KR20080014881A - Recording medium, apparatus for reproducing data, method thereof, apparatus for storing data and method thereof - Google Patents

Abstract

A recording medium, a data reproducing apparatus, a data reproducing method, a data storing apparatus, and a data storing method are provided to protect contents provided by a provider by preventing advanced application from accessing the directories of other providers. A provider directory for a content provider of a recording medium in a persistent storage is identified by using provider identifying information(S110). The content directories under the provider directory are accessed by an application recorded in the recording medium(S120). Data in the persistent storage is read out(S130). The read data is reproduced according to the execution of the application(S140). The content directories are identified by the content identification information in the application.

Description

RECORDING MEDIUM, APPARATUS FOR REPRODUCING DATA, METHOD THEREOF, APPARATUS FOR STORING DATA AND METHOD THEREOF}

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to reproduction of a recording medium using persistent storage, and more particularly to a recording medium, a data reproducing apparatus, a data reproducing method, a data storage device, and a data storing method.

In general, optical discs capable of recording large amounts of data as recording media are widely used. In recent years, new high-density recording media such as Blu-ray discs (hereinafter referred to as BD) or HD-DVD have been developed, allowing long time storage of high quality video data and high quality audio data.

The development of the high density recording medium enables networking with the outside of the recording medium, and also enables the integrated reproduction function between the data stored on the recording medium and the data stored outside the recording medium. And this development allows for data with interactivity with a user that significantly surpasses conventional recording media.

In recent years, much effort has been invested in developing an optical recording / reproducing apparatus capable of reproducing data in a high density recording medium and data existing outside the recording medium.

However, a high density medium standard has not yet been completed which defines the connection between the optical recording / reproducing apparatus and its peripherals and the persistent storage for storing the data associated with the high density recording medium. It has caused a lot of difficulties in developing a playback device.

Further, there is no known method for protecting the contents of the high density recording medium and the data provided outside the recording medium in association with such content.

In addition, a preferred method of protecting a user's optical recording / reproducing apparatus for storing externally downloaded data is not known yet.

Therefore, there are many limitations in developing a large capacity optical recording / reproducing apparatus based on a high density recording medium.

Additional advantages, objects and features of the invention will be set forth in part in the description which follows, or will be appreciated by the implementation of the invention. The above objects and other advantages of the present invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.

In order to achieve these objects and other advantages, as described below and broadly described, a recording medium according to the present invention comprises a configuration file comprising provider identification information and content identification information, and data associated with the recording medium. Includes an application accessible to the persistent storage stored therein, wherein the provider identification information is used to identify a provider directory for a content provider of the recording medium, and the content identification information is stored in the recording medium under the provider directory in the persistent storage. Used to identify a content directory for the application, and wherein the application is accessible to one or more content directories under the provider directory.

 The recording medium further comprises a certificate used for authentication of the data in the persistent storage.

The recording medium further comprises a certificate used for authentication of the application in the persistent storage.

The provider identification information identifies the content provider of the recording medium.

The content identification information identifies the content of the recording medium.

In another aspect of the present invention, a data reproducing method uses provider identification information in a configuration file of a recording medium to identify a provider directory for a content provider of the recording medium in persistent storage, and wherein the application is recorded by the application recorded in the recording medium. Accessing one or more content directories under a provider directory, reading data in the persistent storage, and playing the read data in accordance with the execution of the application.

The content directories accessed by the application include content directories for other recording media of the content provider. The content directories are identified by content identification information in the application.

Verifying whether the data in the persistent storage has been electronically signed by a trusted authority.

If the read data is electronically signed by the trusted authority, the read data is played back in Full-TrustedMode, and the read data is not electronically signed by the trusted authority. In this case, the read data is reproduced in a restricted mode.

The playback method further comprises verifying whether the application is electronically signed by a trusted authority, and if the application is not electronically signed by a trusted authority, the execution of the application is Is stopped.

In another aspect of the present invention, a data reproducing apparatus includes a persistent storage for storing data associated with a recording medium, a reading portion for reading the data associated with the recording medium in the persistent storage, and a configuration file of the recording medium. Provider identification information is used to identify a provider directory for a content provider of the recording medium, to access one or more content directories under the provider directory by an application in the recording medium, and to access the recording medium upon execution of the application. And a controller for reading out and playing back the associated data.

The persistent storage includes a content directory according to content identification information in the configuration file of the recording medium under the provider directory.

The content directories accessed by the application include content directories of other recording media of the content provider.

The content directories accessed by the application are identified by the content identification information in the application.

The playback device further comprises an authentication unit for verifying whether the data stored in the persistent storage has been electronically signed by a trusted authority.

If the read data is electronically signed by the trusted authority, the controller controls the read data to be played back in Full-TrustedMode, and the read data is sent to the trusted authority. If not digitally signed by the controller, the controller controls the read data to be reproduced in a restricted mode.

The authenticator verifies whether the application is electronically signed by a trusted authority.

If the application is not electronically signed by a trusted authority, the controller stops running the application.

In another aspect of the present invention, a method for storing data in persistent storage comprises creating a provider directory in accordance with provider identification information of a recording medium in persistent storage, and including content identification information in a configuration file of the recording medium under the provider directory. Creating a content directory, and storing data associated with the recording medium in the content directory.

The provider directory is created by the player.

The content directory is created by an application accessible to the provider directory.

