CN101131721B - Information processing apparatus, information recording medium, information processing method, and computer program - Google Patents

Information processing apparatus, information recording medium, information processing method, and computer program Download PDF

Info

Publication number
CN101131721B
CN101131721B CN2006101262168A CN200610126216A CN101131721B CN 101131721 B CN101131721 B CN 101131721B CN 2006101262168 A CN2006101262168 A CN 2006101262168A CN 200610126216 A CN200610126216 A CN 200610126216A CN 101131721 B CN101131721 B CN 101131721B
Authority
CN
China
Prior art keywords
register
application execution
information processing
execution unit
security information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN2006101262168A
Other languages
Chinese (zh)
Other versions
CN101131721A (en
Inventor
高岛芳和
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sony Corp
Original Assignee
Sony Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sony Corp filed Critical Sony Corp
Publication of CN101131721A publication Critical patent/CN101131721A/en
Application granted granted Critical
Publication of CN101131721B publication Critical patent/CN101131721B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

An information processing device, for executing content reproduction processing from an information recording medium, includes a security information processing unit for determining output messages based on security check information in a content reproduction sequence, and outputting a message output command accompanied by selection information of the output message to a user interface processing unit, and a user information processing unit for obtaining message information based on the selection information input from said security information processing unit and outputting to a display unit.

