JP2005129152A - Protection method, program, recording medium, and information processing system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To prevent data stored into an optical disk from being illegally used without increasing costs. <P>SOLUTION: At least information regarding a key K2 used for decrypting an encrypted file is recorded at a specified region that is not referred to from a specified file system in the recording region of the optical disk (a step 651). In this case, when an encrypted file F2 recorded on the recording region of the optical disk is illegally copied to other optical disks, the information regarding the key is not copied, thus preventing the copied encrypted file from being decrypted. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to a protection method, a program and a recording medium, and an information processing system, and more particularly, to a protection method for preventing unauthorized use of a file recorded on an optical disc and an information processing device for controlling the optical disc apparatus. The present invention relates to a recorded program, a recording medium on which the program is recorded, an optical disk device, and an information processing system including the information processing device.

  In recent years, personal computers (hereinafter referred to as “personal computers”) have come to be widely used not only in companies but also in general households, as their functions are improved and prices are reduced. As an information recording medium having a large recording capacity, an optical disc such as a CD (compact disc) has attracted attention. Along with the reduction in price, an optical disc apparatus using an optical disc as an information recording medium is one of the peripheral devices of a personal computer. Became popular.

  As a result, the user can record information on a CD-R (CD-recordable) or CD-RW (CD-rewritable) using an optical disk device, for example, for backup of a purchased CD-ROM or the like. It has become extremely easy for users to create their own discs. However, since it can be easily backed up, unauthorized copying is also possible, and information such as music, movies, photos, and computer software (hereinafter also referred to as “content”) is written on a CD-ROM or the like, so-called package. The content makers that are commercially available on the media have been damaged greatly. Therefore, various copy protection methods have been devised to prevent unauthorized copying (see Patent Documents 1 to 4).

  Another method for protecting content is content encryption (see, for example, Patent Document 5). This encrypts content using a predetermined key and distributes the encrypted content (encrypted content). For example, a key is given only to an authorized user who has paid a fee, and the encrypted content is decrypted using the key. Thereby, even if the content is illegally copied, the illegal use of the content can be prevented. However, although the device disclosed in Patent Document 5 can perform decryption using a key at a high speed with a compact circuit configuration, the security for the key is not considered, and the key may be stolen. .

Japanese Patent Laid-Open No. 7-235130 JP 2000-348435 A JP 2001-510925 A JP 2000-105970 A JP 2000-56679 A

  The present invention has been made under such circumstances, and an object of the present invention is to provide a protection method and an information processing system capable of preventing unauthorized use of information recorded on an optical disc without increasing the cost. There is.

  In addition, a second object of the present invention is executed by an information processing apparatus that constitutes an information processing system together with an optical disc apparatus, and a program capable of preventing unauthorized use of information recorded on an optical disc and the program are recorded. It is to provide a recording medium.

  The invention according to claim 1 is a protection method for preventing unauthorized use of an encrypted file recorded in a recording area of an optical disc, wherein at least the specific area in the recording area that is not referred to by a predetermined file system This is a protection method including a step of recording information about a key used for decryption of an encrypted file.

  In the present specification, “information about the key” includes not only the key itself but also information that can be converted into a key, information that can specify the key, and the like.

  According to this, at least information related to the key used for decryption of the encrypted file is recorded in a specific area that is not referred to by a predetermined file system in the recording area of the optical disc. In this case, even if the encrypted file recorded in the recording area of the optical disc is illegally copied to another optical disc, the information about the key is not copied, and therefore the copied encrypted file cannot be decrypted. Accordingly, it is possible to prevent unauthorized use of information recorded on the optical disc without increasing the cost as a result.

  In this case, as in the protection method according to claim 2, the specific area may be an area having a head address as an address subsequent to the last address of the encrypted file.

  In the protection method according to claim 1, as in the protection method according to claim 3, the file system is a file system conforming to a standard of ISO9660 or a file system to which the file system is extended, and The area can be an area included in a system area composed of 16 sectors located in front of the volume descriptor.

  In each of the protection methods according to claims 1 to 3, the key-related information can be recorded in the same session as the encryption file, as in the protection method according to claim 4.

  According to a fifth aspect of the present invention, there is provided a program used in an information processing apparatus that constitutes an information processing system together with an optical disk apparatus that uses an optical disk as an information recording target medium, and the recording area of the optical disk via the optical disk apparatus. Is a program that causes the information processing apparatus to execute a procedure for recording at least information related to a key used for decryption of a predetermined encrypted file in a specific area that is not referenced from the predetermined file system.

  According to this, when the program of the present invention is loaded into a predetermined memory and the head address thereof is set in the program counter, the information processing apparatus starts from the predetermined file system in the recording area of the optical disk via the optical disk apparatus. Information relating to a key used for decrypting at least a predetermined encrypted file is recorded in a specific area that is not referred to. That is, according to the program of the present invention, it is possible to cause the information processing apparatus to execute the protection method according to the first aspect of the present invention, thereby preventing unauthorized use of information recorded on the optical disc. It becomes.

  The invention according to claim 6 is a computer-readable recording medium having a recording area including an area in which the program according to claim 5 is recorded.

  According to this, since the program according to claim 5 is recorded, it is possible to prevent unauthorized use of information recorded on the optical disc by causing the computer to execute the program.

  In this case, as in the recording medium according to claim 7, the recording area includes an area where information can be additionally written or rewritten and a read-only area, and the program is recorded in the read-only area. Can be.

  In this case, as in the recording medium according to claim 8, a program for decrypting the encrypted file using information on the key used in the information processing apparatus and recorded in the specific area is a read-only program. It can be further recorded in the area.

  In this case, as in the recording medium according to claim 9, the encrypted file can be an encrypted file recorded in the read-only area.

  In the recording medium according to claim 8, as in the recording medium according to claim 10, the encrypted file is an encrypted file recorded in an area where the information can be additionally written or rewritten. Can do.

  In each of the recording media according to claims 8 to 10, as in the recording medium according to claim 11, the key is a key used for file encryption, and is used and designated by the information processing apparatus. A program for encrypting a file using the key may be further recorded in the read-only area.

  According to a twelfth aspect of the present invention, there is provided key information setting means for setting at least information relating to a key used for decryption of a predetermined encrypted file in data recorded in a specific area that is not referenced from a predetermined file system in the recording area of the optical disc An information processing system comprising: an information processing apparatus including: an optical disk apparatus that writes the data to the optical disk in response to a request from the information processing apparatus.

  According to this, at least information related to the key used for decrypting the predetermined encrypted file is set in the data recorded in the specific area that is not referred to from the predetermined file system in the recording area of the optical disc by the key information setting means. Then, the data is written on the optical disk by the optical disk apparatus in response to a request from the information processing apparatus. In this case, for example, even when an encrypted file having the key as a decryption key (decryption key) is recorded on the optical disc and the encrypted file is illegally copied to another optical disc, information on the key Is not copied, the copied encrypted file cannot be decrypted. Accordingly, it is possible to prevent unauthorized use of information recorded on the optical disc without increasing the cost as a result.