In another aspect of the invention, an apparatus for storing data in persistent storage creates a recorder for storing data associated with a recording medium in persistent storage and a provider directory in accordance with provider identification information of the recording medium in persistent storage, the provider directory And a controller for generating a content directory according to the content identification information in the configuration file of the recording medium below, and controlling the recording unit to store data associated with the recording medium in the content directory.

The controller creates the content directory using an application accessible to the provider directory.

The apparatus for storing data in the persistent storage further comprises an authentication unit for verifying whether the data associated with the recording medium has been electronically signed by a trusted authority.

The apparatus for storing data in the persistent storage further comprises an authenticator for verifying whether the application is electronically signed by a trusted authority.

It is to be understood that the foregoing general description and the following detailed description of the invention are exemplary and explanatory, and are intended to provide an in-depth description of the invention of the claims.

1 is a diagram showing an example for explaining the combined use between an optical recording / reproducing apparatus and peripheral devices.

2 is a block diagram of an optical recording / reproducing apparatus according to the present invention.

3 is a diagram of an overall system model for the content of the present invention.

4 is a structural diagram illustrating a directory of persistent storage according to an embodiment of the present invention.

5 is a structural diagram for conceptual understanding of the persistent storage protection according to the present invention.

6 is a diagram for conceptual understanding of digital signature generation.

7 is a diagram for conceptual understanding of authentication through verification of a digital signature.

8 is a diagram of a certificate chain used for authentication in accordance with the present invention.

9 is a flowchart of a data reproducing method according to the first embodiment of the present invention.

10 is a flowchart of a data reproducing method according to the second embodiment of the present invention.

Additional advantages, objects and features of the invention will be set forth in part in the description which follows, or will be appreciated by the implementation of the invention. The above objects and other advantages of the present invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.

Reference will now be made in detail to the preferred embodiments of the present invention, examples of which are illustrated in the accompanying drawings. Wherever possible, the same reference numbers will be used throughout the drawings to refer to the same or similar parts.

First, for convenience of description, an optical disc, in particular 'HD-DVD', is used as an example of a recording medium. However, it is apparent that the technical idea of the present invention can be equally applied to other recording media.

In the present invention, 'persistent storage' is a kind of storage device provided or connected to the optical recording / reproducing device shown in FIG. 1 and means a storage device in which data having persistence is stored.

Such persistent storage can be classified into two categories.

The first category includes 'required persistent storage' such as flash memory provided in the optical recording / reproducing apparatus.

The second category includes 'additional persistent storage' that is connectable to or removable from an optical recording / playback device such as a USB memory, HDD memory, or memory card.

The persistent storage is utilized as a means for storing data related to the recording medium. In addition, data stored in the persistent storage is generally downloaded from an external source. In this regard, it is also possible to read data directly from the record carrier and store it in the persistent storage.

For convenience of description of the present invention, data recorded in the recording medium is called original data, and data related to the recording medium among the data stored in the permanent storage device is referred to as 'additional data'. Let's name it.

FIG. 1 is an exemplary diagram for explaining the integrated use between the optical recording / reproducing apparatus 10 and peripheral devices, and is a diagram for aiding in a conceptual understanding of the present invention.

Referring to FIG. 1, the 'optical recording / reproducing apparatus' 10 according to the present invention enables recording or reproducing of an optical disc conforming to various standards. In addition, the optical recording / reproducing apparatus 10 may be designed for recording / reproducing an optical disc (for example, HD-DVD) according to a specific standard. It is obvious that the optical recording / reproducing apparatus 10 includes a 'drive' that can be embedded in a computer or the like.

The optical recording / reproducing apparatus 10 according to the present invention receives a recording / reproducing function of the optical disc 30 and an external input signal, and processes the received signal, and thus corresponds to a user through another external display device. It has the ability to deliver images. At this time, the external input signal is not limited. Accordingly, representative signals among the external input signals include a digital multimedia broadcast (DMB) signal and an internet signal. An easy-access medium is the Internet, and in the case of the Internet, which is an available medium, specific data on the Internet may be downloaded to be utilized through the optical recording / reproducing apparatus 10.

2 is a block diagram of an optical recording / reproducing apparatus 10 according to the present invention.

2, an optical recording / reproducing apparatus according to the present invention includes a pickup for reproducing original data, a servo 14 for controlling the operation of the pickup 11, and a reception from the pickup. A signal processor 13 for restoring the reproduced reproduction signal to a specific signal value, modulating the signal to be recorded into a recordable signal on the optical disc, and transmitting the modulated signal, and a microcontroller for controlling the overall operations. It includes a processor 16.

The controller 12 controls to store the additional data downloaded outside the optical disc and stored in the persistent storage 15 according to a user command. The controller 12 controls and manages the persistent storage 15 and an application that accesses the persistent storage 15.

In the present invention, an application includes a program designed to perform a specific function directly to a user or another application as a kind of execution unit. The application officially requests one function from another program or communicates with another program using an application programming interface (API). The application may reside in a recording medium or persistent storage.

In the present invention, the controller 12 includes an authentication unit for authenticating an application to be executed and executing an authenticated application. In addition, the controller 12 may control access of an application distributed by an unauthenticated entity to the persistent storage 15 through the authentication. Thus, the controller 12 may protect the persistent storage 15 and the data stored therein.

The authentication unit authenticates the recording medium loaded in the optical recording / reproducing apparatus 10. If the authentication of the recording medium is successful, the controller 12 controls the recording medium to be reproduced in full trust mode (FullTrustMode). The full-trust mode will be described later with reference to FIG.

