KR20110016038A - Method and apparatus for generating contents by using index - Google Patents

Method and apparatus for generating contents by using index Download PDF

Info

Publication number
KR20110016038A
KR20110016038A KR1020090073528A KR20090073528A KR20110016038A KR 20110016038 A KR20110016038 A KR 20110016038A KR 1020090073528 A KR1020090073528 A KR 1020090073528A KR 20090073528 A KR20090073528 A KR 20090073528A KR 20110016038 A KR20110016038 A KR 20110016038A
Authority
KR
South Korea
Prior art keywords
content
encryption keys
encrypted
different encryption
index
Prior art date
Application number
KR1020090073528A
Other languages
Korean (ko)
Inventor
고재천
Original Assignee
주식회사 셀런
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 셀런 filed Critical 주식회사 셀런
Priority to KR1020090073528A priority Critical patent/KR20110016038A/en
Publication of KR20110016038A publication Critical patent/KR20110016038A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/434Disassembling of a multiplex stream, e.g. demultiplexing audio and video streams, extraction of additional data from a video stream; Remultiplexing of multiplex streams; Extraction or processing of SI; Disassembling of packetised elementary stream
    • H04N21/4341Demultiplexing of audio and video streams

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Tourism & Hospitality (AREA)
  • Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Multimedia (AREA)
  • Bioethics (AREA)
  • Software Systems (AREA)
  • Economics (AREA)
  • Human Resources & Organizations (AREA)
  • Marketing (AREA)
  • Primary Health Care (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

Disclosed are a method and apparatus for generating content by multiplexing a plurality of content units encrypted using a plurality of different encryption keys and an index added according to a sequence of the plurality of content units.

Description

Method and apparatus for generating content using index {Method and apparatus for generating contents by using index}

The present invention relates to a method and apparatus for generating content, and more particularly, to a method and apparatus for generating content including a plurality of content units encrypted using a plurality of different encryption keys.

The transmission and reception of content over a wired or wireless network is exposed to security risks because it is performed between a remote server and a client. There is always a risk of security by devices that are not authorized to send or receive content, such as hacking or eavesdropping. Since the content transmitted and received via wired and wireless networks is easy to copy as digital content, this security risk is more critical to the copyright management of the content.

Content security systems used to address these security risks include a CA (Conditional Access) system and a Digital Right Management (DRM) system. These content security systems are systems that grant or restrict the use of content, and can only decrypt content transmitted by the content server using an encryption key if the client has the right to use the content. The content can be used only when the client is authorized to use the content through payment of the content usage fee, and the like, thereby preventing indiscriminate copying of the digital content.

In broadcasting standards such as digital video broadcasting (DVB), the encryption key is changed at predetermined intervals, the broadcast content is encrypted and transmitted, and information about the changed encryption key is included in an Entitlement Control Message (ECM). Insert periodically in the middle of content. The client receiving the broadcast content interprets the entitlement control message according to the CA (Control Access) system or the Digital Right Management (DRM) system provided in the client, extracts the encryption key that is periodically changed, and broadcasts using the extracted encryption key. Decode and play the content.

SUMMARY OF THE INVENTION The present invention has been made in an effort to provide a method and apparatus for generating content that is not dependent on a specific content security system, and to provide a computer readable recording medium having recorded thereon a program for executing the method.

According to an aspect of the present invention, there is provided a method of generating content including a plurality of content units that are encrypted using a plurality of different encryption keys. Generating different encryption keys; Storing the generated plurality of different encryption keys in a predetermined storage device; Generating a plurality of encrypted content units by encrypting the plurality of content units using the stored plurality of different encryption keys; And generating content by multiplexing the plurality of encrypted content units, wherein the information on the plurality of different encryption keys is processed according to a content security system provided in a client using the content, thereby generating the content. Characterized in that provided.

According to a more preferred embodiment of the present invention, the generating of the plurality of different encryption keys includes an index added according to the order of the plurality of content units and a plurality of different encryption keys corresponding to the indexes. Generating a content; and generating the content by multiplexing the index and the plurality of encrypted content units in the order.

