JP4431306B2 - Terminal device, video conference data management method, and program - Google Patents

Description

[0001]
[Industrial application fields]
The present invention relates to a system for managing copyrights in the use, storage, copying, processing, and transfer of digital data, and in particular, is intended for use with multimedia systems.
[0002]
[Prior art]
Today, called the information age, database systems that mutually use various data that have been stored independently by each computer by connecting each computer via a communication line are becoming widespread. The information handled so far in this database system is coded information with a small amount of information that can be processed by a classic computer and monochrome binary data such as facsimile information at most. It was not possible to handle data with much more information.
[0003]
By the way, with the development of digital processing techniques for various electric signals, development of digital processing techniques for image signals other than binary data, which has been conventionally handled only as an analog signal, is in progress. This digitalization of image signals makes it possible for computers to handle image signals such as television signals. A "multimedia system" that simultaneously handles various data handled by computers and image data obtained by digitizing image signals. Is attracting attention as a future technology.
[0004]
Since image data has an overwhelmingly large amount of information compared to character data and audio data, it is difficult to store, transfer, or perform various processes in a computer as it is. Therefore, it is conceivable to compress / decompress these image data, and several standards for image data compression / decompression have been created. Among them, the JPEG (Joint Photographic image coding Experts Group) standard for still images, the H.261 standard for video conferencing, and the MPEG1 (Moving Picture image coding Experts Group 1) standard for image storage are common standards. The MPEG2 standard corresponding to high-definition television broadcasting was created from the current television broadcasting. With these technologies, digital video data can be processed in real time.
[0005]
Since analog data that has been widely used in the past deteriorates in quality every time it is stored, copied, processed, or transferred, copyright processing caused by these operations has not been a major problem. However, even if digital data is repeatedly stored, copied, processed and transferred, quality degradation does not occur, and copyright processing caused by these operations is a big problem. Up to now, there has been no accurate method for copyright processing of digital data, and it has been processed by copyright law or contract, and compensation law for digital recording / recording equipment has also been institutionalized under copyright law. Only.
[0006]
Database usage is not limited to simply referring to the contents of the database. Usually, the obtained data is effectively used by storing, copying, and processing, and the processed data is online via a communication line or an appropriate storage medium. It is possible to transfer it to others online using the, and even transfer it to the database and register it as new data. In conventional database systems, only character data is the object. In multimedia systems, in addition to data such as characters that have been databased so far, audio data and image data that are originally analog data are digital. It is made into a database.
[0007]
Under such circumstances, how to handle the copyright of the data in the database is a big problem, but so far the copyright management means for that purpose, especially secondary use such as copying, processing, transfer, etc. There is no completed copyright management means. The present inventors have disclosed a system for managing copyright by obtaining a use permission key from a key management center through a public telephone line in Japanese Patent Application No. 6-46419 and Japanese Patent Application Laid-Open No. 6-141004. In this issue, we proposed a device for that purpose.
[0008]
Further, in Japanese Patent Application No. 6-64889, by further developing the above-mentioned prior application invention, primary display such as digital data display (including audio) and storage in a database system including real-time transmission of digital video. A copyright management method for secondary use such as use, copying, processing, and forwarding was proposed.
[0009]
This prior-art database copyright management system uses a license management program, copyright information, or copyright management, in addition to a usage permission key corresponding to the applied usage form, in order to manage copyright. Use one or more of the messages.
[0010]
The copyright management message is displayed on the screen when an attempt is made to violate the application or permission, and a warning or warning is given to the user. The copyright management program is used against the application or permission. Monitor and manage so that there is no.
[0011]
The copyright management program, copyright information, and copyright management message are each supplied together with the usage permission key, supplied together with the data, or partially supplied with the usage permission key, and partially supplied with the data. May be supplied together. Data, permission keys, copyright management messages, copyright information, and copyright management programs are sent in encrypted form, but when decrypted when used, they are sent in encrypted form and displayed. There are three cases: the case where the cipher is decrypted only at the time, and in other cases it is in an encrypted state;
[0012]
SUMMARY OF THE INVENTION
The present application provides a data copyright management system in which the data copyright management method proposed in Japanese Patent Application No. 6-64889, which is a prior application, is embodied. In the present invention, the data copyright management system comprises a database for storing original data, a key management center for managing encryption keys, a copyright management center for managing data copyright, and a communication network for interconnecting these, Data supplied to the user from the database is encrypted and distributed, and the user decrypts the encrypted data using the encryption key obtained from the key management center or the copyright management center.
[0013]
There are two methods of supplying data to the user: a method of supplying encrypted data in one direction by broadcasting or the like, and a method of supplying encrypted data bidirectionally in response to a user request.
[0014]
As the encryption key system used for data encryption, a secret key system, a public key system, or a system combining a secret key and a public key is employed, and a copyright management program for managing data copyright is employed.
[0015]
When a user saves, copies, or transfers data, a key may be supplied from a key management center or a copyright management center, or may be generated by a copyright management program.
[0016]
Further, the present invention is applicable not only to a single data but also to a data copyright management system when using a plurality of data supplied from a single database or a plurality of data supplied from a plurality of databases. . We also propose a device that can be used on the user side to manage data copyright.
[0017]
【Example】
Hereinafter, the present invention will be described. First, a general description of cryptographic techniques will be given. The encryption technology includes a secret-key cryptosystem and a public-key cryptosystem. Private key cryptography is an encryption method that uses the same encryption key for encryption and decryption, and while the time required for encryption and decryption is short, the secret key is discovered and the cipher is decrypted (Cryptanalize) There is. On the other hand, the public key encryption method is an encryption key method in which the encryption key is disclosed as a public key (public-key), and the decryption key is not disclosed. The encryption key is a public key. The decryption key is called a private-key. In order to use this encryption method, the side that sends information encrypts with the public key of the side that receives the encryption, and the side that receives information decrypts with the private key that is not made public (decryption) Although it is an encryption method and requires a long time for encryption and decryption, it is almost impossible to find a dedicated key and it is very difficult to decrypt the encryption.
[0018]
In cryptography, plaintext M is encrypted using encryption key K to obtain ciphertext C.
C = E (K, M)
The case where the plaintext M is obtained by decrypting the ciphertext C using the encryption key K.
M = D (K, C)
It expresses. The encryption method used in the present invention uses a secret-key system in which the same secret key Ks is used for encryption and decryption, and a public key Kb for plaintext encryption. In addition, a public-key system in which a private key Kv is used for decrypting the ciphertext is adopted.
[0019]
[First Embodiment] FIG. 1 shows a first embodiment of a database copyright management system according to the present invention. In this first embodiment, a secret key scheme is adopted as an encryption key scheme. In the embodiment shown in this figure, reference numeral 1 is a database in which text data, computer graphics screen or binary data which is a computer program, digital audio data, and digital video data are stored in an encrypted state, and 2 is a communication / communication Artificial satellites such as broadcasting satellites, 3 is a data recording device such as a CD-ROM or flexible disk, 8 is a communication network such as a public line provided by a communication carrier or a CATV line provided by a cable television operator, 4 is 1 Next user terminal device. Reference numeral 9 is a key management center for managing secret keys, and 10 is a copyright management center for managing database copyrights.
[0020]
5, 6 and 7 are secondary user terminal devices, tertiary user terminal devices and n-order user terminal devices, respectively, 11, 12 and 13 are secondary disks which are storage media such as flexible disks or CD-ROMs, A tertiary disk and an n-th disk. Note that n is an arbitrary integer, and when n is larger than 4, there is a correspondence between the tertiary user terminal device 6 and the n-order user terminal device 7 and between the tertiary disk 12 and the n-order disk 13. A user terminal device and a disk are arranged.
[0021]
Among these, the database 1, the key management center 9, the copyright management center 10, the primary user terminal device 4, the secondary user terminal device 5, the tertiary user terminal device 6, and the nth user terminal device 7 are connected to the communication network 8. Has been. In this figure, the route indicated by a broken line is a route for encrypted data, the route indicated by a solid line is a request route from each user terminal device, and the route indicated by a one-dot chain line is each route. This is a path through which the secret key is transferred together with the permission information corresponding to the usage form from the database. Each user who uses this system registers in advance in the database organization. In addition, database organization utilization software is provided to the user at the time of registration. The database organization use software includes a program for operating a copyright management program in addition to normal communication software such as a data communication protocol.
[0022]
Text data stored in the database 1 or data recording device 3, computer graphics screen or binary data, which is a computer program, digital audio data, or original data M0, which is digital video data, is a communication network 8, an artificial satellite 2 or a storage medium. 3 is supplied unidirectionally to the primary user terminal device 4 via 3, but at this time, it is encrypted using the first secret key Ks 1.
Cm0ks1 = E (Ks1, M0)
Even in the case of data provided free of charge such as with advertisements, encryption is required for copyright protection.
[0023]
In Japanese Patent Application No. 6-64889, which is the prior application mentioned above, there are storage, processing, copying, and transfer in addition to the most basic display of data usage. One corresponding to one or a plurality of forms is prepared, and management thereof is shown to be executed by a copyright management program. In addition, it is stated that the data is re-encrypted by the copyright management program when the data is stored, copied, or transferred other than the data display and processing display. In other words, the data claimed for copyright is distributed in an encrypted state and is only plainly displayed when it is displayed or displayed for processing on a user terminal device having a copyright processing function. is there.
[0024]
In this embodiment, the matters described in these prior applications are used. A primary user who desires primary use of the supplied encrypted data Cm0ks1 uses the primary user terminal device 4 to the key management center 9 to provide the original data name or original data number via the communication network 8. By designating, the primary use application for the encrypted original data Cm0ks1 is made. At this time, information Iu1 related to the primary user is presented to the key management center 9. The key management center 9 that has received the primary use application using the primary user terminal device 4 decrypts the encrypted original data Cm0ks1 obtained from the database 1 by the primary user together with the copyright management program P. The first secret key Ks1 and the decrypted original data M0 or the second secret key Ks2 for re-encrypting the processed data M1 obtained by processing the original data are transmitted via the communication network 8 to the primary user terminal 4 Forward to.
[0025]
In the primary user terminal device 4 that has received the first secret key Ks1 that is the decryption key and the second secret key Ks2 that is the encryption / decryption key, the first secret key Ks1 is first used using the copyright management program P. Is used to decrypt the encrypted original data Cm0ks1,
M0 = D (Ks1, Cm0ks1)
The decrypted original data M0 is used as it is or as processed data M1.
[0026]
When the data M, which is the original data M0 or the processed data M1, is stored in the primary user terminal device 4, that is, in the memory or the built-in hard disk drive, only the primary user can use the data. However, when the data M is copied to the external storage medium 11 such as a flexible disk or transferred to the secondary user terminal device 5 through the communication network 8, a copyright problem due to secondary use occurs. .
[0027]
In addition, when the original data M0 obtained by the primary user is copied as it is and supplied to the secondary user, no modification has been made to the original data M0. Does not occur. However, when processing is performed based on the data M0 obtained by the primary user or when new data M1 is created by using means such as combining with other data, the copyright of the primary user is assigned to the data M1. (Secondary exploitation right) occurs. Similarly, when the secondary user performs processing based on the original data M0 or processing data M1 obtained from the primary user or creates new data M2 by using means such as combining with other data. Similarly, the copyright of the secondary user is generated.
[0028]
In order to cope with this copyright problem, in this embodiment, when the data M is stored, copied, and transferred, the copyright management program P encrypts the data M using the second secret key Ks2, and thereafter 1 In the next user terminal device 4, the data M is decrypted and encrypted using the second secret key Ks2.
Cmks2 = E (Ks2, M),
M = D (Ks2, Cmks2)
In principle, the primary user can freely display and process data to obtain processed data, but in that case, the number of times can be limited by a copyright management program.
[0029]
When the data M is copied to the external storage medium 11 and when the data is transferred via the communication network 8, the first secret key Ks1 and the second secret key Ks2 in the primary user terminal device 4 are stored by the copyright management program P. Discarded. Therefore, when the primary user uses the data M again, it is necessary to apply to the key management center 9 and receive the second secret key Ks2. The second re-grant of the second secret key Ks2 means that the data M is copied to the external storage medium 11 or transferred to the secondary user terminal device 5 via the communication network 8 for secondary use. This means that this is registered in the copyright management center 10 from the key management center 9, and the subsequent secondary use becomes possible.
[0030]
The data M is moved from the primary user terminal device 4 to the secondary user terminal device 5 by the external storage medium 11 or by the communication network 8, and is copied to the external storage medium 11 or moved via the communication network 8. Is performed, the data M is encrypted using the second secret key Ks2.
[0031]
When the data M is copied to the external storage medium 11 and when the data M is transferred through the communication network 8, the first secret key Ks1 and the second secret key Ks2 in the primary user terminal device 4 are discarded. At this time, the unencrypted primary user information Iu1 is added to the encrypted data Cmks2 stored in the primary user terminal device 4, and 1 when the encrypted data Cmks2 is transferred to the secondary user. Next user information Iu1 is also transferred.
[0032]
A secondary user who desires secondary use of the encrypted data Cmks2 copied or transferred from the primary user uses the secondary user terminal device 5 to the copyright management center 10 via the communication network 8. Specify the original data name or the original data number and present the secondary user information Iu2 to make a secondary use application. At that time, it is added to the encrypted data Cmks2 to clarify the relationship with the primary user. The unencrypted primary user information Iu1 is also presented. Based on the presented primary user information Iu1, the copyright management center 10 confirms that the primary user has received the second secret key Ks2 for secondary use of the data, and decrypts it. The second secret key Ks2 as a key and the third secret key Ks3 as an encryption / decryption key are transferred to the secondary user terminal device 5 via the communication network 8. In the secondary user terminal device 5 that has received the second secret key Ks2 and the third secret key Ks3, the copyright management program P decrypts the encrypted data Cmks2 using the second secret key Ks2.
M = D (Ks2, Cmks2)
Secondary use of display or processing is performed.
[0033]
In this embodiment, the primary use application is processed by the key management center 9 and the secondary use application is processed by the copyright management center 10. The data M supplied by the primary user is encrypted using the first secret key Ks1, but the data M supplied by the secondary user is encrypted using the second secret key Ks2. . On the other hand, the first secret key Ks1 and the second secret key Ks2 are transferred as encryption keys from the key management center 9 to the primary user. Therefore, when the secondary user makes a primary use application to the key management center 9 while pretending that the secondary user is the primary user, the first secret key Ks1 is used as the decryption key, and the first secret key Ks1 is used as the encryption / decryption key. Two secret keys Ks2 are transferred. However, the encrypted data Cmks2 cannot be decrypted using the first secret key Ks1 transferred as the decryption key. Therefore, it is impossible to make a false application for the use of data, and as a result, not only the original copyright of the data but also the copyright of the primary user of the data is protected.
[0034]
When the secondary user terminal device 5 performs storage, copying, or transfer, which is a form of use other than display of data M and display for processing, the copyright management program P uses the third secret key Ks3 to encrypt the data M. After that, data is decrypted and encrypted using the third secret key Ks3.
Cmks3 = E (Ks3, M),
M = D (Ks3, Cmks3)
In principle, the secondary user can freely display and process and obtain the processed data M2, but in that case, the copyright management program P can limit the number of times.
[0035]
When the data M is copied to the external storage medium 12 and when the data is transferred via the communication network 8, the second secret key Ks2 and the third secret key Ks3 in the secondary user terminal device 5 are stored by the copyright management program P. Discarded. Therefore, when the secondary user uses the data M again, it is necessary to apply to the copyright management center 10 and receive the third secret key Ks3. The fact that the third secret key Ks3 has been reissued is that the data M is copied to the external storage medium 12 or transferred to the tertiary user terminal device 6 via the communication network 8 for secondary use. This means that it has been registered in the copyright management center 10 and can be used thereafter.
