JP2002342518A - System and method for contents use management - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a contents use management system, etc., which enables a server to surely and easily control the use of contents on a user terminal without placing any load on the user terminal. SOLUTION: The server 100 of the contents use management system is equipped with a user right information DB 120 which stores right information regarding the right to use contents that the user using the user terminal 200a has and a contents information generation part 170 which generates LT as right information showing part of the use right that the user has at a request made by the user and sends it to the user terminal 200a. The user terminal 200a, on the other hand, is equipped with a communication part 210 which receives the LT sent from the server 100 and a license information processing part 260 which controls the use of the contents according to the use right that the received LT shows.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a system and method for managing the use of digital content such as music and video distributed by communication and broadcasting, and more particularly to content right management for limiting the number of times content is played back and the like. The use control can be performed reliably and easily.

[0002]

2. Description of the Related Art In recent years, systems for distributing digital works such as music, video, games and the like via the Internet and digital broadcasting have been developed, and some of them have reached the stage of practical use. In distributing these contents,
From the viewpoint of copyright protection and the like, a content right management and usage control method (DRM: Digital Right) that restricts the number of times of reproduction, movement, and duplication of distributed content
ts Management) is also being studied.

In a conventional digital content distribution system, Japanese Patent Laid-Open No. 2000-48076 and
As disclosed in Japanese Patent Application Laid-Open No. 293439, the usage conditions for the content of each user are distributed together with the content to the receiving side, and are all managed on the user terminal side.

[0004] For example, when a user enters a movie "Matri
In the case of purchasing the right to watch three times for “x”, the user terminal transmits the movie “Mat
and the usage condition indicating that "Matrix can be viewed three times" is received, and the reproduction of the content is managed in accordance with the usage condition.

[0005] After distributing the use conditions to the user terminal, the distribution server is not involved in the use conditions of the user. The content stored by the user terminal is played back and “Matri
In the case of viewing x ", a process of reducing the use condition managed by the user terminal by one each time the user views the content is performed, and a process of disallowing viewing is performed when the number of viewable times becomes zero. Done.

FIG. 17 shows the configuration of a conventional digital content distribution system.

[0007] The distribution server 1000 includes a user management database 1 for storing ID information of registered users.
001, a content information database 1003 for storing a content key for encrypting the content and usage conditions of the content, a content database 1006 for storing the content, and a user authentication unit 1 for performing user authentication
002, a content information generating unit 1004 for generating content information including information on content usage conditions and content keys, and a content information encrypting unit 1005 for encrypting the content information with user-specific information such as a user ID.
A content acquisition unit 1007 for acquiring the content specified from the content database 1006, a content encryption unit 1008 for encrypting the content with a content key, and a communication unit 1009 for communicating with the user terminal 2000.

On the other hand, the user terminal 2000 includes a communication unit 2001 for communicating with the distribution server 1000, an ID information storage unit 2002 for storing ID information, and a storage unit 2003 (HDD) for storing encrypted content. ), A content information decryption unit 2006 for decrypting the content key and the usage condition from the received content information, a usage condition management unit 2007 for managing the content usage condition and the content key, and a process of the usage condition at the time of content reproduction. A usage condition processing unit 2008, a content decryption unit 2005 that decrypts the content with the content key acquired from the usage condition processing unit 2008 when the usage condition is satisfied, and an external media access unit 2004 that outputs the content to the external medium 5000. Have.

[0009] FIG. 18 is a block diagram of a digital content distribution system according to the present invention.
The processing flow when purchasing content from 00 is shown.

When a user makes a content purchase request, the communication unit 2001 of the user terminal 2000 acquires the ID information of the user terminal 2000 stored in the ID information storage unit 2002, and distributes the ID information and the content purchase request. The data is transmitted to the server 1000 (S1001).

[0011] This information is transmitted to communication unit 1 of distribution server 1000.
The user authentication unit 1002 received through the process 009 checks the received ID information with the ID information stored in the user management database 1001 to perform user authentication.
The content purchase request is passed to the content information generation unit 1004 (S1002).

The content information generation unit 1004 performs a charging process for the purchase of the content, acquires the usage conditions of the purchased content and information on the content key from the content information database 1003, and sends the content key to the content acquisition unit 1007 together with the information on the purchased content. hand over. Also, content information including the usage conditions and the content key information is generated and passed to the content information encryption unit 1005, and the content information encryption unit 1005 encrypts the content information (S1003).

The content acquisition unit 1007 acquires the corresponding content from the content database 1006, and the content encryption unit 1008 encrypts the content with the content key (S1004).

The communication unit 1009 of the distribution server 1000
The encrypted content and the encrypted content information are transmitted to the user terminal 2000.

The communication unit 2001 of the user terminal 2000
It receives the encrypted content and the encrypted content information including the content key and the usage condition information (S1005), and sends the content to the storage unit 2003 for storage (S1006).

The content information is sent to the content information decoding unit 2006. Content information decryption unit 2006
Decrypts the encrypted content information, extracts the usage condition and the content key, and
07 (S1007).

FIG. 19 shows a processing flow when the user terminal 2000 reproduces content in this digital content distribution system.

When there is a content reproduction request from the user, the usage condition processing unit 2008 obtains the usage condition and the content key of the corresponding content managed by the usage condition management unit 2007 (S2001), and reproduces the usage condition. Check (number of times reproduction is allowed) (S200)
2).

If the number of reproductions is greater than 0 (S200
3), the number of reproductions of the usage condition is decremented (S20)
04), using the usage condition and the content key in the usage condition management unit 2
007 (S2005).

[0020] The content decrypting section 2005 is composed of
03 (S2006), and
The content is decrypted using the content key passed from the use condition processing unit 2008, and the content is reproduced (S2
007). If the number of times of reproduction is not larger than 0 in step S2003, the reproduction process ends.

The video / audio of the reproduced content is output from the content decoding unit 2005 to a monitor such as a TV. When the content is moved to the external medium 5000 or copied, the video / audio of the content is output to the external medium 5000 via the external media access unit 2004.

In order to prevent leakage of secret information, the ID information storage unit 2002, the content information decryption unit 2006, and the use condition management unit 2007 that handle secret information are usually
The security module is installed on a security module such as an IC card, and the security module is mounted on the user terminal 2000.

In this case, when the use condition management unit 2007 sends the use condition and content key information to the use condition processing unit 2008, the information is encrypted and output from the security module, and the use condition processing unit 2008
The information is decrypted and used. The use condition updated by the use condition processing unit 2008 is stored in the use condition management unit 20.
When the data is stored in 07, it is re-encrypted and sent to the security module.

In the conventional digital content distribution system, use conditions for each user's content are managed on the user terminal side in this manner.

[0025]

However, when the use conditions of each user are managed by the user terminal, there are the following problems. (1) Complicated use condition management at the user terminal is required, and the function of the user terminal may be enlarged. (2) Since the distribution server has no relation to the use / right management processing of the distributed content, even if the content is copied at the user terminal, the content server tracks the content, and when and on what medium the content was copied. Cannot be detected. (3) When the storage means (HDD) of the user terminal crashes, it is difficult to recover the usage conditions of the user and the like (because no information other than the user terminal holds the information). (4) When a new content is purchased, the distribution server and the user are required to perform a service such as automatically increasing the number of playbacks of the usage conditions of the purchased content by one or to add a new usage condition. Terminal both hard,
Software changes are required. For this reason, it is practically difficult to perform such a service as extending the use condition or adding the use condition.

Further, all the usage conditions of each user are managed on the distribution server side, and the user terminal does not control the usage conditions, and the content itself (or the content is encrypted via communication) each time the user views. In such a case, a model in which the content key alone may be obtained from the distribution server can be considered, but in this case, there are the following problems. (5) After the content has been delivered to the user terminal, use control for the content is not performed, so that the user terminal can use (particularly reproduce) the acquired content without restriction.

[0027] The present invention is to solve such a conventional problem. A content use management system in which a server reliably and easily controls the use of contents at a user terminal without burdening the user terminal, The purpose is to provide a content usage management method and the like.