According to another embodiment of the present invention, the content security system is characterized in that it is a Conditional Access (CA) system or a Digital Right Management (DRM) system.

According to another embodiment of the present invention, generating the information on the index and a plurality of different encryption keys corresponding to the index is based on the information on the plurality of different encryption keys corresponding to the index Generating an Entitlement Control Message.

According to another embodiment of the present invention, the generating of the encrypted content includes generating the content by multiplexing the index, the plurality of entitlement control messages, and the plurality of encrypted content units in the order. do.

According to an aspect of the present invention, there is provided a method of decrypting a content including a plurality of content units that are encrypted using a plurality of different encryption keys. Demultiplexing the content generated by multiplexing an index added according to the order of content units according to the order; And decrypting the plurality of encrypted content units based on a plurality of different encryption keys corresponding to the index, wherein information about the plurality of different encryption keys corresponding to the index includes the content. Processed according to the content security system provided in the client, characterized in that provided to the client.

An apparatus for generating a content including a plurality of content units encrypted using a plurality of different encryption keys according to an embodiment of the present invention for solving the technical problem is an index added in the order of the plurality of content units a key generation unit generating a plurality of different encryption keys corresponding to (index); An encryption unit generating the plurality of encrypted content units by encrypting the plurality of content units using a plurality of different encryption keys corresponding to the index; And a multiplexer for multiplexing the index and the plurality of encrypted content units according to the order to generate content, wherein information about a plurality of different encryption keys corresponding to the index is provided to a client using the content. And is processed according to the secured content security system and provided to the client.

An apparatus for decrypting a content including a plurality of content units encrypted using a plurality of different encryption keys according to an embodiment of the present invention for solving the technical problem is a plurality of encrypted content units and the plurality of encrypted A demultiplexer configured to demultiplex content generated by multiplexing an index added according to an order of content units according to the order; And a decryption unit configured to decrypt the plurality of encrypted content units based on a plurality of different encryption keys corresponding to the index, wherein the information on the plurality of different encryption keys corresponding to the index includes the contents of the plurality of the contents of the plurality of encryption units. Processed according to the content security system provided in the client to use, characterized in that provided to the client.

In order to solve the above technical problem, an embodiment of the present invention provides a computer-readable recording medium having recorded thereon a program for executing the content generating method and the content decoding method.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings.

1 illustrates an apparatus for generating content according to an embodiment of the present invention.

1, the content generating apparatus 100 according to an embodiment of the present invention is a key generation unit 110, encryption information storage unit 120, encryption unit 130, multiplexing unit 140, entitlement control Message generation unit 150, the content storage unit 160 and the control unit 170.

The key generation unit 110 generates a plurality of different encryption keys required to encrypt the plurality of content units. The key generation unit 110 generates a plurality of different encryption keys corresponding to the encryption algorithm of the encryption unit 130 under the control of the control unit 170. This will be described in detail with reference to FIG. 2.

2 illustrates a plurality of content units according to an embodiment of the present invention.

As described above, a broadcast standard such as DVB changes an encryption key, that is, a control word (CW) at predetermined intervals, and encrypts content. Accordingly, one content may be divided into a plurality of units according to an encryption period (CP: Crypto Period), and the present specification defines units divided according to the encryption period as content units. The present invention will be described in detail later in the case where the content includes a plurality of content units. However, it can be easily understood by those skilled in the art that embodiments of the present invention can be applied even when a content includes a content unit of one content unit.

Referring to FIG. 2, one content 210 according to an embodiment of the present invention may include a plurality of content units U0 to Un. The content units are classified according to encryption periods CP0 to CPn in which encryption keys are changed. The key generation unit 110 generates a plurality of encryption keys CW1 to CWn for encoding the plurality of content units U0 to Un0, respectively.