  In this case, as in the information processing system according to claim 12, the information processing apparatus further includes a decryption unit that decrypts the encrypted file using information on the key recorded in the specific area. can do.

  In each of the information processing systems according to claims 12 and 13, as in the information processing system according to claim 13, the key is a key used for file encryption, and the information processing apparatus It is possible to further comprise an encryption means for encrypting the file using.

  Hereinafter, an embodiment of the present invention will be described with reference to FIGS. FIG. 1 shows a schematic configuration of an information processing system 10 according to an embodiment of the present invention.

  The information processing system 10 shown in FIG. 1 includes an optical disc device 20 and a host (for example, a personal computer) 90 as an information processing device that controls the optical disc device 20. In addition, the connection line in FIG. 1 shows the flow of a typical signal and information, and does not represent all the connection relationships of each block.

  First, the configuration of the optical disk device 20 will be described. The optical disk device 20 includes a seek motor 21, a spindle motor 22, an optical pickup device 23, a laser control circuit 24, an encoder 25, a motor driver 26, a PU driver 27, a reproduction signal processing circuit 28, a motor controller 29, a servo controller 33, and a buffer. A RAM 34, a buffer manager 37, a communication interface 38, a flash memory 39, a CPU 40, a RAM 41, and the like are provided. In the present embodiment, an information recording medium conforming to the CD-R standard is used as the optical disc 15 as an example.

  The seek motor 21 is a motor for driving the optical pickup device 23 in the sledge direction (Z-axis direction in FIG. 2). The spindle motor 22 is a motor for rotating the optical disk 15.

  The optical pickup device 23 is a device for irradiating the recording surface of the optical disc 15 with laser light and receiving reflected light from the recording surface. As shown in FIG. 2 as an example, the optical pickup device 23 includes a light source unit 51, a collimating lens 52, a beam splitter 54, an objective lens 60, a detection lens 58, a light receiver PD, and a drive system (focusing actuator and tracking actuator). (Both are not shown)).

  The light source unit 51 includes a semiconductor laser LD as a light source that emits laser light having a wavelength of 780 nm. In the present embodiment, the maximum intensity emission direction of the laser beam emitted from the light source unit 51 is defined as the + X direction.

  The collimating lens 52 is disposed on the + X side of the light source unit 51 and makes the light beam emitted from the light source unit 51 substantially parallel light.

  The beam splitter 54 is disposed on the + X side of the collimating lens 52, transmits the light beam that has been substantially collimated by the collimating lens 52, is reflected by the recording surface of the optical disk 15, and enters through the objective lens 60. The light beam (return light beam) is branched in the −Z direction.

  The objective lens 60 is disposed on the + X side of the beam splitter 54 and condenses the light beam transmitted through the beam splitter 54 on the recording surface of the optical disc 15.

  The detection lens 58 is disposed on the −Z side of the beam splitter 54, and condenses the return light beam branched in the −Z direction by the beam splitter 54 on the light receiving surface of the light receiving device PD. The light receiver PD outputs a plurality of signals including wobble signal information, reproduction data information, focus error information, track error information, and the like to the reproduction signal processing circuit 28 as in a normal optical pickup device.

  The focusing actuator (not shown) is an actuator for minutely driving the objective lens 60 in the focus direction (here, the X-axis direction) that is the optical axis direction of the objective lens 60.

  The tracking actuator (not shown) is an actuator for minutely driving the objective lens 60 in the tracking direction (here, the Z-axis direction).

  As shown in FIG. 3, the reproduction signal processing circuit 28 includes an I / V amplifier 28a, a servo signal detection circuit 28b, a wobble signal detection circuit 28c, an RF signal detection circuit 28d, a decoder 28e, and the like.

  The I / V amplifier 28a converts a current signal, which is an output signal of the light receiver PD, into a voltage signal and amplifies it with a predetermined gain. The servo signal detection circuit 28b detects a servo signal (such as a focus error signal and a track error signal) based on the output signal of the I / V amplifier 28a. The servo signal detected here is output to the servo controller 33. The wobble signal detection circuit 28c detects a wobble signal based on the output signal of the I / V amplifier 28a. The RF signal detection circuit 28d detects an RF signal based on the output signal of the I / V amplifier 28a.

  The decoder 28e extracts address information and synchronization information from the wobble signal detected by the wobble signal detection circuit 28c. The address information extracted here is output to the CPU 40, and the synchronization information is output to the encoder 25, the motor controller 29, and the like as the clock signal Wck. The decoder 28e performs a decoding process and an error detection process on the RF signal detected by the RF signal detection circuit 28d. When an error is detected, the decoder 28e performs an error correction process. The data is stored in the buffer RAM 34 via 37. The RF signal includes address information, and the address information extracted from the RF signal is output from the decoder 28e to the CPU 40.

  Returning to FIG. 1, the servo controller 33 generates a focus control signal for correcting a focus shift based on the focus error signal, and a tracking control signal for correcting a track shift based on the track error signal. Is generated. Each control signal generated here is output to the motor driver 27 when the servo is on, and is not output when the servo is off. Servo-on and servo-off are set by the CPU 40.

  The PU driver 27 generates a driving signal for the focusing actuator in response to the focus control signal and outputs the driving signal to the optical pickup device 23. The PU driver 27 generates a driving signal for the tracking actuator in response to the tracking control signal and outputs the driving signal to the optical pickup device 23. That is, tracking control and focus control are performed by the servo signal detection circuit 28b, the servo controller 33, and the PU driver 27.

  The motor controller 29 generates a rotation control signal for controlling the rotation of the spindle motor 22 and generates a seek control signal for controlling the driving of the seek motor 21 based on an instruction from the CPU 40. The motor controller 29 adjusts the rotation control signal based on the clock signal Wck and an FG signal described later. Each control signal generated here is output to the motor driver 26.

  The motor driver 26 generates a drive signal for the spindle motor 22 corresponding to the rotation control signal and outputs the drive signal to the spindle motor 22. The motor driver 26 generates a drive signal for the seek motor 21 in response to the seek control signal and outputs the drive signal to the seek motor 21. Further, the motor driver 26 generates a pulse signal having a period corresponding to the rotation frequency of the spindle motor 22 and outputs the pulse signal to the motor controller 29 as the FG signal.

  The buffer RAM 34 is a buffer area for temporarily storing data to be recorded on the optical disk 15 (recording data) and data reproduced from the optical disk 15 (reproduction data), and a variable area for storing various program variables. And have.

  The buffer manager 37 manages data input / output to / from the buffer RAM 34. Then, the CPU 40 is notified when the amount of data accumulated in the buffer area of the buffer RAM 34 reaches a predetermined amount.

