other file creating / editing applications.
  • the file processing applications 120, 121 may be managed by the central processor 100 under control of the operating system 101 and dedicated user interfaces.
  • the remote desktop agent 107 can be integrated with the operating system 101 .
  • the remote desktop agent 107 enables remote access to at least one file and execution of the file processing application (e.g., 120, 121 ) with the at least one file.
  • the remote desktop agent 107 also enables communication with the host device 20 and remote access to the files and to file processing applications 120, 121 for execution by the host device 20.
  • the remote desktop agent 107 may be preferably embedded in the operating system 101 and protected by the hardware root of trust in order to prevent any tampering or unauthorized modification, (e.g. storing files into the host device 20).
  • the encryption / decryption module 103 is coupled to the network interface 109 and to the memories 102.
  • the encryption / decryption module 103 encrypts files before storing, and decrypts the files when retrieved for processing.
  • the encryption / decryption operations may be performed by using an appropriate algorithm with symmetric or asymmetric cryptographic keys.
  • the network interface 109 may be configured to exploit network connection resources of the host device 20 for exchanging data with remote servers 30 and databases 40.
  • the exchanged data may be encrypted by the encryption / decryption module 103.
  • the watermarking module 105 is coupled to the graphic processor 104 and can insert additional data into displayable frames produced by the graphic processor 104. For example a screen associated with the host device 20 displays the frames.
  • the removable security device 10 may comprise wireless network communication modules (e.g., 109', 109" in Figure 2) associated with the network interface 109.
  • the network interface 109 can be, for example, a WiFi module, a mobile network communication module such as a 3G, 4G, LTE (Long Term Evolution) type module, etc.
  • the removable security device 10 may be connected to host devices 20 without network communication resources.
  • the wireless network communication modules 109', 109" ensures access by the host device 20 to files stored on remote servers 30 or virtual drives.
  • the removable security device 10, coupled to a communication port of the host device 20, may be activated automatically or manually (e.g., a physical switch, a button on the removable security device 10, etc.).
  • the automatic activation may occur upon plugging the removable security devicel O onto the communication port of the host device 20.
  • the activation may comprise steps of mounting the removable security device 10 as an active network device resource for the host device and exchanging information with the host device 20.
  • the exchanged information may enable a user authentication request on the host device 20.
  • a user interface of the host device 20 may prompt the user for credentials, for example, a username and a password.
  • the credentials may also be in form of a fingerprint or other biometric data introduced by the user through a dedicated device associated with the host device 20 or located directly on the removable security device 10.
  • the credentials may also include a one-time-password (OTP) having a limited validity period associated with a user name or a user address.
  • OTP one-time-password
  • Conformity of the credentials may be verified by comparison with user data previously recorded in the identification module 106 during an initialization phase of the removable security device 10.
  • access to resources of the removable security device 10 is validated.
  • the files and applications for processing the files with the host device 20 become operational through the remote desktop agent 107 that is activated. Otherwise, when the user authentication fails, access to files and applications is denied.
  • the communication through the USB type link may use a standard RDP protocol (Remote Desktop Protocol).
  • the RDP protocol may provide a user with a graphical interface to connect to another computer over a network connection.
  • the removable security device 10 can be recognized by the host device 20 as a network device.
  • the RDP protocol further provides a secure connection by encrypting the data exchanged between the connected devices.
  • the remote desktop agent 107 stored in the removable security device 10 provides a user interface on the host device 20.
  • the user interface can be used for file selection and launching applications to execute opening and editing the selected file.
  • a text document 130 stored in the read / write non-volatile memory 102 may be opened with the text document editor 120.
  • the desktop agent 107 may facilitate execution of the text document editor 120 and saving the document once modified in the read / write non-volatile memory 102 without providing any possibility to save a copy of the document in a memory of the host device 20.
  • Figure 1 illustrates an example where a document 130 stored in the read / write non- volatile memory 102 of the removable security device 10 is opened by execution of a text document editor 120 providing a corresponding window on the host device 20 through the remote desktop agent 107.
  • the application 120 operates on the operating system 101 managing the hardware and software modules of the removable security device 10 as well as a communication link 1 10 with the host device 20.
  • the execution of the text document editor 120 with the document file enables generating, by the graphic processor 104, displayable frames to be watermarked by the watermarking module 105.
  • the file may be saved in the read / write non-volatile memory 102 of the removable security device 10.
  • the remote desktop agent 107 may allow access to files previously stored in a remote server 30 or on a virtual drive.
  • the remote desktop agent 107 uses the network resources of the host device 20 and the network interface 109 of the removable security device 10.
  • the user authentication performed after activation of the removable security device 10 also enables connection of the host device 20, via the removable security device 10, to the remote server 30 and authorizes access to the stored files.
  • These files may be encrypted with a user personal encryption key to prevent access by unauthorized users.
  • a remotely stored file may be downloaded into a random access memory 102' associated with the central processor 100 of the removable security device 10, decrypted by the encryption / decryption module 103 and executed by a file processing application 120.
  • the file may be re-encrypted and saved into the remote storage and/or into the local read / write non-volatile memory 102 of the removable security device 10.
  • a file executed for reading only may be downloaded into the random access memory 102' and decrypted for reading, the file remaining in the remote storage in encrypted form.
  • the remote desktop agent 107 may purge the random access memory 102' after termination of file processing application 120 that closes and saves the executed file into the read / write non-volatile memory 102 of the removable security device 10 or into the remote server 30 or virtual drive.
  • the above discussed solution may solve the problem of having the documents being stored in a memory of the host device, as they will instead be stored on the removable security device only.
  • the watermarking module 105 modifies displayable frames produced by the graphic processor 104 when a file is processed.
