JP2003304231A - Method for distributing contents, contents distribution server and program, contents reproducing device and program, and contents user registration server, program and method therefor - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a contents distribution method realizing direct charging and settling operation between a broadcasting agent and a contents purchaser and protection of contents purchaser's privacy in distributing contents from the broadcasting agent adopting a limited receiving system through a network. <P>SOLUTION: When a contents distribution request is sent from a contents reproducing device 90 to a contents distribution server 20, the server 20 authenticates a user on the basis of personal information (user identification number, etc.), recorded in a CAS card C<SB>1</SB>inserted into the device 90 and distributes the requested contents to the device 90 on the basis of the authentication result. <P>COPYRIGHT: (C)2004,JPO

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a content delivery method for delivering content via a network using a conditional access system, a content delivery server and its program, a content playback apparatus and its program, and a content user registration server and its. A program and its method.

[0002]

2. Description of the Related Art Conventionally, in order to distribute multimedia contents such as video and audio (hereinafter referred to as contents) on a network, it is necessary to charge the contents, and the settlement of the charged contents using a credit card. Was going on.

In this case, first, a content distributor (hereinafter referred to as a provider) registers a password together with an ID number of a credit card of a content purchaser (user; hereinafter referred to as a user) in an authentication device of the provider. Then, when the user purchases the content, the provider authenticates the user by using the ID number and password of the credit card. In addition, payment of charged content is performed via a credit card company. In such a payment method, the provider and the user currently make a contract with the credit card company, and the provider and the user do not directly make the payment at present.

A conditional access system (CAS: Con)
When a broadcaster broadcasts content using a digital access system, the user writes the contract content written in an IC card (CAS card) having an identification number corresponding to the user attached to the content receiving device. Content can be viewed based on the. Further, when the user purchases the content, the purchase result is temporarily stored in the CAS card, the purchase result is notified to the broadcaster through the telephone line connected to the content receiving device, and the payment is made via the credit card company. Was being done.

[0005]

However, in the above-mentioned conventional technology, when the content to be charged is distributed on the network and payment is made via the credit card company, both the provider and the user contract with the credit card company. It was impossible to directly make a contract between the provider and the user. In such a system, the purchased content becomes known to the credit card company, which is a problem from the viewpoint of protecting the privacy of the user. Furthermore, since the provider has to make a contract with the credit card company, the cost of the contract increases the burden on the user.

[0006] Even when a broadcaster who broadcasts for a fee using the conditional access system (CAS) tries to distribute the content to be charged on the network, the CAS and the network are linked. Because there is no
Payment must be made via a credit card company, and the same problem as described above occurs.

The present invention has been made in view of the above problems, and when a broadcasting company using CAS distributes contents on a network, the broadcasting company and the user directly communicate with each other. To provide a content distribution method, a content distribution server and its program, a content reproduction device and its program, and a content user registration server, its program and its method, which can perform charging and settlement and protect user's privacy. To aim.

[0008]

The present invention was devised to achieve the above object. First, the content distribution method according to claim 1 is used for encrypting at least content. Content distribution request from a content reproduction device equipped with an identification card that registers a user public key for encrypting the content key, a user private key for decrypting the content key, and a user identification number unique to each user Is received, and the content distribution server distributes the encrypted content obtained by encrypting the requested content with the content key to the content reproduction device via the network, including the following steps. Characterize.

That is, in the content distribution server, based on the user identification number and the user public key transmitted from the content reproduction apparatus, the user management database in which the management information of the user is registered authenticates the user himself. A user authentication step for performing a content key encryption step for encrypting a content key with a user public key to obtain an encrypted content key, and reproducing the content as multiplexed encrypted content by multiplexing the encrypted content and the encrypted content key. A multiplexing transmission step of transmitting to the device, a reception separation step of receiving the multiplexed encrypted content in the content reproduction apparatus and separating the multiplexed encrypted content into an encrypted content and an encrypted content key, and this reception separating step Decrypt the encrypted content key separated by the user private key A content key decoding step of obtaining the content key, a content decrypting step of decrypting by the content key decrypted by separate content key decoding step the encrypted content received separation step,
It was decided to include.

According to such a method, in the content distribution method, the content distribution server receives the user identification number and the user public key registered in the identification card of the content reproduction apparatus, and performs the user authentication step, The user is authenticated by comparing it with the user management information in the user management database. The content is delivered only when the user who has issued the content delivery request by this user authentication is a legitimately registered user. here,
The user management information is information unique to the user including at least the user identification number and the user public key.

Then, in the content key encryption step, the content distribution server encrypts the content key obtained by encrypting the content with the user public key notified from the content reproduction device. Note that this encrypted content key can be decrypted only by the user private key registered in the identification card of the content reproduction device.

[0012] Then, in the multiplex transmission step, the encrypted content encrypted by the content key,
The encrypted content key encrypted with the user public key is multiplexed and transmitted to the content reproduction device.

The multiplexed encrypted content and encrypted content key are received and separated into individual pieces of information by a receiving / separating step in the content reproducing apparatus. Then, in the content key decryption step, the content key is decrypted from the encrypted content key with the user private key registered in the identification card, and the content is decrypted from the encrypted content using the content key.

The content distribution method according to claim 2 is the same as the content distribution method according to claim 1.
A payment status management database that stores the payment status of the fee for the paid content includes a payment capacity verification step of verifying the payment capacity for the user's billing, and reproduces the content only when the payment capacity is verified. It is characterized by delivering to the device.

According to such a method, in the content distribution method, the user authentication step refers to the payment status management database that stores the payment status of the fee for the pay content of the user, thereby making it possible to pay the user's bill. To verify. This payment status management database is
It is a database that is updated every time the content distributor purchases and pays for the content, and is not verified by a third party such as a credit card company.
Therefore, only the content distributor can manage the payment status of the user.

Further, in the content distribution method according to claim 3, in the content distribution method according to claim 1 or 2, the user authentication step includes the user identification number and the usage transmitted from the content reproduction device. It is characterized in that at least one or more of the public key of the person is encrypted by the public key of the distributor notified in advance from the content distribution server and is decrypted by the private key of the distributor of the content distribution server.

