JP2003115837A - System and method for managing contents, center and method for managing security of contents, device and method for processing contents, imaging apparatus and storage medium - Google Patents

Abstract

PROBLEM TO BE SOLVED: To manage the security of each of contents produced through a plurality of contents processing jobs like a movie for the unit of the processing job. SOLUTION: In the management center, an IC card storing a key concerning the processing job in charge of contents of become a process target is issued and delivered to each of workers. In respective contents processing job systems such as editing system for work production or editing system for delivery broadcasting, the key information is read out of the IC card carried with the worker and by deciphering/enciphering the contents, the execution of the authorized processing job concerning the authorized contents can be permitted to each of workers.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a content management system and a content management method for performing copyright protection and copy control of content, a content security management center and a content security management method, a content processing device and a content processing method. BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an imaging device and a storage medium, and in particular, a content management system and content management method for managing content in a work process of producing content through a plurality of content processing operations such as movies, a content security management center, and content. Security management method of
The present invention relates to a content processing device, a content processing method, an imaging device, and a storage medium.

More specifically, the present invention relates to a content management system and a content management method for managing security for each content produced through a plurality of content processing operations such as movies in a processing operation unit, a content security management center, and Content security management method, content processing apparatus and content processing method,
The present invention relates to an imaging device and a storage medium.

[0003]

2. Description of the Related Art HD (High Vision), which allows a user to enjoy fine and delicate images with a large amount of image information, is in the practical stage as a next-generation broadcasting system. Also, 35m
Since it has the same resolution as m-film and can be projected on a large screen, research and development are also proceeding on its application to movie production and screening systems.

On the other hand, with the improvement of content recording / reproducing technology, leakage of contents and materials without permission is becoming a problem. Therefore, it is not enough to strengthen copyright laws and other laws and regulations, and from the viewpoint of information technology, copy control is performed to support the legitimate use of content or to prevent unauthorized use. It seems necessary to expand protection of rights.

In the case of HD contents such as movies,
It is used through multiple work processes such as creating (shooting) and editing of materials, production of works composed of multiple materials, movie distribution of completed works and broadcasting via broadcasting stations. When protecting contents that can be established by collaboration between multiple workers, it is not enough to perform copy control for each content, and it is necessary to provide protection management for each content processing work unit. It is thought that there is.

However, at present, no security system has been established for contents produced and provided through such complicated work steps.

[0007]

SUMMARY OF THE INVENTION It is an object of the present invention to provide an excellent content management system and content management method capable of suitably performing copyright protection and copy control of content, a content security management center, and a content management system. A security management method, a content processing device, a content processing method, an imaging device, and a storage medium are provided.

A further object of the present invention is to provide an excellent content management system, content management method, and content that can manage content in a work process of producing content through a plurality of content processing operations such as movies. To provide a security management center, a content security management method, a content processing device and a content processing method, an imaging device, and a storage medium.

A further object of the present invention is to provide an excellent content management system and content management method capable of suitably managing each content produced through a plurality of content processing operations such as movies in units of processing operations. To provide a content security management center, a content security management method, a content processing device and a content processing method, an imaging device, and a storage medium.

[0010]

The present invention has been made in consideration of the above problems, and a first aspect thereof is a content management for managing content produced through a plurality of content processing operations. In the system, a plurality of content processing means for performing one or more content processing work, a key management means for managing a key for each content for each content processing work, and the work according to the key assigned to the worker And a work permission unit for permitting a person to perform a content processing work on the content processing unit.

However, the term "system" as used herein refers to a logical assembly of a plurality of devices (or functional modules that implement a specific function), and each device or functional module is a single casing. It does not matter whether it is in the body or not.

A second aspect of the present invention is a content management method for managing content produced through content processing work on a plurality of content working devices, wherein each content is processed in units of content processing work. A key management step of managing a key, and a work permission step of permitting the worker to process the content on each content processing device according to the key assigned to the worker are provided. It is a content management method.

According to the content management system of the first aspect of the present invention and the content management method of the second aspect, the key is managed in units of content processing work for each content, and the worker manages the content. When the processing work is performed, the processing work of the content is permitted according to the key assigned to the worker. Therefore, in addition to performing copy control for each content, such as HD content such as movies, which is established by collaboration by multiple workers, content protection management is also performed for each content processing work unit. Can be realized.

Here, the key management means or step is
A key relating to a corresponding processing operation for a corresponding content is assigned to each worker who performs the content processing operation in the content processing apparatus. More specifically, the key management means or step is used in each content processing means for a decryption key used for decryption processing of encrypted content input from the previous step and for encryption processing of content output in the subsequent step. The encryption key and the content are managed for each content.

Further, the work permitting means or step is
By decrypting the encrypted content input to the content processing device by the decryption process using the decryption key assigned to the worker, it is possible to permit the authorized worker to process the content. Further, the content after the processing work can be protected by encrypting and outputting the content after the content processing work by the content processing device by the encryption processing using the encryption key assigned to the worker.

Further, the key management means or step issues an authentication medium such as an IC card storing a key for a corresponding processing operation for a corresponding content to each worker who performs the content processing operation. You may do it. In such a case, each worker can perform authentication and key sharing with the content processing device by presenting the IC card. For example, the work permission unit or step permits the content processing work by decrypting the encrypted content input to the content processing device by a decryption process using a decryption key read from the worker's IC card. At the same time, the content processed by the content processing apparatus is encrypted by the encryption process using the encryption key read from the IC card and output, so that the content processed can be protected.

A third aspect of the present invention is a content security management center or a security management method for managing security of content produced through a plurality of content processing operations for each content processing operation. A key management means or step for issuing a key for each content processing work unit, a worker registration means or step for registering a worker involved in the content processing work, and a content processing for the content that the registered worker carries A content security management center or security management method, comprising: a key allocation means or step for allocating a key for work.

According to the content security management center or the security management method according to the third aspect of the present invention, a key is issued in units of content processing work for each content, and it is applicable to each worker. Only the key for the content processing work in charge of the content is assigned. For this reason, each worker is not only prohibited from handling other content, but also cannot perform content processing work other than that in charge even if he / she is in charge of processing.

Therefore, contents such as HD contents such as movies, which are established by collaboration by a plurality of workers, are not only copy-controlled for each content, but also the contents are processed in each content processing work unit. Protection management can be realized.

Here, the key management means or step is
In each content processing operation, the decryption key used for decrypting the encrypted content input from the previous process and the encryption key used for encrypting the content output in the subsequent process are managed for each content. Good.

In such a case, in each content processing device, the input encrypted content is decrypted by the decryption process using the decryption key assigned to the worker, so that the content by the authorized worker is decrypted. The processing work of can be permitted. Further, the content after the processing operation can be protected by encrypting the content after the content processing operation by the encryption process using the encryption key assigned to the worker and outputting the encrypted content.

Further, the key assigning means or step may issue an authentication medium such as an IC card in which a key for a content processing operation for a content to be carried is stored to each worker. In such a case, each worker can perform authentication and key sharing with the content processing device by presenting the IC card.

Further, a fourth aspect of the present invention is a content processing apparatus or method for a worker to perform a predetermined content processing work, which is an authenticating means or step for authenticating the worker, and is assigned to the worker. A content processing device or method comprising: a key acquisition unit or step for acquiring the acquired key; and a work execution unit or step for performing a work using the acquired key.

According to the content processing apparatus or method of the fourth aspect of the present invention, the content processing work is permitted only to the worker who has performed the authentication and key sharing, so that the content is protected in each processing work unit. be able to.

Here, the key acquisition means or step is
A decryption key used for decrypting the encrypted content input from the preceding step of the content processing operation and an encryption key used for encrypting the content output in the subsequent step of the content processing operation may be acquired. In such cases,
The work executing means or step decrypts the encrypted content input from the preceding step of the content processing work by decryption processing using the decryption key, and then processes the content, so that the content by a legitimate worker can be processed. The processing work of can be permitted. Further, the content after the processing operation can be protected by encrypting the content after the content processing operation by the encryption process using the encryption key and outputting the encrypted content to the subsequent step.

Each worker who performs content processing may have an authentication medium such as an IC card containing authentication information and key information. In such a case, the authentication means or step can authenticate the worker via the authentication medium. Further, the key acquisition means can read the key from the authentication medium.

Further, a fifth aspect of the present invention is a photographing device for a worker to perform a photographing work, and an authentication means for authenticating the worker and a key acquisition for acquiring a key assigned to the worker. A photographing device, comprising: a photographing means for photographing the outside world; and an encrypting means for encrypting the video content obtained by photographing by an encryption process using the acquired key. .

According to the photographing apparatus of the fifth aspect of the present invention, the authentication and the key sharing are performed with the worker, only the authenticated worker is allowed to perform the photographing work, and the photographing is obtained. By encrypting the video content by the encryption process using the key possessed by the worker, it is possible to protect it from unauthorized use.

Here, the worker may carry an authentication medium such as an IC card containing the authentication information and the key information. In such a case, the authentication means can authenticate the worker via the authentication medium. Further, the key acquisition means can read the key from the authentication medium.

