JP4664386B2 - Information distribution system, information distribution method, information distribution server, and content distribution server - Google Patents

Description

  The present invention relates to distribution and acquisition of multimedia data typified by audio video, and in particular, to provide multimedia data customized for each user or subjected to access control.

  With the speeding up of networks and the advancement of terminals, multimedia content (video, audio) distribution technology is attracting attention in wide area networks represented by the Internet. As the technology, there is RTSP (IETF: RFC2326) which is a media stream control protocol. In RTSP, a user sends an RTSP command to a server, thereby realizing remote operations such as playing, recording, and stopping a media stream existing on the server via a network.

  FIG. 30 is a block diagram for explaining a conventional example of the present invention, that is, a system for controlling a media stream on the server side by RTSP.

  As shown in the figure, a terminal 100 that purchases media and a media server 101 that distributes media are connected via a network. In addition, the media server 101 is connected to the media 102 in which the media is stored, and the terminal 100 remotely controls the media stored in the media 102 through the media server 101 via the network 103. When performing a remote operation, the terminal 100 transmits an RTSP request to the media server 101. The media server 101 interprets the RTSP request, prepares to operate the media stored in the media 102, and transmits an RTSP response to the terminal 100.

  FIG. 31 is a sequence diagram showing a method for remotely operating a media stream on a server using RTSP. As shown in the figure, here, a terminal 100 that purchases media and a media server 201 that distributes media are arranged.

  In order to operate the media using RTSP, the terminal 100 first transmits a DESCRIBE message to the media server 101 and issues a media stream description acquisition request. The media server 101 that has received the request transmits a description of the requested media stream to the terminal 100. Next, the terminal 100 transmits a SETUP message to the media server 101 and issues a resource reservation request. Upon receiving the request, the media server 101 reserves resources and returns a response message. Upon receiving the response, the terminal 100 is ready to operate the media, and the actual operation commands PLAY (playback), RECORD (recording), and PAUSE (stop) are always sent to the media server 101 whenever the operation is performed. Send. Upon receiving the operation command, the media server 101 prepares for media operation and returns a response message each time an operation request is received. Thereafter, the media server 101 performs the requested media operation. Finally, the terminal 100 transmits a TEARDOWN message to the media server 101 to end the session.

  In addition, the RTSP header area includes a Range that specifies the operation time range of the media stream and a Scale that specifies the double speed operation. By using these, a desired scene can be called. For example, if the playback start time and end time of a desired scene are acquired from the server in advance, the playback range is described in the Range header, and a request is sent to the server, the desired scene can be called. Also, it can be realized by performing double speed playback with Scale during media playback and returning to normal playback as soon as the desired scene is reached.

  FIG. 32 is a diagram illustrating an example of a message that flows in a method of reproducing the media 102 in the media server 101 by RTSP. 32, the terminal 100 is abbreviated as C and the media server 101 is abbreviated as S. For example, C → S indicates that the message is transmitted from the terminal 100 to the media server 101.

  As shown in the figure, the time range to be operated can be specified by adding a Range option to the URI of the media requested to be operated from the terminal 100. In addition, in order to satisfy the uniqueness of the request message, the message sequence number Cseq and the session unique number Session are described simultaneously. In the case of the example shown here, it is requested to play back the media from the 1800th second. Upon receiving this request, the server prepares for media playback at 1800 seconds, returns an OK message, and distributes the media on RTP. The terminal 100 that receives the media transmits RTCP for confirmation to the media server 101. Here, it should be noted that in order for the terminal 100 to request a desired scene, it is necessary to know the time range of the desired scene in advance.

  Furthermore, in recent years, information distribution services for distributing various contents have been performed. Content distribution can be said to be a useful service in that it can be used as an advertising medium and can acquire only information that suits the taste. On the other hand, the technology that controls the access to information by providing data that describes the access right to the user for the content provided by the provider is attracting attention. Conventionally, the document is structured with XML The XAS (XML Access Sheet) that describes the access right to the user given by the provider in XML format is prepared on the server side and the document corresponding to the access right of the user is automatically used by using XAS. Producing techniques have been proposed. As shown in the figure, XAS describes a subject indicating “who”, an object indicating “what information”, and a sign indicating the presence or absence of access rights to the object. The original IP address, the group to which the user belongs, and the role can be described, and by mapping the user to the Subject space, the user can be controlled from various viewpoints.

  FIG. 33 is a block diagram showing a method for automatically generating a document corresponding to an access right based on XAS based on XHTML. As shown in the figure, XAS 1602 and 1603 are linked to XHTML 1600 that performs access control and its definition document DTD 1601, respectively. In order to perform access control on the XHTML 1600, a parsing process 1604 for expanding the XHTML into a Document Objent Model (DOM) tree, a labeling process 1605 for labeling each object in the DOM tree according to the XAS Sign, and “permitted” are labeled. A DOM conversion process 1606 for reconfiguring the DOM tree with only elements and an unparsing process 1607 for returning the DOM tree to XHTML are arranged. XHTML is expanded into a DOM tree through a parsing process 1604, and is labeled for each object based on XAS 1602 and 1603 through a labeling process 1605. The labeled DOM tree is converted into a DOM tree including only objects that are labeled “permitted” through a DOM conversion process 1606, and is returned to XHTML through an unparsing process 1607.

  Further, the DTD 1601 takes into consideration the transparency of the system to the terminal, and the terminal side needs to refer to the DTD generated only by the object referred to by the converted XHTML. For this reason, a reduction process 1608 for reducing the DTD is arranged to match the converted XHTML. The DTD becomes a degenerated DTD through the degeneration process 1608. With the above method, XHTML 1609 and DTD 1610 corresponding to the user's access right based on XAS are automatically generated.

  In the conventional method described above, in order to call a desired scene, the playback start time and end time of the desired scene are acquired from the server in advance, and the playback range is described in the range and a request is sent to the server, or the media is being operated. It can be realized by operating at double speed with Scale and returning to normal operation as soon as the desired scene is reached.

  However, in a communication network such as a mobile network in which the communication speed is likely to be delayed, it takes a long time until the operation becomes effective on the terminal side after the RTSP command is sent. Therefore, it is difficult to call a desired scene using the RTSP command because it takes time from request to operation.

  Furthermore, it is desired to develop a method for adapting the access control method for XHTML to temporally dynamic content represented by AV media. In other words, temporally dynamic content has a huge presentation description compared to static content represented by a document, and it is necessary to specify the playback start time and play it. Therefore, it is not realistic to apply an access control method for XHTML because control for each piece of information included in content cannot be performed.

  The present invention has been made to solve the above problems, and by sending an operation request once from the terminal to the information distribution server during media data reproduction, it is possible to jump to a desired scene cut, resulting in a delay. It is possible to distribute information smoothly and smoothly, and it is possible to automatically generate and distribute digests according to the user's access rights given by the server side for temporally dynamic media data. It is an object of the present invention to provide an information distribution system, an information distribution method, an information distribution server, a content distribution server, and a terminal that can perform appropriate information distribution according to the situation.

  In order to solve the above-mentioned problems, the present invention specifies the address at which media data is stored in the media storage means in advance and playback of the media data is started when media data such as video and audio is distributed to the terminal. Is stored in the sequence information storage means, a media operation request for requesting distribution of media data is generated on the user terminal side, and the current playback time is generated in response to the generated media operation request And a scene identifier that identifies the playback scene, and the distribution server obtains a media operation request from the user's terminal, collates sequence information based on the obtained media manipulation request, and determines a predetermined value based on the collation result. The media data is read from the media storage means from the playback start position, and the read media data A is intended to be delivered to the terminal.