According to such a method, in the content distribution method, at least one or more of the user identification number and the user public key transmitted from the content reproduction device is notified in advance from the content distribution server. Since it is encrypted by, the encrypted information can be decrypted only by the distributor private key of the content distribution server. The distributor public key used here generates a different public key for each content distribution request.

The content distribution server according to claim 4 further includes a user public key for encrypting at least a content key used for encrypting the content, and a user private key for decrypting the content key. Based on a content distribution request from a content reproduction device equipped with an identification card in which a unique user identification number is registered for each user, encrypted content obtained by encrypting the content with a content key is transmitted to the content reproduction device via a network. Is a content distribution server that distributes information by means of a user management database in which user management information is registered based on the user identification number and user public key transmitted from the content playback device, and then authenticates the user himself. The content key is encrypted with the user authentication means that performs A content key encryption means, and multiplexing transmission means for transmitting the encrypted content and the encrypted content key by multiplexing the content reproducing apparatus, a structure comprising a.

According to this structure, the content distribution server receives the user identification number and the user public key registered in the identification card of the content reproduction device, and the user authentication means stores the user management database in the user management database. The user is authenticated by comparing it with the management information of the user. The content is delivered only when the user who has issued the content delivery request by this user authentication is a legitimately registered user.

Then, the content key encryption means causes the content distribution server to encrypt the content key which has been encrypted with the user public key notified from the content reproduction apparatus. Note that this encrypted content key can be decrypted only by the user private key registered in the identification card of the content reproduction device.

Then, the multiplexed transmission means multiplexes the encrypted content encrypted with the content key and the encrypted content key encrypted with the user public key, packetizes them, and transmits them to the content reproducing apparatus.

Further, the content distribution server according to claim 5 is the content distribution server according to claim 4, wherein the payment status management database that stores the payment status of the fee for the paid content is used to pay the user's bill. It is characterized by having a payment capability verification means for verifying.

According to such a configuration, in the content distribution server, the payment capability verification means refers to the payment status management database that stores the payment status of the fee for the pay content of the user, so that the payment capacity for the user's fee is paid. To verify. This payment status management database is
It is a database that is updated every time the content distributor purchases and pays for the content, and is not verified by a third party such as a credit card company.
Therefore, only the content distributor can manage the payment status of the user.

A content distribution program according to a sixth aspect of the present invention includes a user public key for encrypting at least a content key used for encrypting content,
The content was encrypted with the content key based on the content distribution request from the content reproduction device equipped with the user secret key for decrypting the content key and the user identification number unique to each user. In order to deliver the encrypted content to the content reproducing apparatus via the network, the computer is configured to function by the following means.

That is, based on the user identification number and the user public key transmitted from the content reproduction apparatus, the user authentication is performed by the user management database in which the management information of the user is registered. Means, a content key encryption means for encrypting a content key with a user public key to obtain an encrypted content key, a multiplex transmission means for multiplexing the encrypted content and the encrypted content key and transmitting the multiplexed content key to the content reproducing apparatus. did.

According to this structure, the content distribution program receives the user identification number and the user public key registered in the identification card of the content reproduction apparatus, and the user authentication means stores the user management database in the user management database. The user is authenticated by comparing it with the management information of the user.
The content is delivered only when the user who has issued the content delivery request by this user authentication is a legitimately registered user.

Then, the content key encryption means causes the content distribution server to encrypt the encrypted content key with the user public key notified from the content reproduction apparatus. Note that this encrypted content key can be decrypted only by the user private key registered in the identification card of the content reproduction device.

Then, the multiplexed transmission means multiplexes the encrypted content encrypted with the content key and the encrypted content key encrypted with the user public key, packetizes them, and transmits them to the content reproducing apparatus.

Further, the content reproducing apparatus according to claim 7 further comprises a user public key for encrypting at least the content key used for encrypting the content, and a user private key for decrypting the content key. The content distribution server has an identification card in which a unique user identification number is registered for each user, and an encrypted content encrypted by the content key from the content distribution server and an encrypted content key encrypted by the user public key. A content reproducing device for reproducing the content by receiving the multiplexed encrypted content obtained by multiplexing the encrypted encrypted content via a network, and receiving the multiplexed encrypted content and separating the encrypted encrypted content and the encrypted content key. The separating means and the encrypted content key separated by the receiving and separating means are decrypted by the user private key to obtain the content key. And Ceiling key decrypting unit, and a content decryption means for decrypting by the content key decrypted by the content key decrypting means the separated encrypted content receiving separation unit, configured to include a.

According to this structure, the content reproducing apparatus receives the multiplexed encrypted content and the encrypted content key by the reception / separation means, and separates the encrypted content and the encrypted content key into individual encrypted content and encrypted content key. Then, the content key decryption means decrypts the content key from the encrypted content key with the user private key registered in the identification card, and decrypts the content from the encrypted content using the content key.

Since the encrypted content key multiplexed and transmitted from this content distribution server is encrypted with the user public key notified to the content distribution server by the content reproduction device, it is stored in the identification card of the content reproduction device. Only the registered user private key can be used for decryption.

Further, the content reproducing program according to the present invention has a user public key for encrypting at least a content key used for encrypting content,
The content distribution server is provided with an identification card in which a user private key for decrypting the content key and a user identification number unique to each user are registered, and encrypted content encrypted by the content key from the content distribution server and user disclosure. In order to receive the multiplexed encrypted content obtained by multiplexing the encrypted content key encrypted with the key via the network and reproduce the content, the computer is configured to function by the following means.

That is, the receiving / separating means for receiving the multiplexed encrypted content and separating the encrypted content and the encrypted content key, and the encrypted content key separated by this receiving / separating means are decrypted by the user secret key. The content key decryption means for obtaining the content key and the content decryption means for decrypting the encrypted content separated by the reception / separation means with the content key decrypted by the content key decryption means.

