JP2001209726A - License server, copyrighter system, user system, system, recording medium and contents use control method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a license server, copyrighter system, user system, system, recording medium and contents use control method for allowing an information providing authorized person including a person approved by an information prepare such as a copyrighter to execute contents use control, and for highly precisely preventing the illegal use of the contents. SOLUTION: In a license serve for managing the use of contents, a use condition for approving the use of contents and the name of an operation for the contents are accepted, and the accepted use condition for approving the use of contents is registered so as to be made correspond to the name of the operation for the contents.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a license server, a copyright holder system, a user system, a system, and a recording medium for controlling the use of contents provided by an information providing authority such as a copyright holder via an open network. And a content usage control method.

The role of money is to provide people with a fair reward by virtue of its material nature. It was an essential requirement that the object of money was not merely a common concept of sharing, but physically existed, portable, and difficult to forge by anyone other than the publisher. By being physically present and portable, users of that value can be fairly verified by each other, and the difficulty of counterfeiting allows the issuer of fair money to control the timing of the fair verification. Was. However, with the development of industrial technology in recent years, the day when the difficulty of counterfeiting money has collapsed is near. There is a need for a new value confirmation object to replace money. Again, the object must first be physically present, portable, and difficult to forge. In addition, the object must have access control by the publisher.

[0003] In addition to the demand for security enhancement, the demand for realizing "super-distribution" is increasing from the aspects of diversification, large capacity, and high speed of information distribution. The environment that realizes this “super distribution” satisfies the following conditions. That is, (1) the information user can obtain digital information almost free of charge, and (2) the information provider specifies conditions (such as billing and modified use conditions) for permitting use of the information, and The ability to enforce agreed terms,
(3) In using this service, the additional operation required by the information user is about “confirmation of access conditions”.

[0004] Such a system capable of accurately and safely performing access control of super-distribution can be expected to contribute to correction of unfair collection of copyright fees such as license fees. In the current system, the provider cannot make a profit unless a considerable number of copyrighted works are sold, but it is desirable that the system can be constructed so that it can be accurately obtained by the copyright holder. Also,
From professional artists to designers who provide creation as parts, it is desirable that rewards commensurate with their service fees be distributed fairly.

[0005]

2. Description of the Related Art Conventionally, when controlling access to content such as a literary work in a distributed system environment, particularly on an open network, the content is stored in a server accessible from a user of the content, and access to this server is controlled. By controlling, the use of the content was controlled. Here, the content is digital content having a structure as a set of bit strings that can be recorded on a single storage device medium, and includes document text, images, moving images, program software, and the like.

For example, FIG. 17 shows a conventional access control model. In FIG. 17, content 2
04 allows the user 205 to operate the content only through the access control function 203. Also,
The copyright owner 200 only registers the content 204 in the server protected by the access control function 203, for example, in a server, and controls access to the access control function 203 by a person other than the copyright owner 200, for example, an administrator who manages this server. An operation was being performed.

[0007] That is, as shown in FIG. 18, a server system 212 holding contents is managed by a server operator system 211 managed and operated by an administrator 201. A copyright owner and a user are registered, a directory for this is created, and access control by the copyright owner is also permitted. The copyright holder system 210 causes the contents of the copyright holder's work to be stored in the server system 212, and sets access control conditions (ACL) for the server system 212. In this case, the copyright holder is the server system 212
Access control permission must be obtained. On the other hand, the user system 213 makes a content transmission request to the server system 212 when using the content, and when the ACL is satisfied, the server system 2
12 to acquire the content stored therein.

[0008] However, when all the rights are given to the user of the content and the user is changed by moving or copying (copying), the right of the original copyright holder is not given to the content at the moving or copying destination. Does not work at all. Also,
It is not clear between the server administrator and the copyright owner who store the content object how to enforce the access permission for the object. For example, it is natural that the server administrator can change the access right without notifying the copyright owner. It was supposed to be.

On the other hand, the distributed system environment is promoted by the recent price reduction of storage media and the like, and the content can be cached and distributed to a plurality of servers without concentration of network traffic. Access has been made faster. Therefore, in the access control model as shown in FIG. 17, it is sufficient to construct a strong access control function only at the entrance to the content operation by the user 205, but in the above-described distributed system environment, it is omnidirectional. Access control or security protection had to be performed.

Therefore, an access control model as shown in FIG. 19 has been considered. In this access control model, the copyright holder 200 can protect by a conventional security technology, a copyright holder protection area, an open area to accept any external attacks, and protection of hardware / software tampering. It is separated into a confidential protection area where digital data duplication prevention processing is performed. The confidentiality protection area is protected by an omnidirectional access control function 221, and the content 222 is stored in the access control function 221.

[0011] The copyright owner 200
Enables the access control operation on the access control function 221 as well as the registration of the content 222.
The user 205 starts the access control function 22 from the open area.
1 to obtain the content 222. The inter-area protection interface 220 is an interface that performs protection between the copyright holder protection area and the open area.

An embodiment of the access control model under the distributed system environment shown in FIG. 19 is disclosed in US Pat.
No. 403, and JP-A-9-13
No. 4311, US Pat. No. 5,392,351, US Pat. No. 5,555,304, and US Pat.
No. 24 describes a technique for checking a user's device to prevent unauthorized use of content. Less than,
A conventional content use control system will be described with reference to these publications.

FIG. 20 is a diagram showing a content distribution model of a conventional content use control system. In FIG. 20, the decryption protection area and the reproduction protection area correspond to the confidential protection area shown in FIG. 18, and the decryption protection area is an area for protection against tampering of hardware / software and protection against duplication of output data. The protection area is an area for preventing the digital decrypted data from being copied. Usage environment specific physical element (PCSUE)
235-1 to 235-N are physical elements that specify the usage environment of the content, and are specifically a CPU, a peripheral device, a removable storage medium, an IC card, and the like.

In the decryption protection area, PCSUE 235-1
236 of the physical element ID corresponding to.
The content 234, which is a copy of the content 233 encrypted by the copyright holder 200 and exists in the server in the open area, is decrypted based on the information 1 to 236-N, and is decrypted through the reproduction protection area. Content is used by users. Therefore, the content is encrypted with the key corresponding to the physical element ID (content 233), and in order to decrypt the content 234 corresponding to the content 233, each physical element ID or a secret key corresponding thereto is required. Become.