Description

Messaging device, information recording carrier, information processing method, and computer program
The cross reference of related application
The application requires the right of priority of the U.S. Provisional Patent Application 60/724,780 of submission on October 11st, 2005.
The present invention comprises and relates to the theme of on August 26th, 2005 to the Japanese patent application JP2005-245943 of Jap.P. office submission, and the full content of this application is introduced into as a reference at this.
Technical field
The present invention relates to messaging device, information recording carrier, information processing method and computer program.Specifically; The invention particularly relates to messaging device, information recording carrier, information processing method and computer program; Wherein get rid of undelegated content use through the various contents that need the content use and management being carried out data transmission and processing; Realize strict content use and management thus, and the use halted state that further realizes message one such as content and user's affirmation-demonstration.
Background technology
All kinds of software datas (below be called " content ")-be stored in recording medium-for example use Blu-ray Disc or DVD (digital versatile dish), MD (mini disk) and the CD (compact disk) of blue laser such as view data, games, types of applications programs or the like such as voice datas such as music, film-can be used as numerical data.Especially, using the Blu-ray Disc of blue laser is the high density recordable disc, and can flood tide image content etc. be recorded as the data of high image quality.
Digital content is stored in this various types of information recording medium (recording medium), so that offer the user.The user reproducer one such as PC (personal computer) that the user had, Disc player etc.-on reproduce and use this content.
Usually, a lot of contents-such as music data, view data etc.-release right etc. return its creator or dealer all.Therefore, when content distributed, be provided with usually, some wherein be set use restriction, that is, only allow authorized user to use content, and prevent undelegated reproduction etc.
Use digital recording equipment and recording medium; Can duplicate record and reproduction under the situation that does not for example cause image for example or audio quality to descend; But also have problems; Such as, illegal copies content the issue on the Internet, copy to the so-called pirated CDs of the content on CD-R etc. issue, be stored in the surge of the use of the reproducting content on the hard disk of personal computer etc.
Huge storage capacity recording medium one such as DVD, use the recording medium etc. of the blue laser developed in recent years-can be on single disc with one one to several films of mass data-for example-as digital information recording.This ability that pictorial information etc. is recorded as numerical information makes and prevents that unauthorized copying from becoming very important problem with the protection copyright ownerL copyrighted material's owner.Till recently, carried out multiple technologies and copied on digital recording equipment and the recording medium with preventing unauthorized, so that prevent this undelegated duplicating to digital data.
For example, for DVD player, use content to upset system.Upset system through content, video data, voice data etc. are recorded in the configuration among the DVD-ROM (ROM (read-only memory)) for example with encrypted form therein, can reproduce content through descrambling is carried out in upset.
Scramble process need be carried out application specific one such as the processing that offers through the key etc. of the DVD player of permission.Permission be provided for be designed to observe the scheduled operation rule-such as do not carry out unauthorized copying or the like-DVD player.Therefore, for DVD player, be utilized as its particular data that provides once such as key-carry out descrambling and make it possible to reproduced image and audio frequency from DVD-ROM to being recorded in data among the DVD-ROM through permission.
On the other hand, unauthorized DVD player do not have be applied to through the special data one of the scramble process of data that upset to handle such as key, and therefore can not reproduce the data that are recorded among the DVD-ROM.Therefore, upset system configuration through content, the DVD player that does not satisfy required condition when obtaining permission can not reproduce the DVD-ROM of storage numerical data, thereby prevents unauthorized copying.
Summary of the invention
But there is such problem in this content upset system, promptly very big as the load of the processing on the messaging device side of the subscriber equipment of carrying out reproduction processes.And, also have the descrambling mechanism of a large amount of existing upset systems to be decrypted, and deciphering method is just through telecommunication media-propagate such as the Internet-quilt.Like this, in case disturb mechanisms is decrypted, content is just reproduced with undelegated mode or is duplicated, thereby produces content copyright and the usufructuary problem invaded.
Except that the upset technology, people propose to be used to forbid the configuration that do not have usufructuary user of suitable content and reproducer to reproduce through various content protectings technology.For example, Japanese Unexamined Patent Application discloses to disclose through execution among the No.10-41934 and utilizes the program of virtual machine decrypt encrypted data to add the technology of AES.But; In fact; If not under this content protecting mechanism, carrying out content playback; Then the user can not obtain the reason that why can not be reproduced about content or solution how to use this content, and therefore this configuration is not enough to satisfy the requirement that hope is obtained suitable right and used the user of content.
Equally; Also there is such problem; Up to the present promptly; Content protecting mechanism normally be mainly used in the streamed big content of protection AV-such as some film-configuration, and to remove little content the film etc.-such as by the handled content of program of for example Java (registered trademark)-protection also by consideration more.
Therefore; It has been found that to provide a kind of messaging device, information recording carrier, information processing method and computer program; Wherein, If content playback is not based on the execution of content protecting mechanism, then can state be provided, solution is provided, and can carry out the user and confirm for the user.It would also be desirable to provide a kind of messaging device, information recording carrier, information processing method and computer program; Its Chinese style with the mode identical with the AV flow data for remove AV flow data one such as film etc.-little content content be set use restriction, thereby realize strict content protecting.
Messaging device is used to carry out the processing of reproducing content from information recording carrier according to an embodiment of the invention; And comprise: the security information processing unit; The safety inspection information that is used for content-based reproduction sequence is confirmed output message, and will follow the message output command of the selection information of output message to output to the user interface process unit; With the user interface process unit, be used for obtaining information, and output to display unit based on the selection information of importing from the security information processing unit.Noting, be used for can belonging to this messaging device from the display unit of the output of user interface, perhaps can be the output terminal of the display unit that has to external display device.
The security information processing unit can be the configuration that is used to carry out following processing: confirm that based on safety inspection information output message content, content-based reproduction player information confirm the output message language and will be used for according to confirming that message selection information that information is selected outputed to the user interface process unit.
The user interface process unit can be the configuration that is used to carry out following processing: the corresponding user of the information that is shown on reception and the display unit imports and the user's input information that is received is outputed to the security information processing unit.
The user interface process unit can be configured to shield the Presentation Function performance element, and wherein the security information processing unit is configured to call (OSD_CALL) based on OSD, carries out the message output command of the selection information of following output message.
In addition, the security information processing unit can be configured to virtual machine, is used for obtaining the command code that is recorded in information recording carrier, and carries out data processing according to command code.
Messaging device is used to carry out the processing of reproducing content from content recording medium according to another embodiment of the present invention; And comprise: the security information processing unit; Be used for carrying out the processing of obtaining, and error code is write register or storer corresponding to the error code of content playback sequence safety inspection information; And application execution unit, be used for obtaining error code from register or storer, obtain and the corresponding information of resulting error code, and the message that is obtained is exported on display unit.
Application execution unit can be the configuration that is used to carry out following processing: the message that is shown on reception and the display unit corresponding user import, and the user's input information that is received is write register or storer; Wherein the security information processing unit is the configuration that is used to carry out the processing of obtaining the user's input information that is written to register or storer.
The security information processing unit can have configuration; Be used for to carry out the applied transformation order and output to application execution unit; Make and order based on applied transformation; Application execution unit is carried out the application that is transformed into via the data transfer process of register or storer execution and security information processing unit, and message is outputed to display unit.
Security information processing unit and application execution unit can write register or storer with the state value of indication treatment state; Wherein security information processing unit and application execution unit are configured to read the state value of the indication treatment state that is written into register or storer, and carry out the affirmation of treatment state.
Security information processing unit and application execution unit can be to be used for carrying out the configuration that mutual reliability is confirmed processing through the data transfer process of application register or storer.
The security information processing unit can be configured to virtual machine, and virtual machine obtains the command code that is recorded in the information recording carrier, and carries out data processing according to command code.
In addition, messaging device according to yet another embodiment of the invention comprises: application execution unit is used for carrying out the application program that is stored in information recording carrier; With the security information processing unit, be used to carry out and carry out or to continue the processing that the required parameter of application program writes register or storer at the application execution unit place; Wherein application execution unit is configured to obtain the parameter that the security information processing unit has write from register or storer; And carry out through using this CALCULATION OF PARAMETERS processing or encryption or continue the required data processing of application program, thereby carry out or continue application program.
In addition; According to an embodiment of messaging device of the present invention, register or storer are player status registers, and have first player status registers; Wherein the security information processing unit is carried out write operation, and application execution unit is carried out read operation; And have second player status registers, wherein application execution unit is carried out write operation, and the security information processing unit is carried out read operation.
In addition; The security information processing unit can be to be used for carrying out the configuration that the different parameters order is write the processing of register or storer; And application execution unit can be configured to from register or memory order obtain the different parameters that the security information processing unit writes in proper order; And the computing or the encryption of the different parameters of execution application order, thereby carry out or the continuation application program.
Application execution unit can be to handle or the configuration that the generation of output data is handled is carried out in encryption through carry out using from the CALCULATION OF PARAMETERS that register or storer obtained.
In addition; Application execution unit can be configured to handle or use the encryption of this parameter or utilize the decryption processing by the encryption key that encryption generated of using this parameter through using from the XOR of the parameter that register or storer obtained, and carries out the generation of output data and handles.
In addition; Information recording carrier according to an embodiment of the invention be used for storing comprise the code information of carrying out by virtual machine application program with content as conduct by record data; Wherein application program is the program that comprises the executive routine of the regular reference process that is used for register or storer, and code information is configured to comprise and is used to carry out the information of order that the error code of being obtained is write the processing of register or storer as the safety inspection result.
In addition; Information processing method is used to carry out the processing from the recording medium reproducing content according to an embodiment of the invention; And may further comprise the steps: the security information of carrying out at security information processing unit place is handled; The safety inspection information that is used for content-based reproduction sequence is confirmed output message, and will follow the message output command of the selection information of output message to output to the user interface process unit; The user interface process of carrying out at place, user interface process unit is used for obtaining information based on the selection information of importing from the security information processing unit, and outputs to display unit.
In addition; In security information is handled; Can carry out and be used for confirming the processing of output message content based on safety inspection information; Confirm the processing of output message language with content-based reproduction player information, and carry out and to be used for according to confirming that message selection information that information is selected outputed to the processing of user interface process unit.
In addition, information processing method may further include following steps, and promptly at place, user interface process unit, the message that is shown on reception and the display unit corresponding user import, and the user's input information that is received is outputed to the security information processing unit.
In addition, the user interface process unit can be configured to shield demonstration (OSD) function executing unit, wherein, in security information is handled, calls the operation that (OSD_CALL) carries out the message output command of the selection information of following output message based on OSD.
In addition; Information processing method according to another embodiment of the present invention; Be used for carrying out the processing of reproducing content from information recording carrier; And comprise the following steps: that the security information of carrying out at security information processing unit place handles, be used for carrying out the processing of obtaining, and error code is write register or storer corresponding to the error code of the safety inspection information of content playback sequence; Application program operation with carrying out at the application execution unit place is used for obtaining error code from register or storer, the corresponding information of error code that obtains Yu obtained, and the message of being obtained exported on display unit.
In addition; Information processing method may further include the following step: the execution of carrying out at the application execution unit place is handled; Be used to receive with display unit on the corresponding user's input of message that shown, and the user's input information that is received write register or storer; Handle with the operation of carrying out at security information processing unit place, be used to obtain the user's input information that writes register or storer.
In addition, information processing method can further comprise the following step: the applied transformation order of carrying out at security information processing unit place of will carrying out outputs to application execution unit; Be transformed into application program with execution, and at the application execution unit place, order outputs to display unit with message based on applied transformation via the data transfer process of register or storer execution and security information processing unit.
In addition, information processing method further comprises the following steps: at security information processing unit and application execution unit place, and the state value of indicating treatment state is write register or storer; With at security information processing unit and application execution unit place, read the state value of the indication treatment state that writes register or storer, and carry out the affirmation of treatment state.
In addition, information processing method may further include the step in security information processing unit and the execution of application execution unit place, is used for carrying out mutual reliability through the data transfer process of application register or storer and confirms to handle.
In addition, information processing method according to another embodiment of the present invention can comprise the following steps: that executive utility is carried out at the application execution unit place, is used for carrying out the application program that is stored in information recording carrier; Execution parameter writes at security information processing unit place, is used to carry out to carry out or to continue the processing that the required parameter of application program writes register or storer at the application execution unit place; Obtain the parameter that the security information processing unit writes from register or storer; And at the application execution unit place; Through using that this CALCULATION OF PARAMETERS is handled or the execution of encryption executive utility or continue required data processing, thereby carry out or continue this application program.
In addition, parameter writes and can carry out at security information processing unit place, is used to carry out the processing that the different parameters order is write register or storer; Wherein application execution unit is sequentially obtained the different parameters that the security information processing unit writes in proper order from register or storer, and carries out the computing or the encryption of the different parameters of application order, thereby carries out or continue this application program.
In addition, application execution unit can be handled or encryption through carrying out the CALCULATION OF PARAMETERS of using from register or storer obtained, and carries out the processing that generates the input data.
In addition; Application execution unit can be configured to handle or use the encryption of this parameter or utilize the decryption processing by the encryption key that encryption generated of using this parameter through using from the xor operation of the parameter that register or storer obtained, and carries out the processing that generates output data.
In addition; Computer program is used for carrying out the processing that reproduction is recorded in the content in the information recording carrier on the messaging device according to another embodiment of the present invention; And program comprises the code that is used for the following step: carry out security information at security information processing unit place and handle; The safety inspection information that is used for content-based reproduction sequence is confirmed output message, and will follow the message output command of the selection information of output message to output to the user interface process unit; With execution user interface process, be used for obtaining information, and output to display unit based on the selection information of being imported from the security information processing unit at place, user interface process unit.
In addition; Computer program is used for carrying out the processing that reproduction is recorded in the content in the information recording carrier on the messaging device according to another embodiment of the present invention; Program comprises: carry out security information at security information processing unit place and handle; Be used for carrying out the processing with the corresponding error code of safety inspection information of content playback sequence, and error code is write register or storer; Carry out at the application execution unit executive utility, be used for obtaining error code, obtain information, and the message of being obtained is exported on display unit corresponding to the error code that is obtained from register or storer.
In addition; Computer program according to yet another embodiment of the invention is used for carrying out the processing of reproducing the content that is recorded in the information recording carrier on the messaging device; Program comprises the following steps: that executive utility is carried out at the application execution unit place, is used for carrying out the application program that is stored in information recording carrier; Execution parameter writes at security information processing unit place, is used to carry out to carry out or to continue the processing that the required parameter of application program writes register or storer at the application execution unit place; And at the application execution unit place; Obtain the parameter that the security information processing unit writes from register or storer; And the execution of computing through application parameter or encryption executive utility or continue required data processing, thereby carry out or continue application program.
Note; Computer program according to the present invention is; For example can make the computer system can be through the recording medium of the storage medium that can provide with computer-reader form or telecommunication media-for example such as CD, FD, MO etc., or such as the computer program of the telecommunication media-all kinds of program codes of execution of network etc.But the program that this machine readable format is provided realized with computer system on the corresponding processing of program.
Through embodiments of the invention and accompanying drawing further explain, can clearly understand other target of the present invention, feature and advantage to describing after a while.Notice that employed term " system " refers to the logical combination device of a plurality of equipment in this explanation, is not limited to all pieces of equipment and is installed in a device in the cabinet.
Configuration according to an embodiment of the invention, a configuration is performed, wherein; When reproduction is stored in the content in the information recording carrier, allow to use, in addition based on the usufructuary content of suitable content; If confirm undelegated content use, can show the message of the reason of having suspended about content playback so, and can accept user's response display message based on safety inspection; Thereby can realize the processing of the situation of describing to the user, and accept user's affirmation and proposal.
And; Configuration via register or storer, transmits data between application execution unit and safe VM according to an embodiment of the invention; Thereby realize control to the content use; Wherein application execution unit is carried out content, comprises that safe VM is used as the security information processing unit such as the little content of Java (registered trademark) and HDMV.
Description of drawings
Fig. 1 describes to be stored in the configuration of the data in the information recording carrier and the figure of processing and driving arrangement and messaging device;
Fig. 2 is the figure that example is set that describes the content management units be used for the data that are stored in information recording carrier are provided with;
Fig. 3 describes the content management units be used for the data that are stored in information recording carrier are provided with and the figure of the correlativity between the unit key;
Fig. 4 describes the figure that is provided with about the catalogue configuration that is stored in the content in the information recording carrier;
Fig. 5 is the figure that describes repairing table (fix-up table) and the configuration of data conversion treatment program directory;
Fig. 6 is the figure that the diagram content playback is handled example 1;
Fig. 7 is the figure that describes the mutual checking sequence between driver and the main frame;
The figure of performed translation data application processes when Fig. 8 is the description content playback;
Fig. 9 is the figure that describes the data configuration that is stored in the repairing table in the information recording carrier;
Figure 10 is the figure that the diagram content playback is handled example 2;
Figure 11 describes to be used to carry out the figure that message is shown to the configuration of display unit through safety VM;
Figure 12 is the figure that the describing message data file content is provided with example;
Figure 13 describes with the OSD that under osd function, is applied to the message display process to call the figure of the configuration of (CALL_OSD) corresponding order;
Figure 14 is the figure that message shows example on the diagram display unit;
Figure 15 is that diagram is used to utilize register realization message display process, also the further content that realizes is used the figure of the basic configuration of control and treatment;
Figure 16 is the figure that describes the processing sequence of the message display process of using register;
Figure 17 is the figure that describes the processing sequence of the message display process of using register, the processing of application header conversions;
Figure 18 is the figure that describes the processing sequence of the use control and treatment of using register;
Figure 19 is the figure that describes through the ios dhcp sample configuration IOS DHCP that uses the data transmission of the employed register of application execution unit between safety VM and application execution unit;
Figure 20 describes through using the figure of the data transfer process sequence of the employed register of application execution unit between safety VM and application execution unit;
Figure 21 describes the figure that the reliability of carrying out between safe VM and the application execution unit confirms to handle sequence;
Figure 22 is the figure that describes through the ios dhcp sample configuration IOS DHCP that uses the data transmission of the employed register of application execution unit between safety VM and application execution unit;
Figure 23 describes through using the figure of the data transfer process sequence of the employed register of application execution unit between safety VM and application execution unit;
Figure 24 describes the figure that the reliability of carrying out between safe VM and the application execution unit confirms to handle sequence;
Figure 25 is that description utilization is shared storage space realization message display process, also the further content that realizes is used the figure of the basic configuration of control and treatment;
Figure 26 is the figure that describes content creation process and information recording carrier manufacture process;
Figure 27 is the figure that describes content creation process and information recording carrier manufacture process; With
Figure 28 is the figure of description as the Hardware configuration example of the messaging device of main frame executive utility.
Embodiment