According to this structure, the content reproduction program receives the multiplexed encrypted content and the encrypted content key by the receiving / separating means, and separates the encrypted content and the encrypted content key. Then, the content key decryption means decrypts the content key from the encrypted content key with the user private key registered in the identification card, and decrypts the content from the encrypted content using the content key.

Since the encrypted content key multiplexed and transmitted from this content distribution server is encrypted with the user public key notified to the content distribution server by the content reproduction device, the encrypted content key is stored in the identification card of the content reproduction device. Only the registered user private key can be used for decryption.

Further, the content user registration server according to claim 9 registers the management information of the user who views the content in the user management database which stores the management information and the identification card for identifying the user. A content user registration server, an identification number issuing means for issuing a unique user identification number for each user, a user public key for encrypting a content key used for encrypting content, A user key issuing means for issuing a user secret key for decrypting the encrypted content key, the user identification number issued by the identification number issuing means, and a user issued by the user key issuing means Public key,
The database registration means for registering in the user management database, the user identification number issued by the identification number issuing means, and the user public key and user private key issued by the user key issuing means are stored in the card writing device. An identification card registration means for notifying and registering in the identification card.

According to this structure, the content user registration server issues the user identification number unique to the user to be registered in the identification card by the identification number issuing means, and encrypts the content by the user key issuing means. A user public key that encrypts the content key used to perform this and a user private key that decrypts the encrypted content key are issued.

Then, by the database registration means,
The user identification number and the user public key are registered in the user management database, and the identification card registration means registers the user identification number, the user identification number and the user public key in the identification card. Here, by incorporating the registered identification card into the content reproduction apparatus, the content reproduction apparatus can
It becomes possible to authenticate with the content distribution server, and the content can be received via the network.

Further, according to this configuration, when a broadcasting company performing pay broadcasting using the conditional access system (CAS) attempts to distribute the content to be charged on the network, the same identification card is used. (CAS card) can be used.

Furthermore, the content user registration program according to claim 10 stores the management information of the user who views the content in the user management database that stores the management information, and the identification card for identifying the user. In order to register, the computer is made to function by the following means.

That is, an identification number issuing means for issuing a unique user identification number for each user, a user public key for encrypting the content key used for encrypting the content, and the encrypted content. User management of the user key issuing means for issuing the user private key for decrypting the key, the user identification number issued by the identification number issuing means, and the user public key issued by the user key issuing means The database registration means to be registered in the database, the user identification number issued by the identification number issuing means, and the user public key and user private key issued by the user key issuing means are notified to the card writing device for identification. An identification card registration means for registering a card.

According to this structure, the content user registration program issues the user identification number unique to the user to be registered in the identification card by the identification number issuing means, and encrypts the content by the user key issuing means. A user public key that encrypts the content key used to perform this and a user private key that decrypts the encrypted content key are issued.

Then, by the database registration means,
The user identification number and the user public key are registered in the user management database, and the identification card registration means registers the user identification number, the user identification number and the user public key in the identification card. Here, by incorporating the registered identification card into the content reproduction apparatus, the content reproduction apparatus can
It becomes possible to authenticate with the content distribution server, and the content can be received via the network.

Further, according to this configuration, when a broadcasting company performing pay broadcasting using the conditional access system (CAS) attempts to distribute the content to be charged on the network, the same identification card is used. (CAS card) can be used.

Further, in the content user registration method according to claim 11, the management information of the user who views the content is registered in the user management database for accumulating the management information and the identification card for identifying the user. A content user registration method, characterized by including the following steps.

That is, an identification number issuing step for issuing a unique user identification number for each user, a user public key for encrypting a content key used for encrypting content, and an encrypted user key. The user key issuing step of issuing a user private key for decrypting the content key, the user identification number issued by the identification number issuing means, and the user public key issued by the user key issuing means are used. The database registration step of registering in the user management database, the user identification number issued by the identification number issuing means, and the user public key and user private key issued by the user key issuing means are notified to the card writing device. And an identification card registration step of registering in the identification card,
It was decided to include.

According to this method, the content user registration method issues the user identification number unique to the user to be registered in the identification card in the identification number issuing step, and encrypts the content in the user key issuing step. A user public key that encrypts the content key used to perform this and a user private key that decrypts the encrypted content key are issued.

Then, in the database registration step, the user identification number and the user public key are registered in the user management database, and in the identification card registration step,
Register the user identification number, user identification number, and user public key in the identification card. Here, by incorporating the registered identification card into the content reproduction apparatus, the content reproduction apparatus can perform authentication with the content distribution server and can receive the content via the network.

Further, according to this method, when a broadcasting company performing pay broadcasting using the conditional access system (CAS) attempts to distribute the content to be charged on the network, the same identification card is used. (CAS card) can be used. Further, in the method, each step can be distributed and operated on the network.

[0050]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of the present invention will be described below with reference to the drawings. (Structure of Content Delivery System: First Embodiment)
First, the configuration of the content distribution system, which is the first embodiment for realizing the content distribution method according to the present invention, will be described. FIG. 1 is a block diagram showing the configuration of the content distribution system 1. As shown in Figure 1,
The content distribution system 1 includes a user registration server 10 (content user registration server) connected to a content distributor (hereinafter referred to as a provider) by an intranet 3, a content distribution server 20, a content database 30, and key issuing. The server 40, the user authentication server 50, the user management database 60, the payment status management database 70, and the gateway (GW) 5 are provided, and the purchaser of the content (user; user hereinafter) via the Internet 7. This is a system for delivering content to the content reproduction device 90 on the () side.

In the content distribution system 1, when the content reproduction apparatus 90 requests the content distribution server 20 for content distribution, the CAS card (identification card) in which the content distribution server 20 is inserted into the content reproduction apparatus 90. ) A system for authenticating a user based on the personal information (user identification number, etc.) recorded in C ₁ and delivering the requested content to the content reproducing device 90 based on the authentication result.

This CAS card C ₁ is a conditional access system (CAS: Conditional Access).
When the broadcaster broadcasts the content by using the system, the IC card is an IC card that is attached to a receiving device that receives the content and identifies the user. In the present invention, a network (Internet 7 or the like) is used. It is used for authentication when the content is delivered via.

