TWI573079B - Information security management system and method for electronic document - Google Patents

Information security management system and method for electronic document Download PDF

Info

Publication number
TWI573079B
TWI573079B TW096100738A TW96100738A TWI573079B TW I573079 B TWI573079 B TW I573079B TW 096100738 A TW096100738 A TW 096100738A TW 96100738 A TW96100738 A TW 96100738A TW I573079 B TWI573079 B TW I573079B
Authority
TW
Taiwan
Prior art keywords
user
file
client
information security
electronic file
Prior art date
Application number
TW096100738A
Other languages
Chinese (zh)
Other versions
TW200830200A (en
Inventor
蔡宜霖
Original Assignee
精品科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 精品科技股份有限公司 filed Critical 精品科技股份有限公司
Priority to TW096100738A priority Critical patent/TWI573079B/en
Publication of TW200830200A publication Critical patent/TW200830200A/en
Application granted granted Critical
Publication of TWI573079B publication Critical patent/TWI573079B/en

Links

Landscapes

  • Storage Device Security (AREA)

Description

電子文件資訊安全控管系統及其方法Electronic document information security control system and method thereof

本發明係關於數位權利管理(Digital Rights Management,DRM),特別係關於一種電子文件控管之系統。The present invention relates to Digital Rights Management (DRM), and more particularly to a system for electronic document management.

在現今資訊數位化的時代,電腦已成為各行各業必備的工具,許多的個人私密訊息與重要的組織訊息大多藉由電腦加以處理與儲存,文件以電子型式製作與流通勢所必然,但由於電腦與網路的方便,也帶來了電子文件管理上的困擾,故意洩漏或不經意接觸機密文件的可能性大增,因此需要一套有效的資訊安全機制,以善加保護機密電子文件。In today's era of information digitization, computers have become an indispensable tool in all walks of life. Many personal private messages and important organizational messages are mostly processed and stored by computers. The electronic production and distribution of documents is inevitable, but because of The convenience of computers and the Internet has also caused problems in the management of electronic documents. The possibility of intentional leakage or inadvertent contact with confidential documents has increased greatly. Therefore, an effective information security mechanism is needed to protect confidential electronic files.

數位內容權利管理(Digital Rights Management,DRM)乃是藉由電腦程式,以軟體或硬體之方法,限制其數位內容使用方式之系統通稱。舉例而言,限制某份文件不得列印、修改或刪除,或限制某段影片祇能在某地播放等,這些都是常見數位內容權利管理之功能。數位權利管理無所不在,現代人每天使用的軟體如Adobe Acrobat、Microsoft Office、Windows Media Player等,或多或少都具備了部分些微功能。Digital Rights Management (DRM) is a general term for a system that limits the way digital content is used by software or software. For example, restricting a document from printing, modifying, or deleting, or restricting a certain movie to be played only somewhere, is a common function of digital content rights management. Digital rights management is ubiquitous. The software that modern people use every day, such as Adobe Acrobat, Microsoft Office, Windows Media Player, etc., has more or less some micro-functions.

舉例來說,企業中所使用的分散式系統,大多都透過企業內部區域網路(Intranet)加以連結,由複數個使用者端與一個伺服器端所構成,彼此間資料的流量相當驚人,所以造成管理不易,然而,近年來為了避免企業內部資料透過網際網路外流,提供了一些手段來解決上述的問題,譬如:防火牆、防毒程式的資訊安全系統,避免駭客入侵或是企業員工透過網際網路以不正行為造成資料外洩。For example, most of the distributed systems used in enterprises are connected through the intranet (intranet), which consists of multiple users and a server. The traffic between them is quite amazing. It is not easy to manage. However, in recent years, in order to avoid the internal data flow of the enterprise through the Internet, some means have been provided to solve the above problems, such as the information security system of the firewall and the anti-virus program, to avoid hacking or the employees of the enterprise through the Internet. The network caused data leakage due to improper behavior.

然而若是當權限充分之使用者將應保密資訊外流時,則無法對所有的外流資訊進行保護,因此許多高保密性之公司團體及組織皆禁止連接外接儲存裝置,以避免資訊外流,但此方式會對使用者造成資訊傳輸上的不便,若是需將資訊下載或外傳至外部時,則需運用特定方式在特定電腦上進行資訊下載與外傳,且若是在大量使用者需經此方式進行資訊下載與外傳時,亦會影響工作效率,並增加公司團體及組織整體在資訊操作之負擔。However, if the user with sufficient authority will be out of confidential information, all outflow information cannot be protected. Therefore, many high-secure company groups and organizations are prohibited from connecting external storage devices to avoid information outflow, but this method It will cause inconvenience to users in the transmission of information. If it is necessary to download or export information to the outside, it is necessary to use a specific method to download and transmit information on a specific computer, and if a large number of users need to download information in this way. When it comes to rumors, it also affects work efficiency and increases the burden on the information operations of corporate groups and organizations as a whole.

為解決前述之問題,本發明主要係揭露一種電子文件之資訊安全控管系統,為一Client-Server架構,得透過一網路介面與複數個用戶端通訊,上述電子文件之資訊安全控管系統包含:一控制模組,控制、執行電子文件之資訊安全之權限功能與程序;一資料庫模組,耦合至其控制模組,至少儲存其電子文件之資訊安全之權限資料;一驗證模組,耦合於其控制模組與資料庫模組間,以驗證該用戶端權限。In order to solve the foregoing problems, the present invention mainly discloses an information security control system for an electronic file, which is a Client-Server architecture, which can communicate with a plurality of user terminals through a network interface, and the information security control system of the electronic file. The utility model comprises: a control module, a function and a program for controlling and executing the information security of the electronic file; a database module coupled to the control module and storing at least the information security information of the electronic file; a verification module , coupled between its control module and the database module to verify the permissions of the client.