Describe in detail below with reference to accompanying drawings according to messaging device of the present invention, information recording carrier, information processing method and computer program.Note, will make an explanation according to following items in the literary composition.
1. be stored in the general survey of the data in the information recording carrier and the processing at driver and main frame place
2. about content management units (CPS unit)
3. content playback is handled
(3.1) content playback is handled example 1
(3.2) content playback is handled example 2
4. message shows and content use control and treatment
(4.1) use the message of UI (user interface) processing unit to show
(4.2) use the message of register to show and content use control and treatment
(4.2.1) use the UI function of register that running the example of application program is provided
(4.2.2) use the UI function of register and header conversions device that example is provided
(4.2.3) use the content of register to use the control example
(4.2.4) the processing example 1 of the employed register of use application execution unit
(4.2.5) the processing example 2 of the employed register of use application execution unit
(4.3) use message demonstration and the content of sharing storage space to use control
(4.4) about production process
5. the configuration of messaging device
1. be stored in the general survey of the data in the information recording carrier and the processing of driver and main frame
At first, introduce the general survey be stored in the data in the information recording carrier and in the processing at driver and main frame place.Fig. 1 diagram wherein store the configuration of substantial information recording carrier 110, driver 120 and main frame 150.Main frame 150 is data reproduction (or record) application programs of for example on the messaging device such as PC etc., moving, and according to predetermined data processing sequence, and zero utilizes to carry out such as the hardware of the messaging device of PC etc. and handles.
Information recording carrier 100 is the information recording carriers such as for example Blu-ray Disc, DVD etc.; And be the storage authorized content, so-called content rights possessor permit in disc manufacturing plant, make down, have suitable content rights or an information recording carrier of release right (ROM dish etc.), or information recording carrier (RE dish or the like) that can record data.Notice that in following examples, disc shape media will be used as the example of descriptor recording medium, but the present invention can be applied to using the configuration of various types of information recording medium.
As shown in Figure 1; Information recording carrier 100 storage through the correction content 101 of the encryption of data and part replacement, as based on the MKB (key media key block) 102 of the encryption key block that the tree method for distributing key generated that is called as a kind of broadcast encryption method, disposed wherein encrypt the title key file 103 of the data that (encrypting the CPS unit key) wait to being applied to title key that contents decryption handles, comprise the service regeulations 104 of the CCI (copy control information) that is used as the duplicating of content/reproduction control information etc., wherein registered with content in the presumptive area place the corresponding translation data of replacement data repairing table 105, comprise the data conversion handling procedure 106 and the message data file 107 of the processing command of the registration data execution data conversion process that is used to utilize repairing table 105; It is stored under the situation that content playback suspended will be presented at the video data on the display; Such as message data, error message or the like for example.Notice that the data instance shown in the figure is an example, and the difference of the data based optical disc types of being stored has difference more or less.The summary of each type information will be described below.
(1) encrypted content 101
All kinds of contents are stored in the information recording carrier 100.The example of content comprises AV (audiovisual) stream of dynamic image content; Such as HD (high definition) movie contents of high definition motion image data, the example of content also comprises games, image file, voice data, text data of the form with specific criteria regulation or the like.These contents are the data that are defined as specific AV form, and are stored according to this specific AV data layout.Especially, it for example is stored according to Blu-ray Disc ROM standard format, as Blu-ray Disc ROM normal data.
In addition, in some situations, games, image file, voice data, text data or the like are stored as for example service data.Also have in some situations, these contents are stored the data of not observing this specific AV data layout as data layout.
The type of content comprises various contents; Such as music data, moving image, rest image and type view data and games, Web content or the like; And various forms of information are comprised in these contents; Such as can only by the content information that uses from the data of information recording carrier 100, can be through self-information recording medium 100 data and combine the content information that uses in future from the data that server provided that are connected to network, or the like.The content that is stored in the information recording carrier is stored encryptedly, has the different keys (CPS unit key or unit key (perhaps can be called as title key)) that are suitable for every section content, to realize that the difference of every section content is used control.Each suitable unit of unit key is called as content management units (CPS unit).In addition; The configuration data of content is set to interrupt data (brokendata); Wherein its a part of quilt with replace from the different data of correct content-data; Therefore independent decryption processing is not reproduced correct content, and in order to carry out reproduction, it is necessary replacing the processing of interrupt data with data registered in the repairing table.Hereinafter will do detailed description to this processing.
(2)MKB
MKB (key media key block) 102 is based on the encryption key block that the tree method for distributing key that is called as a kind of broadcast encryption method is generated.MKB102 is the key information piece, and the required media key of decryption content [Km] is obtained in its support, only is used for the processing (deciphering) based on the Device keys on the messaging device that is stored in the user who has effective permission [kd].This is an application of observing the information distributing method of so-called layering tree; Only make and under subscriber equipment (messaging device) has the situation of effective permission, just can obtain media key [Km], and the subscriber equipment that is disabled (cancelling processing) can not obtain media key [Km].
Can generate as the administrative center of license entity that have can not be with the MKB of the structure that is stored in the Device keys deciphering on certain subscriber equipment through the Device keys that change is used for deciphering the key information that is stored in MKB; That is, wherein can not obtain the required media key of contents decryption.Therefore, can cancel unauthorized device at any time, thereby only the encrypted content that can decipher is provided to equipment with effective permission.To describe contents decryption after a while handles.
(3) title key file
As stated, the group that perhaps a plurality of contents are formed in each is all passed through the independent encryption key that is used for each, and (encryption of title key (CPS unit key) is used for Content Management, and is stored in the information recording carrier 100.That is to say; The AV of constitution content (audiovisual) stream, music data, moving image, rest image and type view data, games, Web content or the like need be divided into the unit that organize content is used; Wherein be the different title key of each cutting unit generation, thereby carry out decryption processing.The information that is used to generate these title key is the title key data, and obtains title key through with the key that is for example generated by media key etc. the title key of encrypting being deciphered.Utilize the data based predetermined encryption key formation sequence of title key to generate and the corresponding title key in each unit, and carry out contents decryption.
(4) service regeulations
Service regeulations for example comprise duplicates/reproduction control information (CCI).This is copy limit information and the reproducing limit information that is used for and is stored in the encrypted content 101 corresponding uses controls of information recording carrier 100.For duplicate/reproduction control information (CCI) has various settings, such as as the situation of the information of each CPS unit that is used to be set to content management units, be set up and corresponding situation in a plurality of CPS unit or the like.
(5) repair table
As stated, be stored in encrypted content 101 the encryption in the information recording carrier 100, and a part of content configuration data are configured to the interrupt data different with correct data through being scheduled to.In order to reproduce content, need carry out data overwrite process, wherein interrupt data is used as the transform data replacement of correct content-data.The table of registration transform data is a repairing table 105.A large amount of interrupt data are set up and are dispersed on the whole contents, and when reproducing content, need use the transform data that is registered in the repairing table to replace the processing of (overriding) multi-disc interrupt data.Using this transform data refers to; For example, even carrying out under the situation of undelegated contents decryption, also can not only reproduce correct content through contents decryption owing to encryption key leaks; This is because there are superseded data, thereby can prevent undelegated content use.
Except conventional transform data, repairing table 105 also comprises supports to analyze the transform data of data identification information configuration position with identification content reproducing device or content playback application program.Especially, for example, this comprises the player ID as the recognition data of player (being used to carry out the equipment of host application program), or " transform data that comprises distinguishing mark ", has wherein write down the identifying information that is generated based on player ID.The transform data that comprises distinguishing mark is that slight change has taken place the bit value (bit value) of wherein correct content-data but its change degree does not influence the data of content playback.The details of the processing of using this transform data will be described after a while.
Though Fig. 1 diagram repairing table 105 be set to the example of independent data files, also can carry out such configuration, wherein the repairing table is not a unique file, but is dispersed in the whole configuration packet of encrypted content 101.After a while these configurations and processing can be described.
(6) data conversion handling procedure
Data conversion handling procedure 106 is to comprise the program of locating 0 reason order that is used for carrying out through the registration data of repairing table 105 the data conversion process, and is used by the main frame of reproduction content.These data conversion processing unit 154 places at main frame shown in Figure 1 100 carry out.
At the main frame place; Be provided with the virtual machine (VM) that is used to carry out the data conversion process; The data conversion handling procedure of reading from information recording carrier 100 106 is performed at virtual machine (VM); Use the registration data of repairing in the table 105, and handle for the data conversion of decryption content operating part configuration data.To describe this processing in detail after a while.
(7) message data file
Message data file is to be stored in the file that will be presented at video data one such as the message data one on the display under the situation that content playback suspended, such as the error message that comprises multi-group data according to wrong and language form.For example, in the situation that content playback suspends owing to safety problem, suitable message is selected from message data file, and is displayed on the display.The user can be based on the validation of information error condition and the process information that are presented on the display.The details of this processing will be described in [4. message shows and content use control and treatment] one section after a while.
Next will describe the configuration of main frame 150 and driver 120 and handle general survey with reference to Fig. 1.When data are sent to main frame 150 through driver 120, carrying out the reproduction of content that is stored in the information recording carrier 100 handles.Before using content; Between driver 120 and main frame 150, carry out mutual authentication processing; And through set up this checking handle confirms both sides' validity after, encrypted content is sent to main frame from driver, carries out the contents decryption processing at host computer side; And carry out above-mentioned data conversion and handle, thereby carry out content playback through the repairing table.
For the mutual checking of between main frame 150 and driver 120, carrying out; No matter whether each equipment or application program are registered as unauthorized device or application program, and the processing that is used for confirming validity is all through carrying out with reference to (invalid) tabulation of cancelling that administrative center issued.
Driver 120 has the storer 122 of storage host CRL (proof is cancelled tabulation), and host C RL storage host proves (invalid) information of cancelling of (public keys proves).On the other hand, main frame 150 has the storer 152 that is used for memory driver CRL (proof is cancelled tabulation), and driver CRL memory driver proves (invalid) information of cancelling of (public keys proves).Storer is nonvolatile memory (NVRAM); And if the CRL that for example from information recording carrier 100, is read is the version that upgrades, then their data processing units 121 separately and 151 execution are used for the update processing that host C RL or driver CRL with redaction are stored in storer 122 and 152.
CRL such as host C RL or driver CRL is brought in constant renewal in by administrative center.That is to say, if new discovery unauthorized device, the CRL that upgrades of issue then, wherein add be distributed to unauthorized device or device id etc. proof ID as new clauses and subclauses.Each CRL is provided with version number, and has the configuration that wherein can compare its new degree.For example, if the CRL that from the information recording carrier of the driver of packing into, is read upgrades than the CRL that is stored in the driver memory reservoir 122, then driver is carried out the CRL update processing.Main frame 150 is also carried out driver CRL in the same manner and is upgraded.
Except this CRL update processing, the data processing unit of driver 120 121 is carried out with the checking of the main frame that when using content, is moved and is handled, and further carries out from information recording carrier reading of data and data are sent to the processing of main frame.
As stated; The reproduction of main frame 150 (player) application program 150 is data reproduction (or record) application programs performed on the messaging device such as for example PC; And according to predetermined data processing sequence, the hardware of the messaging device of utilization such as PC etc. is carried out and is handled.
Main frame 150 has the data processing unit 151 that is used to carry out with the mutual authentication processing of driver 120, Data Transmission Controlling etc.; Be used to carry out decryption processing unit 153 to the decryption processing of encrypted content; Be used for carrying out the data conversion processing unit 154 and the codec processing unit 155 that is used for carrying out decoding (for example, mpeg decode) processing of data conversion process based on the registration data of aforementioned repairing table 105.
The checking that data processing unit 151 is carried out between main frames and the driver is handled, and in checking is handled, and is the driver CRL among the storer a152 of nonvolatile memory (MVRAM) with reference to being stored in, to confirm that driver is not the driver of being cancelled.Main frame is also carried out update processing, so that the driver CRL of redaction is stored among the storer a152.
Decryption processing unit 153 utilizes the various types of information among the storer b156 that are stored in and the data that from information recording carrier 100, read, carries out the decryption processing of encrypted content 101, and generates the key that will be applied to contents decryption.Data conversion processing unit 154 is used the transform data of being registered in the repairing table that from information recording carrier 100, is obtained, and according to the data conversion handling procedure that from information recording carrier 100, is obtained, carries out the replacement of content configuration data and handles (overriding).Codec processing unit 155 is carried out decoding (for example, mpeg decode) and is handled.
The storer b156 memory device key of messaging device 150: Kd, the key information that will be applied to mutual authentication processing, the key information that will be applied to decipher or the like.The details that contents decryption is handled will be described after a while.Device keys: Kd will be applied to the key that above-mentioned MKB handles.MKB is the key information piece; It makes can only be through obtaining the media key [Km] as the required key of decryption content based on the processing (deciphering) of the Device keys in the messaging device that is stored in the user with effective permission [Kd]; And when encrypted content is deciphered; The Device keys of messaging device 150 application memory in storer b156: Kd handles to carry out MKB.The details that contents decryption is handled will be described after a while.
2. about content management units (CPS unit)
As stated, be stored in the content process decryption processing in the information recording carrier, and be stored, so that realize different use control each unit with the different keys that are suitable for each unit.That is to say that content is divided into content management units (CPS unit), carries out independent decryption processing, and carries out independent use and management.
When using content, at first, need obtain the CPS unit key (being also referred to as title key) that is suitable for each unit; And; Through carrying out data processing based on predetermined decryption processing sequence, use other necessary key, key generation information etc., reproduce thereby carry out.The setting of content management units (CPS unit) will be described with reference to Fig. 2 after a while.
As shown in Figure 2, content has layered configuration: (A) index 210, and (B) movie objects 220, (C) playlist 230 and (D) montage 240.For example, appointment will be reproduced application access index, just specified the playback program relevant such as title with title, and select the playlist of regulation reproduction arrangement of ideas according to the program information of the playback program of appointment.
Play item is comprised in the playlist as the information of the data that will be reproduced.Through clip information, optionally read AV stream or order, and carry out the reproduction of AV stream and the execution processing of order as the real data of content by the reproduction section that is included in the play item defined in the playlist.Note, have a large amount of playlists and play item, and each all has corresponding playlist ID and play item ID as identifying information.
Fig. 2 diagram two CPS unit.They constitute a part that is stored in the content in the information recording carrier.In CPS unit 1271 and the CPS unit 2272 each all is to be set to comprise title, the movie objects as the playback program file, the playlist that is used as index and to have comprised the CPS unit as the unit of the montage of the AV stream file of actual content data.
Content management units (CPS unit) 1271 comprises title 1211 and title 2212, playback program 221 and 222, playlist 231 and 232, montage 241 and montage 242; And the AV stream data file 261 and 262 as the real data that is included in the content in two montages 241 and 242 is the object data of encrypting at least; And correspondingly be set to use title key (Kt1) ciphered data, wherein title key (Kt1) is the encryption key (being also referred to as the CPS unit key) that is set to rule with content management units (CPS unit) 1271 accordingly.
Content management units (CPS) 2271 comprises application program 1213, playback program 224, playlist 233 and the montage 243 as index; And the AV stream data file 263 as the real data that is included in the content in the montage 243 is employed title key (Kt2) encryption, and wherein title key (Kt2) is the encryption key that is provided with accordingly with content management units (CPS unit) 2272.
For example; For being carried out with content management units 1271 corresponding application files or content playback, the user handles; Need obtain and be used as the title key that is configured to the encryption key relevant: Kt1, and it is carried out decryption processing with content management units (CPS unit) 1271.For being carried out with content management units 2272 corresponding application files or content playback, the user handles; Need obtain and be used as the title key that is configured to the encryption key relevant: Kt2, and it is carried out decryption processing with content management units (CPS unit) 2272.
Fig. 3 illustrates the example that the CPS unit is provided with configuration and corresponding title key.Fig. 3 illustrates the CPS unit and the unit is set and may be used on the mutual relationship between the title key (CPS unit key) of each CPS unit, and wherein the unit is set is to be used for the unit of managed storage in the use of the encrypted content of information recording carrier in the CPS unit.Notice that the CPS unit of the data that are used for occurring after a while and title key can be stored in advance and be provided with.For example, data cell 281 is clauses and subclauses of the data that are used for occurring after a while.
The CPS unit is provided with the unit and occurs with diversity widely, and such as content title, application program, data set or the like, and each CPS Single Component Management table has the CPS unit ID that is arranged on wherein, is used as and each corresponding identifier in CPS unit.
Among Fig. 3, for example, title 1 is CPS unit 1, and when the encrypted content that belongs to CPS unit 1 is deciphered, needs to generate title key Kt1, and carries out decryption processing based on the title key Kt1 that is generated.
Like this, the content quilt that is stored in the information recording carrier 100 is stored the mode that it carries out encryption to use the different encryption keys that are suitable for each unit, so that realize the use control different to each unit.The UR (service regeulations) of each content management units (CPS unit) is set, is used for independent use and management each content management units (CPS unit).As stated, service regeulations are the information that comprises the duplicating of content for example/reproduction control information (CCI), and are included in the copy limit information or the reproducing limit information of the encrypted content in each content management units (CPS unit).
For generating title key, the data processing of the various types of information of application memory in information recording carrier is essential.To describe the concrete example of this processing after a while in detail.
Next, will describe and the corresponding catalogue configuration of the content with hierarchy shown in Figure 2 with reference to Fig. 4.
(A) index among Fig. 2 210 is index.bdmv files in the catalogue among Fig. 4.
(B) movie objects among Fig. 2 220 is MovieObjet.bdmv files in the catalogue among Fig. 4.
(C) playlist among Fig. 2 230 is files under the PLAYLIST catalogue in the catalogue among Fig. 4.
(D) montage among Fig. 2 240 is corresponding to the file that has same file number under CLIPINF catalogue in the catalogue among Fig. 4 and the STREAM catalogue.
As stated; The part configuration data that is stored in the content in the information recording carrier is set to be different from the interrupt data of the data replacement of correct content-data; Therefore independent decryption processing is not reproduced correct content; And in order to carry out reproduction, the processing of replacing interrupt data with data registered in the repairing table is essential.The data conversion handling procedure 106 that is stored in the information recording carrier is applied to this replacement processing, and carries out and use the data conversion of repairing the registration data in the table 105 to handle.
As stated, repairing table 105 is recorded in the information recording carrier with data conversion handling procedure 106.Fig. 5 shows catalogue configuration and the data conversion handling procedure with the corresponding repairing table of content with catalogue configuration shown in Figure 4.Fig. 5 is the catalogue preparation and the repairing table of the data conversion handling procedure created for the AV content with bibliographic structure shown in Figure 4.
[ContentCode.svm] shown in Fig. 5 is the data conversion handling procedure, and [FixUpXXXXX.tb1] shown in Fig. 5 is the repairing table (document number of XXXXX and clip information file is complementary) for each montage definition.
3. content playback is handled
A plurality of processing examples of the situation of carrying out the mutual checking between driver and the main frame are described below; And setting up under the situation about confirming; The content that is stored in the information recording carrier in the driver of packing into is sent to main frame from driver, and carries out content playback and handle.
(3.1) content playback is handled example 1
At first, will describe content playback with reference to Fig. 6 and handle example 1.Fig. 6 has begun diagram from the left side information recording carrier 310 of storage encryption content, information recording carrier 310 is inserted wherein to carry out driver 330 that data read and to link to each other with driver so that can carry out data communication and obtain content that is stored in the information recording carrier 310 and the main frame 350 of carrying out the reproduction application program of moving its reproduction processes through driver 330.Messaging device through such as for example PC is carried out main frame 350.
Information recording carrier 310 store M KB (key media key block) 311, title key file 312, encrypted content 313, repair table 314 and data conversion handling procedure 315.Main frame 350 is held will be applied to the Device keys 351 that MKB handles.
To describe below and handle sequence, wherein the main frame shown in Fig. 6 350 obtains through driver 330 and reproduces the content that is stored in the information recording carrier 310.At first, before reading the content that is stored in the information recording carrier 310, main frame 350 is carried out checking each other with driver 330 at step S101.Checking is to be used to confirm that main frame and driver all are the processing of authorisation device or application software each other.Can all kinds of processing be applied to this mutual authentication processing sequence.Its example will be described with reference to Fig. 7.
Fig. 7 is an example according to the mutual checking sequence of public key approaches.At first, at step S121, driver 330 sends to main frame with driver public keys proof of being stored in itself storer (NVRAM) and the random number that generates arbitrarily.At step S122, main frame 350 also sends to driver with host public key proof of being stored in itself storer (NVRAM) and the random number that generates arbitrarily.
At step S123, driver 330 is cancelled tabulation (host C RL: prove revocation list) check from the correctness of the host public key proof that main frame received and the state of cancelling of main frame based on the main frame proof.At step S123, driver 330 is at first carried out the check to the signature of host public key proof is set.The signature check based on elliptic curve cryptography is carried out in ECDSA_V indication shown in Fig. 7.Through the privacy key corresponding public keys of application, carry out this signature check with the key management entity.Driver is held the public keys of the key management entity of the signature check that is used for storer (NVRAM), and uses it to carry out signature check.Signature check is used to confirm that the host public key proof is not also distorted.If confirm that according to signature check the host public key proof is distorted, the duty cancellation is handled.