The user registration server 10 pre-registers the user in the user management database 60 of the provider so that the user can receive the content, and the personal information of the user can be stored in a card writing device (not shown). (User identification number etc.) is notified and registration is performed on the CAS card.

Based on the personal information (user identification number, etc.) recorded in the CAS card C ₁ of the content reproduction apparatus 90 that has requested the content distribution by the user authentication server 10, the content distribution server 20 determines CA
It is authenticated whether or not the user of the S card C ₁ is a legitimately registered user himself, and only when the user is a legitimate registered user, the requested content is reproduced from the content database 30 by requesting the content. It is to be delivered to the device 90.

The content database 30 is a database that stores content for distribution. The contents stored in the contents database 30 are stored in a common common key encryption method, for example, DES (Da).
It is assumed to be encrypted by a common key (content key) used in ta Encryption Standard.

The key issuing server 40 uses a general public key encryption method, for example, RSA encryption (Rivest-Shami).
A key for encrypting information (public key) and a key for decrypting information (secret key) are issued by r-Adleman Scheme or the like. Here, the key issuing server 40 is a public key (provider public key) for encrypting information (for example, a user identification number) written in the CAS card C ₁ of the content reproduction apparatus 90, and the encrypted public key. A public key (user public key) for issuing a private key (provider private key) for decrypting the information, and for encrypting the content key that is a common key for encrypting the content, and its encryption A private key (user private key) for decrypting the encrypted content key (encrypted content key) is issued.

The user authentication server 50 refers to the user management database 60 that stores the user identification number, user public key, etc. for each user (each CAS card C ₁ of the content reproduction device 90) and distributes the content. It is to determine whether the user who made the request is the contractor himself.

The user management database 60 is a database in which personal information (management information) of users is registered.
This personal information is, for example, a user-specific identification number (user identification number), a user's name and address, an account number for deducting the price of content, and the like, and is managed for each user identification number.

The payment status management database 70 is a database in which the purchase history of contents for each user identification number of the user and the payment status for billing are accumulated, and updated by the person in charge of the provider when purchasing the contents, paying the price, and the like. It is what is done.

The user registration terminal 80 is a terminal for performing user registration (user registration) in the user management database 60. Here, the user registration terminal 80 performs user registration by logging in to the user registration server 10 connected to the intranet 3 and inputting the personal information of the user.

The gateway (GW) 5 is a device for connecting each network of the intranet 3 and the Internet 7. This gateway 5 is, for example, I
P router (IP: Internet Protocol)
1), which has a firewall function of preventing unauthorized access to the intranet 3.

The content reproducing apparatus 90 is a broadcast receiving apparatus based on a conditional access system (CAS) to which a function of receiving content via a network is added. It goes without saying that a plurality of content reproduction devices 90 can be connected to the Internet 7.

(Structure of User Registration Server) Next, the structure of the user registration server 10 will be described in detail with reference to FIG. FIG. 2 is a block diagram showing the configuration of the user registration server 10 connected to the intranet 3 which is the provider's network. Furthermore, here, in order to describe one embodiment in which user registration is performed by the user registration server 10, writing into the user registration terminal 80 and the CAS card C ₂ connected to the user registration terminal 80 in the intranet 3. It is configured by including a device (card writing device 81).

The user registration server 10 performs user registration in the user management database 60, notifies the card writing device 81 of the user's personal information (user identification number, etc.), and the CAS card C. It is to be registered in ₂ , and is realized by a general computer equipped with a CPU and a memory (not shown).

As shown in FIG. 2, the user registration server 10
Is an identification number issuing means 11 and a user key issuing means 12
The database registration means 13 and the identification card registration means 14 are provided. Here, it is assumed that user registration is performed by logging in to the user registration server 10 from the user registration terminal 80 including the card writing device 81 connected to the intranet 3. If the user registration terminal 80 is connected to the intranet 3, the user registration terminal 80 can be installed, for example, at a sales office of a provider, and the user registration can be performed while confirming the user himself.

The identification number issuing means 11 issues a user identification number UID which is an identification number unique to the user. For example, the user identification number UID is a number string or the like that the provider successively assigns to each user. This user identification number UID is notified to the database registration means 13 and the identification card registration means 14.

The user key issuing means 12 has a public key (user public key Kup) for encrypting the content key, which is a common key for encrypting the content, and the encrypted content key (encryption). A private key (user private key Kus) for decrypting the encrypted content key is issued. Note that, here, the user key issuing means 12 requests the key issuing server 40 to issue a key, and the user public key Kup.
And the user private key Kus. The user public key Kup issued here is notified to the database registration means 13, and the user public key Kup and the user private key Kus are notified to the identification card registration means 14.

The database registration means 13 has the user identification number UID notified from the identification number issuing means 11 and the user public key Kup notified from the user key issuing means 12.
And are registered in the user management database 60. Further, the database registration means 13 registers in the user management database 60 the user's name and address input from the user registration terminal 80, the account number for deducting the price of the content, and the like.

The identification card registration means 14 issues an identification number.
User identification number UID notified from the means 11, and
User public key Ku notified from the user key issuing means 12
Notify p and user private key Kus to user registration terminal 80
To do. Then, the user registration terminal 80 is
CAS card C inserted in the writing device 81 ₂
User identification number UID, user public key Kup and usage
Write the private key Kus. Registered here to write
CAS card C₂Content playback device 90 (see FIG. 1)
The content playback device 90,
It becomes possible to receive distribution of Tents.

As described above, the user registration server (contents user registration server) 10 according to the present invention is based on one embodiment.
However, the present invention is not limited to this. For example, the key issuing server 40 may be operated by the CPU of the user registration server 10. Further, the user registration server 10 can realize each unit in a computer as each function program, and can combine each function program to operate as a content user registration program.

(Operation of User Registration Server) Next, the operation of the user registration server 10 will be described with reference to FIGS. 2 and 3. FIG. 3 is a flowchart showing an operation of logging in the user registration server 10 from the user registration terminal 80 and performing user registration (user registration).

