JP4369916B2 - Service providing system, user terminal and semiconductor information storage card - Google Patents

Description

The present invention relates to a service providing system, a user terminal, and a semiconductor information storage card that promote data distribution while protecting an information service (data) to be provided .

  With the advancement of the Internet and the development of large-capacity storage media such as DVDs, various information providing services are provided regardless of online or offline. A service provider can provide a service as a business by charging the user and collecting a usage fee.

  As a form of charging, there are various infinite forms such as charging according to the time when the service is received, charging according to the amount of data (bytes) received, and collective charging for each package (for example, one movie). However, at present, only the billing form determined in advance by the service provider is implemented. Specifically, in a closed system using dedicated hardware such as a cable television broadcasting service, a data processing terminal owned by a user (such as a computer using data) or a server owned by a service provider A charging processing program is described in the built-in application program. For this reason, in order to change the billing form, it is necessary to rewrite the application program itself, and the billing form cannot be easily changed. Similarly, it is desirable to add a new billing form (single or plural) so that diversity can be selected, but one of the billing forms can be selected, but a major program change is required. Can't be easy.

  In addition, with the recent development of multimedia, it is increasing that one user contracts with many service providers via the Internet and receives many services. In this case, an application program is required for each service. Since the conventional billing function is included in the application program, it cannot be applied to application programs in different languages. Therefore, when the service provider creates a new application program, it is also necessary to create a new billing processing program. However, the billing function is inherently independent of the application program and should be used in common for different application programs. Preparing a billing program for each application program wastes program development time In addition, there is a drawback that the program size is large and complicated.

  Therefore, in the open system, the use of information and billing processing are separated, the use of information (data processing function) is realized by an application program, and the billing function is realized by a platform different from the application program. Was previously proposed (see Patent Document 1). Here, the service provider separates the provided service (data, content) or information such as an address specifying the service from service-specific control information (referred to as a service description) necessary to control the service. Then, a service package in which the two are paired is generated. The service description includes information for specifying an application program that uses the provided service, information for specifying a charging policy for using the service, and information indicating a key necessary for decrypting the encrypted service. . For example, in order to process the video data B, an application program for video playback is required, and the service description is that the usage fee is 1000 yen / line. In this way, the user site can use the service based on the service description.

  If this service package is placed in an unprotected state on the information transmission path from the service provider to the user or on the user site, it will not be possible to collect a legitimate usage fee due to tampering with the service description, etc. The protection is broken and the service rights are not protected.

  Service rights include service description rights as well as content / data copyrights. For example, it is a right that the person who created the service can insist that the information is “how you want to use it” or “how you don't want it to be used”. For example, a person who wrote a computer program may insist that "this program may be executed but copying is prohibited" or "it may be copied but modification is prohibited" “Service fee is 10 yen / minute” can be defined as a service description. Uses that do not follow the service description are rights infringements. If the service package is not protected, the charging policy is rewritten by a malicious user and the usage fee is free. In this case, the billing processor does not work and the service provider suffers damage.

  Therefore, to protect the rights, it is necessary to protect the service description as well as the contents to be provided. Since the service description is also the same digital data as the content, it is conceivable to protect it by encrypting it. That is, when using the service, the contents and the contents of the service description are not interpreted unless there is a key such as a token or a ticket issued by the service provider. The key is transmitted from the service provider to the user separately from the service package through a secure and secure route.

  FIG. 1 is a block diagram showing the configuration of such a conventional example. The terminal device 1 on the provider side encrypts the data 3 with the encryption unit 4 and then sends it to the terminal device 2 on the user side. The encryption key is generated by the key generation unit 6 and sent to the user side terminal device 2 by the key management unit 5 through a secure path separately from the encrypted data. On the user side, the key is stored in the key management unit 8, and the encrypted data is stored in the decryption unit 7. The data is decrypted by the decryption unit 7 using the key in the key management unit 8 and the data 9 is used.

  However, no matter how much the key is sent to the user via a secure route, if the key is passed to the user or the user's application program, there is still room for falsification of the decrypted service description at the user site. There is an essential drawback that makes it impossible to protect the rights.