[0036]
The movement of the data M from the secondary user terminal device 5 to the tertiary user terminal device 6 is performed by the external storage medium 12 or the communication network 8, and is copied to the external storage medium 12 or moved via the communication network 8. Is performed, the data M is encrypted using the third secret key Ks3.
[0037]
The second secret key Ks2 and the third secret in the secondary user terminal device 5 when the data M is copied to the external storage medium 12 and when the data M is transferred to the tertiary user terminal device 6 via the communication network 8 The key Ks3 is discarded. At this time, the encrypted data Cmks3 to which the unencrypted secondary user information Iu2 is added is added to the encrypted data Cmks3 stored in the secondary user terminal device 5. When transferring to the next user, the secondary user information Iu2 is also transferred. In this case, each user information is added to the data when all the user information is added to the data every time it is copied or transferred, and the history that is rewritten to the latest each time is stored in the copyright management center. There is a case.
[0038]
A tertiary user who wants to use the encrypted data Cmks3 copied or transferred from the secondary user to the copyright management center 10 via the communication network 8 using the tertiary user terminal device 6. Specify the original data name or the original data number and present the tertiary user information Iu3 to apply for tertiary use. At that time, it is added to the encrypted data Cmks3 to clarify the relationship with the secondary user. The unencrypted secondary user information Iu2 is also presented. Based on the presented secondary user information Iu2, the copyright management center 10 confirms that the secondary user has undergone a preparation procedure for tertiary use of the data, that is, the third secret key Ks3 has been reissued. Then, the third secret key Ks3 that is the decryption key and the fourth secret key Ks4 that is the encryption / decryption key are transferred to the tertiary user terminal device 6 via the communication network 8. In the tertiary user terminal device 6 that has received the third secret key Ks3 and the fourth secret key Ks4, the copyright management program P decrypts the encrypted data Cmks3 using the third secret key Ks3,
M = D (Ks3, Cmks3)
Tertiary use of display or processing is performed.
[0039]
In this embodiment, the data M supplied by the primary user is encrypted using the first secret key Ks1, and the data M supplied by the secondary user is encrypted using the second secret key Ks2. However, the data M supplied by the tertiary user is encrypted using the third secret key Ks3. For this reason, when the primary user makes a primary use application to the key management center 9 assuming that the tertiary user is the primary user, the first secret key Ks1 is used as the decryption key, and the first secret key Ks1 is used as the encryption / decryption key. Two secret keys Ks2 are transferred. However, the encrypted data Cmks3 cannot be decrypted using the first secret key Ks1 transferred as the decryption key. When the secondary user makes a secondary use application to the copyright management center 9 while pretending that the tertiary user is a secondary user, the second secret key Ks2 is used as the decryption key, and the encryption / decryption key is used. The third secret key Ks3 is transferred. However, the encrypted Cmks3 cannot be decrypted using the second secret key Ks2 transferred as the decryption key. Therefore, it is impossible to make a false application for the use of data, and as a result, not only the original copyright of the data but also the copyright of the primary user and the copyright of the secondary user of the data are protected. Hereinafter, the same procedure is applied to the fourth and subsequent uses.
[0040]
Although the database 1, the key management center 9 and the copyright management center 10 in the embodiment described above are separately provided, they are not necessarily separate, and all or appropriate two of them are integrated. It is also possible to install in. Also, the secondary encryption key reissuance application from the primary user may be made to the copyright management center 10 instead of being made to the key management center 9 as in the embodiment.
[0041]
[Embodiment 2] Next, Embodiment 2 will be described. Although most of the configuration of this embodiment is the same as that of Embodiment 1, a copyright management program and, in some cases, a first secret key and The second secret key is supplied after being encrypted. In this embodiment as well, as in the first embodiment, the original data is encrypted and supplied unidirectionally from a single database, and the user selects and uses the required original data. Since the system configuration used in the second embodiment is not different from the system configuration of the first embodiment shown in FIG. 1, the description of the system configuration is omitted.
[0042]
In this embodiment, the original data M0 stored in the database 1 is unidirectionally supplied to the primary user terminal device 4 via the artificial satellite 2, the storage medium 3 or the communication network 8. One private key Ks1 is used for encryption.
Cm0ks1 = E (Ks1, M0)
[0043]
A primary user who desires primary use of the supplied encrypted data Cm0ks1 uses the primary user terminal device 4 to the key management center 9 to provide the original data name or original data number via the communication network 8. By specifying, the primary use application for the encrypted original data Cm0ks1 is made. At this time, the primary user information Iu1 is presented to the key management center 9.
[0044]
The key management center 9 that has received the primary use application for the encrypted original data Cm0ks1 uses the primary user information Iu1 to generate a private key Ksu1 dedicated to the primary user and transfers it to the copyright management center 10.
[0045]
Upon receiving the primary user private key Ksu1, the copyright management center 10 encrypts the copyright management program P using the primary user private key Ksu1,
Cpksu1 = E (Ksu1, P)
The encrypted copyright management program Cpksu1 is transferred to the key management center 9. The encrypted copyright management program Cpksu1 generated in this way is unique to the primary user. The key management center 9 receives the encrypted secret management program Cpksu1 received from the copyright management center 10 together with the first secret key Ks1 that is a decryption key and the second secret key Ks2 that is a decryption / encryption key. 8 is transferred to the primary user terminal device 4 via 8.
[0046]
In the primary user terminal device 4 that has received the encrypted copyright management program Cpksu1, the first secret key Ks1, and the second secret key Ks2, the database organization software S that has been distributed in advance is the primary user information Iu1. Based on this, the primary user private key Ksu1 is generated,
Ksu1 = S (Iu1)
Decrypt the encrypted copyright management program Cpsu1 using the generated primary user private key Ksu1;
P = D (Ksu1, Cpsu1)
Using the decrypted copyright management program P, the encrypted original data Cm0ks1 is decrypted using the first secret key Ks1.
M0 = D (Ks1, Cm0ks1)
The decrypted original data M0 is used as it is or as processed data M1.
[0047]
When the data M that is the original data M0 or the processed data M1 is stored, copied, or transferred, the data M is encrypted by the copyright management program P by using the second secret key Ks2, and thereafter in the primary user terminal device 4 The data M is decrypted and encrypted using the second secret key Ks2.
Cmks2 = E (Ks2, M),
M = D (Ks2, Cmks2)
[0048]
When the data M is copied to the external storage medium 11 and when the data is transferred via the communication network 8, the first secret key Ks1 and the second secret key Ks2 in the primary user terminal device 4 are stored by the copyright management program P. Discarded. Therefore, when the primary user uses the data M again, it is necessary to apply to the key management center 9 and receive the second secret key Ks2. The second re-grant of the second secret key Ks2 means that the data M is copied to the external storage medium 11 or transferred to the secondary user terminal device 5 via the communication network 8 for secondary use. This means that this is registered in the copyright management center 10 from the key management center 9, and the subsequent secondary use becomes possible.
[0049]
The data M is moved from the primary user terminal device 4 to the secondary user terminal device 5 by the external storage medium 11 or the communication network 8. When the data M is copied to the external storage medium 11 or transferred via the communication network 8, the data M is encrypted using the second secret key Ks2.
[0050]
When the data M is copied to the external storage medium 11 and when the data M is transferred through the communication network 8, the first secret key Ks1 and the second secret key Ks2 in the primary user terminal device 4 are discarded. At this time, unencrypted information Iu1 about the primary user is added to the encrypted data Cmks2 stored in the primary user terminal device 4. For this reason, when the encrypted data Cmks2 is transferred to the secondary user, the primary user information Iu1 is also transferred.
[0051]
A secondary user who desires secondary use of the encrypted data Cmks2 copied or transferred from the primary user uses the secondary user terminal device 5 to the copyright management center 10 via the communication network 8. Specify the original data name or the original data number and present the secondary user information Iu2 to make a secondary use application. At that time, it is added to the encrypted data Cmks2 to clarify the relationship with the primary user. The unencrypted primary user information Iu1 is also presented. Based on the presented primary user information Iu1, the copyright management center 10 confirms that the primary user has received the second secret key Ks2 for secondary use of the data. Based on the secondary user information Iu2, a secret key Ksu2 dedicated to the secondary user is generated.
[0052]
The copyright management center 10 encrypts the copyright management program P using the secondary user private key Ksu2,
Cpksu2 = E (Ksu2, P)
The encrypted copyright management program Cpksu2, the second secret key Ks2 that is the decryption key, and the third secret key Ks3 that is the encryption / decryption key are transferred to the secondary user terminal device 5 via the communication network 8. Note that information Iu1 relating to the primary user may be added to the encrypted copyright management program Cpksu2.
[0053]
In the secondary user terminal device 5 that has received the second secret key Ks2 and the third secret key Ks3, the database organization utilization software generates a secondary user-specific secret key Ksu2 based on the secondary user information Iu2,
Ksu2 = S (Iu2)
Decrypt the encrypted copyright management program Cpsu2 using the generated secondary user private key Ksu2.
P = D (Ksu2, Cpsu2)
Using the decrypted copyright management program P, the encrypted original data Cmks2 is decrypted using the second secret key Ks2.
M = D (Ks2, Cmks2)
The decrypted data M is used as it is or after being processed.
[0054]
In this way, a data copyright management system is created by generating a user-specific encryption key based on user information of a user who has applied for use and encrypting the copyright management program using the generated user-specific encryption key. The safety will be higher. Further, if each secret key supplied to the user at this time is also encrypted using the user-dedicated encryption key, the security of the data copyright management system can be further increased.
[0055]
[Embodiment 3] Further, in the system shown in FIG. 1, when the data M is copied to the external storage medium 11 or when the data M is transferred through the communication network 8, the copyright problem is dealt with. As yet another method for doing so, the primary usage application performed by the user of the primary user terminal 4 is limited to display permission, storage permission and processing permission, and other usage applications, ie, copy permission and transfer permission are obtained. The application for the copy permission and the transfer permission is performed separately. When the data M is copied to the external storage medium 11 and when the data is transferred to the secondary user terminal device 5 through the communication network 8, The first secret key Ks1 and the second secret key Ks2 in the primary user terminal device 4 can be discarded. In this way, the copyright management center 10 can grasp the copy or transfer of the data M more reliably.
[0056]
[Embodiment 4] FIG. 2 shows the configuration of Embodiment 4 of the data copyright management system according to the present invention. In the system shown in FIG. 1, the encrypted data is supplied unidirectionally via the satellite 2, the recording medium 3 or the communication network 8, but in the second embodiment, in response to a request from the primary user 4. Encrypted data is supplied bi-directionally. In this embodiment, the public key method is adopted as the encryption key method. It should be noted that the second embodiment can be applied to a case where satellite broadcasting, terrestrial broadcasting, CATV broadcasting, or a recording medium that does not require free encryption other than the database is used as a data supply means. It is.
[0057]
As in the system shown in FIG. 1, in the system shown in this figure, 1 is a database, 4 is a primary user terminal device, 5 is a secondary user terminal device, 6 is a tertiary user terminal device, and 7 is n. Next user terminal device. 14 is a secondary copyright management center, 15 is a tertiary copyright management center, 16 is an n-order copyright management center, and 8 is a public line provided by a communication carrier or a CATV line provided by a cable television operator. Communication network.
[0058]
Among these, database 1, primary user terminal device 4, secondary user terminal device 5, tertiary user terminal device 6, n-order user terminal device 7, secondary copyright management center 14, tertiary copyright management center 15 , N-order copyright management center 16 is connected to communication network 8 and can be connected to each other. In this figure, the route indicated by a broken line is a route for encrypted data, the route indicated by a solid line is a request route from each user terminal device, and the route indicated by a one-dot chain line is each route. A path through which the encryption key is transferred together with permission information corresponding to the usage form from the database, and the path indicated by a two-dot chain line is a copyright from the database or each copyright management center database to the next copyright management center database. This is the path through which information is transferred. Each user who uses this system registers in advance in the database organization. In addition, database organization utilization software is provided to the user at the time of registration. This database organization utilization software includes a program for decrypting an encrypted copyright management program in addition to normal communication software such as a data communication protocol.
[0059]
In using the database 1, the primary user uses the primary user authentication data Au1, the first public key Kb1, the first public key Kb1, the second public key Kb2, and the second public key Kb2 corresponding to the first public key Kb1. A corresponding second dedicated key Kv2 is prepared, and the primary user terminal device 4 is used to access the database 1 via the communication network 8.
[0060]
The database 1 that has received the primary user authentication data Au1, the first public key Kb1, and the second public key Kb2 from the primary user confirms the primary user authentication data Au1 and confirms the primary user authentication data Au1. Is transferred to the secondary copyright management center 14 as primary user information Iu1.
[0061]
On the other hand, the database 1 prepares two secret keys, that is, a first secret key Ks1 and a second secret key Ks2. The two secret keys may be prepared using the key center 9 of the first embodiment shown in FIG. Of the prepared first secret key Ks1 and second secret key Ks2, the second secret key Ks2 is also transferred to the copyright management center 14 in advance.
[0062]
As a result of the transfer, the copyright management center 14 stores primary user information Iu1, original copyright information Ic, and a second secret key Ks2. Of these, the original copyright information Ic is used to distribute the copyright usage fee.
[0063]
When the primary user who wants to use data accesses the database 1 using the primary user terminal device 4, the data menu is transferred. At this time, fee information may be displayed together with the data menu.
[0064]
When the data menu is transferred, the primary user performs a data menu search and selects data M. At this time, the original copyright information Ic of the selected data M is transferred to the copyright management center 14.
[0065]
The original data M0 is read from the database 1 in response to a primary user request. The read original data M0 is encrypted with the first secret key Ks1.
Cm0ks1 = E (Ks1, M0)
The encrypted data Cm0ks1 is accompanied by unencrypted original copyright holder information Ic. Further, the first secret key Ks1 is encrypted with the first public key Kb1, and the second secret key Ks2 is encrypted with the second public key Kb2.
Cks1kb1 = E (Kb1, Ks1),
Cks2kb2 = E (Kb2, Ks2)
At the same time, the copyright management program P is also encrypted with the second secret key Ks2.
Cpks2 = E (Ks2, P)
The encryption of the copyright management program P does not have to be encrypted with the second secret key Ks2, but can be encrypted using another appropriate encryption key. The encrypted original data Cm0ks1, the encrypted copyright management program Cpks2, and the two encrypted secret keys Cks1kb1 and Cks2kb2 are transferred to the primary user terminal device 4 via the communication network 8. If necessary, billing is performed. Note that the encrypted copyright management program CPks2 is not supplied from the database 1, but may be built in, for example, a ROM in the user terminal device 4.
[0066]
The primary user who received the encrypted original data Cm0ks1, the two encrypted secret keys Cks1kb1, Cks2kb2 and the encrypted copyright management program Cpks2 from the database 1 corresponds to the first public key Kb1 using the database organization use software. Decrypting the encrypted first secret key Cks1kb1 using the first dedicated key Kv1
Ks1 = D (Kv1, Cks1kb1)
The encrypted second secret key Cks2kb2 is decrypted using the second dedicated key Kv2 corresponding to the second public key Kb2.
Ks2 = D (Kv2, Cks2kb2)
Further, the encrypted copyright management program CPks2 is decrypted using the decrypted second secret key Ks2.
P = D (Ks2, Cpks2)
[0067]
Finally, the encrypted data Cm0ks1 is decrypted using the first secret key Ks1 decrypted using the decrypted copyright management program P,
M0 = D (Ks1, Cm0ks1)
The decrypted original data M0 is used as it is or as processed data M1. As explained before, the first dedicated key Kv1 and the second dedicated key Kv2 are encryption keys that are prepared by the primary user and are not disclosed to others, so that even if the third party obtains the data M, it is encrypted. It is impossible to decrypt the encrypted data M and use it.
[0068]
Thereafter, when the data M, which is the original data M0 or the processed data M1, is stored, copied or transferred, encryption and decryption are performed using the second secret key Ks2.