其中,上述資料庫模組具有一帳號子資料庫,儲存電子文件資訊安全控管系統之使用者資料與其用戶端之資料;一權限政策(Policy)子資料庫,儲存使其用者與用戶端之權限資訊以及電子文件之權限資訊;以及一紀錄子資料庫,儲存其用戶端與使用者之使用紀錄資料,與一文件之使用紀錄資料。The database module has an account sub-database, which stores the user data of the electronic file information security control system and the data of the user end thereof; a policy sub-repository, which stores the user and the user end. The permission information and the authority information of the electronic file; and a record sub-database, storing the usage record data of the user end and the user, and the use record data of a file.

本發明另一目的係揭露一種電子文件之資訊安全控管方法,藉由一Client-Server架構,得透過一網路介面與複數個用戶端通訊,上述方法包含:透過該網路介面連線至該伺服端;驗證該每一個連線至該伺服端之用戶端身分;傳送權限政策至該每一個用戶端;透過一安裝於該用戶端之應用程式模組並依照該權限政策監控該每一個用戶端;該每一個用戶端對一文件檔執行一操作程序;確認該操作程序是否符合該權限政策;於該每一個用戶端完成該操作程序後,自動加密該文件檔;以及傳送該文件檔之紀錄資料至該伺服端。Another object of the present invention is to disclose an information security control method for an electronic file. The client-server architecture can communicate with a plurality of clients through a network interface. The method includes: connecting to the network through the network interface to The server end; verifying each of the connection to the client end of the server; transmitting a permission policy to each of the clients; monitoring each of the applications through an application module installed on the client and in accordance with the permission policy a user end; each of the client terminals performs an operation program on a file file; confirms whether the operation program conforms to the permission policy; automatically encrypts the file file after the user program completes the operation program; and transmits the file file Record data to the server.

本發明之電子文件之資訊安全控管系統乃針對檔案本身進行加密成安全檔,被授權者可共享機密文件,依權限政策控制使用對象與使用方式,縱使任意人取得安全檔,如無權限亦無法閱讀與使用,達成保護機密電子文件之目的。The information security control system of the electronic file of the invention encrypts the file itself into a security file, and the authorized person can share the confidential file, and controls the use object and the use mode according to the permission policy, even if any person obtains the security file, if no authority exists. Unable to read and use, to achieve the purpose of protecting confidential electronic documents.

再者,若是需將資訊下載或外傳至外部時,不須於限定特定方式在特定電腦上進行資訊下載與外傳,只要為本發明之電子文件之資訊安全控管系統之用戶端,皆可任意使用網際網路,並無資料外洩之虞,可簡化行政之效率。Furthermore, if the information needs to be downloaded or transmitted to the outside, the information download and the external transmission on the specific computer are not required to be limited, and the user of the information security control system of the electronic document of the present invention can be arbitrarily selected. Using the Internet, there is no data leakage, which simplifies administrative efficiency.

另外,本發明之電子文件之資訊安全控管系統之加密方式為透明式加解密方式,用戶端受權限政策控制時,並不會察覺任何不便,且不須再有任何設定。 In addition, the encryption method of the information security control system of the electronic file of the present invention is a transparent encryption and decryption mode, and the user terminal is not aware of any inconvenience when it is controlled by the authority policy, and no further setting is required.

本發明將配合其較佳實施例與隨附之圖示詳述於下,應理解者為本發明中所有之較佳實施例僅為例示之用,因此除文中之較佳實施例外,本發明亦可廣泛地應用在其他實施例中。且本發明並不受限於任何實施例,應以隨附之申請專利範圍及其同等領域而定。 The invention will be described in detail with reference to the preferred embodiments and the accompanying drawings. It can also be widely applied in other embodiments. The invention is not limited to any embodiment, but should be determined by the scope of the appended claims and their equivalents.

貫穿本專利說明書中,「較佳實施例」意指描述關於較佳實施例之特殊特徵、結構或特性,在本發明中,其較佳實施例數目,至少為一個。因此,本說明書中出現「較佳實施例中」,不限定必須完全參照同一實施例。再者,其特殊特徵、結構或特性可使用任何適當方法組合於任一較佳實施例中。 Throughout the specification, the "preferred embodiment" is intended to describe a particular feature, structure, or characteristic of the preferred embodiment. In the present invention, the number of preferred embodiments is at least one. Therefore, in the present specification, "the preferred embodiment" is used, and it is not necessary to fully refer to the same embodiment. Furthermore, the particular features, structures, or characteristics may be combined in any preferred embodiment using any suitable method.

參照第一圖,根據本發明之較佳實施例,為本發明之電子文件之資訊安全控管系統之架構圖100,為一Client-Server架構,得透過一網路介面120與複數個用戶端130通訊。其電子文件之資訊安全控管系統伺服端110依照下載至用戶端130之權限政策,藉由安裝於用戶端130之應用程式模組132,可對用戶端130機密之控管文件檔案作透明式自動加解密,對其控管之文件與用戶端130行使控管其複製、貼上、剪下、存檔、另存新檔、列印、螢幕列印等複製功能。所謂透明式係指該系統得以於接收到指令後執行,其執行程序或過程通常不使使用者得以利用視覺方式知悉該系統之執行狀態。Referring to the first embodiment, an architecture diagram 100 of an information security control system for an electronic file according to the present invention is a Client-Server architecture, through a network interface 120 and a plurality of clients. 130 communications. The information security control system server 110 of the electronic file can transparently control the confidential file file of the client 130 by using the application module 132 installed on the client 130 according to the permission policy downloaded to the client 130. The automatic encryption and decryption, the file and the user end 130 of the control thereof control the copying function of copying, pasting, cutting, archiving, saving new files, printing, screen printing and the like. By transparent means that the system is executed after receiving an instruction, the execution of the program or process typically does not allow the user to visually know the execution status of the system.

電子文件之資訊安全控管系統110透過一網路介面120與複數個用戶端130作通訊。其網路介面包括廣域網路(Wide Area Network,WAN)或區域網路(Local Area Network,LAN)形式之網路介面。The electronic security information security control system 110 communicates with a plurality of client terminals 130 via a network interface 120. The network interface includes a network interface in the form of a Wide Area Network (WAN) or a Local Area Network (LAN).