Even if the service package or content itself is encrypted and delivered to the user in a manner that does not depend on the transmission mode of various contents such as broadcast, on-demand, and DVD, the key is passed on-demand. Since it is unknown whether there is a request, the service provider must always operate the key issuing server (key management unit 5). This is not suitable for information transmission by individuals because of the cost of providing services.
Japanese Patent Laid-Open No. 10-105273

  As described above, the conventional service providing system cannot protect the service description when managing the service description related to charging etc. and the data to be provided separately in order to platformize the functions necessary for realizing the service such as charging processing. There are drawbacks such as being insufficient and unable to protect the service package and not being able to protect the rights of the service provider. Further, in order to cope with this, it is disadvantageous that the key issuing server on the service provider side is always operated so that an individual is not suitable for transmitting information.

The present invention is to provide the following service providing system, user terminal and semiconductor information storage card.

  While distributing services, it also has a function to protect service packages at the user site, including the transmission path from the service provider to the user.

  In order to solve the above problems and achieve the object, the present invention uses the following means.

A service providing system according to a first aspect of the present invention is a service providing system including a provider side terminal device that provides content and a user side terminal device that uses the content,
The provider side terminal device
A first encryption unit for generating and outputting encrypted content by encrypting the content with a first key;
Generated by encrypting a service package including the first key, information identifying an application program that uses the content, and information identifying a billing processing program that controls the billing processing of the content with a second key And a second encryption unit that outputs the encrypted second key generated by encrypting the second key with the third key,
The user terminal device
The encryption service package and the encryption second key are input, the second key is reproduced by decrypting the input encryption second key with the third key, and the input encryption service package A first decryption unit that reproduces the service package by decrypting with the second key that has been reproduced;
A second decryption unit that inputs the encrypted content and decrypts the encrypted content with the first key included in the service package reproduced by the first decryption unit;
An application program execution unit that executes the application program identified based on information identifying an application program included in the service package reproduced by the first decryption unit;
A charging process execution unit that executes the charging process program specified based on information specifying the charging process program included in the service package reproduced by the first decryption unit.

A user side terminal according to a third aspect of the present invention is a user side terminal that uses the content provided from a provider side terminal device that provides content,
The content to be used is encrypted with the first key, and the service package has the first key, information for specifying an application program that uses the content, and information for specifying a billing processing program for controlling the billing processing of the content. And the service package is encrypted with a second key, the second key is further encrypted with a third key,
Inputting an encrypted service package encrypted with the second key and an encrypted second key encrypted with the third key, and decrypting the input encrypted second key with the third key A first decryption unit that reproduces the service package by reproducing the second key and decrypting the input encrypted service package with the reproduced second key;
An encrypted content obtained by encrypting the content to be used with the first key is input, and the input encrypted content is decrypted with the first key included in the service package reproduced by the first decryption unit. Two decoding units;
An application program execution unit that executes the application program identified based on information identifying an application program included in the service package reproduced by the first decryption unit;
A charging process execution unit that executes the charging process program specified based on information specifying the charging process program included in the service package reproduced by the first decryption unit.

A semiconductor information storage card according to a fourth aspect of the present invention is a semiconductor information storage card used in a user side terminal that uses the content provided from a provider side terminal device that provides content,
The content to be used is encrypted with the first key, and the service package has the first key, information for specifying an application program that uses the content, and information for specifying a billing processing program for controlling the billing processing of the content. And the service package is encrypted with a second key, the second key is further encrypted with a third key,
Inputting an encrypted service package encrypted with the second key and an encrypted second key encrypted with the third key, and decrypting the input encrypted second key with the third key A first decryption unit that reproduces the service package by reproducing the second key and decrypting the input encrypted service package with the reproduced second key;
In accordance with the execution of the application program specified based on the information specifying the application program, the specification specified based on the information specifying the charging processing program included in the service package reproduced by the first decryption unit A billing processing execution unit that executes a billing processing program.

As described above, according to the present invention, there is provided a service providing system, a user terminal, and a semiconductor information storage card having a function of protecting a service package at a user site including a transmission path from the service provider to the user. be able to.

Hereinafter, embodiments of a service providing system, a user terminal, and a semiconductor information storage card according to the present invention will be described with reference to the drawings.