Here, the content distribution model includes a license simultaneous model for distributing a license used for decrypting the encrypted content at the same time as the encrypted content, and a cache cache of the server for storing the encrypted content. And a content cacheable model that is acquired at a different timing from the license. FIG. 21 is a diagram showing the content cacheable model.

Referring to FIG. 21, first, the author 200 generates a content in the copyright holder protected area, encrypts the content, and then copies and caches the content in a server or the like in the open area. On the other hand, PCSUEs 235-1 to 23
Certificate 241-1 that encrypts 5-N physical element ID
241-N is output to the copyright holder protected area in an encrypted state, extracts the secret key Kp from the user physical object class corresponding to the PCSUEs 235-1 to 235-N, and outputs the secret key Kp and the certificate 241. -1 to 241
-N and decrypts the physical element IDs 243-1 to 243-N, encrypts the content decryption key Kc with the physical element IDs 243-1 to 243-N, and outputs the encrypted content decryption key Kc to the secret protection area.

In the secret protection area, the encrypted content decryption key Kc is transferred to the physical element IDs 242-1 to 242-N.
To obtain a content decryption key Kc. Using the content decryption key Kc, the encrypted content 234 obtained from the open area is decrypted, and the content 24 is decrypted.
4 to be used by the user 205.

FIG. 22 is a block diagram showing a schematic configuration of a content use control system corresponding to the content cacheable model shown in FIG. In FIG. 22, a copyright holder system 250 exists in a copyright holder protection area, a content server 251 exists in an open area,
License server 252 and user system 253
Exists in the confidentiality protection area. Copyright holder system 250
Encrypts the created content and stores the encrypted confidential content in the content server 251.

The content decryption key Kc is transmitted to the license server 252, and the access control right is transferred to the license server 252. Further, an access control list (ACL) is set. User system 25
3 transmits a use request indicating use of the content to the license server 252. At this time, the physical element ID
If the certification group of the license is not attached, the certification group of the physical element ID is acquired by designating the physical element condition of the license server 252 and transmitted to the license server 252.

As shown in FIG. 21, the license server 252 acquires the secret key Kp of the physical object class of the user, decrypts the physical element ID certification group, and encrypts the content encrypted by the decrypted physical element ID. The decryption key Kc is sent to the user system 253 as the license L. Accordingly, if the physical element IDs of the user system 253 match, decryption is performed, and the confidential content can be decrypted using the decrypted content decryption key Kc.

Since the secret content is stored in the content server 251, the user system 253
Must separately send a secret content distribution request to the content server 251 and receive the distribution of the secret content from the content server 251.

On the other hand, FIG. 23 is a block diagram showing a schematic configuration of a content use control system for realizing a content simultaneous distribution type model. In FIG. 23, there is no content server 251 and the license is sent to the user system 253 simultaneously with the license transmission. As shown in FIG. 22, when the secret content is acquired via the content server 251, the user system 253 needs the content because the secret content has been transported in advance to a server close to the user system 253 in time. When should you use it?

Also, it is possible to appropriately select a content distribution channel as compared with the simultaneous content distribution model.
For the user, the response time can be expected to be shortened when acquiring the content. In the content cacheable model, the content can be distributed in advance by using a ROM medium base, broadcasting, caching by a proxy server, or the like, separately from providing a license, which has many advantages.

[0024]

However, in the above-described conventional content use control system, any device that matches the physical element ID unique to the user system can basically decrypt the confidential content. Although the license can be used, since the license (usage permission condition) is generated only by this physical element ID, for example, a condition for limiting the number of times of reading the content determined by the copyright owner's intention is added, There is a problem that it is not possible to set a time limit or set a billing condition, and it is not possible to perform flexible content use control.

The use environment specifying physical element does not always have a simple configuration. If the device has a complicated configuration, a specific device or part of the device may be illegally used. In such a case, there is a problem that even if the use permission condition is generated by simply using the use environment specifying physical element, which is a device having a large configuration, the illegality is overlooked and the security is reduced. .

The present invention has been made in view of the above,
A license server and a copyright holder that allow an information providing authority including a person authorized by an information creator, such as a copyright holder, to flexibly control content use and to prevent unauthorized use of content with high precision. It is an object to provide a system, a user system, a system, a recording medium, and a content use control method.

[0027]

In order to achieve the above object, according to the first aspect of the present invention, a license server for managing use of contents receives a use condition and a name of operation for the contents in a license of use of the contents. Means, and means for registering the usage condition of the received content license in association with the operation name for the content.

According to a second aspect of the present invention, there is provided a copyright holder system for registering a use condition for permitting use of a content and an operation name for the content.
Means for registering the content to be licensed as a confidential content in the server that manages the content, and the use condition of the license and the operation name for the confidential content with respect to the registered confidential content, to the server for managing the use of the content. Registering means.

According to a third aspect of the present invention, there is provided a license server which manages use of content, wherein the license server receives a content use request and an identifier of a use unit using the content, and uses the received identifier of the use unit. Means for encrypting information relating to usage conditions of the content and an operation name for the content in a decryptable form.

According to a fourth aspect of the present invention, in the user system using the contents, a means for transmitting a contents use request, an operation name for the contents and an identifier of a use means using the contents, Means for encrypting information relating to the use condition of the content and an operation name for the content in a form decodable by the identifier of the use means, and using the content based on the encrypted information and the identifier of the use means. Control means.

According to a fifth aspect of the present invention, there is provided a system for requesting information for utilizing contents,
Means for transmitting a content use request, an operation name for the content, and an identifier of a portable storage medium to a license server for managing use of the content, and a form decodable by the transmitted identifier of the portable storage medium Means for receiving, from the license server, information on use conditions of the content and an operation name for the content.

According to a sixth aspect of the present invention, there is provided a computer-readable recording medium storing a program to be executed by a license server for managing the use of content, wherein the use condition for permitting use of the content and the content A step of receiving an operation name;
Registering the usage condition of the received content usage license in association with the operation name of the content, and a computer-readable recording medium storing a program for operating the content.

According to a seventh aspect of the present invention, there is provided a computer-readable recording medium storing a program to be executed by a copyright holder system for registering a use condition for permitting use of a content and an operation name for the content. Registering the content to be licensed as a confidential content in a server that manages the content, and, for the registered confidential content, use conditions of the license and an operation name for the confidential content.
And a step of registering the content in a server that manages the use of the content.