Further, a sixth aspect of the present invention is a computer software written so that management of content produced through content processing work on a plurality of content working devices is executed on a computer system. A storage medium physically stored in a computer-readable format, wherein the computer software includes a key management step of managing a key for each content for each content processing operation, and a key management step according to a key assigned to an operator. And a work permitting step for permitting a worker to process a content on each content processing device.

Further, the seventh aspect of the present invention is described so that the security of contents produced through a plurality of contents processing works is managed on a computer system for each contents processing work. A storage medium that physically stores the stored computer software in a computer-readable format,
The computer software engages with a registered worker by a key management step of issuing a key for each content in units of content processing work, a worker registration step of registering a worker involved in the content processing work, and a registered worker. A key allocation step of allocating a key for content processing work on content, the storage medium.

The eighth aspect of the present invention is a computer readable physical form of computer software which is written so as to execute content processing for a worker to perform a predetermined content processing operation on a computer system. Storage medium physically stored, the computer software comprising an authentication step of authenticating an operator,
A storage medium comprising: a key acquisition step of acquiring a key assigned to a worker; and a work execution step of performing a work using the acquired key.

The storage medium according to each of the sixth to eighth aspects of the present invention provides computer software in a computer-readable format to a general-purpose computer system capable of executing various program codes, for example. It is a medium. Such a medium is, for example, a CD (Compact
Disc), FD (Floppy Disc), MO (Magneto-Optical)
Disc) is a removable and portable storage medium. The storage medium mentioned here is not only packaged media,
It may be realized by a semiconductor memory, a magnetic disk, or the like in which the program is temporarily or permanently stored. Alternatively, it is technically possible to provide computer software to a specific computer system via a transmission medium such as a network (whether the network is wireless or wired).

Such a program storage medium defines a structurally or functionally cooperative relationship between the computer software and the storage medium for realizing a predetermined function of the computer software on the computer system. It is a thing. In other words, by installing the predetermined computer software in the computer system via the storage medium according to each of the sixth to eighth aspects of the present invention, a cooperative action is exerted on the computer system. According to each of the first and second aspects of the present invention,
It is possible to obtain the same effects as those of the content security management center and the content security management method according to the third aspect of the present invention, and the content processing device and the content processing method according to the fourth aspect of the present invention.

Further objects, features and advantages of the present invention are as follows.
It will be clarified by a more detailed description based on embodiments of the present invention described below and the accompanying drawings.

[0036]

BEST MODE FOR CARRYING OUT THE INVENTION The present invention is based on HD (High Definitio).
It is related to the copyright protection of contents when producing movies of type n), and it realizes copyright protection and copy control by using data encryption and addition of digital watermark.

Here, the flow of HD movie production and provision will be described. The production and provision of HD movies can be divided into the work stages of shooting to master (complete package) production and master editing to distribution and broadcasting.

The following three methods can be used for the shooting to master (complete package) production work. (1) A material is photographed and edited with a film to create a master, and a cinema signal is converted into an HD television signal by a telecine to create an HD master. (2) A material is photographed on a film, converted into HD material by telecine, and then edited to create a master. (3) Take HD material with an HD camera / recorder and edit it to create a master.

In the work stage from master editing to distribution / broadcasting, the master is copied and, if necessary, subtitles and dubbing are processed to make a distribution copy, which is distributed to movie companies. To do. In addition, make a copy for broadcasting from the master and copy from HD format to NTSC (Nation
down conversion to al Television System Committee) format. This NTSC copy is brought to a broadcasting station and broadcast.

When processing subtitles or dubbing, "Inf
HD compositing and editing are performed using "erno", etc. Here, "Inferno" means "ONYX2" by SGI.
Platform logi
It is a high-end special effect system of the c product, and is used in, for example, the Imagica editing system.

In the movie production system according to this embodiment,
By adding a digital watermark when the content comes out of the encryption area, the encryption and the digital watermark (Waterma
rk) protects the copyright (digital data is encrypted, and a digital watermark is added when non-encrypted output is performed), and the history of contents is managed by metadata. In addition, a management center is installed outside the movie system in order to manage security at each work stage related to movie production. In the management center, ID for digital watermark
Create, manage, and authenticate.

Here, the metadata is information associated with contents such as movie titles, and for example, additional information such as contents name, creator, genre, performer, etc. is described.

Further, in the movie production system according to the present embodiment, in order to secure the copyright protection of the contents, at each work stage in movie production, an authentication process for guaranteeing that the worker is legitimate is performed. To do. There are various types of authentication processing, such as an IC card storing authentication information, a password, and biometrics (biometric information such as fingerprint, iris, and voiceprint).

In the following, a system for performing an authentication process using an IC card will be described in detail with reference to the drawings.

FIG. 1 schematically shows the structure of a security system for movie production which realizes the present invention. As shown in the figure, movie production is composed of a work production editing system 100, a distribution / broadcast editing system 200, a broadcasting station 300, and a management center 400.

In the work production editing system 100, a work production worker broadcasts (delivery) a movie work by using a plurality of materials supplied in the form of film through an HD camera / recorder, a telecine conversion device, or the like. Available movie titles ("Complete package" or "Complete package")
Also called) Produce.

The material used for one movie title is assigned a key pj1 dedicated to the work production work of the movie title. Individual material providers who handle HD camera recorders and telecine devices encrypt the materials used for the same movie title by the encryption process using the key pj1 dedicated to the work production work for the movie title. In this state, the material is delivered to the work production editing system 100. Further, the work production editing operator who works on the production of the movie title on the work production editing system 100 is given the key pj1 dedicated to the work production work for the movie title. Each material used can be decrypted by a decryption process using the key pj1 to produce a title.

A key pj2 dedicated to editing work for distribution / broadcasting is assigned to a movie title, that is, a complete package completed on the editing system 100 for producing works. This key pj2 is given to the producer of the movie title in addition to the key pj1 for the direct work of the work, and after encrypting the complete package by the encryption process using the key pj2, it is used for distribution / broadcasting in the subsequent stage. It is passed to the editing system 200.

The distribution / broadcast editing system 200
Is generally provided in the form of movie distribution or broadcasting after the distribution editing operator further edits the completed movie title, that is, the complete package. If the complete package is for distribution, it is distributed to the movie company as it is, but if it is for broadcasting, it is further passed to the broadcasting station 300 for broadcasting.

As described above, each complete package input to the distribution / broadcast editing system 200 is in a state of being encrypted by the encryption process using the key pj2 dedicated to the distribution / broadcast editing work. The distribution / editing operator who works on the distribution / broadcasting editing system 200 is given a key pj2 dedicated to the distribution / editing work for the complete package, and the complete package is decrypted using the key pj2. After decryption, the distribution editing work is performed.

The distribution / broadcasting editing system 200 appropriately adds a digital watermark for copyright protection, copy control, source confirmation, etc. to the content for distribution or broadcasting after the distribution / editing work, It is distributed to movie companies and provided to the broadcasting station 300.

The management center 400 manages the copyright and copy control of the contents in each system described above. More specifically, the key for each processing operation on the content to be processed is given to each content processing operator who is active in the movie production flow shown in FIG. That is, the above-mentioned work production worker is given the key pj1 dedicated to the work production work for decrypting each material used for a predetermined movie title. Further, for a worker such as a "producer" who supplies a movie title completed for broadcasting / distributing, that is, a complete package to the distribution / broadcasting editing system 200, a key pj1 dedicated to a work production work for a predetermined movie title is provided. , A key pj2 dedicated to distribution editing work for encrypting the complete package is given. Further, the distribution / editing operator is given a key pj2 dedicated to the distribution / editing work for decrypting the complete package for a predetermined movie title.

In this embodiment, the management center 400 issues to each registered worker an authentication medium such as an IC card that stores a key for the processing work in charge of the content to be processed. , Will be distributed. Then, in each content processing system such as the work production editing system 100 and the distribution / broadcast editing system 200, the key information is read from the IC card possessed by the worker, and the contents are decrypted / encrypted, whereby each worker Can be permitted to execute the processing work having the authority for the content having the authority.

FIG. 2 shows a work production editing system 100.
The configuration of is schematically shown. As shown in the figure, the work production editing system 100 includes an editing device 101 for editing a master of a movie title completed from each material.

In the work production editing system 100 according to the present embodiment, there are the following three methods for creating a secure HD movie production master.

(A) A material is photographed and edited on a film to create a master, and the telecine 102 converts a cinema signal into an HD television signal to create an HD master. (B) A material is photographed on a film, converted into HD material by the telecine 103, and then edited by the editing device 101 to create a master. (C) An HD material is photographed by the HD camera / recorder 104, and each HD material is edited by the editing device 101 to create a master.

The telecines 102 and 103 used in the above master creation methods (a) and (b) are equipped with an encryption (Encrypt) function so that the material or master after HD conversion is encrypted. ing. Further, the HD camera / recorder 104 used in the master creation method (c) is also equipped with an encryption function so that the captured material is encrypted and output.