  FIG. 2 is a diagram showing the configuration of the terminal device on the provider side according to the first embodiment of the present invention. In the present invention, as described in the prior art, data (name) provided by the information providing service and information necessary for controlling the service (referred to as service description) are provided in order to make the billing processing function a platform. A data processing device (server or the like) on the service provider side generates a pair or information indicating the corresponding relationship as a service package 10. An example of a service package is to decrypt MPEG data “1” (the name of data provided by the service or the address of the data) with the key “K2”, process it with the application program “a”, It is like doing. The user can actually realize and use the service based on the service description of the service package 10. For this reason, the service package 10 is necessary for the charging policy 12 indicating the charging mode, the application pointer 14 indicating the application program that uses the data, the data pointer 16 indicating the name of the provided data or its address, and the decryption of the data. It consists of key data 18 indicating the key K2.

  The provided data 20 is encrypted by the encryption unit 22 using the key K2, and is sent to the user site as encrypted data via a transmission interface (not shown). The encryption key K2 can be freely selected by the provider, but is preferably a data-specific key. The encrypted data may be distributed online via the Internet or the like, or may be distributed offline using a DVD or the like.

  The encryption may be a common key method or a public key method. The common key method is a method in which a key used for data encryption and a key used for decryption of encrypted data are the same. On the other hand, in the public key method, the encryption key and the decryption key are different, and one of them is made public and the other is kept secret. The provider encrypts the data using the user's public key. The user decrypts the encrypted data using his / her private key. Therefore, public key encryption can be used only when a user is specified. When this is used, the encryption key K2 does not need to be sent to the user, so the service package 10 includes the key K2. There is no need. Even when the common key encryption is adopted, the key K2 does not necessarily need to be included in the service package 10 protected by the present invention. You may send it.

  The service package 10 itself is also encrypted and sent to the user site. This transmission can be online or offline. However, the encryption of the service package is performed using a key K1 that is different from the data encryption key K2, and this key K1 itself is also encrypted using another key K0 to the user site. Sent. The encryption of the service package 10 and the encryption of the encryption key is not limited to the common key method, and a public key method may be adopted when a user is specified.

  The key K1 itself and the key K0 for encrypting the key K1 are never made known to the user. For this reason, in the present invention, a security module 30 that is physically prohibited from reading data to the outside is used, and encryption is performed in this module 30. As the module 30, it is preferable to use a semiconductor information storage card (IC card, PCMCIA card, etc.) in which data is physically protected in order to increase the versatility of the terminal device, but the terminal device is a dedicated terminal. When realized as a device, it is not necessary to have a detachable configuration such as a card, and it may be fixedly mounted on a part of the device.

  The security module 30 includes a storage unit 32 for the key K0, a generation unit 34 for the key K1, encryption units 36 and 42, a storage unit 38 for the encrypted key K1 ′, and a transmission interface 40 for the encrypted key K1 ′. It has. The key K1 generation unit 34 generates an encryption key K1 unique to the service package in accordance with information specifying the service package 10 supplied from the outside. However, the key K1 does not necessarily have to be generated in the module 30, but may be generated by a reliable organization and written in the security module 30 without being accessed from the outside.

  The service package 10 is encrypted by the encryption unit 42 with the key K1, and is sent to the user site via a transmission interface (not shown). The key K1 used for encryption of the service package 10 is encrypted by the encryption unit 36 with the key K0 stored in the security module 30. The storage unit 32 for the key K0 is composed of a non-volatile memory, and the key K0 is stored when the card is created, and thereafter cannot be absolutely accessed from the outside. The key K0 may be a key unique to the provider regardless of the data / service package.

  The encrypted key K1 'is temporarily stored in the storage unit 38. This is because the operation of encrypting the key K1 can be omitted each time the same service package is encrypted. Therefore, the key K1 ′ storage unit 38 can store the key K1 ′ obtained by encrypting the encryption keys K1 of a plurality of service packages with the key K0, and when the service package is specified, the key K1 ′ storage unit 38 stores the key K1 ′. If there is a key corresponding to the service package, it is read.

  The key K1 'in the storage unit 38 is sent to the user's security module without being accessed from the outside. When the semiconductor information storage card is used as a security module, the key K1 'is securely sent to the user's card by the card-card communication protocol. As described above, since the key K1 ′ obtained by encrypting the encryption key K1 of the service package is not output to other than the security module and is not known to the user, the third party service package is prevented from being falsified. be able to.