  • the watermarking module 105 may insert additional data into at least some of the displayable frames.
  • the graphic processor 104 coupled to the central processor 100 generates displayable frames to be displayed as images on a screen of the host device 20 when a file processing application 120 executes a predetermined file. For example, according to a screen refresh rate standard, the graphic processor 104 generates 60 frames per second to display the content by the host device 20.
  • the watermarking module 105 modifies the displayable frame so that an image capture made at any time will include the additional data.
  • the displayable frames output to the graphic processor 104 may be watermarked by the watermarking module 105 that inserts additional data into the displayable frames before they are forwarded to the host device 20 via the communication link 1 10.
  • the watermarking module can watermark each frame or a subset of the frames.
  • the watermark is preferably invisible by human eyes and inserted into the displayable frames.
  • a technology based on encoding video data blocks of the displayable frames with the additional data by applying a predetermined watermarking algorithm may be used. Only a computer based image analyzer will thus be able to localize, extract and read the watermark in an image captured from the host device.
  • the image analyzer knowing the watermarking algorithm used for encoding the video data blocks and being able to identify the encoded video data blocks can determine the watermark representing the additional data.
  • the watermark may be determined by comparing video data of the captured image with video data of a reference image without watermark.
  • the watermark of the displayable frame allows identifying an origin of a copy of content made, for example, by a screen capture on a host device 20.
  • the unique identifier of the removable security device 10 may be used as additional data.
  • the watermark of the content screen capture determined by the image analyzer thus allows knowing which removable security device has produced the content and additionally user data associated to the unique identifier of the removable security device 10.
  • the additional data includes a unique identifier of the removable security device 10. This identifier may be retrieved by the watermarking module 105 from a local read-only memory (or a non-volatile memory) and inserted into the displayable frames during a watermarking process.
  • the additional data including the unique identifier of the removable security device 10 may further include a unique identifier of the host device 20. The host device identifier may be received during the step of information exchange with the removable security device 10 at activation thereof and stored, for example, into the read / write non-volatile memory 102 by the identification module 106.
  • the watermarking module 105 retrieves the host device identifier from the memory and, for example, concatenates the host device identifier with the identifier of the removable security device 10.
  • the additional data including the unique identifier of the removable security device 10 and/or the identifier of the host device 20 may also include temporal data representing a date and time of a current file processing and/or a session number.
  • the date and time may be received from the host device 20 via the remote desktop agent 107 or provided by an internal clock of the removable security device 10.
  • the session number may be retrieved from a session counter embedded, for example, in a memory associated with the identification module 106.
  • the session counter increments, for example, each time a session is opened after a successful user authentication.
  • the additional data includes a result provided by a reversible mathematical function e.g. XOR, addition, multiplication by a predetermined parameter, or a reversible transformation by inversion, exponentiation, etc., applied on the additional data as in embodiment a), b) or c) or a combination thereof.
  • This mathematical function may be known by a tracking server in order to retrieve the content of the additional data.
  • the additional data includes a code representing at least an identifier of the removable security device 10 from a remote database 40 of the network. According to an embodiment, the user authentication with the removable security device 10 performed on the host device 20 activates a network connection of the host device 20 to the tracking server 30 managing a database 40.
  • the network connection allows the host device 20 transmitting to the tracking server 30 data related to the removable security device 10 associated to the host device 20 as well as user data related to the user whose authentication with the removable security device 10 was successful.
  • the tracking server 30 stores these received data into the database 40 in form of a record for a given session.
  • a session is defined herein as an interactive data exchange between the removable security device 10, the host device 20 and the tracking server 30 after a successful user authentication.
  • a user is authenticated with the removable security device 10, a new session is opened and a new record is created in the database 40 by the tracking server 30.
  • the host device 20 transmits user data retrieved from the identification module 106 via the network interface 109 of the removable security device 10 and the communication link 1 10.
  • the user data may comprise, for example, a user name, passwords and other authentication data. This user data may be completed by at least the identifier of the removable security device 10, and by further data such as an identifier of the host device 20, temporal data, and a session number.
  • Data related to operation of the removable security device 10 may also be transmitted by the host device 20 to the tracking server 30 in order to be added into the record in the database 40.
  • These data may comprise, for example, identifiers of the files having been processed by the removable security device 10, file processing temporal data, reference and/or version of the application used for processing the file, etc.
  • Data related to the hardware and software configuration of the removable security device 10 may also be added into the record, for example, a type reference or model identifier of the removable security device 10, references of configuration options, memory capacity, references of installed applications, operating system type and version, etc.
  • Cryptographic keys to be used by the encryption / decryption module for encrypting / decrypting files may also complete the record in addition to the user data. These keys may be generated by the user with an appropriate application on the host device 20.
  • the record may be completed by the code to be used as additional data for watermarking the displayable frames.
  • Code generated by the tracking server may be completed by the code to be used as additional data for watermarking the displayable frames.
  • the code may be generated by the tracking server 30 and added to the record of the database 40.
  • the code may be a random number associated to the record or a digest obtained by applying a hash function or any other mathematical function on all or part of the recorded data.
  • the watermarking module 105 when a file is executed by an application of the removable security device 10 via the remote desktop agent 107, the watermarking module 105 sends a request to the tracking server 30 for acquiring the code from the database 40.
