APPARATUS AND METHOD FOR PROTECTING RESOURCE OF INTELLECTUAL PROPERTY AND INFORMATION SYSTEM USING ACTIVE
RESOURCE PROTECTION AGENT
Technical Field
The present invention relates to a method and apparatus for protecting an intellectual property and a resource of information system and a computer-readable recording medium storing instructions for embodying the method; and, more particularly, to the method and apparatus for protecting digital contents of a intellectual property and information system in electric commerce on computer information network, by using an active resource protection agent.
Background Art
As currently using information protection technologies are an encryption technology and a digital watermarking technology. The encryption technology encrypts original data to scrambled data with encryption key base on cryptography and the digital watermarking technology detects unauthorized duplication by adding a watermark in original data.
However, above-mentioned technologies have limitations to apply. Applying above-mentioned technologies are limited by a scope of resources and an environment of resources (one-line/off-line). Also, with above-mentioned technologies, it is impossible to gain necessary information automatically for proving infringement of intellectual property and unauthorized duplication such as number of duplication, quantity of unauthorized access, or location of unauthorized access. Specially, in case of encryption technology, encrypting large volume of digital contents takes huge amount of time. It is also another
distribution. The digital watermarking technology is the one of widely using contents protection technologies and it also has similar limitations to apply.
Disclosure of Invention
It is, therefore, an object of the present invention to provide a method and apparatus for preventing fundamentally from infringing on an intellectual property by using an active resource protection agent as detecting an infringement of the intellectual property and maintaining necessary record data of an unauthorized access to digital contents of a computer system and resources of an information system including active and passive resources for proving the infringement of intellectual property when a system is on-line or off-line.
It is another object of the present invention to provide a computer-readable recording medium storing instructions for embodying the method. An apparatus for protecting passive resources including a file, a directory, a memory and a port and active resources including a process and a thread in an system comprises; a provision unit for providing a class of resources as an object of protecting and protection conditions of the resource; a selection unit for, in response to a user's request, selecting resources to be protected and protection conditions for the selected resources; a combination unit for combining the selected resources and the selected protection conditions received from said selection unit; a first monitoring unit for monitoring dynamically the resources by receiving the selected resource and the protection condition from said combination unit through the Network, determining a protection operation base on said selected resource and said protection condition, and selecting necessary components for said protection operation; and a first
analysis unit for analyzing a result of monitoring and protecting resources inputted from said monitoring unit through the Network.
And, in a method for protecting passive resources including a file, a directory, a memory, and a port and active resources including a process and a thread when the system is on-line or off-line, the method comprises steps of; selecting and providing objects of protecting resources and protection conditions to an active resource protection agent; monitoring and protecting resources dynamically by active resource protection agent's operation, herein said operation is determining an operation for protecting selected resources base on said objects of protecting resources and protection conditions, and selecting necessary components for said operation? and managing record data of infringement of an intellectual property (unauthorized duplication) or unauthorized access to resources of the information system when a system is online or off-line by generating, renewing and managing a statistics information of protecting an intellectual property and the resource automatically base on results of said monitoring and protecting step.
Also, in a computing system with a processor, the present invention provides a computer-readable recording medium storing instructions for embodying functions for; selecting and providing objects of protecting resources and protection conditions to an active resource protection agent; monitoring and protecting resources dynamically by active resource protection agent's operation, herein said operation is determining an operation for protecting selected resources base on said objects of protecting resources and protection conditions, and selecting necessary components for said operation; and managing record data of infringement of an intellectual property (unauthorized duplication) or unauthorized access to resources of the information system when a system is on-
line or off-line by generating, renewing and managing a statistics information of protecting an intellectual property and the resource automatically base on results of said monitoring and protecting step.
Brief Description of Drawings
The above and other objects and features of the present invention will become apparent from the following description of the preferred embodiments given in conjunction with the accompanying drawings, in which:
Fig. 1 is a diagram of the apparatus for protecting an intellectual property and resource of an information system, in accordance with an embodiment of the present invention;
Fig. 2 illustrates objects of protecting resources in the Adaptive Mission Control Agent 11 in accordance with an embodiment of the present invention;
Fig. 3 is a detailed diagram for embodiment of an Active Resource Protection Agent, in accordance with preferred embodiment of the present invention;
Fig. 4 illustrates correlation between a Mission controller 34 and a System 40 in accordance with preferred embodiment of the present invention; Fig. 5 is a detailed diagram for a Components Unit in accordance of preferred embodiment of the present invention;
Fig. 6 is a flowchart of a method for protecting resources of an intellectual property and an information system in accordance of preferred embodiment of the present invention.