A digital watermark (material Watermark) is added at the time of telecine conversion before master editing in the telecine 103 or at the time of photographing by the HD camera / recorder 104.

In the editing device 101, after the telecine conversion after editing is performed by the telecine 102, the content is played back (read out) from the film by the playback device 105, and the HD
Save as master. Further, in the case of an HD material which has been telecine converted by the telecine 103 before being edited or an HD material which has been shot by the HD camera / recorder 104, it is played (read) by the playback devices 106 and 107 respectively and saved as an HD material. After that, the encrypted editing device 108 edits. The configuration of the encryption / editing device 108 will be described in detail later. The edited master is stored in a large-capacity external storage device such as a hard disk device (HDD) 109.

In the encrypted editing device 108 of the editing device 101, the master is edited based on the HD material supplied by the master creating method (b) or (c), and this is used as a key dedicated to the distribution editing work. It is output after being encrypted by the encryption process using pj2. Details of the encrypted editing device 108 will be given later.

The edited master is processed for distribution and broadcasting.
Editing is performed, but when material → editing → distribution / broadcasting processing and editing are all performed in an encrypted state, and when the encrypted master is once decrypted (Decrypt) and cleared (non-encrypted) There is a case where the master is saved in, and when it is processed / edited for distribution, it is encrypted again and processed / edited for distribution.

In the latter case, the decrypting unit 110 decrypts the encrypted HD master. The decryption processing in the decryption unit 110 is performed corresponding to the encryption processing in the encryption / editing apparatus 108, and decryption is performed using the key pj2 dedicated to the distribution / editing work. Further, the management module 111 is installed in the management center 40
Performs authentication and key sharing with 0, and uses an ID for digital watermarking.
To get. The digital watermark adding device 112 adds a digital watermark to the decrypted HD master using the ID for the digital watermark and saves it in the hard disk device 113. When processing and editing this digital watermarked HD master for distribution, it is taken out from the hard disk device 113 and passed to the distribution / broadcast editing system 200.
When the HD master is decrypted, a digital watermark is added together with the decryption.

Further, in the process of editing work for producing a movie title or the like, it is necessary to appropriately output the edited image on the monitor screen for confirmation. When monitoring an image, the decrypting unit 114 first decrypts the encrypted HD master. The decryption processing in the decryption unit 114 is performed corresponding to the encryption processing in the encryption / editing device 108, and decryption is performed using the key pj2 dedicated to the distribution / editing work. The HD master in the clear (non-encrypted) state can be monitored by using the general-purpose monitor device 115 or the monitor device 116 with the authentication / encryption function.

When the HD master is monitored by the general-purpose monitor device 115, an electronic watermark consisting of the ID for the electronic watermark acquired by the management module 111 and the ID of the operator to be monitored is used as a source display and copyright protection information. It is added by the adding device 117 and then output to the monitor. However, when the output signal is closed for the monitor device 115, it is not necessary to add a digital watermark.

Further, the monitor device 11 with the authentication / encryption function is provided.
In the case of monitoring by 6, the HD master is encrypted by the encrypting unit 118 and output to the monitor through the authentication process between the encrypting unit 118 and the inside of the monitor device 116. In the monitor device 116, the decoding unit 116A decodes this and outputs it to the monitor.

FIG. 3 shows the telecine 102 shown in FIG.
(Or 103) schematically illustrates the configuration of the encryption function module installed in the (or 103).

The telecine 102 is an IC of the telecine operator.
The management module 102A is provided for authenticating the card and reading the key pj1 dedicated to the work production work. The management module 102A performs authentication and key sharing with the IC card of the telecine operator, reads the work production work dedicated key pj1 from the IC card, encrypts the material, and performs copyright protection and copy control. It can be performed.

First, the encryption unit 102B encrypts the material read from a film or the like with the random number T generated by the random number generator 102C as an encryption key. further,
The encryption unit 102D uses the key pj1 assigned to the worker.
Is used as an encryption key to encrypt the random number T. In the addition unit 102E, the material encrypted with the random number T as an encryption key and the key pj
The random number T encrypted with 1 as the encryption key and the metadata are linked and output to the outside.

FIG. 4 shows the data format of the material output by the telecine 102. As shown in the figure, the material converted into the television signal by the telecine 102 is
It is encrypted using the random number T generated in the telecine 102 as an encryption key. Further, the encryption key T is encrypted and added with the work-specific key pj1 read from the worker's IC card as an encryption key. Further, metadata regarding the material is added to the output data of the telecine 102. The metadata referred to here can include a distribution destination, a copy date and time of the material, a usage condition, and the like.

FIG. 5 schematically shows the configuration of the encryption function module provided in the HD camera recorder 104 shown in FIG.

The HD camera recorder 104 authenticates the IC card of the material photographer to generate a key pj dedicated to the work production work.
The management module 104A for reading 1 is provided. The management module 104A performs authentication and key sharing with the IC card of the photographer of the material, reads the work production work dedicated key pj1 from the IC card, encrypts the material, and performs copyright protection and copy.・ Control is possible.

First, the encryption unit 104B uses the random number generator 104C for the material photographed by the HD camera recorder 104.
The random number c1 generated by is encrypted as an encryption key. Further, the encryption unit 104D encrypts the random number c1 using the key pj1 assigned to the worker as an encryption key. In the addition unit 104E, the material encrypted with the random number c1 as the encryption key and the random number c encrypted with the key pj1 as the encryption key.
1 and the metadata are linked and output to the outside.

FIG. 6 shows the data format of the material output by the HD camera recorder 104. As shown in the figure, the material shot in HD format by the HD camera recorder 104 is encrypted using the random number c1 generated in the HD camera recorder 104 as an encryption key. Also, the encryption key c1 is encrypted and added as a work-specific key pj1 read from the worker's IC card as an encryption key. Furthermore, metadata regarding the material is added to the output data of the HD camera recorder 104. The metadata referred to here can include a distribution destination, a copy date and time of the material, a usage condition, and the like.

FIG. 7 shows a work production editing system 100.
2 schematically shows the internal configuration of the encrypted editing device 108 included in the editing device 101 of FIG. Encryption editing device 108
Then, using the material converted into the HD format by the telecine 103 and the material shot in the HD format by the HD camera / recorder 104, the master, that is, the movie work completed for distribution / broadcasting is edited.

The encryption / editing apparatus 108 is equipped with a management module 108A for authenticating the IC card of the work production worker or producer and reading the key pj1 dedicated to the work production work. The management module 108A performs authentication and key sharing with the IC card of the work production worker or the producer, and can obtain the key pj1 dedicated to the work production work and the key pj2 dedicated to distribution / broadcast editing work from the IC card. it can.

The material input from the telecine 103 has the data format as shown in FIG. 4, as already described. This material data is metadata, material,
The key T is separated. Since the metadata is in plain text format, it is transferred to the editing unit 108B as it is. The key T is encrypted by using the key pj1 dedicated to the work production work as the encryption key.
The key T is extracted by the decryption unit 108C. Then, the decryption unit 108D restores the material into plain text using the restored key T as a decryption key, and transfers the plain text to the editing unit 108B.

It should be fully understood that the material inputted from the telecine 103 or the HD camera / recorder 104 can be correctly decrypted by obtaining the correct key pj1 dedicated to the work production work from the IC card.

The material input from the HD camera / recorder 104 has the data format as shown in FIG. 6 as described above. This material data is separated into metadata, material, and key c1. Since the metadata is in plain text format, it is transferred to the editing unit 108B as it is. Since the key c1 is encrypted by using the key pj1 dedicated to the work production work as an encryption key, the key c1 is decrypted by the decryption unit 108E and the key c1 is extracted. Then, the decoding unit 10
In 8F, the restored key c1 is used as a decryption key to restore the material into plain text, and the plaintext is transferred to the editing unit 108B.

In the editing unit 108B, editing work is performed using each material reproduced in these clear (non-encrypted) states to create a completed work for distribution / broadcasting, that is, a master (complete package). .

When the complete package is output to the outside of the encryption / editing device 108 and used for distribution / broadcasting, the copyright protection and copy control of the work are intended using the key pj2 dedicated to the distribution / broadcasting work.

The editing device 101 has a random number generator 101A. In the encryption unit 108G, the random number generator 101A
The content output by the editing unit 108A is encrypted using the random number e generated by the encryption key as the encryption key. Also, the encryption unit 108
H uses this random number e as a key p for exclusive use in distribution / broadcasting editing work.
The random number e is encrypted with j2 as an encryption key. Then, the metadata / key addition device 108I connects the material encrypted with the random number e as the encryption key, the random number e encrypted with the key pj2 as the encryption key, and the metadata, and outputs the result. This output data is stored in the hard disk device 109 as a master.