According to an eighth aspect of the present invention, there is provided a computer-readable recording medium storing a program to be executed by a license server for managing the use of contents, wherein the use request uses the contents and uses the contents. Computer-readable recording of a program for operating the step of receiving the identifier of the above-mentioned, and the step of encrypting information relating to the use condition of the content and the operation name for the content in a form decodable by the received identifier of the use unit. It is a possible recording medium.

According to a ninth aspect of the present invention, there is provided a computer-readable recording medium storing a program to be executed by a user system using the content, wherein the content usage request and the operation name and the content for the content are stored. Transmitting an identifier of a use unit to be used; encrypting information on a use condition of the content and an operation name for the content in a form decodable by the transmitted identifier of the use unit; and Based on the information and the identifier of the means of use,
And a computer-readable recording medium storing a program for operating means for controlling use of content.

According to a tenth aspect of the present invention, there is provided a computer-readable recording medium storing a program to be executed by a system for requesting information for using a content, wherein the request for use of the content and an operation on the content are provided. Name and identifier of the portable storage medium
Transmitting the content to a license server that manages the use of the content, and receiving from the license server information about the usage conditions of the content and the operation name for the content in a form decodable by the transmitted identifier of the portable storage medium. And a computer-readable recording medium on which a program for operating the above is recorded.

The invention according to claim 11 is a content usage control method in a license server for managing usage of content, wherein a step of receiving a usage condition and an operation name for the content in permitting use of the content, And registering the use condition of the use license of the content in association with the operation name for the content.

According to a twelfth aspect of the present invention, in a content use control method in a copyright holder system for registering a use condition for permitting use of a content and an operation name for the content, the content for which the use is permitted is a secret content. Registering in the server that manages the use of the content, and registering, in the server that manages the use of the content, the use condition of the license and the operation name of the confidential content with respect to the registered confidential content. It is characterized by.

According to a thirteenth aspect of the present invention, in the content use control method in the license server for managing the use of the content, a step of receiving a request for use of the content and an identifier of a use means for using the content, Encrypting information on the use condition of the content and the operation name for the content in a form that can be decrypted by the identifier of the use means.

According to a fourteenth aspect of the present invention, in the content use control method in the user system using the content, a step of transmitting a content use request, an operation name for the content, and an identifier of a use unit using the content. And encrypting information relating to the use condition of the content and the operation name for the content in a form that can be decrypted by the transmitted identifier of the use unit, based on the encrypted information and the identifier of the use unit. And means for controlling use of the content.

According to a fifteenth aspect of the present invention, in a content use control method for a system for requesting information for using a content, a content use request, an operation name for the content, and an identifier of a portable storage medium are stored. Transmitting to the license server that manages the use of the content, and receiving from the license server information regarding the use condition of the content and the operation name for the content in a form decodable by the transmitted identifier of the portable storage medium. And a step.

[0042]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Preferred embodiments of a license server, a copyright holder system, a user system, a system, a recording medium, and a content use control method according to the present invention will be described below with reference to the accompanying drawings. .

FIG. 1 is a diagram showing a configuration of a content use control system according to an embodiment of the present invention. A content use control system 10 shown in FIG. 1 is a system for controlling the use of a copyrighted work created by a copyright holder 1 when the user 2 uses the work. In FIG. 1, the content usage control system 10 is large,
It has a copyright holder system 20, a content server 30, a license server 40, and a user system 50.

The copyright holder system 20 encrypts the created content, and registers the encrypted confidential content in the content server 30 (S10). The confidential content registration unit 21 performs processing for encrypting the concealed content (confidential content). By transmitting a content decryption key necessary for decrypting the access control right to the license server 40, the access control right transfer unit 22 that performs the process of transferring the access control right to the license server (S12), and the use permission condition (ACL) Set in the license server 40 (S1
4) It has an ACL setting unit 23, and manages usage control regarding the contents of the copyrighted work.

The content server 30 registers the confidential content sent from the copyright holder system 20, and receives a confidential content distribution request from the user system 50 (S
16) In this case, the confidential content registered and stored is transmitted to the user system 50 in an encrypted state (S17).

The license server 40 has a license permission / generation unit 41 and an LDAP system 42. When there is a content use request from the user system 50 (S18), the license permission / generation unit 41 searches the LDAP system 42 for the physical element ID certificate added to the use request and the corresponding decryption key. Then, it decrypts the physical element ID, searches for a content decryption key corresponding to the requested content, and transmits a license obtained by encrypting the searched content decryption key with the physical element ID (S21).

This license is a physical environment specifying element condition, and is in the form of a combination structured by using a logical sum and a logical product in correspondence with the structure of the physical element. Further, in this embodiment, not only the physical environment specifying element condition which has been conventionally used, but also the accounting condition based on the usage status of the user is also encrypted as ACL. The encryption and decryption of this license will be described later. If the physical element ID certificate is not added to the use request (S18), or if the certificate does not exist in the LDAP system 42, the physical element condition designation (S19) is sent to the user system 50 to use The physical element ID certificate group generated by the user system 50 is returned (S20).

On the other hand, when the content decryption key is transferred from the copyright holder system 20 by the transfer of the access control right (S12), the content decryption key is stored in the database of the key 44 in the LDAP system 42 described later as the secret content. Register correspondingly. When the ACL setting is sent from the copyright holder system 20 (S14), the ACL is made to correspond to the confidential content and the LDA is set.
It is stored in an access control list (ACL) in the P system 42.

The user system 50 includes a secret content distribution request (S16) and a secret content request / acquisition unit 51 for obtaining the distributed secret content, a license request, that is, a use request (S18) and a license acquisition. License request / acquisition unit 52 that performs the processing of (S21)
And a specific usage environment (SUE) 53 of the user system. The specific usage environment 53 refers to a specific content usage environment, and refers to comprehensive information such as a CPU, peripheral devices, a removable storage medium, an IC card, and a content usage status.

The specific usage environment includes usage environment specifying physical elements (PCSUE) 54-1 to 54-N such as a CPU and a content storage device 55-
1 to 55-M, and playback devices 56-1 to 56-L such as players and viewers. Each PCSUE 54-1
~ 54-N, each content storage device 55-1
55-M and each of the playback devices 56-1 to 56-L
Are the physical element IDs 57-1 to 57-N, 59
-1 to 59-M, 61-1 to 61-L, and encryption / decryption / evaluation units 58-1 to 58-N, 60
-1 to 60-M and 62-1 to 62-L.