[0028]

In order to achieve the above object, a content use management system according to the present invention transmits a terminal device using a content that is a digital work and transmits the use of the content in the terminal device. A content use management system comprising: a server device that manages the terminal device via a path, wherein the server device stores right information relating to use rights of content owned by a user who uses the terminal device; Based on a request from the user, generates a license ticket that is rights information indicating a part of the usage rights owned by the user, and includes a license ticket issuing unit that transmits the license ticket to the terminal device. Receiving means for receiving a license ticket transmitted from the server device;
It is characterized by comprising a content use control means for controlling the use of the content according to the use right indicated by the received license ticket.

In this specification, “use” of content means “reproduction”, “move”, “copy” of content.
And all operations that use the content, such as "printing" the contents of the e-book, and also downloading "license information" (downloading a license ticket in advance) as a pre-action for these operations. Shall be included.

Here, the license ticket issuing means obtains from the user a request for designating a part of the right of use owned by the user, generates a license ticket corresponding to the designation, and transmits the license ticket to the terminal device. Or generating a license ticket indicating a minimum unit of usage right constituting the usage right owned by the user and transmitting the generated license ticket to the terminal device. According to this configuration, it is possible to grasp the usage status of the content in each terminal device in detail and to minimize the management load of the usage authority in each terminal device.

Further, the license ticket may include detection information for detecting whether or not the content of the license ticket has been tampered. This makes it possible to reliably prevent the license ticket from being falsified.

The present invention can be realized as a server device and a terminal device constituting the above-mentioned content use management system, or as a content use management method in which characteristic means constituting the server device and the terminal device are steps. Or a program that causes a personal computer or the like to execute the steps. It goes without saying that the program can be widely distributed via a recording medium such as a DVD or a transmission medium such as the Internet.

[0033]

Embodiments of the present invention will be described below in detail with reference to the drawings. FIG. 1 is a diagram showing an overall configuration of a content use management system 1 according to the present embodiment.

In the content use management system 1, a center uses the center as a main body to operate a use right (license) for each content that is granted to a user who has purchased digitized content such as music, a movie, and a book. A license ticket (hereinafter, also referred to as “LT”) for managing contents is distributed based on a user's request so that the contents can be used within a range of use conditions included in the LT. This is a system for protecting the copyright of the content, and includes a server 100 provided in a center, user terminals 200a to 200c used by users who use the content, and a communication network 300 connecting these. You.

The server 100 is a computer such as a workstation, and functions as a user management server, a content distribution server, a billing server, and a license management server. Specifically, the server 100 manages the user who has subscribed to the present system 1 and the terminals owned by the user, accepts purchase of content from the user terminals 200a to 200c, and receives the user terminals 200a to 200c.
c from a license ticket issuance request (hereinafter referred to as “LT
Issuance request ”. ) Has a Web page that accepts the content, charges for the content purchase request from the user terminals 200a to 200c, distributes the encrypted content to the user terminals 200a to 200c, and encrypts the content in response to the LT issuance request. Content is transferred to the user terminal 200a
For example, the LT for use in the server 200c is distributed. The LT includes a content key for decrypting the encrypted content, and a cut-out use condition obtained by cutting out a part of a use right (license) given to the user for the content.

The user terminals 200a to 200c are computer devices such as a personal computer, a portable information terminal, and a digital television, and function as clients for the server 100. Specifically, the user terminal 200
a to 200c operate in accordance with the user's operation using a tool such as Internet browser software.
The user accesses the eb page and transmits a content purchase request to receive distribution of the content, or transmits an LT issuance request to receive the LT when using the content, and reproduces the content within a range of the LT use conditions.

The user terminal 200a has an external medium 500b (for example, an SD card) for the user terminal 200b and an external medium 500 for the user terminal 200c.
c (for example, an IC card) can be attached, and the content or LT held by the user terminal 200a can be copied or moved to the external media 500b, 500c,
It is configured such that the content can be reproduced on the user terminals 200b and 200c.

The communication network 300 is a wired or wireless communication medium such as the Internet or CATV or a digital broadcast.

FIG. 2 is a functional block diagram showing the configuration of the server 100 and the user terminals 200a to 200c shown in FIG. Since the functional configurations of the user terminals 200a to 200c are the same,
Are shown as representatives. The figure also shows the communication network 300.

The server 100 is roughly divided into data portions (user management DB 110, user right information DB 120, content information DB 130, content D) realized by data files stored on a hard disk or the like.
B140), and processing units (user authentication unit 150, user right processing unit 160, license information generation unit 165, content information generation unit 170) realized by hardware such as a CPU, a RAM, a ROM, and programs executed by the CPU. , A content information encryption unit 175, a content acquisition unit 180, a content encryption unit 185, and a communication unit 190).

The user management DB 110 stores user information and the like of users who have registered as members in the content use management system 1. Specifically, the user management DB 110
Is a unique client ID (terminal ID) assigned to each user terminal to manage user rights
Is managed in association with the user information including the user ID, and the client ID of the user terminal owned by the registered user and the unique ID information (user ID) given to the user And a user management table 111 for registering and managing user information and the like of the user.

The user right information DB 120 stores user right information (license) for contents.
Specifically, the user right information DB 120 uses the content purchased by the user and the remaining information of the usage right (license) possessed by the user with respect to the content in a mode of use (for example, reproduction, movement, copying, printing, use). User right information management table 12 for management for each period, etc.
This is a storage unit that stores a plurality of 1s.

The content information DB 130 stores content related information (content key and the like). Specifically, the content information DB 130 holds a plurality of content keys 131 for encrypting the content, a content key table 132 that records the correspondence between the content key 131 and the content ID, and the like.

The contents DB 140 stores contents. Specifically, the content DB 140 stores a plurality of contents 141, and the contents and the content IDs.
And a content table 142 in which a correspondence relationship with the content table 142 is recorded and stored.

The user authentication section 150 performs user authentication. Specifically, the user authentication unit 150
ID information (client ID) included in the content purchase request or LT issuance request received from 00a to 200c
From the user management table 111, the user ID
Identify the rights managed by the server. The user authentication unit 150 updates the user information in the user management table 111 when the user's address or the like is changed, or updates the user management table 111 when the user's terminal device is purchased. Or a client ID.

The user right processing unit 160 registers user right information on the content in response to a purchase request, and updates right information in response to a use request. Specifically, the user right processing unit 160 executes a charging process in response to the content purchase request, and then registers the user's right in the user right information management table 121 of the user right information DB 120.

Since the accounting process itself is not the essence of the present invention, the portion for executing the accounting process is not shown in the figure. When registering a user right, UR-Us (Usag) which is user right information managed by the server.
e Rule for User on server
An initial value set by the content provider is given as r). Further, upon receiving the LT issuance request, the user right processing unit 160 uses the usage right UR-Uc (Usage Rulefor) requested by the right information UR-Us at that time.
It is checked whether the user can extract User on client, and when it is confirmed, the requested usage right UR-Uc is passed to the license information generation unit 165, and the right information UR-Us managed by the server is extracted. The content is updated to the content decremented by UR-Uc. Also, the user right processing unit 160 receives the notification of the change of the right information from the content provider, for example, when there is a notification to the content purchaser that the number of uses is increased or the usage period is extended in the service, Update the license information of the buyer uniformly.

The license information generation unit 165 generates a use right and license information of the requested content.

The content information generation unit 170 obtains a content key from the content information DB 130, and obtains content information (L) including license information passed from the license information generation unit 165 and information on the obtained content key.
T). Specifically, the content information generation unit 1
70 accesses the content information DB 130 to obtain the content key 131 corresponding to the content ID using the content key table 132, and obtains the content key and the license information passed from the license information generation unit 165, the cut-out use condition ( L including UR-Uc)
Or generate T.

The content information encrypting section 175 encrypts the content information. More specifically, the content information encrypting unit 175 encrypts the LT content key and the footer, if necessary, if necessary. This encryption is performed, for example, with the terminal ID (client ID) of each of the user terminals 200a to 200c that has issued the LT issuance request. Thus the client ID
, The LT can be bound to the user terminal having the client ID.