FIG. 8 shows the data format of the encrypted work content output by the encrypted editing apparatus. A completed work consists of a set of materials. In the illustrated example, the work (master) is configured using the material A and the material B. The content body composed of the material A and the material B is encrypted using the random number e as an encryption key. In addition, the encryption key e read from the operator's IC card is a key pj dedicated to distribution / broadcast editing work.
2 is encrypted and added as an encryption key. Further, metadata (meta A and meta B) for each material A and material B, and metadata (meta pj2) describing the editing content in the editing unit 108A are added.

The data output by the encryption / editing device 108 does not necessarily have to include the metadata for each individual material constituting the work as shown in FIG. For example, as shown in FIG. 9, the metadata of a plurality of materials is stored in the management center 40.
A pattern in which 0 is integrated into one metadata (meta pj2) may be used.

The material encrypted and edited by the encryption / editing device 108 is passed to the distribution / broadcast editing system 200, and further processed / edited for distribution / broadcast. Material → Edit → Distribution / broadcast processing and editing are all performed in an encrypted state, and once the encryption master is decrypted (Dec
In some cases, the master is stored in a clear (non-encrypted) state, and when it is processed / edited for distribution, it is encrypted again and processed / edited for distribution.

In the latter case, the hard disk device 109
The HD master read from is decoded by the decoding unit 110. The decryption unit 110 first decrypts the random number e using the key pj2 dedicated to distribution / broadcast editing work as a decryption key, and further decrypts the work using the random number e as a decryption key to clear HD.
Get the master. Further, the management module 111 performs authentication and key sharing with the management center 400, and acquires an electronic watermark ID. The digital watermark adding device 112 adds a digital watermark to the decrypted HD master using the ID for the digital watermark and saves it in the hard disk device 113. When processing and editing this digital watermarked HD master for distribution, it is taken out from the hard disk device 113 and passed to the distribution / broadcast editing system 200. When the HD master is decrypted, a digital watermark is added together with the decryption.

FIG. 10 shows a distribution / broadcast editing system 2.
00 is schematically shown. As shown in the figure,
The distribution / broadcast editing system 200 includes an encryption unit 210 that temporarily encrypts a master passed in a clear (non-encrypted) state, and a distribution / subscription, dubbing, etc. for the master.
An editing machine 220 for processing for broadcasting, and an external output unit 23 for outputting the processed master in the form of movie distribution or broadcasting
0, and a management module 240 that performs authentication and key sharing between the worker's IC card.

The distribution / broadcast editing system 200 generally receives a master from the work production editing system 100 in a form recorded on a medium such as a film. If the received master has already been encrypted, it is once reproduced (read) from the medium by the reproduction device 201 and then stored in the hard disk device 203 as the master. If the received master is in a clear (non-encrypted) state, the reproducing device 201 once reproduces (reads) the medium, the encryption unit 210 encrypts the master, and the hard disk device 203 stores the master. save.

When the master is not processed, the encrypted master read from the hard disk device 203 is directly processed by the external output device 230. Further, when performing processing for distribution / broadcasting such as subtitles or dubbing on the master, the encrypted master read from the hard disk device 203 is input to the editing machine 220. The master output by the external output unit 230 is stored in the hard disk device 204 as a distribution master. The encryption unit 210, the editing machine 220, and the external output unit 230 will be described in detail later.

In the process of master editing work in the editing machine 220, it is necessary to output the edited image to the monitor screen for confirmation. When monitoring an image, the decryption unit 205 first decrypts the encrypted distribution master.
The decryption processing in the decryption unit 205 is performed corresponding to the encryption processing in the editing machine 205, and the key pj dedicated to the distribution editing work is used.
It is decoded using 2. The distribution master in the clear (non-encrypted) state can be monitored using the general-purpose monitor device 206 or the monitor device 207 with the authentication / encryption function.

When the distribution master is monitored by the general-purpose monitor device 206, the digital watermark including the digital watermark ID acquired by the management module 240 and the operator ID to be monitored is electronically displayed as a source display or copyright protection information. The watermark is added by the watermark adding device 208 and then output to the monitor. However,
If the output signal is closed for monitor device 206,
It is not necessary to add a digital watermark.

The monitor device 20 with the authentication / encryption function is also provided.
In the case of monitoring by 7, the encryption unit 209 and the inside of the monitor device 207 undergo authentication processing, and the distribution master is encrypted by the encryption unit 209 and output to the monitor. In the monitor device 207, the decoding unit 207A decodes this and outputs it to the monitor.

After editing the master by the editing machine 220, authentication and key sharing are performed between the management center 400 and the management module 240, and the ID for the digital watermark is acquired by the digital watermark adding device 251 and used as the master for distribution / broadcasting. A digital watermark is added. HD format master NTS for broadcasting
When it is necessary to convert to the C system, the down converter 252 downconverts the data, adds a digital watermark, and outputs the digital watermark to the broadcasting station 300.

The broadcasting station 300 temporarily stores the distribution / broadcasting master received from the distribution / broadcasting editing system 200 in the archive 301. In archive 301,
Each master is managed in a searchable state using metadata. Then, when the predetermined broadcast time is reached, the reproducing apparatus 302 reads out the distribution / broadcasting master from the archive 301, adds an electronic watermark such as a broadcast history by the electronic watermark adding apparatus 303 as appropriate, and transmits it from the transmitter 304. To broadcast.

The management center 400 can monitor broadcast contents by receiving a broadcast wave by the receiver 401 and decoding the digital watermark included in the broadcast content by the digital watermark decoder 402.

FIG. 11 shows a distribution / broadcast editing system 2.
00 schematically shows the internal configuration of the encryption unit 210 in 00. As described above, the editing system 100 for producing works
If the master received from the device is in a clear (non-encrypted) state, the reproducing device 201 temporarily reproduces (reads) the medium, the encryption unit 210 encrypts the master, and then the master is stored in the hard disk device 203. To do.

The encryption unit 210 includes a management module 210A that authenticates the IC card of the distribution / broadcast editing operator or producer of the HD master and reads the key pj2 dedicated to the distribution / broadcast editing work. Management module 21
0A is the distribution / broadcasting editor or producer I
Authentication and key sharing are performed with the C card, and the key pj2 and the usage conditions and metadata are acquired from the IC card.
Then, while sending the key pj2 to the encryption unit 210D,
The usage conditions and the metadata are stored in the metadata / key addition device 210.
Send to E.

The encryption section 210B encrypts the HD master in a clear (non-encrypted) state with the random number e generated by the random number generator 210C as an encryption key. further,
The encryption unit 210D uses the key pj2 assigned to the worker.
The random number e is encrypted by using as an encryption key. In the metadata / key addition device 210E, the material encrypted with the random number e as the encryption key and the random number e encrypted with the key pj2 as the encryption key.
And the usage conditions and metadata are linked and output externally.

FIG. 12 shows the data format of the material output by the encryption unit 210. As shown in the figure, the HD master sent from the work production editing system 100 in a clear (non-encrypted) state is encrypted using the random number e generated in the distribution / broadcast editing system 200 as an encryption key. Be converted. Also, the encryption key e is encrypted and added as a work-specific key pj2 read from the worker's IC card as an encryption key. Further, metadata related to the HD master is added to be output data of the telecine 102.

FIG. 13 shows a distribution / broadcast editing system 2.
00 schematically shows the internal configuration of the editing machine 220 inside the computer 00. As described above, when performing processing for distribution / broadcasting such as subtitles or dubbing on the master, the encrypted master read from the hard disk device 203 is input to the editing machine 220.

The editing machine 220 is equipped with a management module 220A for authenticating the IC card of the distribution / broadcasting editing operator of the HD master or the producer and reading the key pj2 dedicated to the distribution / broadcasting editing work. Management module 220
A is an IC for distribution / broadcasting editors or producers
Authentication and key sharing are performed with the card, and the key pj2, usage conditions, and metadata are acquired from the IC card. Then, the key pj2 is sent to the decryption unit 220C, and the usage conditions and metadata are sent to the digital watermark adding device 220E.

The encrypted master read from the hard disk device 203 has the data format as shown in FIG. 12, as already described. This material data is separated into metadata, an encryption master, and a random number e used as an encryption key. Since the random number e is encrypted using the key pj2 dedicated to distribution / broadcasting work as an encryption key,
The key e is extracted by being decrypted by the decrypting unit 220C. Then, in the decryption unit 220B, the decrypted key e is used as a decryption key to restore the encrypted master into plain text, and the processing unit 2
Transfer to 20D.

It should be fully understood that the distribution master extracted from the hard disk device 203 can be correctly decrypted by obtaining the correct distribution / broadcast editing work key pj2 from the IC card. .

In the processing unit 220D, distribution / broadcasting processing such as subtitles and dubbing is performed on the master to generate a distribution master.

The processed distribution master in a clear (non-encrypted) state is input to the encryption section 220E and encrypted using the random number e generated by the random number generator 220F as an encryption key. Further, the encryption unit 220G encrypts the random number e using the key pj2 assigned to the worker as an encryption key. The encrypted distribution master is the hard disk 2
It is stored in 04.

In the metadata / key addition device 220H, the distribution master encrypted with the random number e as the encryption key and the key p.
The random number e encrypted with j2 as an encryption key and the usage condition and metadata are linked and output to the outside.