  • the request may thus be forwarded by the watermarking module 105 via the network interface 109, the communication link 1 10, and the network resources of the host device 20 to the tracking server 30.
  • the request may comprise at least the identifier of the removable security device 10 and an instruction allowing retrieving the code in the corresponding record in the database 40.
  • the request may additionally contain the identifier of the user having been recorded by the tracking server 30 at authentication.
  • the user's identifier may be retrieved by the watermarking module 105 from the identification module 106 and transmitted with the identifier of the removable security device 10 to the tracking server 30 which will return the corresponding code.
  • the removable security device 10 thus receives the code from the tracking server 30 via the network resources of the host device 20, the communication link 1 10, and the network interface 109 of the removable security device 10.
  • the code is then stored in a memory 102 of the removable security device 10 and made available to the watermarking module 105.
  • the tracking server 30 For each session, the tracking server 30 generates a new code that is added to the record in the database 40, the watermarking module 105 sending a request to the tracking server 30 for receiving the code from the database record corresponding to the current session.
  • the removable security device 10 may request the tracking server 30 to transmit the code and all remaining data contained in the database 40 related to a current session.
  • the received data may be stored in a nonvolatile memory 102 of the removable security device 10 in order to be used in an off-line mode without connection of the host device 20 with the tracking server 30 and the database 40. All or part of the displayable frame generated by the graphic processor 104 when a file is executed by an application will be watermarked with the code. Code generated by the removable security device
  • the code may be generated by the removable security device 10 instead of the tracking server 30 and stored in a non-volatile memory 102 of the removable security device 10 and in the database 40.
  • the watermarking module 105 sends an instruction to the tracking server 30 to store the generated code into the record of the database 40 corresponding to the current session.
  • the instruction comprises at least the identifier of the removable security device 10, which is used to find the record where to store the code.
  • the identifier of the removable security device 10 may be transmitted by the host device 20 to the tracking server 30 and stored into the database record at beginning of the session.
  • the instruction may also comprise the user's identifier as additional parameter to the identifier of the removable security device 10.
  • the watermarking module 105 obtains this user's identifier by interrogating the identification module 106 that has stored user credentials after successful authentication.
  • the watermarking module 105 thus transmits the instruction to the tracking server 30 via the network interface 109, the communication link 1 10 and the network resources of the host device 20 to store the code previously generated in the record corresponding to the obtained user's identifier.
  • the user's identifier was transmitted by the host device 20 to the tracking server 30 and stored into the database record at beginning of the session.
  • the removable security device 10 For each session, the removable security device 10 generates a new code that it sent, by the watermarking module 105, to the tracking server 30 for storing into the database record corresponding to the current session.
  • the removable security device 10 may request the tracking server 30 to transmit all data contained in the database 40 related to the current session.
  • the received data may be stored in a non-volatile memory 102 of the removable security device 10 in order to be used in an off-line mode without connection of the host device 20 with the tracking server 30 and the database 40.
  • the code stored in the removable security device 10 may be directly used by the watermarking module 105 for watermarking the displayable frames.
  • the code transmitted by the tracking server 30 to the removable security device 10 or vice-versa may be encrypted with a key known by the tracking server 30 and the removable security device 10. This encryption may prevent misuse of the code, e.g. its interception and modification during transmission between the tracking server 30 and the removable security device 10 via the host device 20.
  • the transmitted code may be signed.
  • a signature of the code may be computed, for example, by applying a unidirectional collision free hash algorithm (e.g. types MD5 or SHA) to obtain a digest.
  • An encryption algorithm may then be applied to the digest by using a key known by the tracking server 30 and the removable security device 10 in order to generate the signature.
  • the set formed by the code and the signature may then be transmitted.
  • a signature verification application of the removable security device 10 operating system verifies the signature of the code. In case of a mismatch between the digest as decrypted with the key and a digest recomputed with the code, the code is not accepted by the removable security device 10 and file processing is blocked by the signature verification application.
  • the code inserted as a watermark by the watermarking module 105 may be extracted by analyzing the displayed images.
  • An image may be captured from the display either by a screen capture application of the host device 20 or by outputting the corresponding digital signal from the host device 20.
  • the screen capture may also be performed with a camera and the captured image exported from the camera to an image analyzer.
  • the image analyzer may be able to extract the watermark from the image and to convert the extracted watermark into a code.
  • the code thus obtained may then be submitted to the database 40 for retrieving corresponding data comprising at least the identifier of the removable security device 10.
  • Further data related to the user e.g. user's identifier, temporal data, and other data received by the tracking server 30 from the host device 20) allow identifying origin of the displayable frame.
  • the tracking server 30, the server storing the files and the database 40 may form a single remote server entity dedicated to removable security devices management.
  • a type reference may be added to the additional data for defining whether the additional data in question are based on identifier(s) according to embodiments a), b), c) or d) or represent a code according to embodiment e) allowing retrieving the identifier from a database 40.
  • a leading bit 0 may indicate additional data based on effective identifier(s) while a leading bit 1 may indicate additional data represented by a code.
  • the removable security device 10 may be designed as a dongle connectable to a large variety of host devices 20 by using a universal communication port.
  • the dongle may be provided with a USB or micro-USB connector which adapts to a corresponding socket of the most portable computers or mobile devices.
  • An appropriate operating system supporting file processing applications implemented in the dongle and an adequate communication protocol ensure compatibility of the dongle with the most used host devices.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Databases & Information Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