In addition, driver 330 proves based on the host public key of obviously not distorted, and with reference to host C RL, is not also cancelled (invalid) to confirm proof.Host C RL is the tabulation about the ID of the invalid proof of the public keys proof that is distributed to main frame.Host C RL is obtained by storer or the information recording carrier from driver.
Driver 330 obtains ID from the host public key proof of obviously not distorting, and definite ID whether with host C RL in the ID coupling registered.If there is the ID of coupling among the host C RL, confirm that then main frame is a main frame of having been cancelled (invalid), and processing subsequently is cancelled.If the ID that from host public key proof, is obtained is not recorded among the host C RL, then confirms main frame effectively and do not cancelled, and handle and continue.
On the other hand, in step S124, main frame 350 is also carried out the driver public keys and is proved that the validation of (distorting check) and application drives CRL confirm based on the driver public keys proof that is received from driver 330 whether driver is cancelled.Only confirming that the driver public keys proves effectively and under the situation about not cancelled, handling just and continue.Driver CRL is obtained from the storer of main frame or information recording carrier.
Next, driver 330 is notified its checking result with the form of actuator response (S125) and response of host (S126) respectively with main frame 350.When notice was verified as a result, both sides generated ECDH (elliptic curve Diffie Hellman) value as the value of using elliptic curve cryptography, and notify the other side.
After receiving driver checking result and ECDH value from main frame 350, the ECDH value that driver 330 application are received is confirmed the foundation of driver checking at step S127 inspection response of host, and generates the session key that is used as shared key.And after receiving host verification result and ECDH value from driver 330, main frame 350 in step S128 inspection actuator response, is confirmed the foundation of host verification based on the ECDH value that is received, and generates the session key that is used as shared key.
Through this mutual authentication processing, driver 330 is shared session key as sharing key with main frame 350.
Let us returns Fig. 6 and uses the processing sequence to continue introducing content.At step S101; Between main frame and driver, carry out checking each other and shared session key (Ks) afterwards; Main frame 350 obtains in step S102 by the MKB311 of drive records in information recording carrier 310; The Device keys 351 of application memory in storer carried out the processing of MKB311, and obtains media key (Km) from MKB.
As stated; MKB (key media key block) 311 is based on the encryption key block that the tree key dispatching system that is called as a kind of broadcast encryption method is generated, and is that make can only be through obtaining the key information piece as the media key (Km) of the required key of contents decryption based on the processing (deciphering) that is stored in the Device keys (Kd) in the equipment with effective permission.
Next, at step S103, will in step S102, handle the media key of being obtained (Km) and be applied to carry out deciphering, thereby obtain title key (Kt) the title key file that is read from information recording carrier 310 through MKB.The title key file that is stored in the information recording carrier 310 is the file that comprises by the media key ciphered data, and the title key (Kt) that is used for contents decryption can obtain through the processing of using media key.Note decryption processing application examples among the step S103 such as AES AES.
Next step; Main frame 350 is read the encrypted content 313 that is stored in the information recording carrier 310 through driver 330; With the content stores of being read in track buffering device 352; In step S104, use title key (Kt) and carry out being stored in the decryption processing of the content in the impact damper, and obtain the content after the deciphering.
Content after the deciphering is stored in the plaintext TS impact damper 353.(Plain TS) refers to the plaintext transmission stream after the deciphering.Now, be stored in that content is the content that comprises above-mentioned interrupt data after the deciphering in the TS impact damper 353 expressly, it can not be reproduced as itself that kind, and needs to carry out tentation data conversion (through the data replacement that overrides).
Block 371 among Fig. 6 illustrates this data conversion and handles.The performed processing of block 371 among Fig. 6 and data conversion processing unit through main frame shown in Figure 1 150 154 is equivalent.To the general survey that this data conversion is handled be described with reference to Fig. 8 after a while.
Encrypted content 313 shown in Fig. 6 is the encrypted contents that are stored in the information recording carrier, and this encrypted content temporarily is stored in the track buffering device 352 of host computer side.This is the data 401 in the track buffering device that are stored in shown in Fig. 8 (1).
Deciphering to the encrypted content of the data 401 of being stored as the track buffering device is carried out through the host computer side decryption processing, and the decrypted result data are stored in expressly in the TS impact damper 353.This is the decrypted result data 402 shown in Fig. 8 (2).
Decrypted result data 402 comprise the interrupt data 403 that is not correct content configuration data.The data conversion processing unit of main frame is carried out the processing with transform data 404 these interrupt data 403 of replacement, and wherein transform data 404 is correct content configuration data that the repairing table 314 from be recorded in information recording carrier shown in Figure 6 310 is obtained.This replacement is for example handled and is handled and be performed as the partial data rewriting (overriding) that the data that write plaintext TS impact damper 353 are carried out.
In addition; As shown in Figure 8; The processing of the transform data replacement interrupt data that just is not used as the normal content data is handled in the performed data conversion of main frame, and also carries out the processing of disposing data with part in the transform data that the comprises identification marking 405 replacement decrypted result data 402.
Identification marking is the data that support makes the configuration bit of content reproducing device or the discernible identifying information of content playback application program.Concrete example is the configuration data of identifying information (player ID) that is used as the messaging device of the player of carrying out host application program, or the identification marking that is generated based on player ID.As stated, identifier-transform data is set is a kind of like this data, and wherein slight change has taken place the bit value of correct content-data, but its change degree does not influence reproduction of content.
The a large amount of transform datas 405 that comprise identification marking are set in content, and for example, collect and analyze the transform datas 405 that comprise identification marking of organizing more and just confirm player ID.The transform data 405 that comprises identification marking is a kind of like this data; Wherein the configuration bit of normal content data is changed in to a certain degree; Wherein in this degree; Can carry out normal reproduction is content, and confirms through the bit (identification marking configuration bit) that the MPEG bit stream analysis can be carried out in these data.
The a large amount of transform datas 404 that comprise identification marking shown in Fig. 8 are registered in the repairing table with transform data 405, and this repairing indumentum is stored in the information recording carrier, and their writing position information is registered.Information and executing data conversion processing based on being stored in the repairing table is stored in the data in the plaintext TS impact damper 353 with data 406 replacements after adopting the conversion shown in Fig. 8 (3).
Return Fig. 6, with the processing of describing in the dashed boxes 371, that is, the host computer side data conversion is handled.Data conversion is handled for example by the safe VM356 execution that is set to virtual machine in the main frame.Virtual machine (VM) is directly to explain and carry out intermediate language and do not rely on the virtual machine that the command code information of intermediate language was explained and carried out to platform.
Safe VM356 carries out and from information recording carrier 310, reads the processing of the data conversion handling procedure 315 that comprises command code information, and carries out this program.Safe VM356 receives the processing controls of event handler 354; Also the id information of the player (messaging device) of input execution host application program is as player information 355; And the data conversion handling procedure 315 that from information recording carrier 310, is obtained is performed, and the id information that wherein moves the player (messaging device) of host application program is transfused to as player information 355.Event handler 354 is carried out and is handled supervision.Emulator verification and other host application program that whether performed processing is correctly being carried out about safety VM356 and processing and the state that is used as the player (messaging device) of host application program actuating equipment are monitored; And if detected processing mistake or unauthorized processing or the like, then the data conversion of safe VM356 would be handled and is cancelled.
Safe VM356 uses the repairing table of from information recording carrier 310, being read and carries out the conversion process that is stored in the data in the plaintext TS impact damper 353.That is to say; This is that the data conversion of step S105 shown in Figure 6 is handled, and wherein utilizes decrypted result data 402 shown in Figure 8, and interrupt data 403 is by transform data 404 replacements; Transform data 404 is correct content configuration data; And also have data overwrite process, be used for comprising the transform data 405 of identification marking, thereby will be stored in the data 406 after data in the plaintext TS impact damper 353 become conversion with the partial data replacement of content.
Subsequently, the TS after the conversion (MPTS) externally exports through quilts such as networks, and is externally reproduced on the transcriber.Perhaps, at step S106,, and further, in decoding processing (step S107) afterwards, reproduced through display and loudspeaker through the conversion of processing execution from MPTS (TS) to basic stream (ES) of demultplexer.
The data configuration of the data modification table that is recorded in the information recording carrier will be described with reference to Fig. 9 below.The data modification table that is recorded in the information recording carrier has data configuration for example shown in Figure 9.That is, it has following data.
Repair entry number: repair data entry number (repairing entry number)
Repair entry length: the bytes in the single repairing data clauses and subclauses (byte length ()=(N+6) of repairing clauses and subclauses)
SPN (source packet number): begin the packet number of number from the reference position of AV stream file, wherein transform data is written into the original position (packet number after the absolute transformed that begins of AV stream file) that wherein grouping is positioned at the AV stream file
Byte offset: indication begins to write the byte offset (start byte of the data after the conversion in grouping) in the place of transform data in the grouping by the SPN appointment
Player id position: the bit address (the indicating bit address of (for forensic) the player ID that is used to argue) of identification marking (player ID etc.)
Repair data: conversion overrides data (value that will be written (conversion N byte in a TS divides into groups))
A large amount of interrupt data intersperse among on the content, and are recorded in the position that transform data in the repairing table is overwritten in interrupt data.And for the transform data that has such as the identification marking of player ID etc., a large amount of writing positions are set in the content.Repair the table that indumentum is set to record " conversion overrides data ", be used as
(a) transform data
(b) have the transform data of identification marking
Solid data and the writing position appointed information of data.
Though can carry out various settings to wanting many sizes that transform data (comprising the transform data that has identification marking) replacement zone and transform data are set continually, the size of repairing table is according to the difference that is provided with and difference.For example; Two groups of transform datas are set or have in the configuration of transform data of identification marking at the GOP (picture grouping) that wants per 1 configuration MPEG content; If for example transform data (comprising the transform data that has identification marking) is 8 bytes; Table size will be about 400KB so, and in the situation of 16 bytes, form will be about 600KB.
And; Five groups of transform datas are set or have the configuration of the transform data of identification marking for the GOP (picture grouping) that wherein wants per 1 configuration MPEG content; If transform data (comprising the transform data that has identification marking) is 8 bytes; Then the size of form is about 1MB, and in the situation of 16 bytes, the size of form is about 1.5MB.
According to the repairing table 314 that is recorded in the information recording carrier 310, the safe VM of main frame 350 carry out be used for
(a) transform data
(b) have the transform data of identification marking
Write the processing of assigned address in the repairing table.Data write the processing that is performed as transform data or the transform data that has an identification marking being write on the data that are stored in the TS impact damper 253 expressly; And as this process result, the data that are stored in the plaintext TS impact damper 253 are replaced by the data among the Fig. 8 (3) that describes before.
Content is performed as the processing based on data after the conversion shown in Fig. 8 (3) from outside output of the player (messaging device is such as PC) that main frame is installed or content playback.
Transform data is correct content configuration data, and the transform data that has an identification marking also is the data that are applied to reproducing correct content, therefore, supports correct content playback through reproducing based on these data decodes.And if for example duplicate this content with undelegated mode, and the data of duplicating leak in a large number, and then analytic band has the transform data of identification marking just can obtain player ID, thereby can find out the source of unauthorized content data.
(3.2) content playback is handled example 2
Next, will describe content playback with reference to Figure 10 and handle example 2.Figure 10 has begun diagram from the left side information recording carrier 310 of storage encryption content, information recording carrier 310 is inserted wherein to carry out driver 330 that data read and to link to each other with driver so that can carry out data communication and obtain the main frame 350 that the reproduction application program of its reproduction processes is carried out in the content that is stored in the information recording carrier 310 and execution through driver 330.For example, through messaging device-carry out main frame 350 such as PC-.
The MKB (key media key block) and the title key file that are recorded in the information recording carrier 310 have been omitted among Figure 10.Main frame 350 is held will be applied to the Device keys that MKB handles, and title key (Kt) is accurately to carry out with the identical processing of describing with reference to Fig. 6 with title key file through the MKB (key media key block) of application records in information recording carrier 310 to calculate.This processing also has been omitted in Figure 10.The further storage encryption content of information recording carrier 313, repair table 314 and data conversion handling procedure 315.
Handle in the example 2 at content playback shown in Figure 10, it is characterized in that, the processing of the block 381 of with dashed lines frame indication is as real-time processing execution, and the processing of block 382 was carried out as batch processing before reproduction or output content.That is to say; Safe VM356 is before the output of the outside of beginning content playback or content; Read the data conversion handling procedure 315 that comprises command code information from information recording carrier 310; And under the control of event handler 354,, carry out decryption processing to the repairing table of being read from information recording carrier 310 314 based on the input of player information 355.
Be recorded in the repairing table 314 process Fuzzy Processing (obfuscation processing) in the information recording carrier 310; Through for example AES encryption, xor operation or other similar calculating; And safe VM356 carries out decryption processing or predetermined computing after data conversion handling procedure 315, thereby obtains the repairing table as clear data.Up to the present processing was performed as batch processing before beginning content playback or the outside output of content.
Thereafter processing conduct is performed with the real-time processing that executed in parallel is handled in the output of the outside of content playback or content.That is to say that contents decryption among the step S201 is handled, the data conversion among the step S202 is handled, promptly be used for the transform data that is write down in the repairing table that is recorded in information recording carrier 310-promptly
(a) transform data
(b) have the transform data of identification marking
-write the data conversion that is recorded in the assigned address in the repairing table 314 to handle; Also have in addition; The outside output of TS among the step S203 after the conversion (MPTS) handles or demultplexer is handled; I.e. conversion from MPTS (TS) to basic stream (ES) and the decoding processing among the step S204, all conduct is handled parallel real-time processing with the outside output of content playback or content and is performed.
Through this processing sequence,, also realize handling in real time, and do not influence reproduction of content and outside output even under the time-consuming situation of processing of the repairing table 314 of safety VM356.
4. message shows and content use control and treatment
As stated; Content for comprising the interrupt data different with correct content configuration data is stored in the information recording carrier; And be recorded in the configuration in the information recording carrier about the repairing indumentum that positional information is set of the transform data of content as the transform data that will be interrupted the correct content configuration data that data replace and record; And wherein according to being recorded in the repairing table in the information recording carrier; The configuration that the content configuration data are replaced by transform data when content playback is handled; Even leak with the corresponding privacy key of encrypted content that is recorded in the information recording carrier, on the equipment that can not obtain transform data, also do not carry out content playback, thereby the unauthorized that prevents content use.
And; Comprise about which can be analyzed and support the transform data of data of configuration bit of the identifying information of identification content reproducing device or content playback application program to be used as transform data to use; Even so under the situation that unauthorized content leaks, the analytic transformation data also make it possible to confirm the source of unauthorized content.
Therefore, can realize strict content use restriction.But, on the other hand, if reproduction of content forbidden by the foregoing defencive function, then attempt to reproduce or use the user of content can't know the reason that content is not reproduced, also can't know the solution of reproducing content.The user may think that reason is equipment failure or disk defectiveness.
And; The content protecting mechanism of using above-mentioned data conversion mainly be configured to be used for big content-such as some film etc.-the protection mechanism of AV stream; And there is such problem; Promptly for be not this big content by program-such as the little content of Java (registered trademark)-processing, the processing load that is used to be provided with transform data is very big.
Next a kind of ios dhcp sample configuration IOS DHCP is described; It supports message is offered the user and imports the affirmation from the user; As the mode of handling following situation; Wherein carried out content playback and forbidden handling and using limitation arrangement, as the configuration that is used to address this is that for simple content by the handled little content of for example Java (registered trademark).
(4.1) use the message of UI (user interface) processing unit to show
At first, the message display process example of using UI (user interface) processing unit will be described.Figure 11 begin diagram from the left side information recording carrier 310 of storage encryption content, information recording carrier 310 inserted wherein with carry out driver 330 that data read with link to each other with driver in case can carry out data communication and through driver 330 obtain the content that is stored in the information recording carrier 310, and execution be used to carry out the main frame 350 of the reproduction application program of its reproduction processes.For example main frame 350 is through messaging device-carry out such as PC-.
In Figure 11, message display process function has been added to reference in the described content playback processing configuration of Fig. 6 example.That is to say, with the difference of Fig. 6 be such configuration, wherein message data file 316 is stored in the information recording carrier 310, and the safe VM356 at host computer side 350 places uses UI (user interface) processing unit 391 that message is presented on the display unit 392.
Have the usufructuary main frame of effective content with successful enabling decryption of encrypted content 313, and correct content playback will be performed through the data conversion of using the transform data that is obtained from repairing table 314.And, do not have the usufructuary main frame of effective content can not realize that contents decryption is handled or handle based on the data conversion of transform data at least one, and therefore can not carry out correct content playback.These processing are identical with reference to the described processing of Fig. 6 with before.
For present embodiment, safe VM356 is used as the security information processing unit, and the safety inspection information in the content-based reproduction sequence is confirmed output message, and will follow output message to select the message output command of information to output to UI (user interface) processing unit 391.
UI (user interface) processing unit 391 is based on the selection information that safe VM356 imported from the security information processing unit; From the message data file 316 of information recording carrier 310, obtain information; And with its output (demonstration) to display unit 392, wherein display unit 392 is displays of carrying out the PC etc. of main frame.Display unit 392 shows the message that UI (user interface) processing unit 391 is exported.This demonstration for example is performed as and overlays the demonstration of reproducing on the content.
The configuration of (showing on the screen) function that UI (user interface) processing unit 391 for example can be configured to have application OSD.OSD has the alert message carried out on the display message overlay on the display unit 392 to be shown, show the function that the interruption of adjustment screen etc. shows.This handles processing with main frame 350 irrespectively by executed in parallel, and message shows and can on display unit 392, carry out, and also receives the user through unshowned input block and import.For present embodiment, user's input is to be input to safe VM356 from UI (user interface) processing unit 391.
A specific embodiment will be described below.Safety inspection information in the content-based reproduction sequence of safe VM356 is confirmed output message, and will follow the message output command of the selection information of output message to output to UI (user interface) processing unit 391.UI (user interface) processing unit 391 obtains information based on selection information from the message data file 316 of information recording carrier 310, and with its output (demonstration) to display unit 392, wherein display unit is a display of carrying out the PC etc. of main frame.
Figure 12 shows the catalogue that comprises message data file 401 to 404 that is recorded on the information recording carrier.Shown in figure 12, the message data file of a plurality of contents and language 401 is stored on the information recording carrier to 404.
As stated, the id information of the player (messaging device) of safe VM356 input execution host application program etc. are as player information 355, and input is from the monitor message of event handler 354.Whether event handler 354 is carried out about the performed processing of safety VM356 just by the emulator verification of suitable execution; And other host application program is monitored with the processing and the state of the player (messaging device) that is used as the host application program actuating equipment; And if detect and handle mistake or unauthorized processing etc.; Then monitor message is imported into safe VM, and under the situation of needs, cancels the data conversion of safe VM356 and handle.
For example, based on player information 355, the language of the definite message that will be exported of safe VM356, and also carry out the processing that is used for based on the content of the message of confirming from the monitor message of event handler 354 to be exported.Be determined with having the definite like this language and the corresponding message selection of the message data file information of content, and outputed to UI (user interface) processing unit 391.
Based on this selection information; Select and obtain message data in the message data file 316 of UI (user interface) processing unit 391 from information recording carrier 310; And with its output (demonstration) on display unit 392, wherein display unit is a display of carrying out the PC etc. of main frame.
If OSD (on the screen show) function is used as UI (user interface) processing unit 391, then OSD call (CALL_OSD) function be used to from the safe VM356 that is used as the security information processing unit to UI (user interface) processing unit 391, follow message to select the message display command of information.OSD calls (CALL_OSD) function and is defined as and has following (a) and (b) order of these two appointed information:
(a) be used to specify message data file (num) number appointed information and
(b) the operation ID of designated user input information (opID).
To a specific embodiment that use OSD to call the message display process of (CALL_OSD) be described with reference to Figure 13 below.For example, for call (CALL_OSD) corresponding order 411 with OSD appointed information is set
(a) be used to specify message data file (num) number appointed information and
(b) the operation ID of designated user input information (opID).
As above said with reference to Figure 13, number appointed information (num) is used as the appointed information of the message data file that is used for being stored in information recording carrier.And operation ID (opID) is used as the information that is provided with that is used to show, as the part of user input unit,
Only show [OK]
Show [OK] [Cancel]
Show [Yes] [No]
Show [Yes] [No], [Cancel]
According to each ID shown in figure 14, or simple continuity is set, with a display message.
Figure 14 illustrates message and shows example, and wherein [OK] is shown as user input unit.If OSD (showing on the screen) function is used as UI (user interface) processing unit 391, then, message data for example shown in figure 14 is displayed on the front of display unit 392.
Use mouse for example to click [OK] key of display message through the user, input information is detected through OSD, and is imported into safe VM356.Note, can carry out a kind of layout, the URL of content providing server or content management server etc. wherein is provided in display message, make that the user can be through clicking the URL access server.