The data format of the encrypted distribution master output by the editing machine 220 is the same as that described with reference to FIGS. 8 and 9. That is, the distribution master is composed of a set of a plurality of materials. In the illustrated example, the work (master) is configured using the material A and the material B. The content body composed of the material A and the material B is encrypted using the random number e as an encryption key.
Further, the encryption key e is encrypted and added as a key pj2 exclusively for distribution / broadcasting editing work read out from the operator's IC card as an encryption key. Further, metadata (meta A and meta B) for each material A and material B, and metadata (meta pj2) describing the editing content in the processing unit 220D are added. Also,
As shown in FIG. 9, the metadata of a plurality of materials may be a pattern integrated by the management center 400 into one metadata (meta pj2).

When the contents processed by the processing unit 220D are to be monitored as they are, the ID for the digital watermark acquired by the management module 111 and the ID of the operator to be monitored.
The digital watermark consisting of is added by the digital watermark adding device 220I as a source display or copyright protection information, and then output from the monitor. However, when the output signal is closed for the monitor device 220J, it is not necessary to add a digital watermark.

FIG. 14 shows a distribution / broadcast editing system 2.
00 schematically shows the internal configuration of the external output unit 230. As described above, the external output unit 230 reads the distribution master from the hard disk device 204,
Output in the form of movie distribution or broadcasting. It is preferable that a portion surrounded by a broken line in the external output unit 230 shown in the figure is configured by hardware having tamper resistance (Hardware Tamper Resistant).

The external output unit 230 includes a management module 230A that authenticates the IC card of the distribution / broadcasting editing operator or the producer and reads the key pj2 dedicated to the distribution / broadcasting editing work. The management module 230A performs authentication and key sharing with the IC card of the distribution / broadcasting editing operator or the producer, and the IC card sends the key pj.
2. Acquire usage conditions and metadata. And
The key pj2 is sent to the decryption unit 220C, and the usage conditions and metadata are sent to the digital watermark adding device 220D.

The distribution master read from the hard disk device 204 has the data format as shown in FIGS. 8 and 9 as described above. This distribution master has metadata, an encrypted distribution master,
It is separated into the random number e used as the encryption key. Since the random number e is encrypted using the key pj2 dedicated to distribution / broadcasting work as an encryption key, it is decrypted by the decryption unit 230C,
The key e is taken out. Then, in the decoding unit 230B,
Using the restored key e as a decryption key, the encrypted master is restored to plaintext and transferred to the digital watermark adding device 230D.

It should be fully understood that the distribution master taken out from the hard disk device 204 can be correctly decrypted by obtaining the correct distribution / broadcasting editing dedicated key pj2 from the IC card. .

The digital watermark adding device 230D adds, as a digital watermark, information that can be directly read, such as whether copying is possible or not for the distribution master.

Further, the management module 230A may send detailed information for tracking (whether it has been broadcast or not) as metadata to the management center 400. The management center 400 also issues a dedicated ID to manage the distribution of content. The digital watermark improper device 230D also adds the ID issued by the management center 400 to the distribution master as a digital watermark to create a distribution copy in a clear (non-encrypted) state and distributes it to the movie company. Broadcasting station 30
Supply to 0.

When the ID issued by the management center 400 also serves as an ID for content management inside the broadcasting station 300, the management center 400 also manages the ID.

The modified broadcasting contents and NTSC copy created by the distribution / broadcast editing system 200 are brought into the broadcasting station 300 and stored in the archive 301. In the archive 301, each distribution copy can be managed by metadata so that it can be searched. Then, when taking out from the archive 301 and reproducing (broadcasting), a digital watermark is added and transmitted.

The management center 400 manages in advance the IDs of digital watermarks to be inserted when making NTSC copies and broadcast copies. Therefore, it can be confirmed by receiving the broadcast via the receiver 401, detecting the digital watermark of the broadcast content, and inquiring the management center 400.

In the management center 400, the archive 301
All the histories are managed and linked with the electronic watermark detection device 402 as a reception monitor, so that the broadcast content can be constantly monitored. The management center 400 needs to be configured so that the management status does not leak.

As described above, the management center 400 is
Material editing of distributed contents such as movie works, work editing,
An IC card for work authentication is issued to each worker involved in distribution / broadcast editing. In this embodiment, the management center 400 assigns a key to each content in processing work units, and stores a key corresponding to the processing work of the content carried by the registered worker in the IC card.

For example, a worker who handles the HD camera / recorder 104 or the telecines 102 and 103, or a work production worker who works on the work production editing system 100,
A key pj1 dedicated to work production is given. Further, the distribution / editing operator who works on the distribution / broadcasting editing system 200 is given a key pj2 dedicated to the distribution / broadcasting editing work.
Moreover, since the encryption editing apparatus 108 is operated by the producer who works across production and distribution / broadcast editing, both the key pj1 dedicated to work production and the key pj2 dedicated to distribution / broadcast editing work are used. give.

FIG. 15 schematically shows the data structure of the IC card issued to each worker. As shown in the figure, the IC card links the key information storing the key assigned to the worker, the metadata such as access group information that the worker can work, and the key information and the metadata. It is composed of the calculated hash value and these are encrypted with the public key of the management center 400.

The management modules 111 and 102 described above.
A, 104A, 108A, 240, 210A, 220
A and 230A read the data from the worker's IC card and decrypt the data using the public key of the management center 400 to obtain the key information, the metadata, and the hash value. Then, the hash value of the key information and the metadata is calculated and compared with the decrypted hash value, whereby the authentication can be performed.

FIG. 16 shows a processing flow of the entire security system for movie production shown in FIG.

When the HD material is photographed by the HD camera / recorder 104 (or the material is converted to the HD format by telecine) (step S1), each material is edited in the work production editing system 100. It is edited (step S2).

Furthermore, the distribution / broadcast editing system 100
Then, a package completed as a work, that is, a complete package is edited and processed to create a master for distribution and broadcasting (step S3). The distribution / broadcasting master is encrypted and stored in the hard disk device 204.

If the distribution / broadcasting master is for movie distribution (step S4), the distribution / broadcasting master is copied and given to a predetermined movie company (step S5).

If the distribution / broadcasting master is for broadcasting, the distribution / broadcasting master is copied and handed to a predetermined broadcasting station 300 (step S6). Then, the broadcasting station 300, after temporarily storing it in the archive 301, broadcasts at the arrival of a predetermined broadcasting time (step S7).

Further, FIG. 17 shows a processing flow performed for each worker who operates on the security system for movie production shown in FIG.

The worker registers in the management center 400 (step S11).

On the other hand, the management center 400 assigns a key to each content in processing work units,
An IC card that stores a key corresponding to a content processing operation carried by the worker is issued (step S12).

[0130] The worker uses the work production editing system 100 or the distribution / distribution system to carry out the content processing work in charge.
Log in to a device in the broadcast editing system 200. At this time, the management module in the corresponding device authenticates and shares the key with the IC card, and as a result, can decrypt or encrypt the content (step S).
13).

In FIG. 18, in the editing system 100 for producing works shown in FIG. 2, the material is photographed / edited on a film to create a master, and the cinema signal is converted into an HD TV signal by the telecine 102. The processing flow in the case of creating an HD master is shown.

In such a case, first, a normal film is photographed (step S21), and then the film is edited (step S22). Then, a work completed for distribution / broadcasting on a film, that is, a complete package is produced (step S23), and this is telecine converted by the telecine 102 (step S24) to generate an HD format complete package (step S25). ), And this processing ends.

Further, in FIG. 19, in the work production editing system 100 shown in FIG. 2, the material is photographed on film, converted into HD material by the telecine 103, and then edited by the editing device 101 to create a master. And when
The processing flow in the case where an HD material is photographed by the HD camera / recorder 104 and each HD material is edited by the editing device 101 to create a master is shown.

When the image is taken with a normal film (step S31), the film material is telecine converted by the telecine 103 (step S32) and stored as an HD material in the hard disk device (step S33). Also, HD
When the material is photographed by the camera / recorder 104 (step S42), it is stored as it is as the HD material (step S33).

The encrypted editing device 108 takes out the HD material stored in the hard disk device, performs the editing work, creates a master, that is, a complete package, and stores it in the hard disk device 109 as a master ( Step S3
4).

Next, in step S35, the distribution / broadcast editing system 200 of the next step checks whether or not the distribution / broadcast editing is performed in an encrypted state.

When performing distribution / broadcast editing while the distribution / broadcast editing system 200 is in the encrypted state, the hard disk device 10 stores the encrypted master stored in the master.
It is taken out from the device 9 and delivered to the distribution / broadcast editing system 200 as it is (step S41).

On the other hand, in the distribution / broadcast editing system 200, when performing distribution / broadcast editing in a clear (non-encrypted) state, the encrypted master taken out from the hard disk device 109 is decrypted (step). S36). Then, the management module 111 performs authentication and key sharing with the IC card of the worker (eg, producer) (step S37). The digital watermark adding device 112 adds a digital watermark to the decrypted master (step S3).
8) Hard disk 1 with this as a clear master
It is stored in 13 (step S39). When passing a clear master to the distribution / broadcast editing system 200, the key pj2 shared between the management module 111 and the IC card is used.
Is used to temporarily encrypt the master (step S40).