Best Mode for Carrying Out the Invention
The present invention relates to an Active Resource Protection Agent, which is a program or a software code,
embodying dynamic protecting techniques for protecting active resources including a file, a directory, a port, and a memory and passive resources including a process and a thread of a computer system and information system. The Active Resource Protection Agent is a software code including an adaptive agent technique and an active agent mission control technique for protecting fundamentally digital contents, active resources and passive resources of a computer system and information system operating for distributing digital contents from unauthorized access including hacking and virus of contents, when the system is on-line or off-line on the Network. As blocking dynamically unauthorized accessing and using of information resources such as multimedia digital contents of intellectual property and resources including a computer, a communication port, a process, and a thread, it is also applicable to extirpate hacking and computer virus.
For applying above-mentioned techniques, the present invention applies digital contents including variety multimedia data, active resources including a file, a directory, a port and a memory, and passive resource including a process and a thread on connected computer systems and information system with the Network as an object of protecting resource by embodying techniques for modifying dynamically protection condition of a resource, Mission Control technique and Adaptive Agent technique, as a software code.
As a result of embodying above-mentioned techniques, the present invention can select objects of protecting resources and protection conditions actively and monitor selected resources by dispatching the agent to on-lined or off-lined system. Also, agent can be assigned another operation dynamically after reporting a result of monitoring resources. At this point of the present invention, the present invention is a protection technique for protecting
resources of an intellectual property and information system base on the active agent. And, the present invention not only maintains and manages an elementary record such as number of times infringement, criterion of infringement, scope of infringement, location of infringement, time of infringement, and contents of infringement but also providing a technique for making detecting infringement and maintaining the record of infringement possible when a system is on-line or off-line. The present invention is applicable to business of protecting digital contents and distributing digital contents. And it is also applicable to construct information protecting system for an organization and institution. Also, it could be used as protection technique for preventing infringement of intellectual property fundamentally by adding the technique as basic function to a word editor or multimedia authoring tool. Since the present invention is applicable to not only digital contents but also resources of an information system, it also could be used for detecting a hacker and a virus.
Other objects and aspects of the invention will become apparent from the following description of the embodiments with reference to the accompanying drawings, which is set forth hereinafter. Fig. 1 is a diagram of the apparatus for protecting resources of an intellectual property and information system, in accordance with an embodiment of the present invention. In the diagram, reference numerals 10, 11, 12 13, 14, 15 and 20 denote an Active Resource Protection Agent (ARPA) Center, an adaptive mission control agent, a mission selector, a mission mixer, a result analyzer, a network transceiver and a Network, respectively. And, reference numerals 30-1 to 30-N denote Active Resource Protection Agents. As shown Fig. 1, In an apparatus for protecting passive resources including a file, a directory, a memory,
a port and active resources including a process and a thread when a system is on-line or off-line an apparatus for protecting resources of an intellectual property and information system in accordance with an embodiment of the present invention is including; the Adaptive Mission Control Agent 11 for providing objects of protecting resources and protection conditions; The Mission Selector 12 for selecting , upon user's resource protecting request, a corresponding resource and protection condition among provided resources at the Mission Control Agent 11 from user; the Mission Combiner 11 for combining selected corresponding resources and protection conditions from the Mission Selector 12; the Active Resource Protection Agent 30-1 ... 30-N for receiving combined corresponding resources and protection conditions from the Mission Combiner 13 through the Network 20, determining protection operation base on corresponding resources and protection conditions, selecting necessary components, and protecting and monitoring dynamically corresponding resources through selected components; the Result Analyzer 14 for managing record data of infringement of intellectual property(unauthorized duplication) and unauthorized access when a system is on-line or off-line as analyzing received monitoring result of the Active Resource Protection Agent 30-1 ... 30-N through the Network 20.
The Active Resources Protection Agent Center 10 is consisted with the Adaptive Mission Control 11, the Mission Selector 12, the Mission Combiner 13, the Result Analyzer 14, and the Network Transceiver 15. The Active Resources Protection Agent Center 10 assigns a mission to the Active Resources Protection Agent 30-1 ... 30-N located on each system through the Network 20 and reassigns a new mission again after analyzing result of assigned mission. The resource monitoring steps of said Active Resource Protection Agent 30-1 ... 30-N will be described later on Fig.