Even for example can not carry out contents decryption or content-data conversion; Make that content can not be by under the situation of correct reproduction; Carry out this message and show that just making safe VM can according to circumstances export suitable message arrives display unit; Be that the user can go and find out what's going on, and also information can be provided, such as the required step of content playback.
And, can carry out a kind of like this configuration, wherein user's input information is not a simple data; Such as with reference to Figure 13 and Figure 14 described [OK], [Cancel], [Yes], [No], but wherein input digit or text string, such as certain password; Safe VM356 receives input value; Whether satisfy the judgement of reproducing condition through the password confirming processing execution about it, and if confirm that it satisfies reproducing condition, then handle being performed so that can reproduce etc.
(4.2) use the message of register to show and content use control and treatment
Next, show example and content use control and treatment example with describing the message of using register.
Figure 15 diagram be used to realize use the message display process of register and the basic configuration that content is used control and treatment.Safe VM356 shown in Figure 15 be with reference to the described identical safe VM356 of Fig. 6, Figure 10 and Figure 11.That is to say that this is arranged in the main frame the safe VM356 that is used to carry out the data conversion process as virtual machine, is used as the security information processing unit.
As described with reference to Fig. 6 and other accompanying drawing, the safe VM356 that is used as the security information processing unit carries out and reads the data conversion handling procedure 315 that comprises command code information from information recording carrier 310, and carries out the processing of this program.In addition, the id information of the player (messaging device) of safe VM356 input execution host application program is as player information 355, and input is from the monitor message of event handler.Whether event handler 354 is carried out about the performed processing of safety VM356 just by the emulator verification of suitably carrying out; Other host application program is monitored with the player (messaging device) that is used as the host application program actuating equipment; And if detect and handle mistake or unauthorized is handled; Then monitor message is imported into safe VM356, and under the situation of needs, the data conversion of safe VM356 is handled and is cancelled.
For this processing example, utilize register message transfer, order, parameter, data or the like between safe VM356 that is used as the security information processing unit and application execution unit 501.Application execution unit 501 is the data processing performance elements application layer (or being also referred to as the AV layer), and the application processes of wherein carrying out the various types of data processing is comprised in the application program of carrying out in these application execution unit 501 places.
Through describedly be used to carry out the content playback information processed treatment facility of main frame 350 with reference to Fig. 6, Figure 10 and Figure 11, such as PC etc., can carry out the types of applications program.For example, carry out as before described in (4.1) section, be used for the UI function offered such as the display unit of the messaging device the PC and program be provided to show various types of messages and to receive the UI function that the user imports; Be used for carrying out the Java (registered trademark) that is stored in information recording carrier or application program of HDMV content or the like.Notice that these application programs can be that messaging device is stored in the program on the hard disk etc. in advance, or the program of from information recording carrier, reading.
For example, with storage AV stream-such as film etc.-, information recording carrier can also wait time being provided with of free content etc., stores little content, such as recreation, picture, dynamic image content etc.Many this contents are registered as Java (registered trademark) or HDMV content.With different through the AV content of aforementioned encryption or data conversion processing, these little contents seldom receive content protecting, handle such as encryption or data conversion.
But,, do not hope unauthorized copying or use even to this little content yet.Through this processing example, shown in figure 15, use the configuration of using register, also be that such content realizes content use control.
Shown in figure 15, utilize register 511 and 512, message transfer, order, parameter, data or the like between safety VM356 and application execution unit 501.In the example depicted in fig. 15; Show an example; Wherein register (PSR) 511 is used as and is used for writing register and being used for the read register of application execution unit 501 of safe VM356, and register (GPR) 512 is used as read register that is used for safe VM356 and the register of writing that is used for application execution unit 501.Available register is used in this configuration, register (PSR) the 511st wherein, player status registers, and register (GPR) the 512nd, general-purpose register.Notice that the use configuration of shown register is an example just, as long as and can be between safety VM356 and application execution unit 501 swap data, just can use any register.
(4.2.1) the UI function of use register provides the execution example of application program
At first, will describe the processing example that is used for a kind of like this situation, in this situation, will be set to register shown in Figure 15 in the application program that application layer is carried out and use the UI function in the configuration that application program is provided with reference to Figure 16.
In the normal application program of carrying out of application layer is to be used for carrying out the Java (registered trademark) that for example is stored in information recording carrier or the application program of HDMV content.In this processing example, these application programs are used for carrying out the UI function.That is to say that the application program of carrying out in application layer is set to the UI function provides application execution unit 521.
Figure 16 diagram be used as the security information processing unit safe VM356, UI function application execution unit 521 and register 511,512 are provided, safe VM356 and UI function are shown provides treatment step S201 that application execution unit 521 carries out to S207.The processing in each step will be described below.
At first, we suppose that safe VM356 detects certain safety problem in step S201 in content playback is handled.Safe VM356 receives monitor messages from event handler 354, and is detecting under the situation of handling mistake or unauthorized processing etc. with reference to as described in Fig. 6 and other accompanying drawing as previous, and such information is imported into safe VM356.
If in content playback is handled, detect mistake, such as some safety problems, then safe VM356 will be provided with in advance in step S202 corresponding to each wrong error code setting and write register (PSR) 511.
Next, at step S203, the UI function provides application execution unit 521 to obtain to write the error code of register (PSR) 511.The UI function provides application execution unit 521 for example to carry out the processing with reference to register (PSR) 511 with the time interval that is provided with in advance.After obtaining the error code that writes register (PSR) 511, the UI function provides application execution unit 521 will output to display unit with the message that the error code of being obtained is provided with accordingly at step S204.
For example, as previous described with reference to Figure 14, the message data that is presented on the display unit is the video data that wherein has been provided with message and user input unit.At step S205, after the UI function provided application execution unit 521 to detect user's input, at step S206, the UI function provided application execution unit 521 that user's input information is write register (GPR) 512.Further, at step S207, safe VM356 obtains the user's input information that writes register (GPR) 512.Safe VM356 makes regular check on register (GPR) 512, and repeats the register inspection up to obtaining writing information, or up to arriving predetermined time-out time.
Processing configuration shown in Figure 16 is a kind of like this configuration; Wherein provide application execution unit 521 to carry out the I/O of information, make it possible to carry out message to the user through application display unit and appear and detects the user and import via register through safety VM356 and UI function.Even deciphering or correct data conversion in for example content can not be carried out; Make that content can not be by under the situation of correct reproduction; Carry out this message and appear and make safe VM according to circumstances suitable message to be outputed to display unit, that is to say that the user can go and find out what's going on through register and application program; And also information can be provided, such as the required step of content playback.
(4.2.2) use the UI function of register and header conversions that example is provided
Next; To describe one with reference to Figure 17 and handle example; The safe VM356 that wherein is used as the security information processing unit outputs to application layer with the header conversions order; So that the header conversions of the program that the application layer place is being carried out provides application program, appears such as message for the UI function, thereby present message and receive user's input.
Figure 17 illustrates safe VM356, application execution unit 522 and register 511 and 512 that are used as the security information processing unit.For this processing example, safe VM356 carries out the header conversions order is outputed to application execution unit 522, so that the processing that the header conversions of the program that will just carry out at application execution unit 522 places becomes the UI function application program to be provided, to appear such as message.Therefore, application execution unit 522 indication application layers are wherein carried out various application programs, such as provide application A and UI function the application program that application program is provided except that the UI function.
The processing sequence that carry out in safe VM356 and application execution unit 522 places is represented as treatment step S211 to S219.The processing in each step will be described below.
At first, at step S211, safe VM356 detects certain safety problem in content playback is handled.As previous said with other accompanying drawing with reference to Fig. 6, safe VM356 receives monitor message from event handler 354, and is detecting under the situation of handling mistake or unauthorized processing etc., and such information is imported into safe VM356.If in content playback is handled, detect mistake, such as certain security procedure, then safe VM356 will be provided with in advance corresponding to each wrong error code in step S212 and write register (PSR) 511.
Next, at step S213, safe VM356 outputs to application execution unit 522 with the header conversions order.The order of this header conversions is the designated command that the header conversions of the program of just carrying out at application execution unit 522 places is provided application program, appears such as message for the UI function.At step S214, application execution unit 522 is handled according to the header conversions of the application program of carrying out from the header conversions command execution of safety VM356, and execution UI function provides application program.
Processing subsequently is described identical with reference to Figure 16 with before; Wherein the UI function at application execution unit 522 places provides application program to obtain the error code that writes register (PSR) 511 at step S215, and the message that will be provided with corresponding to the error code of being obtained at step S216 outputs to display unit.
Further, in step S217, detect user input after, user's input information is written into register (GPR) 512 at step S218.Further, at step S219, safe VM356 obtains the user's input information that writes register (GPR) 512.
Processing configuration shown in Figure 17 is such configuration; The safe VM356 that wherein is used as the security information processing unit has the just mandate of the application program of execution at application execution unit 52 places of conversion; Wherein through this program conversion; Carry out the UI function in application layer application program is provided, thereby make it possible to message is offered the user and detects user's input.
For this configuration; Handle-such as register inspection-only provide the application program place to be performed in the UI function; Therefore need not be used for the setting that other normal application is carried out the register inspection, its advantage is need not change general application program performed in application layer.
(4.2.3) use the content of register to use the control example
Next, will describe the content of using register with reference to Figure 18 and use the control and treatment example.As discussed previously; The content protecting mechanism of using above-mentioned data conversion mainly be configured to be used for big content-such as some film etc.-the protection mechanism of AV stream; And there is such problem; Promptly for be not this big content, by program-such as Java (registered trademark)-handled little content, the processing load that is used to be provided with transform data is very big.To describe below utilize register, for example use the control and treatment configuration by the content of the little content of handling such as Java (registered trademark) or HDMV.
Figure 18 illustrates the safe VM356 that is used as the security information processing unit, is used for carrying out by application execution unit 523 and register 511 and 512 such as for example Java (registered trademark) or the handled little content of HDMV.As shown in the figure, application execution unit 523 is by such as Java (registered trademark) or the handled little content 551 of HDMV, is stored in the information recording carrier 550 with the AV content.
That from information recording carrier 550, has been read carries out required special processing parameter by have content such as Java (registered trademark) or the handled little content 551 of HDMV, so that realize using control, and safe VM356 obtains these parameters.Application execution unit 523 is obtained the content substance of the Java (registered trademark) that do not comprise processing parameter or HDMV configuration, and carries out reproduction processes.But, note, must obtain processing parameter from safety VM356, handle to carry out reproduction of content.
Safe VM356 reproduces section at for example each certain content and through register (PSR) 511 processing parameter is offered application execution unit 523, and if detected certain safety problem at safety VM356 place, then stop to provide parameter.Stop to provide parameter to mean that application execution unit 523 can not reproduce content, and content playback stop.For this processing example, content uses control to realize through this configuration.
The application program (content 551) that to carry out at application execution unit 523 places is such as Java (registered trademark) or the such application program of HDMV; These application programs begin to start before the application program and the term of execution; Obtain execution off and on or continue the parameter (P1 that the application program work needs via register (PSR) 511; P2, P3......).
For example; Application execution unit 523 is handled, is used the encryption of these parameters or use the decryption processing by the encryption key that encryption generated of using these parameters through the xor operation of using the parameter of being obtained from register (PSR) 511, generates displays content data.
Parameter P1, P2, P3...... are each preset program performance element or the different parameters of content display unit for the application program of carrying out in application execution unit 523 places (content 551); Wherein the sequentially every predetermined space of application execution unit 523 is just from register (PSR) 511 get parms P1, P2, P3, and carries out and use these CALCULATION OF PARAMETERS or the encryption of being obtained.
For example, parameter P1, P2, P3 are set to encryption parameter or calculating parameter, are used for the partial content section of the demonstration time quantum of the content that application program appeared of execution in application execution unit 523 places.For example, be provided with, make each content presentative time cycle just must be sequentially from register (PSR) 511 and performed processing, obtain different parameters, so that rendering content, such as
The computing that time t1 handles to the description of contents that appearing of the interior content part of t2 needs application parameter P1,
The computing that time t2 handles to the description of contents that appearing of the interior content part of t3 needs application parameter P2,
The computing that time t3 handles to the description of contents that appearing of the interior content part of t4 needs application parameter P3,
Or the like.
For example, correct content is that (P1, P2, XOR P3......) (XOR) operate and obtain with parameter through content 511 configuration datas.Perhaps, (P3......) processing sequence generates different decruption keys for P1, P2, and these decruption keys are applied to the partial content deciphering that order is carried out, and appears thereby make it possible to continue content through using these parameters.
Safe VM356 in register (PSR) 511 the sequential storage parameter (P1, P2, P3......); These parameters are different to each content section of appearing of carrying out in application execution unit 523 places; Wherein application program is carried out at application execution unit 523 places, and for example Java (registered trademark) or HDMV program are periodically from register (PSR) 511 get parms P1, P2, P3; And carry out and use these CALCULATION OF PARAMETERS or the encryption of being obtained, this is that execution and continuation application program are necessary.
If detect certain safety problem, then stop to provide parameter at safety VM356 place.Stop to provide parameter to mean that application execution unit 523 can not reproduce content, and content playback stop.For this processing example, content uses control to realize through this configuration.
Note; Can carry out such layout; Wherein application execution unit 523 is arranged to via register 512 (GPR) and periodically sends a message to safe VM356; So that in each moment that for example need obtain new argument parameter request message is write register 512 (GPR), and safe VM356 writes register (PSR) 511 in response to the parameter request that writes register 512 (GPR) with parameter.
To describe content with reference to Figure 18 below and use the control and treatment sequence.The processing sequence that carry out in safe VM356 and application execution unit 523 places is represented as treatment step S221 to S224.The processing in each step will be described below.
At first, at step S221, the safe VM356 that is used as the security information processing unit determines whether to exist safety problem.As previous said with other accompanying drawing with reference to Fig. 6, safe VM356 receives monitor message from event handler 354, and is detecting under the situation of handling mistake or unauthorized processing etc., and such information is imported into safe VM356.If there is not special survey to arrive safety problem, then safe VM356 will write register (PSR) 511 for the necessary parameter of executive utility.
Next, at step S223, application execution unit 523 is obtained the parameter that writes register (PSR) 511, and utilizes from the value executive utility that register read at step S224.
The parameter that is write register (PSR) 511 by safety VM356 is periodically carried out, and wherein application execution unit 523 is periodically obtained the parameter that writes register (PSR) 511, and utilizes the parameter executive utility that is obtained.
For example, sequentially stored parameter (P1, P2 in register (PSR) 511 of safe VM356; P3......), wherein these parameters are different for each content playback section of carrying out in application execution unit 523 places, and wherein application program is performed at application program unit 523 places; For example Java (registered trademark) or HDMV program; Periodically from register (PSR) 511 get parms (P1, P2, P3......); And carry out and use these CALCULATION OF PARAMETERS or the encryption of being obtained from register (PSR) 511, this is that execution and continuation application program are necessary.
If detected safety problem at safety VM356 place, handled such as unauthorized, then security server 356 stops parameter being write register (PSR) 511.Stop to write parameter and mean that application execution unit 523 can't get parms from register (PSR) 511, and therefore can not utilize the parameter executive utility, and content playback stops.
As stated; For this processing example; Content uses control to realize through easy configuration, promptly to application program the easy configuration of parameter is provided from safety VM, is used for by for example Java (registered trademark) or the handled little content of HDMV; These contents do not have content protection function, such as above-mentioned encryption or data conversion.
Notice that for this processings example, if safety problem takes place and content playback stops, then the reason that stops of content playback can appear through aforementioned messages and handles by notice to the user.
(4.2.4) the processing example 1 of the employed register of use application execution unit
Next; To a kind of ios dhcp sample configuration IOS DHCP be described with reference to Figure 19; This ios dhcp sample configuration IOS DHCP can realize that message presents the reception with user input, and the reliability between safe VM356 and the application execution unit confirms to handle, and this disposes realization through a kind of like this; Promptly wherein enabled by read/write, to use by the safe VM356 that is used as the security information processing unit by the employed component register of application execution unit.
Figure 19 illustrates the safe VM356 that is used as the security information processing unit, for example is arranged on application execution unit 524 and three registers of AV layer: register X (PSR-X) 571, register Y (PSR-Y) 572 and register Z (PSR-Z) 573.
Register X (PSR-X) the 571st, safe VM356 carries out write operation and the register of application execution unit 524 execution read operations.After safety VM356 carries out write operation to register X (PSR-X) 571; Carry out the event notice that changes based on register X (PSR-X) 571 places to application execution unit 524, thereby application execution unit 524 can be known register X (PSR-X) 571 has been carried out write operation.
For example appear message and executive utility-such as Java (registered trademark) or HDMV etc.-application execution unit 524 check register X (PSR-X) 571 once receiving about the notice of register X (PSR-X) 571 having been carried out write operation; And carry out and handle, such as showing alert message in response to this value.
And, register Y (PSR-Y) the 572nd, application execution unit 524 is carried out write operation to it and safe VM356 carries out the register of read operation to it.Appear message and executive utility-such as Java (registered trademark) or HDMV etc.-application execution unit 524 will write register Y (PSR-Y) 572 corresponding to value to the notice of safety VM356.
After data being write register Y (PSR-Y) 572, notify (INTRP: interrupt) to safety VM356.Safe VM356 carries out and the corresponding processing of value that writes register Y (PSR-Y) 572.The user input values that the message of for example, having carried out about application execution unit 524 shows is written into register Y (PSR-Y) 572.
Register Z (PSR-Z) the 573rd, safe VM356 and application execution unit 524 can be carried out the register of read and write operation to it.Register Z (PSR-Z) 573 is used as treatment state notice register mutual between safe VM356 and the application execution unit 524.
To describe the message of using this configuration with reference to Figure 20 below appears to import to receive with the user and handles sequence.Figure 20 illustrates safe VM356, application execution unit 524 and three registers that are used as the security information processing unit: register X (PSR-X) 571, register Y (PSR-Y) 572 and register Z (PSR-Z) 573.
The normal application program of carrying out is to be used for carrying out the Java (registered trademark) that for example is stored in information recording carrier or the application program of HDMV content at application execution unit 524 places.In Figure 20, the processing sequence that carry out in safe VM356 and application execution unit 524 places is represented as treatment step S231 to S237.The processing in each step will be described below.
At first, at step S231, we suppose that safe VM356 detects certain safety problem in content playback is handled.As previous said with other accompanying drawing with reference to Fig. 6, safe VM356 receives monitor message from event handler 354, and if detect processing mistake or unauthorized processing etc., then such information is imported into safe VM356.
If in content playback is handled, detect mistake, such as certain security procedure, then safe VM356 will be provided with in advance corresponding to each wrong error code in step S232 and write register X (PSR-X) 571.After the write operation of carrying out register, carry out event notice to using performance element 524, thereby application execution unit 524 can be known register X (PSR-X) 571 has been carried out write operation based on the change at register X (PSR-X) 571 places.
At step S233, application execution unit 524 is because event notice and detected register write operation, and obtains the error code that writes register X (PSR-X) 571.After obtaining the error code that writes register X (PSR-X) 571, the message that is provided with corresponding to the error code of being obtained is outputed to display unit at step S234.
As above said with reference to Figure 14, the message data that is presented on the display unit is video data that for example wherein has been set up message and user input unit etc.In step S235, detect after user's input, application execution unit 524 writes register Y (PSR-Y) 572 at step S236 with user's input information.
Be written into register Y (PSR-Y) after 572 in data, notify (INTERP: interrupt) safety VM356.After detecting write operation to register Y (PSR-Y) 572 through notice (INTERP: interrupt); Safe VM356 for example carries out and the corresponding processing of value that writes register Y (PSR-Y) 572 at step S237; Obtain the user input values of the message demonstration of having carried out about application execution unit 524, and execution and the corresponding processing of user input values.
Though in above-mentioned processing sequence, there is not the use of indicator register Z (PSR-Z) 573; But register Z (PSR-Z) the 573rd can be by the register of safety VM356 and application execution unit 524 read-writes, and is used as treatment state mutual between safety VM356 and application execution unit 524 and notifies register.
For example; Can carry out how much processing is register Z (PSR-Z) 573 settings according to safety VM356 and application execution unit 524; The two can both confirm that what in handling sequence, have carried out each other handles thereby allow them; Be set to value=0 such as register Z (PSR-Z) for example 573 in original state, and accomplished at safety VM356 and to have handled and moment that application execution unit 524 will be carried out treatment step, register Z (PSR-Z) 573 is set to value=1; And then next; In the moment that application execution unit 524 has been accomplished processing and safe VM356 will carry out treatment step, register Z (PSR-Z) 573 is set to value=2, or the like.And when finishing or cancel processing, this value turns back to the initial setting up value=0 of register Z (PSR-Z) 573.
Therefore, safe VM356 and application execution unit 524 can be carried out correct handling according to handling sequence through register Z (PSR-Z) 573 being used as the mutual treatment state notice register between safe VM356 and the application execution unit 524.
Further; Reliability between safe VM356 and the application execution unit 524 is confirmed to handle and can be carried out by safe VM356 that all uses three available registers and application execution unit 524, and wherein three registers are register X (PSR-X) 571, register Y (PSR-Y) 572 and register Z (PSR-Z) 573 shown in Figure 19.