FIG. 20 shows a work production editing system 10.
0 shows a processing flow for monitoring contents during editing work.

When the operator monitors during editing (step S51), it is determined whether or not the dedicated monitor 116 is used (step S52).

When monitoring the content on the dedicated monitor 116, the clear master decrypted by the decryption unit 114 is encrypted by the encryption unit 118 and then transferred to the dedicated monitor 116. In the dedicated monitor 116, the master is decrypted by the decryption unit 116A having a key shared with the encryption unit 118, and then the master is provided for monitoring (step S53).

On the other hand, in the case of monitoring by the general-purpose monitor 115, after the encryption master is decrypted by the decryption unit 114 (step S54), the digital watermark adding device 117 adds a digital watermark including a worker ID and the like. Then, (step S55), the clear master is sent to the general-purpose monitor 115 for monitoring (step S53).

FIG. 21 shows a processing flow for encrypting and outputting the HD material photographed by the HD camera / recorder 104 shown in FIG. Also in the telecine 103, the HD-converted material is encrypted and output by the same procedure.

First, in the HD camera / recorder 104,
The material is photographed in HD format (step S61).

The random number generator 104D in the HD camera / recorder 104 generates a random number c1 (step S62), and the encryption section 104B encrypts the HD material using this random number c1 as an encryption key (step S63).

The management module 104A performs authentication and key sharing with the IC card of the photographer (step S
64), the key pj1 dedicated to the work for work production read from the IC card is sent to the encryption unit 104C (step S6).
5).

The encryption section 104D encrypts the random number c1 using the key pj1 assigned to the worker as an encryption key (step S66).

In the adding section 104E, the material encrypted with the random number c1 as the encryption key, the random number c1 encrypted with the key pj1 as the encryption key, and the metadata are linked and output to the outside (step S67).

FIG. 22 shows a processing flow in the encryption / editing apparatus 108 shown in FIG.

H taken by the HD camera / recorder 104
The D material (step S71) is reproduced by the reproducing device 107 (step S72), and is taken into the encrypted editing device 108. Similarly, H that has been telecine converted by the telecine 103
The D material is reproduced by the reproducing device 106 and taken into the encrypted edit processing device 108.

The management module 108A in the encrypted edit processing device 108 performs authentication and key sharing with the IC card of the work production editing operator (step S73), and the IC
The key pj1 dedicated to the work for work production is read from the card (step S74) and sent to the decryption units 108C and 108E.

The decrypting unit 108C decrypts the data output from the HD camera / recorder 104 using the key pj1 as a decryption key (step S75) and obtains the random number c1 (step S76). Furthermore, the decoding unit 108D
The HD material is decrypted using the random number c1 as a decryption key (step S77).

Similarly, the decryption unit 108E decrypts the data output from the telecine 103 by using the key pj1 as a decryption key to obtain the random number T. Furthermore, the decoding unit 10
8F decrypts the HD material using the random number c1 as a decryption key.

The editing unit 108B performs editing work using each material reproduced in these clear (non-encrypted) states, and creates a completed work for distribution / broadcasting, that is, a master (complete package). (Step S78).

In the work production editing system 100, the random number generator 101A generates a random number e (step S7).
9). The encryption unit 108G encrypts the master output by the editing unit 108A using the random number e generated by the random number generator 101A as an encryption key (step S80).

The management module 108A in the encryption / editing processing device 108 performs authentication and key sharing with an IC card such as a producer (step S81), and uses the IC card to supply a key pj2 dedicated to distribution / broadcasting editing work. The data is read and sent to the encryption unit 108H (step S82).

The encryption unit 108H encrypts the random number e using the distribution / broadcasting editing dedicated key pj2 as an encryption key (step S83). Then, the metadata / key addition device 108I uses the material encrypted with the random number e as an encryption key and the random number e encrypted with the key pj2 as an encryption key.
And the metadata are linked and output to the outside (step S8).
4). This output data is the hard disk device 109.
Stored as a master (step S85).

FIG. 23 shows a processing flow of the entire distribution / broadcast editing system 200 shown in FIG.

First, the HD master transferred from the work production editing system 100 is reproduced by the reproducing devices 201 and 202 (step S91).

If the HD master is not encrypted (step S92), a digital watermark for the master is added if necessary (step S93), and then encrypted by the encryption unit 210 (step S94). The encryption processing flow in the encryption unit 210 will be described later in detail.

The encrypted HD master is stored in the hard disk drive 203 (step S95).

The HD master may be processed for distribution / broadcasting (step S96). The processing referred to here includes processing such as subtitles and dubbing.
This processing is performed by the editing machine 220 (step S9).
7). The processing flow for processing the master in the editing machine 220 will be described in detail later.

After processing, the master for distribution / broadcasting is a hardware
It is stored in the disk device 204 (step S98).

When the film is distributed to a movie company or provided to a broadcasting station, the distribution / broadcasting master is taken out from the hard disk device 204, and the external output device 230 performs an external output process (step S99). The external output processing flow in the external output device 230 will be described in detail later.

In the management module 240, the management center 4
By performing authentication and key sharing with 00 (step S100), an ID for digital watermark is acquired from the management center 400.

At the time of broadcasting, the master for distribution / broadcast is NT
If it is necessary to convert to SC (step S101),
The down converter 252 converts the NTSC format into a down converter (step S102). Then, a digital watermark is added to the master by the digital watermark adding device 251 (step S103), and the master station is sent to the broadcasting station 300. On the other hand, the broadcasting station 300 stores the master in the archive 301 (step S104).

In the distribution / broadcasting editing system 200, in the course of the master editing work in the editing machine 220, it is necessary to output the edited image to the monitor screen for confirmation (as described above). FIG. 24 shows a processing flow for monitoring an image during editing in the broadcast editing system 200. In the distribution / broadcasting editing system 200, a processing flow for monitoring an image during editing is shown.

When the image is monitored (step S1)
11) It is possible to monitor using the general-purpose monitor device 206 or the monitor device 207 with the authentication / encryption function (step S112).

When the general-purpose monitor device 206 monitors the distribution master, first, the encrypted distribution master is decrypted by the decryption unit 205 (step S113). The decryption process in the decryption unit 205 is performed corresponding to the encryption process in the editing machine 205, and decryption is performed using the key pj2 dedicated to the distribution editing work. Next, the ID for the digital watermark acquired by the management module 111 and the ID of the operator to monitor
The digital watermark consisting of is added by the digital watermark adding device 208 as a source display or copyright protection information (step S114), and then output to the monitor (step S115). However, if the output signal is closed for the monitor device 206, it is not necessary to add a digital watermark.

The monitor device 20 with the authentication / encryption function is also provided.
In the case of monitoring by 7, the encryption unit 209 and the inside of the monitor device 207 undergo authentication processing, and the distribution master is encrypted by the encryption unit 209 and output to the monitor. In the monitor device 207, the decoding unit 207A decodes this and outputs it to the monitor (step S115).

FIG. 25 shows a processing flow in the encryption unit 210 in the distribution / broadcast editing system 200 shown in FIG.

The management module 210A performs authentication and key sharing with the IC card of the editor for distribution / broadcasting (step S121).

The management module 210A sends the distribution / broadcast editing work dedicated key pj2 read from the IC card to the encryption unit 210D, and sends the usage conditions and metadata to the metadata / key addition device 201E ( Step S122).

The encryption section 210B encrypts the HD master in a clear (non-encrypted) state with the random number e generated by the random number generator 210C as an encryption key. further,
The encryption unit 210D uses the key pj2 assigned to the worker.
The random number e is encrypted with the encryption key as the encryption key (step S12).
3).

In the metadata / key addition device 210E, the material encrypted with the random number e as the encryption key, the random number e encrypted with the key pj2 as the encryption key, the use condition and the metadata are connected and externally output. (Step S124).

FIG. 26 shows a processing flow in the editing machine 220 in the distribution / broadcast editing system 200 shown in FIG.

The management module 210A authenticates and collates the hash value with the IC card of the editor for distribution / broadcasting (step S131). Further, the management module 210A acquires the key pj2 dedicated to the distribution / broadcast editing work from the IC card (step S132). Then, the key pj2 is sent to the decryption unit 220C, and the usage conditions and metadata are sent to the digital watermark adding device 220E.

The encryption master read from the hard disk drive 203 has the data format as shown in FIG. 12, as already described. This material data is separated into metadata, an encryption master, and a random number e used as an encryption key. Since the random number e is encrypted using the key pj2 dedicated to distribution / broadcasting work as an encryption key,
The key e is extracted by the decryption unit 220C (step S133). Then, the decryption unit 220B restores the encrypted master to plaintext using the restored key e as a decryption key (step S134), and transfers the plaintext to the processing unit 220D.