3. in detail.
The function of elements of Active Resource Protection Agent Center 10 is as follows.
The Adaptive Mission Control Agent 11 provides objects of protecting resources and protection conditions. The Mission Selector 12 selects individually object of protecting resources and protection conditions provided from the Adaptive Mission Control Agent 11.
The mission Combiner 13 individually combines missions selected from the Mission Selector 12. The Result Analyzer 13 analyzes a result of protecting resources reported from the Active Resource Protection Agent 30-1 ... 30-N.
Now, protecting resources step in the Active Resource Protection Agent Center 10 will be described in detail. The Mission Selector 12 selects resource and protection condition in the Adaptive Mission Control Agent
11 and the Mission Combiner 13 combines selected conditions and resources. At this point, combined mission passes to the Active Resource Protection Agents 30-1 ... 30-N through the Network Transceiver 10 with on-line.
After that, information from the Active Resource Protection Agents 30-1 ... 30-N passes to the Result Analyzer 14 through the Network Transceiver 15 again and the Result Analyzer 14 assigns a next mission to each Active Resource Protection Agents 30-1 ... 30-N, or records a result on the Active Resource Protection Agent Center 10.
Fig. 2 shows selectable objects of protecting resources and protection condition by the Mission Selector
12 at the Adaptive Mission Control Agent 11 in said Active Resource Protection Agent Center 10.
As shown Fig. 2, among objects of protecting resources selectable by the Mission Selector 12 from the Adaptive
Mission Control Agent 11 is a Name of Resource 111. The
Name of Resources 111 comprises passive resources including a file, a directory, a port and a memory and active resources including a process and a thread in detail.
On the other side, an Identification 112 is a list of protection condition of resources and it includes a user ID, an IP address, a Range of Address and a host ID.
Also, a Number of counts 113 is one of the list of protection condition of resources and it includes a read count, write count, and install count.
A Hierarchy 14 is a list for setting up roll and responsibility.
Fig. 3 is a detailed diagram for embodiment of the Active Resource Protection Agent, in the apparatus for protecting intellectual property and information system, in accordance with preferred embodiment of the present invention. In Fig. 3, reference numerals 31, 32, 34, 35 and 40 denote a Network transceiver, a Result Analyzer, a Mission controller, a Components Unit and a System (also referred as a hard ware (HW) platform), respectively.
As shown Fig. 3, The Active Resource Protection Agent 30-1 ... 30-N comprises; The Network Transceiver 31 for receiving combined corresponding resources and protection condition from the Mission Mixer 13 in the Active Resource Protection Agent Center 10 through the Network 20: The Mission Analyzer 33 for analyzing corresponding resource and protection condition: the Mission controller 34 for determining a operation for protecting corresponding resource base on analyzed result of the Mission Analyzer 33: the Components Unit 35 for protecting and monitoring dynamically corresponding resources through selected components by selecting necessary components for operation determined at the mission controller 34: and the result analyzer 32 for analyzing result of monitoring corresponding resource at the Component Unit 35.
The Active Resource Protection Agent 30-1 ... 30-N secures and monitors resources when a system is on-line or off-line. The Active Resource Protection Agent 30-1 ... 30-N is operated base on information of protecting resources and
missions received from the Active Resource Protection Agent Center 10. When the information is received through the Network Transceiver 31, the Mission Analyzer 33 analyzes the received information and necessary operations for missions determined in the Mission controller 34 based on an analysis of the Mission Analyzer 33. At this point, determined necessary operations are transmitted to the Components Unit 35 and necessary components or modules are selected for performing the necessary operation. After that, resources of the System 40 are being monitored and protected and a result of monitoring and protecting is saved on the system. Before storing the result, it is transmitted to the Result Analyzer 32 and analyzed for violation of conditions and frequency of usage. Fig. 4 illustrates correlation between a Mission controller 34 and a System 40 in accordance with preferred embodiment of the present invention and it shows operations for protecting resources between the Mission 34 and the system 40. As shown Fig. 4, the Mission controller 34 comprises a Black List Reporter 341, a Violation Record Writer 342, a Caution/Warning 343, a Recovery 344, a Tracking/Monitoring 345, and a Registration/Calculation 346. And, a System 40 is consisted with a System Resource 41, a Black list 42, an Access history 43, and a Resource Registry 44.
The Mission controller 34 determines necessary operations base on information and protection condition analyzed by the Mission Analyzer 33.
At this point, the Blacklist Reporter 341 is an operation for managing information of frequently accessed resources on the system 40 of the dispatched Active Resource Protection Agent and information of the System 40 separately.
The Violation Record Writer 342 is an operation for all activities of violation of protection conditions.
The Caution/Warning 343 is a message for warning a
user before taking out user's right of usage when a protection condition of corresponding resource exceeds to a certain limit.
The Recovery 344 is an operation for recovering automatically when finding an unexpected fault from forced closed resources.
The Tracking/Monitoring 345 is the most important and fundamental operation of the Active Resource Protection
Agent 30. It secures resources base on protection conditions and monitors usage of resources for violation of protection condition.
The Registration/Calculation 346 is an operation for registering new added operation and calculating user's violation of protection condition. The System Resource 41 of the System 40 is a resource, which is object to be protected by the Active Resource
Protection Agent 30.
The Blacklist 42 is a same operation as the operation of said Blacklist Reporter 341. The Access history 43 is a file for said Violation
Record Writer 342.
Fig. 5 is a detailed diagram for the Components Unit in accordance of preferred embodiment of the present invention. In Fig 5., reference numerals 351, 352, 353, 354 and 355 denote a Request Operation Analyzer, a File System
Hooking Module, a Memory Monitoring Module, a Process
Controlling Module and a Module Unit, respectively.
If the Mission Selector 34 selects an operation for protecting resources, then the Components Unit 35 determines and composes a necessary component or module for the operation.
As shown Fig 5., the Components Unit 35 comprises the
Request Operation Analyzer 351, the File System Hooking
Module 352, the Memory Monitoring Module 353, the Process Controlling Module 354, and the Module Unit 355.
When the Request Operation Analyzer 351 in the
Components Unit 35 receives selected operations from the
Mission controller 351, the Request Operation Analyzer 351 determines necessary modules for received operations.
The File System Hooking Module 352 is a necessary component for performing operation of protecting resource of file system such as a file or a directory.
The Memory Monitoring Module 352 is a necessary module for protecting and monitoring unauthorized access from outside such as a virus. The Process Controlling Module 354 is used for protecting and monitoring executing processes and threads in the System 40.
When above-mentioned modules (352 , 353,or354 ) are selected, the Module Unit 355 organizes above-mentioned modules ( 352 , 353,or354 ) for performing operation at the same time.
Fig. 6 is a flowchart of a method for protecting resources of intellectual property and information system in accordance of preferred embodiment of the present invention.
As shown Fig. 6, the method for protecting resources of intellectual property and information system in accordance of preferred embodiment of the present invention is as follows. After selecting a resource for protecting and protection condition at the Active Resource Protection
Center 10 and transmitting the resource and protection condition to the Active Resource Protection Agent 30-1 ...
30-N (601), the Active Resource Protection Agent 10 starts monitoring corresponding resources 602. During monitoring resources, the Active Resource Protection Agent 30 reports results of monitoring resources to the Active Resource
Protection Agent Center 10 603:
Since then, the Active Resource Protection Agent Center 10 modifies dynamically protection operations again and maintains protection operations base on reported result
604 .
As described above, Active Resource Protection Agents 30-1 ... 30-N receives necessary protection conditions by an active mission controlling function. Base on received protection conditions from the mission selector 12, Active Resource Protection Agents combine necessary components for protecting resources and agents are composed for dispatching and performing necessary operations. After necessary operations are performed by Active Resource Protection Agents 30-1 ... 30-N, statistics information about protecting intellectual property and resource is generated, modified and managed automatically. By using above- mentioned Active Resource Protection Agents of the present invention, the present invention can manage record of unauthorized access to resources and infringement of intellectual property (unauthorized duplication) when a system is on-line and off-line.
As described above, objects of protecting resources and protection conditions are selected and transmitted to an agent. The agent monitors and secures dynamically corresponding resources base on selected resources and protection conditions in a system. By using above-mentioned agent, the present invention can prevent unauthorized usage of resource fundamentally. Therefore, protecting intellectual property can be achieved by the present invention.