La présente invention concerne un dispositif de sécurité amovible configuré pour empêcher une exploitation non autorisée de fichiers, pouvant être connecté à un dispositif hôte, le dispositif de sécurité amovible consistant en un processeur central, un système d'exploitation, un processeur graphique, des mémoires et une liaison de communication configurée pour échanger des données avec le dispositif hôte. Le dispositif de sécurité amovible consiste en outre en un module d'identification destiné à vérifier la conformité d'au moins un justificatif d'identité d'utilisateur reçu depuis le dispositif hôte par l'intermédiaire de la liaison de communication. Le système d'exploitation permet, à travers un agent de bureau à distance, l'accès à distance à au moins un fichier et exécute une application de traitement de fichier avec lesdits fichiers. Le système d'exploitation, l'agent de bureau à distance et l'application de traitement de fichiers sont mémorisés dans une mémoire non volatile du dispositif de sécurité amovible. Le processeur graphique génère des images affichables correspondant à l'exécution de l'application avec le fichier. Un module de filigranage couplé au processeur graphique insère des données supplémentaires dans les images affichables, lesdites données supplémentaires formant un filigrane généré sur tout ou une partie de l'image affichable. Les données supplémentaires permettent de récupérer au moins l'identifiant du dispositif de sécurité amovible. La liaison de communication transmet les images affichables filigranées au dispositif hôte.
PCT/EP2017/052826 2016-02-10 2017-02-09 Dispositif de sécurité amovible et procédé pour empêcher l'exploitation et le contrôle d'accès non autorisés à des fichiers WO2017137481A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP16155007.4 2016-02-10
EP16155007 2016-02-10