  The transmission of the encrypted encryption key K1 'may not be performed simultaneously with the transmission of the encryption service package. However, since the key K1 is unique to the service package as described above, if there are a plurality of encrypted service packages and the encrypted encryption key K1 ′ on the user side, the correspondence between the two is unknown. Cannot decrypt. For this reason, although not shown in the figure, information (referred to as a ticket) that associates information specifying the service package with information specifying the key K1 used to encrypt the service package is provided from the provider side. It is desirable to send from the user to the user. In this way, the user can specify the key K1 corresponding to the service package to be used from the ticket.

  FIG. 3 is a diagram showing the configuration of the terminal device on the user side. The user side also uses a security module 50 made of, for example, a semiconductor information storage card. The security module 50 includes a reception interface 52, decryption units 54 and 60, a key K 0 storage unit 56, a key K 1 storage unit 58, and a service execution unit 62.

  The user receives the encryption key K1 'from the provider through secure communication between the security modules. For this reason, the key K1 'is not sent to a non-contracted user. The encryption key K 1 ′ is supplied to the decryption unit 54 via the reception interface 52. Similarly to the security module 30 on the provider side, the security module 50 on the user side also has a storage unit 56 for the encryption key K0. The storage unit 56 for the key K0 is also composed of a non-volatile memory, and the key K0 is stored when the card is created, and thereafter cannot be absolutely accessed from the outside. Therefore, the encryption key K1 'of the service package encrypted using the key K0 on the provider side can be decrypted on the user side. Here, public key encryption may also be adopted. The decrypted key K1 is temporarily stored in the storage unit 58. This is also because the operation of decrypting the key K1 'is omitted each time the same service package is decrypted. Further, it is possible to store keys K1 corresponding to a plurality of service packages in the storage unit 58.

  On the other hand, the encrypted service package is temporarily stored in the service package storage unit 66 via the reception interface 64, and the encrypted data is temporarily stored in the data storage unit 70 via the reception interface 68. The service package is decrypted by the decryption unit 60 in the security module 50 using the key K 1 stored in the storage unit 58 and supplied to the service execution unit 62. The key K2 included in the service package is output from the security module 50 and supplied to the decryption unit 72. The decryption unit 72 decrypts the encrypted data stored in the storage unit 70 using the key K2, and supplies the decrypted data to the data reproduction unit (for example, display unit) 74, where the service is used.

  The terminal device on the user side also includes a user interface 76 and a service control unit 78. The service control unit 78 controls the storage unit 58, the service package storage unit 66, and the service execution unit 62 for the key K1.

  FIG. 4 is a diagram showing a specific configuration of the service execution unit 62. The service execution unit 62 includes a billing processing module 82 that performs billing processing based on the billing policy 12, an application program 84 that is executed based on the application pointer 14 and the data pointer 16, and a data along with the billing processing module 82 and application program 84. And a data transfer processing module 86 for taking in 88. As described above, the service realization unit 62 is a set of functions necessary for realizing the service, including hardware, software necessary for realizing the service, parameters for operating them, and the like based on the service description.

  The operation of the first embodiment will be described. It is assumed that the user uses the security module 50 having the key K0 storage unit 56 distributed from the provider. The encrypted service package and the encrypted data are transmitted to the user side online, such as the Internet, or offline via a large-capacity storage medium such as a DVD, that is, in any form. When the user wants to use the service, the user receives a key K1 'specific to the service package from the provider. The security module 50 receiving this key K1 'is attached to the terminal device, the encrypted service package is decrypted, and a service instance is generated from the service package. At the same time, the encrypted data is decrypted using the key K2 included in the service package.

  Among the decrypted service packages, the application pointer 14 and the data pointer 16 activate a predetermined application program 84. In conjunction with this, the data transfer processing module 86 reads the corresponding data 88 from the server and the storage medium, and starts using it. In accordance with the use of the service, charging processing according to the charging policy is performed by the charging processing module 82.

  As described above, according to the present embodiment, data and a service package are encrypted with separate encryption keys and sent to the user. Here, the key used for encrypting the service package is encrypted using another key and sent to the user. Another key used for encryption of the key is stored in a storage unit in the security module which cannot be read from the outside, and the encrypted key is directly transmitted only between the security modules without being read out to the outside. For this reason, the user and the application program cannot rewrite the service package. For this reason, it is possible to prevent unauthorized use by altering the charging policy or the like.

