A clipboard refers to a memory space in which data is temporarily stored when any data is copied or pasted to a file executed by an identical application or different applications. The copy and extraction of data using such a clipboard are functions basically provided by an Operating System (OS), such as Microsoft Windows or Apple Macintosh. The function of copying and extracting data using a clipboard is one of numerous targets that must be managed so as to prevent the leakage of data in a system to which Digital Rights Management (DRM) is applied. For example, when the movement of any data exceeding the allowable right of a user, or the movement of data or the like within the DRM system is attempted on a document to which DRM is applied, there is a need to block the movement of data related to the document to which DRM is applied.
FIG. 1 is a diagram showing a process for storing information in a clipboard in a Microsoft Windows system.
Referring to FIG. 1, the storage of information in a clipboard is performed using interaction among an application, a system, and global memory. First, when the application requests the system to allocate global memory using a GlobalAlloc( ) function (S100), the system provides a handle for the global memory using a Handle( ) function (S105). Next, the application requests the system to lock the global memory using a GlobalLock( ) function (S110), and the system returns the pointer of the allocated global memory in response to the request (S115). Thereafter, the application copies data to the allocated global memory using the returned pointer (S120). Then, the application requests the system to record data in the clipboard by sequentially using functions, such as OpenClipboard( ), EmptyClipboard( ), SetClipboardData( ), and CloseClipboard( ) functions (S125 to S140), and finally requests the system to unlock the global memory using a GlobalUnlock( ) function (S145). FIG. 2 illustrates data stored in the clipboard.
FIG. 3 is a diagram showing a process for extracting data from a clipboard in a Microsoft Windows system.
Referring to FIG. 3, an operation of extracting information from a clipboard starts at the determination of whether an available clipboard format that can be processed by an application is present in a current clipboard, using an IsClipboardFormatAvailable( ) function (S300). Then, the application requests the system to open the clipboard using an OpenClipboard( ) function (S305). Next, the application requests the system to provide data stored in the clipboard using a GetClipboardData( ) function (S310), and the system provides a handle for the data to the application using a Handle( ) function in response to the request (S315). Next, the application requests the system to lock the global memory using a GlobalLock( ) function (S320), and the system returns the pointer of the allocated global memory in response to the request (S325). Then, the application reads data from the allocated global memory using the returned pointer (S330). Thereafter, the application requests the system to unlock the global memory using a GlobalUnlock( ) function (S335), and requests the system to close the clipboard using a CloseClipboard( ) function (S340).
As described above with reference to FIGS. 1 to 3, the storage and extraction of data in and from the clipboard are performed using Application Programming Interface (API) functions related to the clipboard between the application and the system, and there is a possibility that data stored in the clipboard will leak during such a process. The present applicant proposed a technique for encrypting data or an object to which DRM is applied, among pieces of data or objects to be stored in the clipboard, and storing the encrypted data in order to prevent the leakage of data in the clipboard, and this technique was filed and registered as Korean Patent Registration No. 10-0928467. The patent filed by the present applicant includes a configuration for encrypting and decrypting data when the storage and reading of data in and from the clipboard are performed by a reliable object that is an object to which DRM is applied, among various objects, thus preventing access to the data by an unreliable object that is an object to which DRM is not applied. In this case, the objects are independent targets on which operations for extracting data from the clipboard and pasting the data are performed, and primarily denote processes corresponding to respective applications, but may be documents, sub-windows, or images/text/video within the documents, which are managed by the respective processes. Even in the following description, the term “object” is used as the same meaning. The patent filed by the present applicant does not block an unreliable object from accessing encrypted data stored in the clipboard, and so when clipboard data is requested by an unreliable object, encrypted data is provided to the unreliable object. In this case, there is a problem in that when encrypted data is output by the unreliable object, a program is shut down or an unexpected situation occurs.