Encryption / decryption / evaluation units 58-1 to 58-
N, 60-1 to 60-M and 62-1 to 62-L, when encrypting each physical element, use the physical element I of its own physical element.
In the case of encrypting and outputting with D, and decrypting each physical element, decryption is performed with the physical element ID of its own physical element, and processing for evaluating the decryption result is performed. That is, the processing of each physical element ID is performed for each physical element, and information is not leaked even on the interface between the physical elements.

Next, the operation processing of the copyright holder system 20, the content server 30, the license server 40, and the user system will be described mainly with reference to flowcharts. First, an internal processing procedure of the copyright holder system 20 will be described with reference to a flowchart of FIG.

In FIG. 2, the copyright holder system 20
First, it is determined whether or not an operation event has occurred (step S100). If no operation event has occurred (step S100, no), this process is repeated until an operation event occurs. If an operation event has occurred (step S100, yes), the operation content of the operation event is confidential. It is determined whether it is registration, ACL registration, or delegation of access control right (step S101).

If the operation content is confidential content registration (step 101, confidential content registration), the confidential content registration unit 21 encrypts the content (step S110) and reads the desired content server 30 from the content server list. Is specified (step S111),
A secret content registration request is made to the designated content server 30 (step S112). Thereafter, a response from the content server 30 is obtained, and the response is OK.
Is determined (step S11).
3).

If the response from the content server 30 is OK, if it is an error, error processing is performed (step S114), and it is further determined whether or not the next content server has been designated. (Step S115). If the next content server has been designated (step S115, yes), the process proceeds to step S112 and the above processing is repeated. If the next content server has not been designated (step S115, no), step S112 is performed. The process proceeds to S100 to repeat the above-described processing.

If the operation is an ACL setting (step 101, ACL setting), the ACL setting unit 23 further determines whether or not to register the designated content decryption key (step S120). If registration is not performed (step S120, none), error processing is performed (step S124), and step S10 is performed.
The process proceeds to 0, and the above-described processing is repeated. On the other hand, if the content decryption key has been registered (Yes at Step S120), an ACL setting request is transmitted to the license server 40 (Step S122), and the ACL registration result is received from the license server 40 (Step S123). The process moves to step S100 and the above-described processing is repeated.

If the operation is access control right transfer (step S101, access control right transfer), the encrypted content decryption key is transmitted to the license server 40 (step S130), and the encrypted content decryption key is transmitted. Is received (step S131), the process proceeds to step S100, and the above-described processing is repeated.

Next, the ACL set by the ACL setting unit 23 will be described. FIG. 3 is a diagram illustrating an example of an access condition. There are two types of access conditions: accounting conditions and physical environment specifying element (PCSUE) conditions. As shown in FIG. 3, one of the features of the present invention, accounting conditions, first, there is maxCount (maximum number of operable times), the corresponding content usage status is co
unt (operation completed count). Access is controlled by restricting the variable value of the number of times of operation to the maximum value of the number of operable times, that is, the restriction and the permission are performed.

The usage status of the content corresponding to the next accounting condition value of maxLength (maximum read length) is totalL
en (read length + requested read length), and the access is controlled by the maximum read length of the content. The use status of the content corresponding to the next accounting condition value of maxTimeLen (executable maximum time) is totalTime (executed time length), and the access is controlled by the maximum executable time of the content. The usage status of the content corresponding to the accounting condition value of the next maxDebt (borrowable amount (charging condition)) is debt (balance), and the negative value of the balance is the borrowing amount, and it is attempted to control access according to the charging condition. Is what you do.

As the physical environment specifying element condition, there is a computer main body, and the class of the corresponding physical element ID is PSN, which is the serial number of the processor. Here, the class is an object class on the database. The class of the physical element ID corresponding to the next peripheral device is DSN, which indicates the device type and the serial number. Physical element I corresponding to the next media
The class of D is MSN, which indicates the type of media and the serial number. Physical element I corresponding to the next IC card
D is certificates, which indicates a certificate issued by the IC card.

The next human body part is, for example, fingerprint or retinal (iris) information, and the corresponding physical element ID
The class of is bodyParts, which is authentication information of a human body part. The class of the physical element ID corresponding to the next permitted time zone is timePeriod, which is a local clock or global GPS time. The next network domain indicates an area on the network, and the class of the corresponding physical element ID is MACAddress, which indicates the MAC address. The next geographical location indicates the country of use, etc., and the class of the corresponding physical element ID is location
Indicates the position detected by the GPS or PHS.
The class of the physical element ID corresponding to the memory of the next person is us
er-ID WithPwd, which indicates a user ID and a password. The class of the physical element ID corresponding to the last group is group, which indicates a set of physical element IDs.

Such access conditions include AND and OR
A set with a logical combination with
L is set. The access condition includes the accounting condition and the physical environment specifying element condition as described above, and these can be arbitrarily combined. For example, one AC
The following is set as L. That is, udac_acl read: ((grop = sysrapOR group = soft4soft) AND 45661244 <MSN <45661412) OR count <1; modify: user = yujiOR user = hataOR IC_card = 1afd234fe4def458c3bac78497bbda6f; print: group = sysrap; can do.

According to the set ACL, "read"
Indicates browsing conditions, and the group is "sysrap" or "so
ft4soft ”and media serial number MSN
Is more than 45661412 and less than 45614412, or the number of times of operation is less than 1, that is, the condition for browsing is that the content has never been used. further,
“Modify” indicates an update condition, and the condition for content update is that the user name is “yuji” or “hata”, or the number of “IC_card” is “1afd234fe4def458c3bac78497bbda6f”.

"Print" indicates a print output condition.
Content can be printed only when the group is "sysrap". Such an ACL is a copyright holder system 2
From 0, the copyright holder 1 can arbitrarily set. This ACL setting improves operability by using a GUI. The ACL type may be set together with the operation name. For example, the condition of access condition (1) can be selected for operation name 1, and the condition of access condition (2) can be selected for operation name 2. Thereby, the operability is further improved.

Next, the internal processing procedure of the content server 30 will be described with reference to the flowchart shown in FIG. In FIG. 4, first, the content server 30
It is determined whether or not a network event has been input, and if so, whether it is a secret content registration request or a secret content distribution request (step S200). If a network event has not been input (step S200, none), the determination process in step 200 is repeated.