  The present invention is not limited to the embodiment described above, and can be implemented with various modifications.

  For example, in FIG. 2 and FIG. 3, only the minimum necessary circuit is built in the security module, but when there is a margin in the security module, the encryption unit 22 and the decryption unit 72 of the data 20 to be provided are also security modules. 30 and 50 may be incorporated.

  The security module 30 on the provider side and the security module 50 on the user side may have the same configuration. An example of this case is shown in FIG. A key (K 0) storage unit 100 is connected to the encryption / decryption unit 102, and a key (K 1) storage unit 106 and a key (K 1 ′) storage unit 108 are connected to the encryption / decryption unit 102. A transmission / reception interface 110 is connected to the key (K 1 ′) storage unit 108. Information specifying the service package is given to the key (K1) generation unit 104, and a key K1 used for encryption of the service package is generated and stored in the key storage unit. The key K1 is supplied to the service package encryption / decryption unit 112. The service package encryption / decryption unit 112 is connected with a transmission / reception interface 114 and a service instance generation unit 116.

  When the provider uses this module, the service package encryption key / decryption unit 112 encrypts the service package and transmits the encrypted service package via the transmission / reception interface 114. At the same time, the key K 1 is encrypted by the encryption / decryption unit 102 using the key K 0 and transmitted via the key K 1 ′ encrypted via the transmission / reception interface 110.

  When the user uses this module, the encrypted key K1 ′ received from the provider via the transmission / reception interface 110 is decrypted by the encryption / decryption unit 102 using the key K0, and the key (K1) It is stored in the storage unit 106. The encrypted service package received via the transmission / reception interface 114 is decrypted by the service package encryption / decryption unit 112 using the key K 1 and supplied to the service instance generation unit 116.

  According to such a configuration, both the provider and the user can use the same security module, which is effective for cost reduction. Also in this case, if the security module has sufficient hardware, a data encryption / decryption unit may be incorporated in the module. Also, if the user has a security module with the same configuration as the provider, the provider does not need to send the key K1 ′ used for encryption of the service package directly to the user. The key K1 'can be transmitted to the user, and the key K1' can also be transmitted in the middle via a plurality of user security modules. In this way, the key is transmitted from person to person in the form of “word of mouth”, and it is not necessary to always operate the key issuing server, which is suitable for information transmission by the individual. In this case, the person who only relays the key does not need the entire configuration of FIG. 5, and only needs the key (K1 ′) storage unit 108 and the transmission / reception interface 110. However, when the public key method is used, since the encryption of the key K1 ′ must be once broken at the relay site, the service package encryption / decryption unit 112, which can be omitted from the configuration in FIG. Only the transmission / reception interface 114 and the service instance 116 are provided.

  In the above description, the decryption unit 60 and the service execution unit 62 are provided in the security module 50 in order to prevent the decrypted service package from being known to the user, thereby preventing falsification of information in hardware. However, the service package may be protected by software. The service instance, which is software for executing the service package, is added with authentication that guarantees that the service package and key K1 are not output to the outside or stored, and decryption of the service package is prohibited without this authentication. You may make it do. In this case, the decryption unit 60 and the service execution unit 62 need not be provided in the security module 50. Even when information is prevented from being falsified by hardware, the decryption unit 60 and the service implementation unit 62 may not be provided in the security module 50 if the terminal device on the user side is reliable. .

  In addition, although the service package decryption / billing processing system is used as a platform, it may be realized by the same application program as a normal data processing function.

  Further, in the above description, in order for the user to view the charging policy, it is necessary to decrypt it, and a security module is necessary for decryption, but before the user uses the security module, This is inconvenient because I do not have it. Therefore, a second billing policy having the same contents as the billing policy 12 that is encrypted and transmitted as the service package 10 is prepared separately and sent to the user site without encryption. The user can read this second billing policy and decide whether or not to use this service. In this case, the billing policy included in the decrypted service package is naturally supplied to the service realization unit 62. However, there is a risk that a third party may falsify the second billing policy in plain text and deceive a paid one as free of charge. In this state, since the user's protection is lacking, the terminal device on the user side decrypts it. It is desirable to provide a means for prohibiting the use of the converted charging policy and the second charging policy if they do not match.