Publications (1)

Publication Number Publication Date
WO2017137481A1 true WO2017137481A1 (fr) 2017-08-17

Family

ID=55361356

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2017/052826 WO2017137481A1 (fr) 2016-02-10 2017-02-09 Dispositif de sécurité amovible et procédé pour empêcher l'exploitation et le contrôle d'accès non autorisés à des fichiers

Country Status (2)

Country Link
TW (1) TW201738802A (fr)
WO (1) WO2017137481A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019173029A1 (fr) * 2018-03-09 2019-09-12 Citrix Systems, Inc. Systèmes et procédés d'incorporation des données dans des affichages de session à distance

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021126217A1 (fr) * 2019-12-19 2021-06-24 Google Llc Unité de gestion de ressources pour capturer des états de configuration de système d'exploitation et gestion de mémoire
WO2021126216A1 (fr) 2019-12-19 2021-06-24 Google Llc Unité de gestion de ressources pour capturer des états de configuration de système d'exploitation et des tâches de délestage

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050097341A1 (en) * 2003-09-26 2005-05-05 Francis Hedley J. Data processing apparatus and method for merging secure and non-secure data into an output data stream

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050097341A1 (en) * 2003-09-26 2005-05-05 Francis Hedley J. Data processing apparatus and method for merging secure and non-secure data into an output data stream