Cmks2 = E (Ks2, M),
M = D (Ks2, Cmks2)
The decrypted second secret key Ks2 is used as an encryption key for data encryption / decryption when data is stored, copied or transferred thereafter. The primary user terminal device 4 includes the original copyright information Ic together with the first dedicated key Kv1 and the second dedicated key Kv2, the first secret key Ks1 and the second secret key Ks2, the data M, and the copyright management program P. When the primary user processes the data, the primary user information and the copyright information Ic1 such as the processing date and time are also stored. The copyright information Ic1 is safe if it is attached to the data as a copyright information label, and further provided with a digital signature. The encrypted data Cmks2 is encrypted and distributed, and in order to obtain the second secret key Ks2 that is the decryption key, the copyright information label is a clue, so the copyright information label is removed from the encrypted data Cmks2. If this is the case, the second secret key Ks2 cannot be obtained.
[0069]
When the encrypted data Cmks2 is stored in the primary user terminal device 4, the second secret key Ks2 is stored in the device, but the encrypted data Cmks2 is stored in the primary user terminal device 4. If the data is copied to the storage medium 11 or transferred to the secondary user terminal device 5 via the communication network 8, the first user terminal device 4 cannot be used thereafter. The second secret key Ks2 is discarded. In this case, a limit may be imposed on the number of times of copying / transferring so that the second secret key Ks2 is not discarded in copying / transfer within the number of times of limitation.
[0070]
The primary user who wants to copy or transfer the data M to the external storage medium 11 via the communication network 8 prepares the second secret key Ks2 for copying or transferring, and the data M is transferred to the second secret key Ks2. Encrypt using.
Cmks2 = E (Ks2, M)
Unencrypted original copyright information Ic and primary user copyright information Ic1 are added to the encrypted data Cmks2.
[0071]
The secondary user, like the primary user, uses the authentication data Au2, the third public key Kb3, and the third dedicated key Kv3 corresponding to the third public key Kb3 before the database is used. A fourth dedicated key Kv4 corresponding to the fourth public key Kb4 and the fourth public key Kb4 is prepared.
[0072]
A secondary user who wishes to use the copied or transferred encrypted data Cmks2 for secondary use uses the secondary user terminal device 5 to communicate with the secondary copyright management center 14 via the communication network 8. A secondary use application is made by designating a name or original data number. At that time, in addition to the secondary user authentication data Au2, the original copyright information Ic and the primary user copyright information Ic1, a third public key Kb3 And the fourth public key Kb4.
[0073]
Upon receiving the secondary use application from the secondary user, the secondary copyright management center 14 confirms the secondary user authentication data Au2, and the confirmed secondary user authentication data Au2 is the tertiary work as secondary user information. It is transferred to the right management center 15. Further, when the secondary copyright information Ic1 of the primary user is transferred, the secondary copyright information Ic1 is inquired and confirmed with the secondary copyright management center 14, and the confirmed secondary copyright information Ic1 is confirmed. Is transferred to the tertiary copyright management center 15.
[0074]
The secondary copyright management center 14 prepares a third secret key Ks3. The third secret key Ks3 may be prepared using the key center 9 shown in the first embodiment. The prepared third secret key Ks3 is transferred to and stored in the tertiary copyright management center 15.
[0075]
As a result of these transfers, the tertiary copyright management center 15 has primary user copyright information Ic1, primary user information I1, original copyright information Ic, secondary user information Iu2, and a third secret key Ks3. Is stored. Among these, the primary user copyright information Ic1 and the primary user information I1 are used for copyright usage fee distribution.
[0076]
Similarly, the n-th copyright management center 16 includes (n-1) secondary user secondary copyright information Icn-1, primary user information I1, original copyright information Ic, n-th user information In, and An nth secret key Ksn is stored.
[0077]
The primary user information I1, the original copyright information Ic, and the second secret key Ks2 are read from the secondary copyright management center 14. Among these, the original copyright information Ic is used for distribution of the copyright usage fee. The read second secret key Ks2 is encrypted using the secondary user's third public key Kb3, and the third secret key Ks3 is also encrypted using the fourth public key Kb4.
Cks2kb3 = E (Kb3, Ks2),
Cks3kb4 = E (Kb4, Ks3)
The copyright management program P is encrypted using the third secret key Ks3, and the third secret key Ks3 is encrypted using the fourth public key Kb4.
Cpks3 = E (Ks3, P),
Cks3kb4 = E (Kb4, Ks3)
The encrypted copyright management program Cpks3, the encrypted second secret key Cks2kb3, and the encrypted third secret key Cks3kb4 are transferred to the secondary user terminal device 3 via the communication network 8. If necessary, billing is performed.
[0078]
The secondary user who has received the two encrypted secret keys Cks2kb3 and Cks3kb4 and the encrypted copyright management program Cpks3 from the secondary copyright management center 14 uses the database utilization software and uses the third dedicated key Kv3. Is used to decrypt the encrypted second secret key Cks2kb3, and the fourth dedicated key Kv4 corresponding to the fourth public key Kb4 is used to decrypt the encrypted third secret key Cks3Kb4.
Ks2 = D (Kv3, Cks2kb3),
Ks3 = D (Kv4, Cks3kb4)
Also, the encrypted copyright management program CPks3 is decrypted using the decrypted third secret key Ks3.
P = D (Ks3, Cpks3)
Next, the encrypted data Cmks2 is decrypted and used using the second secret key Ks2 decrypted using the decrypted copyright management program P.
M = D (Ks2, Cmks2)
[0079]
As described above, the third dedicated key Kv3 and the fourth dedicated key Kv4 are encryption keys that are prepared by the secondary user and are not disclosed to others, so the third party obtains the encrypted data Cmks2. Even so, it is impossible to decrypt and use it.
[0080]
In the embodiment described above, the database 1, the secondary copyright management center 14, the tertiary copyright management center 15, and the n-th copyright management center 16 are provided separately to avoid congestion of usage applications. However, if the congestion of the usage application does not become a problem, all or some of them can be combined.
[0081]
[Embodiment 5] FIG. 3 shows the system configuration of Embodiment 5. In this Embodiment 5, the original data is encrypted and supplied unidirectionally from a single database. Select and use necessary data from the supplied original data. In this embodiment, a secret key method is adopted as the encryption key method.
[0082]
In this figure, 1 is a database in which text data, computer graphics screen or computer program binary data, digital audio data, and digital video data are encrypted, and 2 is a communication / broadcasting satellite or the like. Artificial satellite, 3 is a data recording medium such as a CD-ROM or flexible disk, 8 is a communication network such as a public line provided by a communication carrier or a CATV line provided by a cable television operator, and 4 is a primary user terminal device. It is. Reference numeral 17 denotes a copyright management center for managing the copyright of the data. Reference numerals 5, 6 and 7 denote a secondary user terminal device, a tertiary user terminal device and an n-order user terminal device, respectively.
[0083]
Of these, the database 1, the copyright management center 17, the primary user terminal device 4, the secondary user terminal device 5, the tertiary user terminal device 6, and the n-order user terminal device 7 can be connected to each other via a communication network 8. ing.
[0084]
Each user who uses this system needs to register in the database organization in advance. In addition, database utilization software is provided to the user at the time of registration. This software includes a normal communication software program such as a data communication protocol. Software for using this database organization may be stored on a fixed disk in the user terminal device, but can also be stored in a mask ROM, EPROM, EEPROM, or the like built in the user terminal device.
[0085]
In this system, since the secret key is generated on the user side, the secret key generation algorithm is stored in the user terminal device. However, since this secret key generation algorithm itself is not necessarily secret, You may make it incorporate in the database organization utilization software supplied with respect to a user when registering utilization. In addition, when the original data is supplied free of charge with an advertisement or the like, encryption may not be necessary, but even in that case, since the copyright exists, a procedure for using the copyright is necessary.
[0086]
In this figure, the route indicated by a broken line is a route for encrypted data, the route indicated by a solid line is a request route from each user terminal device, and the route indicated by a one-dot chain line is each route. This is the path through which the encryption key is transferred from the database.
[0087]
The original data M0 stored in the database 1 or the data recording medium 3 is a primary user terminal device by a wired route via the communication network 8, by broadcast radio waves via the artificial satellite 2 or the like, or via the recording medium 3. In this case, the data is encrypted using the first secret key Ks1.
Cm0ks1 = E (Ks1, M0)
[0088]
As in the case of the first to fourth embodiments, in order to protect the copyright of the original data Cm0ks1 supplied after being encrypted, it is shown in Japanese Patent Application No. 6-64889, which is a prior application by the present inventors. As shown, in the primary user terminal device 4, the original data M0 is encrypted by using the second secret key Ks2 when storage, copying, and transfer, which is a usage form other than display for display and processing, is performed. ,
Cm0ks2 = E (Ks2, M0)
In subsequent use, the original data is encrypted / decrypted by the second secret key Ks2.
[0089]
The primary user who has obtained the encrypted original data Cm0ks1 uses the primary user terminal device 4 to designate the original data name or the original data number, etc., and to use the encrypted original data Cm0ks1 for the primary use. Apply for 17. The copyright management center 17 that has received the primary use application of the encrypted original data Cm0ks1 from the primary user terminal device 4 transfers the copyright management program P together with the first secret key Ks1 to the primary user terminal device 4. The copyright management program P includes an encryption program having an encryption algorithm, and the encryption program generates a secret key and decrypts / encrypts data.
[0090]
The primary user terminal device 4 that has received the first secret key Ks1 and the copyright management program P decrypts the encrypted original data Cm0ks1 using the first secret key Ks1 using the encryption program,
M0 = D (Ks1, Cm0ks1)
The decrypted original data M0 is used as it is or as processed data M1. Further, the copyright management program P generates a second secret key Ks2 based on the first secret key Ks1.
Ks2 = P (Ks1)
[0091]
If the data M, which is the original data M0 or the processed data M1, is stored in the primary user terminal device 4, copied to the recording medium 11, or transferred to the secondary user terminal device 5, the copyright Encryption is performed by the management program P using the second secret key Ks2.
Cmks2 = E (Ks2, M)
[0092]
The data Cmks2 encrypted by the second secret key Ks2 is copied to the recording medium 11 or transferred to the secondary user terminal device 5 via the communication network 8 together with the original data name or the original data number.
[0093]
The secondary user who has obtained the encrypted data Cmks2 uses the secondary user terminal device 5 to designate the original data name or the original data number, thereby making the secondary use of the encrypted data Cmks2 the copyright management center 17. Apply for.
[0094]
The copyright management center 17 which has received the secondary use application for the encrypted data Cmks2 finds the first secret key Ks1 from the original data name or the original data number, and the copyright management program P uses the second secret from the first secret key Ks1. Generate key Ks2
Ks2 = P (Ks1)
The generated second secret key Ks2 is supplied to the secondary user terminal device 5 together with the copyright management program P.
[0095]
The secondary user terminal device 5 that has received the second secret key Ks2 and the copyright management program P decrypts the data Cmks2 encrypted with the second secret key Ks2 with the second secret key Ks2.
M = D (Ks2, Cmks2)
Use display or processing.
[0096]
When the decrypted data M is stored in the secondary user terminal device 5, stored in the recording medium 12, or transferred to the tertiary user terminal device 6 via the communication network 8, The data M is encrypted by the copyright management program P using the second secret key Ks2.
[0097]
Further, the copyright management program P generates a third secret key Ks3 based on the second secret key Ks2,
Ks3 = P (Ks2)
[0098]
When the data M is stored in the secondary user terminal device 5, copied to the recording medium 12, or transferred to the tertiary user terminal device 6 via the communication network 8, the data M is It may be encrypted by the copyright management program P using the third secret key Ks3.
Cmks3 = E (Ks3, M)
[0099]
[Sixth Embodiment] Next, a sixth embodiment will be described. As in the fifth embodiment, the original data is encrypted and supplied unidirectionally from a single database, and the user needs from the supplied original data. Select what you want to use. The encryption key method employed in this embodiment is a secret key method, and the second secret key is generated based on the primary user information and the first secret key. Since the system configuration used in the sixth embodiment is not different from the system configuration of the fifth embodiment shown in FIG. 3, the description of the system configuration is omitted.
[0100]
In the sixth embodiment, the original data M0 stored in the database 1 is a wired path via the communication network 8, the first secret key Ks1 via the radio wave via the artificial satellite 2 or the like or via the recording medium 3. Is encrypted using
Cm0ks1 = E (Ks1, M0)
It is supplied to the primary user terminal device 4.
[0101]
The primary user who has obtained the encrypted original data Cm0ks1 uses the primary user terminal device 4 to apply to the copyright management center 17 for the primary use of the encrypted original data Cm0ks1. Designates the data number and presents the primary user information Iu1.
[0102]
The copyright management center 17 that has received the primary use application for the encrypted original data Cm0ks1 from the primary user supplies the first secret key Ks1 and the copyright management program P to the primary user terminal device 4.
[0103]
The copyright management program P includes an encryption program P having an encryption algorithm, and a secret key is generated and decrypted / encrypted by the encryption program P.
[0104]
The primary user terminal device 4 that has received the first secret key Ks1 and the copyright management program decrypts the encrypted original data M0 using the first secret key Ks1 by the encryption program P, and
M0 = D (Ks1, Cm0ks1)
The decrypted original data M0 is used as it is or as processed data M1. The supplied copyright management program P generates the second secret key Ks2 based on the primary user information Iu1 or the primary user information Iu1 and the first secret key Ks1.
Ks2 = P (Iu1) or
Ks2 = P (Iu1 + Ks1)
Since the generated second secret key Ks2 is based on the primary user information Iu1, it cannot be generated unless it has the correct primary user information Iu1. Instead of the primary user information Iu1, primary user data generated based on the primary user information Iu1 or a device number assigned to the primary user terminal device 4 can be used.
[0105]
When the data M which is the original data M0 or the processed data M1 is stored in the primary user terminal device 4 or copied to the recording medium 11, it is supplied to the secondary user terminal device 5 via the communication network 8. The data M is encrypted by the copyright management program P using the second secret key Ks2.
Cmks2 = E (Ks2, M)
[0106]
The data Cmks2 encrypted with the second secret key Ks2 is copied to the recording medium 11 together with the original data name or original data number and the primary user information Iu1, or the secondary user terminal device 5 via the communication network 8. To be supplied.
[0107]
The secondary user who has obtained the encrypted data Cmks2 uses the secondary user terminal device 5 to apply to the copyright management center 17 for secondary use of the data M. At this time, the original data name or the original data number is applied. Etc. and primary user information Iu1 is presented.
[0108]
The copyright management center 17 which has received the secondary use application for the data M searches for the first secret key Ks1 using the original data name or the original data number as a clue, and the primary user key information Iu1, the first secret key Ks1 or the primary user. A second secret key Ks2 is generated based on the information Iu1 and the first secret key Ks1, and the generated second secret key Ks2 is provided to the secondary user terminal device 5 together with the copyright management program P.
[0109]
The secondary user who has received the second secret key Ks2 and the copyright management program P uses the secondary user terminal device 5 to decrypt the encrypted data Cmks2 using the second secret key Ks2 by the copyright management program P. To use.
M = D (Ks2, Cmks2)
When the data M is stored in the secondary user terminal device 5, copied to the recording medium 11, or supplied to the tertiary user terminal device 6 via the communication network, the data is stored in the second user terminal device 5. It is encrypted with the secret key Ks2.
[0110]
The copyright management program P generates the third secret key Ks3 based on the second secret key Ks2,
Ks3 = P (Ks2)
When the data M is stored in the secondary user terminal device 5, copied to the recording medium 11, or supplied to the tertiary user terminal device 6 via the communication network, the data is stored in the third user terminal device 5. It can also be encrypted with the secret key Ks3.
[0111]
Further, when the secondary user makes a secondary use application to the copyright management center 17, the secondary user information Iu2 is presented, and the third secret key Ks3 is generated based on the presented secondary user information Iu2. It can also be done.