  In the present invention, the sequence information includes meta information in which text data such as characters describing the outline of each scene in the media data and the playback start address of each scene are associated with each other, and the media operation request includes A scene keyword that specifies a desired playback scene is included, text data is detected based on the acquired scene keyword, and media data is read based on a playback start address associated with the detected text data. preferable.

  In the present invention, as a media operation request, a scene identifier (Jump) that realizes a jump to a desired scene cut is transmitted from the terminal to the information distribution server as a media operation request, and an arbitrary scene desired by the user is quickly transmitted. It can be received from the information distribution server.

  In other words, Jump has, as arguments, Playtime, which is the current playback time on the terminal side, and Scene that specifies the desired scene cut. When Jump is sent to the server, the server side synchronizes the scene with the terminal from Playtime. While searching, the scene cut specified by Jump is automatically searched and a Response message is returned, and then the media stream operation can be started from that scene cut. Playback can be started from the scene.

  This Jump can be realized as a command on the header field of RTSP, for example, like Range and Scale, and can be used as an option of an operation command such as PLAY and RECORD.

  For example, according to the present invention, a terminal can call a desired scene cut without knowing in advance the start time of the desired scene cut. Further, according to the present invention, a desired scene cut can be called by sending a Jump request without exchanging useless messages such as a scene start time transmission request, a double speed operation request, and a constant speed operation request to the server. Network load is reduced, and it is possible to flexibly cope with high latency and high jitter networks typified by mobile networks.

  In addition, another invention is an information distribution method for distributing media data such as video and audio to a terminal, wherein the media data is stored in the media storage means, and each scene in the media data is summarized in the meta information storage means Is stored in the user database in association with each user's access rights in the user database. On the terminal side, a media operation request for requesting distribution of media data is generated, a user identifier for identifying the user is added to the generated media operation request, and the distribution server acquires the media operation request and acquires this The user database is searched based on the received media operation request, and the user's access is And the meta information is collated based on the set access right. Based on the collation result, the media data is read from the media storage means from the predetermined reproduction start position, and the read media data is read out. It is delivered to the terminal.

  In the other invention described above, the access right preferably includes reproduction information regarding the time that the user can view and the viewing order for each scene, and the media data is preferably read based on the reproduction information.

  In the above invention, it is preferable that the reproduction information is distributed as presentation information to a terminal used by a user.

  In these inventions, access control can be performed for each user by collating and reconfiguring the meta information of the media data according to the user's access rights. According to these inventions, a policy structure describing access rights incorporating the concepts of media data viewable time and viewing order is constructed, and presentation description data configured according to user access rights in accordance with policies is distributed. Service can be realized easily.

  For example, according to the present invention, a multimedia content including AV media and dynamic in time is digested according to the access right to the user, which incorporates the concept of viewable time / viewing order provided by the provider. Can be automatically generated and distributed, and a new information distribution service provided with essential viewing items such as advertisements can be realized.

  By using the presentation description data according to the above invention, for example, when requesting delivery of media data, it is possible to embed a server signature, validity period data, etc. in the media operation request. It is also possible to prevent unauthorized access.

  According to the present invention, it is possible to jump to a desired scene cut by transmitting an operation request once from the terminal to the information distribution server during media data reproduction, and smooth information distribution can be performed without causing a delay. . In addition, according to the present invention, it is possible to automatically generate and distribute digests according to user access rights given by the server side for temporally dynamic media data. Information distribution can be performed.

[First Embodiment]
(Outline of processing)
A first embodiment of the present invention will be described below with reference to the drawings. FIG. 1 is a sequence diagram showing the operation of the information distribution system according to the present embodiment.

  As shown in the figure, when an information distribution system requests media distribution, the information distribution system receives a media operation request to which a jump instruction is added and a terminal 1000, and receives the media operation request. And a content distribution server 1001 that performs media operations using Since this Jump instruction is a command on the RTSP HeaderField, the terminal 1000 performs processing in accordance with RTSP specifications represented by description acquisition, resource reservation, media operation, media transfer, session termination, and the like. While doing, it is possible to request a Jump command remotely.

  More specifically, as shown in FIG. 1, the information distribution system remotely controls a media stream in the content distribution server 1001 from the terminal 1000 by RTSP.

  In order to operate the media using RTSP, the terminal 1000 first transmits a DESCRIBE message to the content distribution server 1001 and issues a request for obtaining a description of the media stream. Upon receiving the request, the content distribution server 1001 transmits a description of the requested media stream to the terminal 1000. Next, the terminal 1000 transmits a SETUP message to the content distribution server 1001 and issues a resource reservation request.

  Upon receiving the request, the content distribution server 1001 reserves resources and returns a response message. Upon receiving the response, the terminal 1000 adds a Jump command to PLAY (playback), which is an actual operation command, and transmits it to the content distribution server 1001, assuming that preparations for operating the media are complete.

  Upon receiving the operation command, the content distribution server 1001 prepares for media operation and returns a response message in response to the operation request. Thereafter, the content distribution server 1001 performs the requested media operation. Finally, the terminal 1000 transmits a TEARDOWN message to the content distribution server 1001 to end the session.

  FIG. 2 is a diagram illustrating an example of the Jump message. As shown in the figure, the Jump command is composed of Playtime, which is the current playback time, and Scene for designating a desired scene. By transmitting Playtime from the terminal 1000 side, the content distribution server 1001 easily establishes scene synchronization with the terminal. In the Scene, the relative distance dif of the scene when the currently playing scene is set to 0 is described as an argument, and a desired scene can be designated.

  FIG. 3 is a diagram illustrating an example of a message used when a desired scene is searched by Jump in the present embodiment. In the figure, terminal 1000 is abbreviated as C, content distribution server is abbreviated as S, and → indicates a message flow.

  As shown in the drawing, first, Jump is described as Header in the PLAY operation command as a message from the terminal 1000 to the content distribution server 1001.

  On the terminal 1000 side, in order to make a Jump request, the current playback time is acquired and described as Playtime. In this example, Normal Play Time is used, but it may be described in SMPTE Timestamp Absolute Time, which is also used in the RTSP specification, taking into account the ease of obtaining playback time and the ease of scene detection.

  Next, the relative distance between the currently playing scene and the desired scene is described in the Scene dif. A scene search is performed on the content distribution server 1001 side based on Playtime and Scene sent by Jump, and a download confirmation message is sent from the server. The download confirmation message describes the download start time, and it is possible to confirm the start time of the downloaded media.

  4, FIG. 5, and FIG. 6 are diagrams showing examples of Error messages in the download confirmation message.

  FIG. 4 is a diagram showing an example of an Error message when the scene synchronization with the terminal 1000 on the content distribution server 1001 side fails. As shown in the figure, in the response message, Playtime presented by the terminal 1000 side and Synchronize Error indicating synchronization failure are described.

  FIG. 5 is a diagram illustrating an example of an Error message transmitted when a scene specified by the terminal 1000 is searched on the content distribution server 1001 side and a scene obtained as a search result has already been transmitted. . As shown in the figure, the response message describes the start time of the scene obtained as a search result and send already indicating transmission completion.