To confirm to handle sequence with reference to the reliability that Figure 21 describes between safe VM356 and the application execution unit 524 below.Figure 21 is a processing sequence of describing safe VM356 and application execution unit 524 execution query/response processing, thus the figure of the each other positive proper operation of conclusive evidence.Below these steps will be described.
At first, at step S241-a, application execution unit 524 generates suitable value (for example, random number), and it is write register Y (PSR-Y) 572.Further, in step S241-b, state value (for example, 2) is written into register Z (PSR-Z) 573.
Safe VM356 detects data through notice and has been written into register Y (PSR-Y) 572, and in step S242, reads the data that write register Y (PSR-Y) 572.
Further, safe VM356 to the value (random number) that read from register Y (PSR-Y) 572 carry out tentation data handle, such as for example computing or encryption, and in step S243-a, end value is write register X (PSR-X) 571.At step S243-b, safe VM356 writes register Z (PSR-Z) 573 with state value (for example, 1).
At step S244, application execution unit 524 reads the data that write register X (PSR-X) 571, and at step S245, carries out the check to data streams read.For example; Application execution unit 524 is based on generated and notified the random number of giving safe VM356 by application execution unit 524; Carry out and more mutual verification by the result of itself performed calculating or encryption; And if this and the value coupling that is read from register X (PSR-X) 571, confirm that then safe VM356 is the safe VM356 that carries out correct handling.Note, application execution unit 524 and safe VM356 to the performed computing of random number or encryption preferably based on the processing of sharing security information.
Can carry out such setting, reliability wherein shown in Figure 21 is confirmed to handle quilt and is carried out repeatedly perhaps wherein safe VM356 issue random number repeatedly.Have this reliability affirmation function and carry out the reliability affirmation to using the application program of carrying out in performance element 524 places with regard to making it possible to; Therefore just enough with its in the past the same configuration; And any special restriction to the robustness of application layer (AV layer) is not provided, this is very large advantage.
The application program of carrying out in the AV layer place that is used as application execution unit 524 is carried out by common CPU usually; This means if require high-caliber robustness; Then realize very expensive; But this processing example supports the reliability between safe VM356 and the application execution unit 524 to confirm just to support such setting, and wherein high robust does not require at application execution unit 524 place's executive utilities.
(4.2.5) the processing example 2 of the employed register of use application execution unit
Next, will describe another ios dhcp sample configuration IOS DHCP with reference to Figure 22, this ios dhcp sample configuration IOS DHCP makes the employed component register of application execution unit can be used as the safe VM356 read/write of security information processing unit.This processing example also has supports message to appear and the user imports receptions, and further supports reliability between safe VM356 and the application execution unit to confirm the configuration of processing.
Figure 22 illustrates the safe VM356 that is used as the security information processing unit, for example is arranged on application execution unit 525 and two registers at AV layer place: register X (PSR-X) 581 and register Y (PSR-Y) 582.This configuration be wherein from previous with reference to the configuration of having omitted register Z (PSR-Z) the described configuration of Figure 19.
Register X (PSR-X) the 581st, safe VM356 carries out write operation to it and application execution unit 525 is carried out the register of read operation to it.After safety VM356 carries out the write operation to register X (PSR-X) 581; Carry out the event notice that changes based on register X (PSR-X) 581 places to using performance element 525, thereby application execution unit 525 can be known register X (PSR-X) 581 has been carried out write operation.
The application execution unit 525 that for example presents message and carry out Java (registered trademark) or HDMV application program is checked register X (PSR-X) 581 once receiving about the notice of register X (PSR-X) 581 having been carried out write operation, and in response to value carry out handle, such as showing alert message.
And, register Y (PSR-Y) the 582nd, application execution unit 525 is carried out write operation to it and safe VM356 carries out the register of read operation to it.The application execution unit 525 that presents message and carry out Java (registered trademark) or HDMV application program will write register Y (PSR-Y) 582 for the corresponding value of content of safe VM356 with notice.
After data are written into register Y (PSR-Y) 582, notify (INTRP: interrupt) to safety VM356.Safe VM356 carries out and the corresponding processing of value that writes register Y (PSR-Y) 582.The user input values that the message of for example, having carried out about application execution unit 525 shows is written into register Y (PSR-Y) 582.
For this configuration, be not provided with before with reference to the described register Z of Figure 19, promptly be used between safety VM356 and application execution unit 525 register of treatment state notice each other.For this processing example, value is write register X (PSR-X) 581 and register Y (PSR-Y) 582 is used to the state notifying between safe VM356 and the application execution unit 525.
As shown in the figure; Carry out at safety VM356 safety VM356 is carried out write operation to it and application execution unit 525 when it is carried out the write operation of register X (PSR-X) 581 of read operation; Safe VM356 carry out be used for except that with the corresponding value of content of announcement the processing of writing register X (PSR-X) 581 of treatment state position, such as register write data 591.Application execution unit 525 can be understood treatment state through reading this treatment state position.
As shown in the figure; Carry out using that performance element 525 is carried out write operation to it and safe VM356 when it is carried out the write operation of register Y (PSR-Y) 582 of read operation in application execution unit 525; Application execution unit 525 carry out be used for except that with the corresponding value of content of announcement the processing of writing register Y (PSR-Y) 582 of treatment state position, such as register write data 592.Safe VM356 can understand treatment state through reading this treatment state position.
Therefore,, the treatment state position is write together data being write register X (PSR-X) 581 and register Y (PSR-Y) at 582 o'clock, thereby realize that the mutual treatment state between safe VM356 and the application execution unit 524 notifies for this configuration.
To describe the message of using this configuration with reference to Figure 23 below appears to import to receive with the user and handles sequence.Figure 23 illustrates safe VM356, application execution unit 525 and two registers that are used as the security information processing unit: register X (PSR-X) 581 and register Y (PSR-Y) 582.
Usually the application program of carrying out at application execution unit 525 places is to be used for carrying out the Java (registered trademark) that for example is stored in information recording carrier or the application program of HDMV content.Processing sequence in safety VM356 and the execution of application execution unit 525 places is represented as treatment step S241 to S247 in Figure 23.The processing in each step will be described below.
At first, at step S241, we suppose that safe VM356 detects certain safety problem in content playback is handled.As previous said with other accompanying drawing with reference to Fig. 6, safe VM356 receives the monitor message from event handler 354, and if detect processing mistake or unauthorized processing, then such information is imported into safe VM356.
If in content playback is handled, detect mistake, such as certain safety problem, then safe VM356 will be provided with in advance corresponding to each wrong error code at step S242 and write register X (PSR-X) 581.Data are being write register X (PSR-X) 581 o'clock, predetermined state notifying position also is written into together.
Owing to carry out write operation, carry out the event notice that changes based on register X (PSR-X) 581 places to using performance element 525, thereby application execution unit 525 can be known register X (PSR-X) 581 has been carried out write operation to register.
At step S243, application execution unit 525 detects register through event notice and writes, and obtains error code and the state notifying position that is written into register X (PSR-X) 581.After obtaining the error code that writes register X (PSR-X) 581, application execution unit 525 outputs to display unit in the message that step S244 will be provided with corresponding to the error code of being obtained.
As previous said with reference to Figure 14, the message data that is presented on the display unit is video data that for example wherein has been provided with message and user input unit etc.After step S245 detected user's input, application execution unit 525 write register Y (PSR-Y) 582 at step S246 with user's input information.Data are being write register Y (PSR-Y) 582 o'clock, predetermined state notifying position is also write together.
Be written into register Y (PSR-Y) at 582 o'clock in data, notify (INTRP: interrupt) safety VM356.After detecting write operation to register Y (PSR-Y) 582 through notice (INTRP: interrupt); Safe VM356 carries out and the corresponding processing of value that writes register Y (PSR-Y) 582 at step S247; For example obtain the user input values of the message demonstration of having carried out about application execution unit 524, and execution and the corresponding processing of user input values.At this moment, safe VM356 also reads the state notifying position that is write register Y (PSR-Y) 582 by safety VM356, and confirms treatment state.
With the mode bit that is written into register can basis identical with the example of previous settings with reference to the described PSR-Z of being used for of Figure 20 structure is set.For example, value=0 is set, and has accomplished processing at safety VM356 in original state; And application execution unit 525 is provided with value=1, then next will carry out treatment step the time; Accomplished processing in application execution unit 525, and safe VM356 is provided with value=2 will carry out treatment step the time; Or the like, so that the treatment progress of having carried out according to safety VM356 and application execution unit 525 comes settings.And when end or cancellation were handled, this value turned back to initial setting up value=0.
Therefore, safe VM356 and application execution unit 525 can come to carry out correct handling according to handling sequence through register X (PSR-X) 581 and register Y (PSR-Y) 582 being used for mutual treatment state notice.
In addition, the reliability between safe VM356 and the application execution unit 525 is confirmed to handle and can be carried out by safe VM356 and the application execution unit 525 of all using available register X (PSR-X) 581 and register Y (PSR-Y) 582.
To confirm to handle sequence with reference to the reliability that Figure 24 describes between safe VM356 and the application execution unit 525 below.Thereby Figure 24 is the figure that describes the processing sequence of safe VM356 and the each other positive proper operation of application execution unit 525 execution query/response processing affirmations.Below these steps will be described.
At first, at step S251, application execution unit 525 generates suitable value (random number), and it is write register Y (PSR-Y) 582.At this moment, application execution unit 525 also will indicate the mode bit of treatment state to write register Y (PSR-Y) 582.
Safe VM356 detects through notice (INTERP_PresentationLayer) data is write register Y (PSR-Y) 582, and reads the data that write register Y (PSR-Y) 582 at step S252.When reading, also reading state position, and affirmation treatment state.
Further, safe VM356 to the value (random number) that read from register Y (PSR-Y) 582 carry out predetermined data processing, such as computing or encryption, and, end value is write register X (PSR-X) 581 at step S253.When carrying out this processing, safe VM356 also will indicate the mode bit of treatment state to write register X (PSR-X) 581.
At step S254, application execution unit 525 reads the data that write register X (PSR-X) 581.When reading, go back the reading state position, and confirm treatment state.
Next, at step S255, application execution unit 525 is carried out the inspection of data streams read.For example; Application execution unit 525 generates and notifies the random number of giving safe VM356 based on application execution unit 525; Carry out and more mutual verification by the result of itself performed calculating or encryption; And if this and the value coupling that is read from register X (PSR-X) 581, confirm that then safe VM356 is the safe VM356 that carries out correct handling.Note, application execution unit 525 and safe VM356 to the performed computing of random number or encryption preferably based on the processing of sharing security information.
Can carry out such layout, reliability wherein shown in Figure 24 is confirmed to handle quilt and is carried out repeatedly perhaps wherein safe VM356 issue random number repeatedly.Use the processing example 1 of the employed register of application execution unit like (4.2.4) of previous description; Have this reliability and confirm that function makes it possible to that the application program of carrying out in application execution unit 525 places is carried out reliability and confirms; Therefore the configuration the same with the past is enough; And any special restriction to the robustness of application layer (AV layer) is not provided, this is a great advantage.
(4.3) use message demonstration and the content of sharing storage space to use control
To describe below and use the message of sharing storage space to show and content use control.
Figure 25 diagram use to share storage space and realize that message shows with content and use the basic configuration of controlling.Safe VM356 shown in Figure 25 is and the identical safe VM356 of safe VM356 that describes with reference to Fig. 6, Figure 10 and Figure 11.That is to say that this is at the main frame that is used for carrying out the data conversion process the safe VM356 as virtual machine to be set, and is used as the security information processing unit.
As said with other accompanying drawing with reference to Fig. 6, the safe VM356 that is used as the security information processing unit carries out and reads data conversion handling procedure 315 that comprises command code information and the processing of carrying out this program from information recording carrier 310.In addition, the id information of the player (messaging device) of safe VM356 input execution host application program is as player information 355, and input is from the monitor message of event handler 354.Whether event handler 354 is carried out about the performed processing of safety VM356 just by the emulator verification of correct execution; And other host application program is monitored with the processing and the state that are used as the player (messaging device) of host application program actuating equipment; And if detected processing mistake or unauthorized processing etc., would then cancel the data conversion of safe VM356 and handle.
For this processing example; The storage space 612 that will between safe VM356 that is used as the security information processing unit and application execution unit 601, share is arranged in the storer 611, wherein uses and shares storage space 612 message transfer, order, parameter, data or the like between them.The application program of carrying out in application execution unit 601 places is to be used to carry out the application program that Various types of data is handled; And be performed various application programs on such as the messaging device of PC etc., be used for handling through carrying out content playbacks with reference to the described main frame 350 of Fig. 6, Figure 10 and Figure 11.
For example, application program is to be used to the UI function is provided so that the UI function that shows various types of messages and receive user input provides program, as previously mentioned, be used for carrying out the Java (registered trademark) that is stored in information recording carrier and application program of HDMV content or the like.Notice that these application programs can be that messaging device has been stored in the program in the hard disk etc. in advance, or the program of from information recording carrier, reading.
Shared storage space 612 shown in Figure 25 is used as safe VM356 and application execution unit 601 can both be to its space of reading and writing.Therefore, utilize storage space to replace register, can realize with reference to Figure 15 to the identical processing of the described all kinds processing of Figure 24.That is to say, be described as the processing of the following type of register application processing:
The UI function of the use register of (a) describing with reference to Figure 16 provides application program
(b) provide with reference to the use register of Figure 17 description and the UI function of header conversions
The content of the use register of (c) describing with reference to Figure 18 is used control and treatment
(d) register of describing to Figure 24 with reference to Figure 19 uses to be handled
Through realizing via shared storage space 612 message transfer, order, parameter, data etc. between safety VM356 and application execution unit 601.
It is favourable using storage space to write the zone as data, and its reason is that with the contrast of using register, the write data size can be bigger, thereby widened the scope of application program.For example; The data that safe VM356 can will generate through data are write shared storage thus offer application execution unit 601; And on the contrary; Be easy to realize the processing that application execution unit 601 is given safe VM356 with the data transfer that is generated, and in addition, also can realize the associating data processing between the processing of processing and application execution unit 601 of safe VM356.
(4.4) about production process
In order to realize wherein utilizing above-mentioned register or storage space between safety VM and application program, to carry out the configuration of data and parameter I/O; Application program in that application layer is performed is preferably carried out creation, as having the program that is arranged on the processing routine that is used for reference of performance period property register or memory reference wherein in advance.
Under the situation of described wherein permission through the configuration of safe VM change title with reference to Figure 17; Wherein have by the application program performance period property register of the specified title of safety VM with reference to or the program of memory reference just enough; But for the configuration that does not wherein allow to change title through safe VM; Essential is; All application programs basically in that application layer is performed are carried out creation, as the program that has the processing routine that is used for reference of performance period property register or memory reference that is provided with in advance.
As stated; In the performed program of application layer for example is to be used for carrying out the Java (registered trademark) that is stored in information recording carrier or the application program of HDMV content, and carry out creation about these contents, be have be arranged in advance wherein be used for performance period property register with reference to or the program of the processing routine handled of memory reference support above-mentioned processing.
The production process and the information recording carrier production process of these contents will be described with reference to Figure 26 and 27 below.Figure 26 is described in the figure that does not allow the content creation process in the situation of header conversions of carrying out through safety VM.
Application program is generated as being used as in performed Java of application layer (registered trademark) or HDMV content and comprising the application program of the content of the content code that is used as the command code information that safe VM reads and carry out.Step S301 is the exploitation/proof procedure of this application program and content code.
Application program in that step S301 is generated is created the program that is arranged on the processing routine that is used for reference of performance period property register or memory reference processing wherein in advance for having.And content code comprises the command code that message output and the cyclic parameter output of safe VM are carried out in definition through setting.
At step S302, under the situation of necessity, the application program and the content code that are generated among the step S301 are encrypted, in step S303, it is write in the dish to make CD then.The disc making process of step S303 comprises the making and the pressing mold operation of master.
According to these processes; Be recorded in content in the information recording carrier and be the content that comprises the performed code information of application program and virtual machine; Wherein application program is set to comprise the program of the processing routine that is used for reference of performance period property register or memory reference, and code information is configured to comprise the exectorial information that is used for the error code of obtaining through safety inspection is write the processing of register or storer.
These contents that are stored in the information recording carrier are can carry out with reference to Figure 15 to the described all kinds of processed content of Figure 25.
Figure 27 diagram the content creation process in allowing to carry out the situation of header conversions through safety VM.Carry out in the ios dhcp sample configuration IOS DHCP of header conversions through safety VM wherein allowing of describing with reference to Figure 17, wherein only have by the application program performance period property register of the specified title of safety VM with reference to or the program of memory reference just enough.
Therefore, for normal application program, need not be set to comprise the program of the processing routine that is used for reference of performance period property register or memory reference, and application program can free development.Certain application program be set to comprise be used for performance period property register with reference to or the program of the processing routine of memory reference just enough.
Shown in figure 27, the content code exploitation/proof procedure among application development/proof procedure among the step S321 and the step S322 separates, thereby can free development application development/proof procedure, and does not relate to content code.Have only the application program of carrying out the target of header conversions just need be created according to processing shown in Figure 26 as safety VM.
For the process among Figure 27, the content code exploitation/proof procedure among the step S322 can be carried out according to the application development/proof procedure among the step S321.Subsequently, in step S323, just carry out if desired and encrypt, in step S324, be written into then in the dish to make CD.The disc making process of step S324 comprises makes master and pressing mold operation.
Owing to the operation reason; Application development/proof procedure and content code exploitation/proof procedure are separated; Therefore; From putting into practice purpose, be preferred according to the configuration of process shown in Figure 27, and through certain application program be set to comprise be used for the configuration performance period property register that allows to carry out header conversions through safety VM with reference to or the program of the processing routine of memory reference just allow other normal application of free development.
5. the configuration of messaging device
Next, will the Hardware configuration example as the messaging device of main frame executive utility be described with reference to Figure 28.Messaging device 800 has according to each class method-such as OS, content playback and records application program and is used for the program etc. of mutual authentication processing-the carry out CPU809 of data processing; Be used as the ROM880 of the storage area that is used for program, parameter etc.; Storer 810; With the I/O I/F802 that is used for the digital signal I/O; The I/O I/F804 that is used for the simulating signal I/O with A/D, D/A converter 805; Be used to carry out the MPEG CODEC803 that the mpeg data Code And Decode is handled; Be used to carry out the TS-PS processing unit 806 that TS (MPTS)-PS (program flow) handles; Be used to carry out all kinds of encryptions-such as mutual checking decryption processing of encrypted content etc.-cryptographic processing unit 807; Recording medium 812, such as hard disk; And be used for activation record medium 812 and carry out the driver 811 of the I/O of data recording/reproducing signal, wherein each block all links to each other with bus 801.
Messaging device (main frame) 800 is through connecting bus-link to each other with driver such as for example ATAPI-BUS-.Repairing table, content etc. are transfused to/export through digital signal I/O I/F802.Encryption and decryption processing are by execution such as cryptographic processing unit 807 application examples such as aes algorithms.
Notice that the program that is used for carrying out content playback or recording processing is stored in for example ROM808, and during the executive routine, if desired, storer 810 is used to preserve the perform region of parameter and data.
ROM808 or recording medium 812 are stored the public keys of administrative center for example, the privacy key that is used for main frame, the public keys that is used for main frame and are proved, are used as in addition the driver CRL that cancels tabulation, or the like.
When content playback is handled,, carry out various message and show based on the safety inspection information that above-mentioned safe VM356 has obtained.
So far, this paper describes in detail the present invention with reference to specific embodiment.But any is arranged is self-evident, and promptly those skilled in the art can modify or replace embodiment under the situation that does not break away from essence of the present invention.That is to say that the present invention is disclosed with exemplary forms, and should the present invention be interpreted as restrictive.Should partly judge essence of the present invention with reference to claims.
Processing series described in the attention, instructions can be carried out by hardware, software or both combinations.In the situation of handling with software executing, the program of recording processing sequence can be installed in the storer in the computing machine that has built-in specialized hardware and be performed, and perhaps program can be installed in and can carry out in the multi-purpose computer of all kinds of processing.
For example, program can be recorded in hard disk in advance or be used as among the ROM (ROM (read-only memory)) of recording medium.Perhaps, it can temporary or permanently be stored (record) in removable medium, such as floppy disk, CD-ROM (compact disk ROM (read-only memory)), MO (magneto-optic) dish, DVD (digital versatile dish), disk, semiconductor memory or the like.This removable recording medium may be provided in so-called package software.
Note; Except program is installed to the computing machine from for example above-mentioned removable recording medium; Can also program be sent to computing machine from download address through wireless mode; Or through being sent to computing machine such as the such cable system of LAN (LAN) or the Internet, wherein computing machine receives the program of being transmitted by this way, so that it is installed in such as in the built-in recording mediums such as hard disk.
And all kinds of processing described in the instructions are not limited to carry out according to described time series, but can carry out concurrently or independently, and this depends on the handling property of carrying out the equipment of handling.Be also noted that system as used in this specification is that the logic of a plurality of equipment is integrated, be not limited to all equipment in a cabinet of each configuration.