First, the user registration server 10 issues the user identification number UID, which is an identification number unique to the user, by the identification number issuing means 11 (step S10). The user public key Kup for encrypting the content key, which is a common key for encrypting the content, and the user private key for decrypting the encrypted content key, by the user key issuing means 12. Kus is issued (step S11).

Then, the database identification means 13 issues the user identification number UID issued in step S10.
And the user secret key Kus issued in step S11 are registered in the user management database 60 (step S12). In this step S12, the user registration terminal 8
The operation includes registering the user name and address input from 0, the account number for deducting the price of the content, and the like in the user management database 60.

Further, by the identification card registration means 14,
The user identification number UID issued in step S10, the user public key Kup and the user secret key Kus issued in step S11 are notified to the user registration terminal 80 (step S13).

The user registration terminal 80 notified of the user identification number UID, the user public key Kup, and the user private key Kus uses the card writing device 81 connected to the user registration terminal 80 to execute the CAS card. The user identification number UID, the user public key Kup, and the user secret key Kus are written in C ₂ (step S14), and the user registration is completed.

Through the above steps, the user registration server 10 can perform CAS by the conditional access system (CAS).
At the same time as the user registration of the card C _2, the user public key Kup and the user secret key Kus required for distributing the content via the network can be registered in the CAS card C ₂ .

(Structure of Content Distribution Server) Next, the structure of the content distribution server 20 will be described in detail with reference to FIG. FIG. 4 is a block diagram showing the configuration of the content delivery server 20 of the content delivery system 1 shown in FIG. 1, and FIG. 1 is referred to for the configuration of the content delivery system 1 as appropriate.

As shown in FIG. 4, the content distribution server 2
0 is a provider key issuing unit 21, a user information decrypting unit 22, a user authenticating unit 23, and a payment capability verifying unit 2.
4, content key encryption means 25, and multiplex transmission means 26. Further, the content distribution server 20 is realized by a general computer equipped with a CPU and a memory (not shown).

The provider key issuing means 21 receives information from the content reproducing apparatus 90 (for example, user identification number UID).
Etc.) is requested to the key issuing server 40 to issue a public key (provider public key) and a private key (provider private key) required for encrypting the provider public key and the provider public key issued by the key issuing server 40. The provider private key is managed (stored) as a public key pair.

This provider key issuing means 21 requests the key issuing server 40 to issue the provider public key Kpp and the provider private key Kps each time there is a content distribution request, and the provider public key Kpp is used as the content request source (content And transmits the public key pair of the provider public key Kpp and the provider private key Kps to the playback device 90).
It is stored in a memory or the like in association with the user identification number UID managed by the CAS card C ₁ of the content reproduction apparatus 90.

The user information decrypting means 22 stores the encrypted user identification number UID and user public key Kup transmitted from the content reproducing device 90 in the memory by the provider key issuing means 21. Private key Kps
Decrypt by. User identification number U decrypted here
The ID and the user public key Kup are used by the user authenticating means 23 for authenticating the user. Note that both the encrypted user identification number UID and the user public key Kup transmitted from the content reproduction device 90 may be encrypted, or either one may be encrypted. Good.

The user authenticating means 23 authenticates the user who has issued the content distribution request. Here, the user authenticating means 23 requests the user authenticating server 50 for user authentication with the user identification number UID and the user public key Kup decrypted by the user information decrypting means 22, and there is a content distribution request. Authenticate the user.

This user authentication server 50, based on the user management database 60 in which the user identification number UID and the user public key Kup are stored for each user, is the user who made the content distribution request the contractor himself? Make a decision.

The payment ability verification means 24 verifies the payment ability for the charge of the user who has made the content distribution request. This payment capability verification means 24 is a purchaser (user) of the content for which the provider is charged.
The payment status management database 70, which stores the payment statuses in the past for each user, is referred to, and the user's payment ability is verified by whether the user who has made a content distribution request has made an unpaid payment in the past content purchase. It is a thing.

The payment status management database 70 stores the purchase history of contents for each user identification number UID of the user.
In addition, it is a database that stores the payment status for billing, and is updated by the person in charge of the provider when purchasing the content, paying the price, and the like.

The content key encryption means 25 is for encrypting the common key (content key Kc) used for encrypting the content by the secret key encryption method. This content key Kc is encrypted using the user public key Kup registered in the user management database 60 for each user who has made a content distribution request. It is assumed that the content is previously encrypted with the content key Kc in the content database 30 and stored as the encrypted content CC.

The multiplex transmission means 26 multiplexes the encrypted content CC of the content database 30 and the content key Kc (encrypted content key) encrypted by the content key encryption means 25 to request content distribution. The content is transmitted to the content reproducing device 90. For example, when the network of the intranet 3 is TCP / IP, the multiplex transmission means 26 divides the multiplexed data into packet sizes conforming to the TCP / IP protocol and transmits the packets.

The structure of the content distribution server 20 according to the present invention has been described above based on the embodiment.
The present invention is not limited to this. For example, the key issuing server 40 and the user authentication server 50 may be operated by the CPU of the content distribution server 20. Further, the content distribution server 20 can realize each unit as each function program in a computer, and can combine each function program and operate as a content distribution program.

(Structure of Content Reproducing Device) Next, referring to FIG.
The configuration of the content reproduction device 90 will be described in detail with reference to FIG. FIG. 5 is a block diagram showing the configuration of the content reproduction device 90 of the content distribution system 1 shown in FIG. 1, and FIG. 1 will be referred to for the configuration of the content distribution system 1 as appropriate.

As shown in FIG. 5, the content reproduction apparatus 90
Is a content request means 91, a user information encryption means 92, a reception separation means 93, and a content key decryption means 9
4, content decoding means 95, and card reading means 96. In addition, the card reading means 96 includes a CAS card C that has already completed user registration.
It is assumed that (C ₁ ) is inserted.

The content requesting means 91 distributes a content request to the provider's content distribution server 20 via the network (Internet 7). For example, the user requests the content distribution server 20 for the content desired by the user by instructing the menu displayed on the screen of the content reproduction apparatus 90 by the input means (not shown).