If authentication of the recording medium fails, the controller 12 controls the recording medium to be reproduced in a restricted mode. The limited mode will be described later with reference to FIG. 7. In the restricted mode, the controller 12 may suspend execution of an application that performs an advanced function, such as networking. At this time, data related to the recording medium cannot be downloaded from an external server.

In addition, the controller 12 may restrict access to the persistent storage of an application that plays back the recording medium for the unreliable playback of the recording medium due to the authentication failure.

In addition, the controller 12 creates a provider directory and a content directory in the persistent storage 15 using a configuration file stored on the optical disc 30. The name of the provider directory may be provider identification information written in the configuration file of the optical disc 30. In addition, the name of the content directory may be content identification information written in the configuration file of the optical disc 30.

Finally, the AV decoder 17 decodes the output data under the control of the controller 12 and then provides the decoded data to the user.

In order to record a signal on the optical disc, the AV encoder 18, under the control of the controller 12, converts an input signal into an input signal of a specific format, for example an MPEG2 transport stream, and then the converted signal. To the signal processor 13.

In the present invention, the content constituting the title means data provided by a disc author or a content provider. In the present invention, the content is classified into 'standard contents' and 'advanced contents'. The standard content is an extension of the content defined in the existing recording media standard for high resolution video, high quality audio, and new functions. The advanced content implements much more interactivity in addition to the extension of audio and video realized by the standard content.

The recording medium according to the present invention may include 'standard content' and / or 'advanced content'. However, since the object of the present invention is to solve the problem occurring in reproducing the 'advanced content', the 'advanced content' is included in the recording medium according to the present invention.

The 'Advanced Content' may include 'Playlist', 'Primary Video Set', 'Secondary Video Set', 'Advanced Application' And 'Advanced Subtitle'.

The 'playlist' gives presentation information between presentation objects such as 'secondary video set', 'advanced application', and 'advanced subtitle'. For example, in order to play a 'primary video set', the optical recording / reproducing apparatus may use an appropriate 'primary enhanced video object' using the information (eg, URI) described in the 'playlist'. Approach In particular, the optical recording / reproducing apparatus interprets the playlist in order to reproduce the 'advanced content'.

3 is a diagram of an overall system model for the content of the present invention. In Fig. 3, the optical recording / reproducing apparatus shown in Fig. 2 is depicted in terms of 'advanced content'.

Referring to FIG. 3, the data source of 'advanced content' may be a recording medium, a network server, or persistent storage 15. In particular, in the present invention, in particular, the 'advanced content' of the present invention includes persistent storage 15 as a data source.

A data source is an object accessed by an application to perform a specific function. The data in the data source becomes resources that constitute 'advanced content'. In addition, the presentation of the 'advanced data' is performed by the representation of the resources.

Data exchanges between the data sources and internal modules of the optical recording / reproducing apparatus are controlled by the data access manager 310.

The optical recording / reproducing apparatus of the present invention, the data access manager 310 includes a persistent storage manager (310a). The persistent storage manager 310a controls data exchange between the persistent storage 15 and the internal modules of the optical recording / reproducing apparatus 10. The persistent storage manager 310a has a role of providing a file access API set for the persistent storage 15. The persistent storage 15 may support file read and write functions.

The data access manager 310 may include a network manager 310b. The network manager 310b controls data exchange between the network server and the internal modules of the optical recording / reproducing apparatus 10. The network manager 310b controls data exchange between the network server and the internal modules of the tube recording / reproducing apparatus 10. The network manager 310b serves to provide a file access API set for the network server. The network server generally supports file download and may also support file upload.

The navigation manager 330 calls a file download / upload between the network server and the data cache 320 according to an advanced application. In addition, the navigation manager 330 controls user interface devices including a remote controller, a front panel of the optical recording / reproducing apparatus, a mouse, a game pad, and the like. In addition, the navigation manager 330 processes the events received from the user interface devices.

Meanwhile, the network manager 320b provides a protocol level access function to the presentation engine 340. The presentation engine 340 decodes the presentation data and then outputs the decoded data to the AV renderer 350 in response to control commands from the navigation manager 330.

The AV renderer 350 combines the graphic planes coming from the presentation engine 340 and the navigation manager 330 to output a combined video signal. The AV renderer 350 outputs a mixed audio signal by mixing pulse code modulation (PCM) streams provided from the presentation engine 340.

Moreover, the data access manager 310 includes a disk manager 310c. The disc manager 310c controls data read from the recording medium to internal modules of the optical recording / reproducing apparatus 10 and provides a file access API set for the recording medium.

Meanwhile, the advanced application is defined as a set of resources selected from a series of content formats. Each advanced application includes one set of content files, one set of timing content files, one set of behavioral (script) content files, one set of image resources, And elements extracted from a set of audio resources.

The components are organized into one advanced application by one manifest file. The resources of one advanced application form a directed graph. At this point, the directed graph originates in the resource referenced in the manifest file of the advanced application.

The interpretation of the advanced application is handled by the presentation engine 340 in the optical recording / reproducing apparatus 10. The advanced application can be expressed in terms of controlled placement of graphics on the graphics or subpicture plane synchronized to media played on the main video plane and the sub video plane.

The advanced application enables interaction between the user and video playback via other optional devices besides the remote controller.

