The present invention relates to an apparatus and method for managing digital rights and, more particularly, to an apparatus and method for managing digital rights through hooking a kernel native API.
Digital Rights Management (DRM) is a technology for protecting various digital contents, such as e-book, music, video, game, software, stock information, image, and so on, from illegal duplication and for setting access rights to electronic documents for preventing leaks of information by insiders and outsiders. In past, most information leakage incidents are performed by hackers or viruses. However, in recent, as information leakage incidents have been caused for money by authorized insiders or related-parties, the voices of supplementing weak points inherent in existing security solutions are getting louder. Almost all documents of business entities are digitalized, and systems for sharing the digitalized documents are increasingly introduced. Thus, Enterprise DRM (E-DRM) is perceived as the most representative document security technology. The Enterprise DRM solution growing quickly domestically and abroad represents evolution to various technologies for meeting requirements of the current security market. Especially, the needs for new products applying these technologies increase in the markets requiring more enhanced information security solution. DRM solutions for directly encrypting contents which are containing core information and controlling the use of contents on the basis of the predefined right have a good position through core security infrastructures satisfying this market needs.
In typical DRM processing techniques, the DRM processing is implemented by a kernel driver or filter driver. Accordingly, the typical DRM processing techniques support only specific application programs in DRM processing of electronic documents or digitalized files, and thus additional DRM modules should be developed additionally, thereby additional developing time and cost are required. Also, the typical DRM processing techniques analyze specific application programs by using Reverse Engineering, and control and monitor specific messages, instructions and user interfaces (UIs) in the application programs by using the DLL (Dynamic Linking Library) injection method. In this case, the typical DRM processing techniques control DRM processing and manage digital rights through a kernel driver or filer driver.
However, there are following limitations in the typical DRM processing technique. First, since the DLL for the control of the corresponding application program should be developed on the basis of the analysis results of the specific application programs using reverse engineering, it takes long time in developing a new DLL. Thus, security issues may occur during the developing time. Second, modules which are injected to operate at the user level may conflict with other programs to make a stability problem. Third, in DRM processing by the kernel driver, conflicts with other kernel drivers or programs may arise and cause a system crash. Fourth, the flexibility is reduced because of developing the new kernel driver in changing the kernel or the operation system.