其電子文件之資訊安全控管系統110包括一控制模組180,用以主控其電子文件之資訊安全控管功能與程序,例如修改、變更、解除數位內容權限;一資料庫模組140,用以存取與修改此系統110之之資料;以及一驗證模組170,用以認證用戶端之權限。The information security control system 110 of the electronic file includes a control module 180 for controlling the information security control functions and programs of the electronic file, such as modifying, changing, and releasing digital content rights; a database module 140, The information for accessing and modifying the system 110; and a verification module 170 for authenticating the rights of the client.

資料庫模組140包括一帳號子資料庫142,儲存電子文件之資訊安全控管系統伺服主機110之使用者資料與用戶端130之資料;一權限政策(Policy)子資料庫144,儲存其使用者與其用戶端之權限政策以及電子文件之權限政策;一紀錄子資料庫146,儲存用戶端130與本系統110使用者之使用紀錄資料和文件之使用紀錄資料。The database module 140 includes an account sub-database 142, which stores user data of the electronic security information security control system server host 110 and the data of the client 130; a policy sub-database 144 stores its usage. And the permission policy of the user and the permission policy of the electronic file; a record sub-database 146 stores the usage record data of the use record data and the file of the user 130 and the user of the system 110.

用戶端130為一具備網路功能之電腦系統或終端設備,透過網路介面120與電子文件之資訊安全控管系統110通訊。且用戶端130內部具有一應用程式模組132,透過自電子文件資訊安全控管系統110傳送之權限政策內容,控管用戶端130之文件或程式之權限;以及一加解密模組134,使用透明式加解密方式,執行於其用戶端130。The client 130 is a computer system or terminal device with network functions, and communicates with the information security control system 110 of the electronic file through the network interface 120. The client 130 has an application module 132, which controls the rights of files or programs of the client 130 through the rights policy content transmitted from the electronic file information security control system 110; and an encryption and decryption module 134, The transparent encryption and decryption method is performed on its client 130.

電子文件資訊安全控管系統110使用控制模組180設定各個用戶端130之權限政策,並透過網路介面120,自權限政策仔資料庫144傳送權限政策至用戶端130。用戶儲存電子文件資訊安全控管系統110所傳送之權限政策,且依照其權限政策,透過應用程式模組132控管,對其控管之文件與用戶端130行使控管其複製、貼上、剪下、存檔、另存新檔、列印、螢幕列印等複製功能,並於用戶端130,透過加解密模組134,使用透明式加解密功能於電子文件檔案或程式。所謂透明式係指該系統得以於接收到指令後執行,其執行程序或過程通常不使使用者得以利用視覺方式知悉該系統之執行狀態。The electronic file information security control system 110 uses the control module 180 to set the rights policy of each client 130, and transmits the rights policy to the client 130 from the rights policy database 144 through the network interface 120. The user stores the permission policy transmitted by the electronic document information security control system 110, and according to its permission policy, the application module 132 controls the file and the user terminal 130 to control the copying and pasting thereof. Copying, archiving, saving new files, printing, screen printing and other copy functions, and using the encryption and decryption function on the client side 130, through the encryption and decryption module 134, to the electronic file file or program. By transparent means that the system is executed after receiving an instruction, the execution of the program or process typically does not allow the user to visually know the execution status of the system.

用戶端130操作一電子文件或程式時,當程式或文件被啟動,應用程式模組132透過儲存於用戶端130之權限政策,確認用戶端130之操作權限是否符合其權限政策。若用戶端符合其權限政策,透過加解密模組134執行用戶端130之透明式加解密功能,以及透過應用程式模組132作用戶端130之權限控管。When the client 130 operates an electronic file or a program, when the program or file is activated, the application module 132 confirms whether the operation authority of the client 130 conforms to its permission policy through the permission policy stored in the client 130. If the user terminal complies with its permission policy, the encryption and decryption function of the client 130 is performed through the encryption and decryption module 134, and the permission control of the client 130 is performed through the application module 132.

具體述之,本系統110利用TCP/UDP與控制模組180以及用戶端130通訊。於較佳實施例,本系統110可掛載一效能程式,透過控制模組180直接檢閱系統110之處理效能與硬碟空間。如眾所了解,本發明之電子文件之資訊安全控管系統伺服系統110與用戶端130得包含處理器、記憶體、顯示單元、輸出入單元以及網路連結功能,此為一般電腦系統所應具備之單元,但為避免模糊焦點故不贅述,此應為了解該項技藝者所應了解。Specifically, the system 110 communicates with the control module 180 and the client 130 using TCP/UDP. In the preferred embodiment, the system 110 can mount a performance program and directly review the processing performance and the hard disk space of the system 110 through the control module 180. As is known, the information security control system servo system 110 and the user terminal 130 of the electronic file of the present invention include a processor, a memory, a display unit, an input/output unit, and a network connection function, which is a general computer system. It has a unit, but it should not be described in order to avoid blurring the focus. This should be understood by those who know the skill.

於較佳實施例中,本電子文件資訊安全控管系統110應用於一般企業之文件控管,依照操作電子文件之資訊安全控管系統之行為,其使用者可定義為為幾種類別: In the preferred embodiment, the electronic document information security control system 110 is applied to file management of a general enterprise. According to the behavior of the information security control system for operating the electronic file, the user can be defined into several categories:

1.系統管理者,透過控制模組180,負責操控整個電子文件資訊安全控管系統110,行使所有電子文件之資訊安全控管系統之功能。一般而言,系統管理者為MIS。 1. The system administrator, through the control module 180, is responsible for controlling the entire electronic document information security control system 110, and functions as an information security control system for all electronic files. In general, the system administrator is MIS.