  FIG. 6 is a diagram illustrating an example of an Error message that is transmitted when the specified scene cannot be searched when the content distribution server 1001 searches for the scene specified by the terminal 1000. As shown in the figure, Playtime and Scene presented by the terminal 1000 and seek Error indicating search failure are described.

(Constitution)
Next, an information distribution system having the above-described jump processing function will be described. FIG. 7 is a block diagram illustrating in detail the internal configuration of the information distribution system according to the present embodiment.

  As shown in the figure, in the information distribution system according to this embodiment, as described above, the terminal 1000 on the content purchase side and the content distribution server 1001 are connected via a network.

  The content distribution server 1001 distributes media data such as video and audio to the terminal 1000, and includes a media database 1009 for storing media data, and sequence information for specifying an address at which media data playback is started. The sequence information database 1008 to be stored is compared with sequence information based on the media operation request acquired from the terminal 1000, and the scene search unit 1005 reads media data from the media database 1009 from a predetermined reproduction start position based on the comparison result. And an output unit 1006 for distributing the read media data to the terminal 1000.

  The terminal 1000 generates a media operation request for requesting delivery of media data, and adds a scene identifier for specifying the current playback time and playback scene to the generated media operation request (see FIG. Not shown.)

  Specifically, in the content distribution server 1001, a database confirmation unit 1002, an initialization unit 1003, a terminal synchronization unit 1004, a scene search unit 1005, and an output unit 1006 are arranged. The sequence information database 1008 is connected to the scene search unit 1005.

  The database checking unit 1002 acquires the Jump command received from the terminal 1000, interprets the RTSP command included in the Jump command, searches the sequence information database 1008 based on the interpretation result, and corresponds to the requested media. Get sequence information such as attached URI. Further, the database confirmation unit 1002 outputs the sequence information as a search result and the Jump command to the initialization unit 1003.

  The initialization unit 1003 acquires a Jump instruction from the database checking unit 1002, analyzes the acquired Jump instruction, initializes variables used for Jump processing, extracts Playtime and Scene as Jump arguments, and extracts the extraction results. The data is sent to the terminal synchronization unit 1004 together with the sequence information.

  The terminal synchronization unit 1004 uses the sequence information acquired by the database confirmation unit 1002 and the Playtime acquired by the initialization unit 1003 to grasp the scene currently being played on the terminal 1000 side, and performs a scene synchronization process. This synchronization process will be described later.

  The scene search unit 1005 compares the sequence information acquired by the database check unit 1002 with the Scene acquired by the initialization unit 1003, and searches for a scene specified by the terminal 1000.

  The output unit 1006 determines the Response message and prepares the content operation according to the output results from the terminal synchronization unit 1004 and the scene search unit 1005, and transmits the Response message to the terminal 1000.

  In the sequence information database 1008, media managed by the content distribution server 1001 are stored in association with sequence information such as URI, scene number, start time of each scene, and playback time.

  Here, the sequence information stored in the sequence information database 1008 only needs to be able to process the above elements individually. For example, the sequence information is described in a relational database or meta information represented by MPEG-7. It can be described by. The scene number is an element for easily performing seek by digitizing the scene specified by Jump, and the start time and playback time of each scene are elements for synchronizing the scene with the terminal 1000 side.

(Operation)
The information distribution system according to the present embodiment having the above configuration operates as follows.

(1) Synchronization Processing FIG. 8 is a flowchart showing the operation of the terminal synchronization unit 1004.

  The terminal synchronization unit 1004 grasps the scene currently being played on the terminal 1000 side and performs scene synchronization. That is, as shown in the figure, the operation processing of the terminal synchronization unit 1004 is composed of a scene synchronization loop step S1100 and a synchronization check step S1101. The scene synchronization loop step S1100 includes a scene synchronization confirmation step S1102, the next step. Step S1103 for shifting the search to this scene is included. On the other hand, the synchronization check step S1101 includes a synchronization confirmation step S1104, a synchronization error processing step S1105, and a scene number output step S1106.

  In the scene synchronization loop step S1100, the current playback time Playtime is acquired as a Jump argument from the terminal 1000 side, and the sequence information describing each scene number, start time, and playback time held on the content distribution server 1001 side. Are compared, and the Playtime and sequence information are compared, and the scene synchronization confirmation step S1102 and the step S1103 for shifting to the search for the next scene are looped until the scene synchronization is established, thereby achieving the scene synchronization. Thus, unlike the conventional RTSP, Playtime, which is the playback time, is sent from the terminal 1000 side, so that synchronization with the terminal 1000 can be easily achieved.

  The synchronization check step S1101 determines whether to return an Error or pass to the next processing in the synchronization confirmation step S1104. That is, the synchronization confirmation step S1104 confirms whether or not the Playtime presented from the terminal 1000 exists in the specified URI sequence. After confirming the synchronization result, if it is confirmed that the synchronization is established, the current scene is output in the scene number output step S1106. If it is confirmed that the synchronization has failed, the synchronization error message illustrated in FIG. 4 is returned in the synchronization error processing step S1105.

  Next, scene search is performed through Scene Search.

(2) Scene Search Processing FIG. 9 is a flowchart showing the operation of the scene search unit 1005.

  As shown in the figure, the scene search process includes a scene search step S1200 and a media transfer preparation step S1205.

  A scene search step S1200 is a step of searching for a scene specified by the terminal, and after searching for a scene specified by the terminal, outputs the start time of the scene in the sequence information. That is, a search is performed in the sequence information by the synchronized current scene number and dif of the Scene attribute which is a Jump argument. Since dif represents the scene relative distance when the current scene is set to 0, for example, the sum of the current scene number and the dif value is used to grasp where to search in the sequence information. be able to.

  The search confirmation step S1201 is a step of confirming whether or not the designated scene has been retrieved as a result of performing the designated scene search. If the retrieval is successful, the start time of the scene is acquired from the sequence information and transmitted. The process proceeds to completion confirmation step S1203. If the search fails, the process proceeds to search error processing step S1202, and the search error message illustrated in FIG. 6 is returned to the terminal 1000 side.

  The transmission confirmation step S1203 is a step for confirming whether or not the scene obtained as a search result has already been transmitted before this processing is performed. If the scene has not been transmitted, the process proceeds to the media transfer preparation step S1205. And prepare for media operation. In step S1203, if it has been transmitted, the process proceeds to transmitted process step S1204, and the transmitted message illustrated in FIG.

(Example of change)
In addition, this invention is not limited to 1st Embodiment mentioned above, The following changes can be added.

  For example, meta information in which text data such as characters describing the outline of each scene in the media data and the reproduction start address of each scene are associated with the sequence information is added to the media operation request from the terminal 1000. Adds a scene keyword specifying a desired reproduction scene, and the scene search unit 1005 detects the text data based on the acquired scene keyword, and based on the reproduction start address associated with the detected text data. Thus, the media data may be read out.

  Specifically, it is possible to extend the terminal 1000 so that a desired scene is designated by the keyword and the keyword matching can be performed on the server side. For this purpose, a scene keyword indicating the outline of the scene is described as an element of sequence information.

  FIG. 10 is a diagram showing an example of a Jump request message reflecting the concept of Keyword. As shown in the figure, in addition to dif in the scene that specifies the desired scene, keyword is added as an attribute, and in the sequence specified by URI, a scene separated by dif is specified in a scene group that matches keyword. Also, this message can be changed to the above-mentioned dif-only method by specifying null as the Keyword.

