Patent Application
20150019874
The present invention relates to an apparatus and method for generating an electronic book (e-book) and an apparatus and method for verifying the integrity of an e-book, and more particularly, to an apparatus and method for generating an e-book including information for verifying the integrity of the e-book, and verifying the integrity of an e-book from information included in the e-book to determine whether or not the e-book has been falsified.
With the recent rapid spread of high-speed communication networks, a variety of services are provided via the networks and used by many users. For example, users of services, such as information retrieval, games, e-commerce, Internet banking, and email, are constantly increasing in number. In addition, with the rapid spread of portable electronic equipment, such as smart phones and tablet personal computers (PCs), new services are being developed and provided. Markets relating to e-books corresponding to one of the services are gradually growing according to such a trend. However, due to their characteristics, e-books are vulnerable to falsification and cannot protect copyrights appropriately.
Patent Literature 1, KR 10-2003-0027181 (The Electronics and Telecommunications Research Institute (ETRI) Apr. 7, 2003) discloses a technology for providing the confidentiality of electronic documents exchanged in e-commerce through an extensible markup language (XML) encryption and decryption procedure of various electronic documents including XML electronic documents as a method of encrypting and decrypting an electronic document.
Patent Literature 2, KR 10-1085283 (Adrea LLC Nov. 14, 2011) discloses a technology for providing a user with text or an image of an appropriate size, for providing a display of content, such as a layout, to reflect a copyright holder's will, and for a user to easily construct a data structure, as an information processing system and method and a recording medium.
The present invention is directed to providing an apparatus and method for generating an electronic book (e-book) including information for verifying the integrity of the e-book.
The present invention is also directed to providing an apparatus and method for verifying the integrity of an e-book from information included in the e-book to determine whether or not the e-book has been falsified.
One aspect of the present invention provides an apparatus for verifying the integrity of an electronic book (e-book), the apparatus including: an e-book receiving unit configured to receive e-book data including e-book e-signature data including e-signature-object information including a fourth digest value generated by applying a second hash function to e-book basis data including title information of the e-book, a first digest value generated by applying a first hash function to the e-signature-object information, an e-signature value generated by applying an encryption function employing a private key as an encryption key to the first digest value, and a value of a public key corresponding to the private key, and the e-book basis data; and an e-book integrity verification unit configured to verify integrity of the e-book data received through the e-book receiving unit by comparing at least one of a fifth digest value generated by applying the encryption function employing the public key as a decryption key to the e-signature value and a sixth digest value generated by applying the first hash function to the e-signature-object information with the first digest value.
Another aspect of the present invention provides an apparatus for generating an e-book, the apparatus including: a digest unit configured to generate a fourth digest value by applying a second hash function to e-book basis data including title information of the e-book, and generate a first digest value by applying a first hash function to e-signature-object information including the fourth digest value; an e-signature unit configured to generate an e-signature value by applying an encryption function employing a private key as an encryption key to the first digest value; and an e-book generation unit configured to generate e-book data including e-book signature data including the e-signature-object information, the first digest value, the e-signature value, and a public key value corresponding to the private key, and the e-book basis data.
Another aspect of the present invention provides a method of verifying the integrity of an e-book, the method including: receiving e-book data including e-book e-signature data including e-signature-object information including a fourth digest value generated by applying a second hash function to e-book basis data including title information of the e-book, a first digest value generated by applying a first hash function to the e-signature-object information, an e-signature value generated by applying an encryption function employing a private key as an encryption key to the first digest value, and a value of a public key corresponding to the private key, and the e-book basis data; and verifying the integrity of the received e-book data by comparing at least one of a fifth digest value generated by applying the encryption function employing the public key as a decryption key to the e-signature value and a sixth digest value generated by applying the first hash function to the e-signature-object information with the first digest value.
Another aspect of the present invention provides a method of generating an e-book, the method including: generating a fourth digest value by applying a second hash function to e-book basis data including title information of the e-book; generating a first digest value by applying a first hash function to e-signature-object information including the fourth digest value; generating an e-signature value by applying an encryption function employing a private key as an encryption key to the first digest value; and generating e-book data including e-book signature data including the e-signature-object information, the first digest value, the e-signature value, and a public key value corresponding to the private key, and the e-book basis data.
According to an inventive apparatus and method for generating an electronic book (e-book) and an inventive apparatus and method for verifying the integrity of an e-book, an e-book is generated to conform to the electronic publication (EPUB) standard and include information for protecting the copyright on the e-book, so that the e-book market can be activated.
In addition, an e-signature is not put to the entire data of an e-book but is put to a part of the data, and thus it is possible to efficiently append the e-signature while reducing the time and overhead required for the e-signature.
Hereinafter, exemplary embodiments of an inventive apparatus and method for generating an electronic book (e-book) and an inventive apparatus and method for verifying the integrity of an e-book will be described in detail with reference to the accompanying drawings.