[0112]
In the sixth embodiment, if the copyright management program P for generating the second secret key Ks2 is common to all database organizations, the primary user information Iu1 and the first secret key Ks1 are not changed in any database organization. For the same original data, the same second secret key Ks2 is generated.
[0113]
[Embodiment 7] Next, Embodiment 7 will be described. As in Embodiments 5 and 6, the original data is encrypted and supplied in one direction from a single database, and the user is supplied. Select and use the necessary data from the original data. In this embodiment, the second secret key is generated based on the number of times the copyright management program is used and the first secret key.
[0114]
The encryption key method employed in this embodiment is a secret key method. The system configuration used in the seventh embodiment is not different from the system configurations of the fifth and sixth embodiments shown in FIG.
[0115]
The original data M0 stored in the database 1 is encrypted using a first secret key Ks1 by a wired route through the communication network 8, by broadcast radio waves through the artificial satellite 2 or the like, or through the recording medium 3. Is
Cm0ks1 = E (Ks1, M0)
It is supplied to the primary user terminal device 4.
[0116]
The primary user who has obtained the encrypted original data Cm0ks1 uses the primary user terminal device 4 to designate the original data name or the original data number, etc., so that the primary use of the original data M0 is sent to the copyright management center 17. Apply.
[0117]
The copyright management center 17 that has received the primary use application for the original data M 0 transfers the first secret key Ks 1 and the copyright management program P to the primary user terminal device 4.
[0118]
The copyright management program P includes an encryption program having an encryption algorithm, and generates an encryption key and decrypts / encrypts data. Further, the copyright management program P is provided with a counter, and this counter counts the number of uses N of the program P.
[0119]
The primary user who has received the first secret key Ks1 and the copyright management program P decrypts the encrypted original data Cm0ks1 using the first secret key Ks1 using the copyright management program P, and
M0 = D (Ks1, Cm0ks1)
The decrypted original data M0 is used as it is or as processed data M1.
[0120]
In this system, when the data M, which is the original data M0 or the processed data M1, is stored in the primary user terminal device 4 in order to manage the copyright of the data, when it is copied to the recording medium 11, the communication network 8, the copyright management program encrypts the copyright management program using the second secret key Ks1 from P, and the second encryption key Ks2 used at this time is the copyright. It is generated based on the usage count N of the right management program and the first secret key Ks1.
Ks2 = P (N + Ks1)
[0121]
Since the second secret key Ks2 generated in this way is based on the usage count N of the copyright management program P and the first secret key Ks1, the data M is the latest second secret key Ks2 each time it is used. Encrypted.
Cmks2 = E (Ks2, M)
[0122]
The data Cmks2 encrypted by the second secret key Ks2 generated by the last use is copied to the recording medium 11 together with the original data name or the original data number and the counter data N1, or secondary via the communication network 8. It is transferred to the user terminal device 5.
[0123]
The secondary user who obtained the encrypted data Cmks2 uses the secondary user terminal device 5 to present the original data name or the original data number and the counter data N1, and the secondary use of the encrypted data Cmks2 is used for the copyright management center. Apply for 17.
[0124]
Upon receiving the secondary use application for the encrypted data Cmks2, the copyright management center 17 searches for the first secret key Ks1 from the presented original data name or original data number, and based on the counter data N1 and the first secret key Ks1. A second secret key Ks2 is generated, and the second secret key Ks2 is supplied to the secondary user terminal device 5 via the communication network 8 together with the copyright management program P.
[0125]
The secondary user who has received the second secret key Ks2 and the copyright management program P decrypts the encrypted data Cmks2 using the copyright management program P using the second secret key Ks2.
M = D (Ks2, Cmks2)
The decrypted data M is used as it is or after being processed.
[0126]
When the data M is stored in the secondary user terminal device 5, copied to the recording medium 11, or transferred to the tertiary user terminal device 6 via the communication network 8, the data M is copyrighted. Encrypted by the right management program P with the second secret key Ks2.
Cmks2 = E (Ks2, M)
[0127]
In this case, the copyright management program P may further generate the third secret key Ks3 based on the number N2 of use of the copyright management program P in the secondary user terminal device 5 and the secret key Ks2.
Ks3 = P (N2 + Ks2)
In this case, when the data M is stored in the secondary user terminal device 5, copied to the recording medium 11, or transferred to the tertiary user 6 via the communication network 8, the data M is Encrypted by the copyright management program P with the third secret key Ks3.
Cmks3 = E (Ks3, M)
[0128]
[Eighth Embodiment] FIG. 4 shows a system configuration of a data copyright management system according to an eighth embodiment. In this eighth embodiment, the original data supplied from a single database is requested by the user. In response, it is supplied bidirectionally. The encryption method employed in this embodiment is a secret key method, and a second secret key is generated based on the first secret key.
[0129]
In this figure, 1 is a database, 4 is a primary user terminal device, 5 is a secondary user terminal device, 6 is a tertiary user terminal device, and 7 is an n-order user terminal device. Reference numeral 18 denotes a copyright management center, and reference numeral 8 denotes a communication network such as a public line provided by a communication provider or a CATV line provided by a cable television provider.
[0130]
Of these, the database 1, the copyright management center 18, the primary user terminal device 4, the secondary user terminal device 5, the tertiary user terminal device 6, and the n-order user terminal device 7 can be connected to each other via the communication network 8. ing.
[0131]
Each user who uses this system needs to register in the database organization in advance. Also, database organization software is provided to the user at the time of registration. This software includes a normal communication software program such as a data communication protocol. The database organization software may be stored on a fixed disk in the user terminal device, but can also be stored in a mask ROM, EPROM, EEPROM, or the like built in the user terminal device.
[0132]
In this system, a secret key generation algorithm is stored in the user terminal device in order to generate a secret key on the user side. However, since this secret key generation algorithm itself is not necessarily secret, use is registered in the database organization. In this case, it may be built in the database organization software provided to the user. In the case of original data supplied free of charge with advertisements, etc., encryption may not be required, but even in that case, there is a copyright, so a procedure for using the copyright is necessary. .
[0133]
In this figure, the route indicated by a broken line is a route for encrypted data, the route indicated by a solid line is a request route from each user terminal device, and is indicated by a one-dot chain line. Is a path through which the secret key is transferred together with the usage permission information and the copyright management program corresponding to the usage form from each database.
[0134]
In this figure, text data, graphics data, binary data, audio data, and video data are stored in the database 1 in an unencrypted state.
[0135]
The primary user uses the primary user terminal device 4 and designates the name of the original data desired to be used for the database 1 via the communication network 8 and applies for the use of the original data M0.
[0136]
The database 1 that has received the application for the use of the original data M0 from the primary user terminal device 4 encrypts the original data M0 with the first secret key Ks1,
Cm0ks1 = E (Ks1, M0)
The copyright management program P is supplied to the primary user terminal device 4 together with the encrypted original data Cm0ks1 and the first secret key Ks1. The copyright management program P includes an encryption program having an encryption algorithm, and the encryption program P generates a secret key and decrypts / encrypts data. If this encryption algorithm depends on the first secret key Ks1, the copyright management program P can be made unique to the original data M0.
[0137]
The primary user terminal device 4 that has received the first secret key Ks1 and the copyright management program P together with the original data Cm0ks1 encrypted using the first secret key Ks1 encrypts the original data using the first secret key Ks1. Decrypt Cm0ks1,
M0 = D (Ks1, Cm0ks1)
The decrypted original data M0 is used as it is or as processed data M1. Further, the copyright management program P generates a second secret key Ks2 based on the first secret key Ks1.
Ks2 = P (Ks1)
[0138]
When the decrypted original data or processed data M is stored in the primary user terminal device 4 or copied to the recording medium 11, the secondary user terminal device 5 is transmitted via the communication network 8. Data M is encrypted by the copyright management program P using the second secret key Ks2.
Cmks2 = E (Ks2, M)
[0139]
The encrypted data Cmks2 is copied to the recording medium 11 together with the original data name or the original data number, or transferred to the secondary user terminal device 5 via the communication network 8.
[0140]
The secondary user who has obtained the encrypted data Cmks2 uses the secondary user terminal device 5 to designate the original data name or the original data number, thereby writing the secondary use of the data M that is the original data or the processed data. Apply to the rights management center 18.
[0141]
The secondary copyright management center 18 having received the secondary use application for the data M searches for the first secret key Ks1 using the original data name or the original data number as a clue, and the second secret key Ks2 based on the first secret key Ks1. Produces
Ks2 = P (Ks1)
The generated second secret key Ks2 is supplied to the secondary user terminal device 5 together with the copyright management program P.
[0142]
The secondary user terminal device 5 that has received the second secret key Ks2 and the copyright management program P decrypts the encrypted data Cmks2 using the second secret key Ks2 using the copyright management program P, and
M = D (Ks2, Cmks2)
The decrypted M is used as it is or after being processed. When the data M is stored in the secondary user terminal device 5, copied to the recording medium 12, or transferred to the tertiary user terminal device 6 via the communication network 8,
[0143]
The copyright management program P generates a third secret key Ks3 based on the second secret key Ks2,
Ks3 = P (Ks2)
Data M is encrypted by the copyright management program P using the generated third secret key Ks3.
Cmks3 = E (Ks3, M)
[0144]
[Ninth Embodiment] In a ninth embodiment to be described below, the original data supplied from a single database is supplied in response to a request from the user, as in the eighth embodiment shown in FIG. The encryption method employed in this embodiment is a secret key method, and user data is used in addition to the first secret key used in Embodiment 8 for generating the second secret key. Since the system configuration of this embodiment is not different from the system configuration of the eighth embodiment, the description of the system configuration is omitted.
[0145]
In the database 1, the original data M0 is stored in an unencrypted state. When the primary user accesses the database 1 using the primary user terminal device 4, the data menu is transferred. At this time, fee information may be displayed together with the data menu.
[0146]
When the data menu is transferred, the primary user searches the data menu, selects the original data M0, and designates the original data name of the selected original data M0 to the database 1 to the primary of the original data M0. Apply for usage.
[0147]
In the database 1 that has received the application for the use of the original data M0 from the primary user terminal device 4, the original data M0 is read, and the read original data M0 is encrypted with the first secret key Ks1,
Cm0ks1 = E (Ks1, M0)
The copyright management program P is supplied to the primary user terminal device 4 together with the encrypted original data Cm0ks1 and the first secret key Ks1.
[0148]
The copyright management program P used here is common to all database organizations, and further includes an encryption program having an encryption algorithm, and encryption generation and decryption / encryption of data are performed by this encryption program. Is called.
[0149]
The primary user terminal device 4 that has received the first secret key Ks1 and the copyright management program P decrypts the original data Cm0ks1 encrypted by the copyright management program P using the first secret key Ks1,
M0 = D (Ks1, Cm0ks1)
The decrypted original data M0 is used as it is or as processed data M1. Also, the copyright management program P generates a second secret key Ks2 based on the primary user information Iu1.
Ks2 = P (Iu1)
The second secret key Ks2 can be generated based on the first secret key Ks1 or the primary user data Iu1 and the first secret key Ks1 in addition to the primary user information Iu1.
Ks2 = P (Ks1),
Ks2 = P (Ks1 + Iu1)
[0150]
When the data M which is the original data M0 or the processed data M1 is stored in the primary user terminal device 4 or copied to the recording medium 11, it is transferred to the secondary user terminal device 5 via the communication network 8. The data M is encrypted by the copyright management program P with the second secret key Ks2.
Cmks2 = E (Ks2, M)
[0151]
The data Cmks2 encrypted with the second secret key Ks2 is given the original data name or the original data number, and is copied to the recording medium 11 or sent to the secondary user terminal device 5 via the communication network 8. Transferred.
[0152]
The secondary user who has obtained the data Cmks2 encrypted with the second secret key Ks2 applies to the copyright management center 18 for secondary use of the data M using the secondary user terminal device 5, but at this time, the original user A data name or an original data number is designated and primary user information Iu1 that is not encrypted is presented.
[0153]
The copyright management center 18 that has received the secondary use application for the data M searches for the first secret key Ks1 by the designated original data name or original data number, and the primary user information Iu1 presented by the copyright management program P. , A second secret key Ks2 is generated based on the found first secret key Ks1 and supplied to the secondary user terminal device 5 together with the copyright management program P.
[0154]
The secondary user who has received the second secret key Ks2 and the copyright management program P uses the secondary user terminal device 5 to encrypt the data Cmks2 encrypted by the copyright management program P using the second secret key Ks2. Decrypt
M = D (Ks2, Cmks2)
The decrypted data M is used as it is or after being processed. When the data M is stored in the secondary user terminal device 5, copied to the recording medium 11, or transferred to the tertiary user terminal device 6 via the communication network 8, the data M is Encrypted by the copyright management program P with the second secret key Ks2.
Cmks2 = E (Ks2, M)
[0155]
In this case, the copyright management program P generates the third secret key Ks3 based on the primary user information Iu1 and the second secret key Ks2 or the primary user information Iu1 and the second secret key Ks2.
Ks3 = P (Iu1),
Ks3 = P (Iu1 + Ks1),
Ks3 = P (Ks1)
It can also be done. Also, the secondary user information Iu2 can be presented when the secondary user makes a secondary use application, and the third secret key can be generated based on the secondary user information Iu2 instead of the primary user information Iu1. The data M is encrypted by the copyright management program P with the third secret key Ks3.
Cmks3 = E (Ks3, M)
[0156]
In this embodiment, since the copyright management program P for generating the second secret key Ks2 is common to all database organizations, the primary user data Iu1 and the first secret key Ks1 are not changed in any database organization. For the same original data, the same second secret key Ks2 is generated.
[0157]
[Embodiment 10] In Embodiment 10 to be described next, the original data is supplied from a single database in response to a request from the user in the same manner as Embodiment 8 shown in FIG. The encryption method employed in this embodiment is a secret key method. In this embodiment, the number of times the copyright management program is used is used instead of the user information used in the ninth embodiment for generating the second secret key. Since the system configuration of this embodiment is not different from the system configuration of the eighth embodiment, the description of the system configuration is omitted.
[0158]
In the database 1, the original data M0 is stored in an unencrypted state. When the primary user accesses the database 1 using the primary user terminal device 4, the data menu is transferred. At this time, fee information may be displayed together with the data menu.
[0159]
When the data menu is transferred, the primary user searches the data menu, selects the original data M0, uses the primary user terminal device 4, and transmits the original data name to the database 1 via the communication network 8. Apply for the use of the original data M0 that you wish to use for primary use.
[0160]
The database 1 that has received the data use application from the primary user encrypts the original data M0 with the first secret key Ks1,
Cm0ks1 = E (Ks1, M0)
The copyright management program P is supplied to the primary user terminal device 4 together with the encrypted data Cm0ks1 and the first secret key Ks1.
[0161]
The copyright management program P includes an encryption program having an encryption algorithm, and an encryption key is generated and data is decrypted / encrypted by the encryption program. The copyright management program P is provided with a counter, which counts the number of times the program has been used N or the number of times N has used the original data. If this encryption algorithm depends on the first secret key Ks1, the copyright management program P can be made unique to the original data.
[0162]
The primary user who has received the first secret key Ks1 and the copyright management program P decrypts the encrypted original data Cm0ks1 using the first secret key Ks1 using the copyright management program P, and
M0 = D (Ks1, Cm0ks1)
The decrypted original data M0 is used as it is or as processed data M1.
[0163]
In order to protect the copyright of the data, when the data M, which is the original data M0 or the processed data M1, is stored in the primary user terminal device 4 or copied to the recording medium 11, it is transmitted via the communication network 8. When transferred to the secondary user terminal device 5, the data M is encrypted by the copyright management program P. In other words, the copyright management program operates whenever these uses are performed.
[0164]
On the other hand, when the supplied copyright management program P is used, the counter in the program counts, and the copyright management program P generates the second secret key Ks2 based on the count number N and the first secret key Ks1. To do.