In the present invention, the advanced application identifies the persistent storages to each other and accesses the persistent storage. The advanced application may read / write / create / delete files and directories on the persistent storage using file I / O APIs.

The advanced application then manages network functions in the optical recording / reproducing apparatus such as an operation of receiving additional data downloaded from the outside of the recording medium.

Hereinafter, the original data and the additional data will be described in detail.

For example, if a multiplexed AV stream for a particular title is recorded with the original data recorded in the optical disc and an audio stream (eg, English) different from the audio stream (eg, Korean) of the original data is Consider the case where it is provided as additional data on the Internet. In this case, a request to download the audio stream (e.g. English) as additional data on the Internet to be reproduced together with the AV stream of the original data, or the audio stream (e.g. Request to download English) can be customized. In order to enable such requests, there is a need to define an association between the original data and the additional data, and a systematic method of managing / reproducing the data according to a user's request is required.

For convenience of the above description, the signal recorded in the disk is called original data, and the signal existing outside the disk is called additional data. This is identified depending on how each data is obtained but does not limit or limit the original or additional data to any particular data.

Thus, any attribute data that is external to the optical disc and associated with the original data can be localized data.

It is an object of the present invention to associate additional data with original data to reproduce said additional data in persistent storage. For this purpose, a file structure is required that is associated between the recording medium storing the original data and the persistent storage storing the additional data.

Accordingly, the present invention provides a file structure of persistent storage that can reproduce additional data together with specific data of a recording medium.

4 is a structural diagram illustrating a directory of persistent storage according to an embodiment of the present invention.

Referring to Figure 4, the persistent storage of the present invention has an independent area for storing data provided by each content provider. For each content provider, persistent storage includes a 'Provider ID directory' (hereinafter referred to as a provider directory). Each provider directory exists under the 'HD-DVD' directory, and the 'HD-DVD' directory exists under the root directory.

The provider directory preferably has a name in the format of a GUID (globally unique id) or UUID (universally unique id)).

Each recording medium according to the present invention has provider identification information (hereinafter referred to as 'Provider ID') for identifying the content provider.

The 'Provider ID' is stored in a configuration file on a recording medium of the present invention. That is, the 'Provider ID' on the persistent storage is provided to the optical recording / reproducing apparatus 10 when the advanced content starts to be reproduced.

When the advanced application attempts to access the persistent storage, if there is no 'HD-DVD' directory in the persistent storage, the optical recording / reproducing apparatus 10 creates the 'HD-DVD' directory. The optical recording / reproducing apparatus also creates a provider directory if there is no provider directory. The name of this provider directory is used as a 'Provider ID' stored in the configuration file of the recording medium loaded in the optical recording / reproducing apparatus 10. FIG.

The configuration file is used to identify the area allocated to the disk in persistent storage. In the present invention, the configuration file includes a 'Provider ID' of the content provider who provided the recording medium content and a 'Content ID' of the content. In addition, a 'Disc ID' of the recording medium may be included in the configuration file. The 'Disc ID' may be used for authentication of a recording medium through a network.

An 'Advanced Application' may access an area of a content provider that provided the 'Advanced Application'. However, it cannot access the area of other content providers. That is, when the 'Advanced Application' is provided by the content provider with the 'Provider ID' of '1', the 'Advanced Application' can access the 'Provider_id = 1' directory. , 'Provider_id = 2' cannot be accessed. However, the persistent storage of the present invention may have a common directory, and the common directory may be accessed by an 'advanced application' regardless of a content provider.

In addition, the persistent storage 15 of the present invention includes a 'Content ID' directory (hereinafter, referred to as a content directory). The 'Content ID' directory stores data for each record carrier content. The 'Content ID' of the 'Content ID' directory is used to identify the record carrier content.

An 'Advanced Application' may use one or more 'Content IDs' for each recording medium content of a content provider that provided the 'Advanced Application'. For each recording medium content, the " Advanced Application " can access one or more areas for storing data in persistent storage. The areas are each identified by 'Content IDs'.

In contrast, in the present invention, each recording medium has one 'Content ID' for identifying the recording medium content in a configuration file. The 'Content ID' is written to the configuration file of the recording medium.

When the optical recording / reproducing apparatus wants to use a 'Playlist' file stored in the persistent storage, the optical recording / reproducing apparatus uses the 'Content ID' in the configuration file to play the 'Playlist'. 'You can find the file.

The 'Playlist' file is stored under the content directory. When advanced content is started, if the optical record / playback device 10 tries to use the 'Playlist' file stored in the persistent storage 15, the optical record / playback device 10 is a URI. Search for the 'Playlist' file using. In this case, the URI includes the 'Provider ID' and the 'Content ID' written in the configuration file of the recording medium.

The content directory is created by 'Advanced Applications' rather than the optical recording / reproducing apparatus 10. An 'Advanced Application' can access one or more content directories existing under its 'Provider ID' directory. The content directory is used to divide the units that are displayed to the user.

The persistent storage of the present invention has a 'Device ID' given to each persistent storage by the optical recording / reproducing apparatus, and the persistent storage can be identified by the 'Device ID'.

The persistent storage of the present invention may include a device information file, a provider information file, and a content information file.

The device information file resides under the 'HD-DVD' directory and contains a description of the persistent storage.

The provider information file resides under the provider directory. Depending on the number of provider directories, it is possible for multiple provider information files to exist in one persistent storage. 'Advanced Application' can access its own provider directory and not other provider directories.