Claims (29)

1. one kind is used to carry out the content playback information processed treatment facility from information recording carrier, comprising:
The security information processing unit, the safety inspection information that is used for content-based reproduction sequence is confirmed output message, and will follow the message output command of the selection information of output message to output to application execution unit;
Application execution unit is used for obtaining information based on the selection information of being imported from said security information processing unit, and outputs to display unit; With
Three registers; Wherein first register is write and is read by application execution unit by the security information processing unit; Second register is write by application execution unit and is read by the security information processing unit, and the 3rd register is read/write by application execution unit and security information processing unit.
2. messaging device as claimed in claim 1; Wherein said security information processing unit is configured to carry out based on safety inspection information confirms the processing of output message content and the processing that content-based reproduction player information is confirmed the output message language, and execution will be used for outputing to said application execution unit according to this message selection information of confirming that information is selected.
3. messaging device as claimed in claim 1, wherein said application execution unit are to carry out to be used to receive the configuration that outputs to the processing of said security information processing unit with the corresponding user's input of the message that on said display unit, is shown and with the user's input information that is received.
4. messaging device as claimed in claim 1, wherein said application execution unit are configured to shield demonstration osd function performance element;
And wherein said security information processing unit is to be used for calling the configuration that OSD-CALL carries out the message output command of the selection information of following output message based on OSD.
5. messaging device as claimed in claim 1, wherein said security information processing unit are configured to be used for obtaining the command code that is recorded in information recording carrier and carry out the virtual machine of data processing according to said command code.
6. one kind is used to carry out the content playback information processed treatment facility from information recording carrier, comprising:
The security information processing unit is used for carrying out and obtains the processing that writes register or storer with the corresponding error code of safety inspection information of content playback sequence and with said error code;
Application execution unit is used for obtaining error code from said register or storer, the corresponding information of error code that obtains Yu obtained, and with the output of the message obtained on display unit; With
Three registers; Wherein first register is write and is read by application execution unit by the security information processing unit; Second register is write by application execution unit and is read by the security information processing unit, and the 3rd register is read/write by application execution unit and security information processing unit.
7. messaging device as claimed in claim 6; Wherein said application execution unit be configured to carry out be used to receive with said display unit on the corresponding user's input of display message, and the user's input information that is received write the processing of register or storer;
And wherein said security information processing unit is configured to carry out the processing that is used to obtain the user's input information that writes said register or storer.
8. messaging device as claimed in claim 6, wherein said security information processing unit have the configuration that is used for the order of execution applied transformation is outputed to said application execution unit;
And wherein, based on said applied transformation order, said application execution unit is carried out and is transformed into the application program that is used for via the data transfer process of register or storer execution and said security information processing unit, and message is outputed to said display unit.
9. messaging device as claimed in claim 6; Wherein said security information processing unit and said application execution unit will indicate the state value of treatment state to write said register or storer; And said security information processing unit and said application execution unit are configured to read the state value of the indication treatment state that is written into said register or storer, and carry out the affirmation of said treatment state.
10. messaging device as claimed in claim 6, wherein said security information processing unit and said application execution unit are configured to carry out mutual reliability through the data transfer process of using said register or storer and confirm to handle.
11. messaging device as claimed in claim 6, wherein said security information processing unit is configured to virtual machine, and said virtual machine obtains the command code that is recorded in the information recording carrier, and carries out data processing according to said command code.
12. a messaging device comprises:
Application execution unit is used for carrying out the application program that is stored in information recording carrier; With
The security information processing unit, being used to carry out will be for carrying out at said application execution unit place or continuing the processing that the necessary parameter of application program writes register or storer;
Wherein said application execution unit is configured to obtain the parameter that said security information processing unit is write from said register or storer; And through using that said CALCULATION OF PARAMETERS is handled or encryption is carried out for carrying out or continue the necessary data processing of said application program, thereby carry out or continue said application program; With
Three registers; Wherein first register is write and is read by application execution unit by the security information processing unit; Second register is write by application execution unit and is read by the security information processing unit, and the 3rd register is read/write by application execution unit and security information processing unit.
13. messaging device as claimed in claim 12, wherein said register or storer are player status registers, and comprise:
First player status registers, wherein said security information processing unit carries out write operation to it, and said application execution unit is carried out read operation to it; With
Second player status registers, wherein said application execution unit is carried out write operation to it, and said security information processing unit carries out read operation to it.
14. messaging device as claimed in claim 12, wherein said security information processing unit is configured to carry out the processing that the different parameters order is write said register or storer;
And; Wherein said application execution unit is configured to obtain said security information processing unit from said register or memory order and writes different parameters wherein in proper order; And carry out the computing or the encryption of the different parameters of application order, thereby carry out or continue said application program.
15. messaging device as claimed in claim 12, wherein said application execution unit are configured to handle or encryption through carrying out the CALCULATION OF PARAMETERS of using from said register or storer obtained, and carry out the generation of output data and handle.
16. messaging device as claimed in claim 12; Wherein said application execution unit is configured to handle or use the encryption of said parameter or utilize the decryption processing by the encryption key that encryption generated of using said parameter through using from the xor operation of the parameter that said register or storer obtained, and carries out the generation of output data and handles.
17. one kind is used to carry out the content playback information processed disposal route from information recording carrier, comprises the following steps:
Carry out security information at security information processing unit place and handle, the safety inspection information that is used for content-based reproduction sequence is confirmed output message, and will follow the message output command of the selection information of said output message to output to application execution unit;
The executive utility operation is used for obtaining information based on the selection information of being imported from said security information processing unit, and outputs to display unit at the application execution unit place; With
Through using three registers to communicate; Wherein first register is write and is read by application execution unit by the security information processing unit; Second register is write by application execution unit and is read by the security information processing unit, and the 3rd register is read/write by application execution unit and security information processing unit.
18. information processing method as claimed in claim 17; Wherein said security information processing execution confirms that based on safety inspection information the processing of output message content and content-based reproduction player information confirm the processing of output message language, and will be used for according to confirming that message selection information that information is selected outputed to said application execution unit.
19. information processing method as claimed in claim 17; Further comprise the following steps: to receive and the corresponding user's input of message that is presented on the said display unit, and the user's input information that is received is outputed to said security information processing unit at said application execution unit place.
20. information processing method as claimed in claim 17, wherein said application execution unit are configured to shield demonstration osd function performance element;
And wherein said security information is handled based on OSD and is called the message output command that OSD-CALL carries out the selection information of following said output message.
21. one kind is used to carry out the content playback information processed disposal route from information recording carrier, comprises the following steps:
Carry out security information at security information processing unit place and handle, be used for carrying out and obtain the processing that writes register or storer with the corresponding error code of safety inspection information of content playback sequence and with said error code;
The executive utility operation at the application execution unit place is used for obtaining said error code from said register or storer, the corresponding information of error code that obtains Yu obtained, and the message of being obtained exported on display unit; With
Through using three registers to communicate; Wherein first register is write and is read by application execution unit by the security information processing unit; Second register is write by application execution unit and is read by the security information processing unit, and the 3rd register is read/write by application execution unit and security information processing unit.
22. information processing method as claimed in claim 21 further comprises the following steps:
Carry out to handle at said application execution unit place, be used to receive with said display unit on the corresponding user's input of display message, and the user's input information that is received write register or storer; With
Carry out processing at said security information processing unit place, be used to obtain the user's input information that writes said register or storer.
23. information processing method as claimed in claim 21 further comprises the following steps:
To carry out the applied transformation order at said security information processing unit place and output to said application execution unit; With
Based on said applied transformation order, execution is transformed into the application program that is used for via the data transfer process of register or storer execution and said security information processing unit at said application execution unit place, and message is outputed to said display unit.
24. information processing method as claimed in claim 21 further comprises the following steps:
At said security information processing unit and said application execution unit place, execution will indicate the state value of treatment state to write said register or storer; With
Carry out at said security information processing unit and said application execution unit place the reading of the state value of the indication treatment state that is written into said register or storer, and carry out the affirmation of said treatment state.
25. information processing method as claimed in claim 21; Further be included in the step that said security information processing unit and said application execution unit place carry out, be used for carrying out mutual reliability and confirm to handle through the data transfer process of using said register or storer.
26. an information processing method comprises the following steps:
The application program of carrying out at the application execution unit place is carried out, and is used for carrying out the application program that is stored in information recording carrier;
The parameter of carrying out at security information processing unit place writes, and being used to carry out will be for carrying out at said application execution unit place or continuing the processing that the required parameter of application program writes register or storer;
At said application execution unit place; Obtain the parameter that said security information processing unit is write from register of living in or storer; And through using that said CALCULATION OF PARAMETERS is handled or encryption is carried out for continuing or carry out the required data processing of said application program, thereby carry out or continue said application program; With
Through using three registers to communicate; Wherein first register is write and is read by application execution unit by the security information processing unit; Second register is write by application execution unit and is read by the security information processing unit, and the 3rd register is read/write by application execution unit and security information processing unit.
27. information processing method as claimed in claim 26 is wherein carried out said parameter at said security information processing unit place and is write, and is used to carry out the processing that the different parameters order is write said register or storer;
And; Wherein said application execution unit is sequentially obtained said security information processing unit from said register or storer and is write different parameters wherein in proper order; And carry out the computing or the encryption of the different parameters of application order, thereby carry out or continue said application program.
28. information processing method as claimed in claim 26, wherein said application execution unit is handled or encryption through carrying out the CALCULATION OF PARAMETERS of using from said register or storer obtained, and carries out the generation of output data and handles.
29. information processing method as claimed in claim 26; Wherein said application execution unit is configured to handle or use the encryption of said parameter or utilize the decryption processing by the encryption key that encryption generated of using said parameter through using from the xor operation of the parameter that said register or storer obtained, and carries out the generation of output data and handles.
CN2006101262168A 2005-08-26 2006-08-25 Information processing apparatus, information recording medium, information processing method, and computer program Active CN101131721B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
JP2005-245943 2005-08-26
JP2005245943A JP4765485B2 (en) 2005-08-26 2005-08-26 Information processing apparatus, information recording medium, information processing method, and computer program
JP2005245943 2006-08-26