The encryption information storage unit 120 stores a plurality of encryption keys CW1 to CWn generated by the key generation unit 110. The encryption information storage unit 120 may generate an index according to the order of the plurality of content units U0 to Un, and store the index in association with the plurality of encryption keys CW1 to CWn.

3 illustrates an index and a plurality of encryption keys corresponding to the index according to an embodiment of the present invention.

Referring to FIG. 3, the encryption information storage unit 120 generates an index in the order of a plurality of content units U0 to Un. The index 'n' for the content unit Un corresponds to the encryption key CWn used to encrypt the content unit U0.

The encryption unit 130 encrypts the plurality of content units U0 to Un using the plurality of encryption keys CW0 to CWn. The plurality of encryption keys CW0 to CWn generated by the key generation unit 110 are received through the control unit 170 to sequentially encrypt the content units. The plurality of content units U0 to Un of the content 210 are encrypted using the plurality of encryption keys CW0 to CWn, respectively, to generate a plurality of encrypted content units CU0 to CUn. There is no restriction on the encryption algorithm used for the encryption of the content unit, and various encryption algorithms such as Common Scrambling Algorithm (CSA), Advanced Encryption Standard (AES), Triple Data Encryption System (T-DES), and the like may be used.

The multiplexer 140 generates content by multiplexing a plurality of encrypted content units encrypted by the encryption unit 130. In addition, according to an embodiment of the present invention, the content generated by multiplexing the index generated by the encryption information storage unit 120 and the encrypted plurality of content units (CU0 to CUn) generated by the encryption unit 130 can be generated. have. This will be described in detail with reference to FIG. 4A.

4A illustrates content in accordance with an embodiment of the present invention.

Referring to FIG. 4A, the multiplexer 140 is controlled by the controller 170 to control the index generated by the encryption information storage unit 120 and the plurality of encrypted content units generated by the encryption unit 130 (CU0 to CUn). ) Multiplex in order.

According to the prior art, when the broadcast content is divided into a plurality of content units, and the encrypted content is transmitted in real time, information on an encryption key generated in real time for each content unit should be inserted. This is because, in order to receive and decrypt broadcast content in real time, a client receiving the broadcast content needs to continuously receive information on an encryption key that is changed for each content unit. Information about the encryption key is encrypted according to a predetermined content security system (for example, a CA system or a DRM system) and inserted for each content unit. In the case of DVB as an example, different entitlement control messages are generated for each content unit of broadcast content and inserted for each content.

According to the related art, since the information on the encryption key is encrypted again according to a predetermined content security system and inserted into each content unit, the operator providing the broadcast content is provided with a first content security system (for example, a CA system or a DRM system). If the information security system is generated and inserted, the information security system is changed, and the information about the encryption key is generated and inserted for each content unit according to the second content security system, and the client is not included in the second content security system. Cannot watch broadcast content. This is because the information on the encryption key cannot be decrypted. Therefore, according to the related art, once the provider providing the broadcast content introduces the content security system, it cannot be changed, resulting in the broadcast content provider being dependent on the content security system.

In order to solve this problem, the content generating apparatus 100 according to an embodiment of the present invention generates an encryption key for encrypting a plurality of content units in advance and stores them in the encryption information storage unit 120, Send it to the client separately without inserting it. According to an embodiment of the present invention, only an index indicating the order of content units may be inserted for each content unit, and a plurality of encryption keys required for decryption of the content unit corresponding to the index may be separately transmitted to the client.

Information about the plurality of encryption keys is processed and provided to the client according to the content security system provided in the client. The metadata may be transmitted to the client in front of or behind the encrypted content 410 as metadata for the content, or may be transmitted to the client separately through a path irrelevant to the transmission of the content. Since a plurality of encryption keys necessary for decrypting the content are processed separately from the encrypted content 410, even if the content provider changes the content security system, it is not necessary to change the structure of the content and provide it to the client. Only the key needs to be processed and provided to the client according to the changed content security system.