2.文件作者,透過應用程式模組132,以其應用程式產生文件。於儲存文件時,其文件將被自動強制加密,並依其權限政策子資料庫144之政策規定,制定其文件使用權限。 2. The author of the file, through the application module 132, generates files with its application. When a file is stored, its file will be automatically forcibly encrypted, and its file usage rights will be established in accordance with the policy of its Permission Policy Sub-Database 144.

3.文件管理者,制定文件之權限政策與範本,透過控制模組180,能部份執行伺服系統功能。文件管理者本身亦可為文件作者。 3. The file manager, the authority policy and model for formulating the document, can partially perform the servo system function through the control module 180. The file manager itself can also be the author of the document.

4.企業員工,此類人員產生之文件不須加密,但依然受權限政策之控管。 4. Enterprise employees, the files generated by such personnel do not need to be encrypted, but they are still subject to the control of the authority policy.

5.一般人員,完全不受控管之人員,只能接收到無機密之公開文件。 5. General personnel, personnel who are completely uncontrolled, can only receive inorganic documents.

於較佳實施例,控制模組180可包含一網路(Web)介面之管理介面,由系統管理者或文件管理者操作,負責用戶端之帳號管理、制定文件政策或範本、批次加密文件、檢視用戶端與文件之紀錄等等功能。政策範本為定義文件的基本權限,並套用在群組或是個人。當一個文件產生時,安裝在用戶端130的應用程式模組132之程式會依儲存於用戶端130內部之權限政策主動設定其權限,不需文件作者再次指定權限。 In a preferred embodiment, the control module 180 can include a management interface of a web interface, which is operated by a system administrator or a file manager, and is responsible for account management, file policy or template, and batch encryption files of the client. , view the client and file records and other functions. The policy model is the basic authority for defining documents and is applied to groups or individuals. When a file is generated, the program installed in the application module 132 of the client 130 actively sets its permissions according to the permission policy stored in the client 130, without requiring the file author to specify the permission again.

用戶端130之使用者使用文件應用之軟體(例如美商微軟(Microsoft)公司所提供之Microsoft Office系列之軟體),需透過透明式加解密引擎處理,才能搜得檔案系統。其加密方式可為非對稱式的加密及對稱式的加密,而非對稱式的加密可以是公開金鑰(PKI)、RSA演算法及橢圓曲線密碼的其中之一;而對稱式的加密可以是Blowfish、Triple DES、DES、IDEA、RC5、CAST-128及RC2的其中之一。於較佳實施例,其加密之演算法採用進階加密標準(Advanced Encryption Standard,AES),且至少為256Bits之加密規格。The user of the client 130 uses the software of the file application (for example, the software of the Microsoft Office series provided by Microsoft), and needs to be processed by the transparent encryption and decryption engine to search the file system. The encryption method may be asymmetric encryption and symmetric encryption, and the non-symmetric encryption may be one of public key (PKI), RSA algorithm and elliptic curve cryptography; and symmetric encryption may be One of Blowfish, Triple DES, DES, IDEA, RC5, CAST-128, and RC2. In a preferred embodiment, the encryption algorithm uses an Advanced Encryption Standard (AES) and is at least 256 Bits encrypted.

參照第二圖,根據本發明之較佳實施例,為本發明之電子文件之資訊安全控管方法之流程圖。藉由一Client-Server架構,電子文件資訊安全控管系統得透過一網路介面120與複數個用戶端130通訊。其網路介面包括廣域網路(Wide Area Network,WAN)或區域網路(Local Area Network,LAN)形式之網路介面。Referring to the second figure, a flow chart of an information security control method for an electronic file according to the present invention is a preferred embodiment of the present invention. The electronic file information security control system communicates with a plurality of client terminals 130 through a network interface 120 by using a Client-Server architecture. The network interface includes a network interface in the form of a Wide Area Network (WAN) or a Local Area Network (LAN).

首先,具有應用程式模組132之用戶端130透過網路介面120,與本系統之伺服端110連線,並透過帳號子資料庫142以驗證其使用者身份(步驟S202)。First, the client 130 having the application module 132 is connected to the server 110 of the system through the network interface 120, and authenticates the user identity through the account sub-database 142 (step S202).

而後電子文件資訊安全控管系統110自帳號子資料庫142取得其用戶端之帳號資料供驗證模組170驗証(步驟S204)。更具體而言,電子文件資訊安全控管系統110可利用Microsoft所提供之Active Directory或自行建立帳號,以驗證每個用戶端130所登入之使用者身份。Then, the electronic file information security control system 110 obtains the account data of the user terminal from the account sub-database 142 for verification by the verification module 170 (step S204). More specifically, the electronic document information security control system 110 can utilize the Active Directory provided by Microsoft or create an account by itself to verify the identity of the user logged in by each client 130.

若用戶端130之身份驗證失敗,則用戶端130被歸類為一般人員,僅能接收無機密之公開文件,並無法讀取已加密設定之權限政策所列管之機密文件(步驟206)。於較佳實施例,本系統之加解密之方式為透明式加解密,透過加載於用戶端130之檔案系統(File System)之透明式加解密引擎對文件進行透明式加解密。用戶端130之使用者於文件操作過程只受到權限控管,並無任何察覺變動與不便之處,且不須再有任何設定。 If the identity verification of the client 130 fails, the client 130 is classified as a general person, can only receive the inorganic secret public file, and cannot read the confidential file of the encrypted policy listed in the encrypted policy (step 206). In a preferred embodiment, the encryption and decryption of the system is transparent encryption and decryption, and the file is transparently encrypted and decrypted by a transparent encryption/decryption engine loaded on the file system of the client 130. The user of the client 130 is only subject to the authority control during the file operation process, and there is no perceived change and inconvenience, and no further settings are required.

當用戶端130通過本系統110之驗證程序,透過帳號子資料庫142與權限政策子資料庫144之用戶資料,決定用戶端之權限,並處理文件權限政策與用戶端130之對應關係,傳送此用戶端130有關之政策權限資料至此用戶端130,供應用程式模組132使用,監測此用戶端130之權限。(步驟S208)。 When the client 130 passes the verification program of the system 110, the user data of the account sub-database 142 and the permission policy sub-database 144 is used to determine the authority of the user, and the correspondence between the file permission policy and the client 130 is transmitted. The policy authority information related to the client 130 is used by the client 130, and the application module 132 is used to monitor the authority of the client 130. (Step S208).