The content information file exists under the content directory, and a plurality of content information files may exist in one persistent storage.

The optical recording / reproducing apparatus of the present invention can access each persistent storage, delete files / directories, and obtain specific values from the above-described information files. Furthermore, the optical recording / reproducing apparatus of the present invention can copy files / directories in one persistent storage to another persistent storage.

According to the persistent storage architecture according to the present invention, all persistent storage regions can be identified by a script of logical addresses (e.g. Uniform Resource Identifiers). The logical address represents a file stored in persistent storage. The type of persistent storage (whether 'required' or 'additional'), 'Provider ID', 'Content ID', file name, etc. may be an element constituting the logical address.

'Content ID' of the logical address is specified by 'Advanced Application', and is not limited to 'Content ID' written in the configuration file of the recording medium to be reproduced.

By using the file I / O API with the logical address, an 'Advanced Application' can access one or more content directories in its provider directory or common directory area. The 'Advanced Application' can access not only the content directory for the recording medium to be reproduced, but also the content directory for another recording medium of its own content provider.

Thus, the recording media of one content provider can share data under its own provider directory. With the execution of the 'Advanced Application', it becomes possible to reproduce data stored in the persistent storage in association with the recording medium.

The optical recording / reproducing apparatus of the present invention provides a user with a method of managing directories stored in persistent storage, which is achieved through a persistent storage management menu.

In the persistent storage management menu, the access unit of the application is not a file unit but a provider directory or a content directory unit.

In the persistent storage management menu, the optical recording / reproducing apparatus may provide information on the available persistent storage, for example, a device name, a slot name, a used size, and an available capacity. size) etc. to the user.

5 is a structural diagram for conceptual understanding of the persistent storage protection according to the present invention.

Referring to FIG. 5, the necessity of content protection is increasing with the provision of high capacity / high definition / high quality data. Therefore, a protection scheme for persistent storage storing such data is also required.

According to the above-described present invention, when the areas of the persistent storage are divided according to the content provider and the recording medium content, it is possible to restrict the access of the other provider directories of the 'advanced application' to the persistent storage and the persistent storage. It has the effect of protecting the stored data.

Furthermore, the present invention seeks to provide a method of more securely protecting content and persistent storage.

In this regard, the present invention provides a method of protecting content and persistent storage of a content provider by authenticating the data prior to playback of data stored in persistent storage. The data of the persistent storage is reproduced in addition to, replacing or associated with the content data of the loaded recording medium.

In the recording medium of the present invention, one or more certificates are recorded in addition to the configuration file in which the 'Provider ID' and the 'Content ID' are stored. The certificate may be used to authenticate data stored in a particular area of persistent storage identified by the 'Provider ID' and the 'Content ID'.

For authentication of the present invention, a trusted authority may digitally sign the data provided and provide the signed data to the user in order to ensure the authenticity of the data provided by the trusted authority. The signed data includes the digital signature of the authority. The digital signature is used to confirm that the data was provided by a true entity. It is also used to determine if data has been tampered with or forged in the course of providing the data.

Only the entity with the secret key can sign it, and must be able to prove that the signing entity is itself, and the signed data is not changed.

6 is a diagram for explaining a conceptual understanding of digital signature generation.

Referring to FIG. 6, the content provider applies the provided content to the digest algorithm 6010. The content digest 6011 is calculated through the digest algorithm.

Applying the content digest 6011 to a signature algorithm 6012 generates an electronic signature. The signature algorithm 6012 uses a private key 6013 of a content provider that provides the content. The generated digital signature is provided to the optical recording / reproducing apparatus 10 together with the content.

In this regard, a private key refers to a key that is not public among asymmetric key pairs of entities used in a public key cryptosystem. In some cases, this may mean a key used in symmetric key encryption. A key corresponding to the private key is called a public key, and a public key means a key that is public among asymmetric key pairs of an entity used in a public key cryptosystem. The public key is also used to determine the authenticity of the signature in the signature system and is also referred to as a verification key.

7 is a diagram for conceptual understanding of authentication through verification of a digital signature.

Referring to FIG. 7, the optical recording / reproducing apparatus 10 of the present invention may recover the digest 6018 through the signature algorithm 6016 using the public key 6017 in the received electronic signature. The public key 6017 is a key corresponding to the private key 6013 used for generating the electronic signature.

Because the digital signature is an encryption algorithm, information encrypted with the private key 6013 may be restored using the public key 1017 corresponding to the private key. In other words, if there is no public key 6017 corresponding to the private key 6013 used to generate the digital signature, the digital signature cannot be restored to the digest 6018. In this case it cannot be authenticated that the provided content is provided by a legitimate content provider. The public key 6017 may be included in a certificate and provided to the optical recording / reproducing apparatus 10 through a recording medium or a network.

In addition, the optical recording / reproducing apparatus 10 applies the digest algorithm 6014 to the content to be authenticated to calculate the digest 6015. The digest algorithm 6014 is a digest algorithm used in the generation of the digital signature. The calculated digest 6015 is compared with the digest 6018 generated by recovering the digital signature. If the digests compared are not the same, verification of the digital signature will fail.

8 is a diagram of a certificate chain used for authentication in accordance with the present invention.

The entity that signed the content may issue a certificate that guarantees the authenticity of the subject. In addition, the subject may be certified to a certificate authority (CA), in which case the certificate authority issues a certificate including the digital signature of the certificate authority. The certification body may be guaranteed in the same way by other certification bodies. Therefore, the assurance on a certain subject forms a chain, which is called an authentication chain.