In particular, when providing a limited-length content such as VoD (Video on Demand) to the client, the content generating apparatus 100 may determine the total number of the plurality of content units and the entire encryption key used for encrypting the entire plurality of content units. Since it can be known in advance and the entire plurality of content units can be encrypted in advance, it is easy to multiplex the plurality of indexed and encrypted content units as shown in FIG. 4A.

The content provider provides a plurality of indexed and encrypted contents as shown in FIG. 4A when both the first client with the first content security system and the second client with the second content security system request a single content. The same multiplexed content 410 is provided to the first client and the second client, and only a plurality of encryption keys are encrypted using different algorithms according to the first content security system and the second content security system, respectively. 2 to the client.

The multiplexer 140 may generate content by multiplexing at least one entitlement control message in addition to the content illustrated in FIG. 4A. This will be described in detail with reference to FIG. 4B.

4B illustrates content according to another embodiment of the present invention.

Referring to FIG. 4B, the multiplexer 140 is controlled by the controller 170 to generate at least one credential control message generated by the index information generated by the cryptographic information storage unit 120 and the credential control message generator 150. The plurality of encrypted content units (CU0 to CUn) generated by the ECM (CW0 to ECM (CWn)) and the encryption unit 130 are multiplexed.

If the content security system provided in the client using the content requires the entitlement control message of the DVB according to the prior art, at least one entitlement control message (ECM (CW0) to ECM (CWn) in addition to the content shown in Fig. 4A). Multiplex)

In addition, the multiplexer 140 may generate content by multiplexing at least one entitlement control message and a plurality of encrypted content units without multiplexing an index. As shown in FIGS. 4C and 4D, entitlement control messages conforming to the DVB standard or the DVB Simulcrypt standard can be generated and multiplexed with a plurality of encrypted content units (CU0 to CUn).

The entitlement control message generation unit 150 generates at least one entitlement control message added to each of the plurality of content units using a plurality of encryption keys stored in the encryption information storage unit 120. At least one entitlement control message added to each of the plurality of content units may be generated using the index stored in the encryption information storage unit 120 and the plurality of encryption keys corresponding to the index. As illustrated in FIGS. 4B to 4D, when the entitlement control message is multiplexed to generate content, at least one entitlement control message to be included in the content is generated. At least one entitlement control message generated according to one content security system may be multiplexed as shown in FIGS. 4B and 4C, and at least one generated according to two or more content security systems as shown in FIG. 4D. The entitlement control message may be multiplexed. The content storage unit 160 stores the plurality of content units 220 encrypted by the encryption unit 130 using a plurality of different encryption keys. The multiplexer 140 may store the content 410 or 420 or 430 or 440 generated as a result of the multiplexing.

The controller 170 controls the generation of the content by controlling the other modules 110 to 160 of the content generating apparatus 100. The plurality of encryption keys CW0 to CWn generated by the key generation unit 110 are transmitted to the encryption unit 130 to control encryption of the plurality of content units, and the index and encryption generated by the encryption information storage unit 120 are encrypted. The synchronization is controlled so that the multiplexing of the plurality of encrypted content units generated in the unit 130 may be performed in order in the multiplexer 140. In addition, when at least one credential control message is generated in the credential control message generation unit 150, the synchronization control for multiplexing the at least one credential control message generated is also controlled.

5 is a flowchart illustrating a method of generating content according to an embodiment of the present invention. FIG. 5 illustrates a method in which the content generating apparatus 100 according to an embodiment of the present invention generates the content shown in FIG. 4A.

Referring to FIG. 5, in operation 510, the apparatus 100 for generating content 100 generates a plurality of different encryption keys for encrypting each of a plurality of content units. The plurality of content units may be classified according to an encryption period (CP). A plurality of different encryption keys necessary for encoding each content unit are generated. An index to be added and a plurality of different encryption keys corresponding to the index may be generated according to the order of the plurality of content units.