Ks2 = P (N + Ks2)
[0165]
Since this second secret key Ks2 is also based on the number of uses N of the copyright management program P, the data M is encrypted with the new second secret key Ks2 each time it is used.
Cmks2 = E (Ks2, M)
The data Cmks2 encrypted with the second secret key Ks2 generated last is copied to the recording medium 11 or via the communication network 8 together with the original data name or original data number, the primary user information Iu1 and the counter data N. Then, it is transferred to the secondary user terminal device 5.
[0166]
The secondary user who has obtained the data Cmks2 encrypted using the second secret key Ks2 presents the original data name or original data number, the primary user information Iu1 and the counter data N, and uses the data M for secondary use. Is applied to the copyright management center 18.
[0167]
The copyright management center 18 that has received the secondary use application for the encrypted data Cmks2 searches for the first secret key Ks1 from the original data name or the original data number of the data, and presented the first secret key. A second secret key Ks2 is generated from the primary user information Iu1 and counter data N, and the generated second secret key Ks2 is transferred to the secondary user terminal device 5 together with the copyright management program P.
[0168]
The secondary user terminal device 5 that has received the second secret key kS2 and the copyright management program P uses the copyright management program P to decrypt the encrypted data Cmks2 using the second secret key Ks2.
M = D (Ks2, Cmks2)
The decrypted data M is used as it is or after being processed.
[0169]
When data is stored in the secondary user terminal device 5, copied to the recording medium 12, or transferred to the tertiary user terminal device 6 via the communication network 8, the data is copyrighted. Encrypted by the management program with the second secret key.
[0170]
Further, the copyright management program can generate a third secret key based on the second secret key.
[0171]
Each of the first to tenth embodiments described above is for the case of using single original data supplied from a database. However, as a form of data utilization, in addition to processing single data, when creating new data by combining multiple original data obtained from the same database, and multiple original data obtained from multiple databases. New data may be created by combining data.
[0172]
[Embodiment 11] Embodiment 11 to be described next is an embodiment in which a primary user creates new data by combining a plurality of original data stored in a single database. New data is created using the saved first, second and third original data as materials.
[0173]
In this embodiment, as in the embodiment 8 shown in FIG. 4, a plurality of original data is supplied from a single database in response to a user request. The encryption method employed in this embodiment is a secret key method. Since the system configuration of this embodiment is not different from the system configuration of the eighth embodiment, the description of the system configuration is omitted.
[0174]
In the database 1, the original data M01, M02, and M03 are stored in an unencrypted state. When the primary user accesses the database 1 using the primary user terminal device 4, the data menu is transferred. At this time, fee information may be displayed together with the data menu.
[0175]
When the data menu is transferred, the primary user searches the data menu, selects the original data M01, M02, and M03 and uses the primary user terminal device 4 to the database 1 via the communication network 8. The application of each original data is requested by designating the original data names or the original data numbers of the first, second and third original data M01, M02 and M03. At this time, the primary user information Iu1 is presented.
[0176]
The database 1 that has received the supply application of the first, second, and third original data M01, M02, and M03 from the primary user has the first, second, and third original data M01, M02, M03 is encrypted using the first, second and third secret keys Ks01, Ks02 and Ks03, respectively.
Cm01ks01 = E (Ks01, M01),
Cm02ks02 = E (Ks02, M02),
Cm03ks03 = E (Ks03, M03)
The primary user terminal apparatus 4 is supplied with the copyright management program P common to the first, second and third secret keys Ks01, Ks02, Ks03 and all the database organizations and all the original data. The copyright management program P includes an encryption program having an encryption algorithm, and performs encryption key generation and decryption / encryption.
[0177]
Encrypted first original data Cm01ks01, encrypted second original data Cm02ks02, encrypted third original data Cm03ks03, first secret key Ks01, second secret key Ks02, third secret key Ks03, and copyright management program P are received. The primary user terminal device 4 uses the copyright management program P to decrypt the first, second, and third encrypted original data Cm01ks01, Cm02ks02, and Cm03ks03 using these secret keys Ks01, Ks02, and Ks03. And
M01 = D (Ks01, Cm01ks01),
M02 = D (Ks02, Cm02ks02),
M03 = D (Ks03, Cm03ks03)
The original data M01, M02, and M03 are processed to create new data M1.
[0178]
Also, the copyright management program P uses the first secret key Ks01, the second secret key Ks02, the third secret key Ks03, one of the primary user data Iu1, or some of the fourth secret key Ks4. Is generated.
Ks4 = P (Ks01 / Ks02 / Ks03 / Iu1)
[0179]
When the processed data M1 is stored in the primary user terminal device 4, copied to the recording medium 11, or transferred to the secondary user 5 via the communication network 8, the copyright management program P Is encrypted with the fourth secret key Ks4.
Cm1ks4 = E (Ks4, M1)
[0180]
The encrypted data Cm1ks4 is copied to the recording medium 11 or transferred to the secondary user terminal device 5 via the communication network 8 together with the original data name or original data number and the primary user data Iu1.
[0181]
The secondary user who has obtained the encrypted data Cm1ks4 uses the secondary user terminal device 5 to apply for the secondary use of the encrypted data Cm1ks4 to the copyright management center 18. At this time, the original data M01, M02, A data name or data number of M03 is designated and primary user information Iu1 is presented.
[0182]
Upon receiving the secondary use application for the encrypted data Cm1ks4 from the secondary user, the copyright management center 18 searches for the first secret key Ks01 from the data name or data number of the first original data M01, and stores the second original data M02. The second secret key Ks02 is searched from the data name or data number, the third secret key Ks03 is searched from the data name or original data number of the third original data M03, and the first searched for by the common copyright management program P A fourth secret key Ks4 is generated based on one or some of the secret key Ks01, the second secret key Ks02, the third secret key Ks03, and the primary user information Iu1,
Ks4 = P (Ks01 / Ks02 / Ks03 / Iu1)
It is provided to the secondary user 5 together with the common copyright management program P.
[0183]
The secondary user who has received the copyright management program common to the fourth secret key decrypts the processed data M1 using the fourth secret key Ks4 by the copyright management program P,
M1 = D (Ks4, Cm1ks4)
The decrypted processed data M1 is used as it is or as reprocessed data M2.
[0184]
When the processed data M1 or reprocessed data M2 is stored in the secondary user terminal device 5, copied to the recording medium 12, or transferred to the tertiary user 6 via the communication network 8, The copyright management program P generates a fifth secret key Ks5 based on the fourth secret key Ks4,
Ks5 = P (Ks4)
These data are encrypted by the copyright management program P using the fifth secret key Ks5.
Cm1ks5 = E (Ks5, Cm1),
Cm2ks5 = E (Ks5, Cm2)
[0185]
The common copyright management program P generates the fifth secret key Ks5 using the fourth secret key Ks4, and performs subsequent encryption / decryption using the generated fifth secret key Ks5. You can also
[0186]
In this embodiment, since the copyright management program for generating the fourth secret key is common in all database organizations, it is the same in all database organizations unless the primary user data and the first secret key are changed. The same fourth secret key is generated for the original data.
[0187]
In this embodiment, the common copyright management program is supplied from the copyright management center 18, but may be built in the ROM in each user terminal device or in software for using a database.
[0188]
[Embodiment 12] Embodiment 12 described below is an embodiment in which new data is created by combining a plurality of original data supplied in response to a user request from a plurality of databases. In this embodiment, encryption is performed. A secret key method is adopted as the key method.
[0189]
In FIG. 5, 19, 20 and 21 are text data, computer graphics screen or binary data which is a computer program, first, second and third databases storing audio data or video data, and 4 is a primary user. A terminal device, 5 is a secondary user terminal device, 6 is a tertiary user terminal device, 7 is an n-order user terminal device, 10 is a copyright management center for managing data copyrights, and 8 is provided by a communication carrier. This is a communication network such as a public line or a CATV line provided by a cable television company.
[0190]
Among these, the first, second and third databases 19, 20, 21, the copyright management center 10, the primary user terminal device 4, the secondary user terminal device 5, the tertiary user terminal device 6, and the n-th user terminal device 7 can be connected to each other via a communication network 8.
[0191]
Each user who uses this system needs to register in advance in each database organization. In addition, software used by each database organization is supplied to the user at the time of registration. This software includes a normal communication software program such as a data communication protocol. These database organization utilization software may be stored on a fixed disk in the user terminal device, but can also be stored in a mask ROM, EPROM, EEPROM, or the like built in the user terminal device.
[0192]
In this system, an encryption key generation algorithm is stored in the user terminal device in order to generate a secret key on the user side. However, since this encryption key generation algorithm itself is not necessarily secret, It may be built into the software. In the case of original data supplied free of charge with advertisements, etc., encryption may not be required, but even in that case, there is a copyright, so a procedure for using the copyright is necessary. . In this figure, a path indicated by a broken line is a path of encrypted data, and a path indicated by a solid line is a path for making a request from each user terminal device to each database and the copyright management center. A path indicated by a chain line is a path through which permission information, a copyright management program, and an encryption key corresponding to the usage form are transferred from each database and the copyright management center to each user terminal device.
[0193]
In this embodiment, a different secret key and copyright management program are used for each original data, but these are stored in advance in each database and copyright management center.
[0194]
In the first database 19, the first original data M1 is stored in an unencrypted state. When the primary user accesses the first database 19 using the primary user terminal device 4, the data menu is displayed. Transferred.
[0195]
When the data menu is transferred, the primary user searches the data menu, selects the first original data M1, and uses the primary user terminal device 4 to the first database 19 via the communication network 8. Applying for the supply of the first original data M1 by designating the original data name or the original data number, the primary user information Iu1 is presented at this time.
[0196]
The first database 19 that has received the application for the use of the first original data M1 from the primary user encrypts the first original data M1 that has received the use application using the first secret key Ks1,
Cm1ks1 = E (Ks1, M1)
Supplied to the primary user terminal device 4.
[0197]
The second original data M2 is stored in the second database 20 in an unencrypted state. When the primary user accesses the second database 20 using the primary user terminal device 4, the data menu is displayed. Transferred.
[0198]
When the data menu is transferred, the primary user searches the data menu, selects the second original data M2, and uses the primary user terminal device 4 to communicate with the second database 20 via the communication network 8. Applying for the supply of the second original data M2 by designating the original data name or the original data number, the primary user information Iu1 is presented at this time.
[0199]
The second database 20 that has received the use application of the second original data M2 from the primary user encrypts the second original data M2 that has received the use application using the second secret key Ks2,
Cm2ks2 = E (Ks2, M2)
Supplied to the primary user terminal device 4.
[0200]
The third database 21 stores the second original data M3 in an unencrypted state. When the primary user accesses the third database 21 using the primary user terminal device 4, the data menu is displayed. Transferred.
[0201]
When the data menu is transferred, the primary user searches the data menu, selects the third original data M3, and uses the primary user terminal device 4 to communicate with the third database 22 via the communication network 8. Applying for the supply of the third original data M3 by designating the original data name or the original data number, the primary user information Iu1 is presented at this time.
[0202]
The third database 21 that has received the application for the use of the third original data M3 from the primary user encrypts the third original data M3 that has received the use application using the third secret key Ks3,
Cm3ks3 = E (Ks3, M3)
Supplied to the primary user terminal device 4.
[0203]
The primary user supplied with the encrypted first, second and third original data Cm1ks1, Cm2ks2, and Cm3ks3 uses the primary user terminal device 4 to encrypt the first, second and third original data Cm1ks1. , Cm2ks2, and Cm3ks3 via the communication network 8 to designate the original data name or the original data number, and apply to the copyright management center 10 for the primary use.
[0204]
The copyright management center 10 that has received the primary use application of the encrypted first, second, and third original data Cm1ks1, Cm2ks2, and Cm3ks3 from the primary user has the first secret that is the encryption key of the first original data M1. A third secret key Ks3 which is an encryption key of the second copyright management program P2 and the third original data M3 together with the second secret key Ks2 which is the encryption key of the first copyright management program P1 and the second original data M2 together with the key Ks1. At the same time, the third copyright management program P 3 is supplied to the primary user terminal device 4.
[0205]
These copyright management programs P1, P2, and P3 each include an encryption program having an encryption algorithm, and a new secret key is generated and data is decrypted / encrypted by these encryption programs. If these encryption algorithms depend on the first, second, and third secret keys Ks1, Ks2, and Ks3, respectively, the first, second, and third copyright management programs P1, P2, and P3 are used. Each of the first, second, and third original data M1, M2, and M3 can be unique.
[0206]
The primary user terminal device 4 that has received the first, second, and third secret keys Ks1, Ks2, and Ks3 receives the first, second, and third original data encrypted using these secret keys. Decrypt Cm1ks1, Cm2ks2, and Cm3ks3,
M1 = D (Ks1, Cm1ks1),
M2 = D (Ks2, Cm2ks2),
M3 = D (Ks3, Cm3ks3)
The decrypted original data M1, M2, and M3 are used as they are or after being processed. Further, the first copyright management program P1 obtains the fourth secret key Ks4 based on the first secret key Ks1, the second copyright management program P2 obtains the fifth secret key Ks5 based on the second secret key Ks2, The third copyright management program P3 generates the sixth secret key Ks6 based on the third secret key Ks3.
Ks4 = P1 (Ks1),
Ks5 = P2 (Ks2),
Ks6 = P3 (Ks3)
[0207]
When the original data M1, M2, M3 or the processed data M4, M5, M6 are stored in the primary user terminal device 4 or copied to the recording medium 11, the secondary user terminal is connected via the communication network 8. When transferred to the apparatus 5, the first original data M1 or the processed data M4 is used by the first copyright management program P1 by using the fourth secret key Ks4, and the second original data M2 or the processed data M5 is the first. Second copyright management program P2 uses the fifth secret key Ks5, and third original data M3 or processed data M6 is encrypted by the third copyright management program P3 using the sixth secret key Ks6.
Cm1ks4 = E (Ks4, M1),
Cm2ks5 = E (Ks5, M2),
Cm3ks6 = E (Ks6, M3),
Cm4ks4 = E (Ks4, M4),
Cm5ks5 = E (Ks5, M5),
Cm6ks6 = E (Ks6, M6)
[0208]
The original data Cm1ks4, Cm2ks5, Cm3ks6 encrypted by the fourth, fifth, sixth secret keys Ks4, Ks5, Ks6 or the processed data Cm4ks4, Cm5ks5, Cm6ks6 encrypted are the first, second, and third originals. The data name or the original data number and the primary user data Iu1 are copied to the recording medium 11 or transferred to the secondary user terminal device 5 via the communication network 8.
[0209]
In the secondary user terminal device 5 supplied with the encrypted first, second and third original data Cm1ks4, Cm2ks5, Cm3ks6 or the encrypted processed data Cm4ks4, Cm5ks5, Cm6ks6, the original data name or original By specifying the data number, the copyright management center 10 is applied for secondary use of the first, second, and third original data M1, M2, M3, or the processed data M.
[0210]
The copyright management center 10 that has received the secondary use application for the first, second, and third original data M1, M2, and M3 or the processed data M4, M5, and M6 from the secondary user terminal device 5 receives the first original data. The first secret key Ks1 and the first copyright management program P1 are searched from the data name, the second secret key Ks2 and the second copyright management program P2 are searched from the second original data name or the original data number, and the third original The third secret key Ks3 and the third copyright management program P3 are found from the data name, the first copyright management program P1 generates the fourth secret key Ks4 from the first secret key Ks1, and the second copyright management program P2 A fifth secret key Ks5 is generated from the second secret key Ks2, and a third copyright management program P3 generates a sixth secret key Ks6 from the third secret key;
Ks4 = P1 (Ks1),
Ks5 = P2 (Ks2),
Ks6 = P3 (Ks3)
The first, second and third copyright management programs P1, P2 and P3 are supplied to the secondary user terminal device 5.