  FIG. 11 is a flowchart showing the operation of the scene search unit 1005 reflecting the concept of Keyword. As shown in the figure, the operation process according to this modification example is configured by adding a keyword confirmation step S1401 and a keyword matching step S1402 to steps S1200 to 1205 which are the flow of scene search shown in FIG.

  In Keyword confirmation step S1401, Keyword is acquired from the Jump argument and the value is confirmed. In this confirmation, if the value is null, the process goes to the scene search step S1200 without passing through the Keyword matching step S1402. In the Keyword matching step S1402, the Keyword value is matched with the scene keyword of each scene, and the sequence information is reconstructed so that only the address associated with the matched scene keyword can be accessed. In the present embodiment, it is assumed that the sequence information is described by a method that is relatively easy to reconstruct only with a query that conforms to a certain condition represented by a relational database or XML.

[Second Embodiment]
Next, a second embodiment of the present invention will be described.

(Constitution)
In the present embodiment, an information distribution method for performing access control by reconfiguring metadata of content (media data) according to access rights will be described. FIGS. 12, 14 and 16 are block diagrams showing network configurations of information distribution and content distribution methods according to the present embodiment.

  As shown in the figure, in the present embodiment, a terminal 1500, an information distribution server 1501, and a content distribution server 1502 are arranged via the network 103.

  Specifically, the content distribution server 1502 distributes content such as video and audio to the terminal 1500. The content distribution server 1502 collates the meta information based on the content storage 2106 for storing the content and the access right of the user, It has a distribution processing unit 2104 that reads out and distributes content from the content storage 2106 based on the collation result from a predetermined reproduction start position.

  The information distribution server 1501 stores a meta information database 1505 for storing meta information in which text data such as characters describing an outline of each scene in the content is associated with a reproduction start address of each scene, and each user identifier. An authentication filter unit that acquires a user database 1508 to be stored in association with the access right of the user and a media operation request, searches the user database 1508 based on the acquired media operation request, and sets the access right of the user 1506.

  The information distribution server 1501 is a device that distributes presentation description data constructed based on reconfigured content metadata in accordance with a user's access right in accordance with a policy presented by a provider. That is, the access right includes reproduction information regarding the time that the user can view and the viewing order for each scene, and the distribution processing unit 2104 uses the reproduction information as presentation information to the terminal 1500 used by the user. A distribution means for distributing;

  The terminal 1500 includes media operation request means (not shown) that generates a media operation request for requesting content distribution and adds a user identifier for identifying a user to the generated media operation request.

(Operation)
FIG. 13 is a sequence diagram showing operations of information distribution and content distribution in the present embodiment.

  First, the user requests the content distribution description data from the information distribution server 1501. On the user side, when the terminal 1500 transmits the request data together with the requested content URI together with the user ID for identifying the user, the information distribution server 1501 causes the presentation description data corresponding to the access right of the user to be transmitted. Is automatically generated and transmitted to the terminal 1500 side. The presentation description data generated here is subjected to access control that incorporates the concept of content viewable time and viewing order, which was difficult to realize with the concept of XHTML access control.

  In addition, when transmitting the presentation description data, a signature for certifying that access control has been performed and an expiration date of the signature are transmitted at the same time. Next, the terminal 1500 makes a content request to the content distribution server 1502 based on the presentation description data acquired from the information distribution server 1501. At this time, the user ID and signature are transmitted together with the content request.

  After confirming the validity of the signature and the validity of the transmitted request data, the content distribution server 1502 transmits a content distribution response. A newly created signature reflecting the viewing history and an associated expiration date are added to the content distribution response. The content distribution server 1502 distributes the content after transmitting the content distribution response. When the user further requests content, the ID of the scene that was viewed this time (previous viewing scene), the signature acquired by the previous content distribution response, and the user ID are added to the content request.

  The content distribution server 1502 monitors the immediately preceding viewing scene for each request and proves that the viewing order is observed. The user ID is information used by the server to understand the status of the terminal. For example, the user ID is representative of the terminal terminal IP address, user information such as a user account name and password, and machine environment information on the terminal side. Environment information to be described.

  FIG. 14 is a block diagram showing the operation of the information distribution server that generates presentation description data according to the access right of the user, adds a signature and an expiration date, and transmits the presentation description data to the user together with the presentation description data.

  As shown in the figure, this system includes a terminal 1500 and an information distribution server 1501. The information distribution server 1501 includes an authentication filter unit 1506, a presentation description data generation unit 1503, and a signature generation unit 1504. The filter unit 1506 is connected to a content meta information database 1505 of the content distribution server and a usage agreement database 1507 in which access policy rules XAS 1506 for each content presented by the provider are stored.

  Upon receiving the request data, the information distribution server 1501 passes the request data to the authentication filter unit 1506, acquires the XAS in which the access right associated with the specified URI in the request data is described from the usage agreement database 1507, and this XAS The access right to the content designated by the user is confirmed based on the above, and the meta information of the designated URI is acquired from the meta information database 1505.

  The meta information is converted into meta information ′ according to the user access right by the authentication filter unit 1506 based on XAS. The user ID in the request data is used to map a user to a subject using the same concept as the access control to XHTML. The presentation description data generation unit 1503 generates presentation description data using the converted meta information '. Since the presentation description data is generated using the access-controlled meta information ', it is data reflecting the access right.

  Next, a signature that certifies that access control has been performed by a legitimate organization and its expiration date are added to the presentation description data generated by the presentation description data generation unit 1503 through the signature generation unit 1504. Further, the information distribution server 1501 may give the signature independently, or a reliable third party may send the signature separately to the user.

(1) Authentication Processing FIG. 15 is a block diagram showing an operation of authentication processing by the authentication filter unit 1506 shown in FIG.

  The authentication filter unit 1506 is a device for adopting the concept of access control for XHTML and further realizing temporally dynamic access control for content. As shown in the figure, meta information 2000 for performing access control is necessary. DTD 2001 that performs access control if there is, XAS 2002 and 2003 that are access right description data associated with them, parsing 2004 that expands meta information 2000 into a DOM tree, labeling processing 2005 that performs labeling based on XAS 2002 and 2003 on the DOM tree, Based on the labeled DOM tree, DOM conversion processing 2006 for reconstructing the DOM tree with only the objects labeled “permitted”, unparsing processing 2007 for returning the DOM tree to the meta information form, and processing for degenerating the DTD It is composed of 2008.

  In XAS 2002 and 2003, in addition to the access right to each object unit in the DOM tree, the content viewable time and viewing order policies are described for each object. In the labeling process 2005, the sign is added and the content is added. Reflect viewing time and viewing order in DOM. By this operation, it is possible to reflect the content viewing time and viewing order policy for the user in the meta information.

  FIG. 18 is a diagram showing an example of XAS used in the present embodiment.

  As shown in the figure, content viewing time range and viewing order Order are described in addition to Subject, Object, and Sign. Access to XHTML is done without dividing the content itself for each object to which access is granted. The concept of control has been expanded to accommodate temporally dynamic content. In this example, the user determined to be ALL is www. foo. com / sample. When viewing the sequence indicated by the URI specified by mp4, the viewing specified by MediaDuration from the time range specified by <range>, that is, from the start time T00: 01: 13: 14F30 specified by MediaTimePoint of the MediaTime element The range of possible time PT27S2N30F is accessible (ten is accessible, one is not accessible) as specified by <sign>, but it is always the viewing order specified by <order>, that is, with the priority attribute It is necessary to keep the priority of the scene specified by a certain score. However, in the case of the user determined as Guest, the range of the viewable time PT27S2N30F specified by MediaDuration is specified by <sign> from the start time T00: 23: 13 specified by MediaTimePoint in the same URI sequence. So that it cannot be accessed.

  FIG. 19 is a diagram illustrating a case of MPEG-7 as an example of meta information before performing access control. As shown in the figure, MPEG-7 is composed of MediaInformation and SegmentDecomposition, and MediaInformation describes properties related to the media, such as URI and encoding method. In SegmentDecomposition, AudioVisualSegment indicating the property for each scene and MediaTime indicating the start time and playback time of the entire sequence are described. AudioVisualSegment describes a keyword indicating the contents of the scene as PointOfview for each scene, and describes temporal information MediaTime of each scene, that is, start time MediaTimePoint and playback time MediaDuration.

  When the meta information of the sequence of the URI designated by the user determined to be Guest is MPEG-7 illustrated in FIG. 19, it passes through the authentication filter unit 1506 shown in FIG. When passing through the labeling process 2005, the labeling is performed based on the XAS illustrated in FIG. Here, not only Sign but also Range and Order are reflected. That is, starting from the start time T00: 13: 14F30, the viewing order is No. 1 within the range of PT27S2N30F, and since it is determined to be Guest, the range of PT17S16N30F starts from the start time T00: 01: 23 Access is not allowed inside. This situation is labeled in the MPEG-7 DOM tree. Next, the DOM tree is reconstructed only with the objects permitted by the DOM conversion processing 2006, and is returned to the MPEG-7 form by unparsing 2007. As a result, MPEG-7 is reconstructed into MPEG-7 according to the user's access right.

  FIG. 20 is a diagram illustrating an example of SMIL automatically generated by the presentation description data generation unit 1503 from MPEG-7 before the access control illustrated in FIG. 19 is performed.

  SMIL is a <layout> that shows what layout the media will be viewed in, and <head> that describes simple meta information such as the media title and content name, and the URI and playback of the media that actually flows It consists of <body> describing the start time, playback end time, and playback order. As shown in the figure, before performing access control, from <video> and <audio> attributes of <par> element of <seq> element of <body> element, <clip-begin>, and <clip-end> It is described to be played from the start time 0.0 s to the end time 60.0 s.

  FIG. 21 is a diagram illustrating an example of MPEG-7 after access control is performed on the MPEG-7 illustrated in FIG. 19 according to the XAS illustrated in FIG. As shown in FIG. 20, in the MPEG-7 illustrated in FIG. 20, <MediaDuration> of the <MediaTime> element of the <AudioVisualSegment> element is PT1MOOS, whereas in the MPEG-7 illustrated in FIG. It is PT15S, and it can be seen that the scene that was originally 1 minute has been reduced to 15 seconds.

  FIG. 22 is a diagram illustrating an example of SMIL automatically generated by the presentation description data generation unit 1503 from MPEG-7 after the access control illustrated in FIG. 21 is performed.

  As shown in the figure, in the SMIL illustrated in FIG. 20, the <clip-end> attribute in the <video> of the <par> element of the <seq> element of the <body> element is 60.0s. On the other hand, in the SMIL illustrated in FIG. 22, it is 15.0 s, indicating that access control is being performed.

  Next, the user issues a content request to the content distribution server 1502 based on the presentation description data transmitted from the information distribution server 1501, and adds the signature transmitted together with the presentation description data and the user ID. To do.

  FIG. 16 is a block diagram showing the operation of the content distribution server 1502.

  As illustrated, the content distribution server 1502 includes a signature evaluation unit 2101, a viewing history confirmation unit 2102, an access control unit 2100 including an authentication filter unit 2103, a distribution processing unit 2104, and a signature processing unit 2105. Further, a content storage unit 2106 that stores actual content is connected to the distribution processing unit 2104. In order to request content from the content distribution server 1502, a request message in which the immediately preceding viewing scene ID, user ID, and server signature are added to the content request command is transmitted to the content distribution server 1502.

  Upon receiving the request message, the content distribution server 1502 first passes the request message to the signature evaluation 2101. In the signature evaluation 2101, it is confirmed that the signature transmitted from the terminal 1500 side is issued by a legitimate institution, the validity period is confirmed, and whether the validity period has expired is confirmed. If the signature is invalid, perform Reject processing.

  The viewing history confirmation 2102 is a mechanism in the signature evaluation 2101. In order to confirm whether the user requests media according to the viewing order policy in the authentication filter 2103 in the next stage, This is an apparatus for grasping the content that was being viewed (the immediately preceding viewing scene). The immediately preceding viewing scene can be grasped by analyzing the signature so that the signature generated in the signature processing 2105 reflects the ID of the content to be transmitted this time. If the immediately preceding viewing scene is invalid, the Reject process is performed. The authentication filter 2103 confirms whether the user has an access right for the content requested by the user. In particular, whether or not the requested content is valid in view of the viewing order is confirmed from the immediately preceding viewing scene acquired in the viewing history confirmation 2102, and if it is an unreasonable request, Reject processing is performed. The distribution processing unit 2104 is a device that performs distribution processing of content requested by the user.

  The request that has passed through the access control unit 2100 is regarded as valid, and the command in the request message is interpreted to prepare for content distribution to the content storage unit 2106 and create a response message.

  The signature processing unit 2105 generates a signature that proves that access control has been performed by a legitimate organization. This signature reflects the immediately preceding viewing scene for determining whether or not the next request satisfies the viewing order policy. In other words, a new signature is created from information in which the content to be distributed this time is the immediately preceding viewing scene. The information for identifying the immediately preceding viewing scene is the URI of the content and the viewing range Range. Also, an expiration date for this signature is set, and the Response message generated by the distribution processing unit 2104, the signature, and the expiration date are transmitted to the terminal side.

  FIG. 17 is a block diagram showing the operation of the authentication filter 2103 shown in FIG.

  As shown in the figure, an authentication filter 1506 is connected to a usage agreement database 1507 and a user database 1508. The usage agreement database 1507 stores the XAS 2202 in which the access right to the user for the possessed content is described, and is a database for mapping used in the information distribution server. The authentication filter 1506 inputs the URI, user ID, range, and preceding viewing scene obtained in the viewing history confirmation 2102 in the request message. Based on the input user ID, the user is mapped to the subject based on the user database 2202.

  Also, from the input URI, the XAS 2202 for the subject is acquired based on the usage agreement database 1507, and the Subject, URI, Range, and Preceding Scene are confirmed. Confirmation of the preceding scene is confirmation of the viewing order, and the legitimacy of the viewing order is confirmed by comparing the order of the preceding scene with the order of the requested content.

  Also, in order to confirm the viewing order, the preceding viewing scene was reflected in the signature and sent every time the terminal requested a content, but a session was made in advance between the terminal and the content distribution server to give a presentation description. If the data can be shared, the terminal side and the content distribution server can be synchronized without transmitting the immediately preceding viewing scene Preceding Scene.

  FIG. 23 is a sequence diagram showing a method for sharing presentation description data between the terminal side and the content distribution server.

  As illustrated, a terminal 1500, an information distribution server 1501, and a content distribution server 1502 are arranged. When the terminal 1500 requests presentation description data from the information distribution server 1501, when the presentation description data is transmitted from the information distribution server 1501 to the terminal 1500, a unique number generated with a random number of about 64 bits for identifying the presentation description data, for example. Add a number. When making a content request, the terminal 1500 transmits a unique number of presentation description data to the content distribution server 1502 together with a request message. The content distribution server 1502 transmits the unique number to the information distribution server 1501, and the information distribution server 1501 transmits the presentation description data possessed by the terminal 1500 to the content distribution server 1502 by evaluating the validity of the unique number. When the content distribution server 1502 processes a request from the terminal 1500, the content distribution server 1502 labels the presentation description data in order to determine the scene to be processed at present. It is possible to understand the current order in order. Furthermore, in order to prevent unauthorized secondary access, the response is sent with a signature signature and an expiration date attached thereto. Further, when the terminal 1500 requests content, the presentation request data unique number and signature signature are added to the content request and transmitted. The content distribution server 1502 evaluates the signature signature, confirms that the previous content distribution server 1502 has performed processing, calls the presentation description data used last time with the presentation description data unique number, and checks the validity of the viewing order. Confirm.

(Example of change)
The present invention is not limited to the second embodiment, and can be modified as follows.

  For example, the content distribution server 1502 described in the above-described second embodiment may be provided with the same function as the content distribution server 1001 described in the above-described first embodiment. That is, the content distribution server 1502 according to the second embodiment stores a media database 1009 for storing media data, a sequence information database 1008 for storing sequence information for specifying an address for starting playback of media data, and the terminal 1000. Sequence information is collated based on the acquired media operation request, and based on the collation result, a scene search unit 1005 that reads media data from the media database 1009 from a predetermined reproduction start position, and the read media data is the terminal 1500. Can be added to the output unit 1006 for distribution.

  In this case, the media operation request includes presentation information including a playback start address determined based on the user's access right and the current playback time on the terminal 1500, and the search unit 1005 is included in the media operation request. According to the playback start address and playback time, the media data is read and read from the predetermined playback start position at a predetermined timing. Even in this case, the access right can include reproduction information regarding the time that the user can view and the viewing order for each scene.

  In this case, the terminal 1500 is provided with a function of transmitting a media operation request to the content distribution server 1502 based on the presentation information received from the information distribution server 1501. That is, the terminal 1500 generates a scene identifier that specifies the playback start position based on the presentation information received from the information distribution server 1500, adds a current playback time in the terminal 1500, and generates a media operation request. This is transmitted to the content distribution server.

  As a result, the content distribution server 1502 can distribute digest data configured according to the access rights of each user while synchronizing with the terminal 1500. At this time, even if there are a plurality of content distribution servers 1502, the content transmitted from each content distribution server 1502 can be continuously reproduced by specifying different reproduction start times for the respective content distribution servers.

  Furthermore, in the second embodiment described above, presentation information is transmitted from the information distribution server 1501 to the terminal 1500, and the terminal 1500 requests the content distribution server 1502 to distribute media data based on the presentation information. However, for example, the presentation information generated by the information distribution server 1501 is directly transmitted to the content distribution server 1502, and the content distribution server 1502 distributes the media data to the terminal 1500 based on the received presentation information. It may be.

  In the second embodiment described above, the information distribution server 1501 and the content distribution server 1502 are constructed by separate servers, but they may be configured as an integrated server.

[Third Embodiment]
(Configuration of information distribution system)
A third embodiment of the present invention will be described below with reference to the drawings. FIG. 24 is a block diagram showing the overall configuration of the information distribution system according to this embodiment.

  As shown in the figure, this embodiment is characterized by including a PKI server 1700 in addition to the configuration of the above-described embodiment. That is, in the information distribution system according to the present embodiment, the information distribution server 1501, the terminal 1500, the content distribution server 1502, and the PKI server 1700 are arranged on the network.

  In the present embodiment, the PKI server 1700 is a device that provides a PKI service and performs public key and private key generation, public key registration, private key distribution, and public key distribution. Specifically, the PKI server 1700 issues a secret key for signature data to the information distribution server 1501 and issues a public key that is paired with the secret key to the content distribution server 1502.

  The information distribution server 1501 is a device that distributes presentation description data constructed based on reconfigured content metadata to the terminal 1500 in accordance with a user's access right in accordance with a policy presented by a provider. The information distribution server 1501 transmits a key registration request to the PKI server 1700 and acquires a secret key from the PKI server 1700. Furthermore, the information distribution server 1501 uses the acquired secret key to sign the presentation description data, adds an information distribution server ID such as an IP address, and distributes the presentation description data.

  Furthermore, the information distribution server 1501 has a function of adding content distribution control information regarding the output form of the content related to distribution to the presentation information. This content distribution control information is information for specifying a form when content distributed in the content distribution server 1502 is output on the terminal 1500 side. For example, the size and resolution of the image when displaying the content , And the frame rate of the moving image.

  The content distribution server 1502 is a device that acquires a request including a signature and an information distribution server ID from the terminal 1500 and distributes content such as moving images and audio to the terminal 1500. Further, the content distribution server 1502 transmits a public key request of the information distribution server 1501 to the PKI server 1700, and acquires the public key of the information distribution server 1501 from the PKI server 1700. In addition, when a public key request is transmitted from the content distribution server 1502, an information distribution server is determined in advance using the information distribution server ID. Furthermore, the content distribution server 1502 authenticates the request from the terminal 1500 using the acquired public key of the information distribution server 1501 together with the signature included in the request acquired from the terminal 1500.

(Operation of information distribution system)
FIG. 25 is a sequence diagram showing an operation of the information distribution system according to the present embodiment. As shown in the figure, first, the terminal 1500 requests presentation description data from the information distribution server 1501. At this time, the request is sent with the user ID added along with the URI of the content itself to be acquired. Upon receiving this request, the information distribution server 1501 performs access control on the meta information based on the URI and user ID in the request, and creates presentation description data.

  Further, the information distribution server 1501 enters a signature adding step for adding a signature to guarantee that the access control is surely performed by the information distribution server 1501 for the presentation description data. In this signature addition step, first, the PKI server 1700 is requested to register a secret key and a public key. This key may be generated by the information distribution server 1501 and requested for registration, or may be generated and registered by the PKI server 1700.

  Upon receiving the request, the PKI server 1700 registers a secret key and a public key, and transmits the secret key to the information distribution server 1501. The time when the information distribution server 1501 transmits the key registration request to the PKI server 1700 may be for each request from the terminal 1500, or it is transmitted only when the key itself has an expiration date and the key becomes unavailable. Also good. The information distribution server 1501 that has received the secret key obtains a hash value of the URI of the content included in the presentation description data, and signs the hash value with the received secret key.

  Further, an information distribution server ID for uniquely determining the information distribution server 1501 is added to the presentation description data and transmitted to the terminal 1500. The terminal 1500 requests content from the content distribution server 1502 according to the received presentation description data. This request includes the content URI, signature, and information distribution server ID. The content distribution server that has received the request understands from the information distribution server ID in the request that the server that has transmitted the presentation description data is the information distribution server 1501, and notifies the PKI server 1700 of the public key of the information distribution server 1501. And the corresponding public key is obtained from the PKI server 1700.

  The acquired public key is used together with the signature included in the request acquired from the terminal 1500 to authenticate the request from the terminal 1500, and the content is distributed to the terminal 1500 only when it is determined to be a correct request.

  FIG. 26 shows an example of presentation description data transmitted from the information distribution server to the terminal in the present embodiment. As shown in the drawing, in this embodiment, it is assumed that the presentation description data 3100 is composed of several rtsp requests. In addition to the content URI, the rtsp request includes a signature with a signature on the hash value of the URI and an information distribution server ID for uniquely determining the information distribution server. In this example, http-get description is used.

  By transmitting the rtsp request in the presentation description data 3100 as it is to the content distribution server, the terminal 1500 can simultaneously transmit authentication information for the content request. In addition to the signature and information distribution server ID, the rtsp request is added with information for countermeasures when an rtsp request is made illegally by copying information related to media playback or presentation description data, etc. It is also possible to take a hash value and add the signature with the signature and the information distribution server ID. The information related to media reproduction includes, for example, a QoS change value, an ID indicating the type of terminal, a browser type, and the like.

  As a result, the content distribution server 1502 can change and distribute the media playback method based on this information. Information for countermeasures when an rtsp request is made illegal is an unauthorized request that makes it appear as if a third party intercepted the rtsp request that was legitimately sent and sent the exact same rtsp request. For example, an ID for identifying a user, that is, an IP address of a terminal, an identification number of a terminal UIM, or the like. The content distribution server can detect an unauthorized request based on this information.

  FIG. 27 is a flowchart showing the operation of the content distribution server in this embodiment.

  As shown in the figure, the processing performed by the content distribution server 1502 includes an rtsp request acquisition step S1301, an authentication processing step S1302, a media distribution preparation step S1305, a media distribution step S1306, and a non-permission processing step S1304. .

  When processing is started in the content distribution server 1502, an rtsp request transmitted from the terminal 1500 is acquired in rtsp request acquisition step S1301, and information necessary for authentication and information necessary for media distribution are grasped.

  In authentication processing step S1302, if there is signature information, information distribution server ID, and replay attack countermeasure information, the information is input, and the validity of the rtsp request is confirmed using the PKI server 1700. If the authentication is successful, the process proceeds to media distribution preparation step S1305, and if not, the process proceeds to non-permission processing step S1304. In media distribution preparation step S1305, the media requested by the rtsp request is acquired and preparation for distribution is performed.

  If the rtsp request contains information for changing the playback method, the media size, frame rate, etc. are changed here. In the media distribution step S1306, the media prepared in the previous stage is distributed to the terminal side according to the rtsp command. In the disapproval processing step S1304, it is determined that the rtsp request is invalid, and processing for returning an error to the terminal side is performed.

  FIG. 28 is a flowchart showing the authentication processing operation of the content distribution server 1502 in this embodiment.

  As shown in the figure, the authentication process includes an information distribution server confirmation step S1401, a public key request transmission step S1402, a public key reception step S1403, a signature authentication processing step S1404, and an authentication result output step S1405.

  In information distribution server confirmation step S1401, the information distribution server ID is input, the information distribution server is determined by determining which information distribution server is the signature added to the rtsp request. In a public key request transmission step S1402, a key information request message including the URL of the information distribution server 1501 determined to request the public key for the information distribution server 1501 is generated from the PKI server 1700, and the message is sent to the PKI server 1700. Send.

  The public key sent from the PKI server 1700 is received in the public key receiving step S1403. Public key reception step S1403 confirms the validity of the received public key. In signature authentication processing step S1404, the validity of the rtsp request is confirmed based on the signature using the received public key. In authentication result output step S1405, whether or not the rtsp request confirmed in signature authentication processing step S1404 is valid is output as an authentication processing output.

(Function and effect)
According to the content distribution system according to the present embodiment, the content distribution server 1502 can authenticate that the request transmitted from the terminal 1500 is a request whose access is correctly controlled by the information distribution server 1501. . Further, by adding content distribution control information to the rtsp request, it is possible to control the content distribution method in the content distribution server. Further, by adding information associating the request source with the requester to the rtsp request, it is possible to authenticate whether the requester is an unjust request.

(Example of change)
In the third embodiment, the following changes can be made. For example, as shown in FIG. 29, replay attack detection may be performed in the authentication process.

  That is, as shown in FIG. 28, the fraud request check step S1501 is arranged before the information distribution server confirmation step S1401 in FIG. In this fraud request check step S1501, the current request is fraudulently requested based on the information for countermeasure against fraud request added to the rtsp request and the user identifier acquired when the session is established by the rtsp request. Check whether it is For requests that are determined not to be fraudulent requests, the process proceeds to the next information distribution server confirmation step. For requests that are determined to be fraudulent requests, all the steps following the information distribution server confirmation step are skipped, and only the authentication result. Is output.

It is a sequence diagram which shows operation | movement of the information delivery system which concerns on 1st Embodiment. It is a figure which shows the example of the Jump message in 1st Embodiment. FIG. 6 is a diagram illustrating an example of a message used when searching for a desired scene by Jump in the first embodiment. In 1st Embodiment, it is the figure which showed the Error message example when the scene synchronization with the terminal 1000 by the side of the content delivery server 1001 fails. The figure which showed the example of the Error message transmitted when the scene acquired as a search result has already been transmitted after searching the scene which the terminal 1000 designated in the 1st Embodiment on the content delivery server 1001 side. It is. 6 is a diagram illustrating an example of an Error message transmitted when a specified scene cannot be searched when searching for a scene specified by the terminal 1000 on the content distribution server 1001 side in the first embodiment. FIG. It is a block diagram explaining the internal structure of the information delivery system which concerns on 1st Embodiment in detail. FIG. 10 is a flowchart illustrating an operation of a terminal synchronization unit 1004 in the first embodiment. FIG. 10 is a flowchart illustrating an operation of a scene search unit 1005 in the first embodiment. It is the figure which showed the example of the Jump request message in which the concept of Keyword was reflected in the example of a change of 1st Embodiment. It is the flowchart figure which showed the operation | movement of the scene search part which reflected the concept of Keyword in the example of a change of 1st Embodiment. It is a block diagram which shows the network structure of the information delivery in 2nd Embodiment, and a content delivery system. It is a sequence diagram which shows the operation | movement of the information delivery in 2nd Embodiment, and content delivery. FIG. 10 is a block diagram illustrating an operation of an information distribution server that generates presentation description data according to a user's access right, adds a signature and an expiration date, and transmits the presentation description data to the user in the second embodiment. FIG. 10 is a block diagram illustrating an operation of authentication processing by an authentication filter unit 1506 in the second embodiment. FIG. 10 is a block diagram illustrating an operation of a content distribution server 1502 in the second embodiment. FIG. 10 is a block diagram illustrating an operation of an authentication filter 2103 in the second embodiment. In 2nd Embodiment, it is a figure which shows the XAS example which describes a user's access right. In 2nd Embodiment, it is the figure which showed the case of MPEG-7 as an example of the meta information before performing access control. FIG. 10 is a diagram illustrating an example of SMIL automatically generated by a presentation description data generation unit 1503 from MPEG-7 before performing access control in the second embodiment. In 2nd Embodiment, it is the figure which showed the example of MPEG-7 after access control was performed according to XAS. FIG. 10 is a diagram illustrating an example of SMIL automatically generated by a presentation description data generation unit 1503 from MPEG-7 after access control is performed in the second embodiment. In 2nd Embodiment, it is a sequence diagram which shows the system which shares presentation description data by the terminal side and a content delivery server. It is a block diagram which shows the whole structure of the information delivery system which concerns on 3rd Embodiment. It is a sequence diagram which shows operation | movement of the information delivery system which concerns on 3rd Embodiment. In 3rd Embodiment, an example of the presentation description data which an information delivery server transmits to a terminal is shown. It is a flowchart which shows operation | movement of the content delivery server in 3rd Embodiment. It is a flowchart which shows operation | movement of the authentication process in 3rd Embodiment. It is a flowchart which shows operation | movement of the authentication process which concerns on the example of a change of 3rd Embodiment. FIG. 10 is a block diagram for explaining a method of controlling a server-side media stream by RTSP in a conventional example. FIG. 10 is a sequence diagram showing a method of remotely operating a media stream on a server by RTSP in a conventional example. FIG. 10 is a diagram illustrating an example of a message that flows in a conventional example in which a medium 102 in a media server 101 is played by RTSP. In the conventional example, it is a block diagram which shows the system which produces | generates automatically the document according to the access right based on XAS for XHTML.