於較佳實施例,電子文件資訊安全控管系統110透過用戶端130之應用程式模組132,對於用戶端130之控管權限可包括但不限於:禁止用戶端130對文件之內容複製,且需定期清除剪貼簿所儲存之內容(Clipboard),並攔截拖曳與放下(Drag and Drop)功能;用戶端130須關閉鍵盤之Print Screen鍵功能,禁止列印螢幕資料(Print Screen);禁止用戶端130使用螢幕擷取(Screen Capture)功能,禁用相關抓圖程式;禁止用戶端130使用遠端監控程式自遠端電腦使用螢幕擷取功能,例如VM Wave與VNC等程式;若用戶端130所欲操作之文件之權限為唯讀,將禁止儲存與另存新檔功能;對於用戶端130使用列印之功能作管理,禁止用戶端130一般列印,需透過Printer Hook,以攔截列印動作;支援用戶端130離線管理方式;當用戶端130與電子文件資訊安全控管系統110連線時,電子文件資訊安全控管系統110可取得此用戶端之權限政策;可對用戶端130執行遠端部署;電子文件資訊安全控管系統110需能檢查用戶端130之時間期限,以避開用戶端130改變時間以規避本系統110之監控;文件檔案若可被複製,代表用戶端130處於離線狀態時,可修改文件檔案。In the preferred embodiment, the electronic file information security control system 110 passes through the application module 132 of the client 130, and the control authority for the client 130 may include, but is not limited to, prohibiting the user 130 from copying the content of the file, and It is necessary to periodically clear the contents of the scrapbook (Clipboard) and intercept the Drag and Drop function; the user 130 must turn off the Print Screen key function of the keyboard to prohibit printing of the screen (Print Screen); 130 uses the screen capture function to disable the related capture program; the user 130 is prohibited from using the remote monitor program to use the screen capture function from the remote computer, such as VM Wave and VNC; if the client 130 desires The permission of the file to be operated is read-only, and the function of saving and saving new files will be prohibited. For the user terminal 130 to use the printing function for management, the user terminal 130 is prohibited from printing generally, and the printer Hook is required to intercept the printing operation; The client 130 is offline management mode; when the client 130 is connected to the electronic document information security control system 110, the electronic file information security control system 110 can obtain this. The privilege policy of the client; the remote deployment can be performed on the client 130; the electronic file information security control system 110 needs to be able to check the time limit of the client 130 to avoid the user 130 changing the time to circumvent the monitoring of the system 110; If the file file can be copied, the file file can be modified when the client 130 is offline.

於較佳實施例,當用戶端130對一檔案執行一操作程序(步驟S210)。例如,用戶端130開啟任一電子文件檔案。則用戶端130之應用程式模組132將檢測用戶端130之操作程序,確認用戶端130之操作程序是否符合其權限政策,決定所允許之操作行為(步驟S212)。In the preferred embodiment, the client 130 performs an operation procedure on a file (step S210). For example, the client 130 opens any electronic file archive. Then, the application module 132 of the client 130 detects the operation program of the client 130, confirms whether the operation program of the client 130 conforms to its permission policy, and determines the allowed operation behavior (step S212).

經應用程式模組132檢測後,若用戶端130並無權限對此文件執行操作程序,則其文件之密文檔(Ciphertext)無法解密,用戶端130無法對其文件執行操作程序(步驟214);若用戶端130有權限對此文件進行操作之程序,則透過加解密模組134解密其文件之密文檔為明文檔(Plaintext)(步驟S216)。After the application module 132 detects, if the client 130 does not have permission to execute an operation program on the file, the Ciphertext of the file cannot be decrypted, and the client 130 cannot execute an operation program on the file (step 214); If the client 130 has the right to operate the file, the encrypted document of the file is decrypted by the encryption and decryption module 134 as a plaintext (step S216).

用戶端130執行操作程序並儲存後,加解密模組134將將自動於用戶端130佈署之透明式加解密引擎,強制對修改後之文件自動加密(步驟S218)。最後,用戶端130將其文件之資訊儲存至電子文件資訊安全控管系統110之紀錄資料庫146(步驟S220)。其資訊例如文件之身份證明(ID)、Header Key、存檔時間等等。After the client 130 executes the operating program and stores it, the encryption and decryption module 134 will automatically encrypt the modified file by the transparent encryption/decryption engine deployed automatically by the client 130 (step S218). Finally, the client 130 stores the information of its file to the record database 146 of the electronic document information security control system 110 (step S220). Information such as document identification (ID), Header Key, archive time, and so on.

對熟悉此領域技藝者,本發明雖以較佳實例闡明如上,然其並非用以限定本發明之精神。在不脫離本發明之精神與範圍內所作之修改與類似的配置,均應包含在下述之申請專利範圍內,此範圍應覆蓋所有類似修改與類似結構,且應做最寬廣的詮釋。The present invention has been described above by way of a preferred example, and is not intended to limit the spirit of the invention. Modifications and similar configurations made within the spirit and scope of the invention are intended to be included within the scope of the appended claims.

舉例而言,本發明提及之控制模組、解密模組或應用程式模組,雖以較佳實例闡明如上,惟上述部分元件可能有其他的選擇名稱。再者,各種相同功能的元件可以相互代替。上述之與其較佳實施例所揭露其他變化與修改,並不違背本發明之範圍與精神。For example, the control module, the decryption module or the application module mentioned in the present invention is exemplified above by preferred examples, but some of the above components may have other selected names. Furthermore, various components of the same function can be substituted for each other. Other variations and modifications of the above-described preferred embodiments are not intended to be exhaustive.

