For the governmental, banking, national defense, enterprise, organizational and medical institutions, the flow of their internal information is the data produced, collected and used by these governmental, banking, national defense, enterprise, organizational, and medical institutions during operation. The information could be in various forms. It can be stored in computers (or even in other various kinds of electronic devices) in forms of image file, text files, PDF files, or scanned files, or can be printed on papers. Most of the information mentioned above is usually classified into top secret, secret, confidential or unclassified according to its importance. Some information can be disclosed and viewed by specific persons or the public. However, some information can be disclosed to authorize persons and such information is extremely valuable and intangible asset and has a critical influence. In other words, such information has a determinant and risky influence for governmental, banking, national defense, enterprise, organizational and medical institution, and the files described above are not usually available to be public and falsified, so it needs to be encrypted and certificated to maintain the fairness and justice of social responsibility. In addition, the result of social information technology developing significantly reduces limitations of space and time in the whole world. For this reason, personal privacy should be controlled tightly, especially for some personal information that is not available to disclose to third-party, organizations or others and need to be corresponding to the stringent global personal data protection law, so as to meet the need of personal privacy protection. Therefore, the above information is required to be safely controlled and encrypted, so as to prevent users from reading, downloading or modifying intentionally or unintentionally, and prevent those who steal information such as hackers, commercial espionage, military espionage and internal staff from arbitrarily capturing, decrypting or invading the packets, and communication of information system, and then stealing top secret files or documents such as patent technology, national defense secrets, trade secrets, personal information, banking information, which would result in irreversible consequences that seriously affect the social, economic, and national security.
Watermark is a technology that embeds a label, which can be a representative of the owner or creator to prove ownership. Visible watermark is commonly used and its advantage is that it can recognize what the source is or who the owner of information is without any calculation of algorithm. It also provides information to the reader, so as to indicate what the source is or who the owner of information is, such as a file or document, used in official document of governmental, banking, national defense, enterprises, organizational and medical institutions, is often added with watermark when printing.
QR code is also a widely applied technology and has developed into a three-dimensional QR code now. Its main applications include automatic text transferring, digital content download, the Quick Link, identity identification and e-commercial trade. QR code (Quick Response Code), widely used nowadays, has the superior characteristics of fast encoding and decoding. QR code has the following characteristics: two-dimensional bar code is capable of saving among horizontal and vertical, so the QR code can save more data than other kinds of two-dimensional bar code (small size of the output). It can record more than 7,000 numeric characters or more than 4,000 letters of the alphabet (big storage capacity),If part of QR code is unclear or damaged, the information in QR code can be repaired via Error correction or data restoration method (Good performance of anti-damage).
However, visible watermark or QR code is easy to be covered by graphics software or be removed through signal processing or signal filtering technology. If someone gets a superior access authority for secret files, the watermark or QR code of the secret files could be removed easily. Therefore, it doesn't meet the six core elements (“CACAIN” for short) for information security: Confidentiality, Authenticity, Controllability, Availability, Integrity, Non-repudiation. Generally, algorithm of visible watermark is known to public, while embedding and acquisition technologies of information are also well known. Accordingly, the algorithm does not guarantee the security. In the same way, QR code is also generated by a specific algorithm. The file size when adding visible watermarks or QR code is increasing as the capacity of watermark or page numbers of the file increasing even there are many public and private cloud system, internet hard disk, portable hard disk or small memory cards today. Once the file with a lot of watermark and QR code are saved, it will occupy too much storage space and consume computer memory and will increase the loading of the information system. Finally, it will cause a waste of resources of information systems in future due to lack of stability and internet congestion. According to the results of many research institutions, they estimated that information security of digital data, big data analysis and mobile digital device will explosively grow over the next five to ten years, which will significantly affects the security of the international information.
Furthermore, traditional fax system can transform fax number into e-mail address for receiving or sending a message, and such messages often contain file in TIFF, image and PDF format, and the contents of the fax have no encryption, watermark and label. After the collaborative step of the fax system, the message will be automatically forwarded to the set multiple group mailboxes. However, fax number is used in the same organization and shared by many staffs, which is also a great vulnerability for the information security. E-mail system is more complex. Because forwarding, sending and backup of the e-mail must pass through the e-mail gateway, access times may be recorded but the files within the e-mail that are not encrypted and are not added with watermark and label. Therefore, it cannot effectively manage e-mail attached file and prevent information leakage.
In the digital age now, the cloud, internet drive or online file sharing space, in order to save a lot of files, usually provide only one username and password together with single description key corresponding to username and password as the basis structure for identity certification. However, if a user's password or key was disclosed or stolen, all information of the user account can be arbitrarily watched, shared, accessed, modified and even deleted. Therefore, it has a lot of potential risks in the aspect of information security. For example, general management for computer privileges sharing will not prevent the sharer capturing the image of the content of the file by software, smart phone, digital camera and camera, and then instantly transmitting the important information in the file to personal smart devices via instant messaging software such as Wechat, Line, QQ, Skype and What's app, or sending important information in e-mail attachment to a personal smart devices such as smart phone, smart tablet, private cloud, public cloud, other mailboxes or BYOD (bring your own device). Moreover, in recent years, due to globalization, information flow becomes more collaborative, refinement, service-based, intelligent. As a result, the information is everywhere and everyone can share information in this high speed and multi-tasking digital time, so as to generate the information security problems in some issues such as malicious intrusion, virus infection, authority control, encryption and decryption of BYOD (bring your own device), private cloud and public cloud. These would be the most important issues for information security now and future. Therefore, the present invention will become an important part in multiple information security defenses.
In view of this, the present invention provides a method and system for adding dynamic labels to a file and encrypting the file, avoiding the capacity increase of the file when being added with watermark and OR code, and averagely dividing the system resource to each main thread and each sub-thread for converting or encrypting each file, so as to encrypt and decrypt each file efficiently in real time, and each file is added with IP address, time stamps, special stamps. Advanced Encryption Standard is a block key encryption standard adopted by the U.S. federal government. After selecting for five years, AES was announced by the NIST as U.S. FIPS PUB 197 (FIPS 197) on Nov. 26, 2001 and became effective as a federal government standard on May 26, 2002 after approval by the secretary of commerce. In 2006, the Advanced Encryption Standard encryption has become one of the popular algorithms. The method and system of the present invention use Advanced Encryption Standard key to encrypt each file Even if in the condition where a user's password has been stolen and disclosed, or a server is hacked or its information is stolen by internal staff, the information of each file has specific and multiple key protections, watermark protection, multiple AES protection. Moreover, the method and system of the present invention can divide the recourse of system efficiently, so as to improve significantly the protection for patent, trade secret and the Confidentiality, Authenticity, Controllability, Availability, Integrity and Non-repudiation of information security for governmental, banking, national defense, enterprise, organizational and medical institutions.