In operation 520, the content generating apparatus 100 stores the plurality of different encryption keys generated in operation 510 in a predetermined storage device. The present invention is characterized in that a plurality of content units are encrypted using a previously generated encryption key. A plurality of different encryption keys are stored in a predetermined device, and contents are encrypted using the encryption key stored in a later step. do.

In operation 530, the content generating apparatus 100 encrypts a plurality of content units using a plurality of encryption keys stored in a predetermined storage device in operation 520. The plurality of encrypted content units may be generated by encrypting the plurality of content units using a plurality of different encryption keys corresponding to the index. The plurality of content units U0 to Un shown in FIG. 2 are respectively encrypted using a plurality of different encryption keys CW0 to CWn to generate a plurality of encrypted content units CU0 to CUn.

In operation 540, the content generating apparatus 100 generates content by multiplexing the plurality of encrypted content units generated in operation 530. In addition, the index generated in operation 520 and the plurality of encrypted content units generated in operation 530 may be multiplexed in order to generate content. A plurality of different encryption keys are processed according to a content security system provided in the client using the content and provided to the client separately. As metadata of the content, it may be added to the front or the back of the content, or transmitted to the client through a separate path independent of the delivery of the content.

6 is a flowchart illustrating a content generation method according to another embodiment of the present invention.

FIG. 6 illustrates a method in which the controller 170 of the content generating apparatus 100 controls other modules to generate one of the contents shown in FIGS. 4A to 4D according to an embodiment of the present invention.

Referring to FIG. 6, in operation 610, the image encoding apparatus 100 determines whether the generated content is previously generated content.

If the generated content is not previously generated content, the image encoding apparatus 100 generates an index according to the order of the plurality of content units and a plurality of encryption keys corresponding to the index in step 620.

In operation 622, the image encoding apparatus 100 determines whether a qualification control message should be included in the generated content. As shown in FIG. 4C or 4D, it is determined whether a content control message should be included in the content.

If the entitlement control message is not included, the video encoding apparatus 100 multiplexes the plurality of content units indexed and encrypted in step 624. The plurality of encrypted content units are generated based on the plurality of encryption keys generated in step 620. Content as shown in FIG. 4A may be generated. Information about a plurality of encryption keys corresponding to the index is processed separately and provided to the client according to the content security system provided in the client.

When the entitlement control message is included, the video encoding apparatus 100 generates at least one entitlement control message added to each of the plurality of content units in step 626. The entitlement control message may include information about a plurality of encryption keys. At least one entitlement control message is generated using an index stored in a predetermined storage device and a plurality of encryption keys corresponding to the index.

In operation 628, the image encoding apparatus 100 generates content by multiplexing a plurality of encrypted content units using at least one entitlement control message generated in operation 626 and a plurality of encryption keys generated in operation 620. Content as shown in FIG. 4C or 4D may be generated.

If the generated content is previously generated content, in operation 630, the image encoding apparatus 100 reads out an index already stored and information about a plurality of encryption keys corresponding to the index from a predetermined storage device.

In operation 632, the image encoding apparatus 100 determines whether to additionally multiplex the entitlement control message to the previously generated content. If the entitlement control message is not additionally multiplexed, the information on the plurality of encryption keys is separately processed according to the content security system provided in the client and provided to the client.

In case of additionally multiplexing the entitlement control message, the image encoding apparatus 100 generates at least one entitlement control message additionally added for each of a plurality of content units in step 634. The entitlement control message may include information about a plurality of encryption keys. At least one entitlement control message is generated using an index stored in a predetermined storage device and a plurality of encryption keys corresponding to the index.

In operation 636, the image encoding apparatus 100 additionally multiplexes at least one entitlement control message generated in operation 634 to generate content. Content as shown in FIG. 4B or 4D may be generated.

7 illustrates an apparatus for decoding the content of the present invention.

Referring to FIG. 7, the content decoding apparatus 700 according to an embodiment of the present invention includes a demultiplexer 710 and a decoder 720.