100...電子文件資訊安全控管系統之架構圖100. . . Architecture diagram of electronic document information security control system

110...電子文件資訊安全控管系統110. . . Electronic document information security control system

120...網路介面120. . . Network interface

130...用戶端130. . . user terminal

140...資料庫模組140. . . Database module

142...帳號子資料庫142. . . Account subdatabase

144...權限政策子資料庫144. . . Permission policy sub-database

146...記錄子資料庫146. . . Record subdatabase

132...應用程式模組132. . . Application module

134...加解密模組134. . . Add and decrypt module

170...驗證模組170. . . Verification module

180...控制模組180. . . Control module

步驟...S202、S204、S206、S208、S210、S212、S214S216、S218、S220step. . . S202, S204, S206, S208, S210, S212, S214S216, S218, S220

為了更完整了解本發明及其優點,以上已參考詳細說明且配合附圖,其中相同數字表示相同元件,其中:第一圖根據本發明之較佳實施例,為本發明之電子文件之資訊安全控管系統之架構圖。For a more complete understanding of the present invention and its advantages, the same referenced The architecture diagram of the control system.

第二圖,根據本發明之較佳實施例,為本發明之電子文件之資訊安全控管方法之流程圖。The second embodiment is a flowchart of an information security control method for an electronic file according to the present invention.

步驟...S202、S204、S206、S208、S210、S212、S214、S216、S218、S220step. . . S202, S204, S206, S208, S210, S212, S214, S216, S218, S220

Claims (15)