Referring to FIG. 8, a trusted root certificate authority may vouch for certificate authorities 1102 and 1103. The guaranteed certification body may be an Advanced Access Content System (AACS) or a Content Protection System (CPS). In some cases, the AACS or CPS may itself be a root authority.

The AACS, CPS, or other certification authority may independently endorse 1102a, 1102b, 1102c such infrastructures as an optical recorder, content provider, or the like. This step-by-step guarantee creates an authentication chain.

In the certification chain, there is no higher certification body that can guarantee a reliable certification body. In this case, the trusted certification body guarantees itself (1101), which is the root certification. 1101).

The Certificate Authorities provide a certificate that includes the digital signature of each Certificate Authority for the assurance results of itself or infrastructures. A certificate provided by a certification authority at the bottom of a certificate chain is called a leaf certificate, and a certificate provided by a certification authority at the top of a certificate chain is called a root certificate. As described with reference to FIG. 7, the certificates ensure the reliability of the public key for restoring the digital signature during the verification of the digital signature.

In some cases, the certification authorities may create a Certificate Revocation List (CRL). In this case, the content provider and the user may download the authentication revocation list and check whether the certificate to be used for authentication has been revoked before authenticating with the certificate. If the certificate to be used for authentication is revoked, the certificate is not established. If the certificate is not revoked, the certificate is established as long as other certification requirements are satisfied.

In this regard, a trusted root certificate provided by a trusted certification authority is stored in the form of a file in a specific area of the recording medium and provided to the user or downloaded from an external recording medium. It may be provided at (10).

In the verification of the electronic signature of the present invention, each chain of the authentication chain must also be verified. The verification of the authentication chain is performed up to the root certificate. If the verification of intermediate certificates leading to the root certificate and the root certificate is successful, authentication of the data to be authenticated can be established. On the contrary, if verification of the certificate in the authentication chain fails while reaching the root certificate, verification of the digital signature fails. As a result, in this case, since the data subject to authentication cannot be said to be data by a true subject, authentication is not established.

In this regard, the certificates of the authentication chain may be recorded in the recording medium and provided to the user, or may be downloaded to the user from outside the recording medium. The certificate may include a version, a serial number, a signature algorithm, an issuer, an expiry date, a subject, a public key, and the like. have.

'Advanced content' provides a rich and powerful platform for building interactive applications that include persistent storage and networking capabilities. In order to ensure that the platform is not abused by malicious subjects, the optical recording / reproducing apparatus of the present invention provides access to certain 'advanced functionality' when playing untrusted content. You can limit The related form of abuse may be privacy-related abuse by malicious subjects such as attacks on optical record / playback devices or users. Persistent storage can be worn by this abuse or user. Thus, the optical recording / reproducing apparatus according to the present invention can operate in a function-reducing mode called RestrictedMode. In this limited mode, the 'advanced applications' of the present invention are controlled to access only a limited set of functions. What functionality is limited is a matter of implementation of the optical recording / reproducing apparatus.

For example, the recording medium of the present invention can download an alternate 'playlist' to the persistent storage, and the optical recording / reproducing apparatus can read the 'playlist' from the persistent storage rather than from the recording medium. Can be loaded. In this case, the optical recording / reproducing apparatus verifies the 'playlist' in such a way that the 'playlist' has been signed by a true subject. If the 'playlist' is not signed or the authentication subject fails because the signed subject is not a true subject, the optical recording / reproducing apparatus stops loading the 'playlist' to protect the recording medium contents. You can do it.

If an operation that is not permitted in the restricted mode is detected, the optical recording / reproducing apparatus of the present invention may stop the 'Advanced Application' currently running. In this case, the optical recording / reproducing apparatus may inform the user that the data being reproduced by the user is invalid. In some cases, reproduction of the entire recording medium may be stopped.

The optical recording / reproducing apparatus of the present invention operates in a full mode (FullTrustMode) when the data is authenticated, that is, when the data is found to be signed by a true subject. In the full mode, all functions provided by the optical recording / reproducing apparatus may be performed.

Preferably, the data is authenticated before the reproduction of the data starts. This is because the start mode for the optical recording / reproducing apparatus should be determined at the start time of the reproduction of the recording medium. The optical recording / reproducing apparatus of the present invention cannot simultaneously execute applications on the same recording medium in full-mode and limited mode, and once the mode is determined at the start of playback, all the applications are in the same mode during playback of the recording medium. Will be executed.

The loaded recording medium is also preferably authenticated at the start of playback. The control unit 12 of the optical recording / reproducing apparatus 10 can control the authenticating unit to verify that the data has been provided by the true content provider and has not been tampered with before the reproduction of the data in the loaded recording medium.

The controller may allow the data to be reproduced in the limited mode when the authentication of the recording medium is successful. In this case, functions such as networking with an external server, access to an application's persistent storage, etc. may be limited depending on the optical recording / reproducing apparatus.

If the optical recording / reproducing device is an application that is allowed to run even if it is in full-mode or restricted mode, the application can access persistent storage. At this time, if the application itself is distributed or damaged by a malicious subject, there is a concern that the persistent storage and the content may be abused.

