WO2017006773A1 - Receiver, transmitter, information processing device, and data processing method - Google Patents

Receiver, transmitter, information processing device, and data processing method Download PDF

Info

Publication number
WO2017006773A1
WO2017006773A1 PCT/JP2016/068677 JP2016068677W WO2017006773A1 WO 2017006773 A1 WO2017006773 A1 WO 2017006773A1 JP 2016068677 W JP2016068677 W JP 2016068677W WO 2017006773 A1 WO2017006773 A1 WO 2017006773A1
Authority
WO
WIPO (PCT)
Prior art keywords
viewing history
authentication key
key
unit
history information
Prior art date
Application number
PCT/JP2016/068677
Other languages
French (fr)
Japanese (ja)
Inventor
淳 北原
Original Assignee
ソニー株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ソニー株式会社 filed Critical ソニー株式会社
Publication of WO2017006773A1 publication Critical patent/WO2017006773A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/437Interfacing the upstream path of the transmission network, e.g. for transmitting client requests to a VOD server
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/633Control signals issued by server directed to the network components or client
    • H04N21/6332Control signals issued by server directed to the network components or client directed to client
    • H04N21/6334Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key

Definitions

  • the present technology relates to a receiving device, a transmitting device, an information processing device, and a data processing method, and in particular, a receiving device, a transmitting device, an information processing device, and a method that can collect more accurate viewing history.
  • the present invention relates to a data processing method.
  • operations related to viewing history such as collecting and analyzing content viewing history by users, may be performed.
  • a technique for transmitting viewing history regularly or when necessary is disclosed (for example, see Patent Document 1).
  • the present technology has been made in view of such a situation, and makes it possible to collect more accurate viewing history when collecting viewing history.
  • a receiving apparatus includes a receiving unit that receives a broadcast wave of a digital broadcast using an IP (Internet Protocol) transmission method, an acquisition unit that acquires an authentication key transmitted by the broadcast wave, Based on the authentication key and viewing history information related to the viewing history of the content transmitted on the broadcast wave, a calculation unit that calculates a message authentication code, together with the viewing history information, the message authentication code is converted into the viewing history. And a control unit that performs control to transmit the information to a viewing history server that collects information.
  • IP Internet Protocol
  • the receiving device may be an independent device, or may be an internal block constituting one device.
  • the data processing method according to the first aspect of the present technology is a data processing method corresponding to the above-described receiving device according to the first aspect of the present technology.
  • a broadcast wave of a digital broadcast using an IP transmission method is received, an authentication key transmitted by the broadcast wave is acquired, and the authentication key
  • a message authentication code is calculated based on the viewing history information related to the viewing history of the content transmitted on the broadcast wave, and the viewing history information is collected together with the viewing history information and the message authentication code. Control to send to the server is performed.
  • the information processing device includes viewing history information related to the viewing history of the content transmitted from the receiving device that receives the content, an authentication key from the transmitting device that transmits the content, and the Based on the acquisition unit for acquiring the first message authentication code calculated from the viewing history information, the authentication key transmitted from the transmitting device, and the viewing history information, the second message authentication code is obtained.
  • a calculation unit that calculates, a comparison unit that compares the first message authentication code and the second message authentication code to verify the first message authentication code, and
  • the information processing apparatus includes a processing unit that processes the viewing history information according to a verification result.
  • the information processing apparatus may be an independent apparatus or may be an internal block constituting one apparatus.
  • the data processing method according to the second aspect of the present technology is a data processing method corresponding to the information processing apparatus according to the second aspect of the present technology described above.
  • the viewing history information related to the viewing history of the content and the transmission for transmitting the content transmitted from the receiving device that receives the content.
  • a first message authentication code calculated from an authentication key from the device and the viewing history information is acquired, and based on the authentication key transmitted from the transmitting device and the viewing history information, a second A message authentication code is calculated, the first message authentication code is compared with the second message authentication code, the first message authentication code is verified, and the verification result of the first message authentication code In response, the viewing history information is processed.
  • a transmission device includes: a generation unit that generates an authentication key to be provided to a reception device that receives content; and a viewing history server that collects viewing history information regarding the viewing history of the content; A transmitting unit that transmits the authentication key together with the content to a plurality of receiving devices by a broadcast wave of digital broadcasting using an IP transmission method, and a providing unit that provides the authentication key to the viewing history server; It is a transmitter provided with.
  • the transmission device according to the third aspect of the present technology may be an independent device, or may be an internal block constituting one device.
  • a data processing method according to the third aspect of the present technology is a data processing method corresponding to the transmission device according to the third aspect of the present technology described above.
  • more accurate viewing history can be collected.
  • CDM viewing history information
  • FIG. 6 is a diagram for explaining the flow of authentication key distribution, message authentication code (HMAC) calculation, and viewing history information (CDM) transmission / reception when signaling is used. It is a figure explaining the 1st transmission method of an authentication key. It is a figure explaining the 2nd transmission method of an authentication key. It is a figure which shows the example of the syntax of a metadata envelope. It is a flowchart explaining a transmission process. It is a flowchart explaining the authentication key delivery process in the case of using signaling. It is a flowchart explaining a reception process.
  • HMAC message authentication code
  • CDM viewing history information
  • HMAC message authentication code
  • CDM viewing history information
  • FIG. 1 is a diagram illustrating a configuration of an embodiment of a transmission system to which the present technology is applied.
  • a system refers to a logical collection of a plurality of devices.
  • the transmission system 1 includes transmission devices 10-1 to 10-N (N is an integer of 1 or more), reception devices 20-1 to 20-M (M is an integer of 1 or more), a viewing history server 30, a transmission facility 40, And a distribution device 50.
  • the receiving devices 20-1 to 20-M and the viewing history server 30 are connected to each other via a communication line 60.
  • the transmitting apparatus 10-1 is a transmitter that is installed by the broadcasting station 1 and that supports digital broadcasting standards such as ATSC (Advanced Television Systems Committee).
  • the transmission apparatus 10-1 transmits a digital broadcast signal including content (for example, a television program) and signaling via the transmission facility 40.
  • the transmission device 10-1 transmits a digital broadcast signal including content and the like to the distribution device 50.
  • the distribution device 50 is installed by MVPD (Multichannel-Video-Programming-Distributors) that provides pay broadcasting such as cable television (CATV) and satellite broadcasting, and distributes the content provided by the transmission device 10-1.
  • MVPD Multichannel-Video-Programming-Distributors
  • Transmitting devices 10-2 to 10-N are installed by broadcasting stations such as broadcasting station 2 to broadcasting station N.
  • the transmission devices 10-2 to 10-N transmit digital broadcast signals including content and signaling via the transmission facility 40 or the distribution device 50.
  • the transmission devices 10-1 to 10-N will be referred to as the transmission device 10 unless it is necessary to distinguish them.
  • the receiving device 20-1 is a receiver that supports digital broadcasting standards such as ATSC.
  • the receiving device 20-1 is a fixed receiver such as a television receiver or a set-top box, or a smartphone, a mobile phone, a tablet computer, or the like. Mobile receiver.
  • the receiving device 20-1 may be a device mounted on an automobile such as an in-vehicle television.
  • the receiving device 20-1 receives (directly receives) the digital broadcast signal transmitted from the transmitting device 10 via the transmission facility 40 as a radio tower by an antenna, and selects a service (channel) by the user.
  • the content for example, a TV program etc.
  • the receiving device 20-1 records (accumulates) viewing history information related to content viewing history.
  • CDM Consption Data Message
  • the receiving device 20-1 transmits the viewing history information (CDM) attached with a message authentication code such as HMAC (Hash-based Message Authentication Code) via the communication line 60 in accordance with the URL (Uniform Resource Locator) of the viewing history server 30.
  • a message authentication code such as HMAC (Hash-based Message Authentication Code)
  • HMAC Hash-based Message Authentication Code
  • the URL Uniform Resource Locator
  • the receiving device 20-1 receives the viewing history server URL included in the digital broadcast signal. Will get and hold.
  • the receiving device 20-2 is, for example, a fixed receiver such as a television receiver or a mobile receiver such as a smartphone.
  • the receiving device 20-2 receives (indirect reception) content (digital broadcast signal) distributed from the transmitting device 10 via the MVPD distribution device 50, and reproduces the content according to the channel selection operation of the service. To do.
  • the receiving device 20-2 records (accumulates) content viewing history information (CDM) in the same manner as the receiving device 20-1. Then, the receiving device 20-2 transmits the viewing history information (CDM) attached with the message authentication code (HMAC) to the viewing history server 30 via the communication line 60 in accordance with the viewing history server URL.
  • CDM content viewing history information
  • HMAC message authentication code
  • the receiving devices 20-3 to 20-M are, for example, a fixed receiver such as a television receiver, a mobile receiver such as a smartphone, and the like, similar to the receiving device 20-1 or the receiving device 20-2.
  • the receiving devices 20-3 to 20-M receive (directly receive) a digital broadcast signal transmitted from the transmitting device 10 via the transmission facility 40, or distribute it via the MVPD distribution device 50. Content (digital broadcast signal) to be received (indirect reception), and the content corresponding to the channel selection operation of the service is reproduced.
  • the receiving devices 20-3 to 20-M record (accumulate) content viewing history information (CDM) in the same manner as the receiving device 20-1 or the receiving device 20-2. Then, the receiving devices 20-3 to 20-M transmit the viewing history information (CDM) attached with the message authentication code (HMAC) to the viewing history server 30 via the communication line 60 in accordance with the viewing history server URL.
  • the receiving devices 20-1 to 20-M will be referred to as the receiving device 20 when it is not necessary to distinguish them.
  • the viewing history server 30 is a server that collects and processes viewing history information (CDM) transmitted from a plurality of receiving devices 20.
  • the viewing history server 30 is not related to a single broadcaster, for example, a jointly operated business established by a plurality of broadcasters (for example, the broadcasting stations 1 to N) or a broadcasting company.
  • a viewing history business operator such as a business by a third party organization (for example, an agency that specializes in audience rating surveys).
  • the viewing history server 30 receives viewing history information (CDM) attached with a message authentication code (HMAC) transmitted from the receiving devices 20-1 to 20-M via the communication line 60.
  • the viewing history server 30 compares the message authentication code (HMAC) received from the receiving device 20 with the message authentication code (HMAC ′) calculated by itself, and determines whether or not the comparison result matches.
  • the received message authentication code (HMAC) is verified so that only valid viewing history information (CDM) is accumulated (collected).
  • the viewing history server 30 performs various processes such as viewing history analysis and analysis on the collected viewing history information (CDM). For example, the viewing history server 30 generates a viewing history report regarding the viewing history for each broadcasting station and provides the viewing history report to a device such as the transmission device 10 of each broadcasting station. The viewing history server 30 is supplied with an authentication key used when calculating the message authentication code (HMAC ′) from the transmission device 10.
  • CDM viewing history information
  • the configuration of the transmission system 1 has been described above. Next, a configuration example of the transmission device 10, the reception device 20, and the viewing history server 30 configuring the transmission system 1 of FIG. 1 will be described.
  • FIG. 2 is a diagram illustrating a configuration example of the transmission device 10 of FIG.
  • the transmission device 10 includes a control unit 111, a video data acquisition unit 112, a video processing unit 113, an audio data acquisition unit 114, an audio processing unit 115, a caption data acquisition unit 116, a caption processing unit 117, and a signaling generation unit 118. , A signaling processing unit 119, a multiplexer 120, a transmission unit 121, and a communication unit 122.
  • the control unit 111 controls the operation of each unit of the transmission device 10.
  • the video data acquisition unit 112 acquires video data (video component) of content (for example, a TV program) from an external server, camera, or recording medium, and supplies the video data to the video processing unit 113.
  • the video processing unit 113 performs processing such as encoding processing conforming to a predetermined encoding method on the video data supplied from the video data acquisition unit 112 and supplies the processed video data to the multiplexer 120.
  • the audio data acquisition unit 114 acquires audio data (audio component) of content (for example, a TV program) from an external server, microphone, or recording medium, and supplies the audio data to the audio processing unit 115.
  • the audio processing unit 115 performs processing such as encoding processing conforming to a predetermined encoding method on the audio data supplied from the audio data acquisition unit 114 and supplies the processed audio data to the multiplexer 120.
  • the subtitle data acquisition unit 116 acquires subtitle data (components of subtitles) of content (for example, a TV program) from an external server or recording medium and supplies the subtitle data to the subtitle processing unit 117.
  • the caption processing unit 117 subjects the caption data supplied from the caption data acquisition unit 116 to a process such as an encoding process based on a predetermined encoding method, and supplies the processed data to the multiplexer 120.
  • the signaling generation unit 118 generates signaling information used in processing such as content selection and playback, and supplies the signaling information to the signaling processing unit 119.
  • the signaling processing unit 119 processes the signaling information supplied from the signaling generation unit 118 and supplies it to the multiplexer 120.
  • LLS Link Layer Signaling
  • SLS Service Layer Layer Signaling
  • the multiplexer 120 includes a video stream supplied from the video processing unit 113, an audio stream supplied from the audio processing unit 115, a subtitle stream supplied from the subtitle processing unit 117, and signaling information supplied from the signaling processing unit 119. And the resulting multiplexed stream (broadcast stream) is supplied to the transmitter 121.
  • the transmission unit 121 transmits the broadcast stream supplied from the multiplexer 120 as a digital broadcast wave (digital broadcast signal) via the antenna 131.
  • the control unit 111 includes an authentication key generation unit 151 and an encryption unit 152.
  • the authentication key generation unit 151 generates an authentication key to be provided to the receiving device 20 and the viewing history server 30.
  • the encryption unit 152 encrypts the authentication key generated by the authentication key generation unit 151, and the encrypted authentication key (encrypted authentication key) is converted into the video processing unit 113 according to the methods 1 to 3.
  • the audio processing unit 115 or the signaling generation unit 118 As a result, the authentication key (encrypted authentication key) is included in the multiplexed stream (broadcast stream) multiplexed by the multiplexer 120 in accordance with the methods 1 to 3.
  • the transmission method using signaling is referred to as method 1, the transmission method using video watermark as the method 2, and the transmission method using audio user data as the method. Three.
  • the communication unit 122 exchanges data with the viewing history server 30 (FIG. 1) via various networks (not shown) in accordance with control from the control unit 111.
  • the communication unit 122 transmits (provides) the authentication key generated by the authentication key generation unit 151 to the viewing history server 30.
  • the communication unit 122 receives a viewing history report transmitted from the viewing history server 30 and supplies the viewing history report to the control unit 111.
  • the control unit 111 acquires the viewing history report supplied from the communication unit 122 and performs processing such as presenting the viewing history report, for example.
  • FIG. 3 is a diagram illustrating a configuration example of the receiving device 20 in FIG.
  • the receiving device 20 includes a control unit 211, a recording unit 212, an input unit 213, a receiving unit 214, a demultiplexer 215, a video processing unit 216, a video output unit 217, an audio processing unit 218, an audio output unit 219, and subtitles.
  • the processing unit 220 includes a display unit 221, a speaker 222, a communication unit 223, and a secure memory 224. 3 illustrates a configuration including the display unit 221 and the speaker 222, the configuration may not include the display unit 221 and the speaker 222.
  • the control unit 211 controls the operation of each unit of the receiving device 20.
  • the recording unit 212 is a non-volatile memory such as NVRAM (NonNVolatile RAM), for example, and records various data according to control from the control unit 211.
  • the input unit 213 supplies an operation signal to the control unit 211 in accordance with a user operation.
  • the receiving unit 214 extracts and demodulates a signal corresponding to a channel selection operation of a service from a digital broadcast wave (digital broadcast signal) received via the antenna 231, and obtains a multiplexed stream (broadcast) Stream) is supplied to the demultiplexer 215.
  • the demultiplexer 215 separates the broadcast stream supplied from the reception unit 214 into audio, video, and subtitle streams and signaling information.
  • the demultiplexer 215 sends video data (video component) to the video processing unit 216, audio data (audio component) to the audio processing unit 218, subtitle data (subtitle component) to the subtitle processing unit 220, and signaling information. Each is supplied to the control unit 211.
  • the control unit 211 controls the operation of each unit such as the demultiplexer 215 and the processing unit of each component in order to reproduce the content based on the signaling information supplied from the demultiplexer 215.
  • the video processing unit 216 subjects the video data supplied from the demultiplexer 215 to, for example, a decoding process based on a predetermined decoding method, and supplies the video data to the video output unit 217.
  • the video output unit 217 outputs the video data supplied from the video processing unit 216 to the display unit 221.
  • the display unit 221 displays a video of content (for example, a television program) according to the service channel selection operation.
  • the audio processing unit 218 subjects the audio data supplied from the demultiplexer 215 to processing such as decoding processing conforming to a predetermined decoding method, and supplies the processed audio data to the audio output unit 219.
  • the audio output unit 219 outputs the audio data supplied from the audio processing unit 218 to the speaker 222.
  • the sound of content for example, a television program
  • the channel selection operation of the service is output from the speaker 222.
  • the caption processing unit 220 subjects the caption data supplied from the demultiplexer 215 to a process such as a decoding process based on a predetermined decoding method and supplies the processed data to the video output unit 217.
  • the video output unit 217 causes the caption corresponding to the caption data supplied from the caption processing unit 220 to be displayed superimposed on the video corresponding to the video data supplied from the video processing unit 216.
  • the display unit 221 displays the caption superimposed on the video of the content (for example, a television program) according to the service channel selection operation.
  • the video processing unit 216, the video output unit 217, the audio processing unit 218, the audio output unit 219, and the caption processing unit 220 constitute a renderer 225 that performs rendering processing. It can be said that.
  • the communication unit 223 exchanges various data with the viewing history server 30 via the communication line 60 in accordance with control from the control unit 211.
  • the secure memory 224 is a secure memory, and records highly confidential information such as a decryption key for decrypting an encrypted authentication key (encrypted authentication key).
  • FIG. 4 is a diagram illustrating a functional configuration example of the control unit 211 in FIG. 3.
  • control unit 211 includes a broadcast control unit 251, a communication control unit 252, a viewing history information management unit 253, a viewing history server URL acquisition unit 254, a filter unit 255, a decryption unit 256, an authentication key acquisition unit 257, and A message authentication code calculation unit 258 is included.
  • the broadcast control unit 251 controls each unit such as the reception unit 214, the demultiplexer 215, and the processing unit and output unit of each component in order to reproduce the content included in the digital broadcast signal transmitted from the transmission device 10.
  • the communication control unit 252 controls the communication unit 223 to exchange various data with the viewing history server 30 via the communication line 60.
  • the viewing history information management unit 253 manages content viewing history information (CDM).
  • the viewing history information management unit 253 records (accumulates) the viewing history information (CDM) according to the viewing status of the content by the user in the recording unit 212 when it is time to record the viewing history information (CDM). .
  • the viewing history server URL acquisition unit 254 acquires the viewing history server URL included in the broadcast stream separated by the demultiplexer 215 and records (holds) it in the recording unit 212.
  • the filter unit 255 performs a filtering process for obtaining a target authentication key (encrypted authentication key) among the authentication keys (encrypted authentication keys) included in the broadcast stream separated by the demultiplexer 215.
  • the decryption unit 256 decrypts the authentication key (encrypted authentication key) obtained as a result of the filtering process by the filter unit 255 using the decryption key read from the secure memory 224.
  • the authentication key acquisition unit 257 acquires the authentication key decrypted by the decryption unit 256 and records (holds) it in the recording unit 212. Also, the authentication key acquisition unit 257 reads the authentication key recorded in the recording unit 212 and sends it to the message authentication code calculation unit 258 when it is time to transmit the viewing history information (CDM) to the viewing history server 30. Supply.
  • CDM viewing history information
  • the viewing history information management unit 253 reads the viewing history information (CDM) and the viewing history server URL from the recording unit 212 when the timing for transmitting the viewing history information (CDM) to the viewing history server 30 is reached.
  • the server URL is supplied to the communication control unit 252 and the viewing history information (CDM) is supplied to the message authentication code calculation unit 258.
  • the message authentication code calculation unit 258 is supplied with the authentication key from the authentication key acquisition unit 257 and the viewing history information (CDM) from the viewing history information management unit 253.
  • the message authentication code calculation unit 258 calculates a message authentication code (HMAC) based on the authentication key and viewing history information (CDM).
  • the message authentication code calculation unit 258 supplies the viewing control information (CDM) attached with the message authentication code (HMAC) to the communication control unit 252.
  • the communication control unit 252 is supplied with the viewing history server URL from the viewing history information management unit 253 and the viewing history information (CDM) attached with the message authentication code (HMAC) from the message authentication code calculation unit 258.
  • the communication control unit 252 performs communication so that the viewing history information (CDM) attached with the message authentication code (HMAC) is transmitted to the viewing history server 30 via the communication line 60 based on the viewing history server URL.
  • the unit 223 is controlled.
  • FIG. 5 is a diagram illustrating a configuration example of the viewing history server 30 of FIG.
  • the viewing history server 30 includes a control unit 311, a communication unit 312, and a viewing history information storage unit 313.
  • the control unit 311 controls the operation of each unit of the viewing history server 30.
  • the control unit 311 includes a message authentication code acquisition unit 351, an authentication key acquisition unit 352, a message authentication code calculation unit 353, a message authentication code comparison unit 354, a viewing history information management unit 355, and a viewing history information analysis unit 356.
  • the communication unit 312 receives the viewing history information (CDM) attached with the message authentication code (HMAC) transmitted from the receiving device 20 via the communication line 60 according to the control from the control unit 311, and receives the control unit 311. To supply.
  • the message authentication code acquisition unit 351 acquires the message authentication code (HMAC) received from the reception device 20 and supplies it to the message authentication code comparison unit 354.
  • the communication unit 312 receives the authentication key transmitted from the transmission device 10 of the broadcasting station and supplies the authentication key to the control unit 311 according to the control from the control unit 311.
  • the authentication key acquisition unit 352 acquires the authentication key received from the transmission device 10 and supplies it to the message authentication code calculation unit 353.
  • the message authentication code calculation unit 353 is supplied with the authentication key from the authentication key acquisition unit 352 and the viewing history information (CDM) from the receiving device 20.
  • the message authentication code calculation unit 353 calculates a message authentication code (HMAC ′) based on the authentication key and viewing history information (CDM), and supplies the message authentication code comparison unit 354 with the message authentication code (HMAC ′).
  • the message authentication code comparison unit 354 is supplied with the message authentication code (HMAC) from the message authentication code acquisition unit 351 and the message authentication code (HMAC ′) from the message authentication code calculation unit 353.
  • the message authentication code comparison unit 354 compares the message authentication code (HMAC) received from the receiving device 20 with the message authentication code (HMAC ′) calculated by the message authentication code calculation unit 353, and the comparison results match.
  • the received message authentication code (HMAC) is verified.
  • the viewing history information management unit 355 manages viewing history information (CDM).
  • the viewing history information management unit 355 processes the viewing history information (CDM) attached with the message authentication code (HMAC) according to the verification result of the message authentication code (HMAC) by the message authentication code comparison unit 354.
  • the viewing history information management unit 355 records (accumulates) the viewing history information (CDM) determined to be valid in the viewing history information accumulation unit 313 according to the verification result of the message authentication code (HMAC). .
  • the viewing history information storage unit 313 collects viewing history information (CDM) sequentially transmitted from the plurality of receiving apparatuses 20 and stores it, for example, for each broadcasting station.
  • the viewing history information analysis unit 356 reads the viewing history information (CDM) for each broadcasting station from the viewing history information storage unit 313 and analyzes it when it is time to analyze the viewing history information (CDM).
  • the viewing history information analysis unit 356 generates, for example, a viewing history report for each broadcasting station based on the analysis result of the viewing history information (CDM) and supplies the viewing history report to the communication unit 312.
  • the communication unit 312 transmits a viewing history report for each broadcast station to the transmission device 10 of the target broadcast station via various networks (not shown) in accordance with control from the control unit 311.
  • an IP transmission method is adopted, and data transmission is not a TS (Transport Stream) packet, but an IP / UDP packet, that is, UDP (User Datagram Protocol). It has been decided to use IP (Internet Protocol) packets including packets. In addition, it is expected that an IP transmission method using IP packets will be used in the future even in broadcasting methods other than ATSC 3.0.
  • ROUTE Real-Time Object Delivery Service Unidirectional Transport
  • MMT MPEG Media Transport
  • ROUTE is a protocol that extends FLUTE (File Delivery over Unidirectional Transport), which is a protocol suitable for multicast transfer of binary files in one direction.
  • MMT is a transport method used on IP (Internet Protocol), and data such as video and audio can be referred to by setting an IP address and URL (Uniform Resource Locator) using control information. .
  • LLS Link Layer Signaling
  • SLS Service Layer Layer Signaling
  • the LLS signaling information includes metadata such as SLT (Service List).
  • SLT includes information (service configuration information) indicating the stream and service configuration in the broadcast network, such as information necessary for channel selection (channel selection information).
  • the SLS signaling information includes metadata such as USD (User Service Description), LSID (LCT Session Instance Description), MPD (Media Presentation Description), and the like.
  • the USD includes information such as another metadata acquisition destination.
  • LSID is ROUTE protocol control information.
  • MPD is control information for managing the playback of component streams. Note that metadata such as USD, LSID, and MPD is described in a markup language such as XML (Extensible Markup Language). MPD conforms to the MPEG-DASH (Dynamic Adaptive Streaming over HTTP) standard.
  • FIG. 6 is a diagram illustrating a protocol stack of an IP transmission scheme to which the present technology is applied.
  • the lowest hierarchy is a physical layer.
  • the upper layer adjacent to the physical layer is a layer 2 layer (Layer 2), and the upper layer adjacent to the layer 2 layer is an IP layer.
  • the upper layer adjacent to the IP layer is a UDP layer. That is, an IP packet including a UDP packet (IP / UDP packet) is arranged in the payload of a layer 2 L2 packet (Generic packet) and encapsulated.
  • the physical layer L1 frame Physical Frame
  • the physical layer L1 frame Physical Frame
  • error correction parity is added to the BB frame obtained by encapsulating multiple L2 packets. After that, data obtained by performing processing related to the physical layer such as interleaving and mapping is mapped.
  • the upper layers adjacent to the UDP layer are ROUTE, MMT, and SLT. That is, the video, audio, and subtitle streams, the SLS signaling information stream, and the NRT content stream transmitted in the ROUTE session are stored in the IP / UDP packet and transmitted.
  • the NRT content is content distributed by NRT (Non Real Time) broadcasting, and is played back after being temporarily stored in the storage of the receiving device 20. Further, files other than NRT content (for example, application files) may be transmitted in the ROUTE session.
  • the video, audio, and subtitle streams and the SLS signaling information stream transmitted in the MMT session are stored in the IP / UDP packet and transmitted.
  • the SLT is stored in an IP / UDP packet and transmitted.
  • the above-described protocol stack is adopted, so that the receiving device 20 can select a service (channel) provided by a component stream transmitted in a ROUTE session.
  • SLS signaling information transmitted in the ROUTE session is acquired (S1-1, S1-2).
  • the receiving device 20 connects to the stream of the selected service component according to metadata such as USD, LSID, and MPD (S1-3).
  • the receiving device 20 outputs video and audio of content (for example, a television program) corresponding to the service channel selection operation.
  • the receiving device 20 when selecting a service provided by the component stream transmitted in the MMT session, acquires SLS signaling information transmitted in the MMT session according to the tuning information included in the SLT (S2- 1, S2-2). Then, the receiving device 20 connects to the stream of the selected service component according to various metadata (S2-3). As a result, the receiving device 20 outputs video and audio of content (for example, a television program) corresponding to the service channel selection operation.
  • FIG. 7 is a diagram illustrating a flow of collecting viewing history information (CDM) in the transmission system 1 of FIG.
  • the HMAC calculation unit 258 corresponds to the message authentication code calculation unit 258 in FIG. Further, in the viewing history server 30 of FIG. 7, the HMAC calculation unit 353 corresponds to the message authentication code calculation unit 353 of FIG. 5, and the HMAC comparison unit 354 corresponds to the message authentication code comparison unit 354 of FIG.
  • the transmission apparatus 10 transmits a broadcast stream by a broadcast wave of a digital broadcast using the IP transmission method (FIG. 6).
  • the receiving device 20 receives the broadcast wave of the digital broadcast transmitted from the transmitting device 20, and reproduces the content by processing components such as video and audio included in the broadcast stream and signaling information. However, the receiving device 20 records (accumulates) viewing history information (CDM) related to the viewing history of the content.
  • CDM viewing history information
  • the transmission device 10 generates an authentication key (authentication key), and the generated authentication key is encrypted by the encryption unit 152 with the encryption key.
  • the transmission device 10 transmits an encrypted authentication key (encrypted authentication key) in a broadcast stream.
  • the authentication key is a method 1 that is a transmission method using signaling, a method 2 that is a transmission method that uses video watermark, or a method 3 that is a transmission method that uses audio user data. It is transmitted by one of the methods.
  • the transmission device 10 also provides the authentication key to the viewing history server 30.
  • authentication keys there may be one or more types of authentication keys.
  • all the receiving devices 20, that is, the receiving devices 20-1 to 20-M operate in common using one authentication key.
  • an operation using a different authentication key is performed for each manufacturer (receiver manufacturer) of the receiving device 20 or for each receiving device 20. .
  • information indicating the destination of the key is added to the authentication key.
  • an ID for identifying a receiver manufacturer key manufacturer key
  • an ID for identifying a receiver manufacturer receiver manufacturer ID
  • a receiver key An ID for identifying (device key) or an ID (receiver ID) for identifying the receiving device 20 can be used.
  • the authentication key is encrypted with the receiver manufacturer key.
  • the authentication key is encrypted with the receiver key (device key). In the example of FIG. 7, the authentication key is encrypted with the receiver manufacturer key.
  • the receiving device 20 receives from the transmitting device 10 an authentication key (encrypted authentication key) transmitted by being included in the broadcast stream by any one of methods 1 to 3. At this time, the receiving device 20 confirms that the information (for example, receiver manufacturer ID or receiver ID) indicating the destination added to the authentication key (encrypted authentication key) is the authentication key addressed to itself. In the case shown, an authentication key (encrypted authentication key) is acquired. Here, an authentication key that is not addressed to itself is discarded.
  • the decryption unit 256 uses the decryption key (for example, the receiver manufacturer key (manufacturer key) or the receiver key (device key)) stored in the secure memory 224, and is addressed to the own device.
  • the authentication key (encrypted authentication key) is decrypted.
  • the decryption unit 256 uses the receiver manufacturer key read from the secure memory 224. The authentication key (encrypted authentication key) will be decrypted.
  • the HMAC calculation unit 258 is supplied with the authentication key decrypted by the decryption unit 256 and the viewing history information (CDM) recorded (accumulated) in the recording unit 212.
  • the HMAC calculation unit 258 calculates a message authentication code (HMAC) based on the authentication key and viewing history information (CDM).
  • the receiving device 20 attaches the message authentication code (HMAC) calculated by the HMAC calculation unit 258 to the viewing history information (CDM), and the viewing history information (CDM) with the message authentication code (HMAC) attached thereto.
  • the data is transmitted to the viewing history server 30 via the communication line 60.
  • the communication between the receiving device 20 and the viewing history server 30 performed via the communication line 60 is performed by using, for example, HTTPS (Hypertext Transfer Protocol Secure) provided by TLS (Transport Layer Security). It can be done securely.
  • HTTPS Hypertext Transfer Protocol Secure
  • TLS Transport Layer Security
  • the viewing history server 30 receives viewing history information (CDM) attached with a message authentication code (HMAC) transmitted from the receiving device 20 via the communication line 60.
  • the HMAC calculation unit 353 is supplied with the authentication key provided from the transmitting device 10 and the viewing history information (CDM) received from the receiving device 20.
  • the HMAC calculation unit 353 calculates a message authentication code (HMAC ′) based on the authentication key and the viewing history information (CDM), and supplies the message authentication code (HMAC ′) to the HMAC comparison unit 354.
  • the HMAC comparison unit 354 is supplied with the message authentication code (HMAC ′) from the HMAC calculation unit 353 and the message authentication code (HMAC) attached to the viewing history information (CDM) received from the receiving device 20.
  • the HMAC comparison unit 354 verifies the message authentication code (HMAC) by comparing the message authentication code (HMAC) with the message authentication code (HMAC ′) and determining whether or not the comparison result matches. .
  • the viewing history information (CDM) attached with the message authentication code (HMAC) is recorded and transmitted by the receiving device 20 of the target receiver manufacturer. Since it is proper and valid, the viewing history server 30 processes the viewing history information (CDM). On the other hand, when the comparison result by the HMAC comparison unit 354 does not match, the viewing history information (CDM) attached with the message authentication code (HMAC) is recorded and transmitted by the receiving device 20 of the target receiver manufacturer. The viewing history server 30 does not process (for example, discard) the viewing history information (CDM) because the viewing history server 30 is not valid.
  • the viewing history server 30 transmits the viewing history information (CDM) based on the viewing history information (CDM) attached with the message authentication code (HMAC) transmitted from the receiving device 20. Since the receiving device 20 that is the transmission source of the CDM) can be authenticated, accurate viewing history information (CDM) can be collected. Further, since the transmission system 1 performs authentication using a message authentication code (HMAC), the processing load on the receiving device 20 side and the viewing history server 30 side is reduced compared to a method using public key cryptography. Can be reduced.
  • HMAC message authentication code
  • the authentication key is distributed using the broadcast wave of the digital broadcast, the high reliability, broadcast capability, and scalability (scalability) that are the characteristics of the digital broadcast signal are utilized.
  • the authentication key can be distributed to a large number and various receiving devices 20 at the same time.
  • the fact that the receiving device 20 can periodically update the authentication key used when transmitting the viewing history information (CDM) to the viewing history server 30 has a great merit in terms of security, but is a feature of the digital broadcast signal.
  • the authentication key can be dynamically changed and distributed to an unspecified number of receiving devices 20-1 to 20-M. You can enjoy the benefits.
  • the authentication key used for calculating the message authentication code (HMAC) can be specified in a specific group unit by devising the encryption method of the authentication key and the filtering method of the authentication key. It can be changed and distributed for each receiver (for example, receiver manufacturer unit or receiver unit). That is, from the viewing history server 30 side, by verifying the message authentication code (HMAC) sent together with the viewing history information (CDM), the receiving device 20 that is the transmission source of the viewing history information (CDM) can be changed. It can be verified. As a result, for example, the viewing history collection operator operating the viewing history server 30 uses the compensation by cooperating with the collection of viewing history information (CDM) as the trust information when paying the receiver manufacturer. Can do. Incidentally, route protection such as HTTPS is not sufficient when used as such trust information.
  • the transmission system 1 includes a process of collecting viewing history information (CDM) by transmitting the authentication key in a broadcast stream for each service (broadcast channel), and viewing and listening. It is possible to clearly associate a service for which history information (CDM) is collected.
  • CDM viewing history information
  • FIG. 8 is a diagram illustrating the relationship between keys and IDs.
  • the transmitter 10-1 of the broadcasting station 1 manages a receiver manufacturer key list or a receiver key list.
  • the receiver manufacturer key (ma_key_A, key_id_A) assigned to the receiver manufacturer A identified by the receiver manufacturer ID which is rec_ma_id_A, rec_ma_id_B Information related to the key for each receiver manufacturer such as the receiver manufacturer key (ma_key_B, key_id_B) assigned to the receiver manufacturer B identified by the receiver manufacturer ID is listed. Yes.
  • the receiver key list includes, for example, a receiver key assigned to the receivers 20-A1 to 20-A3 manufactured by the receiver manufacturer A, and a receiver 20- manufactured by the receiver manufacturer B. Information relating to keys for each receiver manufactured by each receiver manufacturer, such as receiver keys assigned to B1 to 20-B3, is listed.
  • a receiver manufacturer key list in which information on keys for each receiver manufacturer is listed, Alternatively, it manages a receiver key list in which information on keys for each receiver manufactured by each receiver manufacturer is listed.
  • the receiver manufactured by each receiver manufacturer holds information on the receiver manufacturer of the manufacturer and each receiver.
  • receiver 20-A1 manufactured by the receiver manufacturer A
  • information on the receiver manufacturer A of the manufacturer (receiver manufacturer ID (rec_ma_id_A), receiver manufacturer key (ma_key_A, key_id_A))
  • receiver manufacturer key (ma_key_A, key_id_A)
  • information regarding each receiver (receiver ID (dev_ID_A1), receiver key (devkeyA1, key_ID_A1)) is held in the secure memory 224.
  • the receiving device 20-A2 and the receiving device 20-A3 manufactured by the receiver manufacturing company A information about the receiver manufacturer A of the manufacturer and information about each receiver are held in the secure memory 224. ing.
  • receiver 20-B1 manufactured by the receiver manufacturer B
  • information on the receiver manufacturer B of the manufacturer (receiver manufacturer ID (rec_ma_id_B), receiver manufacturer key (ma_key_B, key_id_B) ))
  • receiver key (devkeyB1, key_ID_B1))
  • secure memory 224 information on the receiver manufacturer B of the manufacturer.
  • the receiving device 20-B2 and the receiving device 20-B3 manufactured by the receiver manufacturing company B information about the receiver manufacturing company B of the manufacturer and information about each receiver are held in the secure memory 224. ing.
  • the key is managed in the transmitter 10 of the broadcasting station and the receiver 20 manufactured by each receiver manufacturer.
  • the receiver manufacturer key or the receiver is managed.
  • the authentication key is encrypted using the key as the encryption key
  • the receiving device 20 uses the receiver manufacturer key or the receiver key as the decryption key and encrypts the authentication key (encrypted authentication key). Will be decrypted.
  • encryption and decryption of the authentication key when the receiver manufacturer key or the receiver key is used will be described.
  • FIG. 9 schematically shows the encryption processing of the authentication key using the receiver manufacturer key.
  • the encryption unit 152 performs encryption processing of the authentication key.
  • the authentication key is encrypted using the receiver manufacturer key.
  • the transmission device 10 includes the authentication key (encrypted authentication key) encrypted with the receiver manufacturer key as the encryption key in the broadcast stream by any one of methods 1 to 3. To do.
  • FIG. 10 schematically shows the decryption process of the authentication key encrypted with the receiver manufacturer key.
  • the decryption unit 256 performs a decryption process of the authentication key (encrypted authentication key) encrypted with the receiver manufacturer key.
  • the authentication key (encrypted authentication key) encrypted with the receiver manufacturer key included in the broadcast stream from the transmission device 10 is decrypted with the receiver manufacturer key as the decryption key.
  • the receiving device 20 can acquire the authentication key decrypted with the receiver manufacturer key.
  • the receiver manufacturer key (encryption key) used in the authentication key encryption process and the authentication key decryption process are used. Since the receiver manufacturer key (decryption key) used has a relationship (common key encryption) as a shared key, the receiver 20 stores the receiver manufacturer stored in the secure memory 224. Using the key (decryption key), the authentication key (encrypted authentication key) transmitted in the broadcast stream can be decrypted.
  • FIG. 11 schematically shows the encryption process of the authentication key using the receiver key.
  • the encryption unit 152 performs encryption processing of the authentication key.
  • the authentication key is encrypted using the receiver key.
  • the transmission device 10 transmits the authentication key (encrypted authentication key) encrypted with the receiver key as the encryption key by including it in the broadcast stream by any one of methods 1 to 3.
  • FIG. 12 schematically shows the decryption process of the authentication key encrypted with the receiver key.
  • the decryption unit 256 performs a decryption process of the authentication key (encrypted authentication key) encrypted with the receiver key.
  • an authentication key (encrypted authentication key) encrypted with the receiver key included in the broadcast stream transmitted from the transmission device 10 is decrypted with the receiver key as the decryption key.
  • the receiving device 20 can acquire the authentication key decrypted with the receiver key.
  • the receiver key (encryption key) used in the authentication key encryption processing and the receiver key used in the authentication key decryption processing has a relationship (common key encryption) as a shared key, so the receiver key (decryption key) is used to decrypt the authentication key (encrypted authentication key) transmitted in the broadcast stream be able to.
  • the receiver manufacturer key and the receiver key are described as examples of the shared key. However, a shared key other than the receiver manufacturer key and the receiver key may be used. Good.
  • FIG. 13 is a diagram illustrating an example of syntax of CDM (Consumption Data Message) in XML format.
  • CDM Consption Data Message
  • FIG. 13 among the elements and attributes, “@” is added to the attribute. Further, the indented element and attribute are specified for the upper element.
  • the CDM element as the root element is an upper element of the protocolVersion attribute, the AVChannel element, and the NRTService element.
  • the protocolVersion attribute specifies the CDM protocol version.
  • the AVChannel element information related to the viewing history for each channel (service) of the distributed content is specified.
  • the AVChannel element is an upper element of the channelNum attribute, serviceType attribute, and ViewInterval element.
  • a channel number (service ID) is specified in the channelNum attribute.
  • serviceType attribute for example, the type of service such as normal broadcast or audio-only broadcast is specified.
  • the ViewInterval element is an upper element of the startTime attribute, endTime attribute, usageType attribute, timeShift attribute, viewStartTime attribute, viewEndTime attribute, and DOInterval element.
  • the DOInterval element is a higher element of the doId attribute, startTime attribute, and endTime attribute. In the ViewInterval element, information regarding the viewing history for each channel (service) is specified by these elements and attributes.
  • the NRTService element information related to the viewing history of the NRT service is specified.
  • the NRTService element is an upper element of the serviceID attribute and the NRTInterval element.
  • a service ID is specified in the serviceID attribute.
  • the NRTInterval element is an upper element of the startTime attribute, endTime attribute, and NRTItem element.
  • the NRTItem element is a higher element of the contentItemId attribute, startTime attribute, and endTime attribute.
  • information related to viewing history is specified for each NRT service by these elements and attributes.
  • FIG. 14 shows the distribution of the authentication key by the transmission device 10, the calculation of the message authentication code (HMAC) by the reception device 20, and the reception device 20 and the viewing history server 30 when the authentication key is transmitted using signaling. It is a figure explaining the flow of transmission / reception of viewing history information (CDM).
  • CDM viewing history information
  • the filter 255 corresponds to the filter unit 255 in FIG. 4
  • the HMAC calculation unit 258 corresponds to the message authentication code calculation unit 258 in FIG. 4.
  • a transmitting apparatus 10 of a broadcasting station transmits a video or audio (component) stream and a broadcast stream including signaling information as a digital broadcast signal.
  • the receiving device 20 receives a digital broadcast signal transmitted from the transmitting device 10 via the transmission facility 40 (FIG. 1) or the like.
  • the receiving unit 214 performs demodulation processing on the digital broadcast signal, and supplies signaling information obtained by the demodulation processing to the control unit 211 (FIG. 3).
  • the control unit 211 analyzes the signaling information, and controls a renderer 225 that processes a video or audio (component) stream from the reception unit 214 according to the analysis result.
  • the renderer 225 reproduces content (for example, a television program) according to the channel selection operation by performing rendering processing on a video or audio (component) stream in accordance with control from the control unit 211. Thereby, viewing history information (CDM) corresponding to the viewing of the content is recorded in the recording unit 212 (FIG. 3).
  • content for example, a television program
  • CDM viewing history information
  • the receiving device 20 since the broadcast stream includes signaling information including an authentication key (hereinafter referred to as authentication key signaling information), the receiving device 20 includes a filter 255 that performs, for example, authentication key signaling. By performing a filtering process using the receiver manufacturer ID on the packet storing the information, only the authentication key (encrypted authentication key) corresponding to the manufacturer of the receiving device 20 can be extracted. .
  • the authentication key (encrypted authentication key) obtained by the filtering process by the filter 255 is encrypted with the receiver manufacturer key (encryption key).
  • the decryption unit 256 reads the receiver manufacturer key (decryption key) held in the secure memory 224 and decrypts the authentication key (encrypted authentication key) obtained by the filtering process. As a result, the authentication key decrypted with the receiver manufacturer key (decryption key) is acquired and supplied to the HMAC calculation unit 258.
  • the viewing history information (CDM) read from the recording unit 212 is supplied to the HMAC calculation unit 258.
  • the HMAC calculation unit 258 calculates a message authentication code (HMAC) based on the authentication key and viewing history information (CDM).
  • the message authentication code (HMAC) calculated in this way is attached to the viewing history information (CDM) and supplied to the communication unit 223.
  • the communication unit 223 transmits the viewing history information (CDM) attached with the message authentication code (HMAC) to the viewing history server 30 via the communication line 60 in accordance with the viewing history server URL acquired in advance.
  • the viewing history server 30 receives viewing history information (CDM) attached with a message authentication code (HMAC) transmitted from the receiving device 20 via the communication line 60. Then, the viewing history server 30 compares the message authentication code (HMAC) received from the receiving device 20 with the message authentication code (HMAC ′) calculated by itself, and determines whether or not the comparison result matches. Then, the received message authentication code (HMAC) is verified.
  • CDM viewing history information
  • HMAC message authentication code
  • the viewing history server 30 processes the viewing history information (CDM).
  • the received viewing history information (CDM) attached with the message authentication code (HMAC) is the receiving device of the target receiver manufacturer.
  • the viewing history server 30 does not process (for example, discard) the viewing history information (CDM) because it is not recorded and transmitted by 20 and is not valid.
  • the authentication key is transmitted using signaling.
  • an authentication key is transmitted by encapsulation using a payload packet, and an authentication key is used using signaling metadata.
  • a method for transmitting the data will be described.
  • FIG. 15 is a diagram for explaining an authentication key transmission method by encapsulation using payload packets.
  • the ROUTE packet stored in the IP / UDP packet is appended with a header (PHY_H), IP header (IP_H), UDP header (UDP_H), and ROUTE header (ROUTE_H) related to the physical layer as the header.
  • PHY_H IP header
  • IP_H IP header
  • UDP_H UDP header
  • ROUTE_H ROUTE header
  • FIG. 15 illustrates a payload packet that stores an authentication key encrypted using a receiver manufacturer key as an encryption key
  • FIG. 15B illustrates a receiver key as an encryption key.
  • the payload packet which stored the authentication key encrypted using is illustrated.
  • the payload of the payload packet A in FIG. 15 stores an authentication key (encrypted authentication key) encrypted using a receiver manufacturer key (encryption key).
  • the receiver ID indicating the destination of the authentication key and the version information are added as the payload header.
  • an authentication key (encrypted authentication key) encrypted using a receiver key (encryption key) is stored in the payload of the payload packet of B in FIG.
  • FIG. 16 is a diagram for explaining an authentication key transmission method using signaling metadata.
  • the ROUTE packet stored in the IP / UDP packet is appended with a header (PHY_H), IP header (IP_H), UDP header (UDP_H), and ROUTE header (ROUTE_H) related to the physical layer.
  • PHY_H IP header
  • IP_H IP header
  • UDP_H UDP header
  • ROUTE_H ROUTE header
  • the authentication key is encrypted using a receiver manufacturer key (encryption key).
  • the authentication key is encrypted using another encryption key such as a receiver key.
  • the metadata envelope is standardized by 3GPP (3rd Generation Partnership Project).
  • FIG. 17 is a diagram illustrating an example of a syntax of an XML format metadata envelope.
  • “@” is added to the attribute among the elements and attributes. Further, the indented element and attribute are specified for the upper element.
  • the metadata envelope includes a metadataURI attribute, a version attribute, a validFrom attribute, a validUntil attribute, a contentType attribute, an encryption element, and an authenticationKey element.
  • the URI for identifying metadata is specified in the metadataURI attribute.
  • metadata version information is specified in the version attribute.
  • the validFrom attribute specifies the valid start time of metadata.
  • the validUntil attribute the valid end time of the metadata is specified.
  • the contentType attribute the MIME type of metadata is specified.
  • the encryption element is an upper element of the keyType attribute, keyID attribute, keyVersion attribute, algorithm attribute, and encParameter attribute.
  • Information indicating the type of encryption key is specified in the keyType attribute.
  • keyID attribute an ID for identifying the encryption key is specified.
  • keyVersion attribute version information of the encryption key is specified.
  • Information related to the encryption algorithm is specified in the algorithm attribute.
  • An encryption parameter is specified in the encParameter attribute.
  • Authentication key is specified in the authenticationKey element. Since this authentication key is encrypted with the encryption key, it can be decrypted using the decryption key.
  • the authenticationKey element is an upper element of the version attribute. In the version attribute, version information of the authentication key is specified.
  • step S101 component signaling processing is performed.
  • a video stream (video bit stream) processed by the video processing unit 113 or the like, an audio stream (audio bit stream) processed by the audio processing unit 115 or the like, and a subtitle processing unit 117 or the like is processed.
  • Various processes are performed on the subtitle stream and the signaling information processed by the signaling processing unit 119 and the like, and the stream of each component and the signaling information are in a state in which they can be transmitted as a digital broadcast signal.
  • step S102 the transmission unit 121 performs transmission processing.
  • the stream and signaling information of each component processed in the process of step S101 are transmitted via the antenna 131 as a digital broadcast signal.
  • the transmission process of FIG. 18 ends.
  • This authentication key distribution process is a process executed in parallel with the process of step S101 of FIG. 18 by the transmission apparatus 10 of FIG.
  • step S111 the control unit 111 determines whether it is time to distribute the authentication key.
  • step S111 determines whether it is not the timing to distribute the authentication key. If it is determined in step S111 that it is not the timing to distribute the authentication key, the determination process in step S111 is repeated. On the other hand, if it is determined in step S111 that it is time to distribute the authentication key, the process proceeds to step S112.
  • step S112 the authentication key generation unit 151 generates an authentication key to be provided to the receiving device 20 and the viewing history server 30.
  • step S113 the encryption unit 152 encrypts the authentication key generated in the process of step S112 using, for example, an encryption key such as a receiver manufacturer key or a receiver key.
  • the authentication key (encrypted authentication key) obtained by the processing in step S113 is supplied to the signaling generation unit 118 when the method 1 is adopted.
  • step S114 the signaling generation unit 118 adds an authentication key (encrypted authentication key) to the signaling information based on the authentication key (encrypted authentication key) encrypted in the process of step S113, thereby authenticating. Generate key signaling information.
  • authentication key signaling information including an authentication key is generated (S114 in FIG. 19) and transmitted by being included in the digital broadcast signal (S102 in FIG. 18). Note that the authentication key generated in the process of step S112 is also provided to the viewing history server 30.
  • reception processing executed by the reception device 20 of FIG. 1
  • the reception process in FIG. 20 is executed when, for example, a service channel selection operation is performed by a user and a service channel selection event occurs.
  • step S201 channel selection processing is performed by the broadcast control unit 251 or the like.
  • a service ID channel number
  • channel selection information corresponding to the service ID has been acquired.
  • channel selection information if channel selection information has already been acquired by the initial scan process or the like, the channel selection information is acquired, while if channel selection information has not been acquired, IP / UDP packets included in the broadcast stream are monitored. Then, SLT (channel selection information included) included in the IP / UDP packet is acquired. And the channel selection process using the channel selection information acquired in this way is performed.
  • SLT channel selection information included
  • step S202 broadcast stream reception processing is performed.
  • a broadcast stream is received in accordance with the channel selection process in step S201, and content (for example, a television program) corresponding to the service channel selection operation is reproduced. Details of the broadcast stream reception process will be described later with reference to the flowchart of FIG.
  • step S203 it is determined whether or not to end the reception of the broadcast stream. If it is determined in step S203 that reception of the broadcast stream is to be continued, the processing returns to step S202, and the subsequent processing is repeated. In this case, the content reproduction is continued.
  • step S203 when the viewing of the content by the user is finished and it is determined in step S203 that the reception of the broadcast stream is finished, the reception process of FIG. 20 is finished.
  • step S211 the receiving unit 214 performs demodulation processing according to control from the control unit 211, extracts (acquires) the L2 packet from the L1 frame of the physical layer, and encapsulates the IP encapsulated in the payload of the L2 packet. Extract (acquire) / UDP packets.
  • step S212 the control unit 211 determines whether the IP / UDP packet type (stream type) acquired in the process of step S211 is a video, audio, and subtitle component, NRT content, or signaling. It is determined whether or not.
  • step S212 If it is determined in step S212 that the stream type is a video, audio, or subtitle component, the process proceeds to step S213.
  • step S213 video, audio, and subtitle component rendering processing is performed. By this rendering process, the content corresponding to the channel selection operation is reproduced.
  • step S212 If it is determined in step S212 that the stream type is NRT content, the process proceeds to step S214.
  • step S214 NRT content reception / storage processing is performed. In this reception / accumulation process, NRT content transmitted as a broadcast stream is received and recorded (accumulated) in the recording unit 212.
  • step S212 when it is determined in step S212 that the stream type is signaling, the process proceeds to step S215.
  • step S215 the control unit 211 determines whether or not the signaling included in the IP / UDP packet (the ROUTE packet) acquired in the process of step S211 is authentication key signaling information.
  • step S215 If it is determined in step S215 that the signaling included in the IP / UDP packet is authentication key signaling information, the process proceeds to step S216.
  • the filter unit 255 determines whether the authentication key (encrypted authentication key) included in the authentication key signaling information is an authentication key addressed to the own device.
  • an ID for example, receiver manufacturer ID or receiver ID
  • the secure memory indicating the destination of the authentication key in the payload header added to the payload in which the authentication key (encrypted authentication key) is stored is the secure memory. Whether the authentication key is destined for the own device can be determined based on whether the information matches the information stored in H.224.
  • step S216 If it is determined in step S216 that the authentication key (encrypted authentication key) included in the authentication key signaling information is an authentication key addressed to the own device, the process proceeds to step S217.
  • step S217 the authentication key acquisition unit 257 determines whether the authentication key (encrypted authentication key) addressed to itself is updated. Here, for example, whether the authentication key (encrypted authentication key) addressed to the device has been updated by checking the version information of the payload header added to the payload storing the authentication key (encrypted authentication key) Whether it can be determined.
  • step S217 If it is determined in step S217 that the authentication key addressed to the own device has been updated, the process proceeds to step S218.
  • step S219 the authentication key acquisition unit 257 acquires the authentication key decrypted in the process of step S218.
  • the authentication key acquisition unit 257 records the authentication key acquired in step S219 in the recording unit 212.
  • the receiving device 20 acquires and records (holds) the authentication key transmitted from the transmitting device 10 using the signaling by the method 1.
  • step S215 If it is determined in step S215 that the signaling included in the IP / UDP packet (the ROUTE packet) is not authentication key signaling information, the process proceeds to step S221.
  • step S221 the control unit 211 performs processing according to signaling other than the authentication key signaling information (for example, LLS and SLS signaling information) included in the IP / UDP packet.
  • step S213, S214, S220, or S221 the process returns to step S202 of FIG. 20, and the subsequent processes are executed. If it is determined in step S216 that the authentication key included in the authentication key signaling information is not an authentication key addressed to the own device, or in step S217, it is determined that the authentication key addressed to the own device has not been updated. In this case, since it is not necessary to decrypt and record the authentication key (encrypted authentication key), the processing of steps S218 to S220 is skipped, and the processing returns to step S202 of FIG.
  • step S221 the viewing history information management unit 253 determines whether it is time to record viewing history information (CDM).
  • step S221 If it is determined in step S221 that it is not time to record viewing history information (CDM), the determination process in step S221 is repeated. On the other hand, if it is determined in step S221 that it is time to record viewing history information (CDM), the process proceeds to step S222.
  • step S222 the viewing history information management unit 253 records (accumulates) content viewing history information (CDM) in the recording unit 212.
  • CDM content viewing history information
  • viewing history information (CDM) corresponding to viewing of content (for example, a television program) by a user is recorded at a predetermined timing, so that the recording unit 212 can receive, for example, a service (channel
  • the viewing history information (CDM) is sequentially accumulated. Note that the viewing history information (CDM) is not limited to a predetermined timing and may be continuously recorded.
  • step S231 the viewing history server URL acquisition unit 254 determines whether or not the viewing history server URL included in the broadcast stream has been received.
  • step S231 when it is determined that the viewing history server URL is not included in the broadcast stream and the viewing history server URL is not received, the determination processing in step S231 is repeated. On the other hand, when it is determined in step S231 that the viewing history server URL is included in the broadcast stream and the viewing history server URL is received, the process proceeds to step S232.
  • the viewing history server URL acquisition unit 254 acquires the viewing history server URL included in the broadcast stream.
  • a signaling location descriptor (inet_signaling_location_descriptor) arranged in the SLT which is LLS signaling information, a watermark payload (URI message of the WM message) transmitted as a video watermark, audio user data (SYS metaframe) sysData), or the viewing history server URL is described in the metadata of a TTML (Timed Text Markup Language) document, and the viewing history server URL acquisition unit 254 acquires the viewing history server URL therefrom.
  • step S233 the viewing history server URL acquisition unit 254 records (holds) the viewing history server URL acquired in the process of step S232 in the recording unit 212.
  • the viewing history server URL acquisition process of FIG. 23 ends.
  • the viewing history server URL acquisition process the viewing history server URL is stored for each viewing history server 30 in the recording unit 212 by acquiring the viewing history server URL transmitted at a predetermined timing.
  • step S241 the process waits until a transmission event of viewing history information (CDM) occurs at a predetermined timing. If it is determined in step S242 that a viewing history information (CDM) transmission event has occurred, the process proceeds to step S243.
  • CDM viewing history information
  • step S243 the viewing history server URL acquisition unit 254 performs a viewing history server URL reading process.
  • the process of reading the viewing history server URL recorded (held) in the recording unit 212 is performed by the viewing history server URL acquisition process (step S233) of FIG.
  • step S244 it is determined whether or not the viewing history server URL has been successfully read in the reading process in step S243. If it is determined in step S244 that the viewing history server URL has been successfully read, the process proceeds to step S245.
  • step S245 the authentication key acquisition unit 257 performs an authentication key read process.
  • this reading process a process of reading the authentication key recorded (held) in the recording unit 212 by the broadcast stream receiving process (step S220 in FIG. 21) is performed.
  • step S246 it is determined whether or not the authentication key has been successfully read in the reading process in step S245. If it is determined in step S246 that the authentication key has been successfully read, the process proceeds to step S247.
  • step S247 the viewing history information management unit 253 performs a viewing history information (CDM) reading process.
  • CDM viewing history information
  • the viewing history information (CDM) recorded (accumulated) in the recording unit 212 is read by the viewing history information recording process (step S222 in FIG. 22).
  • step S248 the message authentication code calculation unit 258 determines the message authentication code (HMAC) based on the authentication key acquired in the reading process in step S245 and the viewing history information (CDM) acquired in the reading process in step S247. ) Is calculated.
  • HMAC message authentication code
  • step S249 the communication control unit 252 controls the communication unit 223 to follow the viewing history server URL acquired in the reading process in step S243, along with the viewing history information (CDM) acquired in the reading process in step S247.
  • the message authentication code (HMAC) calculated in the process of step S248 is transmitted to the viewing history server 30 via the communication line 60.
  • step S244 If it is determined in step S244 that reading of the viewing history server URL has failed, or if it is determined in step S246 that reading of the authentication key has failed, the process proceeds to step S250.
  • step S250 the control unit 211 executes transmission error processing that is performed when transmission of viewing history information (CDM) fails.
  • CDM viewing history information
  • step S249 or S250 When the process of step S249 or S250 is finished, the viewing history information transmission process of FIG. 24 is finished.
  • the viewing history server URL, the authentication key, and the viewing history information (CDM) that are appropriately recorded in the recording unit 212 are read at a predetermined timing, and the authentication key and viewing history information (CDM) are read. ), A message authentication code (HMAC) is calculated, and viewing history information (CDM) attached with the message authentication code (HMAC) is transmitted to the viewing history server 30 via the communication line 60 in accordance with the viewing history server URL. Will be.
  • the viewing history information (CDM) appropriately recorded in the recording unit 212 has been described as being transmitted to the viewing history server 30, but the viewing history information (CDM) is not recorded in the recording unit 212. In addition, it may be transmitted immediately to the viewing history server 30 at the timing when the viewing history information (CDM) is generated.
  • step S301 the communication unit 311 is monitored by the control unit 311 and waits until a reception history information (CDM) reception request from the reception device 20 is generated. If it is determined in step S302 that a viewing history information (CDM) reception request has occurred, the process proceeds to step S303.
  • CDM reception history information
  • step S303 the communication unit 312 performs server / client connection processing in accordance with control from the control unit 311.
  • this server / client connection process the connection (session) between the receiving device 20 and the viewing history server 30 is established, and the receiving device 20 and the viewing history server 30 can communicate via the communication line 60.
  • the receiving device 20 and the viewing history server 30 can communicate via the communication line 60.
  • communication between the receiving device 20 and the viewing history server 30 is performed securely using HTTPS provided by TLS, for example.
  • step S304 the communication unit 312 receives viewing history information (CDM) and a message authentication code (HMAC) transmitted from the receiving device 20 via the communication line 60.
  • the viewing history information (CDM) attached with the message authentication code (HMAC) transmitted by the viewing history information transmission process (step S249) of FIG. 24 is received.
  • step S305 the message authentication code calculation unit 353 and the message authentication code comparison unit 354 perform message authentication code verification processing.
  • the message authentication code (HMAC) received from the receiving device 20 is compared with the message authentication code (HMAC ′) calculated by the message authentication code calculation unit 353, and the comparison result A verification result is obtained. Details of the message authentication code verification process will be described later with reference to the flowchart of FIG.
  • step S306 the message authentication code comparison unit 354 determines whether the verification result obtained in the process of step S305 (message authentication code verification process) is valid.
  • step S306 If it is determined in step S306 that the verification result of the message authentication code (HMAC) is valid, that is, the viewing history information (CDM) attached with the message authentication code (HMAC) is valid, the process is as follows. The process proceeds to step S307. In step S307, the viewing history information management unit 355 receives the message authentication code (CDM) received in the processing in step S304 and subjected to the processing in step S305 (message authentication code verification processing). Viewing history information (CDM) that is an attachment source of (HMAC) is accumulated in the viewing history information accumulation unit 313.
  • CDM message authentication code
  • step S306 determines whether the verification result of the message authentication code (HMAC) is not valid, that is, the viewing history information (CDM) attached with the message authentication code (HMAC) is not valid.
  • step S308 the control unit 311 executes error processing that is performed when the verification result of the message authentication code (HMAC) is not valid.
  • step S307 or S308 When the process of step S307 or S308 is completed, the viewing history information reception process of FIG. 25 is terminated.
  • the viewing history information (CDM) attached with the message authentication code (HMAC) is sequentially stored according to the verification result of the message authentication code (HMAC).
  • step S311 the authentication key acquisition unit 352 reads the authentication key and authentication key information recorded in the recording unit 212.
  • step S312 the message authentication code calculation unit 353 generates a message authentication code (HMAC) based on the authentication key acquired in the process of step S311 and the viewing history information (CDM) received in the process of step S304 in FIG. ') Is calculated.
  • HMAC message authentication code
  • step S313 the message authentication code comparison unit 354 compares the message authentication code (HMAC) received in the process of step S304 in FIG. 25 with the message authentication code (HMAC ′) calculated in the process of step S312. .
  • step S314 the message authentication code comparison unit 354 determines whether or not these message authentication codes (HMAC, HMAC ′) match based on the comparison result obtained in the process of step S313.
  • step S314 If it is determined in step S314 that the message authentication codes (HMAC, HMAC ′) match, the process proceeds to step S315.
  • step S315 the message authentication code comparison unit 354 matches the message authentication codes (HMAC, HMAC ′), that is, the viewing history information (CDM) attached with the message authentication code (HMAC) is valid. Returns the verification result.
  • step S314 if it is determined in step S314 that the message authentication codes (HMAC, HMAC ′) do not match, the process proceeds to step S316.
  • step S316 the message authentication code comparison unit 354 does not match the message authentication codes (HMAC, HMAC ′), that is, the viewing history information (CDM) attached with the message authentication code (HMAC) is valid. Return the verification result that there is no.
  • step S315 or S316 When the process of step S315 or S316 is completed, the process returns to the process of step S305 in FIG. 25, and the subsequent processes are executed.
  • FIG. 27 shows the distribution of the authentication key by the transmitting device 10, the calculation of the message authentication code (HMAC) by the receiving device 20, the receiving device 20 and the viewing history server when transmitting the authentication key using the video watermark.
  • 3 is a diagram for explaining a flow of transmission / reception of viewing history information (CDM) by 30.
  • CDM viewing history information
  • the transmitting apparatus 10 of the broadcasting station transmits a video or audio (component) stream and a broadcast stream including signaling information as a digital broadcast signal.
  • the receiving device 20 receives a digital broadcast signal transmitted from the transmitting device 10 via the transmission facility 40 (FIG. 1) or the like.
  • the renderer 225 performs a rendering process on a video or audio (component) stream supplied from the receiving unit 214 in accordance with the control from the control unit 211, so that content ( For example, a TV program). Thereby, viewing history information (CDM) corresponding to the viewing of the content is recorded in the recording unit 212 (FIG. 3).
  • content For example, a TV program.
  • viewing history information CDM
  • an authentication key (encrypted authentication key) is described in a watermark payload transmitted as a video watermark in the broadcast stream (video stream).
  • the filter 255 performs a filtering process using the receiver manufacturer ID on the authentication key (encrypted authentication key) described in the watermark payload, for example. Only the authentication key (encrypted authentication key) corresponding to the manufacturer can be extracted.
  • the authentication key (encrypted authentication key) obtained by the filtering process is encrypted with the receiver manufacturer key (encryption key). Using the key (decryption key), decrypt the authentication key (encrypted authentication key) obtained by the filtering process. Then, the HMAC calculation unit 258 calculates a message authentication code (HMAC) based on the authentication key decrypted by the decryption unit 256 and the viewing history information (CDM) read from the recording unit 212.
  • HMAC message authentication code
  • the communication unit 223 transmits the viewing history information (CDM) attached with the message authentication code (HMAC) to the viewing history server 30 via the communication line 60 in accordance with the viewing history server URL acquired in advance.
  • CDM viewing history information
  • HMAC message authentication code
  • the viewing history server 30 receives viewing history information (CDM) attached with a message authentication code (HMAC) transmitted from the receiving device 20 via the communication line 60. Then, the viewing history server 30 compares the message authentication code (HMAC) received from the receiving device 20 with the message authentication code (HMAC ′) calculated by itself, and determines whether or not the comparison result matches. Then, the received message authentication code (HMAC) is verified.
  • CDM viewing history information
  • HMAC message authentication code
  • the viewing history server 30 processes the viewing history information (CDM).
  • the received viewing history information (CDM) attached with the message authentication code (HMAC) is the receiving device of the target receiver manufacturer.
  • the viewing history server 30 does not process (for example, discard) the viewing history information (CDM) because it is not recorded and transmitted by 20 and is not valid.
  • FIG. 28 is a diagram showing an authentication key notification method when a video watermark is used.
  • the upper two lines of the video display area can be used as a video watermark.
  • standard data transmission which is a method of transmitting 1-bit information amount in one block
  • double magnification data transmission which is a method of transmitting 2-bit information amount in one block. Any one of the data transmission methods can be used.
  • the first block is “1”
  • the second block is “1”
  • the third block is “0”
  • the fourth block is “1” is sequentially stored, and one bit of “0” or “1” is also stored for each block in the fifth and subsequent blocks.
  • “11” for the first block, “10” for the second block, "01” for the third block, “for the fourth block” 10 is sequentially stored, and 2 bits including a combination of” 0 "and” 1 "are also stored for each block in the fifth and subsequent blocks.
  • the video watermark uses two lines of the video bitstream to transmit a watermark payload.
  • FIG. 29 is a diagram illustrating an example of the syntax of a watermark payload.
  • the 16-bit run_in_pattern specifies the transmission pattern of the video watermark and the resolution of one area expressed in the range from white to black. As this transmission pattern, one line or two lines are designated. Further, 8 bits to 12 bits are designated as the resolution of one area.
  • Wm_message () represents the message area of the watermark.
  • 8-bit zero_pad represents zero padding.
  • FIG. 30 is a diagram illustrating an example of the syntax of the WM message (wm_message) in FIG.
  • WM message ID is specified in 8-bit wm_message_id.
  • the 8-bit wm_message_length specifies the WM message length.
  • the 4-bit wm_message_sequence specifies the WM message sequence.
  • 2-bit fragment_number and 2-bit last_fragment information about a fragment is specified.
  • a content ID message (content_id_message) is placed.
  • a channel ID message (channel_id_message) is arranged.
  • a URI message (uri_message) is arranged.
  • 0x04 is specified as the WM message ID
  • an authentication key message (authentication_key) is placed.
  • authentication_key an authentication key message
  • 0x04 is designated as the WM message ID.
  • the WM message includes error detection codes such as message_CRC_32 and CRC_32.
  • FIG. 31 is a diagram illustrating an example of the syntax of the authentication key message (authentication_key) in FIG.
  • 4-bit key_type specifies the type of key used for encryption or decryption of the authentication key.
  • the 16-bit key_id specifies the ID of a key used for encryption or decryption of the authentication key.
  • the 8-bit key_version specifies the version of the key used for encryption or decryption of the authentication key.
  • the 32-bit valid_from specifies the start time of the validity period of the authentication key.
  • the 32-bit valid_until specifies the end time of the validity period of the authentication key.
  • Authentic key encryption or decryption encryption algorithm is specified in the 4-bit algorithm.
  • the encryption parameter length for encryption or decryption of the authentication key is designated.
  • enc_param () is composed of 8 * enc_param_length bits, and specifies encryption parameters for encryption or decryption of the authentication key.
  • the authentication key length is specified in the 8-bit auth_key_length.
  • the auth_key consists of 8 * auth_key_length bits, and an authentication key is designated.
  • the 8-bit auth_key_version specifies version information of the authentication key.
  • This authentication key distribution process is a process executed in parallel with the process of step S101 of FIG. 18 by the transmission apparatus 10 of FIG.
  • step S121 the control unit 111 determines whether it is time to distribute the authentication key.
  • step S121 If it is determined in step S121 that it is not time to distribute the authentication key, the determination process in step S121 is repeated. On the other hand, if it is determined in step S121 that it is time to distribute the authentication key, the process proceeds to step S122.
  • step S122 the authentication key generation unit 151 generates an authentication key to be provided to the receiving device 20 and the viewing history server 30.
  • step S123 the encryption unit 152 encrypts the authentication key generated in the process of step S122 using, for example, an encryption key such as a receiver manufacturer key or a receiver key.
  • the authentication key (encrypted authentication key) generated in this way is supplied to the video processing unit 113 when the method 2 is adopted.
  • step S124 when processing the video stream, the video processing unit 113 transmits the authentication key (encrypted authentication key) obtained in step S123 as the watermark payload ( Add (describe) to the WM message's authentication key message (authentication_key)).
  • an authentication key (encrypted authentication key) is described in the authentication key message (authentication_key) of the WM message of the watermark payload, and a video watermark that transmits the watermark payload including the authentication key message is transmitted. Is generated (S101 in FIG. 18) and transmitted in a digital broadcast signal (S102 in FIG. 18). Note that the authentication key generated in the process of step S122 is also provided to the viewing history server 30.
  • this authentication key acquisition process is a process executed in the receiving device 20 of FIG. 1 while, for example, viewing the content of the service selected according to the channel selection operation by the user.
  • step S261 the control unit 211 monitors an operation signal or the like from the input unit 213, and waits until a service channel selection event occurs. If it is determined in step S262 that a service channel selection event has occurred, the process proceeds to step S263.
  • step S263 the broadcast control unit 251 performs channel selection processing by controlling the operation of the reception unit 214 and the like based on the channel selection information recorded in the recording unit 212.
  • step S264 the broadcast control unit 251 renders video (video), audio, and subtitle components (streams) by controlling the video processing unit 216, the audio processing unit 218, and the subtitle processing unit 220.
  • step S265 it is determined whether or not to process the video watermark. If it is determined in step S265 that the process for the video watermark is to be performed, the process proceeds to step S266.
  • step S266 the video processing unit 216 determines whether or not an authentication key (encrypted authentication key) is described in the watermark payload (authentication key message (authentication_key) of the WM message) transmitted as the video watermark. To do. If it is determined in step S266 that an authentication key (encrypted authentication key) is described in the watermark payload (authentication key message of the WM message), the process proceeds to step S267.
  • step S267 the authentication key acquisition unit 257 and the like execute an authentication key acquisition process.
  • the authentication key (encrypted authentication key) described in the authentication key message (authentication_key) is decrypted and recorded (held) in the recording unit 212. Details of the authentication key acquisition process will be described later with reference to the flowchart of FIG.
  • step S266 determines whether the encryption authentication key is not described in the watermark payload (the authentication key message of the WM message). If it is determined in step S266 that the encryption authentication key is not described in the watermark payload (the authentication key message of the WM message), the process proceeds to step S268.
  • step S268 the video processing unit 216 performs another video watermark process (for example, a process for a content ID message, a channel ID message, a URI message, etc.).
  • step S267 or S268 the process proceeds to step S269. If it is determined in step S265 that the process for the video watermark is not performed, the processes in steps S266 to S268 are skipped, and the process proceeds to step S269.
  • step S269 it is determined whether or not viewing by the user is terminated. If it is determined in step S269 that viewing does not end, the process returns to step S264, and the subsequent processes are repeated. On the other hand, if it is determined in step S269 that viewing ends, the authentication key acquisition process in FIG. 33 ends.
  • authentication key acquisition processing has been described above.
  • a service tuning event that is, when viewing content
  • a watermark payload is transmitted with a video watermark
  • an authentication key (encryption key) is added to the authentication key message (authentication_key) of the WM message.
  • authentication key is described, the authentication key is acquired and recorded (held).
  • step S271 the filter unit 255 confirms the authentication key message (authentication_key), for example, to determine whether the authentication key (encrypted authentication key) described in the authentication key message is an authentication key addressed to the own device. Determine.
  • step S271 If it is determined in step S271 that the target authentication key (encrypted authentication key) is an authentication key addressed to the own device, the process proceeds to step S272.
  • step S272 the authentication key acquisition unit 257 checks the authentication key message (authentication_key) to determine whether or not the authentication key (encrypted authentication key) described in the authentication key message has been updated.
  • step S272 If it is determined in step S272 that the target authentication key (encrypted authentication key) has been updated, the process proceeds to step S273.
  • step S273 the decryption unit 256 decrypts the authentication key (encrypted authentication key) described in the auth_key of the authentication key message (authentication_key).
  • step S274 the authentication key acquisition unit 257 acquires the authentication key decrypted in the process of step S273.
  • step S275 the authentication key acquisition unit 257 records (holds) the authentication key acquired in step S274 in the recording unit 212.
  • step S275 the process returns to the process of step S267 of FIG. 33, and the subsequent processes are executed. If it is determined in step S271 that the target authentication key (encrypted authentication key) is not an authentication key addressed to the own device, or in step S272, the target authentication key (encrypted authentication key) is not updated. If it is determined that the authentication key is determined to be, the processing of steps S273 to S275 is skipped, and the processing for the target authentication key (encrypted authentication key) is not performed.
  • the case where the authentication key (encrypted authentication key) described in the authentication key message (authentication_key) is acquired at the time of viewing the content has been described as an example.
  • the authentication key transmitted using the video watermark may be acquired and recorded (newly recorded or updated).
  • the receiving device 20 executes the viewing history information transmission process of FIG. 24 when it is time to transmit the viewing history information (CDM) to the viewing history server 30, and the video water
  • the message authentication code (HMAC) is calculated from the authentication key acquired from the watermark payload (the authentication key message of the WM message) transmitted by the mark and the viewing history information (CDM) read from the recording unit 212. Then, the message authentication code (HMAC) is transmitted to the viewing history server 30 via the communication line 60 together with the viewing history information (CDM).
  • the transmitter 10 authenticates the receiver 20 by including the authentication key in the video watermark.
  • the key is distributed.
  • the receiving device 20 that directly receives the antenna can process the watermark payload transmitted as the video watermark, and the receiving device 20 that performs indirect reception via the MVPD. Even if it exists, the watermark payload transmitted as a video watermark can be processed, so the authentication key included in the watermark payload (WM message authentication key message) is surely Can be obtained.
  • the audio watermark is used to authenticate the watermark payload.
  • a key may be included.
  • FIG. 35 shows the distribution of the authentication key by the transmitting device 10, the calculation of the message authentication code (HMAC) by the receiving device 20, and the receiving device 20 and the viewing history server when the authentication key is transmitted using audio user data.
  • HMAC message authentication code
  • 3 is a diagram for explaining a flow of transmission / reception of viewing history information (CDM) by 30.
  • CDM viewing history information
  • the transmitting apparatus 10 of the broadcasting station transmits a video or audio (component) stream and a broadcast stream including signaling information as a digital broadcast signal.
  • the receiving device 20 receives a digital broadcast signal transmitted from the transmitting device 10 via the transmission facility 40 (FIG. 1) or the like.
  • the renderer 225 performs a rendering process on a video or audio (component) stream supplied from the receiving unit 214 in accordance with the control from the control unit 211, so that content ( For example, a TV program). Thereby, viewing history information (CDM) corresponding to the viewing of the content is recorded in the recording unit 212 (FIG. 3).
  • content For example, a TV program.
  • viewing history information CDM
  • an authentication key (encrypted authentication key) is described in audio user data (Audio User Data) transmitted in a broadcast stream (audio stream).
  • the filter 255 performs a filtering process using the receiver manufacturer ID on the authentication key (encrypted authentication key) described in the audio user data, for example. Only the authentication key (encrypted authentication key) corresponding to the manufacturer can be extracted.
  • the decryption unit 256 is the receiver manufacturer. Using the key (decryption key), decrypt the authentication key (encrypted authentication key) obtained by the filtering process. Then, the HMAC calculation unit 258 calculates a message authentication code (HMAC) based on the authentication key decrypted by the decryption unit 256 and the viewing history information (CDM) read from the recording unit 212.
  • HMAC message authentication code
  • the communication unit 223 transmits the viewing history information (CDM) attached with the message authentication code (HMAC) to the viewing history server 30 via the communication line 60 in accordance with the viewing history server URL acquired in advance.
  • CDM viewing history information
  • HMAC message authentication code
  • the viewing history server 30 receives viewing history information (CDM) attached with a message authentication code (HMAC) transmitted from the receiving device 20 via the communication line 60. Then, the viewing history server 30 compares the message authentication code (HMAC) received from the receiving device 20 with the message authentication code (HMAC ′) calculated by itself, and determines whether or not the comparison result matches. Then, the received message authentication code (HMAC) is verified.
  • CDM viewing history information
  • HMAC message authentication code
  • the viewing history server 30 processes the viewing history information (CDM).
  • the received viewing history information (CDM) attached with the message authentication code (HMAC) is the receiving device of the target receiver manufacturer.
  • the viewing history server 30 does not process (for example, discard) the viewing history information (CDM) because it is not recorded and transmitted by 20 and is not valid.
  • FIG. 36 is a diagram illustrating an example of the syntax of a SYS metaframe (SysMetaFrame) defined by MPEG-H 3D Audio.
  • the system type is specified in the 8-bit sysType.
  • dataLen the data length is specified.
  • sysData consists of 8 * dataLen bits, and data corresponding to the type specified by sysType is specified.
  • sysType when “3” is specified as sysType, it indicates that “SYS_DASH”, that is, data specified by sysData is used by the MPEG-DASH system. Note that the value of sysType that is “0” is undefined. In the value of sysType, “4” to “127” are values reserved for future use by the International Organization for Standardization (ISO). Further, “128” to “255” are values reserved for future expansion.
  • ISO International Organization for Standardization
  • FIG. 38 is a diagram illustrating an example of the syntax of sysData (sysData_atsc3.0) when “SYS_ATSC3.0” is specified as the sysType.
  • a 4-bit sys_data_type specifies a data type.
  • “auth_key” is specified as sys_data_type, key_type, key_id, key_id, valid_from, valid_until, algorithm, enc_param_length, enc_param (), auth_key_length, auth_key, and auth_key_version are specified.
  • 4-bit key_type specifies the type of key used for encryption or decryption of the authentication key.
  • the 16-bit key_id specifies the ID of a key used for encryption or decryption of the authentication key.
  • the 32-bit valid_from specifies the start time of the validity period of the authentication key.
  • the 32-bit valid_until specifies the end time of the validity period of the authentication key.
  • Authentic key encryption or decryption encryption algorithm is specified in the 4-bit algorithm.
  • the encryption parameter length for encryption or decryption of the authentication key is designated.
  • enc_param () is composed of 8 * enc_param_length bits, and specifies encryption parameters for encryption or decryption of the authentication key.
  • the authentication key length is specified in the 8-bit auth_key_length.
  • the auth_key consists of 8 * auth_key_length bits, and an authentication key is designated.
  • the authentication key version is specified in 8-bit auth_key_version.
  • This authentication key distribution process is a process executed in parallel with the process of step S101 of FIG. 18 by the transmission apparatus 10 of FIG.
  • step S131 the control unit 111 determines whether it is time to distribute the authentication key.
  • step S131 determines whether it is time to distribute the authentication key. If it is determined in step S131 that it is not time to distribute the authentication key, the determination process in step S131 is repeated. On the other hand, if it is determined in step S131 that it is time to distribute the authentication key, the process proceeds to step S132.
  • step S132 the authentication key generation unit 151 generates an authentication key to be provided to the receiving device 20 and the viewing history server 30.
  • step S133 the encryption unit 152 encrypts the authentication key generated in the process of step S132 using, for example, an encryption key such as a receiver manufacturer key or a receiver key.
  • the authentication key generated in this way is supplied to the audio processing unit 115 when the method 3 is adopted.
  • step S134 when processing the audio stream, the audio processing unit 115 adds the authentication key generated in the process of step S132 to the audio user data (sysData of SYS metaframe).
  • SYS_ATSC3.0 “128” (“SYS_ATSC3.0”) is specified as sysType, and sysData_atsc3.0 is used as sysData.
  • sysData_atsc3.0 “auth_key” is specified as sys_data_type.
  • this authentication key acquisition process is a process executed in the receiving device 20 of FIG. 1 while, for example, viewing the content of the service selected according to the channel selection operation by the user.
  • step S281 the control unit 211 monitors an operation signal from the input unit 213 and waits until a service channel selection event occurs. If it is determined in step S282 that a service channel selection event has occurred, the process proceeds to step S283.
  • step S283 the broadcast control unit 251 performs channel selection processing by controlling the operation of the reception unit 214 and the like based on the channel selection information recorded in the recording unit 212.
  • step S284 the broadcast controller 251 controls the video processor 216, the audio processor 218, and the caption processor 220, thereby rendering video (audio) and caption components (streams thereof).
  • step S285 it is determined whether or not to process the audio user data of the audio stream. If it is determined in step S285 that the process is to be performed on the audio user data, the process proceeds to step S286.
  • step S286 the audio processing unit 218 determines whether an authentication key (encrypted authentication key) is described in the audio user data (sysData_atsc3.0 in the SYS metaframe). If it is determined in step S286 that the audio user data (sysData_atsc3.0 in the SYS metaframe) describes an authentication key (encrypted authentication key), the process proceeds to step S287.
  • an authentication key Encrypted authentication key
  • step S287 the authentication key acquisition unit 257 and the like execute an authentication key acquisition process.
  • the authentication key (encrypted authentication key) described in the audio user data (sysData_atsc3.0 in the SYS metaframe) is decrypted and recorded (held) in the recording unit 212.
  • the details of the authentication key acquisition process are the same as those in the flowchart of FIG. 34 described above, and thus detailed description thereof is omitted here.
  • step S285 if it is determined in step S285 that no processing is performed on the audio user data, or in step S286, an authentication key (encrypted authentication key) is described in the audio user data (sysData_atsc3.0 of the SYS metaframe). If it is determined that the process has not been performed, the process proceeds to step S288.
  • step S288 it is determined whether viewing by the user ends. If it is determined in step S288 that viewing does not end, the process returns to step S284, and the subsequent processing is repeated. On the other hand, if it is determined in step S288 that viewing is to be terminated, the authentication key acquisition process in FIG. 40 is terminated.
  • an authentication key (encrypted authentication key) is described in audio user data (sysData_atsc3.0 in the SYS metaframe) when a service channel selection event occurs, that is, when content is viewed. In this case, the authentication key is acquired and recorded (held).
  • the receiving device 20 executes the viewing history information transmission process of FIG. 24 when it is time to transmit the viewing history information (CDM) to the viewing history server 30, and the audio user
  • the message authentication code (HMAC) is calculated from the authentication key acquired from the data (sysData_atsc3.0 of SYS metaframe) and the viewing history information (CDM) read from the recording unit 212, and the viewing history information (CDM
  • the message authentication code (HMAC) is transmitted to the viewing history server 30 via the communication line 60.
  • the authentication key is included in the audio user data so that the transmitting device 10 authenticates the receiving device 20.
  • the key is distributed.
  • the receiving device 20 that directly receives the antenna can process the audio user data, and the audio user data can be processed even if the receiving device 20 performs the indirect reception via the MVPD. Therefore, the authentication key included in the audio user data (sysData_atsc3.0 in the SYS metaframe) can be surely acquired regardless of the reception environment.
  • the authentication key is included in the audio user data (sysData_atsc3.0 of the SYS metaframe)
  • the video user data is used.
  • An authentication key may be included.
  • ATSC which is a method adopted in the United States and the like as a standard for digital terrestrial television broadcasting
  • ISDB Integrated Services Digital Broadcasting
  • DVB Digital Video Broadcasting
  • the present invention is not limited to terrestrial digital television broadcasting, but may be adopted for satellite digital television broadcasting, digital cable television broadcasting, and the like.
  • the authentication key may be transmitted using other methods such as using the metadata of a TTML (Timed Text Markup Language) used in the above, and placing the authentication key there.
  • TTML is a markup language that can specify text display timing, display layout, etc., and is standardized by W3C (World Wide Web).
  • HMAC Hash-based Message Authentication Code
  • MAC message authentication code
  • FIG. 41 is a diagram illustrating a configuration example of hardware of a computer that executes the above-described series of processing by a program.
  • a CPU Central Processing Unit
  • ROM Read Only Memory
  • RAM Random Access Memory
  • An input / output interface 905 is further connected to the bus 904.
  • An input unit 906, an output unit 907, a recording unit 908, a communication unit 909, and a drive 910 are connected to the input / output interface 905.
  • the input unit 906 includes a keyboard, a mouse, a microphone, and the like.
  • the output unit 907 includes a display, a speaker, and the like.
  • the recording unit 908 includes a hard disk, a nonvolatile memory, and the like.
  • the communication unit 909 includes a network interface or the like.
  • the drive 910 drives a removable medium 911 such as a magnetic disk, an optical disk, a magneto-optical disk, or a semiconductor memory.
  • the CPU 901 loads the program recorded in the ROM 902 or the recording unit 908 to the RAM 903 via the input / output interface 905 and the bus 904, and executes the program. A series of processing is performed.
  • the program executed by the computer 900 can be provided by being recorded on a removable medium 911 as a package medium, for example.
  • the program can be provided via a wired or wireless transmission medium such as a local area network, the Internet, or digital satellite broadcasting.
  • the program can be installed in the recording unit 908 via the input / output interface 905 by installing the removable medium 911 in the drive 910. Further, the program can be received by the communication unit 909 via a wired or wireless transmission medium and installed in the recording unit 908. In addition, the program can be installed in the ROM 902 or the recording unit 908 in advance.
  • the processing performed by the computer according to the program does not necessarily have to be performed in chronological order in the order described as the flowchart. That is, the processing performed by the computer according to the program includes processing executed in parallel or individually (for example, parallel processing or object processing).
  • the program may be processed by one computer (processor), or may be processed in a distributed manner by a plurality of computers.
  • the present technology can take the following configurations.
  • a receiving unit for receiving a broadcast wave of digital broadcasting using an IP (Internet Protocol) transmission method An acquisition unit for acquiring an authentication key transmitted by the broadcast wave; A calculation unit that calculates a message authentication code based on the authentication key and viewing history information regarding the viewing history of the content transmitted on the broadcast wave; And a control unit that performs control to transmit the message authentication code together with the viewing history information to a viewing history server that collects the viewing history information.
  • the authentication key is transmitted as signaling, The receiving device according to (1), wherein the acquisition unit acquires the authentication key included in the signaling.
  • an IP packet including a UDP (User Datagram Protocol) packet includes the authentication key encrypted with an encryption key in its payload.
  • UDP User Datagram Protocol
  • the receiving device (4) The receiving device according to (3), wherein the payload header includes information indicating a destination of the authentication key and version information.
  • the encryption key is a manufacturer key or receiver key of the receiving device, The receiving device according to (4), wherein the information indicating the destination of the authentication key is a manufacturer ID or a receiver ID of the receiving device.
  • the authentication key encrypted with the encryption key is included in metadata defined by a predetermined standard together with information related to the encryption.
  • a filter unit that filters the authentication key encrypted with the encryption key based on information indicating a destination of the authentication key;
  • the authentication key is transmitted by being included in a video or audio watermark constituting the content, The receiving device according to (1), wherein the acquisition unit acquires the authentication key included in the watermark.
  • the authentication key is transmitted by being included in video or audio user data constituting the content, The receiving device according to (1), wherein the acquisition unit acquires the authentication key included in the user data.
  • An acquisition unit configured to acquire destination information indicating a destination of the viewing history server transmitted through the broadcast wave; A management unit for managing the viewing history information; The control unit transmits the viewing history information and the message authentication code to the viewing history server via a communication line based on the destination information.
  • Reception according to any one of (1) to (9) apparatus.
  • the IP transmission method conforms to ATSC (Advanced Television Systems Committee) 3.0,
  • the message authentication code is HMAC (Hash-based Message Authentication Code),
  • the receiving device according to any one of (1) to (10), wherein the viewing history information is CDM (Consumption Data Message) defined by ATSC.
  • the receiving device is Receive broadcast waves of digital broadcasting using the IP transmission method, Obtain an authentication key transmitted on the broadcast wave, Based on the authentication key and viewing history information regarding the viewing history of the content transmitted on the broadcast wave, a message authentication code is calculated, A data processing method including a step of performing control to transmit the message authentication code together with the viewing history information to a viewing history server that collects the viewing history information.
  • First message authentication calculated from the viewing history information related to the viewing history of the content and the authentication key from the transmitting device that transmits the content and the viewing history information transmitted from the receiving device that receives the content An acquisition unit for acquiring a code; A calculation unit that calculates a second message authentication code based on the authentication key transmitted from the transmission device and the viewing history information; A comparison unit that compares the first message authentication code and the second message authentication code to verify the first message authentication code; An information processing apparatus comprising: a processing unit that processes the viewing history information according to a verification result of the first message authentication code.
  • the first message authentication code and the second message authentication code are HMAC, The information processing apparatus according to (13), wherein the viewing history information is CDM defined by ATSC.
  • the information processing apparatus is First message authentication calculated from the viewing history information related to the viewing history of the content and the authentication key from the transmitting device that transmits the content and the viewing history information transmitted from the receiving device that receives the content Get the sign, Based on the authentication key transmitted from the transmission device and the viewing history information, a second message authentication code is calculated, The first message authentication code and the second message authentication code are compared to verify the first message authentication code. The viewing history information is determined according to the verification result of the first message authentication code.
  • a data processing method comprising the steps of: (16) A receiving unit that receives content, and a generation unit that generates an authentication key for providing to a viewing history server that collects viewing history information related to the viewing history of the content; A transmitting unit that transmits the authentication key together with the content to a plurality of receiving devices by a broadcast wave of digital broadcasting using an IP transmission method; and a providing unit that provides the authentication key to the viewing history server; A transmission device comprising: (17) The transmission device according to (16), wherein the authentication key is transmitted as signaling by the broadcast wave. (18) The transmission device according to (16), wherein the authentication key is transmitted by being included in a video or audio watermark constituting the content by the broadcast wave.
  • the transmission device wherein the authentication key is transmitted by being included in video or audio user data constituting the content by the broadcast wave.
  • the transmitting device is Generating an authentication key for providing to a receiving device that receives content, and a viewing history server that collects viewing history information related to the viewing history of the content; With the broadcast wave of digital broadcasting using the IP transmission method, the authentication key is transmitted together with the content to the plurality of receiving devices, A data processing method including the step of providing the authentication key to the viewing history server.

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

The present invention pertains to a receiver, a transmitter, an information processing device, and a data processing method that make it possible to collect a more accurate viewing history. The receiver performs a control for: receiving the broadcast waves of a digital broadcast in which an IP transmission scheme is used; acquiring an authentication key transmitted by the broadcast waves; calculating a message authentication code on the basis of the authentication key and viewing history information pertaining to the viewing history of content transmitted by the broadcast waves; and transmitting the message authentication code, together with the viewing history information, to a viewing history server that collects viewing history information. The present feature can be applied, for example, to a television receiver that supports the IP transmission scheme.

Description

受信装置、送信装置、情報処理装置、及び、データ処理方法Reception device, transmission device, information processing device, and data processing method
 本技術は、受信装置、送信装置、情報処理装置、及び、データ処理方法に関し、特に、より正確な視聴履歴の収集を行うことができるようにした受信装置、送信装置、情報処理装置、及び、データ処理方法に関する。 The present technology relates to a receiving device, a transmitting device, an information processing device, and a data processing method, and in particular, a receiving device, a transmitting device, an information processing device, and a method that can collect more accurate viewing history. The present invention relates to a data processing method.
 放送の分野では、ユーザによるコンテンツの視聴履歴を収集して分析するなどの視聴履歴に関する運用が行われる場合がある。例えば、視聴履歴を、定期的に又は必要なときに伝送する技術が開示されている(例えば、特許文献1参照)。 In the broadcast field, operations related to viewing history, such as collecting and analyzing content viewing history by users, may be performed. For example, a technique for transmitting viewing history regularly or when necessary is disclosed (for example, see Patent Document 1).
特開2009-278651号公報JP 2009-278651 A
 ところで、視聴履歴に関する運用を行うための技術方式が確立されていないため、視聴履歴を収集するに際して、より正確な視聴履歴の収集を行うための提案が要請されていた。 By the way, since a technical method for performing operations related to viewing history has not been established, a proposal for collecting more accurate viewing history has been requested when viewing history is collected.
 本技術はこのような状況に鑑みてなされたものであり、視聴履歴を収集するに際して、より正確な視聴履歴の収集を行うことができるようにするものである。 The present technology has been made in view of such a situation, and makes it possible to collect more accurate viewing history when collecting viewing history.
 本技術の第1の側面の受信装置は、IP(Internet Protocol)伝送方式を用いたデジタル放送の放送波を受信する受信部と、前記放送波で伝送される認証鍵を取得する取得部と、前記認証鍵、及び、前記放送波で伝送されるコンテンツの視聴履歴に関する視聴履歴情報に基づいて、メッセージ認証符号を算出する算出部と、前記視聴履歴情報とともに、前記メッセージ認証符号を、前記視聴履歴情報を収集する視聴履歴サーバに送信する制御を行う制御部とを備える受信装置である。 A receiving apparatus according to a first aspect of the present technology includes a receiving unit that receives a broadcast wave of a digital broadcast using an IP (Internet Protocol) transmission method, an acquisition unit that acquires an authentication key transmitted by the broadcast wave, Based on the authentication key and viewing history information related to the viewing history of the content transmitted on the broadcast wave, a calculation unit that calculates a message authentication code, together with the viewing history information, the message authentication code is converted into the viewing history. And a control unit that performs control to transmit the information to a viewing history server that collects information.
 本技術の第1の側面の受信装置は、独立した装置であってもよいし、1つの装置を構成している内部ブロックであってもよい。また、本技術の第1の側面のデータ処理方法は、上述した本技術の第1の側面の受信装置に対応するデータ処理方法である。 The receiving device according to the first aspect of the present technology may be an independent device, or may be an internal block constituting one device. The data processing method according to the first aspect of the present technology is a data processing method corresponding to the above-described receiving device according to the first aspect of the present technology.
 本技術の第1の側面の受信装置、及び、データ処理方法においては、IP伝送方式を用いたデジタル放送の放送波が受信され、前記放送波で伝送される認証鍵が取得され、前記認証鍵、及び、前記放送波で伝送されるコンテンツの視聴履歴に関する視聴履歴情報に基づいて、メッセージ認証符号が算出され、前記視聴履歴情報とともに、前記メッセージ認証符号を、前記視聴履歴情報を収集する視聴履歴サーバに送信する制御が行われる。 In the receiving device and the data processing method according to the first aspect of the present technology, a broadcast wave of a digital broadcast using an IP transmission method is received, an authentication key transmitted by the broadcast wave is acquired, and the authentication key A message authentication code is calculated based on the viewing history information related to the viewing history of the content transmitted on the broadcast wave, and the viewing history information is collected together with the viewing history information and the message authentication code. Control to send to the server is performed.
 本技術の第2の側面の情報処理装置は、コンテンツを受信する受信装置から送信されてくる、前記コンテンツの視聴履歴に関する視聴履歴情報、及び、前記コンテンツを送信する送信装置からの認証鍵と前記視聴履歴情報とから算出された第1のメッセージ認証符号を取得する取得部と、前記送信装置から送信されてくる前記認証鍵、及び、前記視聴履歴情報に基づいて、第2のメッセージ認証符号を算出する算出部と、前記第1のメッセージ認証符号と、前記第2のメッセージ認証符号とを比較して、前記第1のメッセージ認証符号を検証する比較部と、前記第1のメッセージ認証符号の検証結果に応じて、前記視聴履歴情報を処理する処理部とを備える情報処理装置である。 The information processing device according to the second aspect of the present technology includes viewing history information related to the viewing history of the content transmitted from the receiving device that receives the content, an authentication key from the transmitting device that transmits the content, and the Based on the acquisition unit for acquiring the first message authentication code calculated from the viewing history information, the authentication key transmitted from the transmitting device, and the viewing history information, the second message authentication code is obtained. A calculation unit that calculates, a comparison unit that compares the first message authentication code and the second message authentication code to verify the first message authentication code, and The information processing apparatus includes a processing unit that processes the viewing history information according to a verification result.
 本技術の第2の側面の情報処理装置は、独立した装置であってもよいし、1つの装置を構成している内部ブロックであってもよい。また、本技術の第2の側面のデータ処理方法は、上述した本技術の第2の側面の情報処理装置に対応するデータ処理方法である。 The information processing apparatus according to the second aspect of the present technology may be an independent apparatus or may be an internal block constituting one apparatus. The data processing method according to the second aspect of the present technology is a data processing method corresponding to the information processing apparatus according to the second aspect of the present technology described above.
 本技術の第2の側面の情報処理装置、及び、データ処理方法においては、コンテンツを受信する受信装置から送信されてくる、前記コンテンツの視聴履歴に関する視聴履歴情報、及び、前記コンテンツを送信する送信装置からの認証鍵と前記視聴履歴情報とから算出された第1のメッセージ認証符号が取得され、前記送信装置から送信されてくる前記認証鍵、及び、前記視聴履歴情報に基づいて、第2のメッセージ認証符号が算出され、前記第1のメッセージ認証符号と、前記第2のメッセージ認証符号とを比較して、前記第1のメッセージ認証符号が検証され、前記第1のメッセージ認証符号の検証結果に応じて、前記視聴履歴情報が処理される。 In the information processing device and the data processing method according to the second aspect of the present technology, the viewing history information related to the viewing history of the content and the transmission for transmitting the content transmitted from the receiving device that receives the content. A first message authentication code calculated from an authentication key from the device and the viewing history information is acquired, and based on the authentication key transmitted from the transmitting device and the viewing history information, a second A message authentication code is calculated, the first message authentication code is compared with the second message authentication code, the first message authentication code is verified, and the verification result of the first message authentication code In response, the viewing history information is processed.
 本技術の第3の側面の送信装置は、コンテンツを受信する受信装置、及び、前記コンテンツの視聴履歴に関する視聴履歴情報を収集する視聴履歴サーバに提供するための認証鍵を生成する生成部と、IP伝送方式を用いたデジタル放送の放送波により、複数の前記受信装置に対して、前記コンテンツとともに、前記認証鍵を送信する送信部と前記認証鍵を、前記視聴履歴サーバに提供する提供部とを備える送信装置である。 A transmission device according to a third aspect of the present technology includes: a generation unit that generates an authentication key to be provided to a reception device that receives content; and a viewing history server that collects viewing history information regarding the viewing history of the content; A transmitting unit that transmits the authentication key together with the content to a plurality of receiving devices by a broadcast wave of digital broadcasting using an IP transmission method, and a providing unit that provides the authentication key to the viewing history server; It is a transmitter provided with.
 本技術の第3の側面の送信装置は、独立した装置であってもよいし、1つの装置を構成している内部ブロックであってもよい。また、本技術の第3の側面のデータ処理方法は、上述した本技術の第3の側面の送信装置に対応するデータ処理方法である。 The transmission device according to the third aspect of the present technology may be an independent device, or may be an internal block constituting one device. A data processing method according to the third aspect of the present technology is a data processing method corresponding to the transmission device according to the third aspect of the present technology described above.
 本技術の第3の側面の送信装置、及び、データ処理方法においては、コンテンツを受信する受信装置、及び、前記コンテンツの視聴履歴に関する視聴履歴情報を収集する視聴履歴サーバに提供するための認証鍵が生成され、IP伝送方式を用いたデジタル放送の放送波により、複数の前記受信装置に対して、前記コンテンツとともに、前記認証鍵が送信され、前記認証鍵が、前記視聴履歴サーバに提供される。 In the transmission device and the data processing method according to the third aspect of the present technology, an authentication key for providing to a receiving device that receives content and a viewing history server that collects viewing history information related to the viewing history of the content Is generated, and the authentication key is transmitted to the plurality of receiving devices together with the content by broadcast waves of digital broadcasting using the IP transmission method, and the authentication key is provided to the viewing history server .
 本技術の第1の側面乃至第3の側面によれば、より正確な視聴履歴の収集を行うことができる。 According to the first to third aspects of the present technology, more accurate viewing history can be collected.
 なお、ここに記載された効果は必ずしも限定されるものではなく、本開示中に記載されたいずれかの効果であってもよい。 It should be noted that the effects described here are not necessarily limited, and may be any of the effects described in the present disclosure.
本技術を適用した伝送システムの一実施の形態の構成を示す図である。It is a figure showing the composition of the 1 embodiment of the transmission system to which this art is applied. 送信装置の構成例を示す図である。It is a figure which shows the structural example of a transmitter. 受信装置の構成例を示す図である。It is a figure which shows the structural example of a receiver. 制御部の機能的構成例を示す図である。It is a figure which shows the functional structural example of a control part. 視聴履歴サーバの構成例を示す図である。It is a figure which shows the structural example of a viewing-and-listening history server. 本技術を適用したIP伝送方式のプロトコルスタックを示す図である。It is a figure which shows the protocol stack of the IP transmission system to which this technique is applied. 視聴履歴情報(CDM)の収集の流れを説明する図である。It is a figure explaining the flow of collection of viewing history information (CDM). 鍵とIDとの関係を示す図である。It is a figure which shows the relationship between a key and ID. 認証鍵の第1の暗号処理を説明する図である。It is a figure explaining the 1st encryption process of an authentication key. 認証鍵の第1の復号処理を説明する図である。It is a figure explaining the 1st decoding process of an authentication key. 認証鍵の第2の暗号処理を説明する図である。It is a figure explaining the 2nd encryption process of an authentication key. 認証鍵の第2の復号処理を説明する図である。It is a figure explaining the 2nd decoding process of an authentication key. CDMのシンタックスの例を示す図である。It is a figure which shows the example of the syntax of CDM. シグナリングを利用した場合における、認証鍵の配信と、メッセージ認証符号(HMAC)の算出と、視聴履歴情報(CDM)の送受信の流れを説明する図である。FIG. 6 is a diagram for explaining the flow of authentication key distribution, message authentication code (HMAC) calculation, and viewing history information (CDM) transmission / reception when signaling is used. 認証鍵の第1の伝送方法を説明する図である。It is a figure explaining the 1st transmission method of an authentication key. 認証鍵の第2の伝送方法を説明する図である。It is a figure explaining the 2nd transmission method of an authentication key. メタデータエンベロープのシンタックスの例を示す図である。It is a figure which shows the example of the syntax of a metadata envelope. 送信処理を説明するフローチャートである。It is a flowchart explaining a transmission process. シグナリングを利用した場合における認証鍵配信処理を説明するフローチャートである。It is a flowchart explaining the authentication key delivery process in the case of using signaling. 受信処理を説明するフローチャートである。It is a flowchart explaining a reception process. 放送ストリーム受信処理を説明するフローチャートである。It is a flowchart explaining a broadcast stream reception process. 視聴履歴情報記録処理を説明するフローチャートである。It is a flowchart explaining a viewing history information recording process. 視聴履歴サーバURL取得処理を説明するフローチャートである。It is a flowchart explaining a viewing history server URL acquisition process. 視聴履歴情報送信処理を説明するフローチャートである。It is a flowchart explaining viewing history information transmission processing. 視聴履歴情報受信処理を説明するフローチャートである。It is a flowchart explaining viewing history information reception processing. メッセージ認証符号検証処理を説明するフローチャートである。It is a flowchart explaining a message authentication code verification process. ビデオウォータマークを利用した場合における、認証鍵の配信と、メッセージ認証符号(HMAC)の算出と、視聴履歴情報(CDM)の送受信の流れを説明する図である。It is a figure explaining the flow of transmission / reception of the distribution of an authentication key, the calculation of a message authentication code (HMAC), and viewing history information (CDM) when a video watermark is used. ビデオウォータマークを利用した場合における認証鍵の配信方法を説明する図である。It is a figure explaining the delivery method of the authentication key at the time of using a video watermark. ウォータマークペイロードのシンタックスの例を示す図である。It is a figure which shows the example of the syntax of a watermark payload. WMメッセージのシンタックスの例を示す図である。It is a figure which shows the example of the syntax of WM message. 認証鍵メッセージのシンタックスの例を示す図である。It is a figure which shows the example of the syntax of an authentication key message. ビデオウォータマークを利用した場合における認証鍵配信処理を説明するフローチャートである。It is a flowchart explaining the authentication key delivery process in the case of using a video watermark. ビデオウォータマークを利用した場合における認証鍵取得処理を説明するフローチャートである。It is a flowchart explaining the authentication key acquisition process in the case of using a video watermark. 認証鍵取得処理を説明するフローチャートである。It is a flowchart explaining an authentication key acquisition process. オーディオユーザデータを利用した場合における、認証鍵の配信と、メッセージ認証符号(HMAC)の算出と、視聴履歴情報(CDM)の送受信の流れを説明する図である。It is a figure explaining the flow of transmission / reception of the distribution of an authentication key, the calculation of a message authentication code (HMAC), and viewing history information (CDM) in the case of using audio user data. SYSメタフレームのシンタックスの例を示す図である。It is a figure which shows the example of the syntax of SYS meta-frame. sysTypeの例を示す図である。It is a figure which shows the example of sysType. sysDataの例を示す図である。It is a figure which shows the example of sysData. オーディオユーザデータを利用した場合における認証鍵配信を説明するフローチャートである。It is a flowchart explaining the authentication key delivery in the case of using audio user data. オーディオユーザデータを利用した場合における認証鍵取得処理を説明するフローチャートである。It is a flowchart explaining the authentication key acquisition process in the case of using audio user data. コンピュータの構成例を示す図である。It is a figure which shows the structural example of a computer.
 以下、図面を参照しながら本技術の実施の形態について説明する。なお、説明は以下の順序で行うものとする。 Hereinafter, embodiments of the present technology will be described with reference to the drawings. The description will be made in the following order.
1.システムの構成
2.本技術の概要
3.具体的な運用例
(1)方式1:シグナリングを利用した認証鍵の伝送
(2)方式2:ビデオウォータマークを利用した認証鍵の伝送
(3)方式3:オーディオユーザデータを利用した認証鍵の伝送
4.変形例
5.コンピュータの構成 1. 1. System configuration 2. Outline of this technology Specific operation example (1) Method 1: Authentication key transmission using signaling (2) Method 2: Authentication key transmission using video watermark (3) Method 3: Authentication key transmission using audio user data Transmission4. Modification 5 Computer configuration
<1.システムの構成> <1. System configuration>
(伝送システムの構成)
 図1は、本技術を適用した伝送システムの一実施の形態の構成を示す図である。なお、システムとは、複数の装置が論理的に集合した物をいう。 (Configuration of transmission system)
FIG. 1 is a diagram illustrating a configuration of an embodiment of a transmission system to which the present technology is applied. A system refers to a logical collection of a plurality of devices.
 伝送システム1は、送信装置10-1乃至10-N(Nは1以上の整数)、受信装置20-1乃至20-M(Mは1以上の整数)、視聴履歴サーバ30、送信設備40、及び、配信装置50から構成される。また、受信装置20-1乃至20-Mと、視聴履歴サーバ30とは、通信回線60を介して相互に接続されている。 The transmission system 1 includes transmission devices 10-1 to 10-N (N is an integer of 1 or more), reception devices 20-1 to 20-M (M is an integer of 1 or more), a viewing history server 30, a transmission facility 40, And a distribution device 50. The receiving devices 20-1 to 20-M and the viewing history server 30 are connected to each other via a communication line 60.
 送信装置10-1は、放送局1により設置される、ATSC(Advanced Television Systems Committee)等のデジタル放送の規格に対応した送信機である。送信装置10-1は、コンテンツ(例えばテレビ番組など)やシグナリングを含むデジタル放送信号を、送信設備40を介して送信する。また、送信装置10-1は、コンテンツ等を含むデジタル放送信号を、配信装置50に送信する。なお、配信装置50は、ケーブルテレビ(CATV)や衛星放送などの有料放送を提供するMVPD(Multichannel Video Programming Distributors)により設置され、送信装置10-1により提供されるコンテンツを配信する。 The transmitting apparatus 10-1 is a transmitter that is installed by the broadcasting station 1 and that supports digital broadcasting standards such as ATSC (Advanced Television Systems Committee). The transmission apparatus 10-1 transmits a digital broadcast signal including content (for example, a television program) and signaling via the transmission facility 40. In addition, the transmission device 10-1 transmits a digital broadcast signal including content and the like to the distribution device 50. The distribution device 50 is installed by MVPD (Multichannel-Video-Programming-Distributors) that provides pay broadcasting such as cable television (CATV) and satellite broadcasting, and distributes the content provided by the transmission device 10-1.
 送信装置10-2乃至10-Nは、放送局2乃至放送局N等の各放送局により設置される。送信装置10-2乃至10-Nは、コンテンツやシグナリングを含むデジタル放送信号を、送信設備40又は配信装置50を介して送信する。なお、以下の説明において、送信装置10-1乃至10-Nを、特に区別する必要がない場合には、送信装置10と称して説明する。 Transmitting devices 10-2 to 10-N are installed by broadcasting stations such as broadcasting station 2 to broadcasting station N. The transmission devices 10-2 to 10-N transmit digital broadcast signals including content and signaling via the transmission facility 40 or the distribution device 50. In the following description, the transmission devices 10-1 to 10-N will be referred to as the transmission device 10 unless it is necessary to distinguish them.
 受信装置20-1は、ATSC等のデジタル放送の規格に対応した受信機であって、例えば、テレビ受像機やセットトップボックスなどの固定受信機、あるいは、スマートフォンや携帯電話機、タブレット型コンピュータなどのモバイル受信機である。また、受信装置20-1は、例えば車載テレビなどの自動車に搭載される機器であってもよい。 The receiving device 20-1 is a receiver that supports digital broadcasting standards such as ATSC. For example, the receiving device 20-1 is a fixed receiver such as a television receiver or a set-top box, or a smartphone, a mobile phone, a tablet computer, or the like. Mobile receiver. In addition, the receiving device 20-1 may be a device mounted on an automobile such as an in-vehicle television.
 受信装置20-1は、送信装置10から、電波塔としての送信設備40を介して送信されてくるデジタル放送信号を、アンテナにより受信(直接受信)し、ユーザによるサービス(チャンネル)の選局操作に応じたコンテンツ(例えばテレビ番組など)を再生する。また、受信装置20-1は、コンテンツの視聴履歴に関する視聴履歴情報を記録(蓄積)している。ここで、視聴履歴情報としては、ATSCで規定されるCDM(Consumption Data Message)を用いることができる。 The receiving device 20-1 receives (directly receives) the digital broadcast signal transmitted from the transmitting device 10 via the transmission facility 40 as a radio tower by an antenna, and selects a service (channel) by the user. The content (for example, a TV program etc.) corresponding to is reproduced. In addition, the receiving device 20-1 records (accumulates) viewing history information related to content viewing history. Here, as the viewing history information, CDM (Consumption Data Message) defined by ATSC can be used.
 受信装置20-1は、視聴履歴サーバ30のURL(Uniform Resource Locator)に従い、HMAC(Hash-based Message Authentication Code)等のメッセージ認証符号を添付した視聴履歴情報(CDM)を、通信回線60を介して視聴履歴サーバ30に送信する。なお、詳細は後述するが、メッセージ認証符号(HMAC)は、送信装置10から配信される認証鍵、及び、視聴履歴情報(CDM)に基づいて算出される。また、視聴履歴サーバ30のURL(視聴履歴サーバURL)は、送信装置10からのデジタル放送信号に含めて送信されてくるので、受信装置20-1は、デジタル放送信号に含まれる視聴履歴サーバURLを取得して保持しておくことになる。 The receiving device 20-1 transmits the viewing history information (CDM) attached with a message authentication code such as HMAC (Hash-based Message Authentication Code) via the communication line 60 in accordance with the URL (Uniform Resource Locator) of the viewing history server 30. To the viewing history server 30. Although details will be described later, the message authentication code (HMAC) is calculated based on the authentication key distributed from the transmission device 10 and the viewing history information (CDM). Further, since the URL of the viewing history server 30 (viewing history server URL) is transmitted by being included in the digital broadcast signal from the transmitting device 10, the receiving device 20-1 receives the viewing history server URL included in the digital broadcast signal. Will get and hold.
 受信装置20-2は、受信装置20-1と同様に、例えば、テレビ受像機等の固定受信機や、スマートフォン等のモバイル受信機などである。受信装置20-2は、送信装置10から、MVPDの配信装置50を経由して配信されるコンテンツ(のデジタル放送信号)を受信(間接受信)し、サービスの選局操作に応じたコンテンツを再生する。 Similarly to the receiving device 20-1, the receiving device 20-2 is, for example, a fixed receiver such as a television receiver or a mobile receiver such as a smartphone. The receiving device 20-2 receives (indirect reception) content (digital broadcast signal) distributed from the transmitting device 10 via the MVPD distribution device 50, and reproduces the content according to the channel selection operation of the service. To do.
 また、受信装置20-2は、受信装置20-1と同様に、コンテンツの視聴履歴情報(CDM)を記録(蓄積)する。そして、受信装置20-2は、視聴履歴サーバURLに従い、メッセージ認証符号(HMAC)を添付した視聴履歴情報(CDM)を、通信回線60を介して視聴履歴サーバ30に送信する。 Also, the receiving device 20-2 records (accumulates) content viewing history information (CDM) in the same manner as the receiving device 20-1. Then, the receiving device 20-2 transmits the viewing history information (CDM) attached with the message authentication code (HMAC) to the viewing history server 30 via the communication line 60 in accordance with the viewing history server URL.
 受信装置20-3乃至20-Mは、受信装置20-1又は受信装置20-2と同様に、例えば、テレビ受像機等の固定受信機や、スマートフォン等のモバイル受信機などである。 The receiving devices 20-3 to 20-M are, for example, a fixed receiver such as a television receiver, a mobile receiver such as a smartphone, and the like, similar to the receiving device 20-1 or the receiving device 20-2.
 受信装置20-3乃至20-Mは、送信装置10から、送信設備40を介して送信されてくるデジタル放送信号を受信(直接受信)するか、あるいは、MVPDの配信装置50を経由して配信されるコンテンツ(のデジタル放送信号)を受信(間接受信)して、サービスの選局操作に応じたコンテンツを再生する。 The receiving devices 20-3 to 20-M receive (directly receive) a digital broadcast signal transmitted from the transmitting device 10 via the transmission facility 40, or distribute it via the MVPD distribution device 50. Content (digital broadcast signal) to be received (indirect reception), and the content corresponding to the channel selection operation of the service is reproduced.
 また、受信装置20-3乃至20-Mは、受信装置20-1又は受信装置20-2と同様に、コンテンツの視聴履歴情報(CDM)を記録(蓄積)する。そして、受信装置20-3乃至20-Mは、視聴履歴サーバURLに従い、メッセージ認証符号(HMAC)を添付した視聴履歴情報(CDM)を、通信回線60を介して視聴履歴サーバ30に送信する。なお、以下の説明において、受信装置20-1乃至20-Mを、特に区別する必要がない場合、受信装置20と称して説明する。 Also, the receiving devices 20-3 to 20-M record (accumulate) content viewing history information (CDM) in the same manner as the receiving device 20-1 or the receiving device 20-2. Then, the receiving devices 20-3 to 20-M transmit the viewing history information (CDM) attached with the message authentication code (HMAC) to the viewing history server 30 via the communication line 60 in accordance with the viewing history server URL. In the following description, the receiving devices 20-1 to 20-M will be referred to as the receiving device 20 when it is not necessary to distinguish them.
 視聴履歴サーバ30は、複数の受信装置20から送信されてくる視聴履歴情報(CDM)を収集して処理するサーバである。視聴履歴サーバ30は、単独の放送事業者のほか、例えば、複数の放送事業者(例えば放送局1乃至放送局N)により設立された共同運営の事業者や、放送事業者とは関係のない第三者組織(例えば視聴率調査を専門で行う代理の組織)による事業者などの視聴履歴事業者により提供される。 The viewing history server 30 is a server that collects and processes viewing history information (CDM) transmitted from a plurality of receiving devices 20. The viewing history server 30 is not related to a single broadcaster, for example, a jointly operated business established by a plurality of broadcasters (for example, the broadcasting stations 1 to N) or a broadcasting company. Provided by a viewing history business operator such as a business by a third party organization (for example, an agency that specializes in audience rating surveys).
 視聴履歴サーバ30は、受信装置20-1乃至20-Mから通信回線60を介して送信されてくる、メッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)を受信する。視聴履歴サーバ30は、受信装置20から受信したメッセージ認証符号(HMAC)と、自身が算出したメッセージ認証符号(HMAC')とを比較し、その比較結果が一致するかどうかを判定することで、受信したメッセージ認証符号(HMAC)の検証を行い、正当な視聴履歴情報(CDM)のみが蓄積(収集)されるようにする。 The viewing history server 30 receives viewing history information (CDM) attached with a message authentication code (HMAC) transmitted from the receiving devices 20-1 to 20-M via the communication line 60. The viewing history server 30 compares the message authentication code (HMAC) received from the receiving device 20 with the message authentication code (HMAC ′) calculated by itself, and determines whether or not the comparison result matches. The received message authentication code (HMAC) is verified so that only valid viewing history information (CDM) is accumulated (collected).
 視聴履歴サーバ30は、収集された視聴履歴情報(CDM)に対して、視聴履歴の分析や解析などの各種の処理を行う。例えば、視聴履歴サーバ30は、放送局ごとの視聴履歴に関する視聴履歴レポートを生成し、各放送局の送信装置10等の装置に提供する。なお、視聴履歴サーバ30には、メッセージ認証符号(HMAC')を算出する際に用いられる認証鍵が、送信装置10から供給される。 The viewing history server 30 performs various processes such as viewing history analysis and analysis on the collected viewing history information (CDM). For example, the viewing history server 30 generates a viewing history report regarding the viewing history for each broadcasting station and provides the viewing history report to a device such as the transmission device 10 of each broadcasting station. The viewing history server 30 is supplied with an authentication key used when calculating the message authentication code (HMAC ′) from the transmission device 10.
 以上、伝送システム1の構成について説明した。次に、図1の伝送システム1を構成する、送信装置10、受信装置20、及び、視聴履歴サーバ30の構成例について説明する。 The configuration of the transmission system 1 has been described above. Next, a configuration example of the transmission device 10, the reception device 20, and the viewing history server 30 configuring the transmission system 1 of FIG. 1 will be described.
(送信装置の構成)
 図2は、図1の送信装置10の構成例を示す図である。 (Configuration of transmitter)
FIG. 2 is a diagram illustrating a configuration example of the transmission device 10 of FIG.
 図2において、送信装置10は、制御部111、ビデオデータ取得部112、ビデオ処理部113、オーディオデータ取得部114、オーディオ処理部115、字幕データ取得部116、字幕処理部117、シグナリング生成部118、シグナリング処理部119、マルチプレクサ120、送信部121、及び、通信部122から構成される。 2, the transmission device 10 includes a control unit 111, a video data acquisition unit 112, a video processing unit 113, an audio data acquisition unit 114, an audio processing unit 115, a caption data acquisition unit 116, a caption processing unit 117, and a signaling generation unit 118. , A signaling processing unit 119, a multiplexer 120, a transmission unit 121, and a communication unit 122.
 制御部111は、送信装置10の各部の動作を制御する。 The control unit 111 controls the operation of each unit of the transmission device 10.
 ビデオデータ取得部112は、外部のサーバ、カメラ、又は記録媒体等から、コンテンツ(例えばテレビ番組など)のビデオデータ(ビデオのコンポーネント)を取得し、ビデオ処理部113に供給する。ビデオ処理部113は、ビデオデータ取得部112から供給されるビデオデータに対して、例えば、所定の符号化方式に準拠した符号化処理などの処理を施し、マルチプレクサ120に供給する。 The video data acquisition unit 112 acquires video data (video component) of content (for example, a TV program) from an external server, camera, or recording medium, and supplies the video data to the video processing unit 113. The video processing unit 113 performs processing such as encoding processing conforming to a predetermined encoding method on the video data supplied from the video data acquisition unit 112 and supplies the processed video data to the multiplexer 120.
 オーディオデータ取得部114は、外部のサーバ、マイクロフォン、又は記録媒体等から、コンテンツ(例えばテレビ番組など)のオーディオデータ(オーディオのコンポーネント)を取得し、オーディオ処理部115に供給する。オーディオ処理部115は、オーディオデータ取得部114から供給されるオーディオデータに対して、例えば、所定の符号化方式に準拠した符号化処理などの処理を施し、マルチプレクサ120に供給する。 The audio data acquisition unit 114 acquires audio data (audio component) of content (for example, a TV program) from an external server, microphone, or recording medium, and supplies the audio data to the audio processing unit 115. The audio processing unit 115 performs processing such as encoding processing conforming to a predetermined encoding method on the audio data supplied from the audio data acquisition unit 114 and supplies the processed audio data to the multiplexer 120.
 字幕データ取得部116は、外部のサーバ又は記録媒体等から、コンテンツ(例えばテレビ番組など)の字幕データ(字幕のコンポーネント)を取得し、字幕処理部117に供給する。字幕処理部117は、字幕データ取得部116から供給される字幕データに対して、例えば、所定の符号化方式に準拠した符号化処理などの処理を施し、マルチプレクサ120に供給する。 The subtitle data acquisition unit 116 acquires subtitle data (components of subtitles) of content (for example, a TV program) from an external server or recording medium and supplies the subtitle data to the subtitle processing unit 117. The caption processing unit 117 subjects the caption data supplied from the caption data acquisition unit 116 to a process such as an encoding process based on a predetermined encoding method, and supplies the processed data to the multiplexer 120.
 シグナリング生成部118は、コンテンツの選局や再生等の処理で用いられるシグナリング情報を生成し、シグナリング処理部119に供給する。シグナリング処理部119は、シグナリング生成部118から供給されるシグナリング情報を処理し、マルチプレクサ120に供給する。ここでは、例えば、後述するLLS(Link Layer Signaling)シグナリング情報や、SLS(Service Layer Signaling)シグナリング情報が生成され、処理される。 The signaling generation unit 118 generates signaling information used in processing such as content selection and playback, and supplies the signaling information to the signaling processing unit 119. The signaling processing unit 119 processes the signaling information supplied from the signaling generation unit 118 and supplies it to the multiplexer 120. Here, for example, LLS (Link Layer Signaling) signaling information and SLS (Service Layer Layer Signaling) signaling information described later are generated and processed.
 マルチプレクサ120は、ビデオ処理部113から供給されるビデオストリームと、オーディオ処理部115から供給されるオーディオストリームと、字幕処理部117から供給される字幕ストリームと、シグナリング処理部119から供給されるシグナリング情報とを多重化して、その結果得られる多重化ストリーム(放送ストリーム)を、送信部121に供給する。 The multiplexer 120 includes a video stream supplied from the video processing unit 113, an audio stream supplied from the audio processing unit 115, a subtitle stream supplied from the subtitle processing unit 117, and signaling information supplied from the signaling processing unit 119. And the resulting multiplexed stream (broadcast stream) is supplied to the transmitter 121.
 送信部121は、マルチプレクサ120から供給される放送ストリームを、アンテナ131を介して、デジタル放送の放送波(デジタル放送信号)として送信する。 The transmission unit 121 transmits the broadcast stream supplied from the multiplexer 120 as a digital broadcast wave (digital broadcast signal) via the antenna 131.
 また、制御部111は、認証鍵生成部151及び暗号化部152を含む。認証鍵生成部151は、受信装置20と視聴履歴サーバ30に提供するための認証鍵を生成する。暗号化部152は、認証鍵生成部151により生成された認証鍵を暗号化し、暗号化された認証鍵(暗号化認証鍵)を、方式1乃至方式3の方式に応じて、ビデオ処理部113、オーディオ処理部115、又は、シグナリング生成部118に供給する。これにより、認証鍵(暗号化認証鍵)は、方式1乃至方式3の方式に応じて、マルチプレクサ120により多重化される多重化ストリーム(放送ストリーム)に含まれることになる。 The control unit 111 includes an authentication key generation unit 151 and an encryption unit 152. The authentication key generation unit 151 generates an authentication key to be provided to the receiving device 20 and the viewing history server 30. The encryption unit 152 encrypts the authentication key generated by the authentication key generation unit 151, and the encrypted authentication key (encrypted authentication key) is converted into the video processing unit 113 according to the methods 1 to 3. To the audio processing unit 115 or the signaling generation unit 118. As a result, the authentication key (encrypted authentication key) is included in the multiplexed stream (broadcast stream) multiplexed by the multiplexer 120 in accordance with the methods 1 to 3.
 なお、詳細は後述するが、認証鍵の伝送方式のうち、シグナリングを利用した伝送方式を方式1とし、ビデオウォータマークを利用した伝送方式を方式2とし、オーディオユーザデータを利用した伝送方式を方式3としている。 As will be described in detail later, among the authentication key transmission methods, the transmission method using signaling is referred to as method 1, the transmission method using video watermark as the method 2, and the transmission method using audio user data as the method. Three.
 通信部122は、制御部111からの制御に従い、各種のネットワーク(不図示)を介して視聴履歴サーバ30(図1)との間で、データをやりとりする。例えば、通信部122は、認証鍵生成部151により生成された認証鍵を、視聴履歴サーバ30に送信(提供)する。また、例えば、通信部122は、視聴履歴サーバ30から送信されてくる視聴履歴レポートを受信し、制御部111に供給する。制御部111は、通信部122から供給される視聴履歴レポートを取得して、例えば、視聴履歴レポートを提示するなどの処理を行う。 The communication unit 122 exchanges data with the viewing history server 30 (FIG. 1) via various networks (not shown) in accordance with control from the control unit 111. For example, the communication unit 122 transmits (provides) the authentication key generated by the authentication key generation unit 151 to the viewing history server 30. For example, the communication unit 122 receives a viewing history report transmitted from the viewing history server 30 and supplies the viewing history report to the control unit 111. The control unit 111 acquires the viewing history report supplied from the communication unit 122 and performs processing such as presenting the viewing history report, for example.
(受信装置の構成)
 図3は、図1の受信装置20の構成例を示す図である。 (Receiver configuration)
FIG. 3 is a diagram illustrating a configuration example of the receiving device 20 in FIG.
 図3において、受信装置20は、制御部211、記録部212、入力部213、受信部214、デマルチプレクサ215、ビデオ処理部216、ビデオ出力部217、オーディオ処理部218、オーディオ出力部219、字幕処理部220、表示部221、スピーカ222、通信部223、及び、セキュアメモリ224から構成される。なお、図3の構成では、表示部221とスピーカ222を含む構成を示しているが、表示部221とスピーカ222を含めない構成としてもよい。 In FIG. 3, the receiving device 20 includes a control unit 211, a recording unit 212, an input unit 213, a receiving unit 214, a demultiplexer 215, a video processing unit 216, a video output unit 217, an audio processing unit 218, an audio output unit 219, and subtitles. The processing unit 220 includes a display unit 221, a speaker 222, a communication unit 223, and a secure memory 224. 3 illustrates a configuration including the display unit 221 and the speaker 222, the configuration may not include the display unit 221 and the speaker 222.
 制御部211は、受信装置20の各部の動作を制御する。記録部212は、例えば、NVRAM(Non Volatile RAM)等の不揮発性メモリであって、制御部211からの制御に従い、各種のデータを記録する。入力部213は、ユーザの操作に応じて、操作信号を制御部211に供給する。 The control unit 211 controls the operation of each unit of the receiving device 20. The recording unit 212 is a non-volatile memory such as NVRAM (NonNVolatile RAM), for example, and records various data according to control from the control unit 211. The input unit 213 supplies an operation signal to the control unit 211 in accordance with a user operation.
 受信部214は、アンテナ231を介して受信されたデジタル放送の放送波(デジタル放送信号)から、サービスの選局操作に応じた信号を抽出して復調し、その結果得られる多重化ストリーム(放送ストリーム)を、デマルチプレクサ215に供給する。 The receiving unit 214 extracts and demodulates a signal corresponding to a channel selection operation of a service from a digital broadcast wave (digital broadcast signal) received via the antenna 231, and obtains a multiplexed stream (broadcast) Stream) is supplied to the demultiplexer 215.
 デマルチプレクサ215は、受信部214から供給される放送ストリームを、オーディオやビデオ、字幕のストリームと、シグナリング情報に分離する。デマルチプレクサ215は、ビデオデータ(ビデオのコンポーネント)をビデオ処理部216に、オーディオデータ(オーディオのコンポーネント)をオーディオ処理部218に、字幕データ(字幕のコンポーネント)を字幕処理部220に、シグナリング情報を制御部211にそれぞれ供給する。 The demultiplexer 215 separates the broadcast stream supplied from the reception unit 214 into audio, video, and subtitle streams and signaling information. The demultiplexer 215 sends video data (video component) to the video processing unit 216, audio data (audio component) to the audio processing unit 218, subtitle data (subtitle component) to the subtitle processing unit 220, and signaling information. Each is supplied to the control unit 211.
 制御部211は、デマルチプレクサ215から供給されるシグナリング情報に基づいて、コンテンツを再生するために、デマルチプレクサ215や各コンポーネントの処理部などの各部の動作を制御する。 The control unit 211 controls the operation of each unit such as the demultiplexer 215 and the processing unit of each component in order to reproduce the content based on the signaling information supplied from the demultiplexer 215.
 ビデオ処理部216は、デマルチプレクサ215から供給されるビデオデータに対して、例えば、所定の復号方式に準拠した復号処理などの処理を施し、ビデオ出力部217に供給する。ビデオ出力部217は、ビデオ処理部216から供給されるビデオデータを、表示部221に出力する。これにより、表示部221には、サービスの選局操作に応じたコンテンツ(例えばテレビ番組など)の映像が表示される。 The video processing unit 216 subjects the video data supplied from the demultiplexer 215 to, for example, a decoding process based on a predetermined decoding method, and supplies the video data to the video output unit 217. The video output unit 217 outputs the video data supplied from the video processing unit 216 to the display unit 221. As a result, the display unit 221 displays a video of content (for example, a television program) according to the service channel selection operation.
 オーディオ処理部218は、デマルチプレクサ215から供給されるオーディオデータに対して、例えば、所定の復号方式に準拠した復号処理などの処理を施し、オーディオ出力部219に供給する。オーディオ出力部219は、オーディオ処理部218から供給されるオーディオデータを、スピーカ222に出力する。これにより、スピーカ222からは、サービスの選局操作に応じたコンテンツ(例えばテレビ番組など)の音声が出力される。 The audio processing unit 218 subjects the audio data supplied from the demultiplexer 215 to processing such as decoding processing conforming to a predetermined decoding method, and supplies the processed audio data to the audio output unit 219. The audio output unit 219 outputs the audio data supplied from the audio processing unit 218 to the speaker 222. As a result, the sound of content (for example, a television program) corresponding to the channel selection operation of the service is output from the speaker 222.
 字幕処理部220は、デマルチプレクサ215から供給される字幕データに対して、例えば、所定の復号方式に準拠した復号処理などの処理を施し、ビデオ出力部217に供給する。ビデオ出力部217は、字幕処理部220から供給される字幕データに対応する字幕が、ビデオ処理部216から供給されるビデオデータに対応する映像に重畳して表示されるようにする。これにより、表示部221には、サービスの選局操作に応じたコンテンツ(例えばテレビ番組など)の映像に重畳された字幕が表示される。 The caption processing unit 220 subjects the caption data supplied from the demultiplexer 215 to a process such as a decoding process based on a predetermined decoding method and supplies the processed data to the video output unit 217. The video output unit 217 causes the caption corresponding to the caption data supplied from the caption processing unit 220 to be displayed superimposed on the video corresponding to the video data supplied from the video processing unit 216. As a result, the display unit 221 displays the caption superimposed on the video of the content (for example, a television program) according to the service channel selection operation.
 ここで、図3の受信装置20においては、ビデオ処理部216、ビデオ出力部217、オーディオ処理部218、オーディオ出力部219、及び、字幕処理部220によって、いわば、レンダリング処理を行うレンダラ225が構成されていると言える。 3, the video processing unit 216, the video output unit 217, the audio processing unit 218, the audio output unit 219, and the caption processing unit 220 constitute a renderer 225 that performs rendering processing. It can be said that.
 通信部223は、制御部211からの制御に従い、通信回線60を介して視聴履歴サーバ30と、各種のデータをやりとりする。セキュアメモリ224は、セキュアなメモリであって、暗号化された認証鍵(暗号化認証鍵)を復号するための復号鍵等の機密性の高い情報を記録している。 The communication unit 223 exchanges various data with the viewing history server 30 via the communication line 60 in accordance with control from the control unit 211. The secure memory 224 is a secure memory, and records highly confidential information such as a decryption key for decrypting an encrypted authentication key (encrypted authentication key).
(制御部の機能的構成)
 図4は、図3の制御部211の機能的構成例を示す図である。 (Functional configuration of control unit)
FIG. 4 is a diagram illustrating a functional configuration example of the control unit 211 in FIG. 3.
 図4において、制御部211は、放送制御部251、通信制御部252、視聴履歴情報管理部253、視聴履歴サーバURL取得部254、フィルタ部255、復号部256、認証鍵取得部257、及び、メッセージ認証符号算出部258を含んで構成される。 4, the control unit 211 includes a broadcast control unit 251, a communication control unit 252, a viewing history information management unit 253, a viewing history server URL acquisition unit 254, a filter unit 255, a decryption unit 256, an authentication key acquisition unit 257, and A message authentication code calculation unit 258 is included.
 放送制御部251は、送信装置10から送信されるデジタル放送信号に含まれるコンテンツを再生するために、受信部214やデマルチプレクサ215、各コンポーネントの処理部や出力部などの各部を制御する。 The broadcast control unit 251 controls each unit such as the reception unit 214, the demultiplexer 215, and the processing unit and output unit of each component in order to reproduce the content included in the digital broadcast signal transmitted from the transmission device 10.
 通信制御部252は、通信回線60を介して視聴履歴サーバ30と各種のデータをやりとりするために、通信部223を制御する。 The communication control unit 252 controls the communication unit 223 to exchange various data with the viewing history server 30 via the communication line 60.
 視聴履歴情報管理部253は、コンテンツの視聴履歴情報(CDM)を管理する。視聴履歴情報管理部253は、視聴履歴情報(CDM)を記録するタイミングとなった場合に、ユーザによるコンテンツの視聴状況に応じた視聴履歴情報(CDM)を、記録部212に記録(蓄積)する。 The viewing history information management unit 253 manages content viewing history information (CDM). The viewing history information management unit 253 records (accumulates) the viewing history information (CDM) according to the viewing status of the content by the user in the recording unit 212 when it is time to record the viewing history information (CDM). .
 視聴履歴サーバURL取得部254は、デマルチプレクサ215により分離される放送ストリームに含まれる視聴履歴サーバURLを取得し、記録部212に記録(保持)する。 The viewing history server URL acquisition unit 254 acquires the viewing history server URL included in the broadcast stream separated by the demultiplexer 215 and records (holds) it in the recording unit 212.
 フィルタ部255は、デマルチプレクサ215により分離される放送ストリームに含まれる認証鍵(暗号化認証鍵)のうち、対象の認証鍵(暗号化認証鍵)を取得するためのフィルタリング処理を行う。復号部256は、セキュアメモリ224から読み出された復号鍵を用いて、フィルタ部255によるフィルタリング処理の結果得られる認証鍵(暗号化認証鍵)を復号する。 The filter unit 255 performs a filtering process for obtaining a target authentication key (encrypted authentication key) among the authentication keys (encrypted authentication keys) included in the broadcast stream separated by the demultiplexer 215. The decryption unit 256 decrypts the authentication key (encrypted authentication key) obtained as a result of the filtering process by the filter unit 255 using the decryption key read from the secure memory 224.
 認証鍵取得部257は、復号部256により復号された認証鍵を取得し、記録部212に記録(保持)する。また、認証鍵取得部257は、視聴履歴情報(CDM)を視聴履歴サーバ30に送信するタイミングとなった場合に、記録部212に記録された認証鍵を読み出して、メッセージ認証符号算出部258に供給する。 The authentication key acquisition unit 257 acquires the authentication key decrypted by the decryption unit 256 and records (holds) it in the recording unit 212. Also, the authentication key acquisition unit 257 reads the authentication key recorded in the recording unit 212 and sends it to the message authentication code calculation unit 258 when it is time to transmit the viewing history information (CDM) to the viewing history server 30. Supply.
 視聴履歴情報管理部253は、視聴履歴情報(CDM)を視聴履歴サーバ30に送信するタイミングとなった場合に、記録部212から、視聴履歴情報(CDM)と視聴履歴サーバURLを読み出し、視聴履歴サーバURLを、通信制御部252に供給し、視聴履歴情報(CDM)を、メッセージ認証符号算出部258に供給する。 The viewing history information management unit 253 reads the viewing history information (CDM) and the viewing history server URL from the recording unit 212 when the timing for transmitting the viewing history information (CDM) to the viewing history server 30 is reached. The server URL is supplied to the communication control unit 252 and the viewing history information (CDM) is supplied to the message authentication code calculation unit 258.
 メッセージ認証符号算出部258には、認証鍵取得部257からの認証鍵と、視聴履歴情報管理部253からの視聴履歴情報(CDM)が供給される。メッセージ認証符号算出部258は、認証鍵、及び、視聴履歴情報(CDM)に基づいて、メッセージ認証符号(HMAC)を算出する。メッセージ認証符号算出部258は、メッセージ認証符号(HMAC)を添付した視聴履歴情報(CDM)を、通信制御部252に供給する。 The message authentication code calculation unit 258 is supplied with the authentication key from the authentication key acquisition unit 257 and the viewing history information (CDM) from the viewing history information management unit 253. The message authentication code calculation unit 258 calculates a message authentication code (HMAC) based on the authentication key and viewing history information (CDM). The message authentication code calculation unit 258 supplies the viewing control information (CDM) attached with the message authentication code (HMAC) to the communication control unit 252.
 通信制御部252には、視聴履歴情報管理部253からの視聴履歴サーバURLと、メッセージ認証符号算出部258からの、メッセージ認証符号(HMAC)を添付した視聴履歴情報(CDM)が供給される。通信制御部252は、視聴履歴サーバURLに基づいて、メッセージ認証符号(HMAC)を添付した視聴履歴情報(CDM)が、通信回線60を介して視聴履歴サーバ30宛てに送信されるように、通信部223を制御する。 The communication control unit 252 is supplied with the viewing history server URL from the viewing history information management unit 253 and the viewing history information (CDM) attached with the message authentication code (HMAC) from the message authentication code calculation unit 258. The communication control unit 252 performs communication so that the viewing history information (CDM) attached with the message authentication code (HMAC) is transmitted to the viewing history server 30 via the communication line 60 based on the viewing history server URL. The unit 223 is controlled.
(視聴履歴サーバの構成)
 図5は、図1の視聴履歴サーバ30の構成例を示す図である。 (Viewing history server configuration)
FIG. 5 is a diagram illustrating a configuration example of the viewing history server 30 of FIG.
 図5において、視聴履歴サーバ30は、制御部311、通信部312、及び、視聴履歴情報蓄積部313から構成される。 5, the viewing history server 30 includes a control unit 311, a communication unit 312, and a viewing history information storage unit 313.
 制御部311は、視聴履歴サーバ30の各部の動作を制御する。制御部311は、メッセージ認証符号取得部351、認証鍵取得部352、メッセージ認証符号算出部353、メッセージ認証符号比較部354、視聴履歴情報管理部355、及び、視聴履歴情報分析部356から構成される。 The control unit 311 controls the operation of each unit of the viewing history server 30. The control unit 311 includes a message authentication code acquisition unit 351, an authentication key acquisition unit 352, a message authentication code calculation unit 353, a message authentication code comparison unit 354, a viewing history information management unit 355, and a viewing history information analysis unit 356. The
 通信部312は、制御部311からの制御に従い、受信装置20から通信回線60を介して送信されてくる、メッセージ認証符号(HMAC)を添付した視聴履歴情報(CDM)を受信し、制御部311に供給する。メッセージ認証符号取得部351は、受信装置20から受信したメッセージ認証符号(HMAC)を取得し、メッセージ認証符号比較部354に供給する。 The communication unit 312 receives the viewing history information (CDM) attached with the message authentication code (HMAC) transmitted from the receiving device 20 via the communication line 60 according to the control from the control unit 311, and receives the control unit 311. To supply. The message authentication code acquisition unit 351 acquires the message authentication code (HMAC) received from the reception device 20 and supplies it to the message authentication code comparison unit 354.
 また、通信部312は、制御部311からの制御に従い、放送局の送信装置10から送信されてくる認証鍵を受信し、制御部311に供給する。認証鍵取得部352は、送信装置10から受信した認証鍵を取得し、メッセージ認証符号算出部353に供給する。 Further, the communication unit 312 receives the authentication key transmitted from the transmission device 10 of the broadcasting station and supplies the authentication key to the control unit 311 according to the control from the control unit 311. The authentication key acquisition unit 352 acquires the authentication key received from the transmission device 10 and supplies it to the message authentication code calculation unit 353.
 メッセージ認証符号算出部353には、認証鍵取得部352からの認証鍵と、受信装置20からの視聴履歴情報(CDM)が供給される。メッセージ認証符号算出部353は、認証鍵、及び、視聴履歴情報(CDM)に基づいて、メッセージ認証符号(HMAC')を算出し、メッセージ認証符号比較部354に供給する。 The message authentication code calculation unit 353 is supplied with the authentication key from the authentication key acquisition unit 352 and the viewing history information (CDM) from the receiving device 20. The message authentication code calculation unit 353 calculates a message authentication code (HMAC ′) based on the authentication key and viewing history information (CDM), and supplies the message authentication code comparison unit 354 with the message authentication code (HMAC ′).
 メッセージ認証符号比較部354には、メッセージ認証符号取得部351からのメッセージ認証符号(HMAC)と、メッセージ認証符号算出部353からのメッセージ認証符号(HMAC')が供給される。メッセージ認証符号比較部354は、受信装置20から受信したメッセージ認証符号(HMAC)と、メッセージ認証符号算出部353が算出したメッセージ認証符号(HMAC')とを比較して、その比較結果が一致するかどうかを判定することで、受信したメッセージ認証符号(HMAC)を検証する。 The message authentication code comparison unit 354 is supplied with the message authentication code (HMAC) from the message authentication code acquisition unit 351 and the message authentication code (HMAC ′) from the message authentication code calculation unit 353. The message authentication code comparison unit 354 compares the message authentication code (HMAC) received from the receiving device 20 with the message authentication code (HMAC ′) calculated by the message authentication code calculation unit 353, and the comparison results match. The received message authentication code (HMAC) is verified.
 視聴履歴情報管理部355は、視聴履歴情報(CDM)を管理する。視聴履歴情報管理部355は、メッセージ認証符号比較部354による、メッセージ認証符号(HMAC)の検証結果に応じて、当該メッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)を処理する。 The viewing history information management unit 355 manages viewing history information (CDM). The viewing history information management unit 355 processes the viewing history information (CDM) attached with the message authentication code (HMAC) according to the verification result of the message authentication code (HMAC) by the message authentication code comparison unit 354.
 例えば、視聴履歴情報管理部355は、メッセージ認証符号(HMAC)の検証結果に応じて、正当であると判定された視聴履歴情報(CDM)を、視聴履歴情報蓄積部313に記録(蓄積)する。これにより、視聴履歴情報蓄積部313には、複数の受信装置20から順次送られてくる視聴履歴情報(CDM)が収集され、例えば、放送局ごとに蓄積されることになる。 For example, the viewing history information management unit 355 records (accumulates) the viewing history information (CDM) determined to be valid in the viewing history information accumulation unit 313 according to the verification result of the message authentication code (HMAC). . As a result, the viewing history information storage unit 313 collects viewing history information (CDM) sequentially transmitted from the plurality of receiving apparatuses 20 and stores it, for example, for each broadcasting station.
 視聴履歴情報分析部356は、視聴履歴情報(CDM)を分析するタイミングとなった場合に、視聴履歴情報蓄積部313から、放送局ごとの視聴履歴情報(CDM)を読み出して分析する。視聴履歴情報分析部356は、視聴履歴情報(CDM)の分析結果に基づいて、例えば、放送局ごとの視聴履歴レポートを生成し、通信部312に供給する。通信部312は、制御部311からの制御に従い、放送局ごとの視聴履歴レポートを、各種のネットワーク(不図示)を介して、対象の放送局の送信装置10に送信する。 The viewing history information analysis unit 356 reads the viewing history information (CDM) for each broadcasting station from the viewing history information storage unit 313 and analyzes it when it is time to analyze the viewing history information (CDM). The viewing history information analysis unit 356 generates, for example, a viewing history report for each broadcasting station based on the analysis result of the viewing history information (CDM) and supplies the viewing history report to the communication unit 312. The communication unit 312 transmits a viewing history report for each broadcast station to the transmission device 10 of the target broadcast station via various networks (not shown) in accordance with control from the control unit 311.
<2.本技術の概要> <2. Overview of this technology>
 ところで、ATSC3.0と称される次世代のATSCの規格では、IP伝送方式が採用され、データ伝送に、TS(Transport Stream)パケットではなく、IP/UDPパケット、すなわち、UDP(User Datagram Protocol)パケットを含むIP(Internet Protocol)パケットを用いることが決定されている。また、ATSC3.0以外の放送方式でも、将来的に、IPパケットを用いたIP伝送方式が用いられることが期待されている。 By the way, in the next generation ATSC standard called ATSC3.0, an IP transmission method is adopted, and data transmission is not a TS (Transport Stream) packet, but an IP / UDP packet, that is, UDP (User Datagram Protocol). It has been decided to use IP (Internet Protocol) packets including packets. In addition, it is expected that an IP transmission method using IP packets will be used in the future even in broadcasting methods other than ATSC 3.0.
 また、ATSC3.0においては、トランスポート・プロトコルとして、ROUTE(Real-Time Object Delivery over Unidirectional Transport)と、MMT(MPEG Media Transport)が併存し、いずれか一方のトランスポート・プロトコルを用いてビデオやオーディオ、字幕等(のコンポーネント)のストリームが伝送される。なお、トランスポート・プロトコルとして、ROUTEとMMTのいずれを用いるかは、放送事業者ごとに選択される。 In ATSC 3.0, ROUTE (Real-Time Object Delivery Service Unidirectional Transport) and MMT (MPEG Media Transport) coexist as transport protocols. Streams of audio, subtitles, etc. (components) are transmitted. Whether to use ROUTE or MMT as the transport protocol is selected for each broadcaster.
 ここで、ROUTEは、バイナリファイルを一方向でマルチキャスト転送するのに適したプロトコルであるFLUTE(File Delivery over Unidirectional Transport)を拡張したプロトコルである。また、MMTは、IP(Internet Protocol)上で用いられるトランスポート方式であり、制御情報によりIPアドレスやURL(Uniform Resource Locator)を設定することで、ビデオやオーディオ等のデータを参照することができる。 Here, ROUTE is a protocol that extends FLUTE (File Delivery over Unidirectional Transport), which is a protocol suitable for multicast transfer of binary files in one direction. MMT is a transport method used on IP (Internet Protocol), and data such as video and audio can be referred to by setting an IP address and URL (Uniform Resource Locator) using control information. .
 さらに、ATSC3.0においては、シグナリングとして、LLS(Link Layer Signaling)シグナリング情報と、SLS(Service Layer Signaling)シグナリング情報を規定することが想定されており、先行して取得されるLLSシグナリング情報に記述される情報に従い、サービスごとのSLSシグナリング情報が取得されることになる。 Furthermore, in ATSC 3.0, it is assumed that LLS (Link Layer Signaling) signaling information and SLS (Service Layer Layer Signaling) signaling information are specified as signaling, and are described in the LLS signaling information acquired in advance. The SLS signaling information for each service is acquired according to the information to be performed.
 ここで、LLSシグナリング情報としては、例えば、SLT(Service List Table)等のメタデータが含まれる。SLTは、サービスの選局に必要な情報(選局情報)など、放送ネットワークにおけるストリームやサービスの構成を示す情報(サービス構成情報)を含む。 Here, the LLS signaling information includes metadata such as SLT (Service List). The SLT includes information (service configuration information) indicating the stream and service configuration in the broadcast network, such as information necessary for channel selection (channel selection information).
 また、SLSシグナリング情報としては、例えば、USD(User Service Description),LSID(LCT Session Instance Description),MPD(Media Presentation Description)等のメタデータが含まれる。USDは、他のメタデータの取得先などの情報を含む。LSIDは、ROUTEプロトコルの制御情報である。MPDは、コンポーネントのストリームの再生を管理するための制御情報である。なお、USD,LSID,MPD等のメタデータは、XML(Extensible Markup Language)等のマークアップ言語により記述される。また、MPDは、MPEG-DASH(Dynamic Adaptive Streaming over HTTP)の規格に準じている。 The SLS signaling information includes metadata such as USD (User Service Description), LSID (LCT Session Instance Description), MPD (Media Presentation Description), and the like. The USD includes information such as another metadata acquisition destination. LSID is ROUTE protocol control information. MPD is control information for managing the playback of component streams. Note that metadata such as USD, LSID, and MPD is described in a markup language such as XML (Extensible Markup Language). MPD conforms to the MPEG-DASH (Dynamic Adaptive Streaming over HTTP) standard.
(プロトコルスタック)
 図6は、本技術を適用したIP伝送方式のプロトコルスタックを示す図である。 (Protocol stack)
FIG. 6 is a diagram illustrating a protocol stack of an IP transmission scheme to which the present technology is applied.
 図6において、最も下位の階層は、物理層(Physical Layer)とされる。この物理層に隣接する上位の階層は、レイヤ2の階層(Layer2)とされ、さらに、レイヤ2の階層に隣接する上位の階層は、IP層とされる。また、IP層に隣接する上位の階層はUDP層とされる。すなわち、UDPパケットを含むIPパケット(IP/UDPパケット)が、レイヤ2のL2パケット(Genericパケット)のペイロードに配置され、カプセル化(encapsulation)される。また、物理層のL1フレーム(Physical Frame)は、プリアンブルとデータ部から構成されるが、データ部には、複数のL2パケットをカプセル化して得られるBBフレームに対してエラー訂正用のパリティを付加した後に、インターリーブやマッピング等の物理層に関する処理が行われることで得られるデータがマッピングされる。 In FIG. 6, the lowest hierarchy is a physical layer. The upper layer adjacent to the physical layer is a layer 2 layer (Layer 2), and the upper layer adjacent to the layer 2 layer is an IP layer. The upper layer adjacent to the IP layer is a UDP layer. That is, an IP packet including a UDP packet (IP / UDP packet) is arranged in the payload of a layer 2 L2 packet (Generic packet) and encapsulated. The physical layer L1 frame (Physical Frame) is composed of a preamble and a data part. In the data part, error correction parity is added to the BB frame obtained by encapsulating multiple L2 packets. After that, data obtained by performing processing related to the physical layer such as interleaving and mapping is mapped.
 UDP層に隣接する上位の階層は、ROUTE,MMT,SLTとされる。すなわち、ROUTEセッションで伝送される、ビデオ、オーディオ、及び、字幕のストリームと、SLSシグナリング情報のストリームと、NRTコンテンツのストリームは、IP/UDPパケットに格納されて伝送される。なお、NRTコンテンツは、NRT(Non Real Time)放送で配信されるコンテンツであって、受信装置20のストレージに一旦蓄積された後で再生が行われる。また、NRTコンテンツ以外のファイル(例えばアプリケーションのファイル)がROUTEセッションで伝送されるようにしてもよい。 The upper layers adjacent to the UDP layer are ROUTE, MMT, and SLT. That is, the video, audio, and subtitle streams, the SLS signaling information stream, and the NRT content stream transmitted in the ROUTE session are stored in the IP / UDP packet and transmitted. The NRT content is content distributed by NRT (Non Real Time) broadcasting, and is played back after being temporarily stored in the storage of the receiving device 20. Further, files other than NRT content (for example, application files) may be transmitted in the ROUTE session.
 一方で、MMTセッションで伝送される、ビデオ、オーディオ、及び、字幕のストリームと、SLSシグナリング情報のストリームは、IP/UDPパケットに格納されて伝送される。また、SLTは、IP/UDPパケットに格納されて伝送される。 On the other hand, the video, audio, and subtitle streams and the SLS signaling information stream transmitted in the MMT session are stored in the IP / UDP packet and transmitted. The SLT is stored in an IP / UDP packet and transmitted.
 本技術を適用したIP伝送方式では、以上のようなプロトコルスタックが採用されることで、受信装置20は、ROUTEセッションで伝送されるコンポーネントのストリームにより提供されるサービス(チャンネル)の選局時には、SLTに含まれる選局情報に従い、ROUTEセッションで伝送されるSLSシグナリング情報を取得する(S1-1,S1-2)。そして、受信装置20は、USD,LSID,MPD等のメタデータに従い、選局されたサービスのコンポーネントのストリームに接続する(S1-3)。これにより、受信装置20では、サービスの選局操作に応じたコンテンツ(例えばテレビ番組)の映像や音声が出力される。 In the IP transmission scheme to which the present technology is applied, the above-described protocol stack is adopted, so that the receiving device 20 can select a service (channel) provided by a component stream transmitted in a ROUTE session. In accordance with the channel selection information included in the SLT, SLS signaling information transmitted in the ROUTE session is acquired (S1-1, S1-2). Then, the receiving device 20 connects to the stream of the selected service component according to metadata such as USD, LSID, and MPD (S1-3). As a result, the receiving device 20 outputs video and audio of content (for example, a television program) corresponding to the service channel selection operation.
 また、受信装置20は、MMTセッションで伝送されるコンポーネントのストリームにより提供されるサービスの選局時には、SLTに含まれる選局情報に従い、MMTセッションで伝送されるSLSシグナリング情報を取得する(S2-1,S2-2)。そして、受信装置20は、各種のメタデータに従い、選局されたサービスのコンポーネントのストリームに接続する(S2-3)。これにより、受信装置20では、サービスの選局操作に応じたコンテンツ(例えばテレビ番組)の映像や音声が出力される。 Further, when selecting a service provided by the component stream transmitted in the MMT session, the receiving device 20 acquires SLS signaling information transmitted in the MMT session according to the tuning information included in the SLT (S2- 1, S2-2). Then, the receiving device 20 connects to the stream of the selected service component according to various metadata (S2-3). As a result, the receiving device 20 outputs video and audio of content (for example, a television program) corresponding to the service channel selection operation.
(視聴履歴情報(CDM)の収集の流れ)
 図7は、図1の伝送システム1における、視聴履歴情報(CDM)の収集の流れを説明する図である。 (Flow of viewing history information (CDM) collection)
FIG. 7 is a diagram illustrating a flow of collecting viewing history information (CDM) in the transmission system 1 of FIG.
 なお、図7の受信装置20において、HMAC算出部258は、図4のメッセージ認証符号算出部258に相当する。また、図7の視聴履歴サーバ30において、HMAC算出部353は、図5のメッセージ認証符号算出部353に相当し、HMAC比較部354は、図5のメッセージ認証符号比較部354に相当する。 7, the HMAC calculation unit 258 corresponds to the message authentication code calculation unit 258 in FIG. Further, in the viewing history server 30 of FIG. 7, the HMAC calculation unit 353 corresponds to the message authentication code calculation unit 353 of FIG. 5, and the HMAC comparison unit 354 corresponds to the message authentication code comparison unit 354 of FIG.
 図7において、送信装置10は、IP伝送方式(図6)を用いたデジタル放送の放送波により放送ストリームを伝送している。受信装置20は、送信装置20から送信されるデジタル放送の放送波を受信し、放送ストリームに含まれるビデオやオーディオ等のコンポーネントと、シグナリング情報を処理することで、コンテンツを再生する。ただし、受信装置20では、コンテンツの視聴履歴に関する視聴履歴情報(CDM)が記録(蓄積)されている。 In FIG. 7, the transmission apparatus 10 transmits a broadcast stream by a broadcast wave of a digital broadcast using the IP transmission method (FIG. 6). The receiving device 20 receives the broadcast wave of the digital broadcast transmitted from the transmitting device 20, and reproduces the content by processing components such as video and audio included in the broadcast stream and signaling information. However, the receiving device 20 records (accumulates) viewing history information (CDM) related to the viewing history of the content.
 また、送信装置10は、認証鍵(authentication key)を生成し、生成された認証鍵を、暗号化部152により、暗号鍵で暗号化する。送信装置10は、暗号化された認証鍵(暗号化認証鍵)を、放送ストリームに含めて送信する。ただし、認証鍵(暗号化認証鍵)は、シグナリングを利用した伝送方式である方式1、ビデオウォータマークを利用した伝送方式である方式2、又は、オーディオユーザデータを利用した伝送方式である方式3のいずれかの方式により伝送される。また、送信装置10は、認証鍵を視聴履歴サーバ30にも提供する。 In addition, the transmission device 10 generates an authentication key (authentication key), and the generated authentication key is encrypted by the encryption unit 152 with the encryption key. The transmission device 10 transmits an encrypted authentication key (encrypted authentication key) in a broadcast stream. However, the authentication key (encrypted authentication key) is a method 1 that is a transmission method using signaling, a method 2 that is a transmission method that uses video watermark, or a method 3 that is a transmission method that uses audio user data. It is transmitted by one of the methods. The transmission device 10 also provides the authentication key to the viewing history server 30.
 ここで、認証鍵は、1種類又は複数種類の場合がある。1種類の認証鍵を採用した場合、すべての受信装置20、すなわち、受信装置20-1乃至20-Mが、共通で1つの認証鍵を利用した運用が行われることになる。 Here, there may be one or more types of authentication keys. When one type of authentication key is employed, all the receiving devices 20, that is, the receiving devices 20-1 to 20-M, operate in common using one authentication key.
 一方で、複数の認証鍵を採用した場合、受信装置20の製造事業者(受信機製造事業者)ごとに、又は、受信装置20ごとに、異なる認証鍵を利用した運用が行われることになる。この場合、認証鍵には、当該鍵の宛先を示す情報が付加される。この宛先を示す情報としては、例えば、受信機製造事業者鍵(manufacturer key)を識別するID、若しくは受信機製造事業者を識別するID(受信機製造事業者ID)、又は、受信機鍵(device key)を識別するID、若しくは受信装置20を識別するID(受信機ID)などを用いることができる。 On the other hand, when a plurality of authentication keys are employed, an operation using a different authentication key is performed for each manufacturer (receiver manufacturer) of the receiving device 20 or for each receiving device 20. . In this case, information indicating the destination of the key is added to the authentication key. As information indicating this destination, for example, an ID for identifying a receiver manufacturer key (manufacturer key), an ID for identifying a receiver manufacturer (receiver manufacturer ID), or a receiver key ( An ID for identifying (device key) or an ID (receiver ID) for identifying the receiving device 20 can be used.
 例えば、認証鍵の宛先を示す情報が、受信機製造事業者IDである場合、認証鍵は、受信機製造事業者鍵(manufacturer key)により暗号化される。また、例えば、認証鍵の宛先を示す情報が、受信機IDである場合、認証鍵は、受信機鍵(device key)により暗号化される。図7の例では、認証鍵は、受信機製造事業者鍵により暗号化されている。 For example, when the information indicating the destination of the authentication key is the receiver manufacturer ID, the authentication key is encrypted with the receiver manufacturer key. For example, when the information indicating the destination of the authentication key is the receiver ID, the authentication key is encrypted with the receiver key (device key). In the example of FIG. 7, the authentication key is encrypted with the receiver manufacturer key.
 受信装置20は、送信装置10から、方式1乃至方式3のいずれかの方式で、放送ストリームに含めて送信される認証鍵(暗号化認証鍵)を受信する。このとき、受信装置20は、認証鍵(暗号化認証鍵)に付加された宛先を示す情報(例えば、受信機製造事業者ID又は受信機ID)が、自機宛ての認証鍵であることを示している場合に、認証鍵(暗号化認証鍵)を取得することになる。ここでは、自機宛てではない認証鍵は、破棄されることになる。 The receiving device 20 receives from the transmitting device 10 an authentication key (encrypted authentication key) transmitted by being included in the broadcast stream by any one of methods 1 to 3. At this time, the receiving device 20 confirms that the information (for example, receiver manufacturer ID or receiver ID) indicating the destination added to the authentication key (encrypted authentication key) is the authentication key addressed to itself. In the case shown, an authentication key (encrypted authentication key) is acquired. Here, an authentication key that is not addressed to itself is discarded.
 また、受信装置20では、復号部256によって、セキュアメモリ224に保管されている復号鍵(例えば、受信機製造事業者鍵(manufacturer key)又は受信機鍵(device key))を用い、自機宛ての認証鍵(暗号化認証鍵)が復号される。図7の例では、認証鍵(暗号化認証鍵)は、受信機製造事業者鍵で暗号化されているので、復号部256は、セキュアメモリ224から読み出した受信機製造事業者鍵を用いて認証鍵(暗号化認証鍵)を復号することになる。 In the receiving device 20, the decryption unit 256 uses the decryption key (for example, the receiver manufacturer key (manufacturer key) or the receiver key (device key)) stored in the secure memory 224, and is addressed to the own device. The authentication key (encrypted authentication key) is decrypted. In the example of FIG. 7, since the authentication key (encrypted authentication key) is encrypted with the receiver manufacturer key, the decryption unit 256 uses the receiver manufacturer key read from the secure memory 224. The authentication key (encrypted authentication key) will be decrypted.
 受信装置20において、HMAC算出部258には、復号部256により復号された認証鍵と、記録部212に記録(蓄積)されている視聴履歴情報(CDM)が供給される。HMAC算出部258は、認証鍵、及び、視聴履歴情報(CDM)に基づいて、メッセージ認証符号(HMAC)を算出する。受信装置20は、視聴履歴情報(CDM)に、HMAC算出部258により算出されたメッセージ認証符号(HMAC)を添付して、メッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)を、通信回線60を介して視聴履歴サーバ30に送信する。 In the receiving apparatus 20, the HMAC calculation unit 258 is supplied with the authentication key decrypted by the decryption unit 256 and the viewing history information (CDM) recorded (accumulated) in the recording unit 212. The HMAC calculation unit 258 calculates a message authentication code (HMAC) based on the authentication key and viewing history information (CDM). The receiving device 20 attaches the message authentication code (HMAC) calculated by the HMAC calculation unit 258 to the viewing history information (CDM), and the viewing history information (CDM) with the message authentication code (HMAC) attached thereto. The data is transmitted to the viewing history server 30 via the communication line 60.
 なお、通信回線60を介して行われる、受信装置20と視聴履歴サーバ30との通信は、例えばTLS(Transport Layer Security)により提供されるHTTPS(Hypertext Transfer Protocol Secure)を利用することで、通信をセキュアに行うことができる。 Note that the communication between the receiving device 20 and the viewing history server 30 performed via the communication line 60 is performed by using, for example, HTTPS (Hypertext Transfer Protocol Secure) provided by TLS (Transport Layer Security). It can be done securely.
 視聴履歴サーバ30は、通信回線60を介して受信装置20から送信されてくる、メッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)を受信する。視聴履歴サーバ30において、HMAC算出部353には、送信装置10から提供される認証鍵と、受信装置20から受信した視聴履歴情報(CDM)が供給される。HMAC算出部353は、認証鍵、及び、視聴履歴情報(CDM)に基づいて、メッセージ認証符号(HMAC')を算出し、HMAC比較部354に供給する。 The viewing history server 30 receives viewing history information (CDM) attached with a message authentication code (HMAC) transmitted from the receiving device 20 via the communication line 60. In the viewing history server 30, the HMAC calculation unit 353 is supplied with the authentication key provided from the transmitting device 10 and the viewing history information (CDM) received from the receiving device 20. The HMAC calculation unit 353 calculates a message authentication code (HMAC ′) based on the authentication key and the viewing history information (CDM), and supplies the message authentication code (HMAC ′) to the HMAC comparison unit 354.
 HMAC比較部354には、HMAC算出部353からのメッセージ認証符号(HMAC')と、受信装置20から受信した視聴履歴情報(CDM)に添付されたメッセージ認証符号(HMAC)が供給される。HMAC比較部354は、メッセージ認証符号(HMAC)と、メッセージ認証符号(HMAC')とを比較して、その比較結果が一致するかどうかを判定することで、メッセージ認証符号(HMAC)を検証する。 The HMAC comparison unit 354 is supplied with the message authentication code (HMAC ′) from the HMAC calculation unit 353 and the message authentication code (HMAC) attached to the viewing history information (CDM) received from the receiving device 20. The HMAC comparison unit 354 verifies the message authentication code (HMAC) by comparing the message authentication code (HMAC) with the message authentication code (HMAC ′) and determining whether or not the comparison result matches. .
 ここでは、HMAC比較部354による比較結果が一致する場合、当該メッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)は、対象の受信機製造会社の受信装置20が記録して送信したものであって、正当であるので、視聴履歴サーバ30は、当該視聴履歴情報(CDM)を処理する。一方で、HMAC比較部354による比較結果が不一致となる場合、当該メッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)は、対象の受信機製造会社の受信装置20が記録して送信したものではなく、正当ではないので、視聴履歴サーバ30は、当該視聴履歴情報(CDM)を処理しない(例えば、破棄する)。 Here, when the comparison result by the HMAC comparison unit 354 matches, the viewing history information (CDM) attached with the message authentication code (HMAC) is recorded and transmitted by the receiving device 20 of the target receiver manufacturer. Since it is proper and valid, the viewing history server 30 processes the viewing history information (CDM). On the other hand, when the comparison result by the HMAC comparison unit 354 does not match, the viewing history information (CDM) attached with the message authentication code (HMAC) is recorded and transmitted by the receiving device 20 of the target receiver manufacturer. The viewing history server 30 does not process (for example, discard) the viewing history information (CDM) because the viewing history server 30 is not valid.
 以上のように、伝送システム1においては、視聴履歴サーバ30が、受信装置20から送信されてくる、メッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)に基づいて、視聴履歴情報(CDM)の送信元となる受信装置20を認証することができるので、正確な視聴履歴情報(CDM)の収集を行うことができる。また、伝送システム1においては、メッセージ認証符号(HMAC)を用いた認証を行っているため、公開鍵暗号を用いた方式と比べて、受信装置20側と、視聴履歴サーバ30側の処理負荷を低減することができる。 As described above, in the transmission system 1, the viewing history server 30 transmits the viewing history information (CDM) based on the viewing history information (CDM) attached with the message authentication code (HMAC) transmitted from the receiving device 20. Since the receiving device 20 that is the transmission source of the CDM) can be authenticated, accurate viewing history information (CDM) can be collected. Further, since the transmission system 1 performs authentication using a message authentication code (HMAC), the processing load on the receiving device 20 side and the viewing history server 30 side is reduced compared to a method using public key cryptography. Can be reduced.
 また、伝送システム1においては、デジタル放送の放送波を利用して、認証鍵を配信しているため、デジタル放送信号の特徴である、高信頼性や同報性、拡張性(スケーラビリティ)をいかして、多数、かつ、多様な受信装置20に対して、一斉に認証鍵を配信することができる。さらに、受信装置20において、視聴履歴情報(CDM)を視聴履歴サーバ30に送信する際に用いられる、認証鍵を周期的に更新できることはセキュリティ面でメリットが大きいが、デジタル放送信号の特徴である高信頼性や同報性、拡張性(スケーラビリティ)を利用すれば、認証鍵を動的に変更して、不特定多数の受信装置20-1乃至20-Mに配信することができるため、そのメリットを享受することができる。 In addition, in the transmission system 1, since the authentication key is distributed using the broadcast wave of the digital broadcast, the high reliability, broadcast capability, and scalability (scalability) that are the characteristics of the digital broadcast signal are utilized. Thus, the authentication key can be distributed to a large number and various receiving devices 20 at the same time. Furthermore, the fact that the receiving device 20 can periodically update the authentication key used when transmitting the viewing history information (CDM) to the viewing history server 30 has a great merit in terms of security, but is a feature of the digital broadcast signal. By using high reliability, broadcast capability, and extensibility (scalability), the authentication key can be dynamically changed and distributed to an unspecified number of receiving devices 20-1 to 20-M. You can enjoy the benefits.
 また、上述したデジタル放送信号の特徴に加えて、認証鍵の暗号化方法と認証鍵のフィルタリング方法を工夫することで、メッセージ認証符号(HMAC)の算出に使用する認証鍵を、特定のグループ単位(例えば、受信機製造事業者単位や受信機単位など)ごとに変更して、配信することができる。すなわち、視聴履歴サーバ30側からすれば、視聴履歴情報(CDM)と一緒に送られてくるメッセージ認証符号(HMAC)を検証することで、視聴履歴情報(CDM)の送信元の受信装置20を検証できることになる。これにより、例えば、視聴履歴サーバ30を運営する視聴履歴収集事業者が、視聴履歴情報(CDM)の収集に協力することによる対価を、受信機製造事業者に支払う際の信頼情報として利用することができる。因みに、このような信頼情報として用いる場合には、HTTPSのような経路保護のみでは不十分である。 In addition to the features of the digital broadcast signal described above, the authentication key used for calculating the message authentication code (HMAC) can be specified in a specific group unit by devising the encryption method of the authentication key and the filtering method of the authentication key. It can be changed and distributed for each receiver (for example, receiver manufacturer unit or receiver unit). That is, from the viewing history server 30 side, by verifying the message authentication code (HMAC) sent together with the viewing history information (CDM), the receiving device 20 that is the transmission source of the viewing history information (CDM) can be changed. It can be verified. As a result, for example, the viewing history collection operator operating the viewing history server 30 uses the compensation by cooperating with the collection of viewing history information (CDM) as the trust information when paying the receiver manufacturer. Can do. Incidentally, route protection such as HTTPS is not sufficient when used as such trust information.
 さらに、伝送システム1においては、認証鍵を放送ストリームに含めて伝送する際に、サービス(放送チャンネル)ごとに伝送されるようにすることで、視聴履歴情報(CDM)を収集する処理と、視聴履歴情報(CDM)を収集する対象となるサービスとを、明確に関連付けることができる。 Further, the transmission system 1 includes a process of collecting viewing history information (CDM) by transmitting the authentication key in a broadcast stream for each service (broadcast channel), and viewing and listening. It is possible to clearly associate a service for which history information (CDM) is collected.
(鍵とIDとの関係)
 図8は、鍵とIDとの関係を示す図である。 (Relationship between key and ID)
FIG. 8 is a diagram illustrating the relationship between keys and IDs.
 図8において、放送局1の送信装置10-1では、受信機製造事業者鍵リスト又は受信機鍵リストを管理している。 In FIG. 8, the transmitter 10-1 of the broadcasting station 1 manages a receiver manufacturer key list or a receiver key list.
 この受信機製造事業者鍵リストには、例えば、rec_ma_id_Aである受信機製造事業者IDで識別される受信機製造会社Aに割り当てられている受信機製造事業者鍵(ma_key_A,key_id_A)や、rec_ma_id_Bである受信機製造事業者IDで識別される受信機製造会社Bに割り当てられている受信機製造事業者鍵(ma_key_B,key_id_B)など、受信機製造事業者ごとの鍵に関する情報がリスト化されている。 In this receiver manufacturer key list, for example, the receiver manufacturer key (ma_key_A, key_id_A) assigned to the receiver manufacturer A identified by the receiver manufacturer ID which is rec_ma_id_A, rec_ma_id_B Information related to the key for each receiver manufacturer such as the receiver manufacturer key (ma_key_B, key_id_B) assigned to the receiver manufacturer B identified by the receiver manufacturer ID is listed. Yes.
 受信機鍵リストには、例えば、受信機製造会社Aにより製造された受信装置20-A1乃至20-A3に割り当てられている受信機鍵や、受信機製造会社Bにより製造された受信装置20-B1乃至20-B3に割り当てられている受信機鍵など、各受信機製造事業者により製造された受信機ごとの鍵に関する情報がリスト化されている。 The receiver key list includes, for example, a receiver key assigned to the receivers 20-A1 to 20-A3 manufactured by the receiver manufacturer A, and a receiver 20- manufactured by the receiver manufacturer B. Information relating to keys for each receiver manufactured by each receiver manufacturer, such as receiver keys assigned to B1 to 20-B3, is listed.
 また、放送局2の送信装置10-2においては、放送局1の送信装置10-1と同様に、受信機製造事業者ごとの鍵に関する情報がリスト化された受信機製造事業者鍵リスト、又は各受信機製造事業者により製造された受信機ごとの鍵に関する情報がリスト化された受信機鍵リストを管理している。 Further, in the transmitter 10-2 of the broadcast station 2, as with the transmitter 10-1 of the broadcast station 1, a receiver manufacturer key list in which information on keys for each receiver manufacturer is listed, Alternatively, it manages a receiver key list in which information on keys for each receiver manufactured by each receiver manufacturer is listed.
 一方で、各受信機製造事業者により製造された受信機では、製造元の受信機製造事業者と各受信機に関する情報をそれぞれ保持している。 On the other hand, the receiver manufactured by each receiver manufacturer holds information on the receiver manufacturer of the manufacturer and each receiver.
 例えば、受信機製造会社Aにより製造された受信装置20-A1では、製造元の受信機製造会社Aに関する情報(受信機製造事業者ID(rec_ma_id_A)、受信機製造事業者鍵(ma_key_A,key_id_A))と、各受信機に関する情報(受信機ID(dev_ID_A1)、受信機鍵(devkeyA1,key_ID_A1))を、セキュアメモリ224に保持している。 For example, in the receiver 20-A1 manufactured by the receiver manufacturer A, information on the receiver manufacturer A of the manufacturer (receiver manufacturer ID (rec_ma_id_A), receiver manufacturer key (ma_key_A, key_id_A)) And information regarding each receiver (receiver ID (dev_ID_A1), receiver key (devkeyA1, key_ID_A1)) is held in the secure memory 224.
 同様に、受信機製造会社Aにより製造された受信装置20-A2及び受信装置20-A3においても、製造元の受信機製造会社Aに関する情報と、各受信機に関する情報が、セキュアメモリ224に保持されている。 Similarly, in the receiving device 20-A2 and the receiving device 20-A3 manufactured by the receiver manufacturing company A, information about the receiver manufacturer A of the manufacturer and information about each receiver are held in the secure memory 224. ing.
 また、例えば、受信機製造会社Bにより製造された受信装置20-B1では、製造元の受信機製造会社Bに関する情報(受信機製造事業者ID(rec_ma_id_B)、受信機製造事業者鍵(ma_key_B,key_id_B))と、各受信機に関する情報(受信機ID(dev_ID_B1)、受信機鍵(devkeyB1,key_ID_B1))を、セキュアメモリ224に保持している。 Further, for example, in the receiver 20-B1 manufactured by the receiver manufacturer B, information on the receiver manufacturer B of the manufacturer (receiver manufacturer ID (rec_ma_id_B), receiver manufacturer key (ma_key_B, key_id_B) )) And information related to each receiver (receiver ID (dev_ID_B1), receiver key (devkeyB1, key_ID_B1)) are held in the secure memory 224.
 同様に、受信機製造会社Bにより製造された受信装置20-B2及び受信装置20-B3においても、製造元の受信機製造会社Bに関する情報と、各受信機に関する情報が、セキュアメモリ224に保持されている。 Similarly, in the receiving device 20-B2 and the receiving device 20-B3 manufactured by the receiver manufacturing company B, information about the receiver manufacturing company B of the manufacturer and information about each receiver are held in the secure memory 224. ing.
 以上のようにして、放送局の送信装置10と、各受信機製造会社により製造された受信装置20において、鍵が管理されているが、送信装置10では、受信機製造事業者鍵又は受信機鍵を暗号鍵として用いて認証鍵の暗号化を行う一方で、受信装置20では、受信機製造事業者鍵又は受信機鍵を復号鍵として用い、暗号化された認証鍵(暗号化認証鍵)を復号することになる。以下、受信機製造事業者鍵又は受信機鍵を用いた場合の認証鍵の暗号化と復号について説明する。 As described above, the key is managed in the transmitter 10 of the broadcasting station and the receiver 20 manufactured by each receiver manufacturer. In the transmitter 10, the receiver manufacturer key or the receiver is managed. While the authentication key is encrypted using the key as the encryption key, the receiving device 20 uses the receiver manufacturer key or the receiver key as the decryption key and encrypts the authentication key (encrypted authentication key). Will be decrypted. Hereinafter, encryption and decryption of the authentication key when the receiver manufacturer key or the receiver key is used will be described.
(受信機製造事業者鍵を用いた認証鍵の暗号と復号)
 まず、図9及び図10を参照して、受信機製造事業者鍵(manufacturer key)を用いた認証鍵の暗号処理と復号処理について説明する。 (Encryption and decryption of authentication key using receiver manufacturer key)
First, an encryption key decryption process and a decryption process using a receiver manufacturer key will be described with reference to FIGS.
 図9は、受信機製造事業者鍵を用いた認証鍵の暗号処理を模式的に表している。 FIG. 9 schematically shows the encryption processing of the authentication key using the receiver manufacturer key.
 図9に示すように、送信装置10では、暗号化部152によって、認証鍵の暗号処理が行われる。この暗号処理では、認証鍵が、受信機製造事業者鍵を用いて暗号化される。そして、送信装置10は、暗号鍵としての受信機製造事業者鍵により暗号化された認証鍵(暗号化認証鍵)を、方式1乃至方式3のいずれかの方式により、放送ストリームに含めて送信する。 As shown in FIG. 9, in the transmission device 10, the encryption unit 152 performs encryption processing of the authentication key. In this encryption process, the authentication key is encrypted using the receiver manufacturer key. Then, the transmission device 10 includes the authentication key (encrypted authentication key) encrypted with the receiver manufacturer key as the encryption key in the broadcast stream by any one of methods 1 to 3. To do.
 図10は、受信機製造事業者鍵により暗号化された認証鍵の復号処理を模式的に表している。 FIG. 10 schematically shows the decryption process of the authentication key encrypted with the receiver manufacturer key.
 図10に示すように、受信装置20では、復号部256によって、受信機製造事業者鍵により暗号化された認証鍵(暗号化認証鍵)の復号処理が行われる。この復号処理では、送信装置10からの放送ストリームに含まれる、受信機製造事業者鍵により暗号化された認証鍵(暗号化認証鍵)が、復号鍵としての受信機製造事業者鍵により復号される。これにより、受信装置20は、受信機製造事業者鍵により復号された認証鍵を取得することができる。 As shown in FIG. 10, in the receiving device 20, the decryption unit 256 performs a decryption process of the authentication key (encrypted authentication key) encrypted with the receiver manufacturer key. In this decryption process, the authentication key (encrypted authentication key) encrypted with the receiver manufacturer key included in the broadcast stream from the transmission device 10 is decrypted with the receiver manufacturer key as the decryption key. The Thereby, the receiving device 20 can acquire the authentication key decrypted with the receiver manufacturer key.
 以上のように、受信機製造事業者鍵を用いた認証鍵の暗号処理と復号処理では、認証鍵の暗号処理で用いられる受信機製造事業者鍵(暗号鍵)と、認証鍵の復号処理で用いられる受信機製造事業者鍵(復号鍵)とが、共有鍵としての関係(共通鍵暗号)を有しているため、受信装置20では、セキュアメモリ224に保管されている受信機製造事業者鍵(復号鍵)を用い、放送ストリームで伝送される認証鍵(暗号化認証鍵)を復号することができる。 As described above, in the authentication key encryption process and decryption process using the receiver manufacturer key, the receiver manufacturer key (encryption key) used in the authentication key encryption process and the authentication key decryption process are used. Since the receiver manufacturer key (decryption key) used has a relationship (common key encryption) as a shared key, the receiver 20 stores the receiver manufacturer stored in the secure memory 224. Using the key (decryption key), the authentication key (encrypted authentication key) transmitted in the broadcast stream can be decrypted.
(受信機鍵を用いた認証鍵の暗号と復号)
 次に、図11及び図12を参照して、受信機鍵(device key)を用いた認証鍵の暗号処理と復号処理について説明する。 (Encryption and decryption of authentication key using receiver key)
Next, an encryption key encryption process and a decryption process using a receiver key (device key) will be described with reference to FIGS.
 図11は、受信機鍵を用いた認証鍵の暗号処理を模式的に表している。 FIG. 11 schematically shows the encryption process of the authentication key using the receiver key.
 図11に示すように、送信装置10では、暗号化部152によって、認証鍵の暗号処理が行われる。この暗号処理では、認証鍵が、受信機鍵を用いて暗号化される。そして、送信装置10は、暗号鍵としての受信機鍵により暗号化された認証鍵(暗号化認証鍵)を、方式1乃至方式3のいずれかの方式により、放送ストリームに含めて送信する。 As shown in FIG. 11, in the transmission device 10, the encryption unit 152 performs encryption processing of the authentication key. In this encryption process, the authentication key is encrypted using the receiver key. Then, the transmission device 10 transmits the authentication key (encrypted authentication key) encrypted with the receiver key as the encryption key by including it in the broadcast stream by any one of methods 1 to 3.
 図12は、受信機鍵により暗号化された認証鍵の復号処理を模式的に表している。 FIG. 12 schematically shows the decryption process of the authentication key encrypted with the receiver key.
 図12に示すように、受信装置20では、復号部256によって、受信機鍵により暗号化された認証鍵(暗号化認証鍵)の復号処理が行われる。この復号処理では、送信装置10から送信された放送ストリームに含まれる、受信機鍵により暗号化された認証鍵(暗号化認証鍵)が、復号鍵としての受信機鍵により復号される。これにより、受信装置20は、受信機鍵により復号された認証鍵を取得することができる。 As shown in FIG. 12, in the receiving device 20, the decryption unit 256 performs a decryption process of the authentication key (encrypted authentication key) encrypted with the receiver key. In this decryption processing, an authentication key (encrypted authentication key) encrypted with the receiver key included in the broadcast stream transmitted from the transmission device 10 is decrypted with the receiver key as the decryption key. Thereby, the receiving device 20 can acquire the authentication key decrypted with the receiver key.
 以上のように、受信機鍵を用いた認証鍵の暗号処理と復号処理では、認証鍵の暗号処理で用いられる受信機鍵(暗号鍵)と、認証鍵の復号処理で用いられる受信機鍵(復号鍵)とが、共有鍵としての関係(共通鍵暗号)を有しているため、受信機鍵(復号鍵)を用い、放送ストリームで伝送される認証鍵(暗号化認証鍵)を復号することができる。 As described above, in the encryption processing and decryption processing of the authentication key using the receiver key, the receiver key (encryption key) used in the authentication key encryption processing and the receiver key used in the authentication key decryption processing ( Decryption key) has a relationship (common key encryption) as a shared key, so the receiver key (decryption key) is used to decrypt the authentication key (encrypted authentication key) transmitted in the broadcast stream be able to.
 なお、上述した例では、共有鍵として、受信機製造事業者鍵と受信機鍵を一例に説明したが、受信機製造事業者鍵と受信機鍵以外の他の共有鍵を用いるようにしてもよい。 In the above-described example, the receiver manufacturer key and the receiver key are described as examples of the shared key. However, a shared key other than the receiver manufacturer key and the receiver key may be used. Good.
(CDMのシンタックス)
 図13は、XML形式のCDM(Consumption Data Message)のシンタックスの例を示す図である。なお、図13において、要素と属性のうち、属性には「@」が付されている。また、インデントされた要素と属性は、その上位の要素に対して指定されたものとなる。 (CDM syntax)
FIG. 13 is a diagram illustrating an example of syntax of CDM (Consumption Data Message) in XML format. In FIG. 13, among the elements and attributes, “@” is added to the attribute. Further, the indented element and attribute are specified for the upper element.
 図13において、ルート要素としてのCDM要素は、protocolVersion属性、AVChannel要素、及び、NRTService要素の上位要素となる。protocolVersion属性には、CDMのプロトコルバージョンが指定される。 In FIG. 13, the CDM element as the root element is an upper element of the protocolVersion attribute, the AVChannel element, and the NRTService element. The protocolVersion attribute specifies the CDM protocol version.
 AVChannel要素には、配信されたコンテンツのチャンネル(サービス)ごとの視聴履歴に関する情報が指定される。AVChannel要素は、channelNum属性、serviceType属性、及び、ViewInterval要素の上位要素となる。channelNum属性には、チャンネル番号(サービスID)が指定される。serviceType属性には、例えば通常の放送や音声のみの放送などのサービスのタイプが指定される。 In the AVChannel element, information related to the viewing history for each channel (service) of the distributed content is specified. The AVChannel element is an upper element of the channelNum attribute, serviceType attribute, and ViewInterval element. In the channelNum attribute, a channel number (service ID) is specified. In the serviceType attribute, for example, the type of service such as normal broadcast or audio-only broadcast is specified.
 ViewInterval要素は、startTime属性、endTime属性、usageType属性、timeShift属性、viewStartTime属性、viewEndTime属性、及び、DOInterval要素の上位要素となる。また、DOInterval要素は、doId属性、startTime属性、及び、endTime属性の上位要素となる。ViewInterval要素では、これらの要素や属性により、チャンネル(サービス)ごとの視聴履歴に関する情報が指定される。 The ViewInterval element is an upper element of the startTime attribute, endTime attribute, usageType attribute, timeShift attribute, viewStartTime attribute, viewEndTime attribute, and DOInterval element. Also, the DOInterval element is a higher element of the doId attribute, startTime attribute, and endTime attribute. In the ViewInterval element, information regarding the viewing history for each channel (service) is specified by these elements and attributes.
 NRTService要素には、NRTサービスについての視聴履歴に関する情報が指定される。NRTService要素は、serviceID属性、及び、NRTInterval要素の上位要素となる。serviceID属性には、サービスIDが指定される。 In the NRTService element, information related to the viewing history of the NRT service is specified. The NRTService element is an upper element of the serviceID attribute and the NRTInterval element. A service ID is specified in the serviceID attribute.
 NRTInterval要素は、startTime属性、endTime属性、及び、NRTItem要素の上位要素となる。また、NRTItem要素は、contentItemId属性、startTime属性、及び、endTime属性の上位要素となる。NRTInterval要素では、これらの要素や属性により、NRTサービスごとに、視聴履歴に関する情報が指定される。 The NRTInterval element is an upper element of the startTime attribute, endTime attribute, and NRTItem element. The NRTItem element is a higher element of the contentItemId attribute, startTime attribute, and endTime attribute. In the NRTInterval element, information related to viewing history is specified for each NRT service by these elements and attributes.
<3.具体的な運用例> <3. Specific operation example>
 次に、方式1乃至方式3によって、認証鍵を配信する具体的な運用例について説明する。 Next, a specific operation example in which the authentication key is distributed by the method 1 to the method 3 will be described.
(1)方式1:シグナリングを利用した認証鍵の伝送 (1) Method 1: Authentication key transmission using signaling
(方式1の概要)
 図14は、シグナリングを利用した認証鍵の伝送を行う場合における、送信装置10による認証鍵の配信と、受信装置20によるメッセージ認証符号(HMAC)の算出と、受信装置20と視聴履歴サーバ30による視聴履歴情報(CDM)の送受信の流れを説明する図である。 (Overview of Method 1)
FIG. 14 shows the distribution of the authentication key by the transmission device 10, the calculation of the message authentication code (HMAC) by the reception device 20, and the reception device 20 and the viewing history server 30 when the authentication key is transmitted using signaling. It is a figure explaining the flow of transmission / reception of viewing history information (CDM).
 なお、図14の受信装置20において、フィルタ255は、図4のフィルタ部255に相当し、HMAC算出部258は、図4のメッセージ認証符号算出部258に相当する。 14, the filter 255 corresponds to the filter unit 255 in FIG. 4, and the HMAC calculation unit 258 corresponds to the message authentication code calculation unit 258 in FIG. 4.
 図14において、放送局の送信装置10は、ビデオやオーディオ(のコンポーネント)のストリームと、シグナリング情報を含む放送ストリームを、デジタル放送信号として送信している。受信装置20は、送信装置10から送信設備40(図1)などを介して送信されてくるデジタル放送信号を受信する。 In FIG. 14, a transmitting apparatus 10 of a broadcasting station transmits a video or audio (component) stream and a broadcast stream including signaling information as a digital broadcast signal. The receiving device 20 receives a digital broadcast signal transmitted from the transmitting device 10 via the transmission facility 40 (FIG. 1) or the like.
 受信装置20において、受信部214は、デジタル放送信号に対して復調処理を行い、復調処理で得られるシグナリング情報を制御部211(図3)に供給する。制御部211は、シグナリング情報を解析し、その解析結果に応じて、受信部214からのビデオやオーディオ(のコンポーネント)のストリームを処理するレンダラ225を制御する。 In the receiving device 20, the receiving unit 214 performs demodulation processing on the digital broadcast signal, and supplies signaling information obtained by the demodulation processing to the control unit 211 (FIG. 3). The control unit 211 analyzes the signaling information, and controls a renderer 225 that processes a video or audio (component) stream from the reception unit 214 according to the analysis result.
 レンダラ225は、制御部211からの制御に従い、ビデオやオーディオ(のコンポーネント)のストリームに対するレンダリング処理を行うことで、選局操作に応じたコンテンツ(例えばテレビ番組など)を再生する。これにより、コンテンツの視聴に応じた視聴履歴情報(CDM)が記録部212(図3)に記録されることなる。 The renderer 225 reproduces content (for example, a television program) according to the channel selection operation by performing rendering processing on a video or audio (component) stream in accordance with control from the control unit 211. Thereby, viewing history information (CDM) corresponding to the viewing of the content is recorded in the recording unit 212 (FIG. 3).
 ここで、方式1を採用した場合、放送ストリームに、認証鍵を含むシグナリング情報(以下、認証鍵シグナリング情報という)が含まれているので、受信装置20では、フィルタ255が、例えば、認証鍵シグナリング情報を格納したパケットに対して、受信機製造事業者IDを用いたフィルタリング処理を行うことで、受信装置20の製造事業者に対応した認証鍵(暗号化認証鍵)のみを抽出することができる。 Here, when the scheme 1 is adopted, since the broadcast stream includes signaling information including an authentication key (hereinafter referred to as authentication key signaling information), the receiving device 20 includes a filter 255 that performs, for example, authentication key signaling. By performing a filtering process using the receiver manufacturer ID on the packet storing the information, only the authentication key (encrypted authentication key) corresponding to the manufacturer of the receiving device 20 can be extracted. .
 図14の例では、フィルタ255によるフィルタリング処理で得られた認証鍵(暗号化認証鍵)は、受信機製造事業者鍵(暗号鍵)で暗号化されている。復号部256は、セキュアメモリ224に保持されている受信機製造事業者鍵(復号鍵)を読み出して、フィルタリング処理で得られた認証鍵(暗号化認証鍵)を復号する。これにより、受信機製造事業者鍵(復号鍵)により復号された認証鍵が取得され、HMAC算出部258に供給される。 In the example of FIG. 14, the authentication key (encrypted authentication key) obtained by the filtering process by the filter 255 is encrypted with the receiver manufacturer key (encryption key). The decryption unit 256 reads the receiver manufacturer key (decryption key) held in the secure memory 224 and decrypts the authentication key (encrypted authentication key) obtained by the filtering process. As a result, the authentication key decrypted with the receiver manufacturer key (decryption key) is acquired and supplied to the HMAC calculation unit 258.
 HMAC算出部258には、復号部256により復号された認証鍵のほか、記録部212から読み出された視聴履歴情報(CDM)が供給される。HMAC算出部258は、認証鍵、及び、視聴履歴情報(CDM)に基づいて、メッセージ認証符号(HMAC)を算出する。 In addition to the authentication key decrypted by the decryption unit 256, the viewing history information (CDM) read from the recording unit 212 is supplied to the HMAC calculation unit 258. The HMAC calculation unit 258 calculates a message authentication code (HMAC) based on the authentication key and viewing history information (CDM).
 このようにして算出されたメッセージ認証符号(HMAC)は、視聴履歴情報(CDM)に添付され、通信部223に供給される。通信部223は、あらかじめ取得されている視聴履歴サーバURLに従い、メッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)を、通信回線60を介して視聴履歴サーバ30に宛てに送信する。 The message authentication code (HMAC) calculated in this way is attached to the viewing history information (CDM) and supplied to the communication unit 223. The communication unit 223 transmits the viewing history information (CDM) attached with the message authentication code (HMAC) to the viewing history server 30 via the communication line 60 in accordance with the viewing history server URL acquired in advance.
 視聴履歴サーバ30は、通信回線60を介して受信装置20から送信されてくる、メッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)を受信する。そして、視聴履歴サーバ30は、受信装置20から受信したメッセージ認証符号(HMAC)と、自身が算出したメッセージ認証符号(HMAC')とを比較し、その比較結果が一致するかどうかを判定することで、受信したメッセージ認証符号(HMAC)の検証を行う。 The viewing history server 30 receives viewing history information (CDM) attached with a message authentication code (HMAC) transmitted from the receiving device 20 via the communication line 60. Then, the viewing history server 30 compares the message authentication code (HMAC) received from the receiving device 20 with the message authentication code (HMAC ′) calculated by itself, and determines whether or not the comparison result matches. Then, the received message authentication code (HMAC) is verified.
 ここでは、メッセージ認証符号(HMAC,HMAC')の比較結果が一致する場合、受信したメッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)は、対象の受信機製造会社の受信装置20が記録して送信したものであって、正当であるので、視聴履歴サーバ30は、当該視聴履歴情報(CDM)を処理する。一方で、メッセージ認証符号(HMAC,HMAC')の比較結果が不一致となる場合、受信したメッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)は、対象の受信機製造会社の受信装置20が記録して送信したものではなく、正当ではないので、視聴履歴サーバ30は、当該視聴履歴情報(CDM)を処理しない(例えば、破棄する)。 Here, when the comparison result of the message authentication code (HMAC, HMAC ′) matches, the received viewing history information (CDM) attached with the message authentication code (HMAC) is received by the receiving device 20 of the target receiver manufacturer. Is recorded and transmitted and is valid, so the viewing history server 30 processes the viewing history information (CDM). On the other hand, if the comparison result of the message authentication code (HMAC, HMAC ') does not match, the received viewing history information (CDM) attached with the message authentication code (HMAC) is the receiving device of the target receiver manufacturer The viewing history server 30 does not process (for example, discard) the viewing history information (CDM) because it is not recorded and transmitted by 20 and is not valid.
(認証鍵の伝送方法)
 方式1では、シグナリングを利用して認証鍵の伝送を行うが、ここでは、その伝送方法の一例として、ペイロードパケットによるカプセル化により認証鍵を伝送する方法と、シグナリングのメタデータを用いて認証鍵を伝送する方法について説明する。 (Authentication key transmission method)
In method 1, the authentication key is transmitted using signaling. Here, as an example of the transmission method, an authentication key is transmitted by encapsulation using a payload packet, and an authentication key is used using signaling metadata. A method for transmitting the data will be described.
 図15は、ペイロードパケットによるカプセル化による認証鍵の伝送方法を説明する図である。 FIG. 15 is a diagram for explaining an authentication key transmission method by encapsulation using payload packets.
 図15において、IP/UDPパケットに格納されるROUTEパケットには、そのヘッダとして、物理層に関するヘッダ(PHY_H)、IPヘッダ(IP_H)、UDPヘッダ(UDP_H)、及び、ROUTEヘッダ(ROUTE_H)が付加されている。また、ROUTEパケットのペイロードには、ペイロードヘッダとペイロードからなるペイロードパケットがカプセル化されている。 In FIG. 15, the ROUTE packet stored in the IP / UDP packet is appended with a header (PHY_H), IP header (IP_H), UDP header (UDP_H), and ROUTE header (ROUTE_H) related to the physical layer as the header. Has been. The payload packet of ROUTE packet encapsulates a payload packet including a payload header and a payload.
 ここでは、図15のAには、暗号鍵として受信機製造事業者鍵を用いて暗号化された認証鍵を格納したペイロードパケットを図示し、図15のBには、暗号鍵として受信機鍵を用いて暗号化された認証鍵を格納したペイロードパケットを図示している。 Here, A in FIG. 15 illustrates a payload packet that stores an authentication key encrypted using a receiver manufacturer key as an encryption key, and FIG. 15B illustrates a receiver key as an encryption key. The payload packet which stored the authentication key encrypted using is illustrated.
 図15のAのペイロードパケットにおいては、そのペイロードヘッダとして、認証鍵の宛先を示す受信機製造事業者IDとバージョン情報が付加されている。また、図15のAのペイロードパケットのペイロードには、受信機製造事業者鍵(暗号鍵)を用いて暗号化された認証鍵(暗号化認証鍵)が格納されている。 In the payload packet of A in FIG. 15, a receiver manufacturer ID indicating the destination of the authentication key and version information are added as the payload header. Further, the payload of the payload packet A in FIG. 15 stores an authentication key (encrypted authentication key) encrypted using a receiver manufacturer key (encryption key).
 一方で、図15のBのペイロードパケットにおいては、そのペイロードヘッダとして、認証鍵の宛先を示す受信機IDとバージョン情報が付加されている。また、図15のBのペイロードパケットのペイロードには、受信機鍵(暗号鍵)を用いて暗号化された認証鍵(暗号化認証鍵)が格納されている。 On the other hand, in the payload packet shown in FIG. 15B, the receiver ID indicating the destination of the authentication key and the version information are added as the payload header. In addition, an authentication key (encrypted authentication key) encrypted using a receiver key (encryption key) is stored in the payload of the payload packet of B in FIG.
 図16は、シグナリングのメタデータを用いた認証鍵の伝送方法を説明する図である。 FIG. 16 is a diagram for explaining an authentication key transmission method using signaling metadata.
 図16において、IP/UDPパケットに格納されるROUTEパケットには、そのヘッダとして、物理層に関するヘッダ(PHY_H)、IPヘッダ(IP_H)、UDPヘッダ(UDP_H)、及び、ROUTEヘッダ(ROUTE_H)が付加されている。また、ROUTEパケットのペイロードでは、暗号化された認証鍵(暗号化認証鍵)とその暗号化情報が、メタデータエンベロープ(metadata envelope)により包含されている。 In FIG. 16, the ROUTE packet stored in the IP / UDP packet is appended with a header (PHY_H), IP header (IP_H), UDP header (UDP_H), and ROUTE header (ROUTE_H) related to the physical layer. Has been. In the ROUTE packet payload, an encrypted authentication key (encrypted authentication key) and its encryption information are included in a metadata envelope.
 なお、図16の例では、認証鍵は、受信機製造事業者鍵(暗号鍵)を用いて暗号化されているが、受信機鍵など他の暗号鍵を用いて暗号化されるようにしてもよい。また、メタデータエンベロープ(metadata envelope)は、3GPP(3rd Generation Partnership Project)により規格化されている。 In the example of FIG. 16, the authentication key is encrypted using a receiver manufacturer key (encryption key). However, the authentication key is encrypted using another encryption key such as a receiver key. Also good. Also, the metadata envelope is standardized by 3GPP (3rd Generation Partnership Project).
(メタデータエンベロープのシンタックス)
 図17は、XML形式のメタデータエンベロープ(metadata envelope)のシンタックスの例を示す図である。なお、図17において、要素と属性のうち、属性には「@」が付されている。また、インデントされた要素と属性は、その上位の要素に対して指定されたものとなる。 (Metadata envelope syntax)
FIG. 17 is a diagram illustrating an example of a syntax of an XML format metadata envelope. In FIG. 17, “@” is added to the attribute among the elements and attributes. Further, the indented element and attribute are specified for the upper element.
 図17において、メタデータエンベロープは、metadataURI属性、version属性、validFrom属性、validUntil属性、contentType属性、encryption要素、及び、authenticationKey要素を含む。 17, the metadata envelope includes a metadataURI attribute, a version attribute, a validFrom attribute, a validUntil attribute, a contentType attribute, an encryption element, and an authenticationKey element.
 metadataURI属性には、メタデータを識別するURIが指定される。version属性には、メタデータのバージョン情報が指定される。validFrom属性には、メタデータの有効開始時刻が指定される。validUntil属性には、メタデータの有効終了時刻が指定される。contentType属性には、メタデータのMIMEタイプが指定される。 The URI for identifying metadata is specified in the metadataURI attribute. In the version attribute, metadata version information is specified. The validFrom attribute specifies the valid start time of metadata. In the validUntil attribute, the valid end time of the metadata is specified. In the contentType attribute, the MIME type of metadata is specified.
 encryption要素には、認証鍵の暗号化に関する情報(暗号化情報)が指定される。encryption要素は、keyType属性、keyID属性、keyVersion属性、algorithm属性、及び、encParameter属性の上位要素となる。 Information related to encryption of the authentication key (encryption information) is specified in the encryption element. The encryption element is an upper element of the keyType attribute, keyID attribute, keyVersion attribute, algorithm attribute, and encParameter attribute.
 keyType属性には、暗号鍵の種類を示す情報が指定される。keyID属性には、暗号鍵を識別するIDが指定される。keyVersion属性には、暗号鍵のバージョン情報が指定される。algorithm属性には、暗号化のアルゴリズムに関する情報が指定される。encParameter属性には、暗号化パラメータが指定される。 Information indicating the type of encryption key is specified in the keyType attribute. In the keyID attribute, an ID for identifying the encryption key is specified. In the keyVersion attribute, version information of the encryption key is specified. Information related to the encryption algorithm is specified in the algorithm attribute. An encryption parameter is specified in the encParameter attribute.
 authenticationKey要素には、認証鍵が指定される。この認証鍵は、暗号鍵により暗号化されているので、復号鍵を用いて復号することができる。authenticationKey要素は、version属性の上位要素となる。version属性には、認証鍵のバージョン情報が指定される。 Authentication key is specified in the authenticationKey element. Since this authentication key is encrypted with the encryption key, it can be decrypted using the decryption key. The authenticationKey element is an upper element of the version attribute. In the version attribute, version information of the authentication key is specified.
 次に、図18乃至図26のフローチャートを参照して、方式1を採用した場合に、図1の伝送システム1を構成する各装置で実行される処理の内容について説明する。 Next, the contents of processing executed by each device constituting the transmission system 1 of FIG. 1 when the method 1 is adopted will be described with reference to the flowcharts of FIGS.
(送信処理)
 まず、図18のフローチャートを参照して、図1の送信装置10により実行される送信処理の流れについて説明する。 (Transmission process)
First, the flow of transmission processing executed by the transmission device 10 of FIG. 1 will be described with reference to the flowchart of FIG.
 ステップS101においては、コンポーネント・シグナリング処理が行われる。 In step S101, component signaling processing is performed.
 このコンポーネント・シグナリング処理では、ビデオ処理部113等で処理されるビデオストリーム(ビデオビットストリーム)、オーディオ処理部115等で処理されるオーディオストリーム(オーディオビットストリーム)、字幕処理部117等で処理される字幕ストリーム、及び、シグナリング処理部119等で処理されるシグナリング情報に対する各種の処理が行われ、各コンポーネントのストリームとシグナリング情報が、デジタル放送信号として送信可能な状態とされる。 In this component signaling process, a video stream (video bit stream) processed by the video processing unit 113 or the like, an audio stream (audio bit stream) processed by the audio processing unit 115 or the like, and a subtitle processing unit 117 or the like is processed. Various processes are performed on the subtitle stream and the signaling information processed by the signaling processing unit 119 and the like, and the stream of each component and the signaling information are in a state in which they can be transmitted as a digital broadcast signal.
 ステップS102においては、送信部121により送信処理が行われる。この送信処理では、ステップS101の処理で処理された各コンポーネントのストリームとシグナリング情報が、デジタル放送信号として、アンテナ131を介して送信される。ステップS102の処理が終了すると、図18の送信処理は終了される。 In step S102, the transmission unit 121 performs transmission processing. In this transmission process, the stream and signaling information of each component processed in the process of step S101 are transmitted via the antenna 131 as a digital broadcast signal. When the process of step S102 ends, the transmission process of FIG. 18 ends.
 以上、送信処理の流れについて説明した。 The flow of transmission processing has been described above.
(認証鍵配信処理)
 次に、図19のフローチャートを参照して、シグナリングを利用した場合における認証鍵配信処理の流れについて説明する。なお、この認証鍵配信処理は、図1の送信装置10により、図18のステップS101の処理と並行して実行される処理とされる。 (Authentication key distribution process)
Next, a flow of authentication key distribution processing when signaling is used will be described with reference to the flowchart of FIG. This authentication key distribution process is a process executed in parallel with the process of step S101 of FIG. 18 by the transmission apparatus 10 of FIG.
 ステップS111において、制御部111は、認証鍵を配信するタイミングであるかどうかを判定する。 In step S111, the control unit 111 determines whether it is time to distribute the authentication key.
 ステップS111において、認証鍵を配信するタイミングではないと判定された場合、ステップS111の判定処理が繰り返される。一方、ステップS111において、認証鍵を配信するタイミングであると判定された場合、処理は、ステップS112に進められる。 If it is determined in step S111 that it is not the timing to distribute the authentication key, the determination process in step S111 is repeated. On the other hand, if it is determined in step S111 that it is time to distribute the authentication key, the process proceeds to step S112.
 ステップS112において、認証鍵生成部151は、受信装置20と視聴履歴サーバ30に提供するための認証鍵を生成する。 In step S112, the authentication key generation unit 151 generates an authentication key to be provided to the receiving device 20 and the viewing history server 30.
 ステップS113において、暗号化部152は、例えば、受信機製造事業者鍵又は受信機鍵等の暗号鍵を用い、ステップS112の処理で生成された認証鍵を暗号化する。ステップS113の処理で得られる認証鍵(暗号化認証鍵)は、方式1を採用した場合には、シグナリング生成部118に供給される。 In step S113, the encryption unit 152 encrypts the authentication key generated in the process of step S112 using, for example, an encryption key such as a receiver manufacturer key or a receiver key. The authentication key (encrypted authentication key) obtained by the processing in step S113 is supplied to the signaling generation unit 118 when the method 1 is adopted.
 ステップS114において、シグナリング生成部118は、ステップS113の処理で暗号化された認証鍵(暗号化認証鍵)に基づいて、認証鍵(暗号化認証鍵)を、シグナリング情報に追加することで、認証鍵シグナリング情報を生成する。 In step S114, the signaling generation unit 118 adds an authentication key (encrypted authentication key) to the signaling information based on the authentication key (encrypted authentication key) encrypted in the process of step S113, thereby authenticating. Generate key signaling information.
 以上、認証鍵配信処理の流れについて説明した。この認証鍵配信処理では、認証鍵(暗号化認証鍵)を含む認証鍵シグナリング情報が生成され(図19のS114)、デジタル放送信号に含めて送信されることになる(図18のS102)。なお、ステップS112の処理で生成された認証鍵は、視聴履歴サーバ30にも提供されることになる。 The flow of authentication key distribution processing has been described above. In this authentication key distribution process, authentication key signaling information including an authentication key (encrypted authentication key) is generated (S114 in FIG. 19) and transmitted by being included in the digital broadcast signal (S102 in FIG. 18). Note that the authentication key generated in the process of step S112 is also provided to the viewing history server 30.
(受信処理)
 次に、図20のフローチャートを参照して、図1の受信装置20により実行される受信処理の流れについて説明する。なお、図20の受信処理は、例えばユーザによりサービスの選局操作が行われ、サービス選局イベントが発生した場合に実行される。 (Reception processing)
Next, the flow of reception processing executed by the reception device 20 of FIG. 1 will be described with reference to the flowchart of FIG. Note that the reception process in FIG. 20 is executed when, for example, a service channel selection operation is performed by a user and a service channel selection event occurs.
 ステップS201においては、放送制御部251等によって、選局処理が行われる。この選局処理では、選局されたサービスに対応するサービスID(チャンネル番号)が取得され、当該サービスIDに対応する選局情報が取得済みであるかどうかが判定される。 In step S201, channel selection processing is performed by the broadcast control unit 251 or the like. In this channel selection process, a service ID (channel number) corresponding to the selected service is acquired, and it is determined whether channel selection information corresponding to the service ID has been acquired.
 ここでは、初期スキャン処理などにより選局情報が取得済みであれば、その選局情報が取得される一方で、選局情報が未取得であれば、放送ストリームに含まれるIP/UDPパケットが監視され、IP/UDPパケットに含まれるSLT(に含まれる選局情報)が取得される。そして、このようにして取得される選局情報を用いた選局処理が行われる。 Here, if channel selection information has already been acquired by the initial scan process or the like, the channel selection information is acquired, while if channel selection information has not been acquired, IP / UDP packets included in the broadcast stream are monitored. Then, SLT (channel selection information included) included in the IP / UDP packet is acquired. And the channel selection process using the channel selection information acquired in this way is performed.
 ステップS202においては、放送ストリーム受信処理が行われる。この放送ストリーム受信処理では、ステップS201の選局処理に応じて放送ストリームが受信され、サービスの選局操作に応じたコンテンツ(例えばテレビ番組)が再生される。なお、放送ストリーム受信処理の詳細な内容については、図21のフローチャートを参照して後述する。 In step S202, broadcast stream reception processing is performed. In this broadcast stream reception process, a broadcast stream is received in accordance with the channel selection process in step S201, and content (for example, a television program) corresponding to the service channel selection operation is reproduced. Details of the broadcast stream reception process will be described later with reference to the flowchart of FIG.
 ステップS203においては、放送ストリームの受信を終了するかどうかが判定される。ステップS203において、放送ストリームの受信を継続すると判定された場合、処理は、ステップS202に戻り、それ以降の処理が繰り返される。この場合、コンテンツの再生が継続される。 In step S203, it is determined whether or not to end the reception of the broadcast stream. If it is determined in step S203 that reception of the broadcast stream is to be continued, the processing returns to step S202, and the subsequent processing is repeated. In this case, the content reproduction is continued.
 また、例えば、ユーザによるコンテンツの視聴が終了して、ステップS203において、放送ストリームの受信を終了すると判定された場合、図20の受信処理は終了される。 Further, for example, when the viewing of the content by the user is finished and it is determined in step S203 that the reception of the broadcast stream is finished, the reception process of FIG. 20 is finished.
 以上、受信処理の流れについて説明した。 The flow of reception processing has been described above.
(放送ストリーム受信処理)
 次に、図21のフローチャートを参照して、図20のステップS202の処理に対応する放送ストリーム受信処理の詳細な内容について説明する。 (Broadcast stream reception processing)
Next, detailed contents of the broadcast stream reception process corresponding to the process of step S202 of FIG. 20 will be described with reference to the flowchart of FIG.
 ステップS211において、受信部214は、制御部211からの制御に従い、復調処理を行い、物理層のL1フレームからL2パケットを抽出(取得)して、当該L2パケットのペイロードにカプセル化されているIP/UDPパケットを抽出(取得)する。 In step S211, the receiving unit 214 performs demodulation processing according to control from the control unit 211, extracts (acquires) the L2 packet from the L1 frame of the physical layer, and encapsulates the IP encapsulated in the payload of the L2 packet. Extract (acquire) / UDP packets.
 ステップS212において、制御部211は、ステップS211の処理で取得されたIP/UDPパケットのタイプ(ストリームタイプ)が、ビデオ、オーディオ、及び字幕のコンポーネントであるのか、NRTコンテンツであるのか、又は、シグナリングであるのかどうかを判定する。 In step S212, the control unit 211 determines whether the IP / UDP packet type (stream type) acquired in the process of step S211 is a video, audio, and subtitle component, NRT content, or signaling. It is determined whether or not.
 ステップS212において、ストリームタイプが、ビデオ、オーディオ、及び字幕のコンポーネントであると判定された場合、処理は、ステップS213に進められる。ステップS213においては、ビデオ、オーディオ、及び字幕のコンポーネントのレンダリング処理が行われる。このレンダリング処理により、選局操作に応じたコンテンツが再生される。 If it is determined in step S212 that the stream type is a video, audio, or subtitle component, the process proceeds to step S213. In step S213, video, audio, and subtitle component rendering processing is performed. By this rendering process, the content corresponding to the channel selection operation is reproduced.
 また、ステップS212において、ストリームタイプが、NRTコンテンツであると判定された場合、処理は、ステップS214に進められる。ステップS214においては、NRTコンテンツの受信・蓄積処理が行われる。この受信・蓄積処理では、放送ストリームで伝送されるNRTコンテンツが受信され、記録部212に記録(蓄積)される。 If it is determined in step S212 that the stream type is NRT content, the process proceeds to step S214. In step S214, NRT content reception / storage processing is performed. In this reception / accumulation process, NRT content transmitted as a broadcast stream is received and recorded (accumulated) in the recording unit 212.
 さらに、ステップS212において、ストリームタイプが、シグナリングであると判定された場合、処理は、ステップS215に進められる。ステップS215において、制御部211は、ステップS211の処理で取得されたIP/UDPパケット(のROUTEパケット)に含まれるシグナリングが、認証鍵シグナリング情報であるかどうかを判定する。 Furthermore, when it is determined in step S212 that the stream type is signaling, the process proceeds to step S215. In step S215, the control unit 211 determines whether or not the signaling included in the IP / UDP packet (the ROUTE packet) acquired in the process of step S211 is authentication key signaling information.
 ステップS215において、IP/UDPパケットに含まれるシグナリングが、認証鍵シグナリング情報であると判定された場合、処理は、ステップS216に進められる。ステップS216において、フィルタ部255は、認証鍵シグナリング情報に含まれる認証鍵(暗号化認証鍵)が、自機宛ての認証鍵であるかどうかを判定する。ここでは、例えば、認証鍵(暗号化認証鍵)が格納されるペイロードに付加されたペイロードヘッダの認証鍵の宛先を示すID(例えば、受信機製造事業者IDや受信機ID)が、セキュアメモリ224に保管されている情報と一致するかによって、自機宛ての認証鍵であるかどうかを判定することができる。 If it is determined in step S215 that the signaling included in the IP / UDP packet is authentication key signaling information, the process proceeds to step S216. In step S216, the filter unit 255 determines whether the authentication key (encrypted authentication key) included in the authentication key signaling information is an authentication key addressed to the own device. Here, for example, an ID (for example, receiver manufacturer ID or receiver ID) indicating the destination of the authentication key in the payload header added to the payload in which the authentication key (encrypted authentication key) is stored is the secure memory. Whether the authentication key is destined for the own device can be determined based on whether the information matches the information stored in H.224.
 ステップS216において、認証鍵シグナリング情報に含まれる認証鍵(暗号化認証鍵)が、自機宛ての認証鍵であると判定された場合、処理は、ステップS217に進められる。ステップS217において、認証鍵取得部257は、自機宛ての認証鍵(暗号化認証鍵)が更新されているかどうかを判定する。ここでは、例えば、認証鍵(暗号化認証鍵)が格納されるペイロードに付加されたペイロードヘッダのバージョン情報を確認することで、自機宛ての認証鍵(暗号化認証鍵)が更新されているかどうかを判定することができる。 If it is determined in step S216 that the authentication key (encrypted authentication key) included in the authentication key signaling information is an authentication key addressed to the own device, the process proceeds to step S217. In step S217, the authentication key acquisition unit 257 determines whether the authentication key (encrypted authentication key) addressed to itself is updated. Here, for example, whether the authentication key (encrypted authentication key) addressed to the device has been updated by checking the version information of the payload header added to the payload storing the authentication key (encrypted authentication key) Whether it can be determined.
 ステップS217において、自機宛ての認証鍵が更新されていると判定された場合、処理は、ステップS218に進められる。ステップS218において、復号部256は、セキュアメモリ224から読み出された復号鍵を用いて、自機宛ての更新されている認証鍵(暗号化認証鍵)を復号する。 If it is determined in step S217 that the authentication key addressed to the own device has been updated, the process proceeds to step S218. In step S218, the decryption unit 256 decrypts the updated authentication key (encrypted authentication key) addressed to itself using the decryption key read from the secure memory 224.
 ステップS219において、認証鍵取得部257は、ステップS218の処理で復号された認証鍵を取得する。また、ステップS220において、認証鍵取得部257は、ステップS219の処理で取得された認証鍵を、記録部212に記録する。これにより、受信装置20では、送信装置10から、方式1によりシグナリングを利用して伝送されてきた認証鍵が取得され、記録(保持)されたことになる。 In step S219, the authentication key acquisition unit 257 acquires the authentication key decrypted in the process of step S218. In step S220, the authentication key acquisition unit 257 records the authentication key acquired in step S219 in the recording unit 212. As a result, the receiving device 20 acquires and records (holds) the authentication key transmitted from the transmitting device 10 using the signaling by the method 1.
 なお、ステップS215において、IP/UDPパケット(のROUTEパケット)に含まれるシグナリングが、認証鍵シグナリング情報ではないと判定された場合、処理は、ステップS221に進められる。ステップS221において、制御部211は、IP/UDPパケットに含まれる、認証鍵シグナリング情報以外の他のシグナリング(例えばLLSやSLSシグナリング情報)に応じた処理を行う。 If it is determined in step S215 that the signaling included in the IP / UDP packet (the ROUTE packet) is not authentication key signaling information, the process proceeds to step S221. In step S221, the control unit 211 performs processing according to signaling other than the authentication key signaling information (for example, LLS and SLS signaling information) included in the IP / UDP packet.
 ステップS213,S214,S220,又はS221の処理が終了すると、処理は、図20のステップS202に戻り、それ以降の処理が実行される。また、ステップS216において、認証鍵シグナリング情報に含まれる認証鍵が、自機宛ての認証鍵ではないと判定された場合、あるいは、ステップS217において、自機宛ての認証鍵が更新されていないと判定された場合、認証鍵(暗号化認証鍵)の復号と記録処理を行う必要はないため、ステップS218乃至S220の処理はスキップされ、処理は、図20のステップS202に戻される。 When the process of step S213, S214, S220, or S221 is completed, the process returns to step S202 of FIG. 20, and the subsequent processes are executed. If it is determined in step S216 that the authentication key included in the authentication key signaling information is not an authentication key addressed to the own device, or in step S217, it is determined that the authentication key addressed to the own device has not been updated. In this case, since it is not necessary to decrypt and record the authentication key (encrypted authentication key), the processing of steps S218 to S220 is skipped, and the processing returns to step S202 of FIG.
 以上、放送ストリーム受信処理の流れについて説明した。 The flow of broadcast stream reception processing has been described above.
(視聴履歴情報記録処理)
 次に、図22のフローチャートを参照して、図1の受信装置20により実行される視聴履歴情報記録処理の流れについて説明する。 (Viewing history information recording process)
Next, the flow of the viewing history information recording process executed by the receiving device 20 of FIG. 1 will be described with reference to the flowchart of FIG.
 ステップS221において、視聴履歴情報管理部253は、視聴履歴情報(CDM)を記録するタイミングであるかどうかを判定する。 In step S221, the viewing history information management unit 253 determines whether it is time to record viewing history information (CDM).
 ステップS221において、視聴履歴情報(CDM)を記録するタイミングではないと判定された場合、ステップS221の判定処理が繰り返される。一方、ステップS221において、視聴履歴情報(CDM)を記録するタイミングであると判定された場合、処理は、ステップS222に進められる。 If it is determined in step S221 that it is not time to record viewing history information (CDM), the determination process in step S221 is repeated. On the other hand, if it is determined in step S221 that it is time to record viewing history information (CDM), the process proceeds to step S222.
 ステップS222において、視聴履歴情報管理部253は、コンテンツの視聴履歴情報(CDM)を、記録部212に記録(蓄積)する。ステップS222の処理が終了すると、図22の視聴履歴情報記録処理は終了する。 In step S222, the viewing history information management unit 253 records (accumulates) content viewing history information (CDM) in the recording unit 212. When the process of step S222 ends, the viewing history information recording process of FIG. 22 ends.
 以上、視聴履歴情報記録処理の流れについて説明した。この視聴履歴情報記録処理では、所定のタイミングで、ユーザによるコンテンツ(例えばテレビ番組)の視聴に応じた視聴履歴情報(CDM)が記録されることで、記録部212には、例えば、サービス(チャンネル)ごとの視聴履歴情報(CDM)が順次蓄積されることになる。なお、視聴履歴情報(CDM)は、所定のタイミングに限らず、常に記録し続けるようにしてもよい。 So far, the flow of the viewing history information recording process has been described. In this viewing history information recording process, viewing history information (CDM) corresponding to viewing of content (for example, a television program) by a user is recorded at a predetermined timing, so that the recording unit 212 can receive, for example, a service (channel The viewing history information (CDM) is sequentially accumulated. Note that the viewing history information (CDM) is not limited to a predetermined timing and may be continuously recorded.
(視聴履歴サーバURL取得処理)
 次に、図23のフローチャートを参照して、図1の受信装置20により実行される視聴履歴サーバURL取得処理の流れについて説明する。 (Viewing history server URL acquisition processing)
Next, the flow of the viewing history server URL acquisition process executed by the receiving device 20 of FIG. 1 will be described with reference to the flowchart of FIG.
 ステップS231において、視聴履歴サーバURL取得部254は、放送ストリームに含まれる視聴履歴サーバURLを受信したかどうかを判定する。 In step S231, the viewing history server URL acquisition unit 254 determines whether or not the viewing history server URL included in the broadcast stream has been received.
 ステップS231において、放送ストリームに視聴履歴サーバURLが含まれておらず、視聴履歴サーバURLを受信していないと判定された場合、ステップS231の判定処理が繰り返される。一方、ステップS231において、放送ストリームに視聴履歴サーバURLが含まれており、視聴履歴サーバURLを受信したと判定された場合、処理は、ステップS232に進められる。 In step S231, when it is determined that the viewing history server URL is not included in the broadcast stream and the viewing history server URL is not received, the determination processing in step S231 is repeated. On the other hand, when it is determined in step S231 that the viewing history server URL is included in the broadcast stream and the viewing history server URL is received, the process proceeds to step S232.
 ステップS232において、視聴履歴サーバURL取得部254は、放送ストリームに含まれる視聴履歴サーバURLを取得する。ここでは、例えば、LLSシグナリング情報であるSLTに配置されるシグナリングロケーション記述子(inet_signaling_location_descriptor)、ビデオウォータマークとして伝送されるウォータマークペイロード(のWMメッセージのURIメッセージ)、オーディオユーザデータ(SYSメタフレームのsysData)、又は、TTML(Timed Text Markup Language)文書のメタデータなどに視聴履歴サーバURLが記述されるので、視聴履歴サーバURL取得部254は、そこから、視聴履歴サーバURLを取得する。 In step S232, the viewing history server URL acquisition unit 254 acquires the viewing history server URL included in the broadcast stream. Here, for example, a signaling location descriptor (inet_signaling_location_descriptor) arranged in the SLT which is LLS signaling information, a watermark payload (URI message of the WM message) transmitted as a video watermark, audio user data (SYS metaframe) sysData), or the viewing history server URL is described in the metadata of a TTML (Timed Text Markup Language) document, and the viewing history server URL acquisition unit 254 acquires the viewing history server URL therefrom.
 ステップS233において、視聴履歴サーバURL取得部254は、ステップS232の処理で取得された視聴履歴サーバURLを、記録部212に記録(保持)する。ステップS233の処理が終了すると、図23の視聴履歴サーバURL取得処理は終了する。 In step S233, the viewing history server URL acquisition unit 254 records (holds) the viewing history server URL acquired in the process of step S232 in the recording unit 212. When the process of step S233 ends, the viewing history server URL acquisition process of FIG. 23 ends.
 以上、視聴履歴サーバURL取得処理の流れについて説明した。この視聴履歴サーバURL取得処理では、所定のタイミングで送信されてくる視聴履歴サーバURLを取得することで、記録部212には、視聴履歴サーバ30ごとに、視聴履歴サーバURLが保持される。 The flow of viewing history server URL acquisition processing has been described above. In the viewing history server URL acquisition process, the viewing history server URL is stored for each viewing history server 30 in the recording unit 212 by acquiring the viewing history server URL transmitted at a predetermined timing.
(視聴履歴情報送信処理)
 次に、図24のフローチャートを参照して、図1の受信装置20により実行される視聴履歴情報送信処理の流れについて説明する。 (Viewing history information transmission processing)
Next, the flow of viewing history information transmission processing executed by the receiving device 20 of FIG. 1 will be described with reference to the flowchart of FIG.
 ステップS241においては、所定のタイミングで、視聴履歴情報(CDM)の送信イベントが発生するまで、待機する。そして、ステップS242において、視聴履歴情報(CDM)の送信イベントが発生したと判定された場合、処理は、ステップS243に進められる。 In step S241, the process waits until a transmission event of viewing history information (CDM) occurs at a predetermined timing. If it is determined in step S242 that a viewing history information (CDM) transmission event has occurred, the process proceeds to step S243.
 ステップS243において、視聴履歴サーバURL取得部254は、視聴履歴サーバURLの読み出し処理を行う。この読み出し処理では、図23の視聴履歴サーバURL取得処理(のステップS233)によって、記録部212に記録(保持)された視聴履歴サーバURLを読み出す処理が行われる。 In step S243, the viewing history server URL acquisition unit 254 performs a viewing history server URL reading process. In this reading process, the process of reading the viewing history server URL recorded (held) in the recording unit 212 is performed by the viewing history server URL acquisition process (step S233) of FIG.
 ステップS244においては、ステップS243の読み出し処理で視聴履歴サーバURLの読み出しに成功したかどうかが判定される。ステップS244において、視聴履歴サーバURLの読み出しに成功したと判定された場合、処理は、ステップS245に進められる。 In step S244, it is determined whether or not the viewing history server URL has been successfully read in the reading process in step S243. If it is determined in step S244 that the viewing history server URL has been successfully read, the process proceeds to step S245.
 ステップS245において、認証鍵取得部257は、認証鍵の読み出し処理を行う。この読み出し処理では、図21の放送ストリーム受信処理(のステップS220)によって、記録部212に記録(保持)された認証鍵を読み出す処理が行われる。 In step S245, the authentication key acquisition unit 257 performs an authentication key read process. In this reading process, a process of reading the authentication key recorded (held) in the recording unit 212 by the broadcast stream receiving process (step S220 in FIG. 21) is performed.
 ステップS246においては、ステップS245の読み出し処理で認証鍵の読み出しに成功したかどうかが判定される。ステップS246において、認証鍵の読み出しに成功したと判定された場合、処理は、ステップS247に進められる。 In step S246, it is determined whether or not the authentication key has been successfully read in the reading process in step S245. If it is determined in step S246 that the authentication key has been successfully read, the process proceeds to step S247.
 ステップS247において、視聴履歴情報管理部253は、視聴履歴情報(CDM)の読み出し処理を行う。この読み出し処理では、図22の視聴履歴情報記録処理(のステップS222)によって、記録部212に記録(蓄積)された視聴履歴情報(CDM)を読み出す処理が行われる。 In step S247, the viewing history information management unit 253 performs a viewing history information (CDM) reading process. In this reading process, the viewing history information (CDM) recorded (accumulated) in the recording unit 212 is read by the viewing history information recording process (step S222 in FIG. 22).
 ステップS248において、メッセージ認証符号算出部258は、ステップS245の読み出し処理で取得された認証鍵、及び、ステップS247の読み出し処理で取得された視聴履歴情報(CDM)に基づいて、メッセージ認証符号(HMAC)を算出する。 In step S248, the message authentication code calculation unit 258 determines the message authentication code (HMAC) based on the authentication key acquired in the reading process in step S245 and the viewing history information (CDM) acquired in the reading process in step S247. ) Is calculated.
 ステップS249において、通信制御部252は、通信部223を制御して、ステップS243の読み出し処理で取得された視聴履歴サーバURLに従い、ステップS247の読み出し処理で取得された視聴履歴情報(CDM)とともに、ステップS248の処理で算出されたメッセージ認証符号(HMAC)を、通信回線60を介して視聴履歴サーバ30宛てに送信する。 In step S249, the communication control unit 252 controls the communication unit 223 to follow the viewing history server URL acquired in the reading process in step S243, along with the viewing history information (CDM) acquired in the reading process in step S247. The message authentication code (HMAC) calculated in the process of step S248 is transmitted to the viewing history server 30 via the communication line 60.
 なお、ステップS244において、視聴履歴サーバURLの読み出しに失敗したと判定された場合、又は、ステップS246において、認証鍵の読み出しに失敗したと判定された場合、処理は、ステップS250に進められる。ステップS250において、制御部211は、視聴履歴情報(CDM)の送信失敗時に行われる送信エラー処理を実行する。 If it is determined in step S244 that reading of the viewing history server URL has failed, or if it is determined in step S246 that reading of the authentication key has failed, the process proceeds to step S250. In step S250, the control unit 211 executes transmission error processing that is performed when transmission of viewing history information (CDM) fails.
 ステップS249又はS250の処理が終了すると、図24の視聴履歴情報送信処理は終了される。 When the process of step S249 or S250 is finished, the viewing history information transmission process of FIG. 24 is finished.
 以上、視聴履歴情報送信処理の流れについて説明した。この視聴履歴情報送信処理では、所定のタイミングで、記録部212に適宜記録される視聴履歴サーバURL、認証鍵、及び、視聴履歴情報(CDM)が読み出され、認証鍵及び視聴履歴情報(CDM)から、メッセージ認証符号(HMAC)が算出され、視聴履歴サーバURLに従い、メッセージ認証符号(HMAC)を添付した視聴履歴情報(CDM)が、通信回線60を介して視聴履歴サーバ30宛てに送信されることになる。 The flow of viewing history information transmission processing has been described above. In this viewing history information transmission process, the viewing history server URL, the authentication key, and the viewing history information (CDM) that are appropriately recorded in the recording unit 212 are read at a predetermined timing, and the authentication key and viewing history information (CDM) are read. ), A message authentication code (HMAC) is calculated, and viewing history information (CDM) attached with the message authentication code (HMAC) is transmitted to the viewing history server 30 via the communication line 60 in accordance with the viewing history server URL. Will be.
 なお、上述した説明では、記録部212に適宜記録される視聴履歴情報(CDM)が、視聴履歴サーバ30に送信されるとして説明したが、視聴履歴情報(CDM)を記録部212に記録せずに、視聴履歴情報(CDM)を生成したタイミングで、即時に、視聴履歴サーバ30に送信されるようにしてもよい。 In the above description, the viewing history information (CDM) appropriately recorded in the recording unit 212 has been described as being transmitted to the viewing history server 30, but the viewing history information (CDM) is not recorded in the recording unit 212. In addition, it may be transmitted immediately to the viewing history server 30 at the timing when the viewing history information (CDM) is generated.
(視聴履歴情報受信処理)
 最後に、図25のフローチャートを参照して、図1の視聴履歴サーバ30により実行される視聴履歴情報受信処理の流れについて説明する。 (Viewing history information reception processing)
Finally, the flow of viewing history information reception processing executed by the viewing history server 30 of FIG. 1 will be described with reference to the flowchart of FIG.
 ステップS301においては、制御部311によって、通信部312が監視され、受信装置20からの視聴履歴情報(CDM)の受信リクエストが発生するまで、待機する。そして、ステップS302において、視聴履歴情報(CDM)の受信リクエストが発生したと判定された場合、処理は、ステップS303に進められる。 In step S301, the communication unit 311 is monitored by the control unit 311 and waits until a reception history information (CDM) reception request from the reception device 20 is generated. If it is determined in step S302 that a viewing history information (CDM) reception request has occurred, the process proceeds to step S303.
 ステップS303において、通信部312は、制御部311からの制御に従い、サーバ・クライアント接続処理を行う。このサーバ・クライアント接続処理では、受信装置20と視聴履歴サーバ30との接続(セッション)が確立され、受信装置20と視聴履歴サーバ30とが、通信回線60を介して通信を行うことが可能となる。ただし、受信装置20と視聴履歴サーバ30との通信は、例えばTLSにより提供されるHTTPSを利用してセキュアに行われる。 In step S303, the communication unit 312 performs server / client connection processing in accordance with control from the control unit 311. In this server / client connection process, the connection (session) between the receiving device 20 and the viewing history server 30 is established, and the receiving device 20 and the viewing history server 30 can communicate via the communication line 60. Become. However, communication between the receiving device 20 and the viewing history server 30 is performed securely using HTTPS provided by TLS, for example.
 ステップS304において、通信部312は、受信装置20から通信回線60を介して送信されてくる視聴履歴情報(CDM)と、メッセージ認証符号(HMAC)を受信する。ここでは、図24の視聴履歴情報送信処理(のステップS249)によって送信される、メッセージ認証符号(HMAC)を添付した視聴履歴情報(CDM)が受信される。 In step S304, the communication unit 312 receives viewing history information (CDM) and a message authentication code (HMAC) transmitted from the receiving device 20 via the communication line 60. Here, the viewing history information (CDM) attached with the message authentication code (HMAC) transmitted by the viewing history information transmission process (step S249) of FIG. 24 is received.
 ステップS305において、メッセージ認証符号算出部353及びメッセージ認証符号比較部354は、メッセージ認証符号検証処理を行う。このメッセージ認証符号検証処理では、受信装置20から受信したメッセージ認証符号(HMAC)と、メッセージ認証符号算出部353により算出されるメッセージ認証符号(HMAC')とが比較され、その比較結果に応じた検証結果が得られることになる。なお、メッセージ認証符号検証処理の詳細な内容については、図26のフローチャートを参照して後述する。 In step S305, the message authentication code calculation unit 353 and the message authentication code comparison unit 354 perform message authentication code verification processing. In this message authentication code verification process, the message authentication code (HMAC) received from the receiving device 20 is compared with the message authentication code (HMAC ′) calculated by the message authentication code calculation unit 353, and the comparison result A verification result is obtained. Details of the message authentication code verification process will be described later with reference to the flowchart of FIG.
 ステップS306において、メッセージ認証符号比較部354は、ステップS305の処理(メッセージ認証符号検証処理)で得られる検証結果が正当であるかどうかを判定する。 In step S306, the message authentication code comparison unit 354 determines whether the verification result obtained in the process of step S305 (message authentication code verification process) is valid.
 ステップS306において、メッセージ認証符号(HMAC)の検証結果が正当である、すなわち、当該メッセージ認証符号(HMAC)を添付していた視聴履歴情報(CDM)が正当であると判定された場合、処理は、ステップS307に進められる。ステップS307において、視聴履歴情報管理部355は、ステップS304の処理で受信された視聴履歴情報(CDM)であって、ステップS305の処理(メッセージ認証符号検証処理)の対象となったメッセージ認証符号(HMAC)の添付元となる視聴履歴情報(CDM)を、視聴履歴情報蓄積部313に蓄積する。 If it is determined in step S306 that the verification result of the message authentication code (HMAC) is valid, that is, the viewing history information (CDM) attached with the message authentication code (HMAC) is valid, the process is as follows. The process proceeds to step S307. In step S307, the viewing history information management unit 355 receives the message authentication code (CDM) received in the processing in step S304 and subjected to the processing in step S305 (message authentication code verification processing). Viewing history information (CDM) that is an attachment source of (HMAC) is accumulated in the viewing history information accumulation unit 313.
 一方、ステップS306において、メッセージ認証符号(HMAC)の検証結果が正当ではない、すなわち、当該メッセージ認証符号(HMAC)を添付していた視聴履歴情報(CDM)が正当ではないと判定された場合、処理は、ステップS308に進められる。ステップS308において、制御部311は、メッセージ認証符号(HMAC)の検証結果が正当ではない場合に行われるエラー処理を実行する。 On the other hand, if it is determined in step S306 that the verification result of the message authentication code (HMAC) is not valid, that is, the viewing history information (CDM) attached with the message authentication code (HMAC) is not valid, The process proceeds to step S308. In step S308, the control unit 311 executes error processing that is performed when the verification result of the message authentication code (HMAC) is not valid.
 ステップS307又はS308の処理が終了すると、図25の視聴履歴情報受信処理は終了される。 When the process of step S307 or S308 is completed, the viewing history information reception process of FIG. 25 is terminated.
 以上、視聴履歴情報受信処理の流れについて説明した。この視聴履歴情報受信処理では、メッセージ認証符号(HMAC)の検証結果に応じて、当該メッセージ認証符号(HMAC)を添付している視聴履歴情報(CDM)が順次蓄積される。 The flow of viewing history information reception processing has been described above. In the viewing history information reception process, the viewing history information (CDM) attached with the message authentication code (HMAC) is sequentially stored according to the verification result of the message authentication code (HMAC).
 次に、図26のフローチャートを参照して、図25のステップS305の処理に対応するメッセージ認証符号検証処理について説明する。なお、図26のメッセージ認証符号検証処理の実行の際には、送信装置10から提供される認証鍵と当該認証鍵に関する認証鍵情報が記録部212に記録されているものとする。 Next, the message authentication code verification process corresponding to the process of step S305 in FIG. 25 will be described with reference to the flowchart in FIG. 26, it is assumed that the authentication key provided from the transmission device 10 and the authentication key information related to the authentication key are recorded in the recording unit 212 when the message authentication code verification process of FIG.
 ステップS311において、認証鍵取得部352は、記録部212に記録されている認証鍵と認証鍵情報を読み出す。 In step S311, the authentication key acquisition unit 352 reads the authentication key and authentication key information recorded in the recording unit 212.
 ステップS312において、メッセージ認証符号算出部353は、ステップS311の処理で取得した認証鍵、及び、図25のステップS304の処理で受信された視聴履歴情報(CDM)に基づいて、メッセージ認証符号(HMAC')を算出する。 In step S312, the message authentication code calculation unit 353 generates a message authentication code (HMAC) based on the authentication key acquired in the process of step S311 and the viewing history information (CDM) received in the process of step S304 in FIG. ') Is calculated.
 ステップS313において、メッセージ認証符号比較部354は、図25のステップS304の処理で受信されたメッセージ認証符号(HMAC)と、ステップS312の処理で算出されたメッセージ認証符号(HMAC')とを比較する。 In step S313, the message authentication code comparison unit 354 compares the message authentication code (HMAC) received in the process of step S304 in FIG. 25 with the message authentication code (HMAC ′) calculated in the process of step S312. .
 ステップS314において、メッセージ認証符号比較部354は、ステップS313の処理で得られる比較結果に基づいて、それらのメッセージ認証符号(HMAC,HMAC')が一致するかどうかを判定する。 In step S314, the message authentication code comparison unit 354 determines whether or not these message authentication codes (HMAC, HMAC ′) match based on the comparison result obtained in the process of step S313.
 ステップS314において、それらのメッセージ認証符号(HMAC,HMAC')が一致すると判定された場合、処理は、ステップS315に進められる。ステップS315において、メッセージ認証符号比較部354は、それらのメッセージ認証符号(HMAC,HMAC')が一致する、すなわち、当該メッセージ認証符号(HMAC)を添付している視聴履歴情報(CDM)が正当であるとの検証結果を戻す。 If it is determined in step S314 that the message authentication codes (HMAC, HMAC ′) match, the process proceeds to step S315. In step S315, the message authentication code comparison unit 354 matches the message authentication codes (HMAC, HMAC ′), that is, the viewing history information (CDM) attached with the message authentication code (HMAC) is valid. Returns the verification result.
 一方、ステップS314において、それらのメッセージ認証符号(HMAC,HMAC')が一致しないと判定された場合、処理は、ステップS316に進められる。ステップS316において、メッセージ認証符号比較部354は、それらのメッセージ認証符号(HMAC,HMAC')が一致しない、すなわち、当該メッセージ認証符号(HMAC)を添付している視聴履歴情報(CDM)が正当ではないとの検証結果を戻す。 On the other hand, if it is determined in step S314 that the message authentication codes (HMAC, HMAC ′) do not match, the process proceeds to step S316. In step S316, the message authentication code comparison unit 354 does not match the message authentication codes (HMAC, HMAC ′), that is, the viewing history information (CDM) attached with the message authentication code (HMAC) is valid. Return the verification result that there is no.
 ステップS315又はS316の処理が終了すると、処理は、図25のステップS305の処理に戻り、それ以降の処理が実行される。 When the process of step S315 or S316 is completed, the process returns to the process of step S305 in FIG. 25, and the subsequent processes are executed.
 以上、メッセージ認証符号検証処理の流れについて説明した。 The flow of the message authentication code verification process has been described above.
(2)方式2:ビデオウォータマークを利用した認証鍵の伝送 (2) Method 2: Authentication key transmission using video watermark
(方式2の概要)
 図27は、ビデオウォータマークを利用した認証鍵の伝送を行う場合における、送信装置10による認証鍵の配信と、受信装置20によるメッセージ認証符号(HMAC)の算出と、受信装置20と視聴履歴サーバ30による視聴履歴情報(CDM)の送受信の流れを説明する図である。 (Overview of Method 2)
FIG. 27 shows the distribution of the authentication key by the transmitting device 10, the calculation of the message authentication code (HMAC) by the receiving device 20, the receiving device 20 and the viewing history server when transmitting the authentication key using the video watermark. 3 is a diagram for explaining a flow of transmission / reception of viewing history information (CDM) by 30. FIG.
 図27において、放送局の送信装置10は、ビデオやオーディオ(のコンポーネント)のストリームと、シグナリング情報を含む放送ストリームを、デジタル放送信号として送信している。受信装置20は、送信装置10から送信設備40(図1)などを介して送信されてくるデジタル放送信号を受信する。 27, the transmitting apparatus 10 of the broadcasting station transmits a video or audio (component) stream and a broadcast stream including signaling information as a digital broadcast signal. The receiving device 20 receives a digital broadcast signal transmitted from the transmitting device 10 via the transmission facility 40 (FIG. 1) or the like.
 受信装置20において、レンダラ225は、制御部211からの制御に従い、受信部214から供給される、ビデオやオーディオ(のコンポーネント)のストリームに対するレンダリング処理を行うことで、選局操作に応じたコンテンツ(例えばテレビ番組など)を再生する。これにより、コンテンツの視聴に応じた視聴履歴情報(CDM)が記録部212(図3)に記録されることなる。 In the receiving device 20, the renderer 225 performs a rendering process on a video or audio (component) stream supplied from the receiving unit 214 in accordance with the control from the control unit 211, so that content ( For example, a TV program). Thereby, viewing history information (CDM) corresponding to the viewing of the content is recorded in the recording unit 212 (FIG. 3).
 ここで、方式2を採用した場合、放送ストリーム(のビデオストリーム)において、ビデオウォータマークとして伝送されるウォータマークペイロード(Watermark payload)に、認証鍵(暗号化認証鍵)が記述されている。受信装置20では、フィルタ255が、例えば、ウォータマークペイロードに記述された認証鍵(暗号化認証鍵)に対して、受信機製造事業者IDを用いたフィルタリング処理を行うことで、受信装置20の製造事業者に対応した認証鍵(暗号化認証鍵)のみを抽出することができる。 Here, when the system 2 is adopted, an authentication key (encrypted authentication key) is described in a watermark payload transmitted as a video watermark in the broadcast stream (video stream). In the receiving device 20, the filter 255 performs a filtering process using the receiver manufacturer ID on the authentication key (encrypted authentication key) described in the watermark payload, for example. Only the authentication key (encrypted authentication key) corresponding to the manufacturer can be extracted.
 図27の例では、フィルタリング処理で得られた認証鍵(暗号化認証鍵)は、受信機製造事業者鍵(暗号鍵)で暗号化されているので、復号部256は、受信機製造事業者鍵(復号鍵)を用い、フィルタリング処理で得られた認証鍵(暗号化認証鍵)を復号する。そして、HMAC算出部258は、復号部256により復号された認証鍵、及び、記録部212から読み出された視聴履歴情報(CDM)に基づいて、メッセージ認証符号(HMAC)を算出する。 In the example of FIG. 27, the authentication key (encrypted authentication key) obtained by the filtering process is encrypted with the receiver manufacturer key (encryption key). Using the key (decryption key), decrypt the authentication key (encrypted authentication key) obtained by the filtering process. Then, the HMAC calculation unit 258 calculates a message authentication code (HMAC) based on the authentication key decrypted by the decryption unit 256 and the viewing history information (CDM) read from the recording unit 212.
 通信部223は、あらかじめ取得されている視聴履歴サーバURLに従い、メッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)を、通信回線60を介して視聴履歴サーバ30に宛てに送信する。 The communication unit 223 transmits the viewing history information (CDM) attached with the message authentication code (HMAC) to the viewing history server 30 via the communication line 60 in accordance with the viewing history server URL acquired in advance.
 視聴履歴サーバ30は、通信回線60を介して受信装置20から送信されてくる、メッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)を受信する。そして、視聴履歴サーバ30は、受信装置20から受信したメッセージ認証符号(HMAC)と、自身が算出したメッセージ認証符号(HMAC')とを比較し、その比較結果が一致するかどうかを判定することで、受信したメッセージ認証符号(HMAC)の検証を行う。 The viewing history server 30 receives viewing history information (CDM) attached with a message authentication code (HMAC) transmitted from the receiving device 20 via the communication line 60. Then, the viewing history server 30 compares the message authentication code (HMAC) received from the receiving device 20 with the message authentication code (HMAC ′) calculated by itself, and determines whether or not the comparison result matches. Then, the received message authentication code (HMAC) is verified.
 ここでは、メッセージ認証符号(HMAC,HMAC')の比較結果が一致する場合、受信したメッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)は、対象の受信機製造会社の受信装置20が記録して送信したものであって、正当であるので、視聴履歴サーバ30は、当該視聴履歴情報(CDM)を処理する。一方で、メッセージ認証符号(HMAC,HMAC')の比較結果が不一致となる場合、受信したメッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)は、対象の受信機製造会社の受信装置20が記録して送信したものではなく、正当ではないので、視聴履歴サーバ30は、当該視聴履歴情報(CDM)を処理しない(例えば、破棄する)。 Here, when the comparison result of the message authentication code (HMAC, HMAC ′) matches, the received viewing history information (CDM) attached with the message authentication code (HMAC) is received by the receiving device 20 of the target receiver manufacturer. Is recorded and transmitted and is valid, so the viewing history server 30 processes the viewing history information (CDM). On the other hand, if the comparison result of the message authentication code (HMAC, HMAC ') does not match, the received viewing history information (CDM) attached with the message authentication code (HMAC) is the receiving device of the target receiver manufacturer The viewing history server 30 does not process (for example, discard) the viewing history information (CDM) because it is not recorded and transmitted by 20 and is not valid.
(認証鍵の通知方法)
 図28は、ビデオウォータマークを利用した場合における認証鍵の通知方法を示す図である。 (Authentication key notification method)
FIG. 28 is a diagram showing an authentication key notification method when a video watermark is used.
 図28に示すように、1ビデオフレームにおいて、映像表示領域の上側の2ラインをビデオウォータマークとして利用することができる。このビデオウォータマークで利用される2ラインでは、1ブロックで1ビットの情報量を伝送する方式である標準データ伝送と、1ブロックで2ビットの情報量を伝送する方式である2倍率データ伝送のうち、いずれか一方のデータ伝送方式を用いることができる。 As shown in FIG. 28, in one video frame, the upper two lines of the video display area can be used as a video watermark. In the two lines used in this video watermark, standard data transmission, which is a method of transmitting 1-bit information amount in one block, and double magnification data transmission, which is a method of transmitting 2-bit information amount in one block. Any one of the data transmission methods can be used.
 例えば、図28において、標準データ伝送を用いた場合には、先頭のブロックには"1",2番目のブロックには"1",3番目のブロックには"0",4番目のブロックには"1"が順次格納されており、5番目以降のブロックにも、"0"又は"1"の1ビットがブロックごとに格納される。一方で、2倍率データ伝送を用いた場合には、先頭のブロックには"11",2番目のブロックには"10",3番目のブロックには"01",4番目のブロックには"10"が順次格納されており、5番目以降のブロックにも、"0"と"1"の組み合わせからなる2ビットがブロックごとに格納される。 For example, in FIG. 28, when standard data transmission is used, the first block is "1", the second block is "1", the third block is "0", and the fourth block is “1” is sequentially stored, and one bit of “0” or “1” is also stored for each block in the fifth and subsequent blocks. On the other hand, when 2x data transmission is used, "11" for the first block, "10" for the second block, "01" for the third block, "for the fourth block" 10 "is sequentially stored, and 2 bits including a combination of" 0 "and" 1 "are also stored for each block in the fifth and subsequent blocks.
 また、ビデオウォータマークでは、ビデオビットストリームの2ラインを用い、ウォータマークペイロード(Watermark payload)を伝送することになる。 Also, the video watermark uses two lines of the video bitstream to transmit a watermark payload.
(ウォータマークペイロードのシンタックス)
 図29は、ウォータマークペイロード(Watermark payload)のシンタックスの例を示す図である。 (Watermark payload syntax)
FIG. 29 is a diagram illustrating an example of the syntax of a watermark payload.
 16ビットのrun_in_patternには、ビデオウォータマークの伝送パターンと、白から黒までの範囲で表される1領域の分解能が指定される。この伝送パターンとしては、1ライン又は2ラインが指定される。また、1領域の分解能としては、8ビット~12ビットが指定される。 The 16-bit run_in_pattern specifies the transmission pattern of the video watermark and the resolution of one area expressed in the range from white to black. As this transmission pattern, one line or two lines are designated. Further, 8 bits to 12 bits are designated as the resolution of one area.
 wm_message()は、ウォータマークのメッセージ領域を表している。8ビットのzero_padは、ゼロパディングを表している。 Wm_message () represents the message area of the watermark. 8-bit zero_pad represents zero padding.
(WMメッセージのシンタックス)
 図30は、図29のWMメッセージ(wm_message)のシンタックスの例を示す図である。 (WM message syntax)
FIG. 30 is a diagram illustrating an example of the syntax of the WM message (wm_message) in FIG.
 8ビットのwm_message_idには、WMメッセージIDが指定される。8ビットのwm_message_lengthには、WMメッセージ長が指定される。 WM message ID is specified in 8-bit wm_message_id. The 8-bit wm_message_length specifies the WM message length.
 4ビットのwm_message_sequenceには、WMメッセージのシーケンスが指定される。2ビットのfragment_numberと、2ビットのlast_fragmentには、フラグメントに関する情報が指定される。 ∙ The 4-bit wm_message_sequence specifies the WM message sequence. In 2-bit fragment_number and 2-bit last_fragment, information about a fragment is specified.
 ここで、WMメッセージIDとして、"0x01"が指定された場合、コンテントIDメッセージ(content_id_message)が配置される。また、WMメッセージIDとして、"0x02"が指定された場合、チャンネルIDメッセージ(channel_id_message)が配置される。さらに、WMメッセージIDとして、"0x03"が指定された場合、URIメッセージ(uri_message)が配置される。 Here, when “0x01” is specified as the WM message ID, a content ID message (content_id_message) is placed. When “0x02” is designated as the WM message ID, a channel ID message (channel_id_message) is arranged. Furthermore, when “0x03” is designated as the WM message ID, a URI message (uri_message) is arranged.
 また、WMメッセージIDとして、"0x04"が指定された場合、認証鍵メッセージ(authentication_key)が配置される。そして、ウォータマークペイロードに、認証鍵を記述する場合には、認証鍵メッセージを利用することになるため、ここでは、WMメッセージIDとして、"0x04"を指定することになる。 Also, when "0x04" is specified as the WM message ID, an authentication key message (authentication_key) is placed. When an authentication key is described in the watermark payload, an authentication key message is used. Therefore, here, “0x04” is designated as the WM message ID.
 なお、WMメッセージには、message_CRC_32やCRC_32などの誤り検出符号が含まれる。 The WM message includes error detection codes such as message_CRC_32 and CRC_32.
(認証鍵メッセージのシンタックス)
 図31は、図30の認証鍵メッセージ(authentication_key)のシンタックスの例を示す図である。 (Authentication key message syntax)
FIG. 31 is a diagram illustrating an example of the syntax of the authentication key message (authentication_key) in FIG.
 4ビットのkey_typeは、認証鍵の暗号又は復号に用いられる鍵の種類が指定される。16ビットのkey_idには、認証鍵の暗号又は復号に用いられる鍵のIDが指定される。8ビットのkey_versionには、認証鍵の暗号又は復号に用いられる鍵のバージョンが指定される。 4-bit key_type specifies the type of key used for encryption or decryption of the authentication key. The 16-bit key_id specifies the ID of a key used for encryption or decryption of the authentication key. The 8-bit key_version specifies the version of the key used for encryption or decryption of the authentication key.
 32ビットのvalid_fromには、認証鍵の有効期間の開始時刻が指定される。32ビットのvalid_untilには、認証鍵の有効期間の終了時刻が指定される。 The 32-bit valid_from specifies the start time of the validity period of the authentication key. The 32-bit valid_until specifies the end time of the validity period of the authentication key.
 4ビットのalgorithmには、認証鍵の暗号又は復号の暗号アルゴリズムが指定される。8ビットのenc_param_lengthには、認証鍵の暗号又は復号の暗号パラメータ長が指定される。enc_param()は、8*enc_param_lengthビットからなり、認証鍵の暗号又は復号の暗号パラメータが指定される。 Authentic key encryption or decryption encryption algorithm is specified in the 4-bit algorithm. In the 8-bit enc_param_length, the encryption parameter length for encryption or decryption of the authentication key is designated. enc_param () is composed of 8 * enc_param_length bits, and specifies encryption parameters for encryption or decryption of the authentication key.
 8ビットのauth_key_lengthには、認証鍵長が指定される。auth_keyは、8*auth_key_lengthビットからなり、認証鍵が指定される。8ビットのauth_key_versionには、認証鍵のバージョン情報が指定される。 The authentication key length is specified in the 8-bit auth_key_length. The auth_key consists of 8 * auth_key_length bits, and an authentication key is designated. The 8-bit auth_key_version specifies version information of the authentication key.
 次に、図32乃至図34のフローチャートを参照して、方式2を採用した場合に、図1の伝送システム1を構成する各装置で実行される処理の内容について説明する。 Next, with reference to the flowcharts of FIGS. 32 to 34, the contents of processing executed in each device constituting the transmission system 1 of FIG. 1 when the method 2 is adopted will be described.
(認証鍵配信処理)
 まず、図32のフローチャートを参照して、ビデオウォータマークを利用した場合における認証鍵配信処理の流れについて説明する。なお、この認証鍵配信処理は、図1の送信装置10により、図18のステップS101の処理と並行して実行される処理とされる。 (Authentication key distribution process)
First, the flow of authentication key distribution processing when a video watermark is used will be described with reference to the flowchart of FIG. This authentication key distribution process is a process executed in parallel with the process of step S101 of FIG. 18 by the transmission apparatus 10 of FIG.
 ステップS121において、制御部111は、認証鍵を配信するタイミングであるかどうかを判定する。 In step S121, the control unit 111 determines whether it is time to distribute the authentication key.
 ステップS121において、認証鍵を配信するタイミングではないと判定された場合、ステップS121の判定処理が繰り返される。一方、ステップS121において、認証鍵を配信するタイミングであると判定された場合、処理は、ステップS122に進められる。 If it is determined in step S121 that it is not time to distribute the authentication key, the determination process in step S121 is repeated. On the other hand, if it is determined in step S121 that it is time to distribute the authentication key, the process proceeds to step S122.
 ステップS122において、認証鍵生成部151は、受信装置20と視聴履歴サーバ30に提供するための認証鍵を生成する。 In step S122, the authentication key generation unit 151 generates an authentication key to be provided to the receiving device 20 and the viewing history server 30.
 ステップS123において、暗号化部152は、例えば、受信機製造事業者鍵又は受信機鍵等の暗号鍵を用い、ステップS122の処理で生成された認証鍵を暗号化する。このようにして生成された認証鍵(暗号化認証鍵)は、方式2を採用した場合には、ビデオ処理部113に供給される。 In step S123, the encryption unit 152 encrypts the authentication key generated in the process of step S122 using, for example, an encryption key such as a receiver manufacturer key or a receiver key. The authentication key (encrypted authentication key) generated in this way is supplied to the video processing unit 113 when the method 2 is adopted.
 ステップS124において、ビデオ処理部113は、ビデオストリームを処理する際に、ステップS123の処理で得られた認証鍵(暗号化認証鍵)を、各フレームのビデオウォータマークとして伝送されるウォータマークペイロード(のWMメッセージの認証鍵メッセージ(authentication_key))に追加(記述)する。 In step S124, when processing the video stream, the video processing unit 113 transmits the authentication key (encrypted authentication key) obtained in step S123 as the watermark payload ( Add (describe) to the WM message's authentication key message (authentication_key)).
 以上、認証鍵配信処理の流れについて説明した。この認証鍵配信処理では、ウォータマークペイロードのWMメッセージの認証鍵メッセージ(authentication_key)に、認証鍵(暗号化認証鍵)が記述され、当該認証鍵メッセージを含むウォータマークペイロードが伝送されるビデオウォータマークを含むビデオフレーム(ビデオストリーム)が生成され(図18のS101)、デジタル放送信号に含めて送信されることになる(図18のS102)。なお、ステップS122の処理で生成された認証鍵は、視聴履歴サーバ30にも提供されることになる。 The flow of authentication key distribution processing has been described above. In this authentication key distribution process, an authentication key (encrypted authentication key) is described in the authentication key message (authentication_key) of the WM message of the watermark payload, and a video watermark that transmits the watermark payload including the authentication key message is transmitted. Is generated (S101 in FIG. 18) and transmitted in a digital broadcast signal (S102 in FIG. 18). Note that the authentication key generated in the process of step S122 is also provided to the viewing history server 30.
(認証鍵取得処理)
 次に、図33のフローチャートを参照して、ビデオウォータマークを利用した場合における認証鍵取得処理の流れについて説明する。なお、この認証鍵取得処理は、図1の受信装置20において、例えば、ユーザによる選局操作に応じて選局されたサービスのコンテンツの視聴中に実行される処理とされる。 (Authentication key acquisition process)
Next, the flow of authentication key acquisition processing when a video watermark is used will be described with reference to the flowchart of FIG. Note that this authentication key acquisition process is a process executed in the receiving device 20 of FIG. 1 while, for example, viewing the content of the service selected according to the channel selection operation by the user.
 ステップS261においては、制御部211によって、入力部213からの操作信号等が監視され、サービス選局イベントが発生するまで、待機する。そして、ステップS262において、サービス選局イベントが発生したと判定された場合、処理は、ステップS263に進められる。 In step S261, the control unit 211 monitors an operation signal or the like from the input unit 213, and waits until a service channel selection event occurs. If it is determined in step S262 that a service channel selection event has occurred, the process proceeds to step S263.
 ステップS263において、放送制御部251は、記録部212に記録された選局情報に基づいて、受信部214等の動作を制御することで、選局処理を行う。 In step S263, the broadcast control unit 251 performs channel selection processing by controlling the operation of the reception unit 214 and the like based on the channel selection information recorded in the recording unit 212.
 ステップS264において、放送制御部251は、ビデオ処理部216、オーディオ処理部218、及び、字幕処理部220を制御することで、ビデオ、オーディオ、及び、字幕のコンポーネント(のストリーム)をレンダリングする。 In step S264, the broadcast control unit 251 renders video (video), audio, and subtitle components (streams) by controlling the video processing unit 216, the audio processing unit 218, and the subtitle processing unit 220.
 ステップS265においては、ビデオウォータマークに対する処理を行うかどうかが判定される。ステップS265において、ビデオウォータマークに対する処理を行うと判定された場合、処理は、ステップS266に進められる。 In step S265, it is determined whether or not to process the video watermark. If it is determined in step S265 that the process for the video watermark is to be performed, the process proceeds to step S266.
 ステップS266において、ビデオ処理部216は、ビデオウォータマークとして伝送されるウォータマークペイロード(のWMメッセージの認証鍵メッセージ(authentication_key))に、認証鍵(暗号化認証鍵)が記述されているかどうかを判定する。ステップS266において、ウォータマークペイロード(のWMメッセージの認証鍵メッセージ)に、認証鍵(暗号化認証鍵)が記述されていると判定された場合、処理は、ステップS267に進められる。 In step S266, the video processing unit 216 determines whether or not an authentication key (encrypted authentication key) is described in the watermark payload (authentication key message (authentication_key) of the WM message) transmitted as the video watermark. To do. If it is determined in step S266 that an authentication key (encrypted authentication key) is described in the watermark payload (authentication key message of the WM message), the process proceeds to step S267.
 ステップS267において、認証鍵取得部257等は、認証鍵取得処理を実行する。この認証鍵取得処理では、認証鍵メッセージ(authentication_key)に記述された認証鍵(暗号化認証鍵)が復号され、記録部212に記録(保持)される。なお、認証鍵取得処理の詳細な内容については、図34のフローチャートを参照して後述する。 In step S267, the authentication key acquisition unit 257 and the like execute an authentication key acquisition process. In this authentication key acquisition process, the authentication key (encrypted authentication key) described in the authentication key message (authentication_key) is decrypted and recorded (held) in the recording unit 212. Details of the authentication key acquisition process will be described later with reference to the flowchart of FIG.
 一方、ステップS266において、ウォータマークペイロード(のWMメッセージの認証鍵メッセージ)に、暗号化認証鍵が記述されていないと判定された場合、処理は、ステップS268に進められる。ステップS268において、ビデオ処理部216は、別のビデオウォータマーク処理(例えば、コンテントIDメッセージやチャンネルIDメッセージ、URIメッセージ等に対する処理)を行う。 On the other hand, if it is determined in step S266 that the encryption authentication key is not described in the watermark payload (the authentication key message of the WM message), the process proceeds to step S268. In step S268, the video processing unit 216 performs another video watermark process (for example, a process for a content ID message, a channel ID message, a URI message, etc.).
 ステップS267又はS268の処理が終了すると、処理は、ステップS269に進められる。また、ステップS265において、ビデオウォータマークに対する処理を行わないと判定された場合、ステップS266乃至S268の処理は、スキップされ、処理は、ステップS269に進められる。 When the process of step S267 or S268 is completed, the process proceeds to step S269. If it is determined in step S265 that the process for the video watermark is not performed, the processes in steps S266 to S268 are skipped, and the process proceeds to step S269.
 ステップS269においては、ユーザによる視聴が終了するかどうかが判定される。ステップS269において、視聴が終了しないと判定された場合、処理は、ステップS264に戻り、それ以降の処理が繰り返される。一方、ステップS269において、視聴が終了すると判定された場合、図33の認証鍵取得処理は、終了される。 In step S269, it is determined whether or not viewing by the user is terminated. If it is determined in step S269 that viewing does not end, the process returns to step S264, and the subsequent processes are repeated. On the other hand, if it is determined in step S269 that viewing ends, the authentication key acquisition process in FIG. 33 ends.
 以上、認証鍵取得処理の流れについて説明した。この認証鍵取得処理では、サービス選局イベントが発生したとき、すなわち、コンテンツの視聴時に、ビデオウォータマークで、ウォータマークペイロードが伝送され、WMメッセージの認証鍵メッセージ(authentication_key)に、認証鍵(暗号化認証鍵)が記述されている場合には、当該認証鍵が取得され、記録(保持)されることになる。 The flow of authentication key acquisition processing has been described above. In this authentication key acquisition process, when a service tuning event occurs, that is, when viewing content, a watermark payload is transmitted with a video watermark, and an authentication key (encryption key) is added to the authentication key message (authentication_key) of the WM message. Authentication key) is described, the authentication key is acquired and recorded (held).
(認証鍵取得処理の詳細な内容)
 ここで、図34のフローチャートを参照して、図33のステップS267の処理に対応する認証鍵取得処理の詳細な内容について説明する。 (Details of authentication key acquisition process)
Here, with reference to the flowchart of FIG. 34, the detailed content of the authentication key acquisition process corresponding to the process of step S267 of FIG. 33 will be described.
 ステップS271において、フィルタ部255は、例えば、認証鍵メッセージ(authentication_key)を確認することで、当該認証鍵メッセージに記述された認証鍵(暗号化認証鍵)が自機宛ての認証鍵であるかどうかを判定する。 In step S271, the filter unit 255 confirms the authentication key message (authentication_key), for example, to determine whether the authentication key (encrypted authentication key) described in the authentication key message is an authentication key addressed to the own device. Determine.
 ステップS271において、対象の認証鍵(暗号化認証鍵)が自機宛ての認証鍵であると判定された場合、処理は、ステップS272に進められる。ステップS272において、認証鍵取得部257は、認証鍵メッセージ(authentication_key)を確認することで、当該認証鍵メッセージに記述された認証鍵(暗号化認証鍵)が更新されているかどうかを判定する。 If it is determined in step S271 that the target authentication key (encrypted authentication key) is an authentication key addressed to the own device, the process proceeds to step S272. In step S272, the authentication key acquisition unit 257 checks the authentication key message (authentication_key) to determine whether or not the authentication key (encrypted authentication key) described in the authentication key message has been updated.
 ステップS272において、対象の認証鍵(暗号化認証鍵)が更新されていると判定された場合、処理は、ステップS273に進められる。ステップS273において、復号部256は、当該認証鍵メッセージ(authentication_key)のauth_keyに記述された認証鍵(暗号化認証鍵)を復号する。 If it is determined in step S272 that the target authentication key (encrypted authentication key) has been updated, the process proceeds to step S273. In step S273, the decryption unit 256 decrypts the authentication key (encrypted authentication key) described in the auth_key of the authentication key message (authentication_key).
 ステップS274において、認証鍵取得部257は、ステップS273の処理で復号された認証鍵を取得する。また、ステップS275において、認証鍵取得部257は、ステップS274の処理で取得された認証鍵を、記録部212に記録(保持)する。 In step S274, the authentication key acquisition unit 257 acquires the authentication key decrypted in the process of step S273. In step S275, the authentication key acquisition unit 257 records (holds) the authentication key acquired in step S274 in the recording unit 212.
 ステップS275の処理が終了すると、処理は、図33のステップS267の処理に戻り、それ以降の処理が実行される。なお、ステップS271において、対象の認証鍵(暗号化認証鍵)が自機宛ての認証鍵ではないと判定された場合、又は、ステップS272において、対象の認証鍵(暗号化認証鍵)が未更新であると判定された場合、ステップS273乃至S275の処理はスキップされ、対象の認証鍵(暗号化認証鍵)に対する処理は行われないことになる。 When the process of step S275 is completed, the process returns to the process of step S267 of FIG. 33, and the subsequent processes are executed. If it is determined in step S271 that the target authentication key (encrypted authentication key) is not an authentication key addressed to the own device, or in step S272, the target authentication key (encrypted authentication key) is not updated. If it is determined that the authentication key is determined to be, the processing of steps S273 to S275 is skipped, and the processing for the target authentication key (encrypted authentication key) is not performed.
 以上、認証鍵取得処理の流れを説明した。 The flow of authentication key acquisition processing has been described above.
 なお、図33の認証鍵取得処理では、コンテンツの視聴時に、認証鍵メッセージ(authentication_key)に記述された認証鍵(暗号化認証鍵)が取得される場合を一例に説明したが、他のタイミングで、ビデオウォータマークを利用して伝送される認証鍵が取得され、記録(新規で記録又は更新)されるようにしてもよい。 In the authentication key acquisition process of FIG. 33, the case where the authentication key (encrypted authentication key) described in the authentication key message (authentication_key) is acquired at the time of viewing the content has been described as an example. The authentication key transmitted using the video watermark may be acquired and recorded (newly recorded or updated).
 また、方式2を採用した場合においても、受信装置20では、視聴履歴情報(CDM)を視聴履歴サーバ30に送信するタイミングとなったとき、図24の視聴履歴情報送信処理が実行され、ビデオウォータマークで伝送されるウォータマークペイロード(のWMメッセージの認証鍵メッセージ)から取得された認証鍵、及び、記録部212から読み出された視聴履歴情報(CDM)から、メッセージ認証符号(HMAC)が算出され、視聴履歴情報(CDM)とともに、メッセージ認証符号(HMAC)が、通信回線60を介して視聴履歴サーバ30に送信されることになる。 Even when the method 2 is adopted, the receiving device 20 executes the viewing history information transmission process of FIG. 24 when it is time to transmit the viewing history information (CDM) to the viewing history server 30, and the video water The message authentication code (HMAC) is calculated from the authentication key acquired from the watermark payload (the authentication key message of the WM message) transmitted by the mark and the viewing history information (CDM) read from the recording unit 212. Then, the message authentication code (HMAC) is transmitted to the viewing history server 30 via the communication line 60 together with the viewing history information (CDM).
 以上のように、認証鍵の伝送方法として、ビデオウォータマークを利用した方式である方式2を採用した場合、ビデオウォータマークに、認証鍵を含めることで、送信装置10から、受信装置20に認証鍵が配信される。また、このような方式2を採用した場合、アンテナで直接受信を行う受信装置20では、ビデオウォータマークとして伝送されるウォータマークペイロードを処理できるし、MVPDを経由した間接受信を行う受信装置20であっても、ビデオウォータマークとして伝送されるウォータマークペイロードを処理することができるため、それらの受信環境に関係なく、ウォータマークペイロード(のWMメッセージの認証鍵メッセージ)に含まれる認証鍵を、確実に取得することができる。 As described above, when the method 2 that uses the video watermark is adopted as the method for transmitting the authentication key, the transmitter 10 authenticates the receiver 20 by including the authentication key in the video watermark. The key is distributed. In addition, when the method 2 is adopted, the receiving device 20 that directly receives the antenna can process the watermark payload transmitted as the video watermark, and the receiving device 20 that performs indirect reception via the MVPD. Even if it exists, the watermark payload transmitted as a video watermark can be processed, so the authentication key included in the watermark payload (WM message authentication key message) is surely Can be obtained.
 なお、上述した説明では、ビデオウォータマークに、認証鍵を含めた場合を説明したが、オーディオウォータマークが使用可能な場合には、当該オーディオウォータマークを利用して、そのウォータマークペイロードに、認証鍵を含めるようにしてもよい。 In the above description, the case where the authentication key is included in the video watermark has been described. However, if the audio watermark is usable, the audio watermark is used to authenticate the watermark payload. A key may be included.
(3)方式3:オーディオユーザデータを利用した認証鍵の伝送 (3) Method 3: Transmission of authentication key using audio user data
(方式3の概要)
 図35は、オーディオユーザデータを利用して認証鍵を伝送する場合における、送信装置10による認証鍵の配信と、受信装置20によるメッセージ認証符号(HMAC)の算出と、受信装置20と視聴履歴サーバ30による視聴履歴情報(CDM)の送受信の流れを説明する図である。 (Overview of Method 3)
FIG. 35 shows the distribution of the authentication key by the transmitting device 10, the calculation of the message authentication code (HMAC) by the receiving device 20, and the receiving device 20 and the viewing history server when the authentication key is transmitted using audio user data. 3 is a diagram for explaining a flow of transmission / reception of viewing history information (CDM) by 30. FIG.
 図35において、放送局の送信装置10は、ビデオやオーディオ(のコンポーネント)のストリームと、シグナリング情報を含む放送ストリームを、デジタル放送信号として送信している。受信装置20は、送信装置10から送信設備40(図1)などを介して送信されてくるデジタル放送信号を受信する。 35, the transmitting apparatus 10 of the broadcasting station transmits a video or audio (component) stream and a broadcast stream including signaling information as a digital broadcast signal. The receiving device 20 receives a digital broadcast signal transmitted from the transmitting device 10 via the transmission facility 40 (FIG. 1) or the like.
 受信装置20において、レンダラ225は、制御部211からの制御に従い、受信部214から供給される、ビデオやオーディオ(のコンポーネント)のストリームに対するレンダリング処理を行うことで、選局操作に応じたコンテンツ(例えばテレビ番組など)を再生する。これにより、コンテンツの視聴に応じた視聴履歴情報(CDM)が記録部212(図3)に記録されることなる。 In the receiving device 20, the renderer 225 performs a rendering process on a video or audio (component) stream supplied from the receiving unit 214 in accordance with the control from the control unit 211, so that content ( For example, a TV program). Thereby, viewing history information (CDM) corresponding to the viewing of the content is recorded in the recording unit 212 (FIG. 3).
 ここで、方式3を採用した場合、放送ストリーム(のオーディオストリーム)で伝送されるオーディオユーザデータ(Audio User Data)に、認証鍵(暗号化認証鍵)が記述されている。受信装置20では、フィルタ255が、例えば、オーディオユーザデータに記述された認証鍵(暗号化認証鍵)に対して、受信機製造事業者IDを用いたフィルタリング処理を行うことで、受信装置20の製造事業者に対応した認証鍵(暗号化認証鍵)のみを抽出することができる。 Here, when method 3 is adopted, an authentication key (encrypted authentication key) is described in audio user data (Audio User Data) transmitted in a broadcast stream (audio stream). In the receiving device 20, the filter 255 performs a filtering process using the receiver manufacturer ID on the authentication key (encrypted authentication key) described in the audio user data, for example. Only the authentication key (encrypted authentication key) corresponding to the manufacturer can be extracted.
 図35の例では、フィルタリング処理で得られた認証鍵(暗号化認証鍵)は、受信機製造事業者鍵(暗号鍵)で暗号化されているので、復号部256は、受信機製造事業者鍵(復号鍵)を用い、フィルタリング処理で得られた認証鍵(暗号化認証鍵)を復号する。そして、HMAC算出部258は、復号部256により復号された認証鍵、及び、記録部212から読み出された視聴履歴情報(CDM)に基づいて、メッセージ認証符号(HMAC)を算出する。 In the example of FIG. 35, since the authentication key (encrypted authentication key) obtained by the filtering process is encrypted with the receiver manufacturer key (encryption key), the decryption unit 256 is the receiver manufacturer. Using the key (decryption key), decrypt the authentication key (encrypted authentication key) obtained by the filtering process. Then, the HMAC calculation unit 258 calculates a message authentication code (HMAC) based on the authentication key decrypted by the decryption unit 256 and the viewing history information (CDM) read from the recording unit 212.
 通信部223は、あらかじめ取得されている視聴履歴サーバURLに従い、メッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)を、通信回線60を介して視聴履歴サーバ30に宛てに送信する。 The communication unit 223 transmits the viewing history information (CDM) attached with the message authentication code (HMAC) to the viewing history server 30 via the communication line 60 in accordance with the viewing history server URL acquired in advance.
 視聴履歴サーバ30は、通信回線60を介して受信装置20から送信されてくる、メッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)を受信する。そして、視聴履歴サーバ30は、受信装置20から受信したメッセージ認証符号(HMAC)と、自身が算出したメッセージ認証符号(HMAC')とを比較し、その比較結果が一致するかどうかを判定することで、受信したメッセージ認証符号(HMAC)の検証を行う。 The viewing history server 30 receives viewing history information (CDM) attached with a message authentication code (HMAC) transmitted from the receiving device 20 via the communication line 60. Then, the viewing history server 30 compares the message authentication code (HMAC) received from the receiving device 20 with the message authentication code (HMAC ′) calculated by itself, and determines whether or not the comparison result matches. Then, the received message authentication code (HMAC) is verified.
 ここでは、メッセージ認証符号(HMAC,HMAC')の比較結果が一致する場合、受信したメッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)は、対象の受信機製造会社の受信装置20が記録して送信したものであって、正当であるので、視聴履歴サーバ30は、当該視聴履歴情報(CDM)を処理する。一方で、メッセージ認証符号(HMAC,HMAC')の比較結果が不一致となる場合、受信したメッセージ認証符号(HMAC)が添付された視聴履歴情報(CDM)は、対象の受信機製造会社の受信装置20が記録して送信したものではなく、正当ではないので、視聴履歴サーバ30は、当該視聴履歴情報(CDM)を処理しない(例えば、破棄する)。 Here, when the comparison result of the message authentication code (HMAC, HMAC ′) matches, the received viewing history information (CDM) attached with the message authentication code (HMAC) is received by the receiving device 20 of the target receiver manufacturer. Is recorded and transmitted and is valid, so the viewing history server 30 processes the viewing history information (CDM). On the other hand, if the comparison result of the message authentication code (HMAC, HMAC ') does not match, the received viewing history information (CDM) attached with the message authentication code (HMAC) is the receiving device of the target receiver manufacturer The viewing history server 30 does not process (for example, discard) the viewing history information (CDM) because it is not recorded and transmitted by 20 and is not valid.
(SYSメタフレームのシンタックス)
 図36は、MPEG-H 3D Audioで規定されるSYSメタフレーム(SysMetaFrame)のシンタックスの例を示す図である。 (SYS metaframe syntax)
FIG. 36 is a diagram illustrating an example of the syntax of a SYS metaframe (SysMetaFrame) defined by MPEG-H 3D Audio.
 8ビットのsysTypeには、システムのタイプが指定される。dataLenには、データ長が指定される。sysDataは、8*dataLenビットからなり、sysTypeで指定されるタイプに応じたデータが指定される。 ∙ The system type is specified in the 8-bit sysType. In dataLen, the data length is specified. sysData consists of 8 * dataLen bits, and data corresponding to the type specified by sysType is specified.
 例えば、図37に示すように、sysTypeとして"1"が指定された場合、"SYS_MP2TS"、すなわち、MPEG2 TSシステムにより、sysDataで指定されるデータが利用されることを表している。また、sysTypeとして"2"が指定された場合、"SYS_MMT"、すなわち、MMTシステムにより、sysDataで指定されるデータが利用されることを表している。 For example, as shown in FIG. 37, when “1” is specified as the sysType, “SYS_MP2TS”, that is, the data specified by sysData is used by the MPEG2 TS system. Further, when “2” is specified as sysType, it indicates that “SYS_MMT”, that is, data specified by sysData is used by the MMT system.
 また、sysTypeとして"3"が指定された場合、"SYS_DASH"、すなわち、MPEG-DASHシステムにより、sysDataで指定されるデータが利用されることを表している。なお、"0"であるsysTypeの値は、未定義とされる。また、sysTypeの値において、"4"~"127"は、は、国際標準化機構(ISO:International Organization for Standardization)が将来使用するためにリザーブとしている値である。さらに、"128"~"255"は、将来の拡張のためにリザーブとされる値である。 Also, when “3” is specified as sysType, it indicates that “SYS_DASH”, that is, data specified by sysData is used by the MPEG-DASH system. Note that the value of sysType that is “0” is undefined. In the value of sysType, “4” to “127” are values reserved for future use by the International Organization for Standardization (ISO). Further, “128” to “255” are values reserved for future expansion.
 ここで、"128"~"255"の将来の拡張用の値のうち、例えば、"128"を、"SYS_ATSC3.0"に割り当てるようにすることで、sysTypeとして"128"が指定された場合に、ATSC3.0システムにより、sysDataで指定されるデータが利用されること表すようにすることができる。 When "128" is specified as sysType by assigning "128" to "SYS_ATSC3.0", for example, among the values for future expansion from "128" to "255" In addition, the ATSC 3.0 system can indicate that data specified by sysData is used.
 図38には、sysTypeとして、"SYS_ATSC3.0"が指定された場合における、sysData(sysData_atsc3.0)のシンタックスの例を示す図である。 FIG. 38 is a diagram illustrating an example of the syntax of sysData (sysData_atsc3.0) when “SYS_ATSC3.0” is specified as the sysType.
 4ビットのversionには、バージョンが指定される。4ビットのsys_data_typeは、データタイプが指定される。ここでは、sys_data_typeとして、"auth_key"が指定される場合には、key_type,key_id,key_id,valid_from,valid_until,algorithm,enc_param_length,enc_param(),auth_key_length,auth_key,auth_key_versionが指定される。 ∙ The version is specified in the 4-bit version. A 4-bit sys_data_type specifies a data type. Here, when “auth_key” is specified as sys_data_type, key_type, key_id, key_id, valid_from, valid_until, algorithm, enc_param_length, enc_param (), auth_key_length, auth_key, and auth_key_version are specified.
 4ビットのkey_typeは、認証鍵の暗号又は復号に用いられる鍵の種類が指定される。16ビットのkey_idには、認証鍵の暗号又は復号に用いられる鍵のIDが指定される。 4-bit key_type specifies the type of key used for encryption or decryption of the authentication key. The 16-bit key_id specifies the ID of a key used for encryption or decryption of the authentication key.
 32ビットのvalid_fromには、認証鍵の有効期間の開始時刻が指定される。32ビットのvalid_untilには、認証鍵の有効期間の終了時刻が指定される。 The 32-bit valid_from specifies the start time of the validity period of the authentication key. The 32-bit valid_until specifies the end time of the validity period of the authentication key.
 4ビットのalgorithmには、認証鍵の暗号又は復号の暗号アルゴリズムが指定される。8ビットのenc_param_lengthには、認証鍵の暗号又は復号の暗号パラメータ長が指定される。enc_param()は、8*enc_param_lengthビットからなり、認証鍵の暗号又は復号の暗号パラメータが指定される。 Authentic key encryption or decryption encryption algorithm is specified in the 4-bit algorithm. In the 8-bit enc_param_length, the encryption parameter length for encryption or decryption of the authentication key is designated. enc_param () is composed of 8 * enc_param_length bits, and specifies encryption parameters for encryption or decryption of the authentication key.
 8ビットのauth_key_lengthには、認証鍵長が指定される。auth_keyは、8*auth_key_lengthビットからなり、認証鍵が指定される。8ビットのauth_key_versionには、認証鍵のバージョンが指定される。 The authentication key length is specified in the 8-bit auth_key_length. The auth_key consists of 8 * auth_key_length bits, and an authentication key is designated. The authentication key version is specified in 8-bit auth_key_version.
 次に、図39及び図40のフローチャートを参照して、方式3を採用した場合に、図1の伝送システム1を構成する各装置で実行される処理の内容について説明する。 Next, with reference to the flowcharts of FIG. 39 and FIG. 40, the contents of processing executed by each device constituting the transmission system 1 of FIG. 1 when the method 3 is adopted will be described.
(認証鍵配信処理)
 まず、図39のフローチャートを参照して、オーディオユーザデータを利用した場合における認証鍵配信処理の流れについて説明する。なお、この認証鍵配信処理は、図1の送信装置10により、図18のステップS101の処理と並行して実行される処理とされる。 (Authentication key distribution process)
First, the flow of authentication key distribution processing when audio user data is used will be described with reference to the flowchart of FIG. This authentication key distribution process is a process executed in parallel with the process of step S101 of FIG. 18 by the transmission apparatus 10 of FIG.
 ステップS131において、制御部111は、認証鍵を配信するタイミングであるかどうかを判定する。 In step S131, the control unit 111 determines whether it is time to distribute the authentication key.
 ステップS131において、認証鍵を配信するタイミングではないと判定された場合、ステップS131の判定処理が繰り返される。一方、ステップS131において、認証鍵を配信するタイミングであると判定された場合、処理は、ステップS132に進められる。 If it is determined in step S131 that it is not time to distribute the authentication key, the determination process in step S131 is repeated. On the other hand, if it is determined in step S131 that it is time to distribute the authentication key, the process proceeds to step S132.
 ステップS132において、認証鍵生成部151は、受信装置20と視聴履歴サーバ30に提供するための認証鍵を生成する。 In step S132, the authentication key generation unit 151 generates an authentication key to be provided to the receiving device 20 and the viewing history server 30.
 ステップS133において、暗号化部152は、例えば、受信機製造事業者鍵又は受信機鍵等の暗号鍵を用い、ステップS132の処理で生成された認証鍵を暗号化する。このようにして生成された認証鍵は、方式3を採用した場合には、オーディオ処理部115に供給される。 In step S133, the encryption unit 152 encrypts the authentication key generated in the process of step S132 using, for example, an encryption key such as a receiver manufacturer key or a receiver key. The authentication key generated in this way is supplied to the audio processing unit 115 when the method 3 is adopted.
 ステップS134において、オーディオ処理部115は、オーディオストリームを処理する際に、ステップS132の処理で生成された認証鍵を、オーディオユーザデータ(SYSメタフレームのsysData)に追加する。 In step S134, when processing the audio stream, the audio processing unit 115 adds the authentication key generated in the process of step S132 to the audio user data (sysData of SYS metaframe).
 ただし、このとき、SYSメタフレーム(SysMetaFrame)では、sysTypeとして、"128"("SYS_ATSC3.0")が指定され、sysDataとして、sysData_atsc3.0が用いられる。また、sysData_atsc3.0では、sys_data_typeとして、"auth_key"が指定される。 However, at this time, in the SYS metaframe (SysMetaFrame), “128” (“SYS_ATSC3.0”) is specified as sysType, and sysData_atsc3.0 is used as sysData. In sysData_atsc3.0, “auth_key” is specified as sys_data_type.
 以上、認証鍵配信処理の流れについて説明した。この認証鍵配信処理では、SYSメタフレームのsysData_atsc3.0に、"auth_key"であるsys_data_typeと、認証鍵(暗号化認証鍵)が指定されたauth_keyが記述される。そして、当該sysData_atsc3.0を含むSYSメタフレームを含むオーディオストリームが生成され(図18のS101)、デジタル放送信号に含めて送信されることになる(図18のS102)。なお、ステップS132の処理で生成された認証鍵は、視聴履歴サーバ30にも提供されることになる。 The flow of authentication key distribution processing has been described above. In this authentication key distribution processing, sys_data_type that is “auth_key” and auth_key in which an authentication key (encrypted authentication key) is specified are described in sysData_atsc3.0 of the SYS metaframe. Then, an audio stream including a SYS metaframe including the sysData_atsc3.0 is generated (S101 in FIG. 18) and transmitted by being included in the digital broadcast signal (S102 in FIG. 18). Note that the authentication key generated in the process of step S132 is also provided to the viewing history server 30.
(認証鍵取得処理)
 次に、図40のフローチャートを参照して、オーディオユーザデータを利用した場合における認証鍵取得処理の流れについて説明する。なお、この認証鍵取得処理は、図1の受信装置20において、例えば、ユーザによる選局操作に応じて選局されたサービスのコンテンツの視聴中に実行される処理とされる。 (Authentication key acquisition process)
Next, the flow of authentication key acquisition processing when audio user data is used will be described with reference to the flowchart of FIG. Note that this authentication key acquisition process is a process executed in the receiving device 20 of FIG. 1 while, for example, viewing the content of the service selected according to the channel selection operation by the user.
 ステップS281においては、制御部211によって、入力部213からの操作信号等が監視され、サービス選局イベントが発生するまで、待機する。そして、ステップS282において、サービス選局イベントが発生したと判定された場合、処理は、ステップS283に進められる。 In step S281, the control unit 211 monitors an operation signal from the input unit 213 and waits until a service channel selection event occurs. If it is determined in step S282 that a service channel selection event has occurred, the process proceeds to step S283.
 ステップS283において、放送制御部251は、記録部212に記録された選局情報に基づいて、受信部214等の動作を制御することで、選局処理を行う。 In step S283, the broadcast control unit 251 performs channel selection processing by controlling the operation of the reception unit 214 and the like based on the channel selection information recorded in the recording unit 212.
 ステップS284において、放送制御部251は、ビデオ処理部216、オーディオ処理部218、及び、字幕処理部220を制御することで、ビデオ、オーディオ、及び、字幕のコンポーネント(のストリーム)をレンダリングする。 In step S284, the broadcast controller 251 controls the video processor 216, the audio processor 218, and the caption processor 220, thereby rendering video (audio) and caption components (streams thereof).
 ステップS285においては、オーディオストリームのオーディオユーザデータに対する処理を行うかどうかが判定される。ステップS285において、オーディオユーザデータに対する処理を行うと判定された場合、処理は、ステップS286に進められる。 In step S285, it is determined whether or not to process the audio user data of the audio stream. If it is determined in step S285 that the process is to be performed on the audio user data, the process proceeds to step S286.
 ステップS286において、オーディオ処理部218は、オーディオユーザデータ(SYSメタフレームのsysData_atsc3.0)に、認証鍵(暗号化認証鍵)が記述されているかどうかを判定する。ステップS286において、オーディオユーザデータ(SYSメタフレームのsysData_atsc3.0)に、認証鍵(暗号化認証鍵)が記述されていると判定された場合、処理は、ステップS287に進められる。 In step S286, the audio processing unit 218 determines whether an authentication key (encrypted authentication key) is described in the audio user data (sysData_atsc3.0 in the SYS metaframe). If it is determined in step S286 that the audio user data (sysData_atsc3.0 in the SYS metaframe) describes an authentication key (encrypted authentication key), the process proceeds to step S287.
 ステップS287において、認証鍵取得部257等は、認証鍵取得処理を実行する。この認証鍵取得処理では、オーディオユーザデータ(SYSメタフレームのsysData_atsc3.0)に記述された認証鍵(暗号化認証鍵)が復号され、記録部212に記録(保持)される。なお、認証鍵取得処理の詳細な内容については、上述した図34のフローチャートと同様であるため、ここではその詳細な説明を省略する。 In step S287, the authentication key acquisition unit 257 and the like execute an authentication key acquisition process. In this authentication key acquisition process, the authentication key (encrypted authentication key) described in the audio user data (sysData_atsc3.0 in the SYS metaframe) is decrypted and recorded (held) in the recording unit 212. Note that the details of the authentication key acquisition process are the same as those in the flowchart of FIG. 34 described above, and thus detailed description thereof is omitted here.
 一方、ステップS285において、オーディオユーザデータに対する処理を行わないと判定された場合、あるいは、ステップS286において、オーディオユーザデータ(SYSメタフレームのsysData_atsc3.0)に、認証鍵(暗号化認証鍵)が記述されていないと判定された場合、処理は、ステップS288に進められる。 On the other hand, if it is determined in step S285 that no processing is performed on the audio user data, or in step S286, an authentication key (encrypted authentication key) is described in the audio user data (sysData_atsc3.0 of the SYS metaframe). If it is determined that the process has not been performed, the process proceeds to step S288.
 ステップS288においては、ユーザによる視聴が終了するかどうかが判定される。ステップS288において、視聴が終了しないと判定された場合、処理は、ステップS284に戻り、それ以降の処理が繰り返される。一方、ステップS288において、視聴が終了すると判定された場合、図40の認証鍵取得処理は、終了される。 In step S288, it is determined whether viewing by the user ends. If it is determined in step S288 that viewing does not end, the process returns to step S284, and the subsequent processing is repeated. On the other hand, if it is determined in step S288 that viewing is to be terminated, the authentication key acquisition process in FIG. 40 is terminated.
 以上、認証鍵取得処理の流れについて説明した。この認証鍵取得処理では、サービス選局イベントが発生したとき、すなわち、コンテンツの視聴時に、オーディオユーザデータ(SYSメタフレームのsysData_atsc3.0)に、認証鍵(暗号化認証鍵)が記述されている場合には、当該認証鍵が取得され、記録(保持)されることになる。 The flow of authentication key acquisition processing has been described above. In this authentication key acquisition process, an authentication key (encrypted authentication key) is described in audio user data (sysData_atsc3.0 in the SYS metaframe) when a service channel selection event occurs, that is, when content is viewed. In this case, the authentication key is acquired and recorded (held).
 なお、図40の認証鍵取得処理では、コンテンツの視聴時に、SYSメタフレームのsysData_atsc3.0に記述された認証鍵(暗号化認証鍵)が取得される場合を一例に説明したが、他のタイミングで、オーディオユーザデータを利用して伝送される認証鍵が取得され、記録(新規で記録又は更新)されるようにしてもよい。 In the authentication key acquisition process of FIG. 40, the case where the authentication key (encrypted authentication key) described in sysData_atsc3.0 of the SYS metaframe is acquired when viewing the content has been described as an example. Thus, an authentication key transmitted using audio user data may be acquired and recorded (newly recorded or updated).
 また、方式3を採用した場合においても、受信装置20では、視聴履歴情報(CDM)を視聴履歴サーバ30に送信するタイミングとなったとき、図24の視聴履歴情報送信処理が実行され、オーディオユーザデータ(SYSメタフレームのsysData_atsc3.0)から取得された認証鍵、及び、記録部212から読み出された視聴履歴情報(CDM)から、メッセージ認証符号(HMAC)が算出され、視聴履歴情報(CDM)とともに、メッセージ認証符号(HMAC)が、通信回線60を介して視聴履歴サーバ30に送信されることになる。 Even when the method 3 is adopted, the receiving device 20 executes the viewing history information transmission process of FIG. 24 when it is time to transmit the viewing history information (CDM) to the viewing history server 30, and the audio user The message authentication code (HMAC) is calculated from the authentication key acquired from the data (sysData_atsc3.0 of SYS metaframe) and the viewing history information (CDM) read from the recording unit 212, and the viewing history information (CDM The message authentication code (HMAC) is transmitted to the viewing history server 30 via the communication line 60.
 以上のように、認証鍵の伝送方法として、オーディオユーザデータを利用した方式である方式3を採用した場合、オーディオユーザデータに、認証鍵を含めることで、送信装置10から、受信装置20に認証鍵が配信される。また、このような方式3を採用した場合、アンテナで直接受信を行う受信装置20では、オーディオユーザデータを処理できるし、MVPDを経由した間接受信を行う受信装置20であっても、オーディオユーザデータを処理することができるため、それらの受信環境に関係なく、オーディオユーザデータ(SYSメタフレームのsysData_atsc3.0)に含まれる認証鍵を、確実に取得することができる。 As described above, when the method 3 that uses audio user data is adopted as the method for transmitting the authentication key, the authentication key is included in the audio user data so that the transmitting device 10 authenticates the receiving device 20. The key is distributed. In addition, when the method 3 is adopted, the receiving device 20 that directly receives the antenna can process the audio user data, and the audio user data can be processed even if the receiving device 20 performs the indirect reception via the MVPD. Therefore, the authentication key included in the audio user data (sysData_atsc3.0 in the SYS metaframe) can be surely acquired regardless of the reception environment.
 なお、上述した説明では、オーディオユーザデータ(SYSメタフレームのsysData_atsc3.0)に、認証鍵を含めた場合を説明したが、ビデオユーザデータが使用可能な場合には、当該ビデオユーザデータを利用して、認証鍵を含めるようにしてもよい。 In the above description, the case where the authentication key is included in the audio user data (sysData_atsc3.0 of the SYS metaframe) has been described. However, when the video user data is usable, the video user data is used. An authentication key may be included.
<4.変形例> <4. Modification>
 上述した説明としては、地上デジタルテレビ放送の規格として、米国等で採用されている方式であるATSCを説明したが、日本等が採用する方式であるISDB(Integrated Services Digital Broadcasting)や、欧州の各国等が採用する方式であるDVB(Digital Video Broadcasting)などに適用するようにしてもよい。また、地上デジタルテレビ放送に限らず、衛星デジタルテレビ放送やデジタル有線テレビ放送などで採用するようにしてもよい。 In the above explanation, ATSC, which is a method adopted in the United States and the like as a standard for digital terrestrial television broadcasting, has been described. However, ISDB (Integrated Services Digital Broadcasting) adopted by Japan and other countries in Europe and other countries It may be applied to DVB (Digital Video Broadcasting) which is a method adopted by the above. Further, the present invention is not limited to terrestrial digital television broadcasting, but may be adopted for satellite digital television broadcasting, digital cable television broadcasting, and the like.
 また、上述した説明では、認証鍵の伝送方法として、シグナリングを利用した方式1と、ビデオウォータマークを利用した方式2と、オーディオユーザデータを利用した方式3を説明したが、例えば、字幕の表示に用いられるTTML(Timed Text Markup Language)文書のメタデータを利用して、そこに、認証鍵を配置するなど、他の方式を用いて認証鍵が伝送されるようにしてもよい。なお、TTMLは、テキストの表示タイミングや表示レイアウトなどを指定することが可能なマークアップ言語であって、W3C(World Wide Web)により標準化されている。 Further, in the above description, as an authentication key transmission method, method 1 using signaling, method 2 using video watermark, and method 3 using audio user data have been described. The authentication key may be transmitted using other methods such as using the metadata of a TTML (Timed Text Markup Language) used in the above, and placing the authentication key there. TTML is a markup language that can specify text display timing, display layout, etc., and is standardized by W3C (World Wide Web).
 さらに、上述した説明では、メッセージを認証するための短い情報であるメッセージ認証符号(MAC:Message Authentication Code)の一例として、HMAC(Hash-based Message Authentication Code)を用いた場合を説明したが、HMAC以外の他のメッセージ認証符号を用いるようにしてもよい。 Furthermore, in the above description, a case where HMAC (Hash-based Message Authentication Code) is used as an example of a message authentication code (MAC) that is short information for authenticating a message has been described. Other message authentication codes other than those may be used.
<5.コンピュータの構成> <5. Computer configuration>
 上述した一連の処理は、ハードウェアにより実行することもできるし、ソフトウェアにより実行することもできる。一連の処理をソフトウェアにより実行する場合には、そのソフトウェアを構成するプログラムが、コンピュータにインストールされる。図41は、上述した一連の処理をプログラムにより実行するコンピュータのハードウェアの構成例を示す図である。 The series of processes described above can be executed by hardware or software. When a series of processing is executed by software, a program constituting the software is installed in the computer. FIG. 41 is a diagram illustrating a configuration example of hardware of a computer that executes the above-described series of processing by a program.
 コンピュータ900において、CPU(Central Processing Unit)901,ROM(Read Only Memory)902,RAM(Random Access Memory)903は、バス904により相互に接続されている。バス904には、さらに、入出力インターフェース905が接続されている。入出力インターフェース905には、入力部906、出力部907、記録部908、通信部909、及び、ドライブ910が接続されている。 In the computer 900, a CPU (Central Processing Unit) 901, a ROM (Read Only Memory) 902, and a RAM (Random Access Memory) 903 are connected to each other by a bus 904. An input / output interface 905 is further connected to the bus 904. An input unit 906, an output unit 907, a recording unit 908, a communication unit 909, and a drive 910 are connected to the input / output interface 905.
 入力部906は、キーボード、マウス、マイクロフォンなどよりなる。出力部907は、ディスプレイ、スピーカなどよりなる。記録部908は、ハードディスクや不揮発性のメモリなどよりなる。通信部909は、ネットワークインターフェースなどよりなる。ドライブ910は、磁気ディスク、光ディスク、光磁気ディスク、又は半導体メモリなどのリムーバブルメディア911を駆動する。 The input unit 906 includes a keyboard, a mouse, a microphone, and the like. The output unit 907 includes a display, a speaker, and the like. The recording unit 908 includes a hard disk, a nonvolatile memory, and the like. The communication unit 909 includes a network interface or the like. The drive 910 drives a removable medium 911 such as a magnetic disk, an optical disk, a magneto-optical disk, or a semiconductor memory.
 以上のように構成されるコンピュータ900では、CPU901が、ROM902や記録部908に記録されているプログラムを、入出力インターフェース905及びバス904を介して、RAM903にロードして実行することにより、上述した一連の処理が行われる。 In the computer 900 configured as described above, the CPU 901 loads the program recorded in the ROM 902 or the recording unit 908 to the RAM 903 via the input / output interface 905 and the bus 904, and executes the program. A series of processing is performed.
 コンピュータ900(CPU901)が実行するプログラムは、例えば、パッケージメディア等としてのリムーバブルメディア911に記録して提供することができる。また、プログラムは、ローカルエリアネットワーク、インターネット、デジタル衛星放送といった、有線又は無線の伝送媒体を介して提供することができる。 The program executed by the computer 900 (CPU 901) can be provided by being recorded on a removable medium 911 as a package medium, for example. The program can be provided via a wired or wireless transmission medium such as a local area network, the Internet, or digital satellite broadcasting.
 コンピュータ900では、プログラムは、リムーバブルメディア911をドライブ910に装着することにより、入出力インターフェース905を介して、記録部908にインストールすることができる。また、プログラムは、有線又は無線の伝送媒体を介して、通信部909で受信し、記録部908にインストールすることができる。その他、プログラムは、ROM902や記録部908に、あらかじめインストールしておくことができる。 In the computer 900, the program can be installed in the recording unit 908 via the input / output interface 905 by installing the removable medium 911 in the drive 910. Further, the program can be received by the communication unit 909 via a wired or wireless transmission medium and installed in the recording unit 908. In addition, the program can be installed in the ROM 902 or the recording unit 908 in advance.
 ここで、本明細書において、コンピュータがプログラムに従って行う処理は、必ずしもフローチャートとして記載された順序に沿って時系列に行われる必要はない。すなわち、コンピュータがプログラムに従って行う処理は、並列的あるいは個別に実行される処理(例えば、並列処理あるいはオブジェクトによる処理)も含む。また、プログラムは、1のコンピュータ(プロセッサ)により処理されるものであってもよいし、複数のコンピュータによって分散処理されるものであってもよい。 Here, in the present specification, the processing performed by the computer according to the program does not necessarily have to be performed in chronological order in the order described as the flowchart. That is, the processing performed by the computer according to the program includes processing executed in parallel or individually (for example, parallel processing or object processing). The program may be processed by one computer (processor), or may be processed in a distributed manner by a plurality of computers.
 なお、本技術の実施の形態は、上述した実施の形態に限定されるものではなく、本技術の要旨を逸脱しない範囲において種々の変更が可能である。 Note that the embodiments of the present technology are not limited to the above-described embodiments, and various modifications can be made without departing from the gist of the present technology.
 また、本技術は、以下のような構成をとることができる。 Also, the present technology can take the following configurations.
(1)
 IP(Internet Protocol)伝送方式を用いたデジタル放送の放送波を受信する受信部と、
 前記放送波で伝送される認証鍵を取得する取得部と、
 前記認証鍵、及び、前記放送波で伝送されるコンテンツの視聴履歴に関する視聴履歴情報に基づいて、メッセージ認証符号を算出する算出部と、
 前記視聴履歴情報とともに、前記メッセージ認証符号を、前記視聴履歴情報を収集する視聴履歴サーバに送信する制御を行う制御部と
 を備える受信装置。
(2)
 前記認証鍵は、シグナリングとして伝送され、
 前記取得部は、前記シグナリングに含まれる前記認証鍵を取得する
 (1)に記載の受信装置。
(3)
 UDP(User Datagram Protocol)パケットを含むIPパケットは、そのペイロードに、暗号鍵で暗号化された前記認証鍵を配置している
 (2)に記載の受信装置。
(4)
 前記ペイロードのヘッダは、前記認証鍵の宛先を示す情報とバージョン情報を配置している
 (3)に記載の受信装置。
(5)
 前記暗号鍵は、前記受信装置の製造事業者鍵又は受信機鍵であり、
 前記認証鍵の宛先を示す情報は、前記受信装置の製造事業者ID又は受信機IDである
 (4)に記載の受信装置。
(6)
 前記暗号鍵で暗号化された前記認証鍵は、その暗号化に関する情報とともに、所定の規格で規定されるメタデータに包含されている
 (3)に記載の受信装置。
(7)
 前記認証鍵の宛先を示す情報に基づいて、前記暗号鍵で暗号化された前記認証鍵をフィルタリングするフィルタ部と、
 あらかじめ保持している復号鍵に基づいて、フィルタリングで得られた前記暗号鍵で暗号化された前記認証鍵を復号する復号部と
 をさらに備える(4)又は(5)に記載の受信装置。
(8)
 前記認証鍵は、前記コンテンツを構成するビデオ又はオーディオのウォータマークに含めて伝送され、
 前記取得部は、前記ウォータマークに含まれる前記認証鍵を取得する
 (1)に記載の受信装置。
(9)
 前記認証鍵は、前記コンテンツを構成するビデオ又はオーディオのユーザデータに含めて伝送され、
 前記取得部は、前記ユーザデータに含まれる前記認証鍵を取得する
 (1)に記載の受信装置。
(10)
 前記放送波で伝送される、前記視聴履歴サーバの宛先を示す宛先情報を取得する取得部と、
 前記視聴履歴情報を管理する管理部と
 をさらに備え、
 前記制御部は、前記宛先情報に基づいて、前記視聴履歴情報と前記メッセージ認証符号を、通信回線を介して前記視聴履歴サーバ宛てに送信する
 (1)乃至(9)のいずれかに記載の受信装置。
(11)
 前記IP伝送方式は、ATSC(Advanced Television Systems Committee)3.0に準拠し、
 前記メッセージ認証符号は、HMAC(Hash-based Message Authentication Code)であり、
 前記視聴履歴情報は、ATSCで規定されるCDM(Consumption Data Message)である
 (1)乃至(10)のいずれかに記載の受信装置。
(12)
 受信装置のデータ処理方法において、
 前記受信装置が、
 IP伝送方式を用いたデジタル放送の放送波を受信し、
 前記放送波で伝送される認証鍵を取得し、
 前記認証鍵、及び、前記放送波で伝送されるコンテンツの視聴履歴に関する視聴履歴情報に基づいて、メッセージ認証符号を算出し、
 前記視聴履歴情報とともに、前記メッセージ認証符号を、前記視聴履歴情報を収集する視聴履歴サーバに送信する制御を行う
 ステップを含むデータ処理方法。
(13)
 コンテンツを受信する受信装置から送信されてくる、前記コンテンツの視聴履歴に関する視聴履歴情報、及び、前記コンテンツを送信する送信装置からの認証鍵と前記視聴履歴情報とから算出された第1のメッセージ認証符号を取得する取得部と、
 前記送信装置から送信されてくる前記認証鍵、及び、前記視聴履歴情報に基づいて、第2のメッセージ認証符号を算出する算出部と、
 前記第1のメッセージ認証符号と、前記第2のメッセージ認証符号とを比較して、前記第1のメッセージ認証符号を検証する比較部と、
 前記第1のメッセージ認証符号の検証結果に応じて、前記視聴履歴情報を処理する処理部と
 を備える情報処理装置。
(14)
 前記第1のメッセージ認証符号、及び、前記第2のメッセージ認証符号は、HMACであり、
 前記視聴履歴情報は、ATSCで規定されるCDMである
 (13)に記載の情報処理装置。
(15)
 情報処理装置のデータ処理方法において、
 前記情報処理装置が、
 コンテンツを受信する受信装置から送信されてくる、前記コンテンツの視聴履歴に関する視聴履歴情報、及び、前記コンテンツを送信する送信装置からの認証鍵と前記視聴履歴情報とから算出された第1のメッセージ認証符号を取得し、
 前記送信装置から送信されてくる前記認証鍵、及び、前記視聴履歴情報に基づいて、第2のメッセージ認証符号を算出し、
 前記第1のメッセージ認証符号と、前記第2のメッセージ認証符号とを比較して、前記第1のメッセージ認証符号を検証する
 前記第1のメッセージ認証符号の検証結果に応じて、前記視聴履歴情報を処理する
 ステップを含むデータ処理方法。
(16)
 コンテンツを受信する受信装置、及び、前記コンテンツの視聴履歴に関する視聴履歴情報を収集する視聴履歴サーバに提供するための認証鍵を生成する生成部と、
 IP伝送方式を用いたデジタル放送の放送波により、複数の前記受信装置に対して、前記コンテンツとともに、前記認証鍵を送信する送信部と
 前記認証鍵を、前記視聴履歴サーバに提供する提供部と
 を備える送信装置。
(17)
 前記認証鍵は、前記放送波により、シグナリングとして伝送される
 (16)に記載の送信装置。
(18)
 前記認証鍵は、前記放送波により、前記コンテンツを構成するビデオ又はオーディオのウォータマークに含めて伝送される
 (16)に記載の送信装置。
(19)
 前記認証鍵は、前記放送波により、前記コンテンツを構成するビデオ又はオーディオのユーザデータに含めて伝送される
 (16)に記載の送信装置。
(20)
 送信装置のデータ処理方法において、
 前記送信装置が、
 コンテンツを受信する受信装置、及び、前記コンテンツの視聴履歴に関する視聴履歴情報を収集する視聴履歴サーバに提供するための認証鍵を生成し、
 IP伝送方式を用いたデジタル放送の放送波により、複数の前記受信装置に対して、前記コンテンツとともに、前記認証鍵を送信し、
 前記認証鍵を、前記視聴履歴サーバに提供する
 ステップを含むデータ処理方法。 (1)
A receiving unit for receiving a broadcast wave of digital broadcasting using an IP (Internet Protocol) transmission method;
An acquisition unit for acquiring an authentication key transmitted by the broadcast wave;
A calculation unit that calculates a message authentication code based on the authentication key and viewing history information regarding the viewing history of the content transmitted on the broadcast wave;
And a control unit that performs control to transmit the message authentication code together with the viewing history information to a viewing history server that collects the viewing history information.
(2)
The authentication key is transmitted as signaling,
The receiving device according to (1), wherein the acquisition unit acquires the authentication key included in the signaling.
(3)
The receiving apparatus according to (2), wherein an IP packet including a UDP (User Datagram Protocol) packet includes the authentication key encrypted with an encryption key in its payload.
(4)
The receiving device according to (3), wherein the payload header includes information indicating a destination of the authentication key and version information.
(5)
The encryption key is a manufacturer key or receiver key of the receiving device,
The receiving device according to (4), wherein the information indicating the destination of the authentication key is a manufacturer ID or a receiver ID of the receiving device.
(6)
The receiving apparatus according to (3), wherein the authentication key encrypted with the encryption key is included in metadata defined by a predetermined standard together with information related to the encryption.
(7)
A filter unit that filters the authentication key encrypted with the encryption key based on information indicating a destination of the authentication key;
The receiving device according to (4) or (5), further comprising: a decrypting unit that decrypts the authentication key encrypted with the encryption key obtained by filtering based on a decryption key held in advance.
(8)
The authentication key is transmitted by being included in a video or audio watermark constituting the content,
The receiving device according to (1), wherein the acquisition unit acquires the authentication key included in the watermark.
(9)
The authentication key is transmitted by being included in video or audio user data constituting the content,
The receiving device according to (1), wherein the acquisition unit acquires the authentication key included in the user data.
(10)
An acquisition unit configured to acquire destination information indicating a destination of the viewing history server transmitted through the broadcast wave;
A management unit for managing the viewing history information;
The control unit transmits the viewing history information and the message authentication code to the viewing history server via a communication line based on the destination information. Reception according to any one of (1) to (9) apparatus.
(11)
The IP transmission method conforms to ATSC (Advanced Television Systems Committee) 3.0,
The message authentication code is HMAC (Hash-based Message Authentication Code),
The receiving device according to any one of (1) to (10), wherein the viewing history information is CDM (Consumption Data Message) defined by ATSC.
(12)
In the data processing method of the receiving device,
The receiving device is
Receive broadcast waves of digital broadcasting using the IP transmission method,
Obtain an authentication key transmitted on the broadcast wave,
Based on the authentication key and viewing history information regarding the viewing history of the content transmitted on the broadcast wave, a message authentication code is calculated,
A data processing method including a step of performing control to transmit the message authentication code together with the viewing history information to a viewing history server that collects the viewing history information.
(13)
First message authentication calculated from the viewing history information related to the viewing history of the content and the authentication key from the transmitting device that transmits the content and the viewing history information transmitted from the receiving device that receives the content An acquisition unit for acquiring a code;
A calculation unit that calculates a second message authentication code based on the authentication key transmitted from the transmission device and the viewing history information;
A comparison unit that compares the first message authentication code and the second message authentication code to verify the first message authentication code;
An information processing apparatus comprising: a processing unit that processes the viewing history information according to a verification result of the first message authentication code.
(14)
The first message authentication code and the second message authentication code are HMAC,
The information processing apparatus according to (13), wherein the viewing history information is CDM defined by ATSC.
(15)
In the data processing method of the information processing apparatus,
The information processing apparatus is
First message authentication calculated from the viewing history information related to the viewing history of the content and the authentication key from the transmitting device that transmits the content and the viewing history information transmitted from the receiving device that receives the content Get the sign,
Based on the authentication key transmitted from the transmission device and the viewing history information, a second message authentication code is calculated,
The first message authentication code and the second message authentication code are compared to verify the first message authentication code. The viewing history information is determined according to the verification result of the first message authentication code. A data processing method comprising the steps of:
(16)
A receiving unit that receives content, and a generation unit that generates an authentication key for providing to a viewing history server that collects viewing history information related to the viewing history of the content;
A transmitting unit that transmits the authentication key together with the content to a plurality of receiving devices by a broadcast wave of digital broadcasting using an IP transmission method; and a providing unit that provides the authentication key to the viewing history server; A transmission device comprising:
(17)
The transmission device according to (16), wherein the authentication key is transmitted as signaling by the broadcast wave.
(18)
The transmission device according to (16), wherein the authentication key is transmitted by being included in a video or audio watermark constituting the content by the broadcast wave.
(19)
The transmission device according to (16), wherein the authentication key is transmitted by being included in video or audio user data constituting the content by the broadcast wave.
(20)
In the data processing method of the transmission device,
The transmitting device is
Generating an authentication key for providing to a receiving device that receives content, and a viewing history server that collects viewing history information related to the viewing history of the content;
With the broadcast wave of digital broadcasting using the IP transmission method, the authentication key is transmitted together with the content to the plurality of receiving devices,
A data processing method including the step of providing the authentication key to the viewing history server.
 1 伝送システム, 10 送信装置, 20 受信装置, 30 視聴履歴サーバ, 40 送信設備, 50 配信装置, 60 通信回線, 111 制御部, 112 ビデオデータ取得部, 113 ビデオ処理部, 114 オーディオデータ取得部, 115 オーディオ処理部, 116 字幕データ取得部, 117 字幕処理部, 118 シグナリング生成部, 119 シグナリング処理部, 120 マルチプレクサ, 121 送信部, 122 通信部, 151 認証鍵生成部, 152 暗号化部, 211 制御部, 212 記録部, 213 入力部, 214 受信部, 215 デマルチプレクサ, 216 ビデオ処理部, 217 ビデオ出力部, 218 オーディオ処理部, 219 オーディオ出力部, 220 字幕処理部, 221 表示部, 222 スピーカ, 223 通信部, 224 セキュアメモリ, 251 放送制御部, 252 通信制御部, 253 視聴履歴情報管理部, 254 視聴履歴サーバURL取得部, 255 フィルタ部, 256 復号部, 257 認証鍵取得部, 258 メッセージ認証符号算出部, 311 制御部, 312 通信部, 313 視聴履歴情報蓄積部, 351 メッセージ認証符号取得部, 352 認証鍵取得部, 353 メッセージ認証符号算出部, 354 メッセージ認証符号比較部, 355 視聴履歴情報管理部, 356 視聴履歴情報分析部, 900 コンピュータ, 901 CPU 1 transmission system, 10 transmission device, 20 reception device, 30 viewing history server, 40 transmission equipment, 50 distribution device, 60 communication line, 111 control unit, 112 video data acquisition unit, 113 video processing unit, 114 audio data acquisition unit, 115 audio processing unit, 116 subtitle data acquisition unit, 117 subtitle processing unit, 118 signaling generation unit, 119 signaling processing unit, 120 multiplexer, 121 transmission unit, 122 communication unit, 151 authentication key generation unit, 152 encryption unit, 211 control Part, 212 recording part, 213 input part, 214 receiving part, 215 demultiplexer, 216 video processing part, 217 video output part, 218 audio processing part, 21 Audio output unit, 220 subtitle processing unit, 221 display unit, 222 speaker, 223 communication unit, 224 secure memory, 251 broadcast control unit, 252 communication control unit, 253 viewing history information management unit, 254 viewing history server URL acquisition unit, 255 Filter unit, 256 decryption unit, 257 authentication key acquisition unit, 258 message authentication code calculation unit, 311 control unit, 312 communication unit, 313 viewing history information storage unit, 351 message authentication code acquisition unit, 352 authentication key acquisition unit, 353 message Authentication code calculation unit, 354 message authentication code comparison unit, 355 viewing history information management unit, 356 viewing history information analysis unit, 900 computer, 901 CPU

Claims (20)

  1.  IP(Internet Protocol)伝送方式を用いたデジタル放送の放送波を受信する受信部と、
     前記放送波で伝送される認証鍵を取得する取得部と、
     前記認証鍵、及び、前記放送波で伝送されるコンテンツの視聴履歴に関する視聴履歴情報に基づいて、メッセージ認証符号を算出する算出部と、
     前記視聴履歴情報とともに、前記メッセージ認証符号を、前記視聴履歴情報を収集する視聴履歴サーバに送信する制御を行う制御部と
     を備える受信装置。     A receiving unit for receiving a broadcast wave of digital broadcasting using an IP (Internet Protocol) transmission method;
    An acquisition unit for acquiring an authentication key transmitted by the broadcast wave;
    A calculation unit that calculates a message authentication code based on the authentication key and viewing history information regarding the viewing history of the content transmitted on the broadcast wave;
    And a control unit that performs control to transmit the message authentication code together with the viewing history information to a viewing history server that collects the viewing history information.
  2.  前記認証鍵は、シグナリングとして伝送され、
     前記取得部は、前記シグナリングに含まれる前記認証鍵を取得する
     請求項1に記載の受信装置。     The authentication key is transmitted as signaling,
    The receiving device according to claim 1, wherein the acquisition unit acquires the authentication key included in the signaling.
  3.  UDP(User Datagram Protocol)パケットを含むIPパケットは、そのペイロードに、暗号鍵で暗号化された前記認証鍵を配置している
     請求項2に記載の受信装置。     The receiving device according to claim 2, wherein an IP packet including a UDP (User Datagram Protocol) packet has the authentication key encrypted with an encryption key arranged in a payload thereof.
  4.  前記ペイロードのヘッダは、前記認証鍵の宛先を示す情報とバージョン情報を配置している
     請求項3に記載の受信装置。     The receiving device according to claim 3, wherein information indicating a destination of the authentication key and version information are arranged in the header of the payload.
  5.  前記暗号鍵は、前記受信装置の製造事業者鍵又は受信機鍵であり、
     前記認証鍵の宛先を示す情報は、前記受信装置の製造事業者ID又は受信機IDである
     請求項4に記載の受信装置。     The encryption key is a manufacturer key or receiver key of the receiving device,
    The receiving apparatus according to claim 4, wherein the information indicating the destination of the authentication key is a manufacturer ID or a receiver ID of the receiving apparatus.
  6.  前記暗号鍵で暗号化された前記認証鍵は、その暗号化に関する情報とともに、所定の規格で規定されるメタデータに包含されている
     請求項3に記載の受信装置。     The receiving apparatus according to claim 3, wherein the authentication key encrypted with the encryption key is included in metadata defined by a predetermined standard together with information related to the encryption.
  7.  前記認証鍵の宛先を示す情報に基づいて、前記暗号鍵で暗号化された前記認証鍵をフィルタリングするフィルタ部と、
     あらかじめ保持している復号鍵に基づいて、フィルタリングで得られた前記暗号鍵で暗号化された前記認証鍵を復号する復号部と
     をさらに備える請求項4に記載の受信装置。     A filter unit that filters the authentication key encrypted with the encryption key based on information indicating a destination of the authentication key;
    The receiving device according to claim 4, further comprising: a decrypting unit that decrypts the authentication key encrypted with the encryption key obtained by filtering based on a decryption key held in advance.
  8.  前記認証鍵は、前記コンテンツを構成するビデオ又はオーディオのウォータマークに含めて伝送され、
     前記取得部は、前記ウォータマークに含まれる前記認証鍵を取得する
     請求項1に記載の受信装置。     The authentication key is transmitted by being included in a video or audio watermark constituting the content,
    The receiving device according to claim 1, wherein the acquisition unit acquires the authentication key included in the watermark.
  9.  前記認証鍵は、前記コンテンツを構成するビデオ又はオーディオのユーザデータに含めて伝送され、
     前記取得部は、前記ユーザデータに含まれる前記認証鍵を取得する
     請求項1に記載の受信装置。     The authentication key is transmitted by being included in video or audio user data constituting the content,
    The receiving device according to claim 1, wherein the acquisition unit acquires the authentication key included in the user data.
  10.  前記放送波で伝送される、前記視聴履歴サーバの宛先を示す宛先情報を取得する取得部と、
     前記視聴履歴情報を管理する管理部と
     をさらに備え、
     前記制御部は、前記宛先情報に基づいて、前記視聴履歴情報と前記メッセージ認証符号を、通信回線を介して前記視聴履歴サーバ宛てに送信する
     請求項1に記載の受信装置。     An acquisition unit configured to acquire destination information indicating a destination of the viewing history server transmitted through the broadcast wave;
    A management unit for managing the viewing history information;
    The receiving device according to claim 1, wherein the control unit transmits the viewing history information and the message authentication code to the viewing history server via a communication line based on the destination information.
  11.  前記IP伝送方式は、ATSC(Advanced Television Systems Committee)3.0に準拠し、
     前記メッセージ認証符号は、HMAC(Hash-based Message Authentication Code)であり、
     前記視聴履歴情報は、ATSCで規定されるCDM(Consumption Data Message)である
     請求項1に記載の受信装置。     The IP transmission method conforms to ATSC (Advanced Television Systems Committee) 3.0,
    The message authentication code is HMAC (Hash-based Message Authentication Code),
    The receiving device according to claim 1, wherein the viewing history information is CDM (Consumption Data Message) defined by ATSC.
  12.  受信装置のデータ処理方法において、
     前記受信装置が、
     IP伝送方式を用いたデジタル放送の放送波を受信し、
     前記放送波で伝送される認証鍵を取得し、
     前記認証鍵、及び、前記放送波で伝送されるコンテンツの視聴履歴に関する視聴履歴情報に基づいて、メッセージ認証符号を算出し、
     前記視聴履歴情報とともに、前記メッセージ認証符号を、前記視聴履歴情報を収集する視聴履歴サーバに送信する制御を行う
     ステップを含むデータ処理方法。     In the data processing method of the receiving device,
    The receiving device is
    Receive broadcast waves of digital broadcasting using the IP transmission method,
    Obtain an authentication key transmitted on the broadcast wave,
    Based on the authentication key and viewing history information regarding the viewing history of the content transmitted on the broadcast wave, a message authentication code is calculated,
    A data processing method including a step of performing control to transmit the message authentication code together with the viewing history information to a viewing history server that collects the viewing history information.
  13.  コンテンツを受信する受信装置から送信されてくる、前記コンテンツの視聴履歴に関する視聴履歴情報、及び、前記コンテンツを送信する送信装置からの認証鍵と前記視聴履歴情報とから算出された第1のメッセージ認証符号を取得する取得部と、
     前記送信装置から送信されてくる前記認証鍵、及び、前記視聴履歴情報に基づいて、第2のメッセージ認証符号を算出する算出部と、
     前記第1のメッセージ認証符号と、前記第2のメッセージ認証符号とを比較して、前記第1のメッセージ認証符号を検証する比較部と、
     前記第1のメッセージ認証符号の検証結果に応じて、前記視聴履歴情報を処理する処理部と
     を備える情報処理装置。     First message authentication calculated from the viewing history information related to the viewing history of the content and the authentication key from the transmitting device that transmits the content and the viewing history information transmitted from the receiving device that receives the content An acquisition unit for acquiring a code;
    A calculation unit that calculates a second message authentication code based on the authentication key transmitted from the transmission device and the viewing history information;
    A comparison unit that compares the first message authentication code and the second message authentication code to verify the first message authentication code;
    An information processing apparatus comprising: a processing unit that processes the viewing history information according to a verification result of the first message authentication code.
  14.  前記第1のメッセージ認証符号、及び、前記第2のメッセージ認証符号は、HMACであり、
     前記視聴履歴情報は、ATSCで規定されるCDMである
     請求項13に記載の情報処理装置。     The first message authentication code and the second message authentication code are HMAC,
    The information processing apparatus according to claim 13, wherein the viewing history information is CDM defined by ATSC.
  15.  情報処理装置のデータ処理方法において、
     前記情報処理装置が、
     コンテンツを受信する受信装置から送信されてくる、前記コンテンツの視聴履歴に関する視聴履歴情報、及び、前記コンテンツを送信する送信装置からの認証鍵と前記視聴履歴情報とから算出された第1のメッセージ認証符号を取得し、
     前記送信装置から送信されてくる前記認証鍵、及び、前記視聴履歴情報に基づいて、第2のメッセージ認証符号を算出し、
     前記第1のメッセージ認証符号と、前記第2のメッセージ認証符号とを比較して、前記第1のメッセージ認証符号を検証する
     前記第1のメッセージ認証符号の検証結果に応じて、前記視聴履歴情報を処理する
     ステップを含むデータ処理方法。     In the data processing method of the information processing apparatus,
    The information processing apparatus is
    First message authentication calculated from the viewing history information related to the viewing history of the content and the authentication key from the transmitting device that transmits the content and the viewing history information transmitted from the receiving device that receives the content Get the sign,
    Based on the authentication key transmitted from the transmission device and the viewing history information, a second message authentication code is calculated,
    The first message authentication code and the second message authentication code are compared to verify the first message authentication code. The viewing history information is determined according to the verification result of the first message authentication code. A data processing method comprising the steps of:
  16.  コンテンツを受信する受信装置、及び、前記コンテンツの視聴履歴に関する視聴履歴情報を収集する視聴履歴サーバに提供するための認証鍵を生成する生成部と、
     IP伝送方式を用いたデジタル放送の放送波により、複数の前記受信装置に対して、前記コンテンツとともに、前記認証鍵を送信する送信部と
     前記認証鍵を、前記視聴履歴サーバに提供する提供部と
     を備える送信装置。     A receiving unit that receives content, and a generation unit that generates an authentication key for providing to a viewing history server that collects viewing history information related to the viewing history of the content;
    A transmitting unit that transmits the authentication key together with the content to a plurality of receiving devices by a broadcast wave of digital broadcasting using an IP transmission method; A transmission device comprising:
  17.  前記認証鍵は、前記放送波により、シグナリングとして伝送される
     請求項16に記載の送信装置。     The transmission device according to claim 16, wherein the authentication key is transmitted as signaling by the broadcast wave.
  18.  前記認証鍵は、前記放送波により、前記コンテンツを構成するビデオ又はオーディオのウォータマークに含めて伝送される
     請求項16に記載の送信装置。     The transmission device according to claim 16, wherein the authentication key is transmitted by being included in a video or audio watermark constituting the content by the broadcast wave.
  19.  前記認証鍵は、前記放送波により、前記コンテンツを構成するビデオ又はオーディオのユーザデータに含めて伝送される
     請求項16に記載の送信装置。     The transmission device according to claim 16, wherein the authentication key is transmitted by being included in video or audio user data constituting the content by the broadcast wave.
  20.  送信装置のデータ処理方法において、
     前記送信装置が、
     コンテンツを受信する受信装置、及び、前記コンテンツの視聴履歴に関する視聴履歴情報を収集する視聴履歴サーバに提供するための認証鍵を生成し、
     IP伝送方式を用いたデジタル放送の放送波により、複数の前記受信装置に対して、前記コンテンツとともに、前記認証鍵を送信し、
     前記認証鍵を、前記視聴履歴サーバに提供する
     ステップを含むデータ処理方法。     In the data processing method of the transmission device,
    The transmitting device is
    Generating an authentication key for providing to a receiving device that receives content, and a viewing history server that collects viewing history information related to the viewing history of the content;
    With the broadcast wave of digital broadcasting using the IP transmission method, the authentication key is transmitted together with the content to the plurality of receiving devices,
    A data processing method including the step of providing the authentication key to the viewing history server.
PCT/JP2016/068677 2015-07-07 2016-06-23 Receiver, transmitter, information processing device, and data processing method WO2017006773A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2015-136481 2015-07-07
JP2015136481 2015-07-07

Publications (1)

Publication Number Publication Date
WO2017006773A1 true WO2017006773A1 (en) 2017-01-12

Family

ID=57685593

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2016/068677 WO2017006773A1 (en) 2015-07-07 2016-06-23 Receiver, transmitter, information processing device, and data processing method

Country Status (1)

Country Link
WO (1) WO2017006773A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018143559A1 (en) * 2017-02-03 2018-08-09 엘지전자 주식회사 Broadcast signal transmission/reception method and device for signaling distribution of application file in hybrid broadcast system
CN111601288A (en) * 2020-06-30 2020-08-28 嘉应学院 Safe and efficient agricultural environment data communication method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH08331542A (en) * 1995-05-30 1996-12-13 Sony Corp Descrambler, viewing history receiver, scramble broadcast system and scramble broadcast method
US20150089295A1 (en) * 2013-09-25 2015-03-26 Lexmark International, Inc. Systems and Methods of Verifying Operational Information Associated with an Imaging Device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH08331542A (en) * 1995-05-30 1996-12-13 Sony Corp Descrambler, viewing history receiver, scramble broadcast system and scramble broadcast method
US20150089295A1 (en) * 2013-09-25 2015-03-26 Lexmark International, Inc. Systems and Methods of Verifying Operational Information Associated with an Imaging Device

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018143559A1 (en) * 2017-02-03 2018-08-09 엘지전자 주식회사 Broadcast signal transmission/reception method and device for signaling distribution of application file in hybrid broadcast system
US10756835B2 (en) 2017-02-03 2020-08-25 Lg Electronics Inc. Method and device for transmitting and receiving broadcast signal for application file filtering in hybrid broadcast system
US11133881B2 (en) 2017-02-03 2021-09-28 Lg Electronics Inc. Method and device for transmitting and receiving broadcast signal for application file filtering in hybrid broadcast system
CN111601288A (en) * 2020-06-30 2020-08-28 嘉应学院 Safe and efficient agricultural environment data communication method
CN111601288B (en) * 2020-06-30 2023-05-02 嘉应学院 Safe and efficient agricultural environment data communication method

Similar Documents

Publication Publication Date Title
US10977631B2 (en) Secure content transfer systems and methods to operate the same
US9967521B2 (en) Methods and apparatus to provide content on demand in content broadcast systems
US9743121B2 (en) Methods and apparatus to conditionally authorize content delivery at broadcast headends in pay delivery systems
US8732780B2 (en) Content delivery systems and methods to operate the same
US8095466B2 (en) Methods and apparatus to conditionally authorize content delivery at content servers in pay delivery systems
US8001565B2 (en) Methods and apparatus to conditionally authorize content delivery at receivers in pay delivery systems
KR102536243B1 (en) Receiving device, transmitting device, and data processing method
KR102004681B1 (en) Method and multimedia unit for processing a digital broadcast transport stream
CN104396268A (en) Content transmission device
US20070265973A1 (en) Methods and apparatus to protect content in home networks
JP2015154238A5 (en)
WO2017006773A1 (en) Receiver, transmitter, information processing device, and data processing method
KR102536086B1 (en) Receiving device, sending device, and data processing method
JP2011223417A (en) Information distribution system, information receiving apparatus, information reception method, information distribution apparatus, and program
JP4575518B1 (en) Information distribution management device, information distribution management method, information distribution management program, and information distribution system
JP5471641B2 (en) Information distribution system, information transmission / reception device
WO2011129205A1 (en) Information delivering system, information receiving apparatus, information receiving method, information delivering apparatus, and program
WO2011039897A1 (en) Information delivering system, information delivering apparatus, information delivering method, information delivering program, information receiving apparatus, information receiving method and information receiving program

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16821243

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

NENP Non-entry into the national phase

Ref country code: JP

122 Ep: pct application non-entry in european phase

Ref document number: 16821243

Country of ref document: EP

Kind code of ref document: A1