The demultiplexer 710 demultiplexes the received content and extracts a plurality of encrypted content units. As illustrated in FIGS. 4A to 4D, the generated content is demultiplexed to extract a plurality of encrypted content units.

If a content as shown in FIG. 4A is received, a plurality of indexed and encrypted content units are extracted, and if a content as shown in FIG. 4B is received, an index, at least one entitlement control message and a plurality of encrypted content are received. Extract the unit of content. 4C and 4D, at least one entitlement control message and a plurality of encrypted content units are extracted.

The decryption unit 720 decrypts a plurality of encrypted content units generated by demultiplexing the content in the demultiplexer 710. A plurality of content units encrypted using a plurality of different encryption keys are decrypted.

When the content as shown in FIG. 4A is received, the information on the plurality of encryption keys corresponding to the index may be processed separately from the content and provided to the client according to a content security system provided in the client. .

 When the content as shown in FIGS. 4B to 4D is received, at least one entitlement control message may include information on a plurality of encryption keys.

8 is a flowchart illustrating a method of decoding content according to an embodiment of the present invention. FIG. 8 illustrates a method of demultiplexing and decoding content as shown in FIG. 4A.

Referring to FIG. 8, in operation 810, the content decryption apparatus 700 according to an embodiment of the present invention demultiplexes content and extracts a plurality of encrypted content units based on an index and a plurality of different encryption keys.

In operation 820, the content decryption apparatus 700 decrypts the encrypted plurality of content units extracted in operation 810. In operation 810, the plurality of content units encrypted by using a plurality of different encryption keys provided separately from the demultiplexed content are decrypted according to the content security system provided in the client.

9 is a flowchart illustrating a method of decoding content according to another embodiment of the present invention.

In operation 910, the content decoding apparatus 700 according to an embodiment of the present invention determines whether at least one entitlement control message is included in the received content.

If it is determined in step 910 that the content includes at least one entitlement control message, in step 920 the content decryption apparatus 700 demultiplexes the content to extract at least one entitlement control message and a plurality of encrypted content units. . Demultiplex the content shown in FIGS. 4B-4D. The at least one entitlement control message may include a plurality of encryption keys required to decrypt the plurality of content units.

If it is determined in step 910 that the content does not include at least one entitlement control message, in step 930, the content decoding apparatus 700 demultiplexes the content to extract a plurality of indexed and encrypted content units. Demultiplex the content shown in FIG. 4A.

In operation 940, the content decryption apparatus 700 decrypts the plurality of encrypted content units using a plurality of different encryption keys. In operation 920, the plurality of different encryption keys may be restored by interpreting the at least one entitlement control message demultiplexed. In operation 930, a plurality of encryption keys corresponding to the demultiplexed index may be received separately from the content. A plurality of encryption keys corresponding to the index may be added before or after the content as metadata of the content, or may be transmitted to the client through a separate path independent of the transmission of the content.

As described above, although the present invention has been described by way of limited embodiments and drawings, the present invention is not limited to the above-described embodiments, which can be modified by those skilled in the art to which the present invention pertains. Modifications are possible. Accordingly, the spirit of the invention should be understood only by the claims set forth below, and all equivalent or equivalent modifications will fall within the scope of the invention. In addition, the system according to the present invention may be embodied as computer readable codes on a computer readable recording medium.

For example, a content generating device and a content decoding device according to an exemplary embodiment of the present invention may include a bus coupled to respective units of the apparatus as shown in FIGS. 1 and 7, and at least one coupled to the bus. It may include a processor. It may also include a memory coupled to the bus for storing instructions, received messages or generated messages and coupled to at least one processor for performing instructions as described above.

The computer-readable recording medium also includes all kinds of recording devices in which data that can be read by a computer system is stored. Examples of the recording medium include a ROM, a RAM, a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like, and also include a carrier wave (for example, transmission through the Internet). The computer readable recording medium can also be distributed over network coupled computer systems so that the computer readable code is stored and executed in a distributed fashion.

1 illustrates an apparatus for generating content according to an embodiment of the present invention.