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"Digital watermark on image export from geoscience application", IP.COM JOURNAL, IP.COM INC., WEST HENRIETTA, NY, US, 18 February 2011 (2011-02-18), XP013142565, ISSN: 1533-0001 *
89.76.40.118 ET AL: "Remote Desktop Services", WIKIPEDIA, THE FREE ENCYCLOPEDIA, 22 April 2012 (2012-04-22), XP055235479, Retrieved from the Internet <URL:https://en.wikipedia.org/w/index.php?title=Remote_Desktop_Services&oldid=488686562> [retrieved on 20151210] *
PETERSON L M ET AL: "A GRAPHICAL METHOD FOR DETERMINING THE LOGGED ON USER", MOTOROLA TECHNICAL DEVELOPMENTS, MOTOROLA INC. SCHAUMBURG, ILLINOIS, US, vol. 24, 1 March 1995 (1995-03-01), pages 20/21, XP000500320, ISSN: 0887-5286 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019173029A1 (fr) * 2018-03-09 2019-09-12 Citrix Systems, Inc. Systèmes et procédés d'incorporation des données dans des affichages de session à distance
US10678929B2 (en) 2018-03-09 2020-06-09 Citrix Systems, Inc. Systems and methods for embedding data in remote session displays
AU2019229930B2 (en) * 2018-03-09 2020-08-20 Citrix Systems, Inc. Systems and methods for embedding data in remote session displays
AU2020210176B2 (en) * 2018-03-09 2022-03-03 Citrix Systems, Inc. Systems and methods for embedding data in remote session displays

Also Published As

Publication number Publication date
TW201738802A (zh) 2017-11-01

Similar Documents

Publication Publication Date Title
JP6275653B2 (ja) データ保護方法及びシステム
CN103051664B (zh) 一种云存储系统的文件管理方法、装置及该云存储系统
US11368299B2 (en) Self-encryption drive (SED)
US8156331B2 (en) Information transfer
CN101122942B (zh) 数据安全读取方法及其安全存储装置
EP2267628A2 (fr) Technique de détection de jetons pour dispositifs de lecture multimédia
US8694799B2 (en) System and method for protection of content stored in a storage device
CN108763917B (zh) 一种数据加解密方法及装置
US20070195998A1 (en) Method, system, personal security device and computer program product for cryptographically secured biometric authentication
JP2011507414A (ja) データの安全を保護するためのシステムおよび方法
KR20080071529A (ko) 하드웨어 키를 통하여 저장장치 데이터의 암호화 및억세스를 수행하는 장치 및 방법
CN106575342A (zh) 包括关系数据库的内核程序、以及用于执行所述程序的方法和装置
US9313185B1 (en) Systems and methods for authenticating devices
US20110022850A1 (en) Access control for secure portable storage device
JP2008047085A (ja) Usbデバイスを用いるデータ保安システム、装置及び方法
EP2835997A1 (fr) Procédé de cryptage de données de téléphone cellulaire et procédé de décryptage
CN109150834A (zh) 一种嵌入式设备license授权管理方法
CA2891610C (fr) Agent dispensant un service de securite nuagique et dispositif de jeton de securite destine au service de securite nuagique
WO2017137481A1 (fr) Dispositif de sécurité amovible et procédé pour empêcher l&#39;exploitation et le contrôle d&#39;accès non autorisés à des fichiers
JP2008005408A (ja) 記録データ処理装置
CN106529261A (zh) 离线业务数据同步用UKey以及方法
CN113127844A (zh) 一种变量访问方法、装置、系统、设备和介质
KR101043255B1 (ko) Usb 허브 보안 장치 및 이를 이용한 데이터 보안 방법
KR101156102B1 (ko) 보안기능이 구비된 메모리 카드 리더기 및 이를 이용한 데이터 암호화 방법
Loftus et al. Android 7 file based encryption and the attacks against it

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17703181

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17703181

Country of ref document: EP

Kind code of ref document: A1