The block diagram which shows the structure of the prior art example of a service provision system. 1 is a block diagram showing a system configuration on the provider side in a first embodiment of a service providing system according to the present invention. 1 is a block diagram showing a system configuration on a user side in a first embodiment of a service providing system according to the present invention. FIG. 4 is a detailed block diagram of the service instance of FIG. 3. The block diagram which shows the structure of the security module in 2nd Embodiment of the service provision system of this invention.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 10 ... Service package, 12 ... Billing policy, 14 ... Application pointer, 16 ... Data pointer, 22, 36 ... Encryption part, 30, 50 ... Security module, 32, 38, 56, 58 ... Key storage part, 34 ... Key Generation unit, 54, 60... Decoding unit, 62... Service instance.

Claims (9)

A service providing system comprising a provider side terminal device that provides content and a user side terminal device that uses the content,
The provider side terminal device
A first encryption unit for generating and outputting encrypted content by encrypting the content with a first key;
Generated by encrypting a service package including the first key, information identifying an application program that uses the content, and information identifying a billing processing program that controls the billing processing of the content with a second key And a second encryption unit that outputs the encrypted second key generated by encrypting the second key with the third key,
The user terminal device
The encryption service package and the encryption second key are input, the second key is reproduced by decrypting the input encryption second key with the third key, and the input encryption service package A first decryption unit that reproduces the service package by decrypting with the second key that has been reproduced;
A second decryption unit that inputs the encrypted content and decrypts the encrypted content with the first key included in the service package reproduced by the first decryption unit;
An application program execution unit that executes the application program identified based on information identifying an application program included in the service package reproduced by the first decryption unit;
A service providing system comprising: a charging process execution unit that executes the charging process program specified based on information specifying a charging process program included in the service package reproduced by the first decryption unit.   The service providing system according to claim 1, wherein the second key is a key specific to the service package, and the third key is a key specific to a provider.   3. The service providing system according to claim 1, wherein each of the second encryption unit and the first decryption unit includes a semiconductor information storage card.   3. The service providing system according to claim 1, wherein the first decryption unit, the means for specifying the billing processing program, and the billing processing execution unit are configured by a semiconductor information storage card. A user terminal that uses the content provided from a provider terminal device that provides content,
The content to be used is encrypted with the first key, and the service package has the first key, information for specifying an application program that uses the content, and information for specifying a billing processing program for controlling the billing processing of the content. And the service package is encrypted with a second key, the second key is further encrypted with a third key,
Inputting an encrypted service package encrypted with the second key and an encrypted second key encrypted with the third key, and decrypting the input encrypted second key with the third key A first decryption unit that reproduces the service package by reproducing the second key and decrypting the input encrypted service package with the reproduced second key;
An encrypted content obtained by encrypting the content to be used with the first key is input, and the input encrypted content is decrypted with the first key included in the service package reproduced by the first decryption unit. Two decoding units;
An application program execution unit that executes the application program identified based on information identifying an application program included in the service package reproduced by the first decryption unit;
A user-side terminal comprising: a charging process execution unit that executes the charging process program specified based on information specifying a charging process program included in the service package reproduced by the first decryption unit.   The user terminal according to claim 5, wherein the second key is a key unique to the service package, and the third key is a key unique to a provider.   7. The user side terminal according to claim 5, wherein the first decryption unit, the means for specifying the billing processing program, and the billing processing execution unit are configured by a semiconductor information storage card. A semiconductor information storage card used in a user terminal that uses the content provided from a provider terminal device that provides content,
The content to be used is encrypted with the first key, and the service package has the first key, information for specifying an application program that uses the content, and information for specifying a billing processing program for controlling the billing processing of the content. And the service package is encrypted with a second key, the second key is further encrypted with a third key,
Inputting an encrypted service package encrypted with the second key and an encrypted second key encrypted with the third key, and decrypting the input encrypted second key with the third key A first decryption unit that reproduces the service package by reproducing the second key and decrypting the input encrypted service package with the reproduced second key;
In accordance with the execution of the application program specified based on the information specifying the application program, the specification specified based on the information specifying the charging processing program included in the service package reproduced by the first decryption unit A semiconductor information storage card comprising a billing process execution unit for executing a billing process program.   9. The semiconductor information storage card according to claim 8, wherein the second key is a key specific to the service package, and the third key is a key specific to a provider.

Images