Referring to
Referring to
Here, the e-book basis data EB_BD includes basic data about an e-book, such as a title, an author, and a publisher. The e-book basis data EB_BD may further include access information of a copyright management apparatus used to check the usage rights to the e-book. Referring to
The e-book content data EB_CD includes actual content information of the e-book, such as text and pictures.
The e-book usage rights data EB_RD includes information on the usage rights to the e-book, such as usage period information EB_RD—1 and legal user information EB_RD—2. Referring to
The e-book encryption data EB_ED is used to decrypt a part of the e-book data EB when the part is encrypted, and includes information on encryption of the e-book.
The e-book e-signature data EB_SD is used to verify the integrity of the e-book, and includes e-signature information, an e-signature value, decryption key information, e-signature-object information, and so on. Referring to
Referring to
Referring to
Referring to
Referring to
The first e-signature-object information EB_SD—4—1 includes a second digest value obtained from the e-book encryption data EB_ED using a second hash function, information for identifying the second hash function used to obtain the second digest value, and so on. The second e-signature-object information EB_SD—4—2 includes a third digest value obtained from the e-book usage rights data EB_RD using the second hash function, information for identifying the second hash function used to obtain the third digest value, and so on. The third e-signature-object information EB_SD—4—3 includes a fourth digest value obtained from the e-book basis data EB_BD using the second hash function, information for identifying the second hash function used to obtain the fourth digest value, and so on.
In this way, by not putting an e-signature to the entire e-book but by putting an e-signature to a part of the e-book, it is possible to reduce overhead involved in e-signature. For example, the content (body) of an e-book is fundamental information that should not be falsified. However, the content (body) of an e-book is generally encrypted, and much overhead is involved in putting an e-signature to the entire e-book. Therefore, an e-signature is put to only the minimum information required to determine whether or not the e-book has been falsified.
In the present invention, the e-book encryption data EB_ED is set as one e-signature object because, when the e-book content data EB_CD is encrypted, information on the corresponding decryption key or encryption algorithm is included in the e-book encryption data EB_ED, and it is possible to verify the integrity of the encrypted e-book content data EB_CD by determining that the e-book encryption data EB_ED has not been falsified. Also, the e-book usage rights data EB_RD is set as one e-signature object because information on the usage rights of the e-book is included in the e-book usage rights data EB_RD, and it is possible to verify the integrity of the usage rights of the e-book by determining that the e-book usage rights data EB_RD has not been falsified. Further, the e-book basis data EB_BD is set as one e-signature object because the e-book basis data EB_BD includes basic information and copyright management apparatus access information of the e-book, and it is possible to verify the integrity of a subject that has encrypted the e-book content data EB_CD by determining that the e-book basis data EB_BD has not been falsified.
Referring back to
The digest unit 110 obtains a digest value from each of the e-book encryption data EB_ED, the e-book usage rights data EB_RD, and the e-book basis data EB_BD using the second hash function. In other words, the digest unit 110 applies the second hash function to each of the e-book encryption data EB_ED, the e-book usage rights data EB_RD, and the e-book basis data EB_BD, thereby generating the second to fourth digest values.
Also, the digest unit 110 obtains the first digest value EB_SD—1—3 from the e-signature-object information EB_SD—4 using the first hash function. In other words, the digest unit 110 applies the first hash function to the e-signature-object information EB_SD—4, thereby generating the first digest value EB_SD—1—3.
The e-signature unit 130 obtains the e-signature value EB_SD—2 from the first digest value EB_SD—1—3 that is obtained from the e-signature-object information EB_SD—4 using the encryption function and the private key provided by the reliable certification institute. In other words, the e-signature unit 130 applies the encryption function employing the private key as an encryption key to the first digest value EB_SD—1—3, thereby generating the e-signature value EB_SD—2.
The e-book generation unit 150 generates the e-book data EB based on the plurality of digest values obtained by the digest unit 110 and the e-signature value EB_SD—2 obtained by the e-signature unit 130.
In other words, the e-book generation unit 150 generates the e-signature-object information EB_SD—4 including the first to fourth digest values generated from the e-book encryption data EB_ED, the e-book usage rights data EB_RD, and the e-book basis data EB_BD, the information for identifying the second hash function used to generate the second to fourth digest values, and so on.
Also, the e-book generation unit 150 generates the e-signature information EB_SD—1 including the first digest value EB_SD—1—3 generated from the e-signature-object information EB_SD—4, the information EB_SD—1—2 for identifying the first hash function used to generate the first digest value EB_SD—1—3, the information EB_SD—1—1 for identifying the encryption function used to generate the e-signature value EB_SD—2.