2 illustrates a plurality of content units according to an embodiment of the present invention.

3 illustrates an index and a plurality of encryption keys corresponding to the index according to an embodiment of the present invention.

4A-4D illustrate content in accordance with one embodiment of the present invention.

5 is a flowchart illustrating a method of generating content according to an embodiment of the present invention.

6 is a flowchart illustrating a content generation method according to another embodiment of the present invention.

7 illustrates an apparatus for decoding the content of the present invention.

8 is a flowchart illustrating a method of decoding content according to an embodiment of the present invention.

9 is a flowchart illustrating a method of decoding content according to another embodiment of the present invention.

Claims (15)

In the method for generating content comprising a plurality of content units encrypted using a plurality of different encryption keys, Generating a plurality of different encryption keys for encrypting each of the plurality of content units; Storing the generated plurality of different encryption keys in a predetermined storage device; Generating a plurality of encrypted content units by encrypting the plurality of content units using the stored plurality of different encryption keys; And Generating content by multiplexing the encrypted plurality of content units; The information on the plurality of different encryption keys is processed according to a content security system provided in the client using the content, and provided to the client. The method of claim 1, The generating of the plurality of different encryption keys includes generating an index added according to the order of the plurality of content units and a plurality of different encryption keys corresponding to the index. The generating of the content includes generating the content by multiplexing the index and the plurality of encrypted content units in the order. The system of claim 2, wherein the content security system is Content generation method, characterized in that the CA (Conditional Access) system or Digital Right Management (DRM) system. The method of claim 2, wherein generating information about the index and a plurality of different encryption keys corresponding to the index includes: Generating at least one Entitlement Control Message based on information on a plurality of different encryption keys corresponding to the index. The method of claim 4, wherein generating the content And multiplexing the index, the at least one entitlement control message, and the encrypted plurality of content units in the order to generate content. In the method for decrypting content containing a plurality of content units encrypted using a plurality of different encryption keys, Demultiplexing content including a plurality of content units encrypted using a plurality of different encryption keys stored in a predetermined storage device; And Decrypting the encrypted plurality of content units based on the plurality of different encryption keys; And information about a plurality of different encryption keys corresponding to the index is processed according to a content security system provided in a client using the content and provided to the client. The method of claim 6, Demultiplexing the content includes demultiplexing a content generated by multiplexing the plurality of encrypted content units and an index added according to the order of the plurality of encrypted content units according to the order. , And decrypting the plurality of encrypted contents comprises decrypting the plurality of encrypted content units based on a plurality of different encryption keys corresponding to the index. An apparatus for generating content including a plurality of content units encrypted using a plurality of different encryption keys, A key generation unit generating a plurality of different encryption keys for encrypting each of the plurality of content units; An encryption information storage unit for storing the generated plurality of different encryption keys in a predetermined storage device; An encryption unit generating the plurality of encrypted content units by encrypting the plurality of content units using the stored plurality of different encryption keys; And And a multiplexer configured to multiplex the plurality of encrypted content units to generate content. The information on the plurality of different encryption keys is processed according to a content security system provided in the client using the content, and provided to the client. The method of claim 8, The key generation unit generates a plurality of different encryption keys corresponding to the index added in the order of the plurality of content units, And the multiplexer generates the content by multiplexing the index and the plurality of encrypted content units in the order. 10. The system of claim 9, wherein the content security system is Content generation apparatus, characterized in that the CA (Conditional Access) system or Digital Right Management (DRM) system. The method of claim 9, And an entitlement control message generation unit for generating at least one entitlement control message based on the information on the plurality of different encryption keys. The method of claim 11, wherein the multiplexing unit And generating the content by multiplexing the index, the at least one entitlement control message, and the encrypted plurality of content units in the order. An apparatus for decrypting content including a plurality of content units encrypted using a plurality of different encryption keys, A demultiplexer for demultiplexing content including a plurality of content units encrypted using a plurality of different encryption keys stored in a predetermined storage device; And A decryption unit configured to decrypt the plurality of encrypted content units based on the plurality of different encryption keys; And information on a plurality of different encryption keys corresponding to the index is processed according to a content security system provided in a client using the content and provided to the client. The method of claim 13, The demultiplexer demultiplexes the content generated by multiplexing the plurality of encrypted content units and the index added in the order of the plurality of encrypted content units in the order, And the decryption unit decrypts the plurality of encrypted content units based on a plurality of different encryption keys corresponding to the index. A computer-readable recording medium having recorded thereon a program for executing the method of any one of claims 1 to 7.
KR1020090073528A 2009-08-10 2009-08-10 Method and apparatus for generating contents by using index KR20110016038A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020090073528A KR20110016038A (en) 2009-08-10 2009-08-10 Method and apparatus for generating contents by using index