The user information encryption means 92 uses the provider public key Kpp transmitted from the content distribution server 20.
By encrypting the user identification number UID registered in the CAS card C ₁ and the user public key Kup,
It is transmitted to the content distribution server 20. Note that both the user identification number UID and the user public key Kup to be encrypted here may be encrypted, or either one may be encrypted.

The receiving / separating means 93 multiplexes the encrypted content (encrypted content) and the encrypted content key obtained by encrypting the content key which is the common key used to encrypt the content. The multiplexed encrypted content is received from the content distribution server 20 and separated into an encrypted content and an encrypted content key. The encrypted content key separated by the receiving / separating means 93 is output to the content key decrypting means 94, and the encrypted content is output to the content decrypting means 95. Note that the reception / separation means 93 is configured in advance by the content distribution server
It is assumed that the multiplexing method in 0 is known as known information.

The content key decrypting means 94 decrypts the encrypted content key input from the receiving / separating means 93 with the user secret key Kus registered in the CAS card C ₁ . The content key Kc decrypted by the content key decryption means 94 is a common key used for decrypting the encrypted content and is output to the content decryption means 95.

The content decrypting means 95 decrypts the encrypted content input from the receiving / separating means 93 with the content key Kc input from the content key decrypting means 94 to reproduce the content. The content decrypting means 95 reproduces and outputs video and audio to a display device such as a CRT or an audio output device such as a speaker (not shown) according to the decrypted content.

The card reading means 96 is a general IC
A card reading device for reading the user identification number UID, the user public key Kup, the user private key Kus, etc., registered in the CAS card C (C ₁ ) which is an IC card, as necessary. Is.

Although the configuration of the content reproducing apparatus 90 according to the present invention has been described based on the embodiment, the present invention is not limited to this. For example, although it is possible to configure the present invention by sharing the present invention with a broadcast receiving device using CAS as in the present embodiment, a device connected to a network (Internet 7 etc.) independently of the broadcast receiving device. It is also possible to realize as. In this case, a plurality of CAS cards (identification cards) can be prepared for each device, or the contents can be distributed by inserting the CAS card into the device to which the user wants the contents distributed.

Further, the content reproducing apparatus 90 can realize each unit in the computer as each functional program, and can combine each functional program to operate as a content reproducing program.

(Operations of Content Distribution Server and Content Reproducing Device) Next, operations of the content distribution server 20 and the content reproducing device 90, which are operations of the content distribution method, will be described with reference to FIGS. 4 to 7. 6 and 7 are flowcharts showing the operation of the content distribution method.

First, the content requesting means 91 of the content reproduction apparatus 90 requests the content delivery server 20 to deliver the content desired by the user via the network (Internet 7) (step S).
20).

In the content distribution server 20 which has received this content distribution request, the provider key issuing means 21 causes the provider public key Kpp and the provider secret key K.
ps is issued (step S21), and the provider public key Kp is sent to the content reproduction device 90 that has requested the content.
p is transmitted (step S22).

Upon receiving the provider public key Kpp, the content reproducing apparatus 90 uses the user information encryption means 92 to store the user identification number UID and the user public key Kup registered in the CAS card C (C ₁ ). With the provider public key Kpp (step S23), and the encrypted user identification number (encrypted user identification number),
The encrypted user public key (encrypted user public key) is transmitted to the content reproduction device 90 (step S2).
4).

Then, the content distribution server 20 that has received the encrypted user identification number and the encrypted user public key
Is processed by the user information decoding means 22 in step S21.
The encrypted user identification number and the encrypted user public key are decrypted with the provider private key Kps issued in step S4 to obtain the user identification number UID and the user public key Kup (step S2).
5).

Then, by the user authentication means 23, the user identification number UID and the user public key Kup are the same as the user identification number UID and the user public key Kup registered in the user management database 60. It is determined whether or not this content distribution request is a request from the user himself / herself who is registered as a user (step S26). If it is determined in step S26 that the request is not from the user himself / herself (“No”), the content distribution process ends. On the other hand, when it is determined that the request is from the user himself (“Yes”), the payment ability verification means 24 further verifies the payment ability for the user's billing (step S27).

If it is verified in this step S27 that this user does not have the payment capability (“none”), the content distribution process is terminated. On the other hand, if it is verified that this user has the ability to pay (“Yes”), step S2
Go to 8.

Then, the content distribution server 20 uses the content key encryption means 25 to encrypt the requested content with the content key Kc which is the common key registered in the user management database 60. It is encrypted with Kup (step S28).

The multiplexed transmission means 26 encrypts the content with the content key Kc stored in the content database 30, and the encrypted content CC.
Then, the encrypted content key encrypted in step S28 is multiplexed (step S30), packetized and transmitted to the content reproduction device 90 (step S30).

The content reproducing apparatus 90 which has received the multiplexed encrypted content obtained by multiplexing the encrypted content CC and the encrypted content key by the receiving / separating means 93,
The multiplexed encrypted content is separated into an encrypted content CC and an encrypted content key (step S31).

Then, the encrypted content key separated in step S31 by the content key decryption means 94 is the user secret key K registered in the CAS card C _1.
The content key Kc is decrypted by us (step S3
2), by the content decryption means 95, step S3
Using the content key Kc decrypted in step 2, step S31
The encrypted content CC separated in (3) is decrypted (step S33). Then, the user can view the desired content by reproducing the decrypted content as video and audio (step S34).

Through the above steps, the content delivery system 1 can use the CAS card used in the conditional access system (CAS) to allow the content provider to deliver the content via the network.

Since the provider public key Kpp issued in step S21 is generated each time there is a content distribution request, it is used only once for each content distribution request. Therefore, security is maintained even if the provider public key Kpp is tapped on the network.

Further, the content key Kc transmitted from the content distribution server 20 to the content reproduction device 90 is
In step S28, the user public key Kup of the user
The content key Kc cannot be decrypted without knowing the user private key Kus of the user, because the content key Kc has been encrypted. Therefore, the encrypted content key K
c cannot be decrypted even if it is eavesdropped on the network. Further, since the encrypted content key Kc is decrypted in the content reproduction device 90, the user secret key Ku
s does not leak to the outside, and the content reproduction device 9
Since the content encrypted with 0 can only be decrypted, the copyright of the content can be protected.