Also, the e-book generation unit 150 generates the decryption key information EB_SD—3 including the public key value EB_SD—3—1 corresponding to the private key used to generate the e-signature value EB_SD—2, and so on.
Also, the e-book generation unit 150 generates the e-book e-signature data EB_SD including the e-signature information EB_SD—1, the e-signature value EB_SD—2, the decryption key information EB_SD—3, the e-signature-object information EB_SD—4, and so on.
Also, the e-book generation unit 150 generates the e-book basis data EB_BD including the copyright management apparatus access information EB_BD—1 and the e-book usage rights data EB_RD including the usage period information EB_RD—1 and the legal user information EB_RD—2 of the e-book.
Finally, the e-book generation unit 150 generates the e-book data EB including the e-book basis data EB_BD, the e-book content data EB_CD, the e-book usage rights data EB_RD, the e-book encryption data EB_ED, and the e-book e-signature data EB_SD.
The e-book generation apparatus 100 obtains second to fourth digest values from e-book encryption data EB_ED, e-book usage rights data EB_RD and e-book basis data EB_BD using a second hash function (S1010). In other words, the e-book generation apparatus 100 applies the hash function to each of the e-book encryption data EB_ED, the e-book usage rights data EB_RD, and the e-book basis data EB_BD, thereby generating the second to fourth digest values.
Then, the e-book generation apparatus 100 obtains a first digest value EB_SD—1—3 from e-signature-object information EB_SD—4 including the second to fourth digest values using a first hash function (S1020). In other words, the e-book generation apparatus 100 applies the first hash function to the e-signature-object information EB_SD—4, thereby generating the first digest value EB_SD—1—3.
Subsequently, the e-book generation apparatus 100 obtains an e-signature value EB_SD—2 from the first digest value EB_SD—1—3 obtained from the e-signature-object information EB_SD—4 using an encryption function and a private key (S1030). In other words, the e-book generation apparatus 100 applies the encryption function employing the private key as an encryption key to the e-signature-object information EB_SD—4, thereby generating the e-signature value EB_SD—2. Then, the e-book generation apparatus 100 generates e-book data EB based on the obtained plurality of digest values and the e-signature value EB_SD—2 (S1040).
Referring to
To determine whether or not an e-book has been falsified, the e-book integrity verification apparatus 1100 verifies the integrity of the e-book from information included in the e-book. Also, to check the usage rights to the e-book, the e-book integrity verification apparatus 1100 may access the copyright management apparatus 1200 using information included in the e-book and verify the usage rights to the e-book.
The copyright management apparatus 1200 is an apparatus for managing the copyright on an e-book, such as management of legal users of the e-book and legal usage periods. The copyright management apparatus 1200 verifies the usage rights to the e-book at a request of the e-book integrity verification apparatus 1100.
The user terminal denotes a device that includes a memory means and a microprocessor installed for a calculation capability. The user terminal may be a desktop computer, a laptop computer, a workstation, a palmtop computer, an ultra mobile personal computer (UMPC), a tablet personal computer (PC), a personal digital assistant (PDA), a webpad, a cellular phone, a smart phone, or so on.
The communication network 1300 may not only be a data communication network, such as a local area network (LAN), a metropolitan area network (MAN), a wide area network (WAN), and the Internet, but may also be a broadcasting network, a telephone network, or so on. The communication network 1300 may be either a wired communication network or a wireless communication network, and may employ any communication scheme.
Meanwhile, the e-book integrity verification apparatus 1100 has been described as being separated from the user terminal, but the present invention is not limited to the e-book integrity verification apparatus 1100 separated from the user terminal. In an exemplary embodiment, the e-book integrity verification apparatus 1100 may be implemented in one body with the user terminal. Needless to say, the e-book integrity verification apparatus 1100 may also be implemented in one body with the copyright management apparatus 1200.
Referring to
The e-book receiving unit 1110 receives e-book data EB from the user terminal. As mentioned above, the e-book data EB conforms to EPUB, that is, the e-book standard, and includes e-book basis data EB_BD, e-book content data EB_CD, e-book usage rights data EB_RD, e-book encryption data EB_ED, and e-book e-signature data EB_SD. The e-book basis data EB_BD includes basic information on an e-book, copyright management apparatus access information EB_BD—1, and so on. The e-book usage rights data EB_RD includes usage period information EB_RD—1, legal user information EB_RD—2, and so on. The e-book e-signature data EB_SD includes e-signature information EB_SD—1, an e-signature value EB_SD—2, decryption key information EB_SD—3, e-signature-object information EB_SD—4, and so on. The e-signature-object information EB_SD—4 includes first to third e-signature-object information EB_SD—4—1 to EB_SD—4—3 for identifying an object of an e-signature.
The e-book integrity verification unit 1130 verifies the integrity of the e-book data EB received through the e-book receiving unit 1110 to determine whether or not the e-book data EB has been falsified.