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020090073528A KR20110016038A (en) 2009-08-10 2009-08-10 Method and apparatus for generating contents by using index

Publications (1)

Publication Number Publication Date
KR20110016038A true KR20110016038A (en) 2011-02-17

Family

ID=43774522

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020090073528A KR20110016038A (en) 2009-08-10 2009-08-10 Method and apparatus for generating contents by using index

Country Status (1)

Country Link
KR (1) KR20110016038A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013118968A1 (en) * 2012-02-08 2013-08-15 주식회사 파수닷컴 Apparatus and method for managing digital copyright for epub-based content, and apparatus and method for providing epub-based content according to user authority

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013118968A1 (en) * 2012-02-08 2013-08-15 주식회사 파수닷컴 Apparatus and method for managing digital copyright for epub-based content, and apparatus and method for providing epub-based content according to user authority
KR101287518B1 (en) * 2012-02-08 2013-08-23 주식회사 파수닷컴 Apparatus and method for digital rights management for epub-based contents, and apparatus and method for providing epub-based contents according to user authority
US9536058B2 (en) 2012-02-08 2017-01-03 Fasoo.Com Co., Ltd Apparatus and method for managing digital copyright on EPUB-based content, and apparatus and method for providing EPUB-based content according to user's right

Similar Documents

Publication Publication Date Title
US7769171B2 (en) Method for transmitting digital data in a local network
CN102160325B (en) Simulcrypt key sharing with hashed keys
EP1110399B1 (en) System and method for copy protecting transmitted information
RU2547228C1 (en) Method to protect recorded multimedia content
US7831045B2 (en) Security module revocation method used for securing broadcasted messages
EP2772062B1 (en) Constructing a transport stream
CN101390391A (en) Method for the transmission of management data
JP2011019222A (en) Processing recordable content in stream
JP2012510743A (en) Content decryption apparatus and encryption system using additional key layer
CN103686333A (en) Audio video protecting method and audio video terminal
CN105432092B (en) For the method to the compressed content watermarking by least one content key encryption
US9544276B2 (en) Method for transmitting and receiving a multimedia content
CN1890971A (en) Conditional access video signal distribution
KR100977969B1 (en) Methods for transmitting and receiving data in a network
US10411900B2 (en) Control word protection method for conditional access system
RU2534925C2 (en) Security method, decoding method, data medium and terminal for security method
KR20110016038A (en) Method and apparatus for generating contents by using index
KR102202813B1 (en) Internet protocol television(iptv) device, server, and operating method thereof
JP2009089243A (en) Digital broadcast receiving device and method
KR102190886B1 (en) Protection of Control Words in Conditional Access System
JP2001251290A (en) Data transmission system and method for distributing and storing and reproducing contents
EP2458777A1 (en) Deriving one or more cryptographic keys of a sequence of keys
KR101314417B1 (en) Apparatus for providing and reproducing contents using secure chipset and the method threaof
JP2007324896A (en) Receiving device and cas module
JP2007036380A (en) Receiver, cas module and distribution method

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E902 Notification of reason for refusal
E701 Decision to grant or registration of patent right
NORF Unpaid initial registration fee