[0211]
In the secondary user terminal device 5 that has received the fourth, fifth, and sixth secret keys Ks4, Ks5, and Ks6 and the first, second, and third copyright management programs P1, P2, and P3, the encrypted first Original data Cm1ks4 or processed data Cm4ks4 is encrypted by the first copyright management program P1 using the fourth secret key Ks4, and the second original data Cm2ks5 or processed data Cm5ks5 encrypted by the second copyright management program P2 The third original data Cm3ks6 or the processed data Cm6ks6 encrypted using the fifth secret key Ks5 is decrypted by the third copyright management program P3 using the sixth secret key Ks6.
M4 = D (Ks4, Cm4ks4),
M5 = D (Ks5, Cm5ks5),
M6 = D (Ks6, Cm6ks6)
The decrypted data M4, M5, M6 are used as they are or after being processed.
[0212]
When the first, second, and third original data M1, M2, and M3 or the processed data M4, M5, and M6 are stored in the secondary user terminal device 5 or copied to the recording medium 12, the communication network 8 When the first original data M1 or the processed data M4 is transferred to the secondary user terminal device 6 via the first copyright management program P1, the second original key Ms4 is used by using the fourth secret key Ks4. The data M2 or the processed data M5 uses the fifth secret key Ks5 by the second copyright management program P2, and the third original data M3 or the processed data M6 uses the sixth secret key Ks6 by the third copyright management program P3. Are each encrypted.
[0213]
In this case, the first copyright management program P1 obtains the seventh secret key Ks7 based on the fourth secret key Ks4, and the second copyright management program P2 obtains the eighth secret key Ks8 based on the fifth secret key Ks5. The third copyright management program P3 generates the ninth secret key Ks9 based on the sixth secret key Ks6,
Ks7 = P1 (Ks4),
Ks8 = P2 (Ks5),
Ks9 = P3 (Ks6)
When the first, second, and third original data M1, M2, M3 or the processed data M4, M5, M6 are stored in the secondary user terminal device 5 or copied to the recording medium 12, the communication network When the data is transferred to the tertiary user terminal device 6 via 8, the first, second, and third original data M1, M2, and M3 or the processed data M4, M5, and M6 are the first and second. The third copyright management programs P1, P2, and P3 can be used to encrypt using the seventh, eighth, and ninth secret keys Ks7, Ks8, and Ks9.
Cm1ks7 = E (Ks7, M1),
Cm2ks8 = E (Ks8, M2),
Cm3ks9 = E (Ks9, M3),
Cm4ks7 = E (Ks7, M4),
Cm5ks8 = E (Ks8, M5),
Cm6ks9 = E (Ks9, M6)
[0214]
[Embodiment 13] Embodiment 13 to be described next is an embodiment in which new data is created using a plurality of original data supplied from a plurality of databases in response to a user's request in the same manner as the embodiment 12. In this embodiment, the secret key method is adopted as the encryption key method. Further, the number of times of use of the copyright management program is further used to generate an encryption key used for encryption / decryption, as in the seventh and eleventh embodiments.
[0215]
In this embodiment, a counter is attached to the copyright management program. This counter counts the number of times the program is used or the number of times the original data is used, and uses the counter number N to make the fourth, fifth, Sixth secret keys Ks4, Ks5, and Ks6 are generated. The secondary user presents the original data name or original data number of each original data and the counter number N together with the primary user data, and applies to the copyright management center 10 for secondary use of the data. The copyright management center 10 that has received the application for secondary use of data searches the first, second, and third secret keys Ks1, Ks2, and Ks3 from the respective original data names or original data numbers. The first, second and third secret keys Ks1, Ks2, Ks3, the primary user Iu1 and the first, second and third counter numbers N1, N2 of the respective data by the third copyright management program P1, P2, P3 , N3, the fourth, fifth, and sixth secret keys Ks4, Ks5, and Ks6 are generated and provided to the secondary user together with the fourth, fifth, and sixth copyright management programs P1, P2, and P3. Except for this point, there is no difference from the system configuration of the twelfth embodiment, and a detailed description thereof will be omitted.
[0216]
[Embodiment 14] When the original data obtained by the primary user is copied as it is and supplied to the secondary user, no value is added to the data, so the copyright of the primary user is not included in the data. Does not occur. However, when new data is created from the obtained original data, that is, when new data is created from a single obtained original data or when new data is created from multiple obtained original data, The secondary copyright of the primary user is generated.
[0217]
On the other hand, since the copyright of the original copyright holder also exists in the original data used for processing, the processed data includes the original copyright of the original data author and the secondary of the primary user who performed the processing. Copyright exists. Since copyright is not a mere property right but a strong personality element, the author often insists on its existence. Therefore, it is desirable that the original data or the copyright holder can be easily identified from the processed data even when the original data is processed.
[0218]
In the data copyright management system described in the first to thirteenth embodiments so far, the copyright of the data is managed by encrypting the original data or the processed data. In this system, is the data the original data? Alternatively, the copyright of the data is managed without distinguishing between the processed data and which part of the processed data is the original data and which part is the processed data. The data or copyright holder cannot be specified.
[0219]
In the fourteenth embodiment described below, it is possible to distinguish between original data having only original copyright and processed data having secondary copyright in addition to the original copyright, and clarifying the original copyright and the secondary copyright. Can be managed.
[0220]
Since the data is processed by modifying the original data using the processing program, the processing data is reproduced by specifying the original data and the details of the processing (and the processing program if necessary). . In other words, the machining data cannot be reproduced unless the original data and machining content (further machining program if necessary) are specified. The secondary copyright management described in the fourteenth embodiment is performed by specifying and managing the original data and the contents of processing (further processing programs if necessary).
[0221]
When new data is created from a single original data, when the original data A is modified to obtain the processed data “A ′”, the primary user adds the data X to the original data A so that the processed data “A ′” is obtained. When A + X "is obtained, original data A is divided into original data elements A1, A2, A3... And the array is changed to A3, A2, A1, etc. to obtain processed data" A "". Is divided into original data elements A1, A2, A3..., The primary user data X is divided into X1, X2, X3... And these are arranged to obtain processed data “A1 + X1 + A2 + X2 + A3 + X3. There is. In these cases, the modification of the original data, the change of the arrangement of the original data, the combination of the original data and the primary user data, the division of the original data and the combination of the primary user data are subject to secondary copyrights. It is necessary to protect the secondary copyright. Needless to say, the data X added by the primary user has the original copyright of the primary user.
[0222]
When new data is created by combining a plurality of original data, when original data A, B, C... Is simply combined to obtain processed data “A + B + C. When the primary user obtains the processed data “A + X” by adding the data X to C..., The original data A, B, C. When dividing and combining B2, B3..., C1, C2, C3... And changing the arrangement to obtain the processed data “A1 + B1 + C1 +... + A2 + B2 + C2 +. + A3 + B3 + C3 +. ... Is divided into original data elements A1, A2, A3..., B1, B2, B3..., C1, C2, C3. The processing data “A1 + B1 + C1 + And the like when obtaining 1+ ··· + A2 + B2 + C2 + X2 + ··· + A3 + B3 + C3 + X3 + ··· ". Also in these cases, a combination of a plurality of original data, a combination of a plurality of original data and primary user data, a division and an arrangement change of a plurality of original data, a combination of a plurality of divided original data and primary user data, Each is subject to secondary copyrights and these secondary copyrights need to be protected. Needless to say, the original copyright of the primary user exists in the data X1, X2, X3... Added by the primary user.
[0223]
FIG. 6 shows an example of a technique for creating new data D using a plurality of original data A, B, and C. This method extracts (cuts) elements a, b, and c from original data A, B, and C, and pastes the extracted elements a, b, and c (paste) to synthesize one data D. Data is processed by a technique.
[0224]
By the way, although it is obvious that the original data and the primary user data are data, the modification of the original data, the change of the arrangement of the original data, the combination of the original data and the primary user data, Combination of division and primary user data, combination of multiple original data, combination of multiple original data and primary user data, division and rearrangement of multiple original data, multiple divided original data and primary user The combination of data is the data itself.
[0225]
In the first to thirteenth embodiments described so far, the copyright of the data itself is managed by encrypting the original data or the processed data. If attention is paid to the fact that the process of processing data such as a procedure is also data, the secondary copyright for the processed data is the primary copyright of the original author for the original data and the primary copyright of the primary user for the primary user data. In addition, it is possible to protect by managing the primary copyright of the primary user regarding the process data. The machining process and machining program can also be called machining scenarios.
[0226]
That is, the machining data is composed of original data, primary user data, and machining process data. These original data, primary user data, and machining process data are the data described in the first to thirteenth embodiments. By managing with the copyright management system, it is possible to sufficiently manage the copyright of the processed data as well as the original data. In this case, the processing program used in the data processing is also managed by the data copyright management system if necessary.
[0227]
This data can be processed by using the processing program corresponding to the original data, but if the original data is handled as object-oriented software that has been attracting attention recently, it will be easier to process. Better data copyright management can be performed. Further, if agent-oriented software is further adopted, the user can synthesize data without effort.
[0228]
Agent-oriented software is a program that combines autonomy, adaptability, and cooperation, and based on only general instructions from users, even if it does not specify all work procedures specifically as in conventional software. Due to the characteristics of autonomy, adaptability and cooperation, it is possible to meet the demands of users. This agent program is incorporated into the basic system of the data copyright management system, configured to monitor the user's database usage, and collect the information obtained as a result at the database side or the copyright management center side. Thus, the database side or the copyright management center side can know the user's database usage tendency, and more detailed copyright management can be performed. Therefore, the agent program and data are also subject to copyright protection and are encrypted in the same manner as the original data.
[0229]
[Embodiment 15] Some copyrighted works do not have copyrights and some have copyrights, and those that have copyrights include those that are subject to copyright enforcement and copyrights. Some are not exercised. There are two types of copyrighted works that do not exist: copyrighted works whose copyrights do not exist by law and those that have expired. All copyrighted works, except those that do not have copyright, have copyright, but copyrighted works usually have a claim that the copyright exists. In some cases, a deterrent effect against copyright infringement is exhibited. The same applies to the case where the copyrighted work is data. In the case of copyrighted data, the copyright or copyright holder is displayed on the data header or the file header of the data. This prevents data copyright infringement. Further, by adding a copyright flag indicating that copyright exists in the data to the file and identifying the flag in the user terminal device, it is possible to prevent the infringement of the data copyright.
[0230]
However, even if such a copyright-related display is made, if the user who uses the data work ignores the existence of the copyright, the copyright may be infringed. In order to deal with such a case, in the embodiment described so far, the data is encrypted, the decryption key for decrypting the encrypted data is managed, and the decrypted data is stored, copied, and transferred. Is encrypted / decrypted using an encryption key different from the decryption key. Even in such a case, the encryption is different from the decryption key by transferring the data to a storage device other than the main storage device of the user terminal device in a state where the data exists on the main storage device of the user terminal device. The possibility of storing, copying, and transferring data without using a key cannot be completely denied.
[0231]
In order to prevent such a situation, the data copyright utilization software is incorporated into the basic system of the user terminal device, and the copyright enforcement attribute is displayed on the file of the data copyrighted work subject to the copyright enforcement. It is best that the basic system of the user terminal device monitors the copyright exercise attribute of the object, and that the data work having the copyright exercise attribute is managed by the data copyright utilization software. The basic system is a software operating system such as DOS when the user terminal device is a computer such as a personal computer, and the ROM when the user terminal device is a portable information terminal device or STB (set top box). Built-in hardware operating system. In order to further strengthen the data copyright management by the operating system, it is desirable to incorporate the data copyright utilization software at the highest level of the operating system.
[0232]
All processing and data inside the user terminal device are under the control of the operating system. In other words, the operating system can grasp all the processes and data inside the user terminal device. Therefore, the copyright management program can automatically manage the data copyright according to the usage status of the data ascertained by the operating system rather than according to the user's instruction. The data copyright can be easily used by the user, and more complete data copyright management can be performed. Further, it is desirable that the copyright management program for managing the encryption key, the data copyright information or the copyright label is held in the system area managed by the operating system itself, in other words, in the system area that cannot be accessed by the user program.
[0233]
However, even in this case, when only a part of the data work is cut and used, it becomes extremely difficult to manage the data copyright. Therefore, when the operating system recognizes such a situation, the copyright information and the copyright enforcement attribute that the original data had are added to some data cut by the copyright management program. By doing so, it is possible to manage the data copyright of a part of the cut data. Further, in order to make the clipped data inherit the copyright of the original data work, a parent-child link is formed between the cut data and the original data work by the copyright management program. In this way, even if the user cuts out each desired part from multiple copyrighted data and creates new data, the new data can be made to inherit the copyright of each original copyrighted material. Can do.
[0234]
[Embodiment 16] Since copyright is a kind of property right, there is a problem of payment of usage fee as a matter of course when using copyright. In addition, services such as provision of a secret key and provision of a copyright management program need to be performed for a fee. The simplest method of paying these charges is a combination of issuance and payment of invoices, but this method pays the fee for use directly, but is cumbersome and can cause accidents such as non-payment. There is also sex. There is also a charge collection agent method performed by the communication line operator, which is simple because the charge line collection work is performed by the communication line company, and the possibility of accidents such as non-payment is low, but the usage fee is collected directly. Therefore, it is necessary to pay the fee collection agency fee.
[0235]
As a method for solving these problems, there is a method using a digital cash. This digital cash is digital data that is encrypted and used.
[0236]
[Embodiment 17] Furthermore, the configuration of the data copyright management system described above can be applied not only to data distribution but also to digital cash distribution. Various digital cash systems that have been proposed so far transfer encrypted digital cash data from a bank deposit account or a credit company's caching service using a secret key method and store it on an IC card. Use and make payment. The digital cash system using the IC card as an electronic wallet can be used anywhere as long as an input / output terminal device is installed, such as a store, while a place where there is no input / output terminal device, such as a home. In, it is impossible to use.
[0237]
By the way, since the digital cash is encrypted data, any device that can store the encrypted data other than the IC card and can transfer the data to the payee can receive the digital cash data. It can be used as an electronic wallet to save. Specific user terminal devices that can be used as electronic wallets include personal computers, intelligent television devices, personal digital assistant devices (PDAs), PHS (Personal Hadyphone System) mobile phones, intelligent phones, There are PC cards having an output function.
[0238]
Transactions using such a terminal device as an electronic wallet for digital cash are performed by using the database 1 in the configuration of the data copyright management system described so far as a customer bank and the primary user terminal device 4 as a customer. This is realized by replacing the secondary user terminal device 5 with a retail store, the copyright management center 18 with a retail store bank, and the tertiary user terminal device 6 with a wholesaler or a manufacturer.
[0239]
Further, it is desirable that the digital cash is processed as an object in which data and a function are combined, not just data. In handling digital cash, common digital cash form, owner-specific unfilled digital cash form, owner-specific digital cash form entry field, amount of digital cash data, instructions for handling digital cash, and amount are written There are owner-specific digital cash forms. On the other hand, in the object-oriented programming, the concept of an object, a class, a slot, a message, and an instance is used. In these correspondences, the common digital cash form becomes an object, the owner-specific unfilled digital cash form becomes a class, the entry field of the owner-specific digital cash form becomes a slot, and instructions for handling the digital cash become messages. , An owner-specific digital cash form filled in with an amount is an instance. Digital cash data consisting of monetary amounts etc. is used as an argument, and a new instance of digital cash whose monetary amount has been updated is transferred to a slot called instance variable by a message and stored. Made.
[0240]
The objectized digital cash will be specifically described with reference to FIG. In this figure, 23, 25 and 27 are customer-specific digital cash forms in which the amount stored in the customer terminal device is written, and 29 is a retail store-specific state in which the amount stored in the retail store terminal device is entered. Digital cash forms 24, 26, 28 are deposit accounts at each customer's bank.