Explanation of symbols

DESCRIPTION OF SYMBOLS 100, 1000 ... Terminal 101 ... Media server 102 ... Media 103 ... Network 1001 ... Content delivery server 1002 ... Database confirmation part 1003 ... Initialization part 1004 ... Terminal synchronization part 1005 ... Scene search part 1005 ... Search part 1006 ... Output part 1008 ... Sequence information database 1009 ... Media database 1009 ... Media database base 1306 ... Media distribution step 1500 ... Terminal 1501 ... Information distribution server 1502 ... Content distribution server 1503 ... Presentation description data generation unit 1504 ... Signature generation unit 1505 ... Meta information database 1506 ... Authentication Filter unit 1507 ... Terms of use database 1508 ... User database 1600 ... XHTML
1601 ... DTD
1602 ... XAS
1604 ... Parsing process 1605 ... Labeling process 1606 ... DOM conversion process 1607 ... Unparsing process 1608 ... Degeneration process 1700 ... PKI server 2000 ... Meta information 2001 ... DTD
2002, 2003 ... XAS
2004 ... Parsing 2005 ... Labeling process 2006 ... DOM conversion process 2007 ... Unparsing process 2100 ... Access control part 2101 ... Signature evaluation part 2102 ... Viewing history confirmation part 2103 ... Authentication filter part 2104 ... Distribution processing part 2105 ... Signature processing part 2106 ... Content storage unit 2202 ... user database 3100 ... presentation description data

Claims (4)

An information distribution system for distributing media data such as video and audio to a terminal,
Media storage means for storing the media data;
Meta information storage means for storing first meta information in which text data including characters describing an outline of each scene in the media data is associated with a reproduction start address of each scene;
A user database that stores a user identifier that identifies a user in association with an access right of the terminal used by the user;
Generating a media operation request for requesting distribution of the media data, to the generated the media operation request, and the media control request means for adding said user identifier,
Acquires the media operation request, the acquired based on the media operation request, the search for the user database, set access rights of the terminal used by the user corresponding to the user identifier appended to the media control request Authentication means;
Depending on the access rights that the authentication unit has set, a reading means for reading from said media storage means said media data from a predetermined reproduction starting position,
It said media data read possess and distribution unit for distributing to the terminal,
The access right indicates whether or not each of a plurality of objects included in one scene among a plurality of scenes included in the media data is viewable, and indicates a viewable time for a viewable object,
The authentication unit converts the first meta information into second meta information including only an object reflecting a viewable time according to the access right corresponding to the user identifier to which the media operation request is added. Converted,
The second meta information includes a playback start time and a playback time of the viewable object,
The reading means reads out the media data from the predetermined reproduction start position based on the second meta information converted according to the access right set by the authentication means. Distribution system. An information distribution method for distributing media data such as video and audio to a terminal,
The media data is stored in the media storage means, and the text information including characters describing the outline of each scene in the media data is associated with the reproduction start address of each scene in the meta information storage means . In addition to accumulating meta information, a user identifier for identifying the user is accumulated in the user database in association with the access right of the terminal used by the user,
At the user terminal side, the step (4) said generating a media operation request for requesting the distribution of media data, to the generated the media operation request, adds the user identifier,
In the distribution server obtains the media operation request, the acquired based on the media operation request, the searching user database, access terminal used by the user corresponding to the user identifier appended to the media control request Step (5) of setting rights;
A step (6) of reading media data from the media storage means from a predetermined playback start position according to the set access right;
Said media data read possess a step (7) for delivery to said terminal,
The access right indicates whether or not each of a plurality of objects included in one scene among a plurality of scenes included in the media data is viewable, and indicates a viewable time for a viewable object,
In the step (5), in accordance with the access right corresponding to the user identifier to which the media operation request is added, the second meta information includes only the object reflecting the viewable time. Convert it into information,
The second meta information includes a reproduction start time and a reproduction time of the object,
In the step (6), the media data is read from the predetermined reproduction start position based on the second meta information converted in accordance with the access right set in the step (5). An information distribution method characterized by the above. An information distribution server that distributes media data such as video and audio to a terminal,
Meta information storage means for storing first meta information in which text data including characters describing an outline of each scene in the media data is associated with a reproduction start address of each scene;
A user database that stores a user identifier that identifies a user in association with an access right of the terminal used by the user;
The user identifier is added, and the media control request acquiring means for acquiring a media operation request for requesting distribution of the media data,
Obtained on the basis of the media operation request, an authentication unit operable to search the user database, set access rights of a terminal user corresponding to the user identifier appended to the media operation request is used,
Presentation information generating means for generating presentation information including a corresponding reproduction start address based on the second meta information converted according to the access right set by the authentication means;
The access right indicates whether or not each of a plurality of objects included in one scene among a plurality of scenes included in the media data is viewable, and indicates a viewable time for a viewable object,
The second meta information includes a reproduction start time and a reproduction time of the object,
The authentication means includes the second meta information including only the object reflecting the viewable time in the first meta information according to an access right corresponding to the user identifier to which the media operation request is added. An information distribution server characterized by converting to A content distribution server that distributes media data such as video and audio to a terminal,
Media storage means for storing the media data;
Sequence information storage means for storing sequence information for specifying an address for starting reproduction of the media data;
And presentation information including the playback start address is determined based on the access rights of the terminal used by the user, contains the current playback time in the terminal, the media to obtain a media operation request for requesting distribution of the media data An operation request acquisition means;
Based on the acquired said media control request and the sequence information, reading means for reading from said media storage means said media data from a predetermined reproduction starting position,
The media data read possess and distribution unit for distributing to the terminal,
The access right indicates whether or not each of a plurality of objects included in one scene among a plurality of scenes included in the media data is viewable, and indicates a viewable time for a viewable object,
The first meta information in which text data including characters describing an outline of each scene in the media data and the playback start address of each scene are associated with each other includes the playback start time and playback time of the object. And the second meta information including only the object reflecting the viewable time according to the access right corresponding to the user identifier to which the media operation request is added,
The reading means reads out the media data from the predetermined reproduction start position based on the second meta information converted according to the access right set by the authentication means. Distribution server.

Images