It is to be noted that a public key cryptosystem may be used to perform encryption with the user's public key. Alternatively, encryption may be performed using a secret key shared between the server and the terminal.

The server 100 and the user terminal 200a
For example, SSL (Secure Soc)
SA in a mutual authentication format such as
When C (Secure Authenticated Channel: secure communication path with authentication) is formed and a secure communication path is secured between the server and the terminal, the encryption of the license information is optional (not essential). However, in this embodiment, a description will be given assuming that a SAC is formed between server terminals, and that the content information encryption unit 175 performs LT encryption processing.

The content acquisition section 180 acquires the designated content from the content DB 140. Specifically, the content acquisition unit 180 stores the content DB 14
0 with reference to the content table 142 of the content I
The content 141 corresponding to D is acquired and passed to the content encryption unit 185.

The content encryption section 185 encrypts the content. Specifically, the content encryption unit 185
Encrypts the content passed from the content encryption unit 185. This encryption is performed using a content key.

The communication section 190 communicates with the user terminal 200. Specifically, the communication unit 190 is a communication interface realized by a script or a program described on a Web page that communicates with the user terminals 200a to 200c via the communication network 300. It analyzes the transmitted command or message, requests the user authentication unit 150 for processing according to the result, or transmits the content passed from the content encryption unit 185 to the user terminals 200a to 200a.
200c or the content information encryption unit 175
Distributes the LT passed from the terminal to the user terminals 200a to 200c, and forms a SAC with the terminals.

On the other hand, the user terminal 200
Operation unit 220, ID information storage unit 230, content storage unit 240, LT storage unit 245, content information decryption unit 250, license information processing unit 260,
Content decryption unit 270 and external media access unit 2
80.

The communication unit 210 performs communication with the server 100. Specifically, the communication unit 210 communicates with the server 1 via the communication network 300 according to browser software or the like.
00 is a communication interface for communicating with the operation unit 2
In response to a request from the server 20, a content purchase request message or an LT issuance request message is transmitted, the content transmitted from the server 100 is stored in the content storage unit 240, and the LT is stored in the LT storage unit 245. And a communication unit 190 of the server 100.

The operation unit 220 is a user interface for receiving a user operation and displaying a Web page provided by the server 100.

The ID information storage unit 230 stores the ID of the terminal.
Information (client ID) is stored. Specifically, I
The D information storage unit 230 stores and holds a unique client ID embedded in advance for each terminal. Further, the ID information storage unit 230 may hold a public key and a secret key of a public key cryptosystem for encrypting the LT, or an encryption key of a common key cryptosystem.

The content storage unit 240 stores, for example, an HD
D and the like, and stores encrypted content.
The LT storage unit 245 stores the L transmitted from the communication unit 210.
Store T.

The content information decryption section 250 decrypts the content key and the license information from the received content information (LT). Specifically, the content information decryption unit 250 decrypts the content key and the like included in the LT stored in the LT storage unit 245 with a client ID, a secret key of a public key encryption method, or a secret key of a common encryption method. Become

The license information processing section 260 determines whether the content key can be used based on the license information. Specifically, the license information processing unit 260 determines whether or not the content can be reproduced, and if the content can be reproduced, passes the content key to the content decryption unit 270.
In the content reproduction processing by 0, monitoring is performed so that the cut-out use conditions are observed.

[0063] Content decrypting section 270 decrypts the content encrypted with the content key obtained from license information processing section 260. Specifically, content decryption section 270 decrypts the encrypted content with a content key received from license information processing section 260,
The content is reproduced under the control of the license information processing unit 260.

The external media access unit 280 outputs one or both of the content and the LT to the external medium 500b or the external medium 500c.

The ID information storage section 230, LT
The storage unit 245, the content information decryption unit 250, and the license information processing unit 260 are provided in a tamper-resistant secure module in hardware, for example, an IC card in which a chip is built. In this case, the decryption of the encrypted license information and the processing of the license information may be performed by the security module. However, SA
When the LT is acquired from the server in a state where C has been established, the encryption of the license information is optional, so that the decryption process is performed only when the license information is encrypted. For this reason, it is impossible to access the secret information important for copyright protection, the client ID, the content key included in the LT, the use condition, and the like from outside, and it is difficult to physically steal the secret information. It is designed to be strong against attacks. Here, the security module may be tamper-resistant software. Further, license information processing section 260 may be provided in a secure part of the user terminal.

In the content usage management system 1 configured as described above, all the right information on the content of each user is basically managed on the distribution server side. The content purchased (or pre-contracted) by the user is encrypted and stored in the content storage unit 2 of the user terminal 200a.
40. When reproducing, moving, or copying the content stored in the user terminal 200, a request and an LT issuance request message are issued from the user terminal 200 to the server 100. The server 100 checks the usage condition (or contract condition) UR-Us for the content requested by the user, and when the user has the usage right, the content information including “license information” and the content key for the user. , LT. The license information is composed of information on whether the content can be reproduced, moved, copied, etc., and the user terminal executes the use of the content permitted by the license information.

When the user acquires individual contents by purchasing or the like, the user right information DB 120 of the server 100 manages usage conditions relating to the contents acquired by the user. This format is called a purchase model each time. This system is also applicable to a subscribed type (prior contract type) model. The subscribed type is a form of tier billing in broadcasting, and is a billing form in which all programs on a corresponding channel can be viewed when a channel contract is made. In this case, the user right information DB 120 holds contract information as user right information.

FIG. 3 is a diagram showing a configuration example of the user management table 111 shown in FIG.

The user management table 111 includes a user ID assigned to a user who has joined the content use management system 1 and user information (“name”, “address”, “telephone number 1”) associated with the user ID. , "Phone number 2", ..., "E-mail 1", "E-mail
,...), And client IDs (“client ID 1”, “client ID 2”, “client ID 3”,...) Previously assigned to user terminals used by the user in the content use management system 1. You. User management table 1 configured in this way
According to 11, when the client ID is known, the user ID of the user who owns the terminal device of the client ID
Can be specified.

FIG. 4 is a diagram showing a configuration example of the user right information management table 121 shown in FIG.

This user right information management table 121
Is the client ID or user ID, the content ID of the content purchased by the user, and the content ID.
Is set for each user and the usage rights (UR
-Us) and remaining information set for each mode of use of the usage right (license) owned by the user. The remaining information set for each mode of use includes information on how many times the content purchased by each user can be reproduced, how many times the content can be moved, how many times the content can be copied, and how many times the content can be copied. It shows how long it can be used, how many copies of the content can be printed, and so on. The longest usage time attached to the remaining information indicates the maximum time during which the content can be continuously used in the reproduction process and the like, and the one-time determination threshold value is the time for determining that the content is used once. The cumulative usage time indicates the cumulative time during which the content can be used.

The contents of the usage right are determined in advance by the content provider or server administrator for each content in accordance with the attribute of the content. When the content is purchased, the initial value is assigned as the remaining information of the license. Is done. Here, even in the case of the same content, if the price is different depending on the usage conditions that the user can acquire,
The initial value may be different depending on the purchase price. The remaining information of the license is decremented sequentially from the initial value, or incremented in response to the service provision request of the content provider, for each usage condition and license information cut out in response to the LT issuance request of the user. .

The user right information management table 1
In 21, the use right is managed using the user ID, but the use right of the user may be managed using the client ID.

FIG. 5 is a diagram showing a configuration example of the license information shown in FIG.

This license information is generated from the extracted usage right, for example, information on the minimum usage condition element of the usage condition, and is made up of one or a plurality of availability information regarding the use of the content. It consists of the parameters that represent. Here, α shown in FIG. 5 is permission / prohibition information on action and reproduction, β shown in FIG. 5 is permission / prohibition information on action and movement, and γ shown in FIG. 5 is permission / prohibition information on action and duplication. The type and number of these pieces of availability information vary depending on the attributes of the content.