[0241]
In order to use the digital cash, the customer 23 withdraws the necessary amount from the deposit account 24 and delivers the digital cash withdrawal data 31 to the digital cash form 23 stored in the terminal device. In this case, since the digital cash balance data 30 is usually already entered in the digital cash form 23, the digital cash form 23 is not a class but an instance. The digital cash withdrawal data 31 is delivered as an argument to a slot which is an entry field of the digital cash form 23 by a message instructing addition to the digital cash balance data 30, and is sent to the digital cash balance data 30 of the digital cash form 23. The digital cash withdrawal data 31 is added to create a new instance in which the amount in the entry field of the digital cash form 23 is changed.
[0242]
When the customer pays to the retail store, the digital cash payment data 32 corresponding to the payment amount is subtracted from the amount in the digital cash form 23 in the digital cash form entry field. It is handed over as an argument to a certain slot, the digital cash payment data 32 is subtracted from the digital cash balance data 30 and the digital cash withdrawal data 31 of the digital cash form 23, and the amount in the entry field of the digital cash form 23 is changed. An instance is created. Also, the digital cash payment data 32 is delivered to a retail store-specific digital cash form 29.
[0243]
A similar withdrawal process and payment process is performed on the other customer's digital cash forms 25 and 27. From the digital cash form 25, the digital cash payment data 33 and from the digital cash form 27 the digital cash payment data 34 are retailed. It is delivered to the store-specific digital cash form 29. In the case of a digital cash form 29 unique to a retail store, the digital cash balance data 35 is usually already entered. The digital cash payment data 32, the digital cash payment data 33, and the digital cash payment data 34 are added as arguments to a slot that is an entry field of the digital cash form 29 by a message instructing addition to the digital cash balance data 35. The digital cash balance data 35 is added to the digital cash payment data 32, the digital cash payment data 33, and the digital cash payment data 34 to create a new instance in which the amount in the digital cash form entry field is changed. .
[0244]
In normal object-oriented programming, a new instance is created when an argument is passed to a slot by a message, and the entire newly created instance is not delivered. However, in the case of digital cash, encryption technology is used for security. Therefore, an instance in which the digital cash payment data is entered at the payment source can be created, and this instance can be encrypted and delivered to the payee.
[0245]
An embodiment of a transaction system performed by transferring digital cash via a communication network will be described with reference to FIG. This embodiment uses the system configuration shown in FIG. 4, in which 36 is a customer, 37 is a customer's 36 bank, 38 is a retail store, 39 is a retail store's 38 bank, 40 Is a manufacturer bank, 41 is a bank of the manufacturer 40, 8 is a communication network such as a public line provided by a communication carrier or a CATV line provided by a cable television operator, a customer 36, a customer transaction bank 37, a retail store 38, the retail bank 39, the manufacturer 40, and the manufacturer bank 41 can be connected to each other via the communication network 8. In this system, the customer 36 can use a credit company that provides a cashing service in addition to the bank, and an appropriate number of wholesale stores can be interposed between the retail store and the manufacturer. Reference numerals 42 and 43 denote IC cards or PC cards for storing digital cash data, which are used when a communication network is not used. In this figure, the broken line indicates the encrypted digital cash data path, and the solid line indicates the request path from the customer, retailer or manufacturer to the bank. The chain line indicates the private key path from each bank. Furthermore, in this embodiment, the first secret key prepared by the customer bank 37, the second secret key generated by the customer, the third secret key generated by the retail store, and the fourth secret key generated by the manufacturer are used as encryption keys. It is done. In this embodiment, the customer side bank 37, the retail store side bank 39, and the manufacturer side bank 41 have been described as separate ones, but these may be considered as a financial system collectively.
[0246]
A digital cash management program P for encrypting / decrypting digital cash data is distributed in advance to the customer 36 and stored in the user terminal device. The digital cash management program P can be transferred together with data every time a transaction with a bank is performed. Further, it is desirable that the digital cash management program P is common to all banks. The customer 36 designates the amount via the communication network 8 using the user terminal device, and applies to the customer side bank 37 for withdrawal of the deposit from the deposit account. At this time, the customer information Ic of the customer 36 is applied. Present.
[0247]
The customer-side bank 37 that has applied for deposit withdrawal from the customer 36 selects or creates the first private key Ks1, encrypts the withdrawal amount digital cash data M0 with the first private key Ks1,
Cm0ks1 = E (Ks1, M0)
The encrypted digital cash data Cm0ks1 and the first secret key Ks1 as a decryption key are transferred to the customer 36, and the customer information Ic and the first secret key Ks1 are stored. In this case, the first secret key Ks1 may be selected from those prepared in advance by the customer side bank 37, but the customer presents the customer information Ic at the time of withdrawal, and the presented customer information Ic by the digital cash management program P. It can also be created based on.
Ks1 = P (Ic)
In this way, not only the first secret key Ks1 can be made unique to the customer 36, but also there is no need to transfer the first secret key Ks1 to the customer 36. Get higher. The first secret key Ks1 can also be created based on the bank information Ibs or bank information Ibs of the customer side bank 37 and the creation date and time.
[0248]
The customer 36 to which the encrypted digital cash data Cm0ks1 and the first secret key Ks1 are transferred is sent to the second secret key by the digital cash management program P on the basis of one or both of the customer information Ic and the first secret key Ks1. Generate Ks2,
Ks2 = P (Ic)
The generated second secret key Ks2 is stored in the user terminal device. Further, the customer 36 decrypts the encrypted digital cash data Cm0ks1 using the first secret key Ks1 by the digital cash management program P, and
M0 = D (Ks1, Cm0ks1)
When the content is confirmed, but the decrypted digital cash data M0 whose content is confirmed is stored in the user terminal device which is an electronic wallet, the digital cash management program P is generated using the generated second secret key Ks2. Encrypted by
Cm0ks2 = E (Ks2, M0)
At this time, the first secret key Ks1 is discarded.
[0249]
The customer 36 who wishes to purchase goods from the retail store 38 decrypts the encrypted digital cash data Cm0ks2 stored in the user terminal device, which is an electronic wallet, by using the digital cash management program P using the second secret key Ks2.
M0 = D (Ks2, Cm0ks2)
The digital cash data M1 corresponding to the required amount is encrypted by the digital cash management program P using the second secret key Ks2,
Cm1ks2 = E (Ks2, M1)
Payment is performed by transferring the encrypted digital cash data Cm1ks2 to the user terminal device which is an electronic wallet of the retail store 38 via the communication network 8. At this time, the customer information Ic is also transferred to the user terminal device of the retail store 38. The remaining amount of digital cash data M2 is encrypted by the digital cash management program P using the second secret key Ks2,
Cm2ks2 = E (Ks2, M2)
It is stored in the user terminal device of the customer 36.
[0250]
The retail store 38 to which the encrypted digital cash data Cm1ks2 and the customer information Ic are transferred stores the transferred encrypted digital cash data Cm1ks2 and the customer information Ic in the user terminal device, and confirms the contents in the communication network 8. The customer information Ic is presented to the retail store side bank 39 via, and the transfer of the second secret key Ks2 which is a decryption key is requested. Upon receipt of the transfer request for the second secret key Ks2 from the retail store 38, the retail store bank 39 transfers the customer information Ic to the customer bank 37 together with the transfer request for the second secret key Ks2. When the second private key Ks2 is based only on the customer information Ic, the customer side bank 37 to which the transfer request for the second private key Ks2 is transferred from the retail store side bank 39 is sent to the customer information Ic by the digital cash management program P. The second secret key Ks2 is generated on the basis of the customer information Ic and the first secret key Ks1 by the digital cash management program P when the second secret key Ks2 is based on the customer information Ic and the first secret key Ks1. Based on this, a second secret key Ks2 is generated, and the generated second secret key Ks2 is transferred to the retailer bank 39. The retail store bank 39 to which the second secret key Ks2 has been transferred from the customer bank 37 transfers the second secret key Ks2 to the retail store 38 via the communication network 8.
[0251]
The retail store 38 to which the second secret key Ks2 has been transferred decrypts the encrypted digital cash data Cm1ks2 using the second secret key Ks2 by the digital cash management program P, and
M1 = D (Ks2, Cm1ks2)
After confirming the amount, the product is sent to the customer 36. In this case, the retail store 36 may request the transfer of the second private key Ks2 directly to the customer side bank 37 instead of the retail store side bank 39.
[0252]
When depositing the digital cash received by the retail store 38 into the account of the retail store bank 39, the customer information Ic is transferred to the retail store bank 39 via the communication network 8 together with the encrypted digital cash data Cm1ks2. The retailer bank 39 to which the encrypted digital cash data Cm1ks2 and the customer information Ic are transferred requests the customer bank 24 to transfer the second secret key Ks2 by transferring the customer information Ic. The customer bank 37 requested to transfer the second secret key Ks2 from the retail store bank 39, when the second secret key Ks2 is based only on the customer information Ic, the customer information Ic by the digital cash management program P. Based on the customer information Ic and the first secret key Ks1 by the digital cash management program P when the second secret key Ks2 is based on the customer information Ic and the first secret key Ks1. Then, the second secret key Ks2 is generated, and the generated second secret key Ks2 is transferred to the retailer bank 39. The retail store bank 39 to which the second secret key Ks2 has been transferred from the customer bank 37 decrypts the encrypted digital cash data Cm1ks2 using the second secret key Ks2 by the digital cash management program P,
M1 = D (Ks2, Cm1ks2)
The decrypted digital cash data M1 is deposited into the bank account of the retail store 39.
[0253]
In a general transaction system, the retail store 38 purchases goods from the manufacturer 40 or a wholesale store interposed between the manufacturer 40 and the retail store 38 and sells the product to the customer 36. Therefore, the same transaction form exists between the retail store 38 and the manufacturer 40 as exists between the customer 36 and the retail store 38. The handling of the digital cash performed between the retail store 38 and the manufacturer 40 is not fundamentally different from the handling of the digital cash performed between the customer 36 and the retail store 38. Is omitted.
[0254]
In this digital cash system, since all the handling of digital cash is done through the bank, by storing information such as the amount, date, secret key requester information, etc. regarding the handling of digital cash in the customer side bank, The balance and usage history of the digital cash can be grasped. In addition, even if the user terminal device, which is an electronic wallet that stores digital cash data, becomes unusable due to loss or damage, the digital cash can be reissued based on the usage balance and usage history stored in the customer bank. Is possible. In order to increase the security of the digital cash, it is desirable to attach a digital signature to the digital cash data. In this embodiment, customer information is added to the digital cash, and this customer information may be digitally signed. That is, in this embodiment, the digital cash also has a function as a bill settlement system in which the customer is the originator. Furthermore, this system can also be applied to various settlement systems using letters of credit, shipping securities, etc. in international trade that have been performed using conventional paper.
[0255]
[Embodiment 18] The digital cash handling in the digital cash system described in the seventeenth embodiment is all handled through a bank, but the digital cash can be handled without any other bank. A digital cash system without a bank will be described. In this digital cash system, a public key and a dedicated key are used as encryption keys for encrypting digital cash data, and the secret key Ks and customer information Ic used in the seventeenth embodiment are not used. Therefore, in this embodiment, the digital cash is used in a form similar to money. Except for these points, there is no difference from the system configuration of the seventeenth embodiment, and a detailed description thereof will be omitted.
[0256]
Each bank, customer, retail store, manufacturer related to the digital cash system, who receives the digital cash, prepares a public key and a dedicated key. The public key therein can be sent to the payer in advance, or can be sent to the payer before the transaction is performed, but here it will be described as being distributed in advance to the payer. The customer 36 applies the withdrawal from the deposit account to the customer bank 37 by designating the amount via the communication network 8 using the terminal device. The customer bank 37 that has applied for deposit withdrawal from the customer 36 encrypts the withdrawal amount digital cash data M0 using the customer public key Kbc sent in advance by the digital cash management program P,
Cm0kbc = E (Kbc, M0)
The encrypted digital cash data Cm0kbc is transferred to the customer 36.
[0257]
The customer 36 to which the encrypted digital cash data Cm0kbc is transferred is decrypted by the digital cash management program P using the customer dedicated key Kvc corresponding to the customer public key Kbc,
M0 = D (Kvc, Cm0kbc)
Check the contents, and if there is remaining amount data M1 in the terminal device, the remaining amount data is changed to M2 (= M0 + M1), and the digital cash data M2 whose amount has been changed is changed to the customer by the digital cash management program P Encrypt with public key Kbc,
Cm2kbc = E (Kbc, M2)
Save in the terminal device.
[0258]
The customer 36 who wishes to purchase goods from the retail store 38 decrypts the encrypted digital cash data Cm2kbc stored in the terminal device by the digital cash management program P using the customer dedicated key Kvc,
M2 = D (Kvc, Cm2kbc)
The digital cash data M3 corresponding to the required amount is encrypted by the digital cash management program P using the retail store public key Kbs sent in advance,
Cm3kbs = E (Kbs, M3)
Payment is made by transferring to the terminal device of the retail store 38 via the communication network 8. The remaining amount of digital cash data M4 (= M2-M3) is encrypted with the customer public key Kbc by the digital cash management program P,
Cm4kbc = E (Kbc, M4)
It is stored in the terminal device.
[0259]
The retail store 38 to which the encrypted digital cash data Cm3kbs has been transferred is decrypted by the digital cash management program P using the retail store dedicated key Kvs corresponding to the retail store public key Kbs,
M3 = D (Kvs, Cm3kbs)
After confirming the contents, if there is remaining amount data M5 in the terminal device, the remaining amount data is changed to M6 (= M5 + M3), and the digital cash data M6 whose amount has been changed is retailed by the digital cash management program P Encrypt with store public key Kbs,
Cm6kbs = E (Kbs, M6)
Save in the terminal device.
[0260]
The retail store 38 that is going to settle the commodity purchase price with the manufacturer 40 also performs settlement in the same manner. Further, the depositing of the customer 36 to the customer-side bank 37, the depositing of the retail store 36 to the retailer-side bank 39, and the depositing of the manufacturer 40 to the maker-side bank 41 are performed in the same manner.
[0261]
In the seventeenth and eighteenth embodiments described above, the configuration of the data copyright management system described with reference to FIG. 4 is applied to realize a digital cash system, and in the seventeenth embodiment, customer information is used. However, the secret key used is changed, and in the eighteenth embodiment, a public key and a dedicated key are used. However, as a system configuration for realizing the digital cash system, the configuration of another copyright management system, that is, the data copyright management system shown in FIG. 1, the data copyright management system shown in FIG. Any of the configurations of the data copyright system shown in FIG. 5 and the data copyright system shown in FIG. 5 can be applied. In addition, as the encryption key method used in this case, the secret key that does not change, the public key and the dedicated key, the combination of the secret key, the public key, and the dedicated key, and the key duplication are the first to thirteenth examples. Any of the described encryption key systems can be applied.
[0262]
[Embodiment 19] A video conference system, which has only been added to a conventional voice telephone in the past, has recently been incorporated into a computer system, and the quality of voice or video has just been improved. In addition, it has evolved so that data on a computer can be handled simultaneously with audio and video. Under such circumstances, security against privacy infringement and data leakage by users other than TV conference participants is protected by an encryption system using a secret key. However, since the conference content obtained by the video conference participants themselves is decrypted, the video conference participants themselves store the conference content, process it in some cases, and further process the video conference participants. In the case of secondary use distributed to other persons, the privacy and data security of other video conference participants are completely defenseless. In particular, the transmission data compression technology has been developed, but the capacity of the data storage medium has increased, and as a result, the contents of the video conference can be copied to the data storage medium or even transferred over the network. It is becoming.
[0263]
In this embodiment, in view of such a situation, the configuration of the data copyright management system described so far is applied to the television conference system, so that the video conference participant himself / herself uses the secondary content. It will ensure the privacy and data security of participants in the TV conference.