一種電子文件之資訊安全控管系統,為一Client-Server架構,一伺服端得透過一網路介面與複數個用戶端通訊,該電子文件之資訊安全控管系統包含:一控制模組,係安裝於該伺服端,以控制、執行該電子文件之資訊安全之權限功能與程序;一驗證模組,係安裝於該伺服端並耦合於該控制模組,以驗證該複數個用戶端權限;一資料庫模組,係安裝於該伺服端並耦合至該控制模組,至少儲存該電子文件之資訊安全之權限資料,其中該資料庫模組更包含:一帳號子資料庫,儲存該電子文件之資訊安全控管系統之該複數個用戶端之資料,該控制模組自該帳號子資料庫之資料提供予該驗證模組驗證;一權限政策(Policy)子資料庫,儲存該複數個用戶端之權限資訊,以及電子文件之權限資訊,並依據不同身分之該複數個用戶端設定不同之權限政策內容,該權限政策內容係包含各種用戶端可執行之操作程序;一紀錄子資料庫,儲存該用戶端與該使用者之使用紀錄資料與一文件之使用紀錄資料;其中於該複數個用戶端資料通過該驗證模組之驗證並下載檔案完成後,該控制模組才傳送依據各該用戶端之不同身分別設定之該權限政策,至各該用戶端,以控管不同類型之各該用戶端對文件或程序可行使之權限;以 及一應用程序模組,安裝於該複數個用戶端,提供該複數個用戶端應用程序,該應用程序模組將依據分別安裝於各該用戶端之該權限政策,檢測各該用戶端之毎一操作程序,以確認並控管各該用戶端之毎一操作程序符合該權限政策。 An information security control system for an electronic file is a Client-Server architecture. A server communicates with a plurality of clients through a network interface. The information security control system of the electronic file includes: a control module. Installed on the server to control and execute the information security permission function and program of the electronic file; a verification module is installed on the server and coupled to the control module to verify the plurality of user rights; A database module is installed on the server and coupled to the control module to store at least the information security authority data of the electronic file, wherein the database module further comprises: an account sub-database for storing the electronic The information of the plurality of client terminals of the information security control system of the file, the control module provides the verification module verification data from the account sub-database, and a policy sub-database stores the plurality of Permission information of the user side, and permission information of the electronic file, and different permission policy contents are set according to the plurality of users of different identity, the permission policy The system includes various operating programs executable by the client; a record sub-database stores the usage record data of the user terminal and the user and the usage record data of a file; wherein the plurality of client data passes the verification mode After the verification of the group and the downloading of the file are completed, the control module transmits the permission policy respectively set according to different bodies of the user, to each of the user terminals, to control different types of the client-side files or programs. Exercisable authority; And an application module, installed in the plurality of client terminals, providing the plurality of client applications, and the application module detects each of the user terminals according to the permission policy respectively installed on each of the user terminals An operating procedure to confirm and control each of the user-side operating procedures conforms to the rights policy. 如申請專利範圍第1項之電子文件之資訊安全控管系統,其中更包括一加解密模組,安裝於該複數個用戶端,透過該系統之該權限政策,使用透明式加解密方式,執行於該用戶端。 For example, the information security control system of the electronic file of claim 1 includes an encryption and decryption module installed on the plurality of users, and the transparent encryption and decryption method is used to execute the permission policy of the system. At the user end. 如申請專利範圍第2項之電子文件之資訊安全控管系統,其中所述之該加解密模組之加解密方式可包括公開金鑰(PKI)、RSA演算法、橢圓曲線密碼、Blowfish、Triple DES、DES、IDEA、RC5、CAST-128、RC2或進階加密標準(Advanced Encryption Standard,AES)。 For example, the information security control system of the electronic file of claim 2, wherein the encryption and decryption mode of the encryption and decryption module may include public key (PKI), RSA algorithm, elliptic curve password, Blowfish, Triple DES, DES, IDEA, RC5, CAST-128, RC2 or Advanced Encryption Standard (AES). 如申請專利範圍第1項之電子文件之資訊安全控管系統,其中所述之網路介面包括一廣域網路(Wide Area Network,WAN)介面或區域網路(Local Area Network,LAN)介面。 For example, the information security control system of the electronic file of claim 1 is characterized in that the network interface includes a Wide Area Network (WAN) interface or a Local Area Network (LAN) interface. 如申請專利範圍第1項之電子文件之資訊安全控管系 統,其中所述之控制模組可為一網路(Web)介面之管理介面,該管理介面得執行包含用戶端之帳號管理、制定文件政策或範本、批次加密文件、檢視用戶端或文件紀錄功能。 For example, the information security control system of the electronic document in the first application of the patent scope The control module can be a management interface of a web interface, and the management interface must perform account management including user terminals, formulating file policies or templates, batch encrypting files, viewing clients or files. Record function. 如申請專利範圍第1項之電子文件之資訊安全控管系統其中更包括處理器單元、記憶體單元、顯示單元、輸出入單元以及網路連結單元。 The information security control system of the electronic document of claim 1 further includes a processor unit, a memory unit, a display unit, an input/output unit, and a network connection unit. 一種電子文件之資訊安全控管方法,藉由一Client-Server架構,一伺服端得透過一網路介面與複數個用戶端通訊,包含:該複數個用戶端個別透過該網路介面連線至該伺服端;該伺服端驗證該每一個連線至該伺服端之該複數個用戶端身分;通過身分驗證之該用戶端,係透過該網路接口從該伺服端下載一電子文件;依據各該用戶端之身分類型,傳送一權限政策至各該用戶端,該權限政策係由該伺服端事先針對該複數個用戶端之不同身分類型,制定對該電子文件的使用權限,不同身分類型之各該用戶端的該權限政策內容不同,該權限政策包含各種對該電子文件之操作程序,用以控管不同類型之用戶端對文件或程序可行使之權限;透過一安裝於該用戶端之應用程式模組,並依照該權限 政策監控各該用戶端;各該用戶端對該電子文件檔執行一操作程序;透過該應用程序模組確認該操作程序是否符合該權限政策,其中該應用程序模組將確認各該用戶端之每一操作程序是否符合該權限政策;於該每一個用戶端完成該操作程序後,藉由各該用戶端之加解密模組自動加密該電子文件;以及傳送該電子文件之紀錄資料至該伺服端。 An information security control method for an electronic file, wherein a server communicates with a plurality of clients through a network interface by using a client-server architecture, including: the plurality of client terminals are individually connected to the network interface through the network interface The server end verifies the plurality of user terminals that are connected to the server by the server; the user terminal that is authenticated by the identity downloads an electronic file from the server through the network interface; The identity type of the user end transmits a permission policy to each of the user terminals, and the permission policy is to use the server to determine the usage rights of the electronic file for different identity types of the plurality of user terminals in advance, and different identity types Each of the user terminals has different content of the permission policy, and the permission policy includes various operating procedures for the electronic file, and is used to control the permissions of different types of clients on the file or the program; through an application installed on the user end Program module and follow this permission The policy monitors each of the user terminals; each of the user terminals executes an operation program for the electronic file file; and the application module confirms whether the operation program conforms to the permission policy, wherein the application module confirms each of the user terminals Whether each operating program conforms to the permission policy; after each user terminal completes the operating procedure, the electronic file is automatically encrypted by the encryption and decryption module of each user terminal; and the record data of the electronic file is transmitted to the servo file end. 如申請專利範圍第7項之電子文件之資訊安全控管方法,其中所述之驗證該每一個連線至該伺服端之用戶端身分,可包含一Microsoft所提供之Active Directory或自行建立帳號,以驗證每個用戶端所登入之使用者身份。 For example, the information security control method of the electronic file of claim 7 of the patent scope, wherein the verification of the identity of each user terminal connected to the server may include an Active Directory provided by Microsoft or an account established by itself. To verify the identity of the user logged in by each client. 如申請專利範圍第7項之電子文件之資訊安全控管方法,其中所述之驗證該每一個連線至該伺服端之用戶端身分,若該用戶端之身分驗證失敗,則該用戶端無法讀取經由該權限政策所列管之文件。 For example, the information security control method of the electronic file of claim 7 of the patent scope, wherein the verification is performed on each user end connected to the server, and if the identity verification of the user terminal fails, the user terminal cannot Read the files that are listed through the permissions policy. 如申請專利範圍第7項之電子文件之資訊安全控管方法,其中該應用程式模組依照該權限政策監控該用戶端之操作程序更包含:禁止該用戶端對文件之內容複製,且需定期清除剪貼簿所儲存之內容(Clipboard),並攔截 拖曳與放下(Drag and Drop)功能、禁止該用戶端列印螢幕資料,該用戶端須關閉鍵盤之螢幕列印(Print Screen)鍵功能、禁止該用戶端使用螢幕擷取(Screen Capture)功能,或禁用相關抓圖程式;禁止該用戶端使用遠端監控程式自遠端電腦使用螢幕擷取功能、禁止該用戶端使用儲存或另存新檔功能,該用戶端所欲操作之文件之權限為唯讀、禁止該用戶端使用一般列印之功能,需透過Printer Hook,以攔截列印動作、禁止該用戶端改變時間期限,該應用程式模組可檢查該用戶端之時間期限,以避開該用戶端改變時間以規避監控。 For example, the information security control method of the electronic file of claim 7 is applicable, wherein the application module monitors the operation program of the client according to the permission policy, and further includes: prohibiting the user from copying the content of the file, and periodically Clear the contents of the scrapbook (Clipboard) and block The drag and drop function prohibits the user from printing the screen data. The user must turn off the screen print function of the keyboard and prohibit the user from using the screen capture function. Or disable the related capture program; prohibit the user from using the remote monitoring program to use the screen capture function from the remote computer, prohibit the user from using the save or save the new file function, and the permission of the file to be operated by the user terminal is only Read and prohibit the user from using the general printing function, through the Printer Hook, to intercept the printing action, prohibit the user to change the time limit, the application module can check the time limit of the user to avoid the The client changes the time to evade monitoring. 如申請專利範圍第7項之電子文件之資訊安全控管方法,其中所述之於該用戶端完成該操作程序後,自動加密該文件檔,其加密方式包括一透明式加密方式。 For example, in the information security control method of the electronic file of claim 7, wherein each of the user terminals completes the operation program, the file file is automatically encrypted, and the encryption method includes a transparent encryption method. 如申請專利範圍第7項之電子文件之資訊安全控管方法,其中所述之於各該用戶端完成該操作程序後,自動加密該文件檔,其加密之方式包括公開金鑰(PKI)、RSA演算法、橢圓曲線密碼、Blowfish、Triple DES、DES、IDEA、RC5、CAST-128、RC2或進階加密標準(Advanced Encryption Standard,AES)。 For example, in the information security control method of the electronic file of claim 7, wherein each of the user terminals completes the operation program, the file is automatically encrypted, and the encryption method includes a public key (PKI), RSA algorithm, elliptic curve cryptography, Blowfish, Triple DES, DES, IDEA, RC5, CAST-128, RC2 or Advanced Encryption Standard (AES). 如申請專利範圍第7項之電子文件之資訊安全控管方法,其中所述之網路介面包括廣域網路(Wide Area Network,WAN)介面或區域網路(Local Area Network,LAN)介面。 For example, the information security control method of the electronic file of claim 7 of the patent scope, wherein the network interface includes a wide area network (Wide Area) Network, WAN) interface or Local Area Network (LAN) interface. 如申請專利範圍第7項之電子文件之資訊安全控管方法,其中更包含若該用戶端並無該權限政策執行該操作程序,則該用戶端無法解密該文件之密文檔(Ciphertext),該用戶端無法對該文件執行該操作程序。 For example, the information security control method of the electronic file of claim 7 includes, if the client does not have the permission policy to execute the operation procedure, the client cannot decrypt the secret document (Ciphertext) of the file, The client cannot execute the operation on the file. 如申請專利範圍第7項之電子文件之資訊安全控管方法,其中更包含若各該用戶端具有該權限政策對該電子文件進行該操作程序,則透過該加解密模組解密該電子文件之密文檔為明文檔(Plaintext)。For example, the information security control method of the electronic file of claim 7 includes, if the user has the permission policy to perform the operation procedure on the electronic file, decrypting the electronic file through the encryption and decryption module. The secret document is a plaintext (Plaintext).
TW096100738A 2007-01-08 2007-01-08 Information security management system and method for electronic document TWI573079B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW096100738A TWI573079B (en) 2007-01-08 2007-01-08 Information security management system and method for electronic document