Here, the case of the minimum use right has been described. However, when the user requests, not only the requested cut-out use right, that is, a plurality of License information including usage conditions may be generated. FIG. 5 shows an example in which one piece of license information is composed of a plurality of conditions relating to the use of content. However, each piece of license information is configured as independent information, and a plurality of pieces of license information are grouped together, and It is also possible to treat as.

FIG. 6 is a diagram showing the data format configuration of the content information and LT generated by the content information generating section 170.

The LT 600 generated by the content information generating unit 170 includes one or more Ls representing an LT header 610, license information, ie, an action that is an operation content of the content, and a condition for the action.
T action tag blocks 620 # 1 to 620 # n,
It is composed of an LT content key tag block 630 and an LT footer 640.

The LT header 610 includes an LT identifier 611 indicating that the data is a license ticket handled by the content use management system 1, a version number 612 indicating a version of a specification defined by the content use management system 1, and , An LT size 613 indicating the data size of the entire LT, and a content I indicating the content ID of the content associated with the LT.
D614 and the I of the UR-Us that issued this LT.
D, a UR-Us ID 615 indicating D, an LT expiration date start time 616 indicating the date and time when this LT becomes valid,
LT expiration end time 617 indicating the date and time when
An LT movement permission flag 618 indicating whether movement of content or LT from one user terminal to portable external media or another user terminal is permitted, and L
T content key tag block 630 and LT footer 64
L indicating an encryption method (DES, AES, etc.) applied to 0
And T encryption method 619.

LT action tag block 620 # 1-
620 # n indicates an action ID 621 indicating an ID for specifying an action content for the content, and a maximum usage time 62 indicating a maximum time during which the content can be continuously operated.
2, a one-time determination threshold value 623 indicating the time for determining that the content operation is performed once, a number counter 624 indicating the maximum number of times the content can be operated by this LT, and an accumulated operation time during which the content can be operated. Cumulative usage time 62
And 5. For example, when the content is a two-hour movie or the like, the maximum usage time is usually set to two hours so that the movie can be watched to the end even when the temporary playback is interrupted (paused) for a toilet. It is set to a value longer than the time (for example, 4 hours). The cumulative use time is used when stricter use control is performed than the maximum use time, and is usually set to a value longer than 2 hours and shorter than the maximum use time (for example, 3 hours).

Here, the one-time judgment threshold value 623 is "0".
In the case of, it is determined once when the content operation (use) is started in the user terminal 200a, and when a certain time is designated, it is determined once when the time is reached. In addition, the value set in the frequency counter 624 is decremented each time a content operation is performed. However, 1
When the time determination threshold is valid (when it is not “0”), the content is decremented when the continuous operation time of the content reaches the value of the once determination threshold. In addition, the subtraction of the number counter is performed only once during the continuous operation. Further, the time set in the longest use time 622 and the accumulated use time 625 is subtracted according to the operation time of the content. However, the time set in the longest use time 622 is subtracted during the pause, but the time set in the accumulated use time 625 is stopped during the pause. It should be noted that if the value of the number-of-times counter 624 is 1 or more, “OK” indicates that the value is 0, “0” indicates that it is not, and “1” indicates the minimum use condition. Therefore, the frequency counter 624 can be used as availability information.

LT content key tag block 630
Stores a decryption key and a content key for decrypting the content associated with the LT.

The LT footer 640 is an optional block to be added or not.
A hash value by the SHA-1 algorithm is stored in order to prevent alteration of a portion immediately before the LT header 610 to the LT footer 640, that is, a portion from the LT content key tag block 630.

Note that this LT 600 has a content ID
Is stored in the LT header 610, but the content ID is set as an identifier for associating the content information with the content, and this is important because the content information can be identified from the content ID acquired when using the content. , May be stored in a tag block.

The operation of the content usage management system 1 according to the embodiment of the present invention configured as described above when purchasing content will be described below with reference to the flowchart shown in FIG.

FIG. 7 is a flowchart showing the processing performed by the user terminal 200a and the server 100 when a user purchases a content in this system.

When purchasing content, the user terminal 2
00a operates the operation unit 220 to
The user accesses the Web page No. 0 and calls the content purchase screen (1) shown in FIG.

The content purchase screen (1) displays the genres of content that can be purchased online using this system, such as “music”, “game”, “e-book”, “movie”,. , A check box for selecting these genres, a “next” button, a “back” button, and the like.

When the genre of the content to be purchased is music, the user operates the operation unit 220 to click a check box corresponding to “music” and press a “next” button. Thereby, the content purchase screen (2) shown in FIG. 9 is displayed.

The content purchase screen (2) shows the contents of “content ID”, “title name”, “rights information”, and “sales price” of the songs belonging to the genre and music, and check boxes for selecting these songs. And a "buy" button,
It consists of a "return" button and the like. The “right information” indicates the original usage conditions set by the content provider, that is, the initial value of the remaining information, the number of reproductions, the number of movements, the number of copies, the usage period, and the like. If the song to be purchased is “Ride George”, the user operates the operation unit 220, clicks the check box corresponding to “Ride George”, presses the “Purchase” button, and inputs a content purchase request.

When the user makes a content purchase request, the communication unit 210 of the user terminal 200a forms an SAC with the communication unit 190 of the server 100, and then forms the SAC of the user terminal 200 stored in the ID information storage unit 230. ID information (client ID) is acquired, and a content purchase request message including the ID information is transmitted to the server 100 (S
1). This content purchase request message is, for example,
It is composed of a message ID indicating content purchase, a content ID of content desired to be purchased, a client ID of a user terminal requesting content purchase, and the like.

When the user authentication unit 150 receives this information via the communication unit 190 of the server 100, the received I
After performing the user authentication by comparing the D information with the ID information stored in the user management DB 110, a content purchase request is passed to the user right processing unit 160 (S2). Specifically, the user authentication unit 150 determines whether the user management table 111
, And specifies the user ID from the client ID, and then passes the user ID, the content ID, and the like to the user right processing unit 160 as a content purchase request.

[0093] The user right processing unit 160 performs a charging process for content purchase, and then executes the user right information DB 120
Then, the user right information for the purchased content is registered (S3). Specifically, the user right processing unit 160
The user right information management table 121 (see FIG. 4) for the user who purchases the contents (for example, △) is accessed by accessing the user right information DB 120 and the user ID “pan”.
a01 ". Then, the user right processing unit 16
0 indicates that the song 1 is stored in the content ID column of the user right information management table 121, and the I of the right information UR-Us of the song 1 is stored in the license information column for each content ID.
D, "rights information A" and its contents are stored. The content of the right information A includes remaining information of the initial value set by the content provider (reproduction count, movement count, copy count, etc.).
Is set. Then, the user right processing unit 160 passes the content ID to the content information generation unit 170.

[0094] The content information generation section 170 acquires related information (content key or the like) of the corresponding content from the content information DB 130 and transfers it to the content acquisition section 180 (S4). Specifically, the content information generation unit 170
Accesses the content information DB 130, acquires the content key 131 corresponding to the content ID with reference to the content key table 132, and passes the acquired content key and content ID to the content acquisition unit 180.

[0095] The content acquisition unit 180 outputs the content D
The content is acquired from B140, and the content encryption unit 185 encrypts the content with the content key (S5). Specifically, the content acquisition unit 180
Accesses the content DB 140, acquires the content corresponding to the content ID by referring to the content table 142, and encrypts the acquired content, the content key received from the content information generation unit 170, and the client ID. Hand over to section 185. The content encryption unit 185 encrypts the received content with the content key, and passes the encrypted content to the communication unit 190. The communication unit 190 of the server 100 transmits the encrypted content to the user terminal 200 (S
5).

Upon receiving the encrypted content (S6), the communication section 210 of the user terminal 200 sends the content to the content storage section 240 for storage (S7).
By executing the respective processes of the user terminal 200a and the server 100, the session at the time of content purchase ends.

In the content purchase session, a SAC is formed between the user terminal 200a and the server 100, and encrypted communication is performed using a common session key. Therefore, decryption of the content purchase request message on the network is prevented. be able to.

FIG. 10 is a flowchart showing processing performed by the user terminal 200a and the server 100 when a user uses content in this system.