(Structure of Content Distribution System: Second Embodiment) Next, the structure of the content distribution system according to the second embodiment will be described with reference to FIG.
As shown in FIG. 8, the content distribution system 1B is a system for distributing content from a provider to a user similarly to the content distribution system 1 (see FIG. 1), but the user registration terminal 80 is a third system other than the provider. It is a system that is installed in an institution (third institution) and registers the CAS card in the third institution.

This content distribution system 1B is the third
The user registration terminal 80 and the user key issuing server 41 connected to the intranet 3B of the institution are connected to the gateway (G
W) 5B, and further connected to the Internet 7. Since other configurations are the same as those of the content distribution system 1 of FIG. 1, the same reference numerals as those shown in FIG. 1 are given and the description thereof is omitted.

The user key issuing server 41, in the third institution other than the provider, encrypts the user identification number UID, which is the identification number unique to the user, and the content based on the request from the user registration terminal 80. Public key (user public key Kup) for encrypting the content key, which is the common key of the user, and a private key (user private key Kus) for decrypting the encrypted content key (encrypted content key). ) Is issued.

With this configuration, in the content distribution system 1B, the user key issuing server 41 causes the user identification number UID, the user public key Kup, and the user public key Kup by operating the user registration terminal 80 of the third organization. User public key Kup
Is issued, and the user identification number UID and the user public key Kup are written in the CAS card by a card writing device (not shown) connected to the user registration terminal 80.
Further, the content distribution system 1B notifies and registers the user identification number UID and the user public key Kup issued by the user key issuing server 41 to the user management database 60 on the provider side.

As a result, it becomes possible to register the user by issuing the personal information of the user at the third institution other than the provider and registering the information in the CAS card.
In this case, the key issuing server 40 determines that the user public key K
A public key (provider public key Kpp) for encrypting information (for example, user identification number UID) written in the CAS card C ₁ of the content reproduction apparatus 90 without issuing up and the user public key Kup. , And a private key for decrypting the encrypted information (provider private key K
ps) only.

[0118]

As described above, the content distribution method, the content distribution server and the program thereof, the content reproduction apparatus and the program thereof, the content user registration server and the program thereof and the method thereof according to the present invention are excellent as follows. Produce an effect.

According to the inventions of claim 1, claim 4, claim 6 to claim 8, when the content to be charged is distributed via the network, a third party such as a credit card company Without authenticating the user with
It becomes possible to directly make a contract between the provider and the user to settle the charge. Therefore, it is possible to protect the privacy of the user who receives the content. Further, since the provider does not need to make a contract with the credit card company, the cost for the contract can be eliminated, and the burden of the cost on the user can be reduced.

According to the second or fifth aspect of the present invention, since the provider can verify the payment ability for the user's billing, the verification by a third party such as a credit card company is unnecessary, Eliminates the cost of the provider to contract with the credit card company,
The cost burden on the user can be reduced.

According to the third aspect of the invention, the user identification number and the user public key transmitted from the content reproduction device to the content distribution server are encrypted by the provider public key (distributor public key) generated by the provider. It can be decrypted only with the provider private key (distributor private key) held by the provider, so security can be maintained. Furthermore, since this provider public key is generated for each content distribution request, security on the network can be further strengthened.

According to the invention described in claims 9 to 11, when the user of the CAS card used in the conventional conditional access system is registered, the personal information for distributing the contents on the network is simultaneously registered in the CAS card. Therefore, it is possible to provide the content distribution by the network using the conditional access system without increasing the time and effort for user registration.

[Brief description of drawings]

FIG. 1 is a block diagram showing a configuration of a content distribution system according to a first embodiment of the present invention.

FIG. 2 is a block diagram showing a configuration of a user registration server according to the embodiment of the present invention.

FIG. 3 is a flowchart showing an operation of the user registration server according to the exemplary embodiment of the present invention.

FIG. 4 is a block diagram showing a configuration of a content distribution server according to the exemplary embodiment of the present invention.

FIG. 5 is a block diagram showing a configuration of a content reproduction device according to an embodiment of the present invention.

FIG. 6 is a flowchart (1/2) showing the operation of the content distribution method according to the embodiment of the present invention.

FIG. 7 is a flowchart (2/2) showing the operation of the content distribution method according to the embodiment of the present invention.

FIG. 8 is a block diagram showing a configuration of a content distribution system according to a second embodiment of the present invention.

[Explanation of symbols]

1, 1B: Content distribution system 3 ... Intranet 5 ... Gateway (GW) 7 ... Internet 10 ... User registration server 11 …… Identification number issuing means 12 …… User key issuing means 13 ... Database registration means 14 ... Identification card registration means 20 ... Content distribution server 21 ... Provider key issuing means 22 ... User information decoding means 23 ... User authentication means 24 ... Payment capability verification means 25 ... Content key encryption means 26. Multiplex transmission means 90: Content playback device 91: Content requesting means 92 ... User information encryption means 93 ... Reception separation means 94: Content key decryption means 95: Content decryption means 96: Card writing means C: CAS card (identification card)

   ─────────────────────────────────────────────────── ─── Continued front page    (72) Inventor Ituro Murota             1-10-11 Kinuta, Setagaya-ku, Tokyo, Japan             Broadcasting Association Broadcast Technology Institute (72) Inventor Tsuyoshi Otake             1-10-11 Kinuta, Setagaya-ku, Tokyo, Japan             Broadcasting Association Broadcast Technology Institute F-term (reference) 5B085 AA08 AE02 AE09 AE23 AE29                       BC02 BE04 BG02 BG03 BG07                 5J104 AA07 KA05 NA36 PA10 PA14

Claims (11)