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW096100738A TWI573079B (en) 2007-01-08 2007-01-08 Information security management system and method for electronic document

Publications (2)

Publication Number Publication Date
TW200830200A TW200830200A (en) 2008-07-16
TWI573079B true TWI573079B (en) 2017-03-01

Family

ID=44818248

Family Applications (1)

Application Number Title Priority Date Filing Date
TW096100738A TWI573079B (en) 2007-01-08 2007-01-08 Information security management system and method for electronic document

Country Status (1)

Country Link
TW (1) TWI573079B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI412950B (en) * 2009-06-29 2013-10-21 Hon Hai Prec Ind Co Ltd Document protection system and method thereof
TWI422204B (en) * 2011-07-06 2014-01-01 Univ Nat Sun Yat Sen Rc5 encryption/decryption algorithm circuit
US10291658B2 (en) 2011-11-09 2019-05-14 Microsoft Technology Licensing, Llc Techniques to apply and share remote policies on mobile devices
TWI574174B (en) * 2012-08-03 2017-03-11 優碩股份有限公司 System and method for automatically setting authority of electronic document
US9117086B2 (en) * 2013-08-28 2015-08-25 Seagate Technology Llc Virtual bands concentration for self encrypting drives
TWI497458B (en) * 2013-09-11 2015-08-21 Grand Mate Co Ltd Method of data extraction of household appliances

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000060503A1 (en) * 1999-04-07 2000-10-12 Critical Path Inc. Apparatus and methods for use of access tokens in an internet document management system
TWI237178B (en) * 2003-07-30 2005-08-01 Fineart Technology Co Ltd A encryption system and method of securing internal business data

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000060503A1 (en) * 1999-04-07 2000-10-12 Critical Path Inc. Apparatus and methods for use of access tokens in an internet document management system
TWI237178B (en) * 2003-07-30 2005-08-01 Fineart Technology Co Ltd A encryption system and method of securing internal business data

Also Published As

Publication number Publication date
TW200830200A (en) 2008-07-16

Similar Documents

Publication Publication Date Title
US7921450B1 (en) Security system using indirect key generation from access rules and methods therefor
US8006280B1 (en) Security system for generating keys from access rules in a decentralized manner and methods therefor
USRE41186E1 (en) Method of encrypting information for remote access while maintaining access control
EP3192002B1 (en) Preserving data protection with policy
US7565683B1 (en) Method and system for implementing changes to security policies in a distributed security system
JP4667361B2 (en) Adaptive transparent encryption
US8613102B2 (en) Method and system for providing document retention using cryptography
KR101522445B1 (en) Client computer for protecting confidential file, server computer therefor, method therefor, and computer program
US20050154885A1 (en) Electronic data security system and method
EP1320018A2 (en) Guaranteed delivery of changes to security policies in a distributed system
US10164980B1 (en) Method and apparatus for sharing data from a secured environment
US20230025052A1 (en) Method and system for securing data
CN101098224B (en) Method for encrypting/deciphering dynamically data file
US11295029B1 (en) Computer file security using extended metadata
TWI573079B (en) Information security management system and method for electronic document
RU2546585C2 (en) System and method of providing application access rights to computer files
JP2006260027A (en) Quarantine system, and quarantine method using vpn and firewall
RU2573785C2 (en) System and method for applying file access rules during transfer thereof between computers
TWI381285B (en) Rights management system for electronic files
EP2790123B1 (en) Generating A Data Audit Trail For Cross Perimeter Data Transfer
KR20090027946A (en) System for managing information resources
JP2010092288A (en) File management method, management terminal, information processing terminal, file management system, and file management program
TW200830112A (en) Information security management method for immediate communication
JP2006139475A (en) Secret information protection system for existing application
de Vries A Corsaire White Paper: Securing Mac OS X