If the network event is a secret content registration request (step S200, secret content registration request), the secret content requested to be registered is registered internally (step S210), and the default ACL is set.
Is set (step S211). Then, a response to the confidential content registration request is sent to the copyright holder system 20 (step S212), the process proceeds to step S200, and the above-described processing is repeated.

On the other hand, if the network event is a confidential content distribution request (step S200, confidential content distribution request), the confidential content requested to be distributed is distributed to the user system 50 (step S200).
220) Then, a response to the confidential content distribution request is sent to the user system 50 (step S220).
221), the process proceeds to step S200, and the above-described process is repeated. Thus, the confidential content can be distributed from the copyright holder system 20 to the user system 50 via the content server 30 in a secret state. In this case, since the traffic is dispersed, high-speed transfer is possible, and the confidential content can be stored in advance in the content server near the user system 50, the distribution process can be performed at high speed.

Next, the internal processing procedure of the license server 40 will be described with reference to the flowchart shown in FIG. In FIG. 5, first, the license server 40
Determines whether a network event of a content use request has been input (step S300). When no network event is input (step S30)
(0, none), the determination processing of step S300 is repeated.

If the network event is a content use request (step S300, content use request), the ACL of the specified content is searched from the LDAP system 42 (step S301).
A related access condition is extracted from the searched ACL, and a new ACL is generated (step 302). Corresponding physical element I corresponding to the extracted physical environment specifying condition
It is determined whether there is a D certificate (step S303),
When there is a corresponding physical element ID certificate (step S30)
3, the corresponding physical element ID certificate is present), and if there is no corresponding physical element ID certificate (step S303, no corresponding physical element ID certificate), the content requester, After requesting a certificate from the system 50 (step S304), it is further determined whether or not the following physical environment specifying conditions are present (step S305).

If there is the next physical environment specifying condition (step S305, yes), the process proceeds to step S303 to prepare for surely providing the corresponding physical element ID certificate, and if there is no next physical environment specifying condition. (Step S305,
No), a physical element ID certificate group is received from the content use requester, that is, the user system 50 (step S306).

Thereafter, the license permission / generation unit 41
Search for the specified content decryption key (step S3
07), the access conditions in the ACL are rearranged into certificates of the enforceable physical elements (step S308). further,
A process of enclosing all AND / OR expressions in the ACL in parentheses in authentication priority order is performed (step S309). Thereafter, the license permitting / generating unit 41 determines that the parenthesized AN
A license generation process for generating a license is performed based on the D / OR expression (step S310). Then, the generated license is transmitted to the user system 50 (step S311), and the process proceeds to step S300 to repeat the above-described processing.

Here, the relationship between the generated license and the secret content will be described with reference to FIG. FIG.
Shows the relationship between the license transmitted from the license server 40 to the user system 50 and the secret content transmitted from the copyright holder system 20 to the user system 50 via the content server 30.

In FIG. 6, A of the license server 40
In the CL 43, each of the secret contents 71 to 75
Are stored. System ACLs 43-1 to 43-5 associated with are stored. Then, based on this system ACL,
For example, licenses 84 to 86 for the secret contents 71 to 73 are generated from the system ACL corresponding to the secret contents 71 to 73 and transmitted to the user system. The licenses 84 to 86 are associated with the corresponding physical element I
Since it is encrypted with D, no information leaks outside. The user system 50 can decrypt the client ACLs 81 to 83 from the licenses 84 to 86, decrypt the confidential contents 71 'to 73' corresponding to these, and obtain the respective contents.

In this case, since the secret content is also encrypted, the security is sufficient. In this way, the ACL and the confidential content are associated with each other, while maintaining their confidential state, although their transfer routes are different. The state of the confidential content sent via the transfer path including the content server 30 is represented as a virtual storage area 70.

Here, the LDAP system 42 in the license server 40 will be described with reference to FIG. In FIG. 7, the LDAP system 42 includes a plurality of Ls.
It has a DAP server, and the license server 40 is positioned as a client server, and each LDAP server functions under the management of the license server 40. An LDAP server is a directory service standard called X.25. This is a directory server using a protocol of a lightweight version of the DAP included in the 500. The LDAP server is divided into a plurality of classes.
1, system class 92, media class 93, XML
Has a class of XML information described in.

Then, for example, when “own system” is searched in the class of the personal information 91, this system is searched by “system name” from the system class 92, and the current media “curr” in the system class 92 is further searched.
“ent media” can search the media class 93 from the media class, and can further search the content in the media class 93 for XML information 94 corresponding to the content. In the XML information 94, information on contents is stored.

The specific usage environment of the user system 50 has a logical structure having layers shown in FIG. 8, the specific usage environment 100 includes an application layer 110, an OS kernel layer 111, and a device layer 112.
And each layer is connected by a service interface indicated by a dotted line. Application layer 11
0 has a content reproduction / execution application 101, and has a secret content decryption protection library 1 inside.
02 as a program module.

Secret Content Decryption Protection Library 102
Are the storage driver 103 and the file system 10
5. A plurality of usage environment specifying physical element drivers 106 to 10
8. Operate the playback device driver. The storage driver 103 drives the content storage device, the usage environment specifying physical element drivers 106 to 108 drive the usage environment specifying physical elements 109 to 111, respectively, and the playback device driver 112 controls the playback device 113.
Drive. Note that even if one physical device is used, the content storage device 1 such as an MO device may be used.
04 and the usage environment specifying element 109.

FIG. 9 shows a usage environment specifying physical element (PCSU).
3E shows the correspondence between the OS kernel layer 111 and the device layer 112. As shown in FIG. 9, PCSUEs may have an inclusion relationship. Of course, the same applies to other devices in the device layer 112. For example, below PCSUE 131, PCSUE 133, 1
34, and a PC is located below the PCSUE 134.
SUEs 135 and 136 are located. PCSUEs having such an inclusive relationship can exchange data such as physical element IDs.

For example, a PCSUE of a media reproducing apparatus such as a DVD apparatus includes a PCSUE of a medium such as a DVD, and exchanges content data and media ID information between the two. For example, PCSUE134 and PC
This is an information exchange with the SUE 135. Then, only the highest PCSUE exchanges data with the PCSUE driver. For example, the PCSUE driver 120 and the PCS
This is the relationship with the UE 131. Therefore, even in the same device layer, there is a case where they have an inclusive relationship and a hierarchical relationship.

As described above, the license is the license information for the specific environment, and includes only the information unique to the client environment that requested the license, that is, the environment of the user system, and includes the ACL and the content decryption key Kc. The access information consisting of the physical element ID (PCSU
E-ID).

Here, an example of a multiplexed license is as follows. That is,

(Equation 1) It is. Here, K _{1 to} K ₅ are respectively PCSUE-I
D. In this license, the access information is K _{1 to} K ₅
Are connected by an AND condition. Multiple encryptions may be performed using each PCSUE-ID in ascending order of security strength of physical elements. This decoding is performed sequentially from the outer PCSUE-ID.

When the physical elements have almost the same security strength, each PCSUE-ID may be decrypted by an exclusive OR operation using the resulting encryption key. For example,

(Equation 2) It is good to be like. The multiplexing of these encryptions has the effect of dispersing the risk that the risk of theft of the content decryption key Kc due to successful attacks on some products, that is, some physical elements, is distributed.

When a plurality of PCSUE-IDs are connected by an OR operator,

(Equation 3) O such cases as, sublicense encrypted with each PCSUE-ID, for example, generates {<access information>} K _1, simply all sublicenses
The value obtained by performing the R operation and combining may be used as the license. In this case, the above-described encryption multiplexing may be applied to each sublicense, and a license may be generated by nesting and combining AND, XOR, and OR operations. This also has the effect of risk diversification.

Next, such a procedure for generating a license will be described with reference to a flowchart shown in FIG. The flowchart shown in FIG. 10 is a subroutine of the license generation processing procedure shown in step S310 in FIG. In FIG. 5, first, one word is read from the above-described ACL (step S400). Thereafter, it is determined whether or not the read word is "(" (step S410).

If the read word is "(" (step S410, "(")), the current read position of the ACL is stored as the starting point of the ACL in parentheses (step S410).
411). Thereafter, the variable NB is set to "0" (step S412), and one word is read from the ACL (step S413). Then, the read word is "("
Is determined (step S414). If it is “(”, “1” is added to the variable NB (step S415). Then, the process proceeds to step S413, and the next one word is again written. read out.

On the other hand, if the read word is not "(" (step S414, others), it is further determined whether or not the read word is ")" (step S416). If the read word is not ")", that is, if the read word is other than ")", step S413 is performed.
Then, one word is read from the ACL. On the other hand, if the read word is ")", N
It is determined whether or not B is “0” (step S41)
7). If NB is not “0” (step S417, N
In O), “1” is subtracted from the value of NB, and step S41 is performed.
Then, the process proceeds to 3 and one word is read from the ACL.

When NB is "0" (step S417,
YES), the position immediately before the current position of the ACL
It is stored as the end point of CL (step S419). Thereafter, license generation processing of the ACL in parentheses is performed (step S420), and processing for adding the return value by the recursive call to the access condition AC is performed (step S4).
21), proceed to step S400. This generates an ACL in parentheses.

On the other hand, if the read word is not "(" (step S410, etc.), it is further determined whether the read word is a physical element condition or an accounting condition (step S410). If it is a condition or accounting condition, this condition is
(Step S431), and this condition is set as a secret key Kp of a physical element that can be enforced (step S43).
2), the process proceeds to step S400, and 1
Read word.

If the read word is not a physical condition or an accounting condition (step S410, etc.), it is further determined whether or not the read word is "OR" (step S430). The read word is "O
R ", A
A license generation process of the CL is performed (step S44)
1). Thereafter, it is determined whether the generated license further includes an AC (step S442). If the AC is included (step S442, YES), the return value of the license generation processing in step S441 is used using the return value. The license that sets “$ AC, hash $ Kp, return value” is set (step S443), and the generated license is returned (step S454). On the other hand, when AC is not included in the license (step S442, NO)
In step S445, the return value of the license generation process in step S441 is used to set the license to be "$ Kc, AC, hash @ Kp, return value" (step S445), and the generated license is returned (step S454).

On the other hand, if the read word is not "OR" (step S430, etc.), it is further determined whether or not the read word is "AND" (step S440). The read word is "AND"
, The ACL after this read word
(Step S452), and using the return value of the license generation process, "{return value, A
C, hash｝ Kp ”is returned (step S
454).

Further, the read word is "AN
D ”(Step S440, others)
The license that satisfies “$ Kc, AC, hash $ Kp” is returned (step S454). As a result, a license is generated from the ACL.

Next, the internal processing procedure of the user system 50 will be described with reference to the flowchart shown in FIG. In FIG. 11, first, the user system 50
It is determined whether there has been a content use request (step S500). If there is no content use request (step S500, none), this determination process is repeated, and if there is a content use request (step S5).
(00, yes), a content use request is transmitted (step S501). Thereafter, it is determined whether or not a request for a certificate for the physical element has been received from the license server 40 (step S502). If there is no request for a certificate for the physical element (step S502, no), step S50 is performed.
Move to 8.

On the other hand, if there is a request for the certificate of the physical element (Yes in step S502), the physical element ID certificate is read (step S503), and it is determined whether or not the reading has failed (step S504). . If the reading has failed (step S504, YES), an error notification is transmitted to the license server (step S50).
5) The process proceeds to step S500. On the other hand, if the reading has not failed (step S504, NO), it is determined whether or not the next physical element exists (step S50).
6) If there is a next physical element (step S506,
If yes, the process proceeds to step S503, the next physical element ID certificate is read, and the above-described processing is repeated.

On the other hand, if there is no next physical element (step S506, none), a physical element ID certificate group is transmitted to the license server 40 (step S507), and it is determined whether the received content is an error or a license. (Step S508). If the received content is an error (step S508, error), the process proceeds to step S500 and the above-described processing is repeated. If the received content is a license (step S508, license), furthermore,
The license is passed to the physical element (PCSUE) 1 (step S509), and the process proceeds to step S500 to repeat the above-described processing. As a result, the user system 50 can acquire a license from the license server 40.

[0096] Here, PCSUE1 indicates the first PCSUE of (N-1) PCSUEs.
SUEi, where i is an integer from 1 to (N-1).
Therefore, an internal processing procedure when each PCSUEi is given a license will be described with reference to the flowchart in FIG.

In FIG. 12, PCSUEi first decrypts the received license with Kpi (step 60).
0). After that, the decrypted access condition ACi is evaluated (step S601), and it is determined whether the evaluation result of the access condition ACi is acceptable or not (step S602). When the evaluation result of the access condition ACi is impossible (step S6)
02, impossible), an error process is performed (step S6).
04), this process ends. On the other hand, the access condition ACi
If the evaluation result is acceptable (Yes in step S602), this decrypted license is transmitted to PCSUE (i + 1), decryption is continued, and the internal processing of this PCSUEi is terminated.

