JP2005057805A - Information providing apparatus, ticket providing apparatus, reproducing device, and information selling method used therefor, and program therefor - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an information selling system which enables an information vender to freely set selling conditions for his own information in an information selling form wherein the information vender is different from a streaming system operator. <P>SOLUTION: In the system comprising a streaming server device 1 managed by the streaming system operator, a ticket server device 2 managed by the information vender, and a reproducing device used by a user, the streaming server device 1 and the ticket server device 2 comprise a first transmission rule management means 12 and a second transmission rule management means 22 for individually managing transmission rules created on the basis of consignment contract of information distribution processing made between the information vender and the streaming system operator in advance. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to an information providing apparatus, a ticket providing apparatus, a reproducing apparatus, an information selling method used therefor, and a program therefor, and more particularly to an information selling system that performs various charging controls based on the nature and time of a user to be provided.

  Conventionally, as a method of providing information such as video / music using the Internet, there is a “streaming method” in which information is fragmented into several communication packets and information is reproduced while sequentially transmitting and receiving each communication packet. Generally known. Hereinafter, an information providing system using the streaming method is referred to as a “streaming system”.

  A method of selling information using such a streaming system is already known, and an information sales system using the method has been proposed (see, for example, Patent Documents 1 and 2). All of these systems have charging means in the streaming system. Accordingly, in addition to the information providing process, the streaming system performs a user authentication process related to charging, a charging process, and the like within the same system.

  In addition, in general information sales systems, there are also known information sales systems including a charging system that exclusively performs user authentication processing, charging processing, and the like in addition to an information providing system that exclusively performs information transmission processing (for example, (See Patent Documents 3 and 4).

  In the information sales system described in Patent Document 3, a charging system (“relay server”) is provided in addition to the information providing system (“data provider server”), and the charging system is generally well known. Act as a "proxy".

  In the information sales system, when requesting information provision from the user to the information providing system, it is necessary to go through the billing system, and user authentication processing and billing processing are performed on the billing system. The transmitted information is transmitted to the user via the billing system. In this case, the billing system also performs information providing processing in addition to user authentication processing and billing processing. In this respect, it can be said that the billing system is equivalent to the above streaming system.

  On the other hand, the information sales system described in Patent Document 4 includes an information providing system including an “information providing apparatus” and a “key management apparatus”, and a billing system including an “information management apparatus”. .

  When a user requests information provision from the information provision system, encrypted information is transmitted from the information provision apparatus of the information provision system, and in addition, a decryption key of the encrypted information is transmitted from the key management apparatus. Here, the terminal used by each user and the two devices constituting the information providing system are each provided with a “line connection device”, and the billing system identifies these line connection devices and connects between the line connection devices. Communication records can be stored.

  Therefore, the charging system can perform an appropriate charging process based on all the records related to the information providing process exchanged between the user and the information providing system. However, since the billing system cannot block communication between the user and the information providing system, it checks the existence of payment capability, the validity of the user's identification information, etc., and interrupts the information providing process if necessary. User authentication processing cannot be performed.

  In general, in the information sales system on the Internet, the communication content between the user and the information providing system is often encrypted by an encrypted communication method such as SSL (Secure Socket Layer). In such a case, the billing system cannot perform proper billing processing.

JP 2001-43440 A JP 2000-124900 A Japanese Patent Laid-Open No. 11-98136 JP-A-10-124576

  In the above-described conventional streaming system, a charging subsystem and a user management subsystem are built on the system, so that the streaming system is used when the seller wants to operate a price or to build his own user database. In practice, it is necessary to request the operator to reconfigure the various subsystems as described above, and in response to the requests from all the vendors entrusted to the streaming system operator. Have difficulty.

  Therefore, when selling information owned by the information seller, when the information provision work is outsourced to an external streaming system operator, the seller can freely operate the price, There is a problem that it is difficult to manage.

  In addition, the computer resources and communication resources of the streaming system are limited, and each resource required for the transmission process of information is consumed when user authentication processing and billing processing are performed on the system. Is pressed. Therefore, when performing user authentication processing or billing processing on the streaming system, there is a problem that the performance of transmission processing performed by the streaming system is reduced.

  Furthermore, when user authentication processing and billing processing are performed within a streaming system as in a conventional streaming system, only the streaming system operator can accurately grasp the profits obtained from the user. The seller can only rely on the declaration from the streaming system operator.

  Therefore, as in the case of the above problem, when the information seller and the streaming system operator are different, the profits obtained from the user as the price for providing the information are the same as the information seller and the streaming system operator. However, there is a problem that there is no guarantee that such profit sharing will be carried out fairly.

  Accordingly, an object of the present invention is to solve the above-described problems, and in an information sales form in which the information seller and the streaming system operator are different, the information sales condition (price) of the information that the information seller owns. It is to provide an information sales system, an information sales method, and a program thereof that can freely set user restrictions.

  Another object of the present invention is to provide an information sales system, an information sales method, and a program thereof that can perform user authentication processing and billing processing without degrading the performance of information transmission processing performed by the streaming system. There is to do.

  Furthermore, another object of the present invention is to provide profits obtained from users between the information seller and the streaming system operator in an information sales form where the information seller and the streaming system operator are different. It is to provide an information providing device, a ticket providing device, a reproducing device, an information selling method used therefor, and a program thereof that can be distributed fairly between the devices.

  An information providing apparatus according to the present invention is an information providing apparatus that provides information to a user, and includes a first transmission protocol management unit that manages a first transmission protocol including an information encryption key for encrypting the information. And an information providing means for simply transmitting information encrypted using the information encryption key to the user at the time of an information request from the user.

  A ticket providing apparatus according to the present invention is a ticket providing apparatus that performs authentication processing and billing processing for a user when information is provided to the user, and includes an information decryption key for decrypting the encrypted information and making it reproducible. A second transmission rule management means for managing a second transmission rule including at least the sales conditions for the user is provided.

  The reproducing device according to the present invention decrypts the information provided from the information providing device and encrypted using the information encryption key for encrypting the information, and the encrypted information provided from the ticket providing device. Packet receiving means for enabling reproduction while decoding based on a ticket including at least an information decryption key for enabling reproduction.

  The program of the information selling method according to the present invention includes a process of receiving a message requesting a ticket including at least an information decryption key for decrypting encrypted information and making it reproducible, and from the received message. One of a plurality of second transmission rules including a process of extracting an information identifier for identifying the information and at least the information decryption key and sales conditions for the user based on the extracted information identifier A process of selecting, a process of confirming the validity of the message, a process of charging for the amount of charge described in the selected second transmission rule, and the process based on the selected second transmission rule And a process for generating a ticket.

  According to another aspect of the present invention, there is provided a program for receiving information from a computer, a process for receiving a message requesting information from the computer, a process for extracting an information identifier for identifying the information from the received message, and an extracted information identifier. A process of selecting any one of a plurality of first transmission rules including an information encryption key for encrypting the information based on the information and the information encryption key described in the first transmission rule. A process of performing encryption while reading information is executed.

  Another information selling method program according to the present invention includes a process for generating and transmitting a message requesting a ticket including at least an information decryption key for decrypting encrypted information to be reproducible to a computer, The process of receiving the ticket, the process of extracting and holding the information decryption key from the received ticket, and the process of reproducing the received information using the extracted information decryption key are executed. .

  That is, the information sales system of the present invention includes a streaming server device managed by an operator of the streaming system, a ticket server device managed by an information seller, and a playback device used by a user. By providing the first transmission rule management means and providing the ticket server device with the second transmission rule management means, an information distribution processing consignment contract previously established between the information seller and the streaming system operator is provided. The transmission rules created based on this are managed individually.

  Further, the transmission protocol held by the first transmission protocol management unit includes an information encryption key, and when the streaming server device provides information to the playback device, the packet generation unit uses the information encryption key to store the information. An encrypted secure packet is generated.

  Further, the playback device that has received the secure packet receives the ticket including the information decryption key described in the transmission protocol held by the second transmission protocol management unit from the ticket server unit in advance by the ticket reception unit. Further, the packet receiving means decrypts the secure packet with the information decryption key.

  Furthermore, when the ticket communication as described above is performed between the ticket server device and the playback device, the information is sent from the user to the information seller by the ticket receiving unit and the first account management unit of the playback device. Accounting information such as payment information necessary for paying the payment or user ID (identification information) sufficient to specify payment information is included in the ticket request message, and the second account management means of the ticket server device To check the validity of the accounting information.

  In addition, an information identifier is included in the ticket request message, the transmission rule corresponding to the information identifier is obtained from the second transmission rule management means of the ticket server device, and the charge amount described in the transmission rule is charged. To communicate to the means.

  As described above, by providing a ticket server device for the information seller to manage the sales conditions of the information owned by the information seller as a transmission rule, the information seller can distribute the information to the operator of the streaming system. When consigning, it becomes possible for the information seller to freely set the sales conditions for the information he owns.

  Also, by performing user authentication processing and billing processing with a ticket server device independent of the streaming server device, user authentication processing and billing processing can be performed safely without degrading the performance of the streaming system when providing information. It becomes possible.

  Furthermore, each transmission protocol is created based on the agreement between the information seller and the streaming system operator, and the information is managed separately by the ticket server device and the streaming server device operated by each. Fair profit sharing can be performed between the seller and the operator of the streaming system.

  In the information selling method of the present invention, a first transmission protocol management means for managing a first transmission protocol including an information encryption key for encrypting and providing information to a user is provided in the streaming server device. Information server and streaming system by providing the ticket server device with a second transmission rule management means for managing a transmission rule including an information decryption key for decrypting and reproducing the converted information. In the information sales form that is different from that of the operator, there is an effect that the information seller can freely set the sales conditions (price and user restrictions) of the information owned by the information seller.

  According to another information selling method of the present invention, the ticket server device includes a second account management unit for performing authentication processing of the user and a charging unit for performing charging processing for the user when selling information to the user. By providing the streaming server device with information providing means for simply sending encrypted information when transmitting requested information to the user, without reducing the performance of the information transmission processing performed by the streaming system, There is an effect that user authentication processing and billing processing can be performed.

  Further, according to another information selling method of the present invention, when the information seller collects the price of the information from the user, the user is given a decryption key for the information, and the streaming system operator manages one of the transmission rules. By paying a distribution fee based on a predetermined consignment contract, in the information sales form where the information seller and the streaming system operator are different, the profits obtained from the user can be obtained from the information seller and the streaming system. The effect is that it can be fairly distributed with the manager.

  Next, embodiments of the present invention will be described with reference to the drawings. FIG. 1 is a block diagram showing the configuration of an information sales system according to an embodiment of the present invention. In FIG. 1, an information selling system according to an embodiment of the present invention includes a streaming server device 1 that is an information providing device that provides information, a ticket server device 2 that is a ticket providing device that provides a ticket, and provided information. And a playback device 3 for playback.

  The streaming server device 1 includes an information providing unit 11, a first transmission protocol management unit 12, a packet generation unit 13, an information storage unit 14, and a recording medium 15 that stores a program executed by each unit. ing.

  The information providing means 11 transmits the information identifier described in the information provision request message received from the reproducing apparatus 3 to the packet generating means 13 and transmits the packet or error message acquired from the packet generating means 13 to the reproducing apparatus 3. .

  The first transmission rule management means 12 holds all the first transmission rules given by one or more sellers of information, and responds to the input of the information identifier from the packet generation means 13 The information encryption key described in the first transmission protocol is output to the packet generation unit 13 or an error message is output to the packet generation unit 13. Here, the first transmission rule includes at least an information encryption key for encrypting information to be provided and sales conditions (transmission timing, valid period, billing conditions, etc.) for the user.

  When receiving an information identifier for identifying information to be provided to the user from the information providing unit 11, the packet generating unit 13 inputs the information identifier to the first transmission protocol managing unit 12, and corresponds to the information. Obtain an information encryption key or obtain an error message. Further, the packet generation means 13 inputs this information identifier to the information storage means 14 and acquires information to be provided to the user. Further, the packet generation unit 13 sequentially outputs the secure packet generated from the information and the corresponding information encryption key to the information providing unit 11 or outputs an error message to the information providing unit 11.

  The information storage unit 14 holds all information given by one or more sellers of information. When the information identifier is input from the packet generation unit 13, the information storage unit 14 sends the corresponding information to the packet generation unit 13. Output.

  The ticket server device 2 stores ticket execution means 21, second transmission rule management means 22, ticket generation means 23, second account management means 24, billing means 25, and programs executed by each means. And a recording medium 26 for recording.

  The ticket providing unit 21 transmits the ticket request message received from the reproduction device 3 to the ticket generation unit 23 and transmits the ticket acquired from the ticket generation unit 23 to the reproduction device 3 or transmits an error message to the reproduction device 3. . Here, the ticket includes at least an information decryption key for decrypting information requested by the playback device 3 and enabling playback, and the above sales conditions.

  The second transmission rule management unit 22 holds one or more second transmission rules, and responds to an input of an information identifier for identifying information for which a ticket is requested from the ticket generation unit 23. The second transmission protocol is output to the ticket generation means 23. Here, the second transmission rule includes at least the information decryption key and the above sales conditions.

  When the ticket generation means 23 receives the input of the ticket request message from the ticket providing means 21, the ticket generation means 23 transmits the ticket request message to the second transmission rule management means 22, and acquires the second transmission rule corresponding to the ticket request message. To do. In addition, the ticket generation unit 23 transmits the client information and the second transmission rule described in the ticket request message to the second account management unit 24, and acquires the availability message. Further, the ticket generating unit 23 outputs the generated ticket to the ticket providing unit 21 or outputs an error message to the ticket providing unit 21.

  Here, in order to perform authentication processing and billing processing for the user who has sent the ticket request message, the client information includes user information for identifying the user and a device used for identifying the terminal device used by the user. Contains information.

  The second account management unit 24 holds one or more accounts for the user or host supported by the ticket server device 2 and receives the client information and the second transmission rule from the ticket generation unit 23. An availability message generated according to the presence / absence of the corresponding account, the result of other condition determination, and the like is output to the ticket generation unit 23. Further, the second account management unit 24 outputs charging information to the charging unit 25 as necessary. When the charging unit 25 receives input of charging information from the second account management unit 24, the charging unit 25 performs an appropriate charging process.

  The reproduction apparatus 3 includes a terminal input unit 31, an information request unit 32, a packet reception unit 33, an information reproduction unit 34, a terminal output unit 35, a ticket reception unit 36, a first account management unit 37, And a recording medium 38 for storing a program executed by the means.

  The terminal input unit 31 includes an input device such as a keyboard device or a mouse device for receiving input from the user, appropriately interprets input data from the input device, and outputs a ticket reception start message to the ticket reception unit 36. To do. Further, the terminal input unit 31 outputs an information reception start message to the information request unit 32.

  When the information requesting means 32 receives the input of the information reception start message from the terminal input means 31, the information requesting means 32 and the appropriate streaming server device 1 based on the streaming server URL (Universal Resource Locator) described in the information reception start message Is established, and an information request message is transmitted to the streaming server device 1.

  When the packet receiving unit 33 receives a secure packet from the streaming server device 1, the packet receiving unit 33 outputs a result (restored packet) of restoring the secure packet using the information decryption key input from the ticket receiving unit 36 to the information reproducing unit 34. . When the information reproducing means 34 receives the restoration packet input from the packet receiving means 33, the information reproducing means 34 outputs the reproduction data obtained by the appropriate restoration processing to the terminal output means 35.

  The terminal output unit 35 includes an output device such as a monitor device, a speaker device, and a mixer device for appropriately presenting information to the user. When receiving the reproduction data from the information reproduction unit 34, the terminal output unit 35 outputs the reproduction data. Output to the output device.

  When the ticket receiving unit 36 receives an input of a ticket reception start message from the terminal input unit 31, the ticket receiving unit 36 acquires client information from the first account management unit 36. Further, the ticket receiving means 36 establishes a connection with the appropriate ticket server device 2 based on the URL of the ticket server described in the ticket reception start message, and transmits a ticket request message to the ticket server device 2. To do.

  The first account management unit 37 holds client information including user information such as a user ID (identification information) and a password, and outputs the client information to the ticket receiving unit 36 in response to a request from the ticket receiving unit 36. To do.

  2 is a flowchart showing the operation of the information sales system according to one embodiment of the present invention, FIG. 3 is a flowchart showing the ticket request process of FIG. 2, and FIG. 4 is a flowchart showing the ticket request confirmation process of FIG. is there.

  FIG. 5 is a diagram showing an example of a transmission protocol management table in one embodiment of the present invention, FIG. 6 is a diagram showing an example of a transmission protocol in one embodiment of the present invention, and FIG. 7 is an embodiment of the present invention. It is a figure which shows an example of the account management table in an example.

  FIG. 8 is a diagram showing an example of a configuration for delegating client information validity confirmation to the settlement center in the ticket server device 2 of FIG. 1, and FIG. 9 is a flowchart showing the charging process of FIG. FIG. 2 is a diagram showing an example of a configuration for performing billing processing using a settlement center in the ticket server device 2 of FIG. 1.

  11 is a flowchart showing the ticket generation processing of FIG. 2, FIG. 12 is a diagram showing an example of the format of the ticket in one embodiment of the present invention, and FIG. 13 is a flowchart showing the ticket reception processing of FIG. FIG. 14 is a flowchart showing the information request process of FIG.

  15 is a flowchart showing the information extraction processing of FIG. 2, FIG. 16 is a diagram showing an example of an information management table in one embodiment of the present invention, and FIG. 17 is a flowchart showing the packet transmission processing of FIG. FIG. 18 is a flowchart showing the information reproduction process of FIG.

  The operation of the information sales system according to an embodiment of the present invention will be described with reference to FIGS. The processing shown in FIGS. 2 to 4, 9, 11, 13 to 15, 17, and 18 is recorded by each means of the streaming server device 1, the ticket server device 2, and the playback device 3. This is realized by executing programs stored in the media 15, 26, and 38, respectively.

  In the information sales system according to the embodiment of the present invention, the playback device 3 first performs user input interpretation processing (step A31 in FIG. 2). Specifically, the terminal input means 31 of the playback device 3 accepts input related to the information identifier, the location information of the streaming server device 1 and the location information of the ticket server device 2 from the user.

  As a preferable example of such an input method, a URL for specifying information on the streaming server device 1 and a URL for specifying a transmission rule corresponding to information on the ticket server device 2 are input from a keyboard. There is a way to input. A metafile including these two URLs may be used. In particular, when using a metafile, the terminal input means 31 of the playback device 3 is used to instruct a secondary storage device such as a hard disk device for storing and reading the metafile and a file on the secondary storage device. In general, a well-known UI (User Interface) means may be provided. Further, an auxiliary storage device such as a memory card may be used instead of the secondary storage device.

  Thereafter, the playback device 3 performs a ticket request process (step S32 in FIG. 2). Specifically, referring to FIG. 3, the terminal input means 31 first starts receiving a ticket including at least the information identifier and the location information of the ticket server device 2 among the user input interpretation results obtained in step A31. A message is generated (step S1 in FIG. 3).

  After this ticket reception start message is transmitted to the ticket receiving means 36, the ticket receiving means 36 obtains client information from the first account management means 37 (step S2 in FIG. 3). Here, the first account management means 37 is constituted by a secondary storage device that is safely protected using an encryption file system or the like, or an auxiliary storage device such as a secure memory card. The client information held in FIG. 4 includes information necessary for the billing process in the ticket server device 2, for example, a user ID or password, a user public key certificate, and the like.

  The ticket receiving means 36 generates a ticket request message including the information identifier in the ticket reception start message, the location information of the streaming server device 1, the location information of the ticket server device 2, and the client information (step S3 in FIG. 3). ), Establishes communication with the ticket server device 2 based on the location information of the ticket server device 2 [for example, IP (Internet Protocol) address or host name], and transmits a ticket request message (step S4 in FIG. 3).

  The ticket server device 2 first performs a reception process for the ticket request transmitted from the playback device 3 in step A32 (step A21 in FIG. 2). More specifically, referring to FIG. 4, the ticket providing means 21 first receives a ticket request message and inputs the message to the ticket generating means 22 (step S11 in FIG. 4).

  In the ticket generation means 23, the information identifier described in the ticket request message is extracted and input to the second transmission rule management means 22, and the corresponding second transmission rule or error message is acquired (step S12 in FIG. 4). ). At this time, the second transmission protocol management means 22 includes a second transmission protocol management table (not shown) therein.

  For example, as shown in FIG. 5, the second transmission protocol management table can refer to / read the substance of each second transmission protocol using an information identifier as an index. If there is an index that matches the information identifier, the corresponding second transmission protocol is output to the ticket generation means 23, and if there is no match, an error message is output. Here, for example, as shown in FIG. 6, the second transmission protocol includes an information decryption key, a billing amount, and the like.

  The ticket generation means 23 confirms the output from the second transmission protocol management means 22, and determines whether the output is the second transmission protocol or an error message (step S13 in FIG. 4). If it is an error message, the ticket generation means 23 generates an error ticket that informs that it is an illegal ticket request, transmits it to the playback device 3, and interrupts the subsequent processing (step S14 in FIG. 4).

  On the other hand, if it is the second transmission rule, the ticket generation unit 23 extracts the client information included in the ticket request message and inputs it to the second account management unit 24 to confirm the validity of the client information ( FIG. 4 step S15).

  Here, as a suitable example of the client information validity checking method in the second account management means 24, when a pair of user ID and password that can be charged as client information is used, FIG. As shown in FIG. 5, there is a method of creating an account management table in which all client information registered in advance is recorded. In this method, the account management table is searched according to the input of the client information, and if there is a match, it is valid, or if there is no match, it is invalid. judge.

  Alternatively, as another suitable example, there is a method of using information (membership number, card ID, etc.) necessary for authentication such as a credit card or a prepaid card as client information. In the case of this method, the account management table as described above is not necessarily required. Rather, as shown in FIG. 8, the second account management means 24 and the settlement center 4 are connected via a network, and the second account is managed. The validity confirmation processing of the client information input to the management unit 24 may be delegated to the settlement center 4.

  In this way, after confirming the validity of the client information, if it is determined that the client information is unauthorized, an error ticket is transmitted to the playback apparatus 3 to notify that the unauthorized client information is included. The subsequent processing is interrupted (step S16 in FIG. 4). On the other hand, if it is determined that the client information is valid, the process proceeds to the next step.

  Subsequently, the ticket server device 2 performs an accounting process (step A22 in FIG. 2). More specifically, referring to FIG. 9, first, the ticket generation means 23 obtains the charge amount from the transmission rules (step S21 in FIG. 9). The second account management means 24 inputs at least the billing amount and the client information to the billing means 25 and performs appropriate billing (step S22 in FIG. 9).