Accordingly, the present invention provides a method of protecting persistent storage and content through authentication of an application using persistent storage as a resource. A certificate is used for authentication of the application, and the certificate may be provided to a user through a recording medium or a network. Generation of the digital signature for the application and the verification thereof are as described above with reference to FIGS. 6 to 8.

The optical recording / reproducing apparatus of the present invention authenticates an application accessing persistent storage. This application authentication process consists of the optical recording / reproducing apparatus verifying whether the application is electronically signed by a trusted subject.

If the application is verified to have been signed by such a trusted subject, the optical recording / reproducing device can treat it as a trusted application and continue execution of the application. In addition, the application may be allowed to access the provider directory. However, if the application is not verified to be signed, the optical recording / reproducing device sees the content as unreliable and halts execution of the application.

9 is a flowchart of a data reproducing method according to the first embodiment of the present invention.

Referring to FIG. 9, a recording medium according to the present invention may download data related to the recording medium from a network and store the data in persistent storage. When the recording medium (disc) is loaded, a 'Provider ID' is provided to the optical recording / reproducing apparatus at the start of reproduction of the recording medium.

The optical recording / reproducing apparatus generates a provider directory corresponding to the provider ID in the persistent storage. If there is no content directory corresponding to 'Content ID' stored in the recording medium, the 'Advanced Application' creates a content directory. The downloaded data is stored in areas corresponding to the 'Provider ID' and the 'Content ID' in the configuration file.

The optical recording / reproducing apparatus of the present invention identifies the provider directory in which data to be reproduced exists. (S110). The optical recording / reproducing apparatus then accesses one or more content directories under the provider directory using URIs specified by advanced applications (S120).

The URIs indicate where the data to be played is present. The URIs may include content IDs of a disc different from the content ID in the configuration file of the loaded disc. The content provider according to the present invention may configure advanced applications including other data related discs and record URIs describing where the data exists.

Thus, the advanced applications can access not only the content directory of the loaded disc, but also other content directories under the provider directory of their content directory.

Thus, the content provider can share data on its own disks. Content directories accessed by the applications are identified by Content IDs (including Content ID in the configuration file of the loaded disk).

The advanced applications according to the present invention do not have access to provider directories of other content providers. Thus, the present invention can protect content provided by a content provider from being used by other entities.

The optical recording / reproducing apparatus reads data under one or more accessed content directories in the persistent storage (S130). The optical recording / reproducing apparatus reproduces the data (S140). The content directories include a content directory assigned to a disk different from the content directory assigned to the loaded disk.

10 is a flowchart of a data reproducing method according to the second embodiment of the present invention.

Referring to FIG. 10, when a recording medium (disc) is loaded, the optical recording / reproducing apparatus can perform networking with an external source and also download the loaded disc-related data from the external source to persistent storage. .

At the start of reproduction of advanced content in the disc, the provider ID written in the configuration file of the disc is provided to the optical recording / reproducing apparatus. The downloaded data is stored in a specific area of the persistent storage. The specific area includes a 'Provider ID' and a 'Content ID' written in the configuration file.

The optical recording / reproducing apparatus accesses the persistent storage (S210). The areas to be accessed in the persistent storage are identified by the 'Provider ID' and the 'Content IDs' of the URIs.

In order to protect the content of the loaded disc and the persistent storage, the data stored in the persistent storage is authenticated prior to playback. (S220). The authentication may be performed by a method for checking whether a trusted subject has electronically signed data in the persistent storage. That is, the optical recording / reproducing apparatus verifies whether the data in the persistent storage has been electronically signed by a subject authorized by a trusted authority.

The authentication uses a certificate that certifies that the subject is a trusted subject. The certificate may comprise a certificate chain, in which case each chain of the certificate chain must be verified up to the provider's root CA. If the process of reaching the root authority is deemed reliable, the authentication of the data is successful, and if any chain fails verification, the authentication of the data is returned to failure.

According to whether the data is successfully authenticated (S230), the optical recording / reproducing apparatus of the present invention operates in a full mode or a limited mode (S240, S250). That is, when the authentication of the data is successful, the optical recording / reproducing apparatus operates in the full-mode (S240), and conversely, when the authentication returns to failure, the optical recording / reproducing apparatus operates in the limited mode (S250).

When the optical recording / reproducing apparatus is in the full mode (S240), all functions provided by the optical recording / reproducing apparatus can be executed. That is, in principle, all applications of the loaded recording medium or the optical recording / reproducing apparatus can freely access the reproduction resources. Therefore, among the applications of the loaded recording medium, the application including the persistent storage as a resource can access the area of the persistent storage allocated to the recording medium.

The optical recording / reproducing apparatus of the present invention authenticates the application for stronger persistent storage and protection of contents (S260). The application of the present invention may be provided to the user after being electronically signed by the content provider. The optical recording / reproducing device authenticates the application as a way to verify that the signature is properly signed by a true content provider.

The optical recording / reproducing apparatus determines whether to execute the application according to whether the authentication is successful (S270).

That is, when the application is signed by a trusted certificate authority and all the authentication chains up to the root certificate authority are verified, the optical recording / reproducing apparatus, upon executing the application, stores the data in the persistent storage. Playback is performed together with the recording medium.

On the other hand, when it is determined that the application is not a signed application or the signature is not reliable, the optical recording / reproducing apparatus stops executing the application (S280). In this case, the optical recording / reproducing apparatus can provide the user with information that the application is not valid, and in some cases, it is possible to stop the entire reproduction of the recording medium.

When the optical recording / reproducing apparatus is in the restricted mode, when an unauthorized action is detected in the restricted mode, the optical recording / reproducing apparatus stops the currently running application. In the present invention, for stronger protection of persistent storage and content, execution can continue after authentication is performed for an application that is allowed to operate in restricted mode. The authentication is the same as the above-described full-mode processing of the authentication process of the application and whether the authentication succeeds.

Accordingly, the present invention provides the following effects or advantages.

First, as the data stored in the recording medium can be reproduced using the storage, various contents can be implemented.

In addition, it is possible to protect the content provided by the content provider and the user's optical recording / reproducing apparatus. Therefore, it is possible to provide a safe content to the content provider, and to provide a more convenient function by allowing the user to play the content with confidence.

It will be apparent to those skilled in the art that various changes and modifications can be made in the present invention without departing from the spirit or scope of the invention. As such, if the variations or modifications of the present invention fall within the scope of the appended claims and their equivalents, the present invention is intended to include such variations or modifications.

The above-described preferred embodiments of the present invention are disclosed for purposes of illustration, and those skilled in the art can improve, change, and substitute various other embodiments within the technical spirit and scope of the present invention disclosed in the appended claims below. Or addition may be possible.

It will be apparent to those skilled in the art that various changes and modifications can be made in the present invention without departing from the spirit or scope of the invention. As such, if the variations or modifications of the present invention fall within the scope of the appended claims and their equivalents, the present invention is intended to include such variations or modifications.

The above-described preferred embodiments of the present invention are disclosed for purposes of illustration, and those skilled in the art can improve, change, and substitute various other embodiments within the technical spirit and scope of the present invention disclosed in the appended claims below. Or addition may be possible.

Claims (25)

A configuration file containing provider identification information and content identification information; Include applications accessible to persistent storage where data associated with the recording medium is stored, The provider identification information is used to identify a provider directory for a content provider of the recording medium, the content identification information is used to identify a content directory for the recording medium under the provider directory in the persistent storage, and An application is accessible to one or more content directories under the provider directory. The method of claim 1, The recording medium further comprising a certificate used for authentication of the data in the persistent storage. The method of claim 1, And the recording medium further comprises a certificate used for authentication of the application in the persistent storage. The method of claim 1, And the provider identification information identifies a content provider of the recording medium. The method of claim 1, And the content identification information identifies content of the recording medium. Identifying a provider directory for a content provider of the recording medium in persistent storage using provider identification information in the configuration file of the recording medium; Accessing one or more content directories under the provider directory by an application recorded in the recording medium; Reading data in the persistent storage and And reproducing the read data according to the execution of the application. The method of claim 6, And wherein said content directories accessed by said application include content directories for other recording media of said content provider and are identified by content identification information in said application. The method of claim 7, wherein Verifying whether the data in the persistent storage has been electronically signed by a trusted authority. The method of claim 8, If the read data is electronically signed by the trusted authority, the read data is played back in Full-TrustedMode, and the read data is not electronically signed by the trusted authority. In this case, the read data is characterized in that the reproduction of the restricted mode (RestrictedMode). The method of claim 7, wherein the regeneration method is Further comprising verifying whether the application is electronically signed by a trusted authority, If the application is not electronically signed by a trusted authority, the execution of the application is suspended. Persistent storage for storing data associated with the recording medium; A reading unit that reads the data associated with the recording medium in the persistent storage; Identify a provider directory for a content provider of the recording medium using provider identification information in a configuration file of the recording medium, access one or more content directories under the provider directory by an application in the recording medium, and And a controller for reading out and playing back said data associated with said recording medium in accordance with execution. The method of claim 11, And the persistent storage comprises a content directory according to content identification information in the configuration file of the recording medium under the provider directory. The method of claim 11, And the content directories accessed by the application include content directories of other recording media of the content provider. The method of claim 11, And the content directories accessed by the application are identified by the content identification information in the application. The method of claim 11, And an authenticator configured to verify whether or not the data stored in the persistent storage is electronically signed by a trusted authority. The method of claim 15, wherein the controller, If the read data is electronically signed by the trusted authority, the read data is controlled to be played in the FullTrustedMode, and the read data is not electronically signed by the trusted authority. Otherwise, the controller controls the read data to be reproduced in a restricted mode. The method of claim 11, And wherein the authentication unit verifies whether the application is electronically signed by a trusted authority. The method of claim 17, And when the application is not electronically signed by a trusted authority, the controller stops the execution of the application. Creating a provider directory according to the provider identification of the recording medium in the persistent storage; Creating a content directory according to content identification information in a configuration file of the recording medium under the provider directory; and Storing data associated with the recording medium in the content directory. The method of claim 19, And wherein said provider directory is created by a player. The method of claim 19, And wherein the content directory is created by an application accessible to the provider directory. A recording unit for storing data associated with the recording medium in persistent storage; Create a provider directory according to the provider identification information of the configuration file of the recording medium in the persistent storage, generate a content directory according to the content identification information in the configuration file of the recording medium under the provider directory, and control the recorder to control the content And a controller for storing data associated with the recording medium in a directory. The method of claim 22, And wherein the controller creates the content directory using an application accessible to the provider directory. The method of claim 22, And an authenticator for verifying whether the data associated with the recording medium has been electronically signed by a trusted authority. The method of claim 22, And an authenticator for verifying whether the application is electronically signed by a trusted authority.

Images