1. Field of the Invention
The invention pertains generally to computer security. In particular, it pertains to protecting electronic documents on a computer from unauthorized copying or other harmful intervention.
2. Description of the Related Art
Widespread use of the Internet and email has left millions of personal computers (PCs) vulnerable to downloaded viruses and other types of malicious software that can destroy programs, copy and upload private documents, and perform other harmful acts, frequently without the PC operator's knowledge. The increasing popularity of downloaded programs has multiplied the problem significantly, since it creates so many more opportunities to unknowingly download the malicious software. Due to their open architecture, most PCs provide very little protection against such destructive software. It is this very openness that has made the PC platform the general-purpose solution provider that it is. Other types of computers are also vulnerable to such attacks in varying degrees, but the pervasive use of PCs has drawn much attention to the problem as it applies to PCs.
In the past, owners of copyrighted information or other intellectual property have been reluctant to allow their property to be viewed on the PC platform (books, movies, sensitive corporate documents, etc.) as the nature of the open PC platform makes the property vulnerable to mischievous software that may be running in parallel. Although self-replicating destructive software (viruses) attracts the most attention, copyright owners are more concerned with the illegal copying and distribution of any document that they permit to be downloaded to a computer. This is particularly true of e-books, or books that are available electronically by downloading the text of those books over a network such as the Internet. The ease of copying documents downloaded into a PC makes it easy to illicitly reproduce and forward copyrighted materials without detection of this activity by the copyright owner.
FIG. 1 shows a conventional system 10. Protected content in the form of encrypted data is provided over channel 11 to storage subsystem 12, where it is stored for subsequent use. Channel 11 could be an Internet connection and the portion of a PC that receives and processes network data. Storage subsystem 12 could be main memory, the hard disk on the PC, or some other form of storage. When the data is ready for presentation, it can be retrieved from storage 12 and presented to player 14 for processing. Player 14 is generally software running in the PC. Decryption of the encrypted data can take place in player 14, which can also reformat the data. The processed data can then be passed over channel 15 to graphics sub-system 16, where it is formatted for presentation over channel 17 to the actual display device, such as a video monitor. Note: although the terms “document” and “display” are used here, this scenario applies equally well to graphics video data and to audio data, such as music, that is played through speakers.
FIG. 2 shows a conventional graphics controller 16. Previous attempts to protect downloaded data have focused primarily on encrypting the data for delivery and storage. However, once the data is decrypted, formatted, and sent to the graphics controller 16 through primary interface 21, the bit-image of that data is generally placed in a video memory 22 where the data is repeatedly read out and transmitted through output port 23 to a display device. For reasons of flexibility and usability, the contents of video memory 16 can generally be read through primary interface 21 by the PC that implements player 14, and may be read by other devices as well through that same interface. Many graphics controllers also have a secondary interface 24 that also permits both read and write capability of video memory 22 by other devices, as well as permitting direct transmission of video data to output port 23 when that capability is needed. Output port 23 generally does not provide memory read capability. However, interfaces 21 and 24 provide two ports through which the data in video memory 22 can be captured, and subsequently saved and/or transmitted, for later display in an unauthorized manner. For efficiency of transmission, the offending software that captures the bit-image from video memory can also use the text font maps stored in the PC to interpret the bit image and convert any displayable text back to a standard word processing format. Thus, by using resources freely available in the PC, the supposedly protected data in graphics controller 16 can not only be retrieved and stored and/or transmitted to another device, but the retrieved data can be reverse-engineered into a much more compact and usable form before such storage/transmission.
Since many players are in the form of a PC that is vulnerable to modification by maliciously loaded software, this exposure of the graphics subsystem creates a security problem that discourages the use of PCs for any displayable data that needs to be protected, such as copyrighted video material. Once the data is placed in graphics subsystem 16, that data is vulnerable to unauthorized monitoring and capture by software that has been illicitly placed in the computer.
It is not only downloaded malicious software that can compromise the security of the data. The PC operator might wish to illicitly copy the data, which he or she legitimately downloaded, for subsequent illicit use or distribution.