When using contents, the user terminal 2
The user 00a operates the operation unit 220 to display the used content selection screen shown in FIG. The use content selection screen includes a title of the content purchased by the user of the user terminal 200a, a content ID, a pre-application for a license ticket for the content for which a pre-contract has been made, a check box for the content, and a “Next” button. Button, a "return" button, and the like.

When using the content, the user operates the operation unit 220 to input usage information of the content to be reproduced. Specifically, the user displays the use content selection screen shown in FIG. 11, inputs a check mark in the check box of the content (eg, George Riding) desired to be reproduced, and clicks the “Next” button I do. Then, a content use request screen shown in FIG. 12 is displayed. The content usage request screen shows the actions, playback, move, copy available for this content,
It consists of a check box for selecting this action, a text box for entering the number of actions, a "decision" button, a "return" button, and the like.

As a part of the input of the usage information, the user
By operating the operation unit 220, a check box of a required request content (playback and movement in this example) is checked with respect to the selected content (surfing George), and a request is made in a text box of the checked request content. Enter the number (in this example, “2” times for playback and “1” times for movement) and click the “OK” button.

When a check mark is put in the check box, "1" is input in advance in the text box as the minimum use condition. Then, when the user wants to use “2” times or more, the user may input the desired number of times in the text box.

When there is a content reproduction request from the user, the communication unit 210 of the user terminal 200 forms an SAC with the communication unit 190 of the server 100 and then stores the ID information in the ID information storage unit 230.
It acquires the ID information (client ID) of the user terminal 200 stored in the server, and transmits an LT issuance request message including the ID information to the server 100 (S11). This L
The T issuance request message includes, for example, a message ID indicating an LT issuance request, and a content I of the content to be used.
D (for example, song 1) and content reproduction request, that is, request information indicating the content of the content use request (reproduction twice,
(One transfer) and a client ID (for example, nat01) of the user terminal that requests LT issuance.

The user authentication unit 150, which has received this information through the communication unit 190 of the server 100, authenticates the user by comparing the received ID information with the ID information stored in the user management DB 110, and then performs the user authentication. The content reproduction request is passed to the user right processing unit 160 (S1
2). Specifically, the user authentication unit 150 refers to the user management table 111, specifies the user ID from the client ID, and then sets the user ID and the client ID, the content ID, the request information, etc. as the content reproduction request to the user right. This is passed to the processing unit 160.

The user right processing unit 160 confirms the user right information on the requested content registered in the user right information DB 120 (S13).
Specifically, the user right processing unit 160 accesses the user right information DB 120 and stores the user right information management table 121 (see FIG. 4) for the user who uses the content (for example, △) in the user ID “pana01”. ”. Then, the user right processing unit 160 refers to the content ID column of the user right information management table 121 and the song 1, and reproduces the remaining information (UR-Us) of the song 1,
It is checked whether the movement is included, whether the number of times requested for reproduction and movement remains, and the like.

In addition, subscribed type (prior contract type)
In the case of (1), the confirmation of the user's right information is performed by determining which subscription (contract) includes the requested content and whether the user has the subscription. It is done by doing.

If the registered right information includes reproduction right information for the requested content (S14), the user right processing unit 160 generates license information based on the right information. Part 165
To update the content of the reproduction right information (decrement the number of reproducible times) and store it in the user right information DB 120 (S15). The license information generation unit 165 generates license information based on the information transmitted from the user right processing unit 160 and passes it to the content information generation unit 170 (S
15). Specifically, as shown in FIG. 13, the user right processing unit 160 determines the remaining information of the content ID of the user ID “pana01”, the number of reproductions “10”, the number of movements “2”, and the number of copies “3”. Times ”,“ 8 times ”
The number of moves is updated to "1" and the number of copies is updated to "3", that is, the usage conditions (UR-Us) are reduced from 10 times to 8 times for reproduction, and 3 times to 2 times for movement, and the license is updated. The information generation unit 165 passes the license information of the number of times of reproduction “2 times” and the number of times of movement “1 time” to the content information generation unit 170, and causes the user terminal 200a to send it as LT.

[0108] According to the judgment of the server side, a usage right that does not satisfy the usage right requested from the user terminal can be transmitted as LT. For example, 2
Even if the right of reproduction is requested, by transmitting one reproduction right as LT, the business
It is possible to secure a policy of transmitting the minimum usage right every time.

The content information generating section 170 reads information on the content key of the content from the content information DB 130, and generates content information (LT) including the content key and license information (S16).
Specifically, the content information generation unit 170 includes an LT header 610, an LT action tag block 620 # 1 of the number of times counter “2” for action and reproduction, and an action and movement of the number of times counter value “1”. , An LT action tag block 620 # 2, an LT content key tag block 630, and an LT footer 640.
Generate 600. The content information encryption unit 175 includes:
This content information is encrypted (S16). Specifically, content information encryption section 175 encrypts LT content key tag block 630 and LT footer 640.

The communication section 190 of the server 100 transmits the encrypted content key and license information to the user terminal 200 as LT.

In step S14, if the user's right information does not include the reproduction right information related to the requested content, the server 100 transmits a non-reproduction response message to the user terminal 200. The non-reproducible response message includes, for example, a message ID indicating a response to the LT issuance request message, and a UR-
It is composed of a status ID indicating that Us does not exist and cannot be reproduced.

On the other hand, in the user terminal 200, the communication unit 210 that has received the content information stores the LT in the LT storage unit 24.
5, the LT and the client ID stored in the ID information storage unit 230 are stored in the content information decoding unit 250.
(S18). The content information decryption unit 250 converts the encrypted content information (LT) into a client ID.
And passes the license information and the content key to the license information processing unit 260 (S18).

The license information processing section 260 checks the reproducibility information of the license information (S19), and if the reproducibility is possible (S20), passes the content key to the content decryption section 270. Specifically, the license information processing unit 26
A value of 0 checks whether or not the action / reproduction counter is 1 or more, and if it is 1 or more, passes the content key to the content decryption unit 270. The content decryption unit 270 acquires the content from the content storage unit 240 (S21), decrypts the content with the content key, and plays back the song 1 "Wave George" under the management of the cut-out use condition of the license information processing unit 260. Yes (S2
2).

By the way, the action and reproduction LT action tag block 620 # 1 includes the value of the number counter, the threshold value for once determination, the longest use time, and the accumulated use time.

[0115] For this reason, with respect to the reproduction of the content on the user terminal, if a certain time has elapsed from the start of the reproduction, 1
By taking a method of determining that the reproduction has been performed twice and distributing the information of this fixed time from the distribution server, the fixed time can be varied.

It is also possible to adopt a method in which, assuming that reproduction has been performed once at the start of reproduction and within a certain period of time from the start of reproduction, the same reproduction is considered and reproduction is permitted. Information indicating the range can be distributed to set a time limit for one-time reproduction.

That is, as shown in FIG. 14, if a certain time is set as the one-time judgment threshold value, in the case of reproduction less than that time (for example, pre-reproduction such as cueing, etc.), that threshold is set. Playback is not counted as one. Then, it is possible to count the reproduction as one time only after reaching the one-time determination threshold value. In addition, if a certain time is set for the maximum usage time, the content can be intermittently reproduced by consuming only one reproduction right until the maximum usage time is reached. It is possible to realize a flexible use form such as a stop (pause).
If a certain time is set in the cumulative use time, the content can be cumulatively reproduced until the cumulative use time is reached. Therefore, various content uses can be provided to the user.

The policy regarding the method of determining the reproducible period may be changed according to the type of content (for example, movie and music).

[0119] When the reproduction impossible response message is received from the server 100 (S17), and when the license information cannot be reproduced in step S20,
The process ends without playing back the content. Here, the notification of the reproduction non-provision is made by, for example, a status code ER indicating that there is no usage right UR-Us corresponding to the request.
This is performed by a response message formed by ROR_URUS. Alternatively, the reproduction may be notified by the LT including the LT action tag block 620 in which the value of the reproduction number counter is “0”.

When the license information specifies only one use of the content, the license information processing section 260 deletes the license information after using the content or sets a flag indicating that the license information is invalid. Then, processing for invalidating the license information (LT) is performed.