In other words, the e-book integrity verification unit 1130 compares at least one of a fifth digest value and a sixth digest value with a first digest value EB_SD—1—3 included in the e-signature information EB_SD—1, thereby verifying the integrity of the e-book data EB. The fifth digest value is generated by applying an encryption function employing a public key included in the decryption key information EB_SD—3 as a decryption key to the e-signature value EB_SD—2 based on encryption function identification information EB_SD—1—1 included in the e-signature information EB_SD—1, and the sixth digest value is generated by applying a first hash function based on hash function identification information EB_SD—1—2 included in the e-signature information EB_SD—1 to the e-signature-object information EB_SD—4.
Also, the e-book integrity verification unit 1130 respectively compares a seventh digest value, an eighth digest value, and a ninth digest value with a second digest value included in the first e-signature-object information EB_SD—4—1, a third digest value included in the second e-signature-object information EB_SD—4—2, and a fourth digest value included in the third e-signature-object information EB_SD—4—3, thereby verifying the integrity of the e-book data EB. The seventh digest value is generated by applying a second hash function based on hash function identification information included in the first e-signature-object information EB_SD—4—1 to the e-book encryption data EB_ED, the eighth digest value is generated by applying the second hash function based on hash function identification information included in the second e-signature-object information EB_SD—4—2 to the e-book usage rights data EB_RD, and the ninth digest value is generated by applying the second hash function based on hash function identification information included in the third e-signature-object information EB_SD—4—3 to the e-book basis data EB_BD.
The e-book usage rights verification unit 1150 accesses the copyright management apparatus 1200 using at least one of a DRM solution supplier, a domain code, and information on the URL of the copyright management apparatus 1200 included in the copyright management apparatus access information EB_BD—1, and verifies the usage rights to the e-book.
The e-book output unit 1170 has a display module (not shown), and outputs the e-book data EB through the display module when the e-book integrity verification unit 1130 determines that the e-book data EB has not been falsified. Here, the display module may be a liquid crystal display (LCD), a thin film transistor LCD (TFTLCD), an organic light emitting diode (OLED) display, a flexible display, a three-dimensional (3D) display, or so on.
The e-book integrity verification apparatus 1100 receives e-book data EB from the user terminal (S1310). Subsequently, the e-book integrity verification apparatus 1100 verifies the integrity of the e-book data EB based on information included in the e-book data EB to determine whether or not the received e-book data EB has been falsified (S1320).
In other words, the e-book integrity verification apparatus 1100 compares a fifth digest value and a sixth digest value with a first digest value EB_SD—1—3 included in e-signature information EB_SD—1, thereby verifying the integrity of the e-book data EB. The fifth digest value is generated using encryption function identification information EB_SD—1—1 included in e-signature information EB_SD—1, decryption key information EB_SD—3, and e-signature value EB_SD—2, and the sixth digest value is generated using hash function identification information EB_SD—1—2 and e-signature-object information EB_SD—4.
Also, the e-book integrity verification apparatus 1100 compares seventh to ninth digest values generated using first e-signature-object information EB_SD—4—1, second e-signature-object information EB_SD—4—2, and third e-signature-object information EB_SD—4—3 with second to fourth digest values included in the first e-signature-object information EB_SD—4—1, the second e-signature-object information EB_SD—4—2, and the third e-signature-object information EB_SD—4—3, thereby verifying the integrity of the e-book data EB.
Then, the e-book integrity verification apparatus 1100 verifies the usage rights to the e-book (S1330). In other words, the e-book integrity verification apparatus 1100 accesses the copyright management apparatus 1200 using copyright management apparatus access information EB_BD—1 and verifies the usage rights to the e-book. Subsequently, when it is determined that the e-book data EB has not been falsified, the e-book integrity verification apparatus 1100 outputs the e-book data EB (S1340).
The present invention may be implemented as computer-readable codes in a computer-readable recording medium. The computer-readable recording medium includes all types of recording media storing data that can be read by a computer system. Examples of the computer-readable recording medium include a read-only memory (ROM), a random access memory (RAM), a compact disc ROM (CD-ROM), a magnetic tape, a floppy disk, an optical data storage, and so on. The computer-readable recording medium may also be implemented in the form of carrier waves (e.g., transmission via the Internet). In addition, the computer-readable recording medium may be distributed to computer systems connected via a network, in which computer-readable codes can be stored and executed in a distributed manner.
While the invention has been shown and described with reference to certain exemplary embodiments thereof, it will be understood by those of ordinary skill in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
| Number | Date | Country | Kind |
|---|---|---|---|
| 10-2012-0017454 | Feb 2012 | KR | national |
| Filing Document | Filing Date | Country | Kind |
|---|---|---|---|
| PCT/KR2012/011580 | 12/27/2012 | WO | 00 |