[Claims] 1. A user public key for encrypting at least a content key used for encrypting content, a user private key for decrypting the content key, and a user identification number unique to each user. The content reproduction device receives a content distribution request from a content reproduction device provided with an identification card in which the content registration server and the content reproduction server encrypts the requested content with the content key, and transmits the encrypted content via the network. A method of delivering content to a user, wherein in the content delivery server, management information of the user is registered based on the user identification number and the user public key transmitted from the content reproduction device. A user authentication step of authenticating the user himself / herself by a user management database; Content key encryption step of encrypting the content key with a public key to obtain an encrypted content key, and multiplexing to multiplex the encrypted content and the encrypted content key to the content reproduction device as multiplexed encrypted content An encrypted transmission step, a receiving and separating step of receiving the multiplexed encrypted content and separating the multiplexed encrypted content into the encrypted content and the encrypted content key in the content reproducing apparatus, and the receiving and separating step A content key decryption step of obtaining the content key by decrypting the encrypted content key separated by the user secret key, and a content key decrypted by the content key decryption step of the encrypted content separated by the reception separation step. Content decryption step to decrypt with Content delivery method characterized in that it comprises a. 2. A payment status management database that stores the payment status of the fee for the paid content includes a payment capacity verification step of verifying the payment capacity for the billing of the user, and only when the payment capacity is verified. The content distribution method according to claim 1, wherein the content is distributed to the content reproduction device. 3. In the user authentication step, at least one or more of the user identification number and the user public key transmitted from the content reproduction device are distributed by the content distribution server in advance. 3. The content distribution method according to claim 1, wherein the content distribution method is encrypted with a public key of a person and decrypted with a private key of a distributor of the content distribution server. 4. A user public key for encrypting at least a content key used for encrypting content, a user private key for decrypting the content key, and a user identification number unique to each user. A content distribution server that distributes encrypted content, which is obtained by encrypting the content with the content key, to the content reproduction apparatus via a network based on a content distribution request from the content reproduction apparatus including an identification card in which Then, based on the user identification number and the user public key transmitted from the content reproduction device, the user management database in which management information of the user is registered is used to authenticate the user himself / herself. User authentication means, and encrypts the content key with the user public key to obtain an encrypted content key A content key encryption unit, the content distribution server, characterized in that the said encrypted content and the encrypted content key by multiplexing and a, a multiplexing transmission means for transmitting to said content reproduction apparatus. 5. The payment capability verification means for verifying the payment capability for the charge of the user by a payment status management database that stores the payment status of the fee for the paid content is set forth in claim 4. Content distribution server. 6. A user public key for encrypting at least a content key used for encrypting content, a user private key for decrypting the content key, and a user identification number unique to each user. In order to distribute the encrypted content, which is obtained by encrypting the content with the content key, to the content reproducing apparatus via a network based on a content distribution request from the content reproducing apparatus having an identification card in which the A user authentication database in which management information of the user is registered based on the user identification number and the user public key transmitted from the content reproduction device. Person authenticating means, a content that encrypts the content key with the user public key to obtain an encrypted content key The key encryption means, the content distribution program for causing to function as the encrypted content and the encrypted content key multiplexing transmission means multiplexes and transmits to said content reproducing apparatus as. 7. A user public key for encrypting at least a content key used for encrypting content, a user private key for decrypting the content key, and a user identification number unique to each user. And an encrypted content key encrypted from the content distribution server, and an encrypted content key encrypted by the user public key. Is a content reproducing device for reproducing the content by receiving the encrypted encrypted content and the encrypted content key by separating the encrypted content and the encrypted content key. Content key recovery to obtain the content key by decrypting the encrypted content key separated by the reception / separation means with the user private key Content reproducing apparatus characterized by comprising: means, and a content decryption means for decrypting at decrypted content key by the content key decrypting means the separated encrypted content by the reception separating means. 8. A user public key for encrypting at least a content key used for encrypting content, a user private key for decrypting the content key, and a user identification number unique to each user. And an encrypted content key encrypted from the content distribution server, and an encrypted content key encrypted by the user public key. Receiving via the network and reproducing the content, a computer receives the multiplexed encrypted content and separates the encrypted content and the encrypted content key into a receiving and separating means. Content key decryption means for decrypting the encrypted content key separated by the separation means with the user private key to obtain a content key Content playback program for causing to function encrypted content separated by the reception separating unit as the contents decoding means for decoding at decrypted content key by the content key decryption means. 9. A content user registration server for registering management information of users who view contents in a user management database for accumulating the management information and an identification card for identifying the users, wherein the user Identification number issuing means for issuing a unique user identification number for each, a user public key for encrypting the content key used for encrypting the content, and decrypting the encrypted content key A user key issuing means for issuing a user private key, the user identification number issued by the identification number issuing means, and the user public key issued by the user key issuing means for the user Database registration means for registering in a management database, the user identification number issued by the identification number issuing means, and the user key issuing means More it issued the user public key and the user private key, the content user registration server, which comprises an identification card registration means for registering the identification card to notify the card writing device. 10. A computer unique to each user for registering management information of a user who views and listens to a content to a user management database that stores the management information and an identification card that identifies the user. Identification number issuing means for issuing a user identification number, a user public key for encrypting a content key used for encrypting the content, and a user private key for decrypting the encrypted content key Registering the user key issuing means for issuing, and the user identification number issued by the identification number issuing means and the user public key issued by the user key issuing means in the user management database. Database registration means, the user identification number issued by the identification number issuing means, and the user key issued by the user key issuing means Serial The user public key and the user private key, the content user registration program for causing to function as an identification card registration means for registering the identification card to notify the card writing device. 11. A content user registration method for registering management information of a user who views content in a user management database for storing the management information and an identification card for identifying the user, wherein: An identification number issuing step of issuing a unique user identification number for each, a user public key for encrypting a content key used to encrypt the content, and a decryption of the encrypted content key A user key issuing step of issuing a user private key; the user identification number issued in the identification number issuing step; and the user public key issued in the user key issuing step, A database registration step of registering in a management database, and a user identification number parallel issued by the identification number issuing step. An identification card registration step of notifying a card writing device of the user public key and the user private key issued by the user key issuing step and registering the identification card in the identification card. Content user registration method.