Next, PCSUE (i + 1) is the PCSUE (i + 1).
UE (N), where, for example, a physical element of the playback device performs internal processing. This internal processing procedure will be described with reference to the flowchart shown in FIG.
In FIG. 13, first, the received license is decrypted by Kpn (step S700). Thereafter, the decrypted access condition AC (N) is evaluated (step S701),
It is determined whether the evaluation result is acceptable or not (step S702). If the evaluation result is unacceptable (step S702, unacceptable), error processing is performed (step S703), this processing ends, and as a result, the secret content cannot be decrypted.

On the other hand, if the evaluation result for the access condition AC (N) is acceptable (step S702, yes),
The secret content is decrypted with the decrypted Kc (step S704), the decrypted content is reproduced by the reproducing device (step S705), and the process ends.

Here, a specific license decryption process will be described with reference to FIG. In FIG. 14, the license generated by the license server 40 includes the access control list ACL and the content decryption key in the reproduction device 1.
Using a key Kp which is a physical element ID of 44,
Furthermore, it is encrypted using the value of the exclusive OR of the DSN 141 which is the device serial number of the storage device and the MSN 143 which is the media serial number of the medium 142 as a key.

First, the storage device 140 reads the non-writable MSN on the medium 142, calculates the exclusive OR of this value and the DSN of the storage device 140 itself, and decrypts the license based on the calculation result. Is ｛ACL, Kc｝ Kp. The partially decrypted license is used for the playback device 1
44, and the playback device 144
The license is decrypted using the key Kp, which is the physical element ID of the device itself, and the access condition list ACL and the content decryption key Kc are obtained. When the access condition indicated by the access condition ACL is satisfied, the content decryption key Kc And the decrypted content will be played back by the playback device 144.

The above-described content decryption processing by license request and license acquisition will be further described with reference to a data flow shown in FIG. In FIG. 15, in the decryption protected area in the user system 50, first, a license request process 152 for using the content is sent to the license server 40 with a physical element ID certificate attached.
At this time, the physical element ID certificate is used by the use environment specifying physical element 1 by the use environment specifying physical element certificate acquisition process 153.
50 and passed by the license request process 152.

On the other hand, when the license is transmitted from the license server 40, the license acquisition processing 156 acquires this license, and the access permission processing 155 acquires the license from the license income processing 156 and uses the usage environment specifying physical element ID. The authentication process 154 acquires the physical element ID through the use environment specifying physical element certificate acquisition process 153, further acquires the use status from the accounting process 157, and extracts the decryption key using these.

Then, the content decryption processing 159 decrypts the secret content 158 using the content decryption key, and outputs plaintext content. In addition, accounting process 15
7 notifies the usage status monitoring physical element 151, and the usage environment monitoring physical element 151 automatically decrements the current usage status according to usage.

FIG. 16 is a diagram showing the effect on the protection strength when each processing procedure is implemented in each entity of the specific use environment shown in FIG. From this result, it is understood that it is preferable that the generation of the usage environment specifying physical element possession certificate is implemented in the device layer, and that the accounting information protection is implemented in the device layer using an IC card. in this way,
Since the protection strength differs depending on the layer on which each processing procedure is implemented, it is necessary to implement each processing function shown in FIG. 15 in consideration of the layer arrangement.

In the above-described embodiment, a configuration based on a so-called content cacheable model has been described. However, the present invention is not limited to this, and it is apparent that the present invention can be applied to a configuration based on a content simultaneous distribution model. It is. In this case, the content server 30 may be handled as a configuration internally arranged in the license server 40.

Furthermore, in the above-described embodiment, it is assumed that a key is used for encryption and decryption. In this case, even if a secret key encryption method is used, a public key encryption method is used. However, any of them can be implemented, and an appropriate method may be applied according to the system to be applied.

The physical elements shown in the above-described embodiment include not only devices fixed to the user system 50 but also
The medium used when using the user system 50 includes a portable recording medium such as a CD-ROM, a DVD, an MO, an IC card, and a floppy (registered trademark) disk. In a user system in which the portable recording medium is used, in addition to the physical elements fixed to the user system, the portable recording medium to be used is also included in the physical element, and content usage control is performed. Will be. A fixed medium such as a fixed hard disk drive or a fixed R
It goes without saying that OM and the like are included in the above-described physical elements.

[0109]

As described above, the license server, the copyright holder system, the user system,
According to the system, the recording medium, and the content usage control method, flexible content usage control based on usage permission conditions can be performed, and content usage control for users can be performed more finely and flexibly. Furthermore, content use control with high protection strength can be performed. In addition, it is possible to disperse the risk of theft of the content decryption key due to the successful attack on some physical elements, and to disperse the risk of theft of the content decryption key without allowing any one physical element to be fraudulent. This has the effect that it can be performed. In addition, by fully utilizing an open network, traffic congestion in the system can be prevented, content can be acquired quickly, and encryption and decryption accompanying flexible content use control can be specifically realized. In addition to this, it is possible to perform content use control with high protection strength, and it is possible to significantly improve operability.

[Brief description of the drawings]

FIG. 1 is a diagram showing a configuration of a content use control system according to an embodiment of the present invention.

FIG. 2 is a flowchart showing an internal processing procedure of the copyright holder system 20 shown in FIG.

FIG. 3 is a diagram showing an example of accounting conditions and physical environment specifying element conditions.

4 is a flowchart showing an internal processing procedure of the content server 30 shown in FIG.

FIG. 5 is a flowchart showing an internal processing procedure of the license server 40 shown in FIG.

FIG. 6 shows a license sent from a license server 40 and a copyright holder system 10 or a content server 30.
It is a figure which shows the relationship with the confidential content sent from.

FIG. 7 is a diagram showing a configuration of an LDAP system 42 shown in FIG.

FIG. 8 is a diagram showing a layer logical structure of a specific use environment.

FIG. 9 is a diagram illustrating an example of a physical element having an inclusion relationship.

FIG. 10 is a detailed flowchart showing a license generation processing procedure.

11 is a flowchart showing an internal processing procedure of the user system 50 shown in FIG.