The processing section 220D processes the master for distribution / broadcasting such as subtitles and dubbing, and generates a master for distribution (step S135).

The processed distribution master in a clear (non-encrypted) state is input to the encryption section 220E and encrypted using the random number e generated by the random number generator 220F as an encryption key. Further, the encryption unit 220G encrypts the random number e using the key pj2 assigned to the worker as an encryption key (step S136). The encrypted distribution master is stored in the hard disk 204 (step S).
137).

In the metadata / key addition device 220H, the distribution master encrypted with the random number e as the encryption key and the key p.
The random number e encrypted with j2 as an encryption key and the usage condition and metadata are linked and output to the outside.

When the content processed by the processing unit 220D is to be monitored as it is (step S138), the digital watermark including the ID for the digital watermark acquired by the management module 240 and the ID of the operator to be monitored is displayed or displayed. It is added as copyright protection information by the electronic watermark adding device 220I (step S139), and then output as a monitor.
However, when the output signal is closed for the monitor device 220J, it is not necessary to add a digital watermark.

FIG. 27 shows a processing flow in the external output section 230 in the distribution / broadcast editing system 200 shown in FIG.

The management module 230A performs authentication and key sharing with the IC card of the distribution / broadcasting editing operator or the producer, and acquires the key pj2 and the usage conditions and metadata from the IC card (step S141). .
Then, while sending the key pj2 to the decrypting unit 220C,
The usage conditions and metadata are sent to the electronic watermark adding device 220D.

The distribution master read from the hard disk device 204 has the data format as shown in FIGS. 8 and 9 as described above. This distribution master has metadata, an encrypted distribution master,
It is separated into the random number e used as the encryption key. Since the random number e is encrypted using the key pj2 dedicated to distribution / broadcasting work as an encryption key, it is decrypted by the decryption unit 230C,
The key e is taken out (step S142). Then, the decryption unit 230B restores the encrypted master to a plaintext by using the restored key e as a decryption key (step S143) and transfers the plaintext to the digital watermark adding device 230D.

The digital watermark adding device 230D adds directly readable information such as copy permission / prohibition regarding the distribution master as a digital watermark (step S).
144).

Further, the management module 230A sends detailed information for tracking (whether broadcasted or not) as metadata to the management center 400 (step S145).
The management center 400 also issues a dedicated ID to manage the distribution of the content (step S146).

The digital watermark improper device 230D also adds the ID issued by the management center 400 to the distribution master as a digital watermark (step S147) to create a distribution copy in a clear (non-encrypted) state. And distribute it to the movie company or supply it to the broadcasting station 300 (step S14).
8).

FIG. 28 shows a processing flow for the management module in each system to authenticate the IC card of the worker.

In step S151, the key of s is used for decryption.

Next, in step S152, the hash value of the metadata read from the IC card is calculated, and the result is set to H (a).

In step S153, the signature part is decrypted using the administrator's public key, and the result is set to H (b).

At step S154, H (a) and H (a)
(B) is compared and collated. If the two match, it is known that the content has not been tampered with (step S155), and the content can be obtained according to the correct usage conditions (step A156).

On the other hand, if the hash values do not match,
Since it is known that the contents have been tampered with (step S157), the contents cannot be obtained.

FIG. 29 shows a processing flow for broadcasting contents in the broadcasting station 300 and managing broadcasting contents by the management center 400.

The modified broadcasting contents and NTSC copy created by the distribution / broadcast editing system 200 are brought to the broadcasting station 300 (step S161).

On the broadcast station 300 side, the brought-in contents are stored in the archive 301 (step S16).
2). The archive 301 is managed by metadata so that it can be searched.

When reproducing the archived contents, the digital watermark adding device 303 adds a digital watermark (step S163), and then the transmitter 304 transmits the digital watermark (step S164).

In the management center 400, the ID of the digital watermark to be inserted when making an NTSC copy or broadcast copy in advance.
Is managing. Therefore, when the receiver 401 receives the broadcast (step S165), the digital watermark detection device 402 detects the digital watermark (step S16).
6) The information can be confirmed by making an inquiry to the management center 400 (step S16).
7).

The management center (monitoring station) 400 manages all the histories of the archive 301, and if linked with the electronic watermark detection device 402 as a reception monitor, it is possible to constantly monitor the contents. . The management center 400 needs to prevent the management status from leaking.

[Supplement] The present invention has been described in detail with reference to the specific embodiments. However, it is obvious that those skilled in the art can modify or substitute the embodiments without departing from the scope of the present invention. That is, the present invention has been disclosed in the form of exemplification, and the contents of this specification should not be construed in a limited manner. In order to determine the gist of the present invention, the section of the claims described at the beginning should be taken into consideration.

[0202]

As described above in detail, according to the present invention,
An excellent content management system and content management method, content security management center and content security management method, content processing apparatus, content processing method, and imaging apparatus capable of suitably performing copyright protection and copy control of content, In addition, a storage medium can be provided.

Further, according to the present invention, it is possible to manage a content in a work process of producing a content through a plurality of content processing works such as a movie, an excellent content management system, a content management method, and a content. It is possible to provide a security management center, a security management method for contents, a contents processing device and contents processing method, an imaging device, and a storage medium.

Further, according to the present invention, an excellent content management system and content management method capable of suitably managing each content produced through a plurality of content processing operations such as movies in processing operation units. It is possible to provide a content security management center, a content security management method, a content processing device and a content processing method, an imaging device, and a storage medium.

The present invention basically realizes the copyright protection and copy control of the contents by using the encryption and the digital watermark technology, but the contents and each material thereof are out of the frame of encryption. It sometimes proposes a mechanism for adding a digital watermark. Further, the history is managed by the metadata attached to the content, the ID for the digital watermark is generated at the management center, and the worker is authenticated by the authentication medium such as the IC card (FeliCa).

Although the above-described embodiment is merely an example of the present invention, this makes it possible to establish a security system for HD movies by using encryption and digital watermarking and prevent distribution of contents and materials. It becomes possible.

[Brief description of drawings]

FIG. 1 is a diagram schematically showing a configuration of a security system for movie production which realizes the present invention.

FIG. 2 is a diagram showing in detail the configuration of a work production editing system 100.

3 is a diagram schematically showing the configuration of an encryption function module equipped in the telecine 102 (or 103) shown in FIG.

FIG. 4 is a diagram showing a data format of an encrypted material output from the telecine 102.

5 is a diagram schematically showing a configuration of an encryption function module equipped in the HD camera recorder 104 shown in FIG.

FIG. 6 is a diagram showing a data format of an encrypted material output from the HD camera recorder 104.

[FIG. 7] Editing device 10 of editing system 100 for work production
2 is a diagram schematically showing an internal configuration of an encryption / editing device 108 included in 1. FIG.

FIG. 8 is a diagram showing a data format of encrypted work content output by the encrypted editing device.

FIG. 9 is a diagram showing another example of the data format of the encrypted work content output by the encrypted editing device.

FIG. 10 is a diagram schematically showing a configuration of a distribution / broadcast editing system 200.

11 is a diagram schematically showing an internal configuration of an encryption unit 210 in the 11 distribution / broadcast editing system 200. FIG.

FIG. 12 is a diagram showing a data format of a material output by the encryption unit 210.

FIG. 13 is a diagram schematically showing an internal configuration of an editing machine 220 in a distribution / broadcast editing system 200.

FIG. 14 is a diagram schematically showing an internal configuration of an external output section 230 in the distribution / broadcast editing system 200.

FIG. 15 is a diagram schematically showing a data structure of an IC card issued to each worker.

16 is a diagram showing a processing flow of the entire security system for movie production shown in FIG. 1. FIG.

17 is a diagram showing a processing flow performed for each worker who operates on the security system for movie production shown in FIG.

FIG. 18 is a process for creating an HD master by shooting and editing a material on film, creating a master, and converting a cinema signal into an HD TV signal by the telecine 102 in the work production editing system 100; It is the figure which showed the flow.

FIG. 19 shows a case where a material is photographed on a film in the work production editing system 100, converted into HD material by the telecine 103, and then edited by the editing device 101 to create a master, and by the HD camera / recorder 104. HD
FIG. 7 is a diagram showing a processing flow when a material is photographed and each HD material is edited by the editing device 101 to create a master.

FIG. 20 is a diagram showing a processing flow for monitoring content during editing work in the work production editing system 100.

FIG. 21 is a flow chart when the material is photographed by the HD camera / recorder 104.

22 is a diagram showing a processing flow in the encrypted editing device 108 in the work production editing system 100. FIG.

FIG. 23 is a diagram showing a processing flow of the entire distribution / broadcast editing system 200.

FIG. 24 shows a distribution / broadcast editing system 200.
It is a figure showing the processing flow for monitoring an image during edit.

25 is a diagram showing a processing flow in the encryption unit 210 in the distribution / broadcast editing system 200. FIG.

FIG. 26 is a diagram showing a processing flow in the processing section 220 in the distribution / broadcast editing system 200.