When the license information includes a plurality of action conditions (for example, reproduction and movement) and collectively handles them as license information for one content, only the used condition (for example, reproduction) is used. Disable.

In addition, even in the subscribed type, there are cases where unlimited use is permitted for each content (for example, tier billing) and cases where an upper limit of use conditions is set (for example, PPV (Pay Per Vi)).
ew), the maximum monthly charge is 5000 yen, etc.). If there is an upper limit on the usage conditions, the above-mentioned contract is determined at the time of confirming the user's right information, and then a determination is made as to whether the user has usage conditions for the content (contract type determination each time). ). In addition, the user right information DB 120
The contract information database and the usage condition database may be separately managed.

Here, in the content usage management system 1, when the movement or duplication of the content is “permitted” by the license information, the right information along with the content is transferred to the external media 500b and 500c via the external media access unit 280. (Usage conditions) and content keys can be moved. At this time, the right information is moved or copied after being converted into a data format supported by the external media 500b and 500c. The content is also cryptographically converted (re-encrypted) using an encryption method supported by the external media 500b and 500c. Similarly, the content key is also an encryption key corresponding to the encryption method supported by the external media 500b and 500c. Is converted to In this way, by using the external medium, the content can be used while protecting the copyright of the content by a content management method different from that of the content usage management system 1. However, when the external medium can support the content use management system 1 of the present invention, data conversion of rights information and encryption conversion of contents are unnecessary.

FIG. 15 is a flowchart showing the processing performed by the user terminal 200a when moving contents or LT to external media in this system.

When moving the contents or LT, the user of the user terminal 200a operates the operation unit 220,
The moving content selection screen shown in FIG. 16 is displayed. This moving content selection screen is displayed on the user terminal 200.
The title of the content purchased by the user a, the content ID, a license ticket received in advance, and the like, check boxes for these contents and LT, an "OK" button, and the like. The user displays the usage content selection screen shown in FIG. 16 and inputs a check mark in a check box of the content desired to be moved (for example, George Riding),
Click the "OK" button.

When there is a user's content transfer request, the license information processing section 260 of the user terminal 200a
A client ID stored in the D information storage unit 230;
The LT stored in the LT storage unit 245 is passed to the content information decoding unit 250. The content information decoding unit 250
The encrypted content information (LT) is transmitted to the client I
D, and passes the license information and the content key to the license information processing unit 260.

The license information processing section 260 checks whether or not the license information can be moved, and determines whether or not the license information can be used, that is, if the value of the number-of-times counter of the action / movement LT action tag block 620 # 2 is 1 or more (“before use”). "Or" after use and available ") is determined (S31). If the content can be used (Yes in S31), the content decryption unit 270 and the external media access unit 280
Through the external medium 500b or the external medium 5
It is determined whether 00c can process the LT (S32).

If the processing is not possible (No in S32), license information processing section 260 determines whether or not to convert the use condition into information converted into content control information (S33). That is, the license information processing unit 2
60 is the external medium 500b or the external medium 5
00c determines whether the content can be managed by the tamper-resistant secure module based on the content control information. If managed, the license information processing unit 260 converts the movement LT action tag block 620 # 2 into content control information (S34), and passes the converted content control information and content key to the content decryption unit 270. The content decryption unit 270 is a content storage unit 240
, And decrypts the content with the content key, and passes the decrypted content and the content control information passed from the license information processing unit 260 to the external media access unit 280. The external media access unit 280 moves the decrypted content and the content control information passed from the content decryption unit 270 to the external medium 500b or the external medium 500c (S
35).

[0129] If the process can be performed in step S32, license information processing section 260 passes the LT to content decryption section 270. The content decryption unit 270 acquires the content from the content storage unit 240, decrypts the content with the content key, and passes the decrypted content and the LT passed from the license information processing unit 260 to the external media access unit 280. . The external media access unit 280 transmits the decrypted content and the LT passed from the content decryption unit 270 to the external medium 500b.
Alternatively, it moves to the external medium 500c (S35).
In this case, the content decryption unit 270 passes the content to the external media access unit 280 without decrypting the content, and the external media access unit 280 transmits the content to the external media 500b or 500c while encrypting the content.
(S35).

Therefore, the content can be used on another terminal such as a portable information terminal or a digital television via the external medium 500b or the external medium 500c.

If the content is not usable in step S31, that is, if the value of the frequency counter of the action / movement LT action tag block 620 # 2 is "0", or if the external medium 500b or 500c is If the content cannot be managed by the tamper-resistant secure module by the control information, the license information processing unit 260 ends the transfer processing. Therefore, copyright is not harmed.

Although the flowchart has been described with respect to movement, the present invention can be applied to copy processing by changing step S35 to copy processing. Alternatively, only the LT obtained in advance may be moved or copied to the external medium 500b or the external medium 500c.

As described above, in this system, the use of each user for content can be managed mainly by the distribution server side. Therefore, the server can grasp the usage status of the content in each user terminal. In addition, even when a service for extending the acquired rights of the user is implemented in a bonus campaign or the like, it can be realized only by upgrading the user right information stored in the distribution server.

On the other hand, the user terminal only needs to execute control relating to reproduction, movement, duplication, and the like based on the license information, thereby avoiding the burden of complicated use condition management. In addition, by unifying such management of usage conditions on the distribution server side, it is possible to prevent unauthorized use such as falsification of usage conditions at the terminal.

As is clear from the above description, according to the content use management system according to the present embodiment, server 100 stores right information relating to the use authority of the content owned by the user using user terminal 200a. A user right information DB 120; and a content information generating unit 170 that generates LT, which is right information indicating a part of usage rights owned by the user, based on a request from the user, and transmits the LT to the user terminal 200a. , The user terminal 200a receives the LT transmitted from the server 100.
And a license information processing unit 260 that controls use of the content in accordance with the use authority indicated by the received LT.

Therefore, in the terminal device, it is not necessary to manage all the use rights owned by the user, and the use of the content can be controlled only by managing a part of the use rights of the user indicated by the license ticket. The management burden can be greatly reduced. In addition, the server device can grasp the usage status of the content in each terminal device in conjunction with the issuance of the license ticket, and inquires of the server device for a copy permission even when the content is copied in the terminal device. By doing so, it is possible to detect when and to what medium the content was copied, and the content can be tracked. In addition, since the server device holds the use authority owned by the user, even when the storage unit (HDD) of the terminal device crashes, the use condition of the user can be easily restored, and the use condition of the content can be easily restored. It is possible to easily perform a service such as a service for extending a use condition such as a service of automatically incrementing the number of reproduction times by 1, or adding a use condition. Further, since the content use control means of the terminal device controls the use of the content in accordance with the use authority indicated by the received license ticket, it is possible to reliably prevent unrestricted use of the content in the terminal device.

In the above embodiment, the content DB
The unencrypted content is stored in the content 140, and the content is encrypted and distributed when the content is purchased (FIG. 7, S5). However, the content is encrypted in advance by the content key in the server 100 and stored in the content DB 140. May be. In this case, when a purchase request is received from the user, the encrypted content can be delivered as it is, and the load on the server and the waiting time of the user can be reduced.

[0138] In the above embodiment, the case where the content and the LT are transmitted by communication has been described. However, the content or the LT can be transmitted by broadcasting. In this case, if the license information of the user is distributed to the user terminal before using the content, or the content and the LT are simultaneously distributed by broadcasting, the received content can be used immediately. Thus, it is possible to improve the response when using the content. In addition, communication processing when using content can be eliminated, and the load on the distribution server can be reduced.

In the above embodiment, the SAC is formed between the server and the terminal, and the LT encryption process is executed by the content information encryption unit 175. However, the LT encryption by the content information encryption unit 175 is performed. The processing may be omitted.

If the license information is not encrypted when the license information is obtained from the server, when the LT is stored in the LT storage unit 245, the content key is exposed, unauthorized tampering, and other operations are performed. In order to prevent unauthorized use by a user, the information may be encrypted with user-specific information such as a terminal ID (client ID) and stored. However, when the LT storage unit 245 is realized by tamper-resistant hardware, encryption is not necessary.