  The encoder 25 takes out the recording data stored in the buffer RAM 34 based on an instruction from the CPU 40 via the buffer manager 37, performs predetermined data modulation, addition of an error correction code, and the like, and writes a signal to the optical disc 15. Is generated. The write signal generated here is output to the laser control circuit 24 together with the clock signal Wck. Here, as an example, the encoder 25, the reproduction signal processing circuit 28, the buffer manager 37, and the interface 38 are integrated in one LSI.

  The laser control circuit 24 controls the power of laser light applied to the optical disc 15. For example, during recording, a drive signal for the semiconductor laser LD is generated based on the recording conditions, the light emission characteristics of the semiconductor laser LD, the write signal from the encoder 25, the clock signal Wck, and the like.

  The communication interface 38 is a bi-directional communication interface with the host 50, and is compliant with the ATAPI (AT Attachment Packet Interface) standard as an example.

  The flash memory 39 includes a program area and a data area, and a program written in a code readable by the CPU 40 is stored in the program area. On the other hand, the data area stores information on the light emission characteristics of the semiconductor laser LD, information on the seek operation of the optical pickup device 23 (hereinafter also referred to as “seek information”), recording conditions, and the like.

  The CPU 40 controls the operation of each unit in accordance with a program stored in the program area of the flash memory 39, and stores data necessary for the control in the variable area of the buffer RAM 34 and the RAM 41.

  Next, the configuration of the host 90 will be described. The host 90 includes a main control device 92, a RAM 93, a hard disk (HDD) 94, an input device 95, a display device 96, a communication interface 97, a modem 98, and the like. Each is connected through a common bus 99.

  The main control device 92 includes a microcomputer (hereinafter referred to as “MPU”) 92a, a main memory 92b, and the like, and controls the entire host 90 and temporarily stores data necessary for control in the RAM 93. To do.

  The communication interface 97 is a communication interface that conforms to the same standard as the communication interface 38 of the optical disc apparatus 20 and is connected to the communication interface 38 of the optical disc apparatus 20. The connection form between the communication interfaces may be not only a cable connection using a communication line such as a communication cable but also a wireless connection using infrared rays.

  The HDD 94 stores a program written in a code readable by the MPU 92a. The HDD 94 stores a plurality of files created by the user.

  The display device 96 includes a display unit (not shown) using, for example, a CRT, a liquid crystal display (LCD), a plasma display panel (PDP), and the like, and displays various information from the main control device 92.

  The input device 95 includes at least one input medium (not shown) such as a keyboard, a mouse, a tablet, a trackball, a light pen, and a touch panel, for example, and notifies the MPU 92a of various information input by the user. Note that information from the input medium may be input in a wireless manner. Further, as an example in which the display device 96 and the input device 95 are integrated, there is a CRT with a touch panel, for example.

  The modem 98 is a device for connecting to the Internet via a provider.

  In the host 90, communication with the optical disc apparatus 20 is performed by interrupt processing for both transmission and reception. In the reception interrupt process, the reproduction completion flag is set when the received message is a reproduction completion notification, and the write completion flag is set when the reception message is a writing completion notification.

  Here, the file system will be described. Usually, an optical disc records a file entity (file data) and information (file management information) for managing the file in a logical format corresponding to a predetermined file system. As this file system, a file system compliant with the ISO9660 standard (hereinafter also referred to as “ISO9660 file system” for the sake of convenience) (see JIS X0606 “Volume and file structure of information exchange CD-ROM”) is generally adopted. Has been. In this ISO9660 file system, as shown in FIG. 4 as an example, a program area in which user data is written is composed of a system area, a volume descriptor area, a path table area, a directory area, and a file data area.

  The volume descriptor area includes a basic volume descriptor (Primary Volume Descriptor, hereinafter referred to as “PVD”) including link information to the root directory in the path table area and directory area, and a volume descriptor indicating the end of the volume descriptor area. This is an area in which a collection terminal (Terminator Descriptor, hereinafter referred to as “TD”) and the like are written. The PVD is written in the 16th sector from the head sector of the track or the 16th sector from the head sector of the last session.

  The path table area is an area in which link information to the root directory and subdirectories in the directory area is written.

  The directory area is an area in which, for each directory, link information to subdirectories and file entities directly under the directory is written.

  The file data area is an area where a file entity is written.

  However, the ISO9660 file system ensures compatibility with a plurality of operating systems (hereinafter referred to as “OS”). For example, the file identifier is composed of “file name: 8 characters + extension: 3 characters”. , And directories are restricted to up to 8 levels.

  However, recently, the number of files handled by users and the types of files have increased dramatically, and the above-mentioned restrictions have significantly reduced the user-friendliness. Therefore, a Joliet file system has been proposed as a file system that is an extension of the ISO9660 file system, and an OS using this Joliet file system is becoming mainstream in personal computers and the like. In this Joliet file system, in order to ensure compatibility with the ISO9660 file system, as shown in FIG. 5 as an example, as a directory area, a directory area corresponding to the ISO9660 file system (hereinafter referred to as “ISO directory area” for convenience). And a directory area corresponding to the Joliet file system (hereinafter referred to as “directory area for Joliet” for convenience). In addition, as a path table area, a path table area corresponding to the ISO9660 file system (hereinafter referred to as “ISO path table area” for convenience) and a path table area corresponding to the Joliet file system (hereinafter referred to as “Joliet path table area” for convenience). And there exists. The volume descriptor area includes a path table for PVD and Joliet including link information to the ISO path table area and link information to the root directory in the ISO directory area (hereinafter referred to as “ISO root directory” for convenience). Secondary volume descriptor (Supplementary Volume Descriptor, hereinafter referred to as “SVD”), TD, etc. including link information to the area and link information to the root directory in the directory area for Joliet (hereinafter referred to as “Joliet root directory” for convenience) Exists.

  For example, when playing back a file recorded in the file data area on a personal computer equipped with an OS that uses the Joliet file system, the SVD, Joliet path table, and Joliet directory are referenced, and the playback target The data length of the file (hereinafter abbreviated as “reproduction target file”), the recording position of the entity of the reproduction target file, etc. are acquired. When a file recorded in the file data area is played back on a personal computer equipped with an OS adopting the ISO9660 file system, the PVD, the ISO path table, and the ISO directory are referred to. The data length of the file, the recording position of the actual file to be played back, etc. are acquired. The system area is an area that is not referred to in any case.

  In this embodiment, it is assumed that the OS installed in the host 90 employs the Joliet file system.

  As shown in FIG. 6 as an example, the optical disk 15 is a so-called hybrid CD-R having a read-only part (read-only area) and a recordable part (addable area). As shown in FIG. 7 as an example, in this read-only section, a program for recording information about a key in a specific area according to the present invention (hereinafter also referred to as “image data creation program” for convenience), A program for encrypting the file (hereinafter also referred to as “encryption program”), a program for decrypting the encrypted file according to the present invention (hereinafter also referred to as “decryption program”), and data encrypted Recorded files (hereinafter also referred to as “encrypted files” for convenience). Each program is described by a code that can be decoded by the MPU 92a. In the present embodiment, the first logical block number (Logical Block Number, hereinafter referred to as “LBN”) of the program area in the recordable part is n. A multi-session method is used as the recording method, the read-only portion corresponds to the first session, and the second and subsequent sessions are created in the recordable portion.