27 is a diagram showing a processing flow in the external output unit 230 in the distribution / broadcast editing system 200. FIG.

FIG. 28: The management module in each system is the operator's I
It is a figure showing the processing flow for authenticating C cart.

29 is a diagram showing a processing flow for broadcasting content in the broadcasting station 300 and managing broadcast content by the management center 400. FIG.

[Explanation of symbols]

100 ... Editing system for work production 101 ... Editing device 102, 103 ... Telecine 104 ... HD camera / recorder 105, 106, 107 ... Reproducing device 108 ... Encryption editing device 109 ... Hard disk device 110 ... Decoding unit 111 ... Management module 112 ... Digital Watermarking Device 113 ... Hard disk device 114 ... Decoding unit 115 ... General-purpose monitor device 116 ... Monitor device with authentication / encryption function 117 ... Digital Watermarking Device 200 ... Distribution / broadcast editing system 201 ... Playback device 203, 204 ... Hard disk drive 205 ... Decoding unit 206 ... General-purpose monitor device 207 ... Monitor device with authentication / encryption function 208 ... Digital Watermarking Device 210 ... Encryption unit 220 ... Editing machine 230 ... External output unit 240 ... Management module 251 ... Digital Watermarking Device 252 ... Down converter 300 ... Broadcasting station 301 ... Archive 304 ... Transmitter 400 ... Management center 401 ... Receiver 402 ... Digital watermark decoder

   ─────────────────────────────────────────────────── ─── Continued front page    F-term (reference) 5B017 AA06 BA07 CA15                 5B058 CA27 KA02 KA04 KA31 KA35                       YA20                 5J104 AA16 EA04 EA22 NA02 NA35                       NA37    (54) [Title of Invention] Content management system, content management method, content security management center, and content management system                     Content security management method, content processing apparatus, content processing method, imaging apparatus, and                     Storage media

Claims (27)

[Claims] 1. A content management system for managing content produced through a plurality of content processing operations, comprising: a plurality of content processing means for performing one or more content processing operations; and a content processing operation unit for each content. Content comprising key management means for managing a key, and work permission means for permitting the worker to process the content on the content processing means according to the key assigned to the worker Management system. 2. The key management means assigns a key relating to a corresponding processing work for a corresponding content to each worker who performs the content processing work by the content processing means. Content management system described. 3. The key management means, in each content processing means, a decryption key used for decryption processing of encrypted content input from the previous step, and an encryption key used for encryption processing of content output to the subsequent step. The content management system according to claim 1, wherein and are managed for each content. 4. The work permission unit decrypts the encrypted content input to the content processing unit by a decryption process using a decryption key assigned to the worker, and the content processing unit performs the content processing. The content management system according to claim 1, wherein the content after the work is encrypted and output by an encryption process using an encryption key assigned to the worker. 5. The key management means issues an authentication medium storing a key for a corresponding processing work for a corresponding content to each worker who performs the content processing work, and the work permission means, The encrypted content input to the content processing means is decrypted by the decryption process using the decryption key read from the authentication medium accepted from the worker, and the content after the content processing operation by the content processing means is authenticated. The content management system according to claim 1, wherein the content management system encrypts and outputs the encrypted data by an encryption process using an encryption key read from the medium. 6. A content management method for managing content produced through content processing work on a plurality of content working devices, comprising a key management step of managing a key for each content processing work unit. And a work permission step of permitting the work work of the content on each content processing device by the worker according to the key assigned to the worker, the content management method. 7. The key management step assigns a key relating to a corresponding processing operation for a corresponding content to each worker who performs the content processing operation by the content processing means. Content management method described. 8. In the key management step, in each content processing device, a decryption key used for decryption processing of encrypted content input from a previous step and an encryption key used for encryption processing of content output in a subsequent step. The content management method according to claim 6, wherein and are managed for each content. 9. In the work permitting step, the encrypted content input to the content processing apparatus is decrypted by a decryption processing using a decryption key assigned to the worker, and the content processing by the content processing apparatus is performed. The content management method according to claim 6, wherein the content after the work is encrypted and output by an encryption process using an encryption key assigned to the worker. 10. The key management step issues an authentication medium storing a key for a corresponding processing operation for a corresponding content to each worker who performs the content processing operation, and in the operation permitting step, The encrypted content input to the content processing apparatus is decrypted by the decryption process using the decryption key read from the authentication medium accepted from the worker, and the content after the content processing operation by the content processing apparatus is authenticated. The content management method according to claim 6, wherein the content is encrypted and output by an encryption process using an encryption key read from the medium. 11. A content security management center for managing security of content produced through a plurality of content processing operations for each content processing operation, and key management for issuing a key for each content processing operation. Means, worker registration means for registering a worker involved in the content processing work, and key allocation means for allocating a key for the content processing work with respect to the registered worker to the registered worker. Security management center for content. 12. The key management means, in each content processing operation, a decryption key used for decryption processing of encrypted content input from a previous step, and an encryption key used for encryption processing of content output to a subsequent step. The content security management center according to claim 11, wherein and are managed for each content. 13. The content security according to claim 11, wherein the key assigning means issues, to each worker, an authentication medium in which a key for a content processing operation for the content involved is stored. Management center. 14. A content security management method for managing security of content produced through a plurality of content processing operations for each content processing operation, the key management issuing a key for each content processing operation. And a key assigning step for assigning a key for a content processing work for the involved content to the registered worker. How to manage security of contents. 15. In the key management step, in each content processing operation, a decryption key used for decryption processing of encrypted content input from the previous step, and an encryption key used for encryption processing of content output to the subsequent step. 14. The security management method for contents according to claim 13, wherein and are managed for each content. 16. The security of contents according to claim 14, wherein in the key allotment step, an authentication medium storing a key for contents processing work for contents involved is issued to each worker. Management method. 17. A content processing device for a worker to perform a predetermined content processing operation, comprising: an authenticating means for authenticating the worker, and a key acquiring means for acquiring a key assigned to the worker. A content processing apparatus, comprising: a work executing unit that performs a work using a key. 18. The decryption key used in the decryption process of the encrypted content input from the preceding step of the content processing work, and the encryption process of the content output in the subsequent process of the content processing work. Obtaining an encryption key to be used, the work executing means decrypts the encrypted content input from the previous step of the content processing operation by decryption processing using the decryption key, and then processes the content. 18. The content processing apparatus according to claim 17, wherein the content after the content processing work is encrypted by an encryption process using the encryption key and then output to a subsequent step. 19. The worker possesses an authentication medium containing authentication information and key information, the authentication means authenticates the worker via the authentication medium, and the key acquisition means obtains a key from the authentication medium. The content processing apparatus according to claim 17, wherein the content processing apparatus reads the content. 20. A content processing method for a worker to perform a predetermined content processing work, comprising an authentication step of authenticating the worker, a key acquisition step of acquiring a key assigned to the worker, and A work processing step of performing work using a key, the content processing method comprising: 21. In the key acquisition step, a decryption key used for decryption processing of encrypted content input from a preceding step of the content processing operation, and a content encryption processing output to a subsequent step of the content processing operation. The encryption key to be used is acquired, and in the work execution step, the encrypted content input from the previous step of the content processing work is decrypted by the decryption processing using the decryption key, and then the content is processed. 21. The content processing method according to claim 20, wherein the content after the content processing work is encrypted by an encryption process using the encryption key and then output in a subsequent step. 22. The worker possesses an authentication medium containing authentication information and key information, wherein in the authentication step, the worker is authenticated through the authentication medium, and in the key acquisition step, the key is obtained from the authentication medium. 21. The content processing method according to claim 20, wherein the content is read. 23. An imaging device for an operator to perform an imaging operation, the authentication means authenticating the operator, the key acquisition means for acquiring the key assigned to the operator, and the imaging means for imaging the outside world. And an encryption unit that encrypts the video content obtained by shooting by an encryption process using the acquired key. 24. The worker possesses an authentication medium containing authentication information and key information, the authentication means authenticates the worker via the authentication medium, and the key acquisition means obtains a key from the authentication medium. The image capturing apparatus according to claim 23, wherein the image is read out. 25. Computer software physically written in a computer-readable format to execute management of content produced through content processing work on a plurality of content work devices on a computer system. The computer software is a storage medium, and a key management step for managing a key for each content in a content processing work unit, And a work permission step of permitting the processing work of the content of 1. 26. A computer readable form of computer software written to execute security management of contents for managing the security of contents produced through a plurality of contents processing works for each contents processing work on a computer system. The storage medium is a storage medium physically stored in the computer software, and the computer software includes a key management step of issuing a key for each content processing work unit, and a worker registration step of registering a worker involved in the content processing work And a key allotment step of allocating a key for a content processing work for a content involved to a registered worker. 27. A storage medium physically storing in a computer-readable format computer software, which is described to execute content processing for a worker to perform a predetermined content processing operation on a computer system. The computer software includes an authentication step of authenticating a worker, a key acquisition step of acquiring a key assigned to the worker, and a work execution step of performing work using the acquired key. Characteristic storage medium.