FIG. 12 is a flowchart illustrating a license decryption processing procedure using a usage relationship specifying physical element.

FIG. 13 is a flowchart showing a license decryption processing procedure by a physical element of the playback device.

FIG. 14 is a diagram illustrating an example of a license decryption process.

FIG. 15 is a data flow diagram showing a content decryption process based on a license request and a license acquisition.

FIG. 16 is a diagram showing the effect on protection strength when each processing procedure is implemented in each entity of a specific use environment.

FIG. 17 is a diagram showing a conventional access control model.

FIG. 18 is a diagram showing a schematic configuration of a conventional content use control system compatible with an access control model.

FIG. 19 is a diagram showing an improved access control model.

FIG. 20 is a diagram showing a content distribution model of a conventional content use control system.

FIG. 21 is a diagram showing a content cacheable model.

FIG. 22 is a diagram showing a schematic configuration of a content use control system corresponding to the content cacheable model shown in FIG. 21.

FIG. 23 is a diagram showing a schematic configuration of a content use control system for realizing a content simultaneous distribution model.

[Explanation of symbols]

DESCRIPTION OF SYMBOLS 1 Copyright holder 2 User 10 Content usage control system 20 Copyright holder system 21 Secret content registration unit 22 Access control right transfer unit 23 ACL setting unit 30 Content server 40 License server 41 License permission / generation unit 42 LDAP system 43 Access control List (ACL) 44 key 50 user system 51 confidential content request / acquisition unit 52 license request / acquisition unit 53 specific usage environment 54-1 to 54-N usage environment specifying physical element 55-1 to 55-M content storage device 56 -1-56-L Reproduction device 57-1, 59-1, 61-1 Physical element ID 58-1, 60-1, 62-1 Encryption / decryption / evaluation unit

──────────────────────────────────────────────────続 き Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat ゛ (Reference) G06F 15/00 330 G06F 15/00 330Z H04L 9/08 H04L 9/00 601D 9/32 673D (72) Invention Person Yuji Miyazawa 4-1-1 Kamikadanaka, Nakahara-ku, Kawasaki City, Kanagawa Prefecture Inside Fujitsu Limited

Claims (15)

[Claims] 1. A license server for managing use of content, a means for receiving a use condition for permitting use of a content and an operation name for the content, and A license server, comprising: means for registering in association with each other. 2. A means for registering, in a copyright holder system, a use condition for permitting use of a content and an operation name for the content, the content to be licensed for use as a secret content in a server which manages the content; Means for registering, in a server that manages use of the content, a use condition of the license and an operation name for the secret content with respect to the registered secret content, the copyright holder system. 3. A license server that manages use of content, a means for receiving a content use request and an identifier of a use unit that uses the content, and a use of the content in a form decodable by the received identifier of the use unit. Means for encrypting information relating to a condition and an operation name for the content. 4. A means for transmitting a use request of a content, an operation name for the content, and an identifier of a use unit using the content, wherein the user system using the content is capable of decoding by the transmitted identifier of the use unit. Means for encrypting information on use conditions of the content and an operation name for the content in a specific form; and means for controlling use of the content based on the encrypted information and an identifier of the use means. A user system characterized in that: 5. In a system for requesting information for using content, a content use request, an operation name for the content and an identifier of a portable storage medium are transmitted to a license server for managing use of the content. Means for receiving, from a license server, information on use conditions of the content and an operation name for the content in a form decodable by the transmitted identifier of the portable storage medium. 6. A computer-readable recording medium storing a program to be executed by a license server that manages use of content, wherein a step of receiving a use condition and a name of an operation for the content in permitting use of the content, And registering the usage condition of the content usage license in association with the operation name of the content, and a computer-readable recording medium storing a program for operating the content. 7. A computer-readable recording medium storing a program to be executed by a copyright holder system for registering a use condition for permitting use of a content and an operation name for the content. Registering the content as a confidential content in a server that manages the content; and registering, in the server that manages the use of the content, the use condition of the license and the operation name for the confidential content with respect to the registered confidential content. A computer-readable recording medium on which a program for operating is recorded. 8. A computer-readable recording medium storing a program to be executed by a license server that manages use of content, the method including: receiving a content use request and an identifier of a use unit that uses the content; A step of encrypting information relating to the use condition of the content and an operation name for the content in a form decodable by the received identifier of the use means; and a computer-readable recording medium recording a program for operating the program. 9. A computer-readable recording medium storing a program to be executed by a user system using a content, and transmits a content use request, an operation name for the content, and an identifier of a use unit using the content. And encrypting the information about the usage condition of the content and the operation name for the content in a form that can be decrypted by the transmitted identifier of the using unit, and adding the encrypted information and the identifier of the using unit to the content. Means for controlling the use of the content based on the program, and a computer-readable recording medium recording a program for operating the program. 10. A computer-readable recording medium storing a program to be executed by a system for requesting information for using content, the content being used and an operation name for the content and a portable storage medium. Transmitting an identifier to a license server that manages use of the content; and transmitting, from the license server, information on use conditions of the content and an operation name for the content in a form decodable by the transmitted identifier of the portable storage medium. A receiving step; and a computer-readable recording medium recording a program for operating the computer. 11. A content use control method in a license server which manages use of content, wherein a step of accepting a use condition for permitting use of a content and an operation name for the content is performed. And registering the content in association with an operation name for the content. 12. In a content use control method in a copyright holder system for registering a use condition and an operation name for the content in permitting use of the content, a content to be licensed is registered as a secret content in a server that manages the content. And a step of registering, in the server that manages the use of the content, the use condition of the license and the operation name of the confidential content with respect to the registered confidential content. . 13. A content use control method in a license server that manages use of content, a step of receiving a content use request and an identifier of a use unit that uses the content, Encrypting information on usage conditions of the content and an operation name for the content in a form. 14. A content use control method in a user system using contents, a step of transmitting a contents use request, an operation name for the contents, and an identifier of a use unit using the contents, Encrypting information relating to the use condition of the content and the operation name for the content in a form that can be decrypted by the identifier; and controlling the use of the content based on the encrypted information and the identifier of the use unit. A content use control method, comprising: 15. A content use control method in a system for requesting information for using content, wherein a content use request, an operation name for the content and an identifier of a portable storage medium are managed for use of the content. Transmitting to the license server; and receiving, from the license server, information on use conditions of the content and an operation name for the content in a form decodable by the transmitted identifier of the portable storage medium. Content usage control method.