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN201210123935XA Division CN102750467A (en) 2005-08-26 2006-08-25 Information processing device, information processing method, and computer program

Publications (2)

Publication Number Publication Date
CN101131721A CN101131721A (en) 2008-02-27
CN101131721B true CN101131721B (en) 2012-07-04

Family

ID=37922160

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201210123935XA Pending CN102750467A (en) 2005-08-26 2006-08-25 Information processing device, information processing method, and computer program
CN2006101262168A Active CN101131721B (en) 2005-08-26 2006-08-25 Information processing apparatus, information recording medium, information processing method, and computer program

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN201210123935XA Pending CN102750467A (en) 2005-08-26 2006-08-25 Information processing device, information processing method, and computer program

Country Status (3)

Country Link
JP (1) JP4765485B2 (en)
CN (2) CN102750467A (en)
TW (1) TW200737134A (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4655951B2 (en) 2006-02-06 2011-03-23 ソニー株式会社 Information processing apparatus, information recording medium manufacturing apparatus, information recording medium and method, and computer program
KR101425621B1 (en) 2008-01-15 2014-07-31 삼성전자주식회사 Method and system for sharing contents securely
JP4799626B2 (en) 2009-02-04 2011-10-26 ソニーオプティアーク株式会社 Information processing apparatus, information processing method, and program
JP5719244B2 (en) 2011-06-29 2015-05-13 インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation Method, program, and computer apparatus for constructing a safely managed virtual machine execution environment
CN105103232B (en) * 2013-03-28 2017-09-22 三菱电机株式会社 Transcriber, control method and program
CN106293625A (en) * 2015-06-09 2017-01-04 中兴通讯股份有限公司 A kind of method and apparatus of configuration register

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6104860A (en) * 1996-06-19 2000-08-15 Sony Corporation Conditional access system for local storage device

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0273083B1 (en) * 1986-12-30 1993-10-06 International Business Machines Corporation Non-locking queueing mechanism
JPH0644026A (en) * 1992-07-23 1994-02-18 Kobe Nippon Denki Software Kk Message output control system
JP3537959B2 (en) * 1996-07-26 2004-06-14 栄司 岡本 Information decryption device
US6047391A (en) * 1997-09-29 2000-04-04 Honeywell International Inc. Method for strong partitioning of a multi-processor VME backplane bus
JP2000163803A (en) * 1998-11-24 2000-06-16 Victor Co Of Japan Ltd Information recording medium and information recording medium genuine/false decision device
JP4657468B2 (en) * 2001-02-23 2011-03-23 株式会社沖データ Device with help function
JP3921057B2 (en) * 2001-05-11 2007-05-30 株式会社エヌ・ティ・ティ・ドコモ Access method and communication terminal
EA015549B1 (en) * 2003-06-05 2011-08-30 Интертраст Текнолоджис Корпорейшн Interoperable systems and methods for peer-to-peer service orchestration
BRPI0612004B8 (en) * 2005-06-27 2018-09-11 Matsushita Electric Ind Co Ltd playback apparatus and message acquisition method

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6104860A (en) * 1996-06-19 2000-08-15 Sony Corporation Conditional access system for local storage device

Also Published As

Publication number Publication date
JP2007058749A (en) 2007-03-08
JP4765485B2 (en) 2011-09-07
CN102750467A (en) 2012-10-24
CN101131721A (en) 2008-02-27
TW200737134A (en) 2007-10-01
TWI336072B (en) 2011-01-11

Similar Documents

Publication Publication Date Title
CN101112036B (en) Information processing apparatus, information recording medium manufacturing apparatus, and information recording medium
CN102522098B (en) Method and apparatus for processing information, method and apparatus for manufacturing information recording medium, information recording medium, and computer program
US8424101B2 (en) Information processing apparatus and method, information recording medium manufacturing apparatus and method, and information recording medium
CN101107656B (en) Apparatus for reproducing data from recording medium using local storage and method thereof
CN1848271B (en) Information processing device and method
CN101131721B (en) Information processing apparatus, information recording medium, information processing method, and computer program
CN100593205C (en) Information processing device and method, information recording medium, manufacturing device, method and computer program of theinformation recording medium
CN102547201B (en) Information processing device and method, information recording medium manufacturing device and method
CN101017686B (en) Information processing device, information recording medium, manufacturing device, methods, and program
JP4905566B2 (en) Information processing apparatus, information recording medium, information processing method, and computer program
JP4905587B2 (en) Information processing apparatus, information processing method, and computer program

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant