JP2005301515A - Content reproduction system, license management device for use therewith, and content reproduction device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a content reproduction system capable of controlling the reproduction of resources in the order intended by a content producer. <P>SOLUTION: The content reproduction system 2 for reproducing content comprising a plurality of encrypted resources includes a renderer 22 for decrypting and reproducing the resources, and a DRM client 21 that manages the license needed to decrypt the resources. The license includes as preprocess information the information about processes that should be implemented prior to the decrypting of the resources. The desired resources are decrypted only if the processes designated by the preprocess information have already been implemented when the renderer 22 desires the decrypting of the resources. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to a system for reproducing content, and more particularly to a system for reproducing multimedia content composed of a plurality of resources.

  In a digital rights management (DRM: Digital Rights Management) system, multimedia content is composed of a plurality of encrypted resources. Hereinafter, unless otherwise specified, the term “content” refers to multimedia content. For example, when one content is a Web page, the resource is a still image constituting the Web page.

In the DRM system, a license is required to play back content. The license is composed of a content key for decrypting each encrypted resource and a use condition defining a condition for using the content. The content reproduction system determines whether or not the usage conditions are satisfied prior to content reproduction. When the usage conditions are satisfied, the content reproduction system decrypts each resource with the content key included in the license and reproduces the content.
JP 2003-283486 A JP 2001-202088 A Warwick Ford, Michael Baum, "Digital Signatures and Cryptography", Pearson Education, 1997

  In the conventional content reproduction system, if the license is owned, each resource constituting the content can be freely used. For example, one piece of JPEG data constituting the content could be used for wallpaper or the like regardless of the use of the content. In addition, a content playback system that has a license for legitimately viewing content created by a certain broadcaster refers to JPEG data included in the content created by the broadcaster by content created by another broadcaster. If so, the JPEG data could be reproduced. Therefore, the conventional content reproduction system has a problem that resources are used in an order contrary to the intention of the content creator.

  Patent Document 1 discloses a technique for reproducing contents in series by performing multiple encryption in order from the contents to be finally reproduced. However, the technique described in Patent Document 1 allows flexible reproduction of resources. Could not be controlled.

  Therefore, an object of the present invention is to provide a content reproduction system capable of controlling the reproduction of resources in an order that matches the intention of the content creator.

  In order to solve the above problems, the present invention has the following features. The present invention relates to a content playback system for playing back content composed of a plurality of encrypted resources, a content playback device that decrypts and plays back resources, and a license required to decrypt the resources. A license management device for managing, and the license includes information on processing to be executed before decrypting the resource as preprocessing information, and when the content reproduction device desires to decrypt the resource, the preprocessing information The desired resource is decrypted only when the process specified in is completed.

  As a result, the desired resource is played back only when the processing specified by the preprocessing information included in the license has been executed. Therefore, the content creator can specify the item to be processed before reproducing the resource as the pre-processing information, so that the content can be reproduced so as to match the intention. Conversely, the content cannot be played back against the intention.

  Preferably, the preprocessing information is information related to the order in which the resources are reproduced, and is specified by the preprocessing information to be reproduced before reproducing the desired resource when the content reproduction apparatus desires to decrypt the resource. The desired resource may be decrypted only if the resource has been played.

  As a result, if the resources are not played in the resource order specified by the content creator, the resources cannot be played back, so the resource playback order is controlled to match the intention of the content creator. be able to.

  More preferably, the license management apparatus stores a resource ID storage unit that stores an identifier related to a resource corresponding to a content key that has been transmitted to the content reproduction apparatus, and a resource ID stored in the resource ID storage unit. Based on the identifier and the preprocessing information, the resource reproduction completion determination unit that determines whether or not the resource to be reproduced has been reproduced before reproducing the desired resource, and the resource reproduction completion determination unit Only when it is determined that the resource to be played back has been played before playing back the resource, the content key transmitting means for sending the content key necessary for decrypting the desired resource to the content playback device may be included.

  As a result, the identifier of the resource that was played back last time is held in the license management apparatus, so that it is easy to identify the resource that must be played back one time specified in the preprocessing information. .

  For example, the preprocessing information is a list relating to the order in which a plurality of resources are played back, and the resource played back determination means refers to the list to recognize the identifier of the resource to be played back before playing back the desired resource. If the recognized resource identifier matches the resource identifier stored in the resource ID storage means, it may be determined that the resource to be reproduced has been reproduced before the desired resource is reproduced.

  For example, the pre-processing information is a flag indicating whether or not playback should be performed in a playback order according to a predetermined rule, and the resource playback completion determination unit refers to the flag and the playback order is determined according to a predetermined rule. If the playback order is specified according to a predetermined rule, the identifier of the resource to be played is recognized before playing the desired resource, and the recognized resource identifier When the resource identifier stored in the resource ID storage means matches, it may be determined that the resource to be played has been played before playing the desired resource.

  For example, the pre-processing information is an identifier related to the resource to be reproduced immediately before that is associated with each resource, and the resource reproduction determination means includes the identifier of the resource stored in the resource ID storage means, the desired When the identifier related to the resource to be played back in advance corresponding to the resource that has been matched matches the resource to be played back, it may be determined that the resource to be played back has been played back.

  For example, the pre-processing information is an identifier that uniquely identifies a resource to be reproduced from the same and different contents before reproducing the content to which the desired resource belongs, and the resource reproduction completion determination unit is stored in the resource ID storage unit When the identifier of the resource being played matches the identifier specified in the preprocessing information, it may be determined that the resource to be played back has been played before playing back the desired resource.

  For example, the identifier specified in the preprocessing information may be an identifier that uniquely identifies the commercial.

  As a result, the content is not reproduced unless the commercial is viewed before.

  Preferably, when the reproduction of the resource is requested, the license management apparatus transmits a content key and preprocessing information corresponding to the resource to the content reproduction apparatus, and the content reproduction apparatus reproduces the resource that has been reproduced immediately before The resource ID storage means for storing the identifier relating to the resource, and the resource to be reproduced before reproducing the desired resource has been reproduced with reference to the resource identifier and preprocessing information stored in the resource ID storage means Only when the resource replay determination means and the resource replay determination means determine that the resource to be replayed before replaying the desired resource has been replayed, the license management apparatus And decryption means for decrypting the desired resource using the content key that has been provided. Good.

  As a result, since the identifier of the resource that was played back last time is held in the content playback device, it becomes easy to identify the resource that must be played back one time specified in the preprocessing information. .

  For example, the preprocessing information is a playback order list related to the order in which a plurality of resources are played back, and when the license management apparatus is requested to play back a resource, the license management apparatus plays back the content key and playback order list corresponding to the resource. The resource reproduction completion judging means transmits to the apparatus, refers to the reproduction order list, recognizes the identifier of the resource to be reproduced before reproducing the desired resource, recognizes the identifier of the recognized resource, and the resource ID storage means If the identifier of the resource stored in the above matches the resource identifier, it may be determined that the resource to be reproduced has been reproduced before the desired resource is reproduced.

  For example, the pre-processing information is a flag indicating whether or not playback should be performed in a playback order according to a predetermined rule, and the resource playback completion determination unit refers to the flag and the playback order is determined according to a predetermined rule. If the playback order is specified according to a predetermined rule, the identifier of the resource to be played is recognized before playing the desired resource, and the recognized resource identifier When the resource identifier stored in the resource ID storage means matches, it may be determined that the resource to be played has been played before playing the desired resource.

  For example, the preprocessing information is an identifier related to a resource to be played back one time that is associated with each resource, and the license management apparatus, when requested to play back a resource, includes a content key corresponding to the resource. The identifier specified by the preprocessing information is transmitted to the content playback device, and the resource playback completion determination means includes the resource identifier stored in the resource ID storage means and the identifier specified by the preprocessing information. If they match, it may be determined that the resource to be played has been played before playing the desired resource.

  For example, the pre-processing information is an identifier that uniquely identifies a resource to be reproduced before reproducing the content to which the desired resource belongs, from the same and different contents, and the license management apparatus receives a resource reproduction request , The content key corresponding to the resource and the identifier specified by the preprocessing information are transmitted to the content playback device, and the resource playback completion determination means includes the resource identifier stored in the resource ID storage means and the preprocessing. When the identifier specified by the information matches, it may be determined that the resource to be played has been played before playing the desired resource.

  For example, the identifier specified in the preprocessing information may be an identifier that uniquely identifies the commercial.

  As a result, the content is not reproduced unless the commercial is viewed before.

  Preferably, the preprocessing information is information relating to a license to be used before the resource is played back, and when the content playback device desires to decrypt the resource, the license specified in the preprocessing information is already used. Only in certain cases, the desired resource may be decrypted.

  As a result, if the license that should be used immediately before specified by the content creator is not used, the resource cannot be played back. Therefore, the license usage order should be adjusted so that it matches the intention of the content creator. Can be controlled.

  For example, the license management apparatus stores a desired resource based on a license ID storage unit that stores an identifier related to a license used immediately before, and a license identifier and preprocessing information stored in the license ID storage unit. The license usage determination means for determining whether or not the license to be used before playback has been used and the license usage determination means have already used the license to be used before playing back the desired resource. Only when it is determined that there is a content key, it may include content key transmission means for transmitting a content key necessary for decrypting the desired resource to the content reproduction apparatus.

  As a result, the identifier of the license used immediately before is held in the license management apparatus, so that it becomes easy to identify the license that must be used immediately before specified in the preprocessing information. .

  For example, when a resource reproduction is requested, the license management apparatus transmits a content key and preprocessing information corresponding to the resource to the content reproduction apparatus, and the content reproduction apparatus uses the identifier of the license used immediately before. Whether or not a license to be used before reproducing a desired resource has been used based on the license ID storage means for storing the license, and the identifier and preprocessing information of the license stored in the license ID storage means Necessary for decrypting the desired resource only when the license used determining means and the license used determining means determine that the license to be used before playing the desired resource is already used. Content key transmitting means for transmitting a valid content key to the content playback device Good.

  As a result, since the identifier of the license used immediately before is held in the content reproduction apparatus, it becomes easy to identify the license that must be used immediately before specified in the preprocessing information. .

  Preferably, the preprocessing information is information relating to a content key to be acquired before playing back the resource, and when the content playback device desires to decrypt the resource, the content key specified in the preprocessing information is used as the content key. Only when the playback device has been acquired, the desired resource should be decrypted.

  Thereby, if the content key specified in the preprocessing information has not been acquired, the resource is not reproduced. Specifying the content key that the content creator wants to obtain before playing back the resource is the same as specifying the resource that the content creator wants to play before playing the resource. Therefore, it is possible to control resource playback in an order that matches the intention of the content creator.

  For example, at least a part of the content key of the resource is encrypted with the content key of the other resource, and the pre-processing information is a content key encryption method related to the content key of the other resource that is encrypting the content key of the resource When the content reproduction device desires to reproduce the resource, the license management device transmits the content key corresponding to the resource and the content key encryption method list to the content reproduction device, and the content reproduction device has already acquired Referring to the content key storage means for storing the content key and the content key encryption method list transmitted from the license management device, the content key necessary for decrypting the content key of the desired resource is recognized. Content key recognition means and content key recognition means The content key determining means for determining whether or not all the content keys recognized by the content key storing means are stored, and all the content keys recognized by the content key recognizing means are stored by the content key determining means. If the content key of the desired resource is determined to be decrypted with the content key stored in the content key storage means, the resource decryption decrypts the desired resource with the decrypted content key. Means.

  For example, at least a part of the content key of the resource is encrypted with the content key of the other resource, and the pre-processing information is the other content that encrypts the content key of the resource associated with each resource. Content key encryption method information related to a content key of a resource. When the content reproduction device desires to reproduce a resource, the license management device transmits a content key corresponding to the resource and the content key encryption method information to the content reproduction device The content playback device decrypts the content key encryption of the desired resource with reference to the content key storage means for storing the acquired content key and the content key encryption method information transmitted from the license management device. Content key recognition that recognizes the content key required to The content key recognized by the content key recognizing means, the content key determining means for determining whether or not all the content keys recognized by the content key recognizing means are stored in the content key storage means, and the content key recognizing means When it is determined that all the content keys are stored, the content key encryption of the desired resource is decrypted with the content key stored in the content key storage means, and the desired content key is decrypted. Resource decryption means for decrypting the resource may be included.

  For example, at least a part of the content key of the resource is encrypted with the content key of the other resource according to a predetermined rule, and the content key of the resource associated with each resource is specified as the preprocessing information. A content key encryption state flag related to whether or not the content is encrypted according to the rule, and when the content reproduction device desires to reproduce the resource, the license management device includes a content key corresponding to the resource, a content key encryption state flag, Is transmitted to the content reproduction apparatus, and the content reproduction apparatus refers to the content key storage unit that stores the acquired content key and the content key encryption state flag transmitted from the license management apparatus, and Content required to decrypt the content key A content key recognizing unit for recognizing the key, a content key determining unit for determining whether or not all the content keys recognized by the content key recognizing unit are stored in the content key storing unit, and a content key determining unit, When it is determined that all the content keys recognized by the content key recognition unit are stored, the content key encryption of the desired resource is decrypted with the content key stored in the content key storage unit and decrypted. And a resource decrypting means for decrypting a desired resource with the content key.

  For example, at least a part of the resource is encrypted with a plurality of content keys, the preprocessing information is a resource encryption method list for the content key that is encrypting the resource, and the license management device is a content playback device. When reproduction of a resource is desired, the content key corresponding to the resource and the resource encryption method list are transmitted to the content reproduction device, the content reproduction device stores content key storage means for storing the acquired content key, license management A content key recognizing unit for recognizing a content key necessary for decrypting the encryption of a desired resource with reference to the resource encryption method list transmitted from the device, and a content key recognized by the content key recognizing unit are , All stored in the content key storage means When it is determined by the content key determination means that determines whether or not all the content keys recognized by the content key recognition means are stored by the content key determination means, the encryption of the desired resource is stored in the content key storage means And a resource decrypting means for decrypting with the content key stored in.

  For example, at least a part of the resource is encrypted with a plurality of content keys, and the preprocessing information is resource encryption method information regarding the content key that encrypts the resource associated with each resource, When the content reproduction device desires to reproduce the resource, the license management device transmits the content key corresponding to the resource and the resource encryption method information to the content reproduction device, and the content reproduction device stores the acquired content key. Content key storage means, content key recognition means for recognizing a content key necessary for decrypting a desired resource with reference to the resource encryption method information transmitted from the license management device, and a content key The content key recognized by the recognition means is the content key A content key determining unit that determines whether or not all of the content keys recognized by the content key recognizing unit are stored by the content key determining unit that determines whether or not all of the content keys are stored in the storage unit; Resource decryption means for decrypting the encryption of the resource with the content key stored in the content key storage means may be included.

  For example, at least a part of a resource is encrypted with a plurality of content keys according to a predetermined rule, and the preprocessing information is a resource encryption related to whether or not the resource is encrypted according to a predetermined rule for each resource. When the content reproduction device desires to reproduce the resource, the license management device transmits a content key and a resource encryption state flag corresponding to the resource to the content reproduction device. Content key recognition means for recognizing a content key necessary for decrypting a desired resource with reference to a content key storage means for storing the content key and a resource encryption status flag transmitted from the license management device Means and the contents recognized by the content key recognition means. It is determined by the content key determination unit that determines whether or not all the content keys are stored in the content key storage unit, and all the content keys recognized by the content key recognition unit are stored by the content key determination unit. In this case, it is preferable to include resource decryption means for decrypting the encryption of the desired resource with the content key stored in the content key storage means.

  The present invention also relates to a license management apparatus for managing a license necessary for decrypting a resource in a content playback system for playing back content composed of a plurality of encrypted resources. A license is stored that includes, as pre-processing information, information relating to processing that should be executed before execution.

  The present invention is also a content playback apparatus that decrypts and plays back a resource in a content playback system for playing back content composed of a plurality of encrypted resources, and is necessary for decrypting the resource. The license includes information related to the processing that should be executed before decrypting the resource as preprocessing information, and only when the processing specified in the preprocessing information has been executed when the resource is desired to be decrypted Decrypting the desired resource.

  According to the present invention, a desired resource is played back only when the processing specified by the preprocessing information included in the license has been executed. Therefore, the content can be reproduced so as to match the intention of the content creator. On the contrary, the content cannot be reproduced in a manner contrary to the intention. Therefore, it is possible to flexibly control the playback order of resources.

(First embodiment)
FIG. 1 is a block diagram showing a functional configuration of the entire content distribution system to which the content reproduction system according to the first embodiment of the present invention is applied. In FIG. 1, the content distribution system includes a DRM server 1, a content reproduction system 2, and an output device 3.

  The DRM server 1 is a computer system, and transmits a license to the content reproduction system 2 using a SAC (Secure Authenticated Channel) protocol.

  The content reproduction system 2 is a computer system for reproducing content using a license transmitted from the DRM server 1. The content may be distributed from the DRM server 1 to the content reproduction system 2 or may be distributed from another computer system to the content reproduction system 2. The content reproduction system 2 includes a DRM client 21 that is a license management device, a renderer 22 that is a content reproduction device, and a content storage unit 23. The content storage unit 23 stores encrypted content (hereinafter referred to as encrypted content). The DRM client 21 and the renderer 22 are tamper-resistant so that processing can be performed securely, and may be implemented as a single computer system, or may be implemented in different computer systems. Typically, the DRM client 21 is mounted on a security module such as an IC card, and the renderer 22 is mounted on a tamper-resistant LSI in the content reproduction system.

  The output device 3 is a device for outputting an image and / or sound of the content reproduced by the content reproduction system 2.

  In the first embodiment, the license has a data structure different from the conventional one. FIG. 2 is a diagram illustrating a license data structure according to the first embodiment. In FIG. 2, the license includes a license ID, usage conditions, preprocessing information, a resource ID, and a content key corresponding to each resource ID.

  The usage conditions include information on whether or not quality conversion is possible, information on analog copy control, information on the validity period, information on the number of uses, and information on the cumulative usage time. Note that the information included in the use conditions mentioned here is merely an example, and other information may be included in the use conditions.

  The preprocessing information includes a list that defines a resource playback order (hereinafter referred to as a resource playback order list). The difference is that the pre-processing information is included in the license. Note that the preprocessing information may be included in the use conditions. In the example illustrated in FIG. 2, the resource playback order list defines that resources should be played back in the order of resource 1, resource 2, and resource N. The preprocessing information is information regarding processing that should be executed before decrypting a certain resource. Here, it is specified in the preprocessing information that the resource 1 should be reproduced before the decryption of the resource 2. Further, it is specified in the preprocessing information that the resource 2 should be reproduced before the decryption of the resource N.

  In the example illustrated in FIG. 2, the content keys of the resources 1 to N are stored corresponding to the IDs of the resources 1 to N.

  FIG. 3 is a sequence diagram showing an outline of the operation of the entire content distribution system shown in FIG. The outline of the operation of the entire content distribution system will be described below with reference to FIG. Note that the sequence shown in FIG. 3 is a sequence that is common to embodiments other than the first embodiment, and that is not partly performed in the first embodiment in consideration of use in other embodiments. Is also described. Annotations are added for such operations.

  A GUI / user application (not shown) makes a content reproduction start request to the renderer 22 (step S1).

  In response to the playback start request from the GUI / user application, the DRM client 21 and the renderer 22 perform a SAC process to construct a safe communication path (step S2).

  Next, the renderer 22 requests the DRM client 21 to start content playback (step S3).

  In response to the reproduction start request from the renderer 22, the DRM client 21 performs a predetermined determination process (step S4). In this determination processing, it is determined whether the license usage conditions are satisfied and whether the processing specified by the preprocessing information has been executed.

  Next, the DRM client 21 performs a predetermined recording process (step S5). In this recording process, the license ID used in response to the current reproduction start request, the resource ID of the resource to be reproduced, and the like are recorded. The object to be recorded differs depending on the embodiment.

  Next, the DRM client 21 transmits a renderer usage condition including a content key and preprocessing information to the renderer 22 according to the result of the determination process (step S6).

  In response to the notification of the content key and renderer usage conditions from the DRM client 21, the renderer 22 performs a predetermined determination process (step S7). In this determination process, it is determined whether the renderer usage conditions are satisfied.

  Next, the renderer 22 performs a predetermined recording process (step S8). Whether or not this recording process is performed will be apparent from the following description of the embodiment. In the first embodiment, this recording process is not performed. In the recording process, the license ID, the resource ID of the resource to be reproduced, and the like are recorded. The object to be recorded differs depending on the embodiment.

  Finally, the renderer 22 decrypts the resource to be played using the content key (hereinafter referred to as “put”), decrypts the decrypted resource (hereinafter referred to as “decode”), and sends the video and video to the output device 3. / Or output voice (step S9).

  In terms of hardware, the DRM client 21 includes a CPU, a storage device that stores a license, a memory that stores a program executed by the CPU, and a communication device. The DRM client 21 implements a desired function by executing the program on the CPU. The DRM client 21 may be configured by an integrated circuit having the following functions (see FIG. 4). In this case, it may consist of one integrated circuit or a plurality of integrated circuits. This is the same for the other embodiments.

  FIG. 4 is a block diagram showing a functional configuration of the DRM client 21 that is executing the program. 4, the DRM client 21 includes a use condition processing unit 211, a SAC processing unit 212, a preprocessing information determination unit 213, a license interpretation unit 214, and a storage unit 215.

  The storage unit 215 is a recording device such as a hard disk drive for storing licenses, public key certificates, private keys, and CRLs. The public key certificate, private key, and CRL are information necessary for transmission / reception of a message using the public key SAC. Note that information other than the public key certificate, private key, and CRL is required when sending and receiving messages using the common key SAC. The common key SAC is detailed in Non-Patent Document 1.

  The SAC processing unit 212 transmits and receives messages to and from the renderer 22 using the public key certificate, private key, and CRL stored in the storage unit 215 using the SAC protocol. When there is a content key transmission request from the renderer 22, the SAC processing unit 212 passes the transmission request to the license interpretation unit 214.

  When there is a content key transmission request from the renderer 22, the license interpretation unit 214 acquires the license stored in the storage unit 215, extracts the usage condition from the license, and uses the usage condition processing unit 211. And preprocessing information is extracted from the license and passed to the preprocessing information determination unit 213.

  The usage condition processing unit 211 determines whether or not license usage is permitted based on the usage conditions passed from the license interpretation unit 214. When determining that the use of the license is permitted, the use condition processing unit 211 requests the preprocessing information determination unit 213 to determine the preprocessing information. Further, the usage condition processing unit 211 generates a renderer usage condition from the usage condition, and passes the generated renderer usage condition to the preprocessing information determination unit 213. On the other hand, when it is determined that the use of the license is not permitted, the use condition processing unit 211 transmits a message to that effect to the renderer 22 via the SAC processing unit 212.

  The preprocessing information determination unit 213 stores a resource ID corresponding to the content key transmitted immediately before to the renderer 22. When the use condition processing unit 211 requests the preprocessing information determination unit 213 to determine the preprocessing information, the preprocessing information determination unit 213 determines the content key according to the resource reproduction order included in the preprocessing information transmitted from the license interpretation unit 214. It is determined whether or not transmission is performed. When the content key is transmitted according to the resource reproduction order included in the preprocessing information, the preprocessing information determination unit 213 uses the license stored in the storage unit 215 to specify the resource ID for which the reproduction start request has been made. The corresponding content key is acquired, and the content key and the renderer usage conditions are transmitted to the renderer 22 via the SAC processing unit 212. If the content key is not transmitted according to the resource playback order included in the preprocessing information, the preprocessing information determination unit 213 sends a message indicating that the content key cannot be transmitted via the SAC processing unit 212. To the renderer 22.

  The renderer 22 includes, in terms of hardware, a CPU, a storage device that stores information necessary for SAC processing, a memory that stores a program executed by the CPU, and a communication device. The renderer 22 realizes a desired function by executing the program by the CPU. The renderer 22 may be configured by an integrated circuit having the following functions (see FIG. 5). In this case, it may consist of one integrated circuit or a plurality of integrated circuits. This is the same for the other embodiments.

  FIG. 5 is a block diagram showing a functional configuration of the renderer 22 executing the program. In FIG. 5, the renderer 22 includes a renderer usage condition processing unit 221, a SAC processing unit 222, a renderer usage condition interpretation unit 225, a storage unit 226, and a decryption / decoding unit 227.

  The storage unit 226 is a recording device such as a hard disk drive for storing a public key certificate and a private key. The public key certificate and the private key are information necessary for sending and receiving messages using the public key SAC. Since the renderer 22 is a revoked device, the renderer 22 has no CRL. Note that information other than the public key certificate and the private key is required when sending and receiving messages using the common key SAC. The common key SAC is detailed in Non-Patent Document 1.

  The SAC processing unit 222 performs message transmission / reception with the DRM client 21 using the public key certificate and private key stored in the storage unit 226 using the SAC protocol. When the renderer use condition and the content key are transmitted from the DRM client 21, the SAC processing unit 222 passes the renderer use condition to the renderer use condition interpretation unit 225 and passes the content key to the decryption / decode unit 227.

  The renderer usage condition processing unit 221 determines whether or not the use of resources is permitted based on the renderer usage conditions passed from the renderer usage condition interpretation unit 225. If it is determined that the use of the resource is permitted, the decryption / decoding unit 227 is requested to decrypt and decode the resource.

  When the renderer usage condition processing unit 221 requests resource decryption and decoding, the decryption / decoding unit 227 reads out necessary resources from the content storage unit 23 and uses the content key passed from the SAC processing unit 222. Then, the resource is decrypted and decoded, and the output device 3 outputs video and / or audio.

  FIG. 6 is a flowchart showing the operation of the DRM client 21 according to the first embodiment. Hereinafter, the operation of the DRM client 21 according to the first embodiment will be described with reference to FIG.

  First, the DRM client 21 receives a notification of a license ID and a resource ID from the renderer 22 and receives a reproduction start request (step S101). As a premise, message exchange between the DRM client 21 and the renderer 22 is performed after a secure communication path is formed by the SAC protocol.

  Next, the DRM client 21 reads the license corresponding to the notified license ID, and acquires the usage conditions and the preprocessing information (step S102).

  Next, the DRM client 21 determines whether or not the license can be used based on the acquired usage conditions (step S103). If the license is not available, the DRM client 21 transmits an NG message indicating that the license cannot be used to the renderer 22 (step S104). On the other hand, if it is available, the DRM client 21 proceeds to the operation of step S105.

  In step S105, the DRM client 21 refers to the preprocessing information, and identifies the ID of the resource to be played back immediately before the resource to be played back and the ID of the held resource (played back immediately before It is determined whether or not (resource ID) matches. That is, the DRM client 21 determines whether or not the content key related to the resource to be played back immediately before specified in the resource playback order list as the preprocessing information has been transmitted to the renderer 22.

  If they do not match, it means that the resource specified in the preprocessing information has not been played. At this time, the DRM client 21 transmits an NG message to the renderer 22 (step S104).

  On the other hand, if they match, it means that the resource specified in the preprocessing information has been played. At this time, the DRM client 21 records the notified license ID and resource ID (step S106). The resource ID recorded here becomes the ID of the resource reproduced immediately before used in step S105. Thereafter, the DRM client 21 generates a renderer use condition based on the use condition, transmits the renderer use condition and the content key corresponding to the resource to be played back to the renderer 22 (step S107), and ends the process.

  FIG. 7 is a flowchart showing the operation of the renderer 22 according to the first embodiment. Hereinafter, the operation of the renderer 22 according to the first embodiment will be described with reference to FIG.

  First, the renderer 22 determines whether or not the message sent from the DRM client 21 is a renderer usage condition (step S201).

  If it is not the renderer usage condition, the renderer 22 performs processing according to the content of the message (step S202). For example, in the case of an NG message, the renderer 22 causes the output device 3 to output that the license cannot be used.

  On the other hand, if the renderer usage condition is satisfied, the renderer 22 determines whether or not the renderer usage condition is satisfied (step S203).

  If it is determined that the renderer usage condition is not satisfied, the renderer 22 causes the output device 3 to output that the resource cannot be used (step S204).

  On the other hand, when it is determined that the renderer usage condition is satisfied, the renderer 22 uses the content key sent from the DRM client 21 to decrypt and decode the resources stored in the content storage unit 23, and outputs the output device. 3 (step S205), and the process is terminated.

  As described above, according to the first embodiment, the DRM client can respond to the resource for which the reproduction start request is made only when the resource is requested to be reproduced according to the resource reproduction order specified by the preprocessing information. The key will be sent to the renderer. Therefore, on the renderer side, the desired resource can be decrypted and decoded only when the resource specified in the preprocessing information has been reproduced. As a result, the playback order of resources can be restricted so as to match the intention of the content creator. By defining the playback order between resources in the playback order list, the playback order of resources can be flexibly controlled.

  In the first embodiment, the determination of the preprocessing information is performed only by the DRM client, but may be performed only by the renderer. In this case, when a renderer is represented by a functional block, a preprocessing information determination unit is added to the renderer. In addition, the preprocessing information may be determined by overlapping both the DRM client and the renderer.

  Note that a resource ID may be embedded in the resource with a digital watermark. In this case, the renderer may be provided with a digital watermark interpretation unit, and the digital watermark interpretation unit may interpret the digital watermark embedded in the resource and acquire the resource ID.

  Needless to say, there may be resources for which the playback order is not specified.

  In the first embodiment, the playback order of resources is specified in the playback order list. However, the order of resource IDs is defined in advance as the playback order, and the playback order list is stored. A flag indicating whether or not to perform the reproduction in the predetermined order may be set in an area within a license. As a result, when the flag is on, the DRM client recognizes that the order of the resource IDs is the reproduction order, determines whether or not preprocessing is performed in the same manner as described above, and transmits the content key. Specifically, the DRM client refers to the flag and determines whether or not the playback order is specified according to a predetermined rule. When the playback order is specified according to a predetermined rule, the DRM client recognizes the identifier of the resource to be played before playing back the desired resource, and stores the identifier of the recognized resource and the stored resource If the identifier matches, the resource to be reproduced is determined to have been reproduced before the desired resource is reproduced.

(Second Embodiment)
In the second embodiment, since the configuration and operation of the entire system are the same as those in the first embodiment, FIG. 1 and FIG. 3 are used. In the second embodiment as well, the recording process (step S8) in FIG. 3 is not performed as in the first embodiment. The hardware configuration of the DRM client 21 and the renderer 22 is the same as that in the first embodiment. In the second embodiment, an operation when the DRM client 21 and the renderer 22 are executing a predetermined program on the CPU will be described.

  FIG. 8 is a diagram showing a data structure of a license in the second embodiment of the present invention. In FIG. 8, the license in the second embodiment includes a license ID, a use condition, a resource ID, a content key corresponding to each resource ID, and preprocessing information corresponding to the resource ID. Here, the preprocessing information indicates the ID of a resource to be reproduced one before the corresponding resource ID.

  The operation of the DRM client 21 according to the second embodiment is similar to the operation of the DRM client 21 according to the first embodiment. Accordingly, FIG. 6 is used in the second embodiment. Hereinafter, the operation of the DRM client 21 according to the second embodiment will be described with reference to FIG.

  First, the DRM client 21 receives a reproduction start request by receiving the license ID and the resource ID from the renderer 22 (step S101). Next, the DRM client 21 reads the license corresponding to the license ID, and acquires the usage conditions and the preprocessing information (step S102).

  Next, the DRM client 21 determines whether or not the acquired usage conditions are satisfied (step S103).

  If the usage condition is not satisfied, the DRM client 21 transmits an NG message to the renderer 22 (step S104).

  On the other hand, when the use condition is satisfied, the DRM client 21 determines whether or not the process specified by the preprocessing information has been executed (step S105). Specifically, the DRM client 21 recognizes the held resource ID. The DRM client 21 recognizes the resource ID specified in the reproduction start request. The DRM client 21 refers to the preprocessing information and recognizes the resource ID to be played before the resource ID specified by the playback start request. In addition, when the held resource ID matches the resource ID to be reproduced before, the DRM client 21 determines that the process specified by the preprocessing information has been executed.

  If the process specified in the preprocessing information has not been executed, the DRM client 21 transmits an NG message to the renderer (step S104).

  On the other hand, when the process specified by the pre-processing information has been executed, the DRM client 21 records the notified license ID and resource ID (step S106), and generates a renderer usage condition based on the usage condition. Then, the content key corresponding to the renderer usage condition and the resource to be reproduced is transmitted to the renderer 22 (step S107), and the process is terminated.

  Since the operation of the renderer according to the second embodiment is the same as the operation of the renderer in the first embodiment, FIG. 7 is used and description thereof is omitted.

  As described above, according to the second embodiment, the DRM client only plays back the resource to be played back one time specified by the preprocessing information before playing the resource to be played. Therefore, the content key corresponding to the resource for which the reproduction start request is made is transmitted to the renderer. Therefore, on the renderer side, the desired resource can be decrypted and decoded only when the resource specified in the preprocessing information has been reproduced. As a result, the playback order of resources can be limited so as to match the intention of the content creator.

  In the second embodiment, the determination of the preprocessing information is performed only by the DRM client. However, it may be performed only by the renderer, or the preprocessing information is duplicated by both the DRM client and the renderer. A determination may be made.

  Needless to say, there may be resources for which the playback order is not specified.

  In the second embodiment, the ID of the resource to be played back is specified immediately before the corresponding resource ID. However, the order of the resource ID is defined in advance as the playback order. The flag indicating whether or not the reproduction is performed in the predetermined order is set in the area in the license in which the ID of the resource to be reproduced immediately before the corresponding resource ID is stored. Also good. As a result, when the flag is on, the DRM client recognizes that the order of the resource IDs is the reproduction order, determines whether or not preprocessing is performed in the same manner as described above, and transmits the content key. Specifically, the DRM client refers to the flag and determines whether or not the playback order is specified according to a predetermined rule. When the playback order is specified according to a predetermined rule, the DRM client recognizes the identifier of the resource to be played before playing back the desired resource, and stores the identifier of the recognized resource and the stored resource If the identifier matches, the resource to be reproduced is determined to have been reproduced before the desired resource is reproduced.

(Third embodiment)
In the third embodiment, since the configuration and operation of the entire system are the same as those in the first embodiment, FIG. 1 and FIG. 3 are used. Also in the third embodiment, the recording process (step S8) in FIG. 3 is not performed as in the first embodiment. The hardware configuration of the DRM client 21 and the renderer 22 is the same as that in the first embodiment. In the third embodiment, an operation when the DRM client 21 and the renderer 22 are executing predetermined programs on the CPU will be described.

  FIG. 9 is a diagram showing a license data structure according to the third embodiment of the present invention. In FIG. 9, the license according to the third embodiment includes a license ID, a use condition, preprocessing information, a resource ID, and a content key corresponding to each resource ID. Here, the preprocessing information indicates the ID of the license to be used immediately before.

  FIG. 10 is a flowchart showing the operation of the DRM client 21 according to the third embodiment. Hereinafter, the operation of the DRM client 21 according to the third embodiment will be described with reference to FIG.

  First, the DRM client 21 receives the reproduction start request by receiving the license ID and the resource ID from the renderer 22 (step S301). Next, the DRM client 21 reads the license corresponding to the license ID, and acquires the usage conditions and the preprocessing information (step S302).

  Next, the DRM client 21 determines whether or not the acquired usage conditions are satisfied (step S303).

  If the usage condition is not satisfied, the DRM client 21 transmits an NG message to the renderer 22 (step S304).

  On the other hand, when the use condition is satisfied, the DRM client 21 determines whether or not the process specified by the pre-process information has been executed (step S305). Specifically, the DRM client 21 recognizes the held license ID. The DRM client 21 refers to the preprocessing information and recognizes the license ID to be used before. In addition, if the license ID that is held matches the license ID that should be used before, the DRM client 21 determines that the processing specified in the preprocessing information has been executed.

  If the process specified in the preprocessing information has not been executed, the DRM client 21 transmits an NG message to the renderer 22 (step S304).

  On the other hand, when the process specified by the preprocessing information has been executed, the DRM client 21 records the license ID specified by the reproduction request (step S306), and generates the renderer usage condition based on the usage condition. Then, the content key corresponding to the renderer usage condition and the resource to be reproduced is transmitted to the renderer 22 (step S307), and the process is terminated.

  Since the operation of the renderer according to the third embodiment is the same as the operation of the renderer according to the first embodiment, FIG.

  As described above, according to the third embodiment, the DRM client uses the license to be used immediately before the usage target license is used, which is specified in the preprocessing information. Only the content key corresponding to the resource for which the reproduction start request is made is transmitted to the renderer. Therefore, on the renderer side, the desired resource can be decrypted and decoded only when the resource specified in the preprocessing information has been reproduced. As a result, the playback order of resources can be limited so as to match the intention of the content creator.

  In the third embodiment, the determination of the preprocessing information is performed only by the DRM client. However, it may be performed only by the renderer, or the preprocessing information is duplicated by both the DRM client and the renderer. A determination may be made.

(Fourth embodiment)
In the fourth embodiment, since the configuration and operation of the entire system are the same as those in the first embodiment, FIG. 1 and FIG. 3 are used. In the fourth embodiment, the recording process (step S5) and the recording process (step S8) in FIG. 3 are not performed. The hardware configuration of the DRM client 21 and the renderer 22 is the same as that in the first embodiment. In the fourth embodiment, an operation when the DRM client 21 and the renderer 22 are executing a predetermined program on the CPU will be described.

  FIG. 11 is a diagram showing a license data structure according to the fourth embodiment of the present invention. In FIG. 11, the license according to the third embodiment includes a license ID, a use condition, preprocessing information, a resource ID, and a content key corresponding to each resource ID. Here, the preprocessing information is an identifier relating to a resource to which a global address to be viewed before playing back the content corresponding to the license is assigned. Hereinafter, an identifier related to a resource to which a global address is assigned is referred to as resource identification information. Here, the global address refers to an address uniquely assigned to a resource on the Internet, for example. The resource ID shown in the first or second embodiment is an identifier uniquely determined in the license, and is different from the resource identification information in the fourth embodiment.

  FIG. 12 is a flowchart showing the operation of the DRM client 21 according to the fourth embodiment. Hereinafter, the operation of the DRM client 21 according to the fourth embodiment will be described with reference to FIG.

  First, the DRM client 21 receives a reproduction start request by receiving, from the renderer, resource identification information, a license ID, and a resource ID related to the resource reproduced immediately before (step S401). Next, the DRM client 21 reads the license corresponding to the license ID, and acquires the usage conditions and the preprocessing information (step S402).

  Next, the DRM client 21 determines whether or not the acquired usage conditions are satisfied (step S403).

  If the usage condition is not satisfied, the DRM client 21 transmits an NG message to the renderer 22 (step S404).

  On the other hand, when the use condition is satisfied, the DRM client 21 determines whether or not the process specified by the preprocessing information has been executed (step S405). Specifically, the DRM client 21 refers to the preprocessing information and recognizes resource identification information related to a resource to be viewed in advance. The DRM client 21 determines whether the resource identification information sent from the renderer matches the recognized resource identification information. If they match, the DRM client 21 determines that the process specified in the preprocessing information has been executed.

  If the process specified in the preprocessing information has not been executed, the DRM client 21 transmits an NG message to the renderer 22 (step S404).

  On the other hand, when the process specified in the preprocessing information has been executed, the DRM client 21 generates a renderer usage condition based on the usage condition, and a content key corresponding to the renderer usage condition and the resource to be played back. Is transmitted to the renderer 22 (step S406), and the process is terminated.

  Since the operation of the renderer according to the fourth embodiment is the same as the operation of the renderer according to the first embodiment, FIG. 7 is used.

  As described above, according to the fourth embodiment, the DRM client should play back the resource identification information related to the resource played back before playing back the resource to be played back and the one specified in the preprocessing information. Only when the resource identification information regarding the resource matches, the content key corresponding to the resource for which the reproduction start request is made is transmitted to the renderer. Therefore, it is possible to provide a content reproduction system capable of reproducing content by linking a program with a resource to which a certain global address is assigned. A resource to which a global address is assigned is typically a commercial resource. By using a commercial-related resource as a resource to which a global address is assigned, a content playback system that cannot play back content unless a commercial is viewed is provided.

(Fifth embodiment)
In the fifth embodiment, since the configuration and operation of the entire system are the same as those in the first embodiment, FIG. 1 and FIG. 3 are used. In the fifth embodiment, the recording process (step S5) in FIG. 3 is not performed. The hardware configuration of the DRM client 21 and the renderer 22 is the same as that in the first embodiment. In the fifth embodiment, an operation when the DRM client 21 and the renderer 22 are executing a predetermined program on the CPU will be described.

  FIG. 13 is a diagram showing a data structure of a license according to the fifth embodiment of the present invention. In FIG. 13, the license according to the fifth embodiment includes a license ID, a use condition, a content key encryption method list, a resource ID, and a content key corresponding to each resource ID. Here, the content key encryption method list is a list indicating how each content key is encrypted, and is information on the content key to be acquired before reproducing the resource. The content key encryption method list corresponds to the preprocessing information. For example, in FIG. 13, E (K1, K2) indicates that the content key K2 is encrypted using the content key K1. Therefore, a resource that is decrypted using the content key K2 cannot be decrypted unless the content key K1 has been acquired.

  FIG. 14 is a diagram illustrating a data structure of a response message that is returned by the DRM client 21 according to the fifth embodiment of the present invention to the renderer 22 in response to a playback start request from the renderer 22. As illustrated in FIG. 14, the response message includes a renderer usage condition and a content key. The renderer usage conditions include usage conditions and a content key encryption method list. The content key encryption method list is a list indicating all content key encryption methods, and is the same as the content key encryption method list stored in the license. The content key is a content key corresponding to the resource ID specified in the reproduction start request from the renderer.

  FIG. 15 is a flowchart showing the operation of the DRM client 21 according to the fifth embodiment. Hereinafter, the operation of the DRM client 21 according to the fifth embodiment will be described with reference to FIG.

  First, the DRM client 21 receives the reproduction start request by receiving the license ID and the resource ID from the renderer (step S501). Next, the DRM client 21 reads the license corresponding to the license ID, and acquires the usage conditions and the preprocessing information (step S502).

  Next, the DRM client 21 determines whether or not the acquired usage conditions are satisfied (step S503).

  If the usage condition is not satisfied, the DRM client 21 transmits an NG message to the renderer (step S504).

  On the other hand, if the usage condition is satisfied, the DRM client 21 acquires the content key corresponding to the resource ID for which the reproduction start request has been made (step S505), and generates the renderer usage condition including the content key encryption method list. (Step S506). Next, the DRM client 21 combines the content key acquired in step S505 and the renderer usage conditions generated in step S506 and sends it as a response message to the renderer (step S507), and ends the process.

  FIG. 16 is a flowchart illustrating the operation of the renderer according to the fifth embodiment. The operation of the renderer according to the fifth embodiment will be described below with reference to FIG.

  First, the renderer receives a message from the DRM client 21 and determines whether it is an NG message or a response message (step S1001).

  If the message is an NG message, the renderer causes the output device to output that the reproduction is impossible (step S1002).

  On the other hand, if it is a response message, the renderer extracts the renderer usage conditions and the content key included in the response message (step S1003). Next, the renderer refers to the content key encryption method list in the renderer usage conditions, recognizes the content key necessary for decrypting the resource ID to be reproduced, and recognizes the content key necessary for decrypting. Then, it is searched whether there are all the recognized content keys in the held content key (step S1004).

  If all the content keys are not present, it means that the resource to be reproduced first is not reproduced, and the renderer proceeds to the operation of step S1002.

  On the other hand, if all the content keys are present, it means that the resource to be played first is being played back, so the renderer decrypts the content key of the resource to be played back using all the content keys. (Step S1005). Next, the renderer records the decrypted content key (step S1006). Next, the renderer uses the recorded content key to decrypt and decode the resource corresponding to the content key (step S1007).

  Thus, according to the fifth embodiment, the renderer plays back the playback target resource only when it holds all the content keys necessary to decrypt the content key of the playback target resource. Can do. Therefore, if there is a resource that the content creator wants to play in association with a certain resource, the content creator encrypts it with the content key of the resource that wants to play in association with the resource, so that the resource can be matched to the intention. Playback can be restricted.

  In the fifth embodiment, it is exemplified that the content key is encrypted only once. However, the content key may be encrypted twice or more. Needless to say, there may be an unencrypted content key.

(Sixth embodiment)
In the sixth embodiment, since the configuration and operation of the entire system are the same as those in the first embodiment, FIG. 1 and FIG. 3 are used. In the sixth embodiment, the recording process (step S5) in FIG. 3 is not performed. The hardware configuration of the DRM client 21 and the renderer 22 is the same as that in the first embodiment. In the sixth embodiment, an operation when the DRM client 21 and the renderer 22 are executing a predetermined program on the CPU will be described.

  FIG. 17 is a diagram showing a data structure of a license according to the sixth embodiment of the present invention. In FIG. 17, the license according to the sixth embodiment includes a license ID, a use condition, a resource ID, a content key corresponding to each resource ID, and information related to a content key encryption method corresponding to the resource ID. . The information on the content key encryption method indicates which content key is used to encrypt the content key of the corresponding resource, and is information on the content key that should be acquired before reproducing the resource. Information relating to the content key encryption method corresponds to preprocessing information. For example, in FIG. 17, E (K4, KN) indicates that the content key KN is encrypted using the content key K4. Therefore, a resource that is decrypted using the content key K2 cannot be decrypted unless the content key K1 has been acquired.

  FIG. 18 is a diagram illustrating a data structure of a response message returned from the DRM client 21 to the renderer 22 in response to a playback start request from the renderer 22 according to the sixth embodiment of the present invention. As illustrated in FIG. 18, the response message includes a renderer usage condition and a content key. The renderer usage conditions include usage conditions and information related to the content key encryption method. The content key is a content key corresponding to the resource ID specified in the reproduction start request from the renderer. The information regarding the content key encryption method is information indicating which content key is used to encrypt the content key, and is the same as that included in the license.

  The operation of the DRM client 21 according to the sixth embodiment is similar to the operation of the DRM client 21 according to the fifth embodiment. Accordingly, FIG. 15 is used in the sixth embodiment. Hereinafter, the operation of the DRM client 21 according to the sixth embodiment will be described with reference to FIG.

  The operations in steps S501 to S503 and in step S504 are the same as in the fifth embodiment.

  If it is determined in step S503 that the usage conditions are satisfied, the DRM client 21 acquires the content key corresponding to the resource ID for which the reproduction start request has been made (step S505), and the content key encryption corresponding to the resource ID A renderer usage condition including the method is generated (step S506). Thereafter, the DRM client 21 collects the content key acquired in step S505 and the renderer usage conditions generated in step S506, and transmits it as a response message to the renderer (step S507), and ends the process.

  The operation of the renderer according to the sixth embodiment is similar to the operation of the renderer according to the fifth embodiment. Therefore, FIG. 16 is used in the sixth embodiment. The operation of the renderer according to the sixth embodiment will be described below with reference to FIG.

  Steps S1001, S1002, and S1003 are the same as those in the fifth embodiment.

  In step S1004, the renderer refers to the information on the content key encryption method in the renderer usage conditions, and recognizes the content key necessary for decrypting the content key necessary for decrypting the resource ID to be played back. Then, it is searched whether there are all the recognized content keys in the held content key. The following operation is the same as that of the fifth embodiment.

  As described above, according to the sixth embodiment, the renderer reproduces the resource to be reproduced only when it holds all the content keys necessary for decrypting the content key of the resource to be reproduced. Can do. Therefore, if there is a resource that the content creator wants to play in association with a certain resource, the content creator encrypts it with the content key of the resource that wants to play in association with the resource, so that the resource can be matched to the intention. Playback can be restricted.

  In the sixth embodiment, the content key is encrypted only once. However, the content key may be encrypted twice or more. In this case, the content key requested in step S608 is two or more, and the content key acquired in step S609 is two or more. Then, decryption is performed in step S607 using three or more content keys. Needless to say, there may be an unencrypted content key.

(Seventh embodiment)
In the seventh embodiment, since the configuration and operation of the entire system are the same as those in the first embodiment, FIG. 1 and FIG. 3 are used. In the seventh embodiment, the recording process (step S5) in FIG. 3 is not performed. The hardware configuration of the DRM client 21 and the renderer 22 is the same as that in the first embodiment. In the seventh embodiment, an operation when the DRM client 21 and the renderer 22 are executing a predetermined program on the CPU will be described.

  FIG. 19 is a diagram showing a data structure of a license according to the seventh embodiment of the present invention. In FIG. 19, the license according to the seventh embodiment includes a license ID, a use condition, a resource ID, a content key corresponding to each resource ID, and information related to a content key encryption state corresponding to the resource ID. . The information regarding the content key encryption state is a flag indicating whether or not the content key is encrypted according to a predetermined rule. As a predetermined rule, for example, the content key of resource n may be encrypted with the content key of resource n-1. When this flag is set, the corresponding content key is encrypted according to the predetermined rule. Therefore, when this flag is set, the content key must be acquired before the resource is reproduced according to a predetermined rule. Information regarding the content key encryption state corresponds to pre-processing information. Here, the predetermined rule is to encrypt with the content key of the immediately preceding ID number, but the predetermined rule is not limited to this. Of course, it may be a rule that encryption is performed using a content key other than the immediately preceding ID number. The DRM client 21 only needs to know what rules are used.

  FIG. 20 is a diagram illustrating a data structure of a response message returned from the DRM client 21 to the renderer 22 in response to a reproduction start request from the renderer 22 according to the seventh embodiment of the present invention. As illustrated in FIG. 20, the response message includes a renderer usage condition and a content key. The renderer usage conditions include usage conditions and information related to the content key encryption state. The content key is a content key corresponding to the resource ID specified in the reproduction start request from the renderer. The information on the content key encryption state is a flag indicating whether or not the content key is encrypted according to a predetermined rule, and is the same as that of the license.

  The operation of the DRM client 21 according to the seventh embodiment is similar to the operation of the DRM client 21 according to the fifth embodiment. Accordingly, FIG. 15 is used in the seventh embodiment. Hereinafter, the operation of the DRM client 21 according to the seventh embodiment will be described with reference to FIG.

  The operations in steps S501 to S503 and in step S504 are the same as in the fifth embodiment.

  If it is determined in step S503 that the usage conditions are satisfied, the DRM client 21 acquires the content key corresponding to the resource ID for which the reproduction start request has been made (step S505), and the content key encryption corresponding to the resource ID A renderer usage condition including the state is generated (step S506). Thereafter, the DRM client 21 collects the content key acquired in step S505 and the renderer usage conditions generated in step S506, and transmits it as a response message to the renderer (step S507), and ends the process.

  The operation of the renderer according to the seventh embodiment is similar to the operation of the renderer according to the fifth embodiment. Accordingly, FIG. 16 is used in the seventh embodiment. Hereinafter, the operation of the renderer according to the seventh embodiment will be described with reference to FIG.

  Steps S1001, S1002, and S1003 are the same as those in the fifth embodiment.

  In step S1004, the renderer recognizes the content key necessary for decrypting the content key of the resource to be reproduced according to a predetermined rule with reference to the information on the content key encryption state in the renderer usage conditions, It is searched whether or not all the recognized content keys are included in the held content key. The following operation is the same as that of the fifth embodiment.

  Thus, according to the seventh embodiment, the renderer plays back the playback target resource only when it holds all the content keys necessary for decrypting the content key of the playback target resource. Can do. Therefore, if there is a resource that the content creator wants to play in association with a certain resource, the content creator can match the intention by encrypting with the content key of the resource to be played in association with the resource according to a predetermined rule. As a result, resource reproduction can be restricted.

  Needless to say, there may be resources that are not encrypted according to a predetermined rule.

(Eighth embodiment)
In the eighth embodiment, since the configuration and operation of the entire system are the same as those in the first embodiment, FIG. 1 and FIG. 3 are used. In the eighth embodiment, the recording process (step S5) in FIG. 3 is not performed. The hardware configuration of the DRM client 21 and the renderer 22 is the same as that in the first embodiment. In the eighth embodiment, an operation when the DRM client 21 and the renderer 22 are executing a predetermined program on the CPU will be described.

  FIG. 21 is a diagram showing a data structure of a license according to the eighth embodiment of the present invention. In FIG. 21, the license according to the eighth embodiment includes a license ID, a use condition, a resource encryption method list, a resource ID, and a content key corresponding to each resource ID. The resource encryption method list is a list indicating how the resource is encrypted, and is information regarding a content key that should be acquired before reproducing the resource. The resource encryption method list corresponds to preprocessing information. For example, in FIG. 21, E (K1, E (K2, C2)) indicates that the resource C2 is encrypted with the content key K2, and further encrypted with the content key K1. Therefore, it is necessary to acquire the content keys K1 and K2 for the decryption of the resource C2.

  FIG. 22 is a diagram illustrating a data structure of a response message returned from the DRM client 21 to the renderer 22 in response to a reproduction start request from the renderer 22 according to the eighth embodiment of the present invention. As illustrated in FIG. 22, the response message includes a renderer usage condition and a content key. The renderer use condition includes a use condition and a resource encryption method list. The content key is a content key corresponding to the resource ID specified in the reproduction start request from the renderer. The resource encryption method list is a list indicating how resources are encrypted, and is the same as that of the license.

  The operation of the DRM client 21 according to the eighth embodiment is similar to the operation of the DRM client 21 according to the fifth embodiment. Accordingly, FIG. 15 is used in the eighth embodiment. Hereinafter, the operation of the DRM client 21 according to the eighth embodiment will be described with reference to FIG.

  The operations in steps S501 to S503 and in step S504 are the same as in the fifth embodiment.

  If it is determined in step S503 that the usage conditions are satisfied, the DRM client 21 acquires a content key corresponding to the resource ID for which a reproduction start request has been made (step S505), and the renderer including the resource encryption method list. A usage condition is generated (step S506). Thereafter, the DRM client 21 collects the content key acquired in step S505 and the renderer usage conditions generated in step S506, and transmits it as a response message to the renderer (step S507), and ends the process.

  FIG. 23 is a flowchart showing the operation of the renderer 22 according to the eighth embodiment. Hereinafter, the operation of the renderer 22 according to the eighth embodiment will be described with reference to FIG.

  First, the renderer 22 receives a message from the DRM client 21, and determines whether it is an NG message or a response message (step S1101).

  If the message is an NG message, the renderer causes the output device to output a message indicating that reproduction is impossible (step S1102).

  On the other hand, if it is a response message, the renderer extracts the renderer usage conditions and the content key included in the response message (step S1103). Next, the renderer refers to the resource encryption method list in the renderer usage conditions, recognizes all the content keys necessary for decrypting the resource to be played, and recognizes the content key that is held. It is searched whether or not all the content keys that have been made exist (step S1104).

  If all content keys are not available, the renderer proceeds to the operation of step S1002.

  On the other hand, when there are all content keys, the renderer records the content key acquired in step S1103 (step S1105). Next, the renderer sequentially decrypts the data that has been multi-encrypted with all the content keys, using all the content keys, and decrypts the resource to be played back (step S1106). Next, the renderer decodes the decoded resource (step S1107).

  As described above, according to the eighth embodiment, the renderer can reproduce the reproduction target resource only when all the content keys necessary for decrypting the reproduction target resource are held. Therefore, if there is a resource that the content creator wants to play in association with a certain resource, the resource creator reproduces the resource so that it matches the intention by multiplexing the resource using the content key of the resource to be related. Can be limited.

  In the eighth embodiment, the resource is encrypted with two content keys as an example. However, the resource may be encrypted with three or more content keys. Of course, there may be a resource encrypted with only one content key.

(Ninth embodiment)
In the ninth embodiment, since the configuration and operation of the entire system are the same as those in the first embodiment, FIG. 1 and FIG. 3 are used. In the ninth embodiment, the recording process (step S5) in FIG. 3 is not performed. The hardware configuration of the DRM client 21 and the renderer 22 is the same as that in the first embodiment. In the ninth embodiment, an operation when the DRM client 21 and the renderer 22 are executing a predetermined program on the CPU will be described.

  FIG. 24 is a diagram showing a data structure of a license according to the ninth embodiment of the present invention. In FIG. 24, the license according to the ninth embodiment includes a license ID, a use condition, a resource ID, a content key corresponding to each resource ID, and information related to an encryption method corresponding to the resource ID. The information related to the encryption method indicates a method in which the resource with the corresponding resource ID is encrypted, and is information related to content that should be acquired before reproducing the resource. Information about the encryption method corresponds to preprocessing information. For example, in FIG. 24, E (K4, E (KN, CN)) indicates that the resource CN is encrypted with the content key KN and further encrypted with the content key K4. The resource CN cannot be decrypted unless the content keys K4 and KN have been acquired.

  FIG. 25 is a diagram illustrating a data structure of a response message returned from the DRM client 21 according to the ninth embodiment of the present invention to the renderer 22 in response to a playback start request from the renderer 22. As shown in FIG. 25, the response message includes a renderer usage condition and a content key. The renderer use condition includes a use condition and information related to a resource encryption method. The content key is a content key corresponding to the resource ID specified in the reproduction start request from the renderer. The information related to the resource encryption method is information indicating how the resource corresponding to the content key is encrypted, and is the same as that of the license.

  The operation of the DRM client 21 according to the ninth embodiment is similar to the operation of the DRM client 21 according to the fifth embodiment. Accordingly, FIG. 15 is used in the ninth embodiment. Hereinafter, the operation of the DRM client 21 according to the ninth embodiment will be described with reference to FIG.

  The operations in steps S501 to S503 and in step S504 are the same as in the fifth embodiment.

  If it is determined in step S503 that the usage conditions are satisfied, the DRM client 21 acquires a content key corresponding to the resource ID for which a reproduction start request has been made (step S505), and a renderer that includes information on the encryption method. A usage condition is generated (step S506). Thereafter, the DRM client 21 collects the content key acquired in step S505 and the renderer usage conditions generated in step S506, and transmits it as a response message to the renderer (step S507), and ends the process.

  The operation of the renderer according to the ninth embodiment is similar to the operation of the renderer according to the eighth embodiment. Accordingly, FIG. 23 is cited in the ninth embodiment. The operation of the renderer according to the ninth embodiment will be described below with reference to FIG.

  Steps S1101, S1102, and S1103 are the same as those in the eighth embodiment.

  In step S1104, the renderer recognizes the content key necessary for decrypting the content to be reproduced with reference to the information related to the encryption method, and all the recognized content keys exist in the held content key. Whether or not to do so is searched (step S1104).

  If all content keys are not available, the renderer proceeds to the operation of step S1102.

  On the other hand, when there are all content keys, the renderer records the content key acquired in step S1103 (step S1105). Next, the renderer sequentially decrypts the data that has been multi-encrypted with all the content keys, using all the content keys, and decrypts the resource to be played back (step S1106). Next, the renderer decodes the decoded resource (step S1107).

  As described above, according to the ninth embodiment, the renderer can reproduce the reproduction target resource only when all the content keys necessary for decrypting the reproduction target resource are held. Therefore, if there is a resource that the content creator wants to play in association with a certain resource, the resource creator reproduces the resource so that it matches the intention by multiplexing the resource using the content key of the resource to be related. Can be limited.

  In the ninth embodiment, the resource is encrypted by using two content keys. However, the resource may be encrypted by using three or more content keys. Of course, there may be a resource encrypted with only one content key.

(Tenth embodiment)
In the tenth embodiment, since the configuration and operation of the entire system are the same as those in the first embodiment, FIG. 1 and FIG. 3 are used. In the tenth embodiment, the recording process (step S5) in FIG. 3 is not performed. The hardware configuration of the DRM client 21 and the renderer 22 is the same as that in the first embodiment. In the tenth embodiment, an operation when the DRM client 21 and the renderer 22 are executing a predetermined program on the CPU will be described.

  FIG. 26 is a diagram showing a data structure of a license according to the tenth embodiment of the present invention. In FIG. 26, the license according to the tenth embodiment includes a license ID, a use condition, a resource ID, a content key corresponding to each resource ID, and information on the encryption state of the resource corresponding to the resource ID. . The encryption state of the resource is a flag indicating whether the resource is encrypted according to a predetermined rule. As the predetermined rule, for example, the resource n resource may be encrypted with the resource n-1 content key, and further encrypted with the resource n content key. When this flag is set, the corresponding resource is encrypted according to the predetermined rule. Therefore, when this flag is set, the content key must be acquired before the resource is reproduced according to a predetermined rule. Information about the encryption state corresponds to preprocessing information.

  FIG. 27 is a diagram illustrating a data structure of a response message returned from the DRM client 21 to the renderer 22 in response to a reproduction start request from the renderer 22 according to the tenth embodiment of the present invention. As shown in FIG. 27, the response message includes a renderer usage condition and a content key. The renderer usage conditions include usage conditions and information related to the encryption state of the resource. The content key is a content key corresponding to the resource ID specified in the reproduction start request from the renderer. The information regarding the encryption state of the resource is a flag indicating whether or not the resource is encrypted according to a predetermined rule, and is the same as that of the license.

  The operation of the DRM client 21 according to the tenth embodiment is similar to the operation of the DRM client 21 according to the fifth embodiment. Accordingly, FIG. 15 is used in the tenth embodiment. Hereinafter, the operation of the DRM client 21 according to the tenth embodiment will be described with reference to FIG.

  The operations in steps S501 to S503 and in step S504 are the same as in the fifth embodiment.

  If it is determined in step S503 that the usage conditions are satisfied, the DRM client 21 acquires a content key corresponding to the resource ID for which a reproduction start request has been made (step S505), and a renderer including information on the encryption state. A usage condition is generated (step S506). Thereafter, the DRM client 21 transmits the content key acquired in step S505 and the renderer usage conditions generated in step S506 to the renderer (step S507), and the process ends.

  The operation of the renderer according to the tenth embodiment is similar to the operation of the renderer according to the eighth embodiment. Therefore, FIG. 23 is used in the tenth embodiment. The operation of the renderer according to the tenth embodiment will be described below with reference to FIG.

  Steps S1101, S1102, and S1103 are the same as those in the eighth embodiment.

  In step S1104, the renderer refers to the information regarding the encryption state, recognizes the content key necessary for decrypting the content to be played back according to a predetermined rule, and recognizes all the recognized content keys as the held content keys. It is searched whether or not the content key exists.

  If all content keys are not available, the renderer proceeds to the operation of step S1102.

  On the other hand, when there are all content keys, the renderer records the content key acquired in step S1103 (step S1105). Next, the renderer sequentially decrypts the data that has been multi-encrypted with all the content keys, using all the content keys, and decrypts the resource to be played back (step S1106). Next, the renderer decodes the decoded resource (step S1107).

  As described above, according to the tenth embodiment, the renderer can reproduce the reproduction target resource only when all the content keys necessary for decrypting the reproduction target resource are held. Therefore, if there is a resource that the content creator wants to play in association with a certain resource, the content creator matches the intention by multiple-encrypting the resource using the content key of the resource to be related according to a predetermined rule. Thus, resource reproduction can be restricted.

(Eleventh embodiment)
In the eleventh embodiment, the configuration and operation of the entire system are the same as those in the first embodiment, and therefore FIG. 1 and FIG. 3 are used. In the eleventh embodiment, the recording process (step S5) in FIG. 3 is not performed. The hardware configuration of the DRM client 21 and the renderer 22 is the same as that in the first embodiment. In the eleventh embodiment, an operation when the DRM client 21 and the renderer 22 are executing a predetermined program on the CPU will be described.

  FIG. 28 is a diagram illustrating a data structure of a response message returned from the DRM client 21 according to the eleventh embodiment of the present invention to the renderer in response to a playback start request from the renderer. As shown in FIG. 28, the response message includes a renderer usage condition and a content key. The renderer usage conditions include usage conditions and preprocessing information. The preprocessing information includes a resource playback order list. The resource playback order list is the same as the resource playback order list in the first embodiment (see FIG. 2). That is, the resource playback order list defines the resource playback order. The content key is a content key corresponding to the resource ID specified in the reproduction start request from the renderer.

  FIG. 29 is a flowchart showing the operation of the DRM client 21 according to the eleventh embodiment. Hereinafter, the operation of the DRM client 21 according to the eleventh embodiment will be described with reference to FIG.

  First, the DRM client 21 receives a reproduction start request by receiving a license ID and resource ID notification from the renderer (step S701). Next, the DRM client 21 acquires a license corresponding to the notified license ID, and determines whether or not the usage condition is satisfied (step S702).

  If the usage condition is not satisfied, the DRM client 21 transmits an NG message to the renderer (step S703).

  On the other hand, if the usage conditions are satisfied, the DRM client 21 extracts the usage conditions and preprocessing information from the license, extracts the content key corresponding to the resource ID specified in the playback start request, A single response message is generated and transmitted to the renderer (step S704), and the process ends.

  FIG. 30 is a flowchart showing the operation of the renderer according to the eleventh embodiment. The operation of the renderer according to the eleventh embodiment will be described below with reference to FIG.

  First, the renderer receives a message from the DRM client 21 and determines whether it is an NG message or a response message (step S801).

  If the message is an NG message, the renderer causes the output device to output that the reproduction is impossible (step S802).

  On the other hand, if it is a response message, the renderer extracts the renderer usage conditions and the content key included in the response message (step S803). Next, the renderer determines whether or not the process specified by the preprocessing information has been executed (step S804). Specifically, the renderer recognizes the resource ID of the resource that was previously played back. The renderer recognizes the resource ID of the resource for which a playback start request has been made. The renderer refers to the resource playback order list and recognizes the ID of the resource to be played back immediately before the resource for which the playback request is made. The renderer determines that the processing specified in the preprocessing information has been executed when the held resource ID matches the ID of the resource to be played back immediately before the resource for which playback is requested. To do.

  If it is determined in step S804 that the process specified in the preprocessing information has not been executed, the renderer outputs to the output device that reproduction is not possible (step S802).

  On the other hand, if it is determined that the process specified in the preprocessing information has been executed, the renderer records the license ID and resource ID in the reproduction start request (step S805), and is included in the response message from the client. The desired resource is decrypted and decoded with the content key, and the resource is reproduced (step S806).

  Thus, according to the eleventh embodiment, the renderer can reproduce a desired resource only when the resource is requested to be reproduced in accordance with the resource reproduction order specified by the preprocessing information. Therefore, the playback order of resources can be limited so as to match the intention of the content creator.

  In the eleventh embodiment, the preprocessing information is determined only by the renderer. However, the preprocessing information may be determined by the DRM client.

  Note that, in the eleventh embodiment, when there is a playback start request from the renderer, the DRM client transmits only one content key of the resource to be played back, but all the licenses that are included in the notified license The content key may be sent together in a renderer.

  In the eleventh embodiment, the playback order of resources is specified in the playback order list. However, the order of resource IDs is defined in advance as the playback order, and the playback order list is stored. It is also possible to set a flag indicating whether or not the reproduction is performed in a predetermined order in an area within a license, and store this flag in the response message. As a result, when the flag is on, the renderer recognizes that the order of the resource IDs is the reproduction order, determines whether or not preprocessing is performed in the same manner as described above, and decrypts the desired resource. Decide if you can. Specifically, the renderer refers to the flag and determines whether or not the playback order is specified according to a predetermined rule. When the playback order is specified according to a predetermined rule, the renderer recognizes the identifier of the resource to be played before playing the desired resource, and identifies the identifier of the recognized resource and the stored resource. If the identifier matches, it is determined that the resource to be played has been played before playing the desired resource.

(Twelfth embodiment)
In the twelfth embodiment, the configuration and operation of the entire system are the same as those in the first embodiment, and therefore FIG. 1 and FIG. 3 are used. In the twelfth embodiment, the recording process (step S5) in FIG. 3 is not performed. The hardware configuration of the DRM client 21 and the renderer 22 is the same as that in the first embodiment. In the twelfth embodiment, an operation when the DRM client 21 and the renderer 22 are executing a predetermined program on the CPU will be described. Since the license stored in the DRM client 21 according to the twelfth embodiment is the same as that in the first or second embodiment, FIG. 2 or FIG. 8 is used.

  FIG. 31 is a diagram showing a data structure of a response message returned from the DRM client 21 to the renderer in response to a playback start request from the renderer according to the twelfth embodiment of the present invention. As illustrated in FIG. 31, the response message includes a renderer usage condition and a content key. The renderer usage conditions include usage conditions and preprocessing information. The preprocessing information is a resource ID of a resource that should be reproduced one before the resource corresponding to the content key. The content key is a content key corresponding to the resource ID specified in the reproduction start request from the renderer.

  The operation of the DRM client 21 according to the twelfth embodiment is similar to the operation of the DRM client 21 according to the eleventh embodiment. Therefore, FIG. 29 is used in the twelfth embodiment. Hereinafter, the operation of the DRM client 21 according to the twelfth embodiment will be described with reference to FIG.

  The operations in steps S701 to S702 and S703 are the same as in the eleventh embodiment. In step S704, the DRM client 21 extracts the usage conditions from the license, recognizes the ID of the resource to be played immediately before the resource for which the playback start request is requested, from the preprocessing information, and designates it by the playback start request. The content key corresponding to the resource ID is extracted, a response message in which the usage condition, the resource ID to be played back one time and the content key are combined into one is generated, and transmitted to the renderer.

  The operation of the renderer according to the twelfth embodiment is similar to the operation of the renderer according to the eleventh embodiment. Therefore, FIG. 30 is used in the twelfth embodiment. The operation of the renderer according to the twelfth embodiment will be described below with reference to FIG.

  The operations in steps S801, S802, and S803 are the same as those in the eleventh embodiment. In step S804, the renderer determines whether or not the process specified by the preprocessing information included in the renderer use condition has been executed. Specifically, the renderer recognizes the ID of the resource that is currently held and played back immediately before. Next, the renderer determines whether or not the recognized resource ID matches the resource ID that should be reproduced immediately before specified in the preprocessing information. If they match, the renderer determines that the processing specified in the preprocessing information has been executed. The subsequent operations in steps S805 to S806 are the same as those in the eleventh embodiment.

  Thus, according to the twelfth embodiment, the renderer can reproduce a desired resource only when a resource is requested to be reproduced in accordance with the resource reproduction order specified by the preprocessing information. Therefore, the playback order of resources can be limited so as to match the intention of the content creator.

  In the twelfth embodiment, the preprocessing information is determined only by the renderer. However, the preprocessing information may be determined by the DRM client.

  In the twelfth embodiment, the ID of the resource to be played back is specified immediately before the requested resource. However, the order of the resource ID is defined in advance as the playback order. Response by setting a flag indicating whether or not to perform reproduction in the predetermined order in an area in the license in which the ID of the resource to be reproduced immediately before the requested resource is stored This flag may be stored in the message. As a result, when the flag is on, the renderer recognizes that the order of the resource IDs is the reproduction order, determines whether or not preprocessing is performed in the same manner as described above, and decrypts the desired resource. Decide if you can. Specifically, the renderer refers to the flag and determines whether or not the playback order is specified according to a predetermined rule. When the playback order is specified according to a predetermined rule, the renderer recognizes the identifier of the resource to be played before playing the desired resource, and identifies the identifier of the recognized resource and the stored resource. If the identifier matches, it is determined that the resource to be played has been played before playing the desired resource.

(13th Embodiment)
In the thirteenth embodiment, the configuration and operation of the entire system are the same as those in the first embodiment, and therefore FIG. 1 and FIG. 3 are used. In the thirteenth embodiment, the recording process (step S5) in