[0264]
In this television conference data management system, for example, the database 1 in the configuration of the data copyright management system shown in FIG. 4 is used as the first television conference participant, and the primary user terminal device 4 is used as the second television conference participant. Moreover, it can be realized by replacing the secondary user terminal device 5 with a non-video conference participant. This embodiment will be described with reference to FIG. In this figure, 44 is the first TV conference participant, 45 is the second TV conference participant, 46 is the third TV conference non-participant, 47 is the fourth TV conference non-participant, and 8 is the communication business. Communication network such as a public line provided by a person or a CA television line provided by a cable television company. The first video conference participant 44 and the second video conference participant 45 are mutually connected by a communication network 8. It is possible to connect. Further, the video conference second participant 45 and the video conference third non-participant 46, and the video conference third non-participant 46 and the video conference fourth non-participant 47 can be connected via the communication network 8. Yes. Reference numeral 48 denotes a data recording medium. In this figure, the broken line indicates the path of the encrypted video conference content, and the solid lines indicate the video conference third non-participant 46 and the video conference fourth non-participant 47. Is a path for requesting an encryption key from the video conference first participant to the video conference first participant, and the one-dot chain line indicates from the video conference first participant 44 to the video conference second participant 45 and the television conference third. This is a path through which the encryption key is transferred to the non-participant 46 and the video conference fourth non-participant 47. In the television conference data management system described in this embodiment, the case where only the privacy and data security of the television conference first participant 44 is ensured will be described in order to simplify the explanation. It goes without saying that the privacy and data security of the conference second participant 45 can also be secured.
[0265]
The video conference management program P for encrypting / decrypting the video conference data of the video conference first participant 44 including video and audio is the video conference second participant 45 and the video conference third non-participant 46. And distributed in advance to the TV conference fourth non-participant 47 and incorporated in each terminal device. The video conference data management program P can be transferred every time the encryption key is transferred. Further, in this embodiment, the first secret key prepared by the TV conference first participant 44 as the encryption key, the second secret key generated by the TV conference second participant 45, and the TV conference third non-participant 46. The third secret key generated by is used.
[0266]
The first TV conference participant 44 and the second TV conference participant 45 use each terminal device to transmit voice, video, and data (collectively “TV conference data”) via the communication network 8. The first conference key 44 selects or generates the first secret key Ks1 before starting the video conference, and the first secret key Ks1. Is supplied to the second TV conference participant 45 before starting the TV conference. In addition, the video conference second participant 45 to which the first secret key Ks1 is transferred generates a second secret key Ks2 based on the first secret key Ks1 by the video conference data management program P,
Ks2 = P (Ks1)
The generated second secret key Ks2 is stored in the terminal device.
[0267]
The first TV conference participant 44 encrypts the TV conference data M0 with the first secret key Ks1 in the TV conference held via the communication network 8,
Cm0ks1 = E (Ks1, M0)
The encrypted video conference data Cm0ks1 is transferred to the video conference second participant 45.
[0268]
The video conference second participant 45 who has received the video conference data Cm0ks1 encrypted using the first secret key Ks1 decrypts the encrypted video conference data Cm0ks1 using the first secret key Ks1.
M0 = D (Ks1, Cm0ks1)
The decoded video conference data M0 is used. Further, the video conference data management program P generates the second secret key Ks2 based on the first secret key Ks1.
Ks2 = P (Ks1)
[0269]
When the decoded video conference data M 0 is stored in the terminal device of the video conference second participant 45, or copied to the data recording medium 48, the video conference third non-transmission is made via the communication network 8. When transferred to the participant, the data M is encrypted by the video conference data management program P using the second secret key Ks2.
Cmks2 = E (Ks2, M)
[0270]
The encrypted data Cmks2 is copied to the recording medium 11 together with the TV conference data name or the TV conference data number, or is supplied to the third TV conference non-participant via the communication network 8.
[0271]
The TV conference third non-participant 46 who has obtained the encrypted data Cmks2 uses the terminal device to designate the TV conference data name or the TV conference data number to perform secondary use of the TV conference data M. Apply to the first TV conference participant 44.
[0272]
The TV conference first participant 44 who has received the secondary use application for the data M searches for the first secret key Ks1 using the TV conference data name or the TV conference data number as a clue, and based on the first secret key Ks1. Generate a second secret key Ks2
Ks2 = P (Ks1)
The generated second secret key Ks2 is supplied to the video conference third non-participant 46.
[0273]
The TV conference third non-participant 46 who received the second secret key Ks2 decrypts the encrypted data Cmks2 using the second secret key Ks2 using the TV conference data management program P, and
M = D (Ks2, Cmks2)
The decoded video conference data M is used. When the television conference data M is stored in the terminal device of the television conference third non-participant 46 or copied to the recording medium 49, the television conference fourth non-participant 47 via the communication network 8 is used. The video conference data M is encrypted by the video conference data management program P using the second secret key Ks2.
Cmks2 = E (Ks2, M)
[0274]
Furthermore, a third secret key Ks3 is generated based on the second secret key Ks2 by the video conference data management program P,
Ks3 = P (Ks2)
The data M can be encrypted by using the generated third secret key Ks3 by the video conference data management program P.
Cmks3 = E (Ks3, M)
[0275]
In the nineteenth embodiment described above, the configuration of the data copyright management system described with reference to FIG. 4 is applied to change the secret key used in order to realize the video conference data management system. However, as a system configuration for realizing the video conference data system, other system configurations, that is, the system configuration shown in FIG. 1, the system configuration shown in FIG. 2, the system configuration shown in FIG. Either the system configuration shown in FIG. 3 or the system configuration shown in FIG. 5 can be applied. Also, in this case, the encryption key method used in the first to thirteenth embodiments includes a secret key that does not change, a public key and a dedicated key, a combination of a secret key, a public key, and a dedicated key, and key duplication. The described encryption key method is applicable.
[0276]
In this explanation, it is assumed that the second TV conference participant saves and uses the TV conference data and copies it to a recording medium or transfers it via a communication network. These actions can also be restricted by ensuring that the encrypted key is immediately discarded.
[0277]
[Embodiment 20] As described above, each user who uses the system of the present invention needs to be registered in advance in the database organization, and the database software provides the user with this registration. Provided. Since this software includes a program for decrypting the copyright management program using the first encryption key in addition to normal communication software such as a data communication protocol, it is necessary to protect the software. In the present invention, in order to use the data M, the first encryption key K1, the second encryption key K2, and the copyright management program P are transferred to each user, and each user needs to store them. is there. Furthermore, a copyright information label, user information, a public key-type public key, a dedicated key, a program including a secret key generation algorithm, and the like are stored as necessary.
[0278]
The most convenient means for storing these is to use a flexible disk, but the flexible disk is extremely vulnerable to data loss or tampering. Also, when using a hard disk drive, there is anxiety about data loss or tampering, although not as much as a flexible disk. By the way, recently, an IC card in which an IC element is enclosed in a card-shaped container has become widespread, and in particular, a PC card in which a microprocessor is enclosed is being standardized as a PCMCIA card or a JEIDA card.
[0279]
FIG. 10 shows an embodiment in which the user terminal device of the database copyright management system of the present invention is configured using this PC card. In this figure, 50 is a microprocessor of the user terminal device body, and 51 is a system bus. Reference numeral 52 denotes a PC card in which a PC card microprocessor 53, a read-only memory 55, and a write / read memory 56 are enclosed, and these are connected by a PC card microprocessor bus 54.
[0280]
The read-only memory 55 stores fixed information such as database software and user data in the database organization. The read-only memory 55 also stores a first encryption key, a second encryption key, and a copyright management program supplied from the key management center 9 or the copyright management center. Since this read-only memory 55 is also written, it is most convenient to use an EEPROM.
[0281]
As explained before, the data, the first encryption key K1, the second encryption key K2, the third encryption key K3... And the copyright management programs P1, P2, P3. The first encryption key K1, the copyright management program P, the data M, and the second encryption key K2 must be decrypted in order to use the data supplied to the user. These operations may be performed by the microprocessor 50 of the user terminal device body using the software stored in the read-only memory 55 of the PC card 52, the first encryption key K1, and the copyright management program P1, in that case. Since these data are transferred to the user terminal device, there is a risk of unauthorized use. In order to avoid this danger, the microprocessor 53 in the PC card 52 performs all operations using the write / read memory 56 via the CPU bus 54, and transfers only the result to the user terminal device for various uses. To do. When this PC card is used, a different device can be used as the user terminal device. In addition to the PC card, a board having these functions or an external device can be used.
[Brief description of the drawings]
FIG. 1 is a configuration diagram of a data copyright management system according to a first embodiment, a second embodiment, and a third embodiment of the present invention.
FIG. 2 is a configuration diagram of a data copyright management system according to a fourth embodiment of the present invention.
FIG. 3 is a configuration diagram of a data copyright management system according to the fifth, sixth, and seventh embodiments of the present invention.
FIG. 4 is a configuration diagram of a data copyright management system according to the eighth, ninth, tenth, and eleventh embodiments of the present invention.
FIG. 5 shows an embodiment of a data copyright management system according to the twelfth and thirteenth embodiments of the present invention.
FIG. 6 is an explanatory diagram of data processing.
FIG. 7 is an explanatory diagram of a digital cash system.
8 is a configuration diagram of a digital cash system according to Embodiments 17 and 18 of the present invention. FIG.
FIG. 9 is a block diagram of a video conference system according to Embodiment 19 of the present invention.
FIG. 10 is a block diagram of an embodiment of a user terminal device used in the data copyright management system of the present invention.
[Explanation of symbols]
1,19,20,21 database
2 Broadcasting and communication satellites
3 11, 12, 13, 48, 49 Recording medium
4, 5, 6, 7 User terminal device
8 Communication network
9 Key management center
10, 14, 15, 17, 18 Copyright Management Center
23, 25, 27, 29 Electronic wallet
24, 26, 28 Deposit account
30, 35 balance
31 Withdrawal
32, 33, 34 Payment
36 customers
38 retail stores
40 Manufacturer
37 Customer Bank
39 Retail side bank
41 Manufacturer's bank
42, 43 IC card
44,45 TV conference participants
46,47 Non-participants in the TV conference
50 microprocessor
51 System bus
52 PC Card
53 PC Card Microprocessor
54 PC Card Microprocessor Bus
55 Read-only memory 56 Write / read memory

Claims (13)

A terminal device connected to a video conference data management system for using video conference data encrypted and supplied from a first user to a second user,
Means for supplying a decryption key of the encrypted video conference data from the terminal of the first user;
Means for decrypting the encrypted video conference data using the decryption key when using the video conference data;
When the decrypted video conference data is stored, when the processed video conference data is stored, or when the video conference data is transferred to a third user, the video conference data is re-encrypted. Means for re-encrypting to re-encrypted video conference data with an encryption key for encryption ,
The terminal device, wherein the second user information unencrypted is added to the re-encrypted video conference data as a second user information label . The terminal device according to claim 1, wherein an encryption key used for the re-encryption is an encryption key different from the decryption key. Furthermore, the terminal device of Claim 1 or Claim 2 in which the video conference data management program which manages the said video conference data is used. If the unencrypted second user information is added to the re- encrypted video conference data as a second user information label and the video conference data is stored, the changed video conference When data is stored or when video conference data is transferred to a third user, the unencrypted second user information is stored or transferred together with the re-encrypted video conference data. The terminal device according to claim 1, claim 2, or claim 3 . The terminal device according to claim 4 , wherein the second user information label is digitally signed. A terminal device connected to a video conference data management system for using video conference data encrypted and supplied from a first user to a second user,
Means for presenting second user information to the terminal device of the first user;
Means for receiving supply of the video conference data encrypted with a first encryption key from the terminal device of the first user;
Means for generating a second encryption key based on the first encryption key;
Means for decrypting the encrypted video conference data using the first encryption key when using the encrypted video conference data;
Said decoding store video conference data, when copying or transferring, and means for re-encrypting the re-encrypted video conference data by using the second encryption key to said decryption video conference data ,
The terminal device , wherein the second user information unencrypted is added to the re-encrypted video conference data as a second user information label . The terminal device according to claim 6 , wherein the first encryption key and the second encryption key are secret keys. The terminal device according to claim 6 , wherein the first encryption key is a public key and the second encryption key is a dedicated key. A video conference data management method for using video conference data encrypted and supplied from a first user to a second user,
In the video conference data management system, a decryption key for the encrypted video conference data is supplied from the first user to the second user,
When the second user uses the video conference data, the encrypted video conference data is decrypted using the decryption key,
When the second user stores the decoded video conference data, when the processed video conference data is stored, or when the video conference data is transferred to the third user, the video conference is performed. The data is re-encrypted into re-encrypted video conference data with the encryption key for re-encryption ,
The video conference data management method, wherein the second user information unencrypted is added to the re-encrypted video conference data as a second user information label . A video conference data management method for using video conference data encrypted and supplied from a first user to a second user,
  In the video conference data management system, an encryption key, user information, and a video conference data management program are used.
  The terminal device of the second user presents second user information to the first user,
  The terminal device of the first user supplies the video conference data encrypted with the first encryption key to the second user;
  The terminal device of the second user generates a second encryption key based on the first encryption key using the video conference data management program,
  When the second user uses the encrypted video conference data, the encrypted video conference data is decrypted using the first encryption key,
  When the second user saves, copies or transfers the decrypted video conference data, the decrypted video conference data is stored using the second encryption key.Re-encrypted video conference dataRe-encrypted,
  The re-encrypted video conference data includes second user information that is not encrypted as a second user information label.Video conference data management method. In order to use the video conference data encrypted and supplied from the first user to the second user, the video conference data management program to be executed by the terminal device,
A decryption key for the encrypted video conference data is supplied from the terminal device of the first user;
Decrypting the encrypted video conference data using the decryption key when using the video conference data;
Re-encrypting the video conference data when storing the decrypted video conference data, storing processed video conference data, or transferring the video conference data to a third user and a step of re-encryption to re-encrypted video conference data by the encryption key of use,
A computer-executable video conference data management program in which the second user information unencrypted is added as a second user information label to the re-encrypted video conference data. In order to use the video conference data encrypted and supplied from the first user to the second user, the video conference data management program to be executed by the terminal device,
Presenting second user information to the terminal device of the first user;
Receiving the video conference data encrypted with the first encryption key from the terminal device of the first user;
Generating a second encryption key based on the first encryption key;
When using the encrypted video conference data, a step of decrypting the encrypted video conference data using the first encryption key,
Re-encrypting the decrypted video conference data into the re-encrypted video conference data using the second encryption key when storing, copying or transferring the decrypted video conference data. ,
The computer-executable video conference data management program in which the second user information not encrypted is added as the second user information label to the re-encrypted video conference data A data copyright management system for managing the copyright of data supplied as encrypted data from a database to a user,
In a data copyright management system that includes a database and a key control center and uses a secret key and a copyright control program,
Means for supplying the first secret key and the second secret key from the copyright management center to the first user;
Means for decrypting the encrypted data into decrypted data by using the first secret key by the copyright control program when the data is displayed;
Means for decrypting the encrypted data into decrypted data by using the first secret key by the copyright control program when the data is edited;
Means for encrypting the data into re-encrypted data by using the second secret key by the copyright control program when the data is stored;
Means for encrypting the data into re-encrypted data by using the second secret key by the copyright control program when the data is copied;
Means for encrypting the data into re-encrypted data by using the second secret key by the copyright control program when the data is transferred to a second user;
Means for re-decrypting the re-encrypted data by using the second secret key by the copyright control program when the stored re-encrypted data is used;
Means for re-decrypting the re-encrypted data by using the second secret key by the copyright control program when the copied re-encrypted data is used;
Means for re-decrypting the re-encrypted data by using the second secret key by the copyright control program when the re-encrypted data transferred to the second user is used;
Only including,
A data copyright management system , wherein the re-encrypted data includes first user information that is not encrypted as a first user information label .

Images