[0141] Further, a recording medium such as a CD-ROM or a DVD-ROM in which various kinds of encrypted contents are recorded may be distributed as an appendix of a magazine, and the user may purchase a favorite one when the user purchases it. Alternatively, the distributor distributes various contents in advance using a broadcast distribution route, and the content storage unit 24 in the user terminal 220a.
Alternatively, the present invention may be applied to a form in which the user stores the information at 0 and the user purchases only the items he likes. In these cases, when the user performs the purchase procedure, a right corresponding to the content liked by the user is generated in the user right information DB 120 in the server 100. This allows the user to request issuance of the LT when using the content. In such a form, the cost of distributing the content can be minimized, so that the effect of suppressing the price of the content itself can be expected.

Further, the present invention may be applied to a form in which encrypted content is recorded on a recording medium such as a CD-ROM, a DVD-ROM or the like, like a normal package. A user who has purchased such a recording medium performs a registration procedure, so that a right corresponding to the purchased content is generated in the user right information DB 120 in the server 100. Thereafter, an LT issuance request can be made each time the content is used.

In the above-described embodiment, an LT issuance request is issued immediately upon a user's request for reproduction. However, it is confirmed whether or not an LT is present in the LT storage unit 245. It is determined whether or not the reproduction is possible. If the reproduction is possible, the reproduction is performed. If there is no LT, an LT issuance request may be made for the first time.

Further, in the above embodiment, when the user requesting the reproduction of the content does not have the reproduction right of the content (NO in step S14 in FIG. 10), the user is notified that the reproduction is impossible. Alternatively, the processing of the additional purchase of the reproduction right may be performed with the user's consent or the implicit consent has been obtained without notifying that the reproduction cannot be performed. In this case, the method of performing the additional purchase process based on the tacit consent is a service in which the user is charged only for the use, and the purchase procedure can be simplified.

[0145] Here, a case has been described where the license information has a permission / prohibition parameter relating to one-time reproduction, movement, or duplication.
A parameter indicating either one-time permission or unrestricted permission for content reproduction may be included, or a parameter indicating either non-permitted or unrestricted permission for content movement may be included. In this case, if the license information indicates unlimited permission, the user terminal 2
The license information processing unit 260a of 00a holds the content key, and performs an operation of always providing the content key to the content decryption unit 270.

[0146] Also, by combining a plurality of pieces of availability information with the license information, it is possible to set the usage conditions of various contents. For example, reproduction availability information,
A process called Check-in / Check-out can be realized by distributing only the transferability information and combining them. Check-in / Check-o
ut creates a relationship between parent content and child content by making it possible to reproduce and not move (of course, copying is not possible), rather than just copying, when making a copy of the content.
This prevents free movement of child content. In the case of this license information, the distribution server checks the check-in /
Check-out information is held, but the license information includes a special Check-in / Cheet.
The necessity information of ck-out is not required, but Ch-out
The relationship between the parent (server) and the child (storage media) at the time of eck-in / check-out can be managed on the server side or the receiving side, and the information to be distributed can be expressed by a combination of only reproduction and movement. Therefore, the number of parameters to be delivered to the user terminal can be reduced, the burden on the user terminal can be reduced, and generation copy such as prohibition of copying from a child to a grandchild can be easily controlled.

In the above embodiment, the LT footer 6
Although the validity has been checked at 40, information for falsification detection for checking the validity may be included in each of the LT action tag blocks 620 # 1 to 620 # n.

In the above embodiment, the distributed license information (LT) before use is stored in the LT storage unit 245 of the user terminal 200a.
00b or the external medium 500c.

When the user terminal 200 moves contents to the external media 500b, 500c, it is determined whether the contents can be moved by the user terminal 200a.
Is determined in advance whether the destination external medium 500 can process the license information and only when the license information can be processed,
License information permitting movement of content may be sent to the user terminal. At this time, the distribution server
It communicates with the user terminal to acquire information on the destination external media, and determines whether or not the content can be moved.

The external media access unit 280 of the user terminal 200a determines whether the external media 500a and 500c can process the license information or what content control information can be processed by the external media 500a and 500c. Authenticates the user terminal 20
It is also possible to make the determination at 0a.

Further, in the above embodiment, the server 10
0, content distribution, billing, and the like are collectively managed in addition to rights management, but functions such as content distribution, billing, and the like may be separately formed.

[0152]

As is apparent from the above description, according to the content use management system of the present invention, the license ticket issuing means of the server device uses, based on a request from the user, the use authority owned by the user. And generates a license ticket as right information indicating a part of the license ticket, and transmits the generated license ticket to the terminal device. The content use control means of the terminal device controls the use of the content according to the use right indicated by the received license ticket.

Therefore, in the terminal device, it is not necessary to manage all the usage rights owned by the user, and the use of the content can be controlled only by managing the usage rights of a part of the user indicated by the license ticket. Management burden can be greatly reduced. In addition, the server device can grasp the usage status of the content in each terminal device in conjunction with the issuance of the license ticket, and inquires of the server device for a copy permission even when the content is copied in the terminal device. By doing so, it is possible to detect when and to what medium the content was copied, and the content can be tracked. In addition, since the server device holds the use authority owned by the user, even when the storage unit (HDD) of the terminal device crashes, the use condition of the user can be easily restored, and the use condition of the content can be easily restored. It is possible to easily perform a service such as a service for extending a use condition such as a service of automatically incrementing the number of reproduction times by 1, or adding a use condition. Further, the content use control means of the terminal device controls the use of the content according to the use authority indicated by the received license ticket, so that unrestricted use of the content at the terminal device can be reliably prevented.

Therefore, the server can reliably and easily control the use of the content at the user terminal without imposing a burden on the user terminal.

[Brief description of the drawings]

FIG. 1 is a diagram showing an overall configuration of a content use management system 1 according to the present embodiment.

FIG. 2 shows a server 100 and a user terminal 2 shown in FIG.
It is a functional block diagram which shows the structure of 00a-200c.

FIG. 3 is a diagram showing a configuration example of a user management table 111 shown in FIG. 2;

FIG. 4 is a user right information management table 1 shown in FIG. 2;
FIG. 21 is a diagram illustrating an example of the configuration of a first embodiment.

FIG. 5 is a diagram showing a configuration example of the license information shown in FIG. 2;

FIG. 6 is a diagram showing a data format configuration of an LT generated by a content information generating unit 170.

FIG. 7 is a flowchart illustrating processing performed by the user terminal 200a and the server 100 when a user purchases content in this system.

FIG. 8 is a diagram showing a content purchase screen (1).

FIG. 9 is a diagram showing a content purchase screen (2).

FIG. 10 illustrates a user terminal 200a and a server 100 when a user uses content in this system.
3 is a flowchart showing the processing performed in each of the steps.

FIG. 11 is a diagram showing a used content selection screen.

FIG. 12 is a diagram showing a content use request screen.

FIG. 13 is a diagram illustrating a relationship between cut-out use conditions distributed to a user terminal and changes in use conditions managed by a server.

FIG. 14 is a diagram showing a relationship between one use condition and one use time.

FIG. 15 shows the contents or L in this system.
User terminal 200a when moving T to external media
5 is a flowchart showing the processing performed in step (a).

FIG. 16 is a diagram showing a moving content selection screen.

FIG. 17 is a block diagram showing a configuration of a conventional digital content distribution system.

FIG. 18 is a flowchart showing a process at the time of content purchase in a conventional digital content distribution system.

FIG. 19 is a flowchart showing a process at the time of content reproduction of the conventional digital content distribution system.

[Explanation of symbols]

 1 Content Usage Management System 100 Server 120 User Rights Information DB 121 User Rights Information Management Table 160 User Rights Processing Unit 165 License Information Generation Unit 170 Content Information Generation Unit 190, 210 Communication Units 200a to 200c User Terminal 260 License Information Processing Unit 500b, 500c External Media LT License Ticket

──────────────────────────────────────────────────の Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI theme coat ゛ (Reference) H04N 5/765 H04N 7/173 610Z 5/91 5/91 P 7/173 610 L (72) Inventor Matsuo Takashi Kadoma, Osaka Prefecture 1006 Kadoma, Matsushita Electric Industrial Co., Ltd. Matsushita Electric Information System Nagoya R & D Co., Ltd. (72) Inventor Yoshimasa Goto 1006 Ojidoma, Kadoma, Osaka Pref. Matsushita Electric Industrial Co., Ltd. (72) Inventor Masanori Nakanishi Osaka 1006 Kadoma, Kadoma, Kadoma, Matsushita Electric Industrial Co., Ltd. (72) Inventor Miyaya Saki, Masaya 1006 Kadoma, Kadoma, Kadoma, Osaka Within Shimo Denki Sangyo Co., Ltd. BB02 BC01 BC06 BC17 BC18 BC22 BC25 BD02 BD03 BD08 BD13 CA14 CB01 CC04

Claims (31)

[Claims] 1. A content use management system comprising: a terminal device that uses content that is a digital work; and a server device that manages use of the content in the terminal device via a transmission path, wherein the server device A right information storage unit for storing right information relating to a right to use the content owned by the user using the terminal device; and a right indicating a part of the right to use owned by the user based on a request from the user. A license ticket issuing unit that generates a license ticket as information and transmits the license ticket to the terminal device, wherein the terminal device receives a license ticket transmitted from the server device, and receives the license ticket. Use of the content that controls the use of the content according to the use authority indicated by A content use management system, comprising: a control unit. 2. The license ticket issuance unit acquires a request for designating a part of a usage right owned by the user from the user, generates a license ticket corresponding to the designation, and transmits the license ticket to the terminal device. 2. The content use management system according to claim 1, wherein: 3. The license ticket issuing unit according to claim 1, wherein the license ticket issuance unit generates a license ticket indicating a minimum unit of use authority constituting the use authority owned by the user, and transmits the license ticket to the terminal device. Content usage management system. 4. The content use management system according to claim 1, wherein the license ticket comprises one or more pieces of propriety information regarding use of the content. 5. The content use management system according to claim 4, wherein the permission / inhibition information indicates any of permission / inhibition of reproduction, movement, and copying of the content. 6. The content use management system according to claim 4, wherein the permission information indicates whether or not the content can be used one or more times including an infinite number of times. 7. The license ticket issuance unit encrypts the license ticket and transmits the encrypted license ticket to the terminal device. The terminal device further decrypts the license ticket received by the reception unit. 2. The content use management system according to claim 1, further comprising means, wherein the content use control means controls the use of the content according to the use right indicated by the decrypted license ticket. 8. The content use management system according to claim 7, wherein said decryption means and said content use control means are tamper-resistant security modules. 9. The content use management system according to claim 1, wherein the license ticket includes detection information for detecting whether the content of the license ticket has been tampered. 10. The content use control means determines whether or not the license ticket permits further use of the content after the content is used. If the license ticket does not permit the use of the content, the license ticket is invalidated. 2. The content usage management system according to claim 1, wherein the content usage management system comprises: 11. The terminal device further comprises a removable external recording medium, wherein the content use control means includes a license ticket before the content is used and a license permitting further use of the content after the content is used. 11. The content use management system according to claim 10, wherein when the ticket permits movement of the content, the license ticket is stored in the external recording medium. 12. The terminal device further determines whether or not the external recording medium connected to the terminal device includes a unit that controls use of the content according to a use right indicated by the license ticket. 12. The content use control unit, when it is determined that the external recording medium includes the control unit, stores a license ticket in the external recording medium. Content usage management system. 13. The content usage control unit converts the license ticket into content control information of a different format when it is determined that the external recording medium does not include the control unit. Item 13. The content use management system according to Item 12. 14. The availability information includes a determination condition serving as a criterion for determining that the content has been used once, and the content usage control unit determines that the content is used once based on the determination condition. 7. The content use management system according to claim 6, wherein 15. The content use management system according to claim 14, wherein the determination condition is set according to a use mode of the content. 16. The method according to claim 16, wherein the determination condition is a time at which the content is reproduced, and the content use control unit determines that the use of the content is once based on the reproduction time of the content. 15. The content usage management system according to item 15. 17. The method according to claim 17, wherein the content usage control unit sets the one-time period within a time period indicated by the determination condition after the reproduction is started.
17. The contents use management system according to claim 16, wherein the contents use management system is regarded as times of use. 18. A server device that manages the use of the content via a transmission path for a terminal device that uses a content that is a digital work, and uses a content owned by a user who uses the terminal device. A right information storage unit for storing right information relating to the right, and generating a license ticket, which is right information indicating a part of the right of use owned by the user, based on a request from the user, and transmitting the generated license ticket to the terminal device. A server device comprising: a license ticket issuing unit. 19. The license ticket issuing means,
19. The server device according to claim 18, wherein a request for designating a part of the use authority owned by the user is acquired from the user, a license ticket corresponding to the designation is generated, and transmitted to the terminal device. . 20. The license ticket issuing means,
19. The server device according to claim 18, wherein a license ticket indicating a minimum unit of use authority constituting the use authority owned by the user is generated. 21. The server device further acquires information on an external recording medium connected to the terminal device from the terminal device based on a request from the user, and the external recording medium acquires the license. 19. The server device according to claim 18, further comprising: a determination unit configured to determine whether a unit that controls use of the content according to a usage right indicated by the ticket is provided. 22. A terminal device that receives a permission of a server device via a transmission path and uses a content that is a digital work, and transmits a license ticket, which is right information indicating a part of a usage right owned by a user. A terminal device comprising: receiving means for receiving from the server device; and content use control means for controlling use of the content in accordance with use authority indicated by the received license ticket. 23. The terminal device further includes a decryption unit that decrypts the license ticket received by the reception unit, wherein the content use control unit performs a process according to the use right indicated by the decrypted license ticket. The terminal device according to claim 22, wherein use of the content is controlled. 24. After the content is used, the content use control means determines whether or not the license ticket permits further use of the content. If the license ticket does not permit use of the content, the license ticket is invalidated. 23. The terminal device according to claim 22, wherein the terminal device is configured. 25. The terminal device further comprises a removable external recording medium, and the content use control means permits a license ticket before the content is used and further usage of the content after the content is used. 25. The terminal device according to claim 24, wherein when the license ticket permits movement of the content, the license ticket is stored in the external recording medium. 26. The terminal device further determines whether or not the external recording medium connected to the terminal device includes a unit for controlling use of the content according to a use right indicated by the license ticket. 26. The content use control unit stores a license ticket in an external recording medium when it is determined that the external recording medium includes the control unit. Terminal device. 27. The content use control means, when it is determined that the external recording medium does not include the control means, converts the license ticket into content control information in a different format. Item 27. The terminal device according to item 26. 28. A content use management method in a system including a terminal device that uses content that is a digital work and a server device that manages use of the content in the terminal device via a transmission path,
A right information storing step of storing right information relating to a right of use of content owned by a user using the terminal device; and a part of a right of use owned by the user based on a request from the user. A license ticket issuance step of generating a license ticket, which is right information indicating the license information, and transmitting the license ticket to the terminal device. The terminal device receives a license ticket transmitted from the server device, and receives the license ticket. A content use control step of controlling use of the content according to the use right indicated by the license ticket. 29. In the license ticket issuing step, a request for designating a part of the use authority owned by the user is acquired from the user, a license ticket corresponding to the designation is generated, and transmitted to the terminal device. 29. The content use management method according to claim 28, wherein: 30. A program for a server device in a content use management system, comprising: a terminal device that uses content that is a digital work, and a server device that manages use of the content by the terminal device via a transmission path. A program that causes a computer to function as means included in the server device according to any one of claims 18 to 21. 31. A program for a terminal device in a content use management system, comprising: a terminal device that uses content that is a digital work; and a server device that manages use of the content in the terminal device via a transmission path. A program for causing a computer to function as means provided in the terminal device according to any one of claims 22 to 27.