  In the present embodiment, as an example, a data encryption standard (hereinafter referred to as “DES”) is used as an encryption method. In this case, the key used for data encryption (encryption key) and the key used for decryption (decryption key) are the same, and the size of the key is 64 bits long including parity.

《Encrypted file playback processing》
1. Key acquisition / storage process The host 90 stores a key (denoted as K1) for decrypting the encrypted file (denoted as F1) recorded in the read-only unit in a predetermined area of the recordable unit. Processing will be described with reference to FIGS. It is assumed that the additionally recordable portion of the optical disk 15 is blank. 8 and 9 correspond to a series of processing algorithms executed by the MPU 92a.

  When the user instructs acquisition and storage of the key K1 via the input device 95, a program corresponding to the flowchart of FIG. 8 is loaded from the HDD 94 to the main memory 92b, and its head address is set in the program counter of the MPU 92a. Processing starts.

  In the first step 201, information (file management information) recorded in the SVD, Joliet path table area, and Joliet directory area in the first session is acquired. This file management information is read when the optical disk 15 is loaded (mounted) and is already stored in the RAM 93.

  In the next step 203, a virtual tree structure is constructed in the RAM 93 based on the acquired file information.

  In the next step 205, an image data storage area (hereinafter referred to as “image data storage area”) is secured in the HDD 94. The head position of this image data storage area corresponds to LBN = n.

  In the next step 207, the key K1 of the encrypted file F1 is obtained from a predetermined website via the Internet. Of course, the user has a legitimate right to use the encrypted file F1.

  In the next step 209, a dummy file composed of predetermined dummy data is created.

  In the next step 211, a reproduction request command for the image data creation program is issued to the optical disc apparatus 20. The reproduction request command is added with the start address of the area in which the image data creation program is recorded, the data length of the image data creation program, and the like.

  In the next step 213, the reproduction completion flag is referred to and it is determined whether or not the reproduction processing in the optical disc apparatus 20 is completed. If the reproduction completion flag is not set, the determination here is denied and the process waits until the reproduction process is completed. On the other hand, if the reproduction completion flag is set, the determination here is affirmed, the reproduction completion flag is reset, and the routine proceeds to step 215.

  In step 215, the reproduced image data creation program is transferred to the main memory 92b.

  In the next step 217, the image data creation program is CALLed with information on the dummy file and the key K1 as arguments. Here, as an example, the leading address of the dummy file, the data length, and the leading address of the key K1 stored in the RAM 93 are set as arguments. Thus, the process proceeds to step 251 in FIG.

  In this step 251, system data to be recorded in the system area is created. Here, the key K1 is set at a predetermined position in the system data. The created system data is stored in an area corresponding to LBN = n to n + 15 in the image data storage area.

  In the next step 253, PVD is created. Here, the head LBN of the ISO path table area is set as link information to the path table area, and the head LBN of the ISO root directory is set as link information to the root directory. The PVD created here is stored in an area corresponding to LBN = n + 16 in the image data storage area.

  In the next step 255, the SVD is created. Here, the head LBN of the Joliet path table area is set as link information to the path table area, and the head LBN of the Joliet root directory is set as link information to the root directory. The SVD created here is stored in the SVD area in the image data storage area.

  In the next step 257, an ISO path table is created. Here, the head LBN of the ISO root directory and the head LBN of the ISO subdirectory are set as link information to the ISO directory. The ISO path table created here is stored in the ISO path table area in the image data storage area.

  In the next step 259, a path table for Joliet is created. Here, the head LBN of the root directory for Joliet and the head LBN of the subdirectory for Joliet are set as link information to the directory for Joliet. The created Joliet path table is stored in the Joliet path table area in the image data storage area.

  In the next step 261, an ISO directory is created. Here, information relating to the root directory and subdirectories is set. The created ISO directory is stored in the ISO directory area in the image data storage area.

  In the next step 263, a directory for Joliet is created. Here, information relating to the root directory and subdirectories is set. The created Joliet directory is stored in the Joliet directory area in the image data storage area.

  In the next step 265, the substance of the dummy file is stored in the file data area in the image data storage area. As a result, image data is created on the HDD 94. Then, the image data creation program is terminated, and the process proceeds to step 219 in FIG.

  In this step 219, an image data recording request command is issued to the optical disc apparatus 20. The recording request command is added with the start address of the area where the image data is recorded, the data length of the image data, and the like.

  In the next step 221, the image data created on the HDD 94 is output to the optical disc apparatus 20.

  In the next step 223, the writing completion flag is referred to and it is determined whether or not the writing process in the optical disc apparatus 20 is completed. If the write completion flag is not set, the determination here is denied and the process waits until the write process is completed. On the other hand, if the write completion flag is set, the determination here is affirmed, the write completion flag is reset, and the process ends.

  As a result, as shown in FIG. 10 as an example, the key K1 is recorded in the system area of the second session that is not referred to by the OS that supports the Joliet file system or the ISO9660 file system, and the substance of the dummy file is the second session. Are recorded in the file data area.

2. Encrypted File Reproduction Processing Next, processing performed by the host 90 when reproducing the encrypted file F1 on the optical disk 15 on which the key K1 is recorded will be described with reference to FIGS. 11 and 12 correspond to a series of processing algorithms executed by the MPU 92a.

  When the user instructs the reproduction of the encrypted file F1 via the input device 95, a program corresponding to the flowchart of FIG. 11 is loaded from the HDD 94 to the main memory 92b, and its head address is set in the program counter of the MPU 92a. Processing starts.

  In the first step 301, information (file management information) recorded in the SVD, the Joliet path table area, and the Joliet directory area in the second session is acquired.

  In the next step 303, the acquired file management information is referenced to acquire the data length of the reproduction target file F1, the top LBN of the entity, and the like.

  In the next step 305, a reproduction request command for the reproduction target file F1 is issued to the optical disc apparatus 20.

  In the next step 307, the reproduction completion flag is referred to and it is determined whether or not the reproduction process in the optical disc apparatus 20 is completed. If the reproduction completion flag is not set, the determination here is denied and the process waits until the reproduction process is completed. On the other hand, if the reproduction completion flag is set, the determination here is affirmed, the reproduction completion flag is reset, and the routine proceeds to step 309.

  In this step 309, a reproduction request command for the decoding program is issued to the optical disc apparatus 20.

  In the next step 311, the reproduction completion flag is referred to and it is determined whether or not the reproduction processing in the optical disc apparatus 20 has been completed. If the reproduction completion flag is not set, the determination here is denied and the process waits until the reproduction process is completed. On the other hand, if the reproduction completion flag is set, the determination here is affirmed, the reproduction completion flag is reset, and the routine proceeds to step 313.