  In addition to this, when it is desired to leave a billing log or the like, arbitrary information such as an information identifier may be input. As described above, the billing system used at this time may be operated as a so-called membership billing system when a pair of a user ID and a password is handled as client information. That is, a user's payment account is registered in advance, a set of user ID and password uniquely corresponding to the payment account is issued, and the charging unit 25 sets the user ID and password, If an invoice addressed to a payment account is generated when the is entered, payment can be made offline.

  Of course, when the financial institution has a settlement server on the network, for example, when using a credit card or a prepaid card as described above, the charging means 25 and the settlement server 4 are connected by a network as shown in FIG. By sending the client information and the billing amount to the payment server 4, online payment is also possible.

  Next, the ticket server device 2 performs a ticket generation process (step A23 in FIG. 2). More specifically, referring to FIG. 11, for example, ticket base data as shown in FIG. 12 including at least the information decryption key described in the transmission protocol is generated (step S31 in FIG. 11). Then, a ticket with security protection for preventing the validity of the ticket and the reference from a third party other than the user of the playback device 3 is set as a ticket (step S32 in FIG. 11).

  At this time, as a specific example of a security protection method, first, a public key certificate of the ticket server device 2 is held in the ticket generation unit 23, and a ticket is generated using the public key certificate. Add a digital signature to the base data. Alternatively, the ticket base data is encrypted so that only the user of the playback device 3 can refer to it. At this time, as a key used for encryption, a specific key held by the first account management unit 37 of the playback apparatus 3 is described in the ticket request message, or the client in the second account management unit 24 What is registered in advance as part of the information may be used. Of course, the key may be common between the ticket server device 2 and the playback device 3, or may be a key pair such as a public key / private key in a public key cryptosystem such as RSA (Rivest Shamir Adleman).

  Thereafter, the ticket generated as described above is sent from the ticket generating means 23 to the ticket providing means 21, and is transmitted from the ticket providing means 21 to the reproducing device 3 (step A24 in FIG. 2).

  The playback device 3 performs a ticket reception process on the ticket from the ticket server device 2 (step A33 in FIG. 2). More specifically, referring to FIG. 13, the ticket receiving means 36 of the playback device 3 releases the security protection for the ticket received from the ticket server device 2 (step S41 in FIG. 13). For example, as described in the ticket generation process above, when the ticket is encrypted so that only the user using the playback device 3 can refer to the playback, the playback held in the first account management unit 37 Decrypt with the key unique to the device 3. Alternatively, the validity of the ticket can be verified by checking the digital signature applied to the ticket using the public key certificate of the ticket server device 2.

  The playback device 3 extracts the ticket base data from the ticket (step S42 in FIG. 13), inputs the information decryption key described in the ticket base data to the packet receiving means 33, and the packet receiving means 33 decrypts the information. The key is held (step S43 in FIG. 13).

  Thereafter, the playback device 3 performs an information request process (step A34 in FIG. 2). More specifically, referring to FIG. 14, the terminal input unit 31 generates an information request start message including at least the information identifier and the location information of the streaming server device 1 and inputs it to the information request unit 32 (FIG. 14). Step S51).

  The information requesting means 32 generates an information request message including at least an information identifier (step S52 in FIG. 14), and after establishing communication with the appropriate streaming server device 1 corresponding to the location information of the streaming server device 1, the information request message Is transmitted to the streaming server device 1 (step S53 in FIG. 14). At this time, for example, an encryption communication method such as SSL can be used so that the information request message is not seen by a third party, but the method is not essential.

  When the information request message is sent from the playback device 3, the streaming server device 1 performs an information request confirmation process (step A11 in FIG. 2). Specifically, the information providing unit 11 of the streaming server device 1 interprets the information request message received from the playback device 3, extracts the information identifier, and inputs the information identifier to the packet generation unit 13. At this time, if the information request message is encrypted as described above, the decryption process is performed before the interpretation process.

  Subsequently, the streaming server device 1 performs an information extraction process (step A12 in FIG. 2). More specifically, referring to FIG. 15, in the packet generation unit 13, the information identifier is input to the first transmission protocol management unit 12, and the corresponding transmission protocol or error message is acquired (step S61 in FIG. 15). At this time, the first transmission protocol management means 12 includes, for example, a first transmission protocol management table (not shown) therein.

  The first transmission protocol management table has a structure similar to that of the second transmission protocol management table described above, and the entity of each first transmission protocol can be referred to / read using the information identifier as an index. . If there is an index that matches the information identifier, the first transmission protocol management unit 12 outputs the corresponding first transmission protocol to the packet generation unit 13, and if there is no match, an error message is output to the packet generation unit 13. It is designed to output. Further, the first transmission rule does not have to be exactly the same as the second transmission rule in the second transmission rule management unit 22 of the ticket server device 2, and it is sufficient that at least the information encryption key is included.

  Thereafter, the packet generation unit 13 determines whether the output from the first transmission protocol management unit 12 is the first transmission protocol or an error message (step S62 in FIG. 15). If it is an error message, for example, the packet generation means 13 newly generates an error message notifying that appropriate information is not supported on the streaming server apparatus 2, and the reproducing apparatus 3 via the information providing means 11. And the subsequent processing is interrupted (step S66 in FIG. 15).

  On the other hand, if it is the first transmission protocol, the packet generation means 13 extracts the information encryption key from the first transmission protocol and temporarily holds it (step S63 in FIG. 15). The packet generation unit 13 inputs the information identifier to the information storage unit 14 and acquires corresponding information (step S64 in FIG. 15).

  At this time, the information storage means 14 holds, for example, an information management table as shown in FIG. 16, and information to be provided to the user such as moving image data or audio data using the information identifier as an index. Can be referenced / read. The format of the information to be provided to the user may be any format such as MPEG2 (Moving Picture Experts Group 2) or MP3 (MPEG audio layer 3), and is accessed at least as a "fragment" sequence such as a video frame or fixed length record. It is sufficient if possible.

  Next, the streaming server device 1 performs a packet transmission process (step A13 in FIG. 2). More specifically, referring to FIG. 17, the packet generation unit 13 generates a packet including the fragment while reading the information fragment from the information storage unit 14 (step S71 in FIG. 17). In addition to the above fragment, a serial number indicating the order of the packet is added to the packet, for example, the same as the RTP (Real-time Transport Protocol) payload as described in RFC (Request For Comments) 2250 Has a general structure.

  The packet generation unit 13 generates a secure packet by encrypting the generated packet using the stored information encryption key (step S72 in FIG. 17). The packet generator 13 sequentially transmits the secure packets to the playback device 3 via the information provider 11 (step S73 in FIG. 17).

  The packet generation means 13 repeats the series of processes (steps S71 to S73 in FIG. 17) until reading of the above information fragment from the information storage means 14 is completed (steps S71 to S74 in FIG. 17). The packet generation means 13 generates an information transmission completion message when reading the information fragment as described above from the information storage means 14, and transmits it to the playback device 3 via the information provision means 11 (step S75 in FIG. 17).

  When the information transmission completion message is sent from the streaming server device 1, the reproducing device 3 performs information reproducing processing (step A35 in FIG. 2). More specifically, referring to FIG. 18, first, every time data is received from the information providing unit 11 of the streaming server device 1 in the packet receiving unit 33 of the playback device 3, whether or not the data is a secure packet. Is determined (step S81 in FIG. 18).

  When the packet receiving unit 33 receives the secure packet, it decrypts it using the information decryption key held in step A33 (step S82 in FIG. 18), and inputs the packet obtained after decryption to the information reproducing unit 34. To do. In the information reproducing means 34, a part of the information is appropriately connected to the input packet based on the serial number added to the packet and the information such as the original moving image data and audio data is restored (step S83 in FIG. 18). Then, the restored information is presented to the user via the terminal output means 35 (step S84 in FIG. 18), and the process returns to step S81.

  On the other hand, when the data received from the information providing unit 11 of the streaming server device 1 is various error messages or information transmission completion messages, the packet receiving unit 33 interrupts the information reproduction process and performs an appropriate end process. (FIG. 18, step S85). As a suitable example of this termination processing, when an error message is received, a warning dialog for notifying the user of the error content is displayed via the terminal output means 35, or when an information transmission completion message is received. In addition, there is a method in which the playback apparatus 3 is initialized by closing the moving image display window displayed on the terminal output means 35.

  As described above, in this embodiment, since the ticket server device 2 is usually included in addition to the streaming server device 1 and the playback device 3 in the information sales system using streaming communication, the streaming server device 1 eliminates the need for user authentication processing and billing processing, and can maximize response performance while maintaining security in sales.

  In the information request process (step A34 in FIG. 2), the information request message transmitted from the playback device 3 to the streaming server device 1 is different from the ticket request message in the ticket request process (step A32 in FIG. 2). Or client information required for billing is not included. By doing so, the seller of the information managing the ticket server device 2 can strictly protect the privacy of the user who is the customer.

  Furthermore, even if the streaming server device 1 is actually operating on a plurality of hosts, the ticket server device 2 only needs to operate on at least one host, so that the scalability of the entire information sales system can be improved. In addition to making a contribution, the information seller can entrust information distribution processing to a plurality of streaming system operators.

  Furthermore, since the ticket server device 2 can actually operate on a plurality of hosts for a single streaming server device 1, the streaming system operator can sell a plurality of information. Can be entrusted with information distribution processing.

  In the above description, the case where the playback apparatus 3 sells streaming data for receiving and playing back fragmented information in parallel has been described. However, the present invention also applies to sales and lending of programs and still image data. can do. In this case, an application server or the like may be arranged in place of the streaming server device 1 for program sales or lending.

  FIG. 19 is a block diagram showing a specific example of an information sales system according to an embodiment of the present invention. In FIG. 19, in the information sales system according to one embodiment of the present invention, the information distribution process is performed between the information seller P2 who operates the ticket server device 2 and the streaming system operator P1 who operates the streaming server device 1. A consignment contract is concluded, and an information purchase contract is concluded between an arbitrary user P3 who uses the playback apparatus 3 and the information seller P1.

  Thereafter, when the user P3 receives information from the streaming system operator P1 via the playback device 3 and the streaming server device 1, the user P3 obtains a ticket from the ticket server device 2, and exchanges it with the information seller P2. The price of the information is paid, and the information seller P2 pays a streaming fee based on the consignment contract to the streaming system operator P1.

  FIG. 20 is a flowchart showing an information selling procedure in the information selling system of FIG. 19, and FIG. 21 is a block diagram showing an example of a configuration for performing charging processing based on the charging history in the ticket server device 2 of FIG. . With reference to FIGS. 19 and 20, a method for selling information including a consignment contract for information distribution processing and delivery of a distribution fee in the information sales system of FIG. 19 will be described.

  First, the information seller P2 negotiates an information distribution fee with an arbitrary streaming system operator P1 (step B1 in FIG. 20). The content of this agreement may differ for each piece of information, may determine a fee per delivery process, may determine a specific validity period, or a combination thereof.

  For example, “50 yen per distribution process is paid from the seller of the information to the operator of the streaming system. However, the moving image A is specially 30 yen / time” or “2001 The distribution may be performed for three months from August 1st of the year, and the information seller P2 pays 1 million yen as a distribution fee to the streaming system operator P1. "

  After exchanging the consignment contract as described above, the information seller P2 passes the information to be sold and the corresponding transmission rule to the streaming system operator P1 (step B2 in FIG. 20). At the same time, the transmission rule added with information such as a price (billing amount) to be collected from the user P3 is registered in the second transmission rule management means 22 of the ticket server device 2 (step B3 in FIG. 20).

  The streaming system operator P1 registers the information received from the information seller P2 in the information storage unit 14 of the streaming server device 1, and further registers the transmission protocol in the first transmission protocol management means 12 (step B4 in FIG. 20). ).

  After performing the consignment contract and the system setting associated therewith in this way, the information seller P2 obtains the information identifier corresponding to the information, the location information of the streaming server device 1, and the location information of the ticket server device 2. For example, a metafile is created (step B5 in FIG. 20). If there is a user P3 requesting the metafile, the information seller P2 makes a sales (purchase) contract with the user P3 (step B6 in FIG. 20).

  When signing a sales contract, the price of information is presented from the information seller P2 to the user P3, and the user P3 returns information necessary for the settlement to the information seller P2. At this time, as information necessary for payment, a credit card member number, a bank account number, or the like may be input one by one, or such payment information may be provided in a Web system or the like prepared in advance by the information seller P2. May be registered together with a user ID, password, etc., and each purchase contract may be entered with a user ID or password. In any form, the information for settlement and the information such as the user ID associated therewith are registered in the account management means 24 of the ticket server device 2 if any.

  After the sales contract is established between the user P3 and the information seller P2, the metafile is distributed to the user P3 (step B7 in FIG. 20). Thereafter, when this metafile is input to the playback device 3, the playback device 3 performs the above-described steps A31 to A35 with the streaming server device 1 and the ticket server device 2 described in the metafile. The information is received (step B8 in FIG. 20).

  At this time, particularly in the ticket request process (step A32 in FIG. 2), the ticket request message includes the user ID obtained from the association with the payment information or the credit card member number as the payment information itself as a part of the client information. In the charging process (step A22 in FIG. 2), the charging process is performed based on the payment information associated with the user ID or the like or the payment information itself included in the ticket request message. When the user ID or the like is used, since the payment information associated with the account management means 24 is registered in the above step B6, this may be used.

  Thereafter, the information seller P2 pays a predetermined distribution fee to the streaming system operator P1 based on the contract made in step B1 (step B9 in FIG. 20). In particular, when the contract form is such that a fee is generated for each information distribution process, based on log data of the accounting process (step A22 in FIG. 2) in the accounting unit 25 of the ticket server device 2, The distribution fee can be calculated.

  For this reason, as shown in FIG. 21, the charging means 25 and the charging log database 5 separately prepared by the information seller P2 are connected, and at least the information identifier and at the time of the charging process (step A22 in FIG. 2) The billing amount may be stored in the billing log database 5.

  If the contract exchanged at step B1 has a contract expiration condition such as a period, delete the second transmission rule registered in the transmission rule management unit 23 of the ticket server device 2 at the above step B3 when the contract expires. Thus, contract cancellation by the information seller P1 can be performed.

  FIG. 22 is a block diagram showing a configuration of an information sales system according to another embodiment of the present invention. 22, an information sales system according to another embodiment of the present invention includes an information sales system according to an embodiment of the present invention shown in FIG. 1 except that a second ticket server device 6 is provided instead of the ticket server device 2. It has the same structure, and the same code | symbol is attached | subjected to the same component. The operation of the same component is the same as that of the embodiment of the present invention. That is, although not shown, the configurations of the streaming server device 1 and the playback device 3 are the same as the configurations of the streaming server device 1 and the playback device 3 shown in FIG.

  The second ticket server device 6 is different from the ticket server device 2 shown in FIG. 1 in that, instead of the second transmission rule management unit 22, a transmission rule group management unit 61 and N second transmission rules. It differs by the point provided with management means 22-1 to 22-N. It is assumed that the recording medium 26 also stores programs executed by the transmission protocol group management unit 61 and the N second transmission protocol management units 22-1 to 22-N, respectively.

