In recent years, the necessity for carefully controlling access to computer resources has been increasing in order to enhance compliance and protect personal information. Hence, various methods have been put into practical use to control accesses to a file including confidential information and to control a flow of confidential information transmitted via clipboards or interprocess communications.
However, the security of information on a screen, which is a final output device of information, cannot be effectively managed by simply controlling access rights to a file and information on a clipboard.
More precisely, even if an access right to a file itself including confidential information is set, an absence of a secure method for protecting image data outputted to a screen allows the data, including the confidential information on the screen to be freely read from any process.
Screen information of a certain guest operating system (OS) can be isolated from another guest OS by use of a computer virtualization technology such as VMWare or Virtual PC. However, this technology allows a host OS to freely read the screen of a guest OS. For this reason, if malicious software hides in the host OS, it is not possible to perfectly avoid a risk of maliciously taking out confidential information on the screen of the guest OS.
Moreover, in a secured X Window System of the National Security Agency (NSA), confidential information is allowed to be displayed on an independent virtual desktop screen isolated from another desktop screen on which other processes run. However, image data in a video memory is not protected by this technology, and this allows a background process to freely read the image information.
Japanese Patent Application Laid-open Publication No. Hei 11-249965 discloses a computer system which performs a process for display on a display screen of a display device in accordance with video data stored in a video memory. The computer system is provided with a window management table for managing, window by window, screen information displayed on the display screen. In response to a display instruction for the screen information of a certain window, the window management table is updated, and copy protection information is concurrently set in the window management table. The copy protection information is for instructing protection of the screen information from a copy process. Thus, upon receipt of a copy request for the screen information of a certain window displayed on the display screen through the display process, the computer system refers to the window management table. If the copy protection information is set for the screen information targeted by the copy request, the computer system prohibits the video data corresponding to the screen information from being copied from the video memory.
Japanese Patent Application Laid-open Publication No. 2007-34685 discloses a system for implementing security protection of each content displayed on an electronic paper, and other accompanying functions. The system includes use restriction storage means. The use restriction storage means holds use restriction information of each content, and display control means writes the display content of the content to a display unit in a form in accordance with the use restriction information. Then, according to the use restriction information, the system displays or does not display certain content in a document displayed on the display unit, or performs another equivalent process. Thus, by restricting use of contents, the system attains the security protection of the contents, the maintaining of the sameness thereof, or the like. Furthermore, in response to a confirmation request from a user, the use restriction information held in the use restriction storage means is written to the display unit, and is presented to the user.
Japanese Patent Application Laid-open Publication No. 2007-52655 discloses a document display control apparatus. The document display control apparatus includes: means for obtaining authentication information which is associated with a user who has access to a predetermined area; means for determining whether or not the obtained authentication information meets a display permission condition which is associated with a document to be displayed; and restriction means for restricting display of the document on a display unit when the authentication information does not meet the display permission condition.
Japanese Patent Application Laid-open Publication No. 2007-65846 is assigned to the same applicant as this application, and discloses an information handling system which operates a plurality of application programs including first and second application programs in parallel on an operating system. The information handling system includes a monitor and a controller. The monitor monitors a function call from the first application program to the operating system, or messages transmitted/received between the first application program and the operating system. According to the monitoring result by the monitor, the controller changes or prohibits processing for a function call from the second application program to the operating system, or processing for transmitting/receiving messages between the second application program and the operating system. This information handling system is shown as one of background arts of the present invention for reference.
These conventional technologies make achievements in effectively protecting the security of a screen for specific purposes. However, these conventional technologies fail to appropriately deal with a translucent window, which is increasingly adopted in a GUI environment, and also has difficulty to implement flexible security management in accordance with character string information, a font size and the like, which are used for display.