  In step 313, the reproduced decryption program is transferred to the main memory 92b.

  In the next step 315, the decryption program is CALLed with information on the reproduction target file F1 and the dummy file as arguments. Here, as an example, the start address of the reproduction target file F1 stored in the RAM 93, the data length, and the session number in which the dummy file is recorded are set as arguments. Thus, the process proceeds to step 351 in FIG.

  In this step 351, since the dummy file is recorded in the second session, the key K1 recorded in the system area of the second session is extracted.

  In the next step 353, the reproduction target file F1 is decrypted using the key K1. Here, decoding is performed based on the DES method. Then, when all the data of the reproduction target file F1 is decrypted, the decryption program is terminated, and the process proceeds to Step 317 in FIG.

  In step 317, the decrypted reproduction target file F1 is displayed on the display unit of the display device 96. Then, the process ends.

3. Playback Process in Optical Disk Device 20 Here, a process in the optical disk device 20 when a playback request command is received from the host 90 will be briefly described with reference to FIG. The flowchart in FIG. 13 corresponds to a series of processing algorithms executed by the CPU 40. When a reproduction request command is received from the host 90, the start address of the program corresponding to the flowchart in FIG. 13 is set in the program counter of the CPU 40. Starts.

  In the first step 401, the motor controller 29 is instructed so that the spindle motor 22 rotates in accordance with the reproduction speed, and the reproduction signal processing circuit 28 is notified that the reproduction request command has been received from the host 90.

  In the next step 403, when it is confirmed that the rotation of the optical disk 15 has reached a predetermined linear velocity, servo-on is set for the servo controller 33. Thereby, tracking control and focus control are performed as described above. Note that tracking control and focus control are performed as needed until the reproduction process is completed. The track address information is output from the decoder 28e to the CPU 40 as needed based on the RF signal.

  In the next step 405, the current address is acquired based on the address information from the decoder 28e.

  In the next step 407, a difference (address difference) between the current address and the target address extracted from the reproduction request command is calculated.

  In the next step 409, it is determined whether seek is necessary based on the address difference. Here, the threshold stored in the flash memory 39 is referred to as one of the seek information, and if the address difference exceeds the threshold, the determination here is affirmed and the routine proceeds to step 411.

  In step 411, the motor controller 29 is instructed to drive the seek motor 21. As a result, the seek motor 21 is driven, and a seek operation is performed so that the address difference is reduced. Then, the process returns to step 405.

  Thereafter, the loop processing in steps 405 to 411 is repeated until the address difference becomes equal to or smaller than the threshold value.

  If it is determined in step 409 that the address difference is equal to or smaller than the threshold value, the determination here is denied and the process proceeds to step 413.

  In step 413, it is determined whether or not the current address matches the target address. If the current address does not match the target address, the determination here is denied and the routine proceeds to step 415.

  In this step 415, the current address is acquired based on the address information from the decoder 28e. Then, the process returns to step 413.

  Thereafter, the loop processing in steps 413 and 415 is repeated until the determination in step 413 is affirmed.

  If the current address matches the target address, the determination at step 413 is affirmed, and the routine proceeds to step 417.

  In step 417, the reproduction signal processing circuit 28 is instructed to read. Thereby, the reproduction data is acquired by the reproduction signal processing circuit 28 and stored in the buffer RAM 34 as described above. This reproduced data is transferred to the host 90 via the buffer manager 37 and the communication interface 38 in units of sectors.

  In the next step 419, it is determined whether or not the reproduction of the reproduction target file has been completed. Specifically, it is possible to know whether or not the reproduction of the reproduction target file is completed by comparing the data length added to the reproduction request command with the data length already reproduced. For example, if the reproduction is not completed, the determination here is denied and the process waits until the reproduction is completed. On the other hand, if the reproduction is completed, the determination here is affirmed and the routine proceeds to step 421.

  In this step 421, the completion of reproduction is notified to the host 90, a predetermined end process is performed, and then the process ends.

4). Recording Process in Optical Disc Device 20 The processing in the optical disc device 20 when a recording request command from the host 90 is received will be briefly described with reference to FIG. The flowchart in FIG. 14 corresponds to a series of processing algorithms executed by the CPU 40. When a recording request command is received from the host 90, the start address of the program corresponding to the flowchart in FIG. 14 is set in the program counter of the CPU 40. Starts.

  In the first step 501, the motor controller 29 is instructed to rotate the spindle motor 22 in accordance with the recording speed, and the reproduction signal processing circuit 28 is notified that the recording request command has been received from the host 90. Further, the buffer manager 37 is instructed to store the data (recording data) received from the host 90 in the buffer RAM 34.

  In the next step 503, when it is confirmed that the rotation of the optical disk 15 has reached a predetermined linear velocity, servo-on is set for the servo controller 33. As a result, tracking control and focus control are performed as described above. Note that tracking control and focus control are performed as needed until the recording process is completed.

  In the next step 505, OPC (Optimum Power Control) is performed based on the recording speed to obtain the optimum recording power. That is, while changing the recording power stepwise, predetermined data is trial-written in a trial writing area called PCA (Power Calibration Area), and then the data is sequentially reproduced. For example, the asymmetry detected from the RF signal When the value almost coincides with a target value obtained in advance through experiments or the like, it is determined that the recording quality is the highest, and the recording power at that time is set as the optimum recording power.

  In the next step 507, the current address is obtained based on the address information from the decoder 28e.

  In the next step 509, a difference (address difference) between the current address and the target address extracted from the recording request command is calculated.

  In the next step 511, it is determined whether seek is necessary based on the address difference. Here, the threshold stored in the flash memory 39 is referred to as one of the seek information, and if the address difference exceeds the threshold, the determination here is affirmed and the routine proceeds to step 513.

  In step 513, the motor controller 29 is instructed to drive the seek motor 21. As a result, the seek motor 21 is driven, and a seek operation is performed so that the address difference is reduced. Then, the process returns to step 507.

  Thereafter, the loop processing of steps 507 to 513 is repeatedly performed until the address difference becomes equal to or smaller than the threshold value.

  If it is determined in step 511 that the address difference is equal to or smaller than the threshold value, the determination here is denied and the process proceeds to step 515.

  In step 515, it is determined whether or not the current address matches the target address. If the current address does not match the target address, the determination here is denied and the routine proceeds to step 517.

  In this step 517, the current address is acquired based on the address information from the decoder 28e. Then, the process returns to step 515.

  Thereafter, the loop processing in steps 515 and 517 is repeated until the determination in step 515 is affirmed.

  If the current address matches the target address, the determination at step 515 is affirmed, and the routine proceeds to step 519.

  In step 519, the encoder 25 is allowed to write. As a result, the recording data is written to the optical disk 15 via the encoder 25, the laser control circuit 24, and the optical pickup device 23.

  In the next step 521, it is determined whether or not all the recording data has been written. Specifically, it is possible to know whether or not all the recording data has been written by comparing the data length added to the recording request command with the already written data length. For example, if all the recording data has not been written, the determination here is denied and the process waits until all the recording data is written. On the other hand, if all the recording data has been written, the determination here is affirmed and the routine proceeds to step 523.

  In this step 523, the completion of writing is notified to the host 90, a predetermined end process is performed, and then the process ends.

<< File recording process in the third session >>
Next, processing in the host 90 when the file (F2) stored in the HDD 94 is encrypted and recorded on the optical disc 15 will be described with reference to FIGS. Here, the second session in which the dummy file and the key K1 are recorded is closed, and the file F2 is encrypted and recorded in a new session (“third session”). The flowcharts of FIGS. 15 to 17 correspond to a series of processing algorithms executed by the MPU 92a.

  When the user designates the file F2 stored in the HDD 94 via the input device 95 and instructs it to be encrypted and recorded on the optical disc 15, a program corresponding to the flowchart of FIG. 15 is loaded from the HDD 94 to the main memory 92b. At the same time, the head address is set in the program counter of the MPU 92a, and the process starts. It is assumed that the image data creation program is already loaded in the main memory 92b. In addition, the top LBN of the program area in the third session is m.

  In the first step 601, information (file management information) recorded in the SVD, Joliet path table area, and Joliet directory area in the second session is acquired.

  In the next step 603, information about the file F2 (file information) is acquired.

  In the next step 605, a virtual tree structure is constructed in the RAM 93 based on the information acquired in steps 601 and 603.

  In the next step 607, an image data storage area is secured in the HDD 94. The head position of this image data storage area corresponds to LBN = m.

  In the next step 609, a reproduction request command for the encrypted program is issued to the optical disc apparatus 20.

  In the next step 611, the reproduction completion flag is referred to and it is determined whether or not the reproduction processing in the optical disc apparatus 20 is completed. If the reproduction completion flag is not set, the determination here is denied and the process waits until the reproduction process is completed. On the other hand, if the reproduction completion flag is set, the determination here is affirmed, the reproduction completion flag is reset, and the routine proceeds to step 613.

  In step 613, the reproduced encrypted program is transferred to the main memory 92b.

  In the next step 615, the key (referred to as K2) of the recording target file F2 is acquired from a predetermined website via the Internet.

  In the next step 617, the encryption program is CALLed using information on the recording target file F2 and the key K2 as arguments. Here, as an example, the start address, data length, and start address of the key K2 of the recording target file F2 stored in the RAM 93 are set as arguments. As a result, the process proceeds to step 641 in FIG.

  In step 641, K2 is set as the encryption key.

  In the next step 643, F2 is set as a file to be encrypted.

  In the next step 645, the recording target file F2 is encrypted using the key K2. Here, encryption is performed based on the DES method. When all the data of the recording target file F2 is encrypted, the encryption program is terminated, and the process proceeds to Step 619 in FIG.

  In step 619, the image data creation program is CALLed using the information related to the encrypted recording target file F2 and the key K2 as arguments. Here, as an example, the start address, the data length, and the start address of the key K2 of the encrypted recording target file F2 stored in the RAM 93 are set as arguments. Thus, the process proceeds to step 651 in FIG.

  In step 651, system data to be recorded in the system area is created. Here, the key K2 is set at a predetermined position in the system data. The created system data is stored in an area corresponding to LBN = m to m + 15 in the image data storage area.

  In the next step 653, a PVD is created in the same manner as in step 253. The PVD created here is stored in an area corresponding to LBN = m + 16 in the image data storage area.

  In the next steps 655 to 663, processing similar to that in steps 255 to 263 is performed.

  In the next step 665, the substance of the encrypted file F2 is stored in the file data area in the image data storage area. As a result, image data is created on the HDD 94. Then, the image data creation program is terminated, and the process proceeds to step 621 in FIG.

  In this step 621, an image data recording request command is issued to the optical disc apparatus 20.

  In the next step 623, the image data created on the HDD 94 is output to the optical disc apparatus 20.

  In the next step 625, the writing completion flag is referred to and it is determined whether or not the writing process in the optical disc apparatus 20 is completed. If the write completion flag is not set, the determination here is denied and the process waits until the write process is completed. On the other hand, if the write completion flag is set, the determination here is affirmed, the write completion flag is reset, and the process ends.

  Accordingly, as shown in FIG. 18 as an example, the key K2 is recorded in the system area of the third session that is not referred to by the OS that supports the Joliet file system or the ISO9660 file system, and the recording target file F2 that is encrypted. Is recorded in the file data area of the third session.

<< Adding file to the fourth session >>
Next, processing in the host 90 when the file (referred to as F3) stored in the HDD 94 is encrypted and added to the optical disc 15 will be described with reference to FIGS. Here, the third session in which the encrypted file F2 is recorded is closed, and the file F3 is encrypted and recorded in a new session (“fourth session”). Further, the flowcharts of FIGS. 19 to 21 correspond to a series of processing algorithms executed by the MPU 92a.

  When the user designates the file F3 stored in the HDD 94 via the input device 95 and instructs to encrypt and add to the optical disk 15, a program corresponding to the flowchart of FIG. 19 is loaded from the HDD 94 to the main memory 92b. At the same time, the head address is set in the program counter of the MPU 92a, and the process starts. It is assumed that the encryption program and the image data creation program are already loaded in the main memory 92b. Also, let the top LBN of the program area in the fourth session be p.

  In the first step 701, information (file management information) recorded in the SVD, the Joliet path table area, and the Joliet directory area in the third session is acquired.

  In the next step 703, information about the file F3 (file information) is acquired.

  In the next step 705, a virtual tree structure is constructed in the RAM 93 based on the information acquired in steps 701 and 703.

  In the next step 707, an image data storage area is secured in the HDD 94. The head position of this image data storage area corresponds to LBN = p.

  In the next step 709, the key (referred to as K3) of the recording target file F3 is acquired from a predetermined website via the Internet.

  In the next step 711, the encryption program is CALLed using information on the recording target file F3 and the key K3 as arguments. Here, as an example, the start address, data length, and start address of the key K3 of the recording target file F3 stored in the RAM 93 are set as arguments. As a result, the routine proceeds to step 741 in FIG.

  In step 741, K3 is set as the encryption key.

  In the next step 743, F3 is set as the file to be encrypted.

  In the next step 745, the recording target file F3 is encrypted using the key K3. Here, encryption is performed based on the DES method. Then, when all the data of the recording target file F3 is encrypted, the encryption program is terminated, and the process proceeds to step 713 in FIG.

  In step 713, the image data creation program is CALLed using the information related to the encrypted recording target file F3 and the key K3 as arguments. Here, as an example, the start address, the data length, and the start address of the key K2 of the encrypted recording target file F2 stored in the RAM 93 are set as arguments. Thus, the process proceeds to step 751 in FIG.

  In step 751, system data to be recorded in the system area is created. Here, the key K3 is set at a predetermined position in the system data. The created system data is stored in an area corresponding to LBN = p to p + 15 in the image data storage area.

  In the next step 753, a PVD is created in the same manner as in step 253. The PVD created here is stored in an area corresponding to LBN = p + 16 in the image data storage area.

  In the next steps 755 to 763, processing similar to that in steps 255 to 263 is performed.

  In the next step 765, the substance of the encrypted file F3 is stored in the file data area in the image data storage area. As a result, image data is created on the HDD 94. Then, the image data creation program is terminated, and the process proceeds to step 715 in FIG.

  In step 715, an image data recording request command is issued to the optical disc apparatus 20.

  In the next step 717, the image data created on the HDD 94 is output to the optical disc apparatus 20.

  In the next step 719, with reference to the write completion flag, it is determined whether or not the write processing in the optical disc apparatus 20 has been completed. If the write completion flag is not set, the determination here is denied and the process waits until the write process is completed. On the other hand, if the write completion flag is set, the determination here is affirmed, the write completion flag is reset, and the process ends.

  Thus, as shown in FIG. 22 as an example, the key K3 is recorded in the system area of the fourth session that is not referred to by the OS supporting the Joliet file system or the ISO9660 file system, and the recording target file F3 is encrypted. Is recorded in the file data area of the fourth session.

<< Reproduction processing of encrypted file F2 >>
Next, processing in the host 90 when reproducing the encrypted file F2 recorded on the optical disc 15 will be described with reference to FIGS. The flowcharts of FIGS. 23 and 24 correspond to a series of processing algorithms executed by the MPU 92a.

  When the user gives an instruction to reproduce the encrypted file F2 recorded on the optical disc 15 via the input device 95, a program corresponding to the flowchart of FIG. 23 is loaded from the HDD 94 to the main memory 92b and its head address Is set in the program counter of the MPU 92a, and the process starts. It is assumed that the decoding program is already loaded in the main memory 92b.

  In the first step 801, information (file management information) recorded in the SVD, Joliet path table area, and Joliet directory area in the fourth session is acquired.

  In the next step 803, referring to the acquired file management information, the data length of the reproduction target file F2, the head LBN of the entity, and the like are acquired.

  In the next step 805, a reproduction request command for the reproduction target file F2 is issued to the optical disc apparatus 20.

  In the next step 807, the reproduction completion flag is referred to and it is determined whether or not the reproduction processing in the optical disc apparatus 20 is completed. If the reproduction completion flag is not set, the determination here is denied and the process waits until the reproduction process is completed. On the other hand, if the reproduction completion flag is set, the determination here is affirmed, the reproduction completion flag is reset, and the routine proceeds to step 809.

  In the next step 809, the decryption program is CALLed with information relating to the reproduction target file F2 as an argument. Here, as an example, the head address of the reproduction target file F2 stored in the RAM 93, the data length, and the session number in which the reproduction target file F2 is recorded are set as arguments. Thus, the process proceeds to step 851 in FIG.

  In this step 851, since the reproduction target file F2 is recorded in the third session, the key K2 is extracted from the system area of the third session.

  In the next step 853, the reproduction target file F2 is decrypted using the key K2. Here, decoding is performed based on the DES method. Then, when all the data of the reproduction target file F2 is decrypted, the decryption program is terminated, and the process proceeds to Step 811 in FIG.

  In step 811, the decoded reproduction target file F 2 is displayed on the display unit of the display device 96. Then, the process ends.

  In addition, the encrypted file F3 can be reproduced in the same manner by changing the file F2 in the flowcharts of FIGS. 23 and 24 to the file F3 and changing the key K2 to the key K3.

  As is clear from the above description, in the information recording system 10 according to the present embodiment, the key information setting unit, the decrypting unit, and the encrypting unit of the present invention are executed by the MPU 92a of the host 90 and the program executed by the MPU 92a. Is realized. That is, the key information setting means is realized by the flowcharts of FIGS. The decoding means is realized by the flowcharts of FIGS. The encryption means is realized by the flowcharts of FIGS. However, it goes without saying that the present invention is not limited to this. That is, the above embodiment is merely an example, and at least a part of each means realized by processing according to the program by the MPU 52a may be configured by hardware, or all may be configured by hardware. good.

  In the present embodiment, among the programs stored on the optical disc 15, the image data creation program is configured by programs corresponding to the flowcharts of FIGS. 9, 17, and 21. Further, the decoding program is constituted by programs corresponding to the flowcharts of FIGS. The encryption program is composed of programs corresponding to the flowcharts of FIGS.

  Furthermore, in the present embodiment, the protection method according to the present invention is implemented by the processing in steps 217 to 221 in the flowchart of FIG. Further, in the flowchart of FIG. 15, the protection method according to the present invention is implemented by the processing in steps 619 to 623. In the flowchart of FIG. 19, the protection method according to the present invention is implemented by the processing in steps 713 to 717.

  As described above, according to the information processing system 10 according to the present embodiment, the host 90 decrypts the encrypted file F1 into the data recorded in the system area (specific area) of LBN = n to n + 15 of the optical disk 15. Image data in which information related to the key K1 to be used is set is created. Then, the image data is output from the host 90 to the optical disc device 20 together with the recording request command, and written to the optical disc 15 by the optical disc device 20. In this case, for example, even when the encrypted file F1 is illegally copied to another optical disk, the information relating to the key K1 is not copied, so the copied encrypted file F1 cannot be decrypted. Accordingly, it is possible to prevent unauthorized use of information recorded on the optical disc without increasing the cost as a result.

  Further, according to the present embodiment, when there is a reproduction request for the file F1, the host 90 extracts information related to the key K1 from the system area of the session in which the dummy file of the file F1 is recorded, and uses the key K1 as a file. F1 is being decoded. As a result, a legitimate user can easily reproduce the file F1.

  Further, according to the present embodiment, the host 90 encrypts the file F2 designated by the user with the key K2, and records the encrypted file F2 and the key K2 in the same third session. This facilitates the association between the encrypted file F2 and the key K2.

  In the above embodiment, the case where the key of the file F2 is different from the key of the file F3 has been described. However, the present invention is not limited to this, and the key of the file F2 and the key of the file F3 may be the same. good. In this case, information about the key may be recorded only in one of the sessions.

  In the above embodiment, the case where the dummy file is used when the key K1 is recorded has been described. However, the present invention is not limited to this, and as shown in FIG. The file F1 recorded in the copy may be copied to the file data area of the second session.

  Moreover, although the said embodiment demonstrated the case where the said key was acquired via the internet, this invention is not limited to this. For example, it may be acquired using mail or courier. In this case, for example, the key is obtained in a state recorded on a flexible disk or an optical disk. Therefore, the modem 98 may be omitted.

  Moreover, although the said embodiment demonstrated the case where the said encryption file F1 was recorded on the said read-only part, the said encryption file F1 does not need to be recorded on the said read-only part. In this case, the file F2 and the key K2 are recorded in the second session, and the file F3 and the key K3 are recorded in the third session.

  In the above embodiment, the case where the user file is encrypted and recorded in the recordable unit has been described. However, when the user file does not need to be encrypted and recorded, the encryption program is unnecessary, The encryption program may not be recorded in the read-only unit.

  In the above embodiment, the case where DES is used as the encryption method has been described. However, the present invention is not limited to this. For example, triple DES, IDEA (International Data Encryption Algorithm (International Data Encryption Algorithm)), Blowfish, Khufu, etc. may be used.

  Moreover, although the said embodiment demonstrated the case where an encryption key and a decryption key were the same, an encryption key and a decryption key may differ. An RSA method is known as an encryption method in which an encryption key and a decryption key are different.

  Moreover, although the said embodiment demonstrated the case where OS of the host 50 supported the Joliet file system, it is not limited to this. In short, any file system that does not refer to the system area may be used.

  In the above embodiment, at least one of the process of constructing the virtual tree structure and the process of securing the image data storage area in the HDD may be performed by the image data creation program.

  Further, in the above-described embodiment, the case where the host 90 passes each program loaded from the optical disc 15 with the information about the target file and the key is described as an argument. However, the present invention is not limited to this. An area may be set in advance, and information on the target file and key may be passed to each program via the area.

  Moreover, although the case where the information regarding a key was recorded on a system area was demonstrated in the said embodiment, this invention is not limited to this. For example, as shown in FIG. 26, information about the key may be recorded in an area having the head address as the address following the final address of the encrypted file.

  Moreover, although the said embodiment demonstrated the case where the said optical disk 15 was an optical disk based on the specification of CD-R, it is not limited to this, For example, CD-RW may be sufficient. In this case, the recordable part is a rewritable area.

  In the above embodiment, the case where each of the communication interfaces conforms to the ATAPI standard has been described. However, the present invention is not limited to this. For example, ATA (AT Attachment), SCSI (Small Computer System Interface), USB (Universal Serial Bus) 1.0, USB 2.0, IEEE 1394, IEEE 802.3, serial ATA, and serial ATAPI may be used.

It is a block diagram which shows schematic structure of the information processing system which concerns on one Embodiment of this invention. It is a figure for demonstrating the structure of the optical pick-up apparatus in FIG. FIG. 2 is a block diagram for explaining a configuration of a reproduction signal processing circuit in FIG. 1. It is a figure for demonstrating the file system based on the specification of ISO9660. It is a figure for demonstrating the file system based on the standard of Joliet. It is a figure for demonstrating the structure of the optical disk based on this invention. It is a figure for demonstrating the content currently recorded on the read-only part of FIG. It is a flowchart for demonstrating the key storage process in the host performed according to the request | requirement from a user. It is a flowchart for demonstrating the process in step 217 of FIG. It is a figure for demonstrating the processing result of FIG. It is a flowchart for demonstrating the reproduction process of the encryption file in the host performed according to the request | requirement from a user. 12 is a flowchart for explaining a process in step 315 of FIG. 11. 10 is a flowchart for explaining a reproduction process in the optical disc apparatus performed in response to a reproduction request command from a host. It is a flowchart for demonstrating the recording process in the optical disk device performed according to the recording request command from a host. It is a flowchart for demonstrating the recording process of the file F2 in the host performed according to the request | requirement from a user. It is a flowchart for demonstrating the process in step 617 of FIG. It is a flowchart for demonstrating the process in step 619 of FIG. It is a figure for demonstrating the processing result of FIG. It is a flowchart for demonstrating the recording process of the file F3 in the host performed according to the request | requirement from a user. FIG. 20 is a flowchart for explaining processing in step 711 of FIG. 19. FIG. It is a flowchart for demonstrating the process in step 713 of FIG. It is a figure for demonstrating the processing result of FIG. It is a flowchart for demonstrating the reproduction | regeneration processing of the file F2 in the host performed according to the request | requirement from a user. It is a flowchart for demonstrating the process in step 809 of FIG. It is a figure for demonstrating the case where a dummy data file is not used. It is a figure for demonstrating the case where the information regarding a key is recorded on the area | region following the substance of the encrypted file.

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 ... Information processing system, 15 ... Optical disk (recording medium), 20 ... Optical disk apparatus, 90 ... Host (information processing apparatus), 92a ... MPU (key information setting means, decryption means, encryption means).

Claims (14)

A protection method for preventing unauthorized use of an encrypted file recorded in a recording area of an optical disc,
A protection method including a step of recording at least information related to a key used for decryption of the encrypted file in a specific area that is not referenced from a predetermined file system in the recording area.   2. The protection method according to claim 1, wherein the specific area is an area having a head address as an address subsequent to a final address of the encrypted file. The file system is a file system conforming to the standard of ISO9660 or a file system in which the file system is extended,
The protection method according to claim 1, wherein the specific area is an area included in a system area composed of 16 sectors located in front of a volume descriptor.   The protection method according to claim 1, wherein the information about the key is recorded in the same session as the encrypted file. A program used in an information processing device that constitutes an information processing system together with an optical disc device that uses an optical disc as an information recording target medium
A program that causes the information processing apparatus to execute a procedure for recording at least information related to a key used for decryption of a predetermined encrypted file in a specific area that is not referenced from a predetermined file system in the recording area of the optical disk via the optical disk apparatus .   A computer-readable recording medium having a recording area including an area in which the program according to claim 5 is recorded.   The recording medium according to claim 6, wherein the recording area includes an area where information can be additionally written or rewritten and a read-only area, and the program is recorded in the read-only area. .   8. The program for decrypting the encrypted file using information on a key used in the information processing apparatus and recorded in the specific area is further recorded in the read-only area. The recording medium described in 1.   9. The recording medium according to claim 8, wherein the encrypted file is an encrypted file recorded in the read-only area.   9. The recording medium according to claim 8, wherein the encrypted file is an encrypted file recorded in an area where the information can be additionally written or rewritten. The key is also used for file encryption,
The program for encrypting a specified file using the key and used in the information processing apparatus is further recorded in the read-only area. The recording medium described. An information processing apparatus having key information setting means for setting at least information relating to a key used for decryption of a predetermined encrypted file in data recorded in a specific area that is not referred to by a predetermined file system in the recording area of the optical disc;
An information processing system comprising: an optical disc device that writes the data to the optical disc in response to a request from the information processing device.   The information processing system according to claim 12, wherein the information processing apparatus further includes a decrypting unit that decrypts the encrypted file using information related to a key recorded in the specific area. The key is also used for file encryption,
The information processing system according to claim 12 or 13, wherein the information processing apparatus further includes an encryption unit that encrypts a file using the key.

Images