  The transmission protocol group management unit 61 receives at least the second information identifier from the ticket generation unit 23, and receives an appropriate second transmission protocol management unit (for example, the kth second transmission protocol management unit 22-k). And the information identifier is input to the selected second transmission protocol management unit 22-k, and the second transmission protocol or error message obtained as a response is output to the ticket generation unit 23.

  Each of the second transmission protocol management units 22-1 to 22-N receives the information identifier from the transmission protocol group management unit 61 and performs the same processing as the second transmission protocol management unit 22 shown in FIG. The second transmission protocol corresponding to the information identifier is retrieved, and the retrieved second transmission protocol is output to the transmission protocol group management means 61.

  FIG. 23 is a flowchart showing the operation of the information sales system according to another embodiment of the present invention, FIG. 24 is a flowchart showing the second ticket request confirmation processing of FIG. 23, and FIG. 25 is another embodiment of the present invention. It is a figure which shows an example of the format of the 2nd information identifier in an example, FIG. 26: is a figure which shows an example of the transmission protocol group management table | surface in the other Example of this invention.

  The operation of the information sales system according to another embodiment of the present invention will be described with reference to FIGS. The processing shown in FIGS. 23 and 24 is performed by each means of the streaming server device 1, the second ticket server device 6, and the playback device 3 executing a program stored in the recording medium 15, 26, 38, respectively. Realized.

  Here, the operation of the second ticket server device 6 shown in FIG. 23 is the second ticket confirmation processing (FIG. 2) instead of the ticket confirmation processing (step A21 in FIG. 2) in the operation of the ticket server device 2 shown in FIG. 23 Step A71) is different from the information sales system according to the embodiment of the present invention in that it is performed.

  Step A71 will be described in more detail. As shown in FIG. 24, first, in the second ticket server device 6, it is received by the ticket providing means 21 in the same manner as the ticket confirmation process (step A21 in FIG. 2). The ticket request is transmitted to the ticket generation means 23 (step S91 in FIG. 24).

  Thereafter, the ticket generation means 23 extracts the second information identifier described in the ticket request and inputs it to the transmission protocol group management means 61 (step S92 in FIG. 24). The transmission protocol group management means 61 divides the second information identifier into an operator identifier and an information identifier (first information identifier) (same as in the embodiment of the present invention) (step S93 in FIG. 24).

  The transmission protocol group management unit 61 selects an appropriate k-th second transmission protocol management unit 22-k from the operator identifier, and inputs the first information identifier to the second transmission protocol management unit 22-k. The second transmission rule or error message is acquired and output to the ticket generation means 23 (step S94 in FIG. 24).

  Thereafter, the ticket generation means 23 determines whether the second transmission rule is an error message (step S95 in FIG. 24) and error processing (step S96 in FIG. 24) or a ticket, as in the above-described embodiment of the present invention. The validity of the request is confirmed (step S96 in FIG. 24).

  As shown in FIG. 25, the second information identifier is obtained by concatenating an operator identifier (for example, a streaming system operator domain name, etc.) determined in advance for each streaming system operator and the first information identifier. The playback apparatus 3 and the streaming server apparatus 1 handle the same format as the first information identifier. Further, as shown in FIG. 26, the transmission rule group management unit 61 includes a table that holds an association (for example, a pointer) between the operator identifier and the second transmission rule management unit 22-k corresponding to the operator identifier. keeping.

  In this way, when an information seller concludes a consignment contract with a plurality of streaming system operators, each streaming system operator must have a different contract content, or consign and manage different information. Can do.

  FIG. 27 is a block diagram showing the configuration of an information sales system according to another embodiment of the present invention. In FIG. 27, the information selling system according to another embodiment of the present invention includes a second streaming server device 7 instead of the streaming server device 1 and a second playback device 8 instead of the playback device 3. Other than the above, it is the same as the information sales system according to the embodiment of the present invention shown in FIG. The operation of the same component is the same as that of the embodiment of the present invention. That is, although not shown, the configuration of the ticket server device 2 is the same as the configuration of the ticket server device 2 shown in FIG.

  The second streaming server device 7 has the same configuration as the streaming server device 1 shown in FIG. 1 except that the first session key establishment unit 71 is provided and the second packet generation unit 72 is provided instead of the packet generation unit 13. It is. It is assumed that the recording medium 15 also stores programs executed by the first session key establishment unit 71 and the second packet generation unit 72, respectively.

  When receiving the session key request message from the second playback device 8, the first session key establishing means 71 generates and holds an appropriate session key, and transmits the session key to the second playback device 8. Further, the first session key establishment unit 71 outputs the session key to the second packet generation unit 72 in response to a request from the second packet generation unit 72. Here, the session key indicates information for transforming the information encryption key, such as a random number or a one-time password. That is, the session key is disposable key information used for each session with the second playback device 8.

  When receiving the information identifier from the information providing unit 11, the second packet generation unit 72 acquires an information encryption key or an error message based on the information identifier. Further, the second packet generation means 72 inputs the information identifier to the information storage means 14 and acquires information to be provided to the user.

  Further, the second packet generation means 72 acquires a session key from the first session key establishment means 71 and integrates the session key with the information encryption key. Furthermore, the second packet generating means 72 outputs the secure packet generated from the information and the integrated information encryption key to the information providing means 11 in order or outputs an error message to the information providing means 11.

  The second playback device 8 has the same configuration as the playback device 3 shown in FIG. 1 except that the second session key establishment means 81 is provided and the second packet reception means 82 is provided instead of the packet reception means 35. ing. It is assumed that the recording medium 38 also stores programs executed by the second session key establishment unit 81 and the second packet reception unit 82, respectively.

  The second session key establishing means 81 transmits a session key request message to the first session key establishing means 71 of the second streaming server device 7 and receives the session key from the first session key establishing means 71. Hold. Further, the second session key establishment unit 81 outputs the received session key to the second packet reception unit 82 in response to a request from the second packet reception unit 82.

  When the second packet receiving unit 82 receives the secure packet from the second streaming server device 7, the information decryption key input from the ticket receiving unit 36 and the session key acquired from the second session key establishing unit 81 And outputs the result of restoring the secure packet (restored packet) to the information reproducing means 34.

  28 is a flowchart showing the operation of the information sales system according to another embodiment of the present invention, FIG. 29 is a flowchart showing the second information extraction process of FIG. 28, and FIG. 30 is the session key request process of FIG. FIG. 31 is a flowchart showing the session key generation process of FIG.

  32 is a flowchart showing the session key receiving process of FIG. 28, FIG. 33 is a flowchart showing the second packet transmission process of FIG. 28, and FIG. 34 is a flowchart showing the second information reproduction process of FIG. is there.

  The operation of the information sales system according to another embodiment of the present invention will be described with reference to FIGS. 28 to 34, the respective means of the second streaming server device 7, the ticket server device 2, and the second playback device 8 execute programs stored in the recording media 15, 26, and 38, respectively. It is realized by doing.

  Here, in FIG. 28, the processes from the user input start process (step A31 in FIG. 2) to the information request confirmation process (step A11 in FIG. 2) are the same as those in the information sales system according to the embodiment of the present invention. Thereafter, a second information extraction process (step A71 in FIG. 28) is performed instead of the information extraction process (step A12 in FIG. 2) in the operation of the information sales system according to the embodiment of the present invention, and then the second reproduction is performed. Between the device 8 and the second streaming server device 7, a session key request process (step A81 in FIG. 28), a session key generation process (step A72 in FIG. 28), and a session key reception process (step A82 in FIG. 28) Is different from one embodiment of the present invention in that

  Further, instead of the packet transmission process (step A13 in FIG. 2) and the information reproduction process (step A35 in FIG. 2) in the operation of the information sales system according to the embodiment of the present invention, the second packet transmission process (step A73 in FIG. 28). And the second information reproducing process (step A83 in FIG. 28) is different from the embodiment of the present invention. In the following description, random numbers are used as session keys.

  First, the second information extraction process (step A71 in FIG. 28) in the second streaming server device 7 will be described in more detail with reference to FIG. 29. First, the information sales system according to the embodiment of the present invention will be described. After the information extraction process similar to the operation (steps S101 to S104, S106 in FIG. 29) is performed, an information extraction completion message is generated and transmitted to the information requesting means 32 of the second playback device 8 (step S105 in FIG. 29). ).

  Thereafter, the second playback device 8 performs a session key request process (step A81 in FIG. 28). Referring to FIG. 30, in more detail, the information request means 32 generates a session key establishment start message when receiving an information extraction completion message, and the session key establishment start message is used as the second session key establishment message. The data is input to the means 81 (step S111 in FIG. 30).

  The second session key establishment means 81 generates a session key request message and transmits the session key request message to the first session key establishment means 71 of the second streaming server device 7 (step S112 in FIG. 30). At this time, a communication path different from the communication path established in the information request process (step A34 in FIG. 28) may be used.

  In the second streaming server device 7, a session key generation process (step A72 in FIG. 28) is performed. Describing in more detail with reference to FIG. 31, the first session key establishing means 71 receives the session key request message (step S121 in FIG. 31), thereafter generates a random number, and temporarily holds it internally. (Step S122 in FIG. 31). The first session key establishing means 71 transmits a random number to the second session key establishing means 81 of the second playback device 8 (step S123 in FIG. 31).

  Thereafter, the second playback device 8 performs a session key reception process (step A82 in FIG. 28). Describing in more detail with reference to FIG. 32, the second session key establishing means 81 receives a random number (step S131 in FIG. 32) and temporarily holds the random number internally (step S132 in FIG. 32). Thereafter, the second session key establishment means 81 transmits a session key reception completion message to the first session key establishment means 71 (step S133 in FIG. 32).

  In the second streaming server device 7, a second packet transmission process (step A73 in FIG. 28) is performed. Describing in more detail with reference to FIG. 33, the second packet generation means 72 reads information fragments and generates packets in the same manner as the packet generation means 13 shown in FIG. 1 (step of FIG. 33). S141).

  The second packet generation means 72 acquires the random number R from the first session key establishment means 71 (step S142 in FIG. 33), applies it to the appropriate integration function F together with the held information encryption key K, and obtains the value F The information encryption key K is replaced with (K, R) (step S143 in FIG. 33).

As a suitable example of the integration function F,
F (K, R) = K XOR R (1)
F (K, R) = E [R] (K) (2)
F (K, R) = H (K, R) (3)
Etc. can be used. In Expression (1), XOR represents an exclusive OR, in Expression (2), E represents an encryption function using a random number R as a key, and in Expression (3), H represents an information encryption key K and a random number R. It shows a one-way hash function with concatenation as input.

  The second packet generation means 72 encrypts the packet generated in step S141 using the value F (K, R) as a key, and generates a secure packet (step S144 in FIG. 33). The secure packets generated in this way are sequentially transmitted to the second playback device 8 via the information providing means 11 (step S145 in FIG. 33).

  The second packet generation means 72 repeats the series of processes until the reading of the information fragment is completed (steps S141 to S146 in FIG. 33). When there are no unsent fragments, an information transmission completion message is generated. It transmits to the 2nd reproducing | regenerating apparatus 8 via the information provision means 11 (FIG. 33 step S147).

  Thereafter, the second reproduction device 8 performs a second information reproduction process (step A83 in FIG. 28). 34 will be described in more detail with reference to FIG. 34. First, the second packet receiving means 82 determines whether or not the received data is a secure packet (step S151 in FIG. 34), and if necessary, it is shown in FIG. As with the playback device 3, exception processing is performed and the process ends (step S158 in FIG. 34).

  If the received data is a secure packet, the second packet receiving unit 82 acquires the random number held by the second session key establishing unit 81 (step S152 in FIG. 34). By the same ticket reception process (step A33 in FIG. 2) as the operation according to the embodiment of the present invention, both the information decryption key K and the random number R held in advance by the second packet receiving means 82 are integrated into the integration function F. And the information decryption key K is replaced with the value F (K, R) (step S153 in FIG. 34).

  Thereafter, the second packet receiving means 82 uses the value F (K, R) to decrypt the secure packets in the order received (step S154 in FIG. 34). The second packet receiving means 82 restores information such as the original moving image data and audio data from the restored packet in the same manner as in the embodiment of the present invention (step S155 in FIG. 34), and via the terminal output means 35 While presenting the information to the user (step S156 in FIG. 34), the processes after step S151 are repeated (steps S151 to S157 in FIG. 34).

  As described above, for a plurality of communications (= sessions) providing the same information between the second streaming server device 7 and the second playback device 8, the encryption key and the decryption key of the secure packet are different for each session. , Higher security can be realized for a third party who intercepts the session.

  Note that the processing related to the establishment of the session key described in steps A81, A72, and A82 above, particularly when the communication processing is performed using a communication path different from the communication path related to transmission / reception of the secure packet, Multicast distribution to the second playback device 8 is also possible. In this case, in the session key generation process (step A72 in FIG. 28), the first session key establishment unit 71 of the second streaming server device 7 does not generate a different random number for each second playback device 8, A different random number may be generated each time information is multicast-distributed.

  In addition, for the process related to the establishment of the session key described in the above steps A81, A72, A82, the second session key establishment means 81 of the second playback device 8 generates a random number R2, and the session key request message A random number R2 can also be included. Further, similarly to step A 72, the first session key establishment means 71 of the second streaming server device 7 may generate the random number R 1 and transmit it to the second playback device 8. In this case, in steps A73 and A83, equations for generating keys for replacing the information encryption key K1 and the information decryption key K2 may be used for each.

The second integration function F ′ and F ″ in this case is F ′ (K1, R1, R2) = F (K1, DH1 (R1, R2))
...... (4)
F ″ (K2, R1, R2) = F (K2, DH2 (R1, R2))
...... (5)
May be used for each.

The functions DH1 and DH2 are
R1 = g ^ r1 mod N (6)
R2 = g ^ r2 mod N (7)
DH1 (R1, R2) = (R2) ^ r1 mod N (8)
DH2 (R1, R2) = (R1) ^ r2 mod N (9)
(6) to (9), which are described by Diffie and Hellman et al. In “IEEE Transactions on Information Theory” (v. IT-22, n.6, 1976). The key exchange method (Diffie-Hellman key exchange method) is generally well known.

  In Equation (6), N is a large integer, g is a constant that is a primitive element on the integer group Z (N), r1 is a random number, ^ is a power, and mod is a remainder. Also, in equation (7), r2 represents a certain random number. In this way, higher security can be realized.

  In this way, by providing a ticket server device for managing the sales conditions of information owned by the information seller as a transmission rule, the information seller entrusts the information distribution work to the operator of the streaming system. In doing so, the seller of information can freely set the sales conditions for the information he owns.

  Further, the user authentication process and the billing process are performed by the ticket server apparatuses 2 and 6 independent of the streaming server apparatuses 1 and 7, so that the user authentication process can be performed without degrading the performance of the streaming system when providing information. And billing processing can be performed safely.

It is a block diagram which shows the structure of the information sales system by one Example of this invention. It is a flowchart which shows operation | movement of the information sales system by one Example of this invention. It is a flowchart which shows the ticket request process of FIG. It is a flowchart which shows the ticket request confirmation process of FIG. It is a figure which shows an example of the transmission rule management table | surface in one Example of this invention. It is a figure which shows an example of the transmission protocol in one Example of this invention. It is a figure which shows an example of the account management table | surface in one Example of this invention. It is a figure which shows an example of the structure for delegating the verification of the validity of accounting information to the payment center in the ticket server apparatus of FIG. It is a flowchart which shows the accounting process of FIG. It is a figure which shows an example of the structure for performing an accounting process using the payment center in the ticket server apparatus of FIG. It is a flowchart which shows the ticket production | generation process of FIG. It is a figure which shows an example of the format of the ticket in one Example of this invention. It is a flowchart which shows the ticket reception process of FIG. It is a flowchart which shows the information request process of FIG. It is a flowchart which shows the information extraction process of FIG. It is a figure which shows an example of the information management table | surface in one Example of this invention. It is a flowchart which shows the packet transmission process of FIG. It is a flowchart which shows the information reproduction process of FIG. It is a block diagram which shows the specific example of the information sales system by one Example of this invention. It is a flowchart which shows the information sales procedure in the information sales system of FIG. FIG. 20 is a block diagram illustrating an example of a configuration for performing charging processing based on a charging history in the ticket server device of FIG. 19. It is a block diagram which shows the structure of the information sales system by the other Example of this invention. It is a flowchart which shows operation | movement of the information sales system by the other Example of this invention. It is a flowchart which shows the 2nd ticket request confirmation process of FIG. It is a figure which shows an example of the format of the 2nd information identifier in the other Example of this invention. It is a figure which shows an example of the transmission rule group management table | surface in the other Example of this invention. It is a block diagram which shows the structure of the information sales system by another Example of this invention. It is a flowchart which shows operation | movement of the information sales system by another Example of this invention. It is a flowchart which shows the 2nd information extraction process of FIG. It is a flowchart which shows the session key request | requirement process of FIG. It is a flowchart which shows the session key generation process of FIG. It is a flowchart which shows the session key reception process of FIG. It is a flowchart which shows the 2nd packet transmission process of FIG. It is a flowchart which shows the 2nd information reproduction | regeneration processing of FIG.

Explanation of symbols

1 Streaming server device
2 Ticket server device
3 Playback device
4 Settlement center
5 Accounting log database
6 Second ticket server device
7 Second streaming server device
8 Second playback device
11 Information provision means
12 First transmission protocol management means
13 Packet generation means
14 Information storage means
21 Ticket providing means 22, 22-1 to 22-N Second transmission rule managing means
23 Ticket generation means
24 Second account management means
25 Billing means
31 Terminal input means
32 Information request means
33 Packet receiving means
34 Information reproduction means
35 Terminal output means
36 Ticket receiving means
37 First Account Management Means
61 Second transmission protocol management means
71 First session key establishment means
72 Second packet generation means
81 Second session key establishment means
82 Second packet receiving means
P1 streaming system operator
P2 information seller
P3 user

Claims (19)

  An information providing apparatus for providing information to a user, wherein a first transmission protocol management means for managing a first transmission protocol including an information encryption key for encrypting the information, and at the time of an information request from the user An information providing apparatus comprising: information providing means for simply transmitting information encrypted using the information encryption key to the user.   Session key establishment means for establishing a session key indicating information for transforming the information encryption key while communicating with the transmission source of the message each time the information request message is received at the time of an information request from the user; The information providing apparatus according to claim 1, further comprising: a second packet generation unit that encrypts the information with a key obtained by transforming an encryption key using the session key.   The information providing apparatus according to claim 1, wherein the information is streaming data in which reception and reproduction are performed in parallel.   A ticket providing device that performs authentication processing and billing processing for a user at the time of providing information to the user, and includes at least an information decryption key for decrypting the encrypted information and making it reproducible, and a sales condition for the user A ticket providing apparatus comprising: a second transmission protocol management means for managing a second transmission protocol including the second transmission protocol.   A second account that performs authentication processing of the user based on the client information including the user information of the user and the user device information of the user accumulated in advance when selling information to the user and the second transmission rule. 5. The ticket providing apparatus according to claim 4, further comprising: a managing unit; and a charging unit that performs a charging process for the user based on the second transmission rule.   The presence or absence of the second transmission rule, the condition relating to the validity described in the second transmission rule and including at least the validity period, and the validity of the client information of the user are respectively determined and any of them is determined. 6. The ticket providing apparatus according to claim 5, further comprising ticket generation means for suppressing issuance of a ticket including the information decryption key to the user when it is determined to be invalid.   A transmission for selecting one of a plurality of second transmission rule management means for managing the second transmission rule and the plurality of second transmission rule management means according to the request contents when the ticket is requested. 7. The ticket providing apparatus according to claim 6, further comprising a contract group management unit.   8. The ticket providing device according to claim 4, wherein the information is streaming data in which reception and reproduction are performed in parallel.   Information that is provided from an information providing device and encrypted using an information encryption key for encrypting the information is provided from the ticket providing device and is capable of decrypting and reproducing the encrypted information. A playback apparatus comprising packet receiving means that enables playback while decrypting based on a ticket including at least an information decryption key.   Means for generating a key transformed with the session key using the session key when a session key indicating information for transforming the information encryption key is sent from the information providing device; and the generated key The reproduction apparatus according to claim 9, further comprising: a second packet receiving unit configured to decrypt information encrypted with the key transformed by the session key using the packet.   11. The reproducing apparatus according to claim 9, wherein the information is streaming data in which reception and reproduction are performed in parallel.   A process for receiving a message requesting a ticket including at least an information decryption key for decrypting encrypted information and making it reproducible to a computer, and an information identifier for identifying the information from the received message A process of extracting, a process of selecting one of a plurality of second transmission rules including at least the information decryption key and a sales condition for the user based on the extracted information identifier, and the validity of the message , A process of charging for the charge amount described in the selected second transmission rule, and a process of generating the ticket based on the selected second transmission rule Program.   Corresponding to processing for extracting an identifier consisting of an operator identifier and the information identifier from the received message to the computer, processing for dividing the extracted identifier into the operator identifier and the information identifier, and the divided operator identifier And a process of selecting a second transmission protocol set to be selected and a process of selecting a transmission protocol corresponding to the information identifier from the selected second transmission protocol set. 12. The program according to 12.   Processing for receiving a message requesting information from the computer, processing for extracting an information identifier for identifying the information from the received message, and information for encrypting the information based on the extracted information identifier A process of selecting any one of a plurality of first transmission rules including an encryption key and the information, and a process of performing encryption while reading the information with the information encryption key described in the first transmission protocol Program to let you.   A process of randomly generating and transmitting a session key indicating information for transforming the information encryption key to the computer; a process of generating and holding a key obtained by transforming the information encryption key with the session key; 15. The program according to claim 14, further comprising:   The computer requests a session key indicating information for transforming the information encryption key and receives a message including a preset first session key, and then extracts the first session key from the message Processing, processing for randomly generating and transmitting a second session key, and a key obtained by transforming the information decryption key using a value obtained by multiplying the first session key and the second session key by a function The program according to claim 15, further causing a process to be generated and held.   A process for generating and transmitting a message requesting a ticket including at least an information decryption key for decrypting encrypted information and making it reproducible to a computer, a process for receiving the ticket, and a received ticket A program for executing a process of extracting and holding the information decryption key and a process of reproducing the received information using the extracted information decryption key while decrypting the received information.   Causing the computer to further execute a process of receiving a session key indicating information for transforming the information encryption key and a process of generating and holding a key obtained by transforming the information decryption key with the session key. The program according to claim 17. A process of randomly generating and holding a first session key for transforming the information encryption key, a process of transmitting a message requesting a session key including the first session key to the computer; A process of generating and holding a key obtained by transforming the information decryption key using a value obtained by multiplying the function of the first session key and the second session key after receiving the second session key The program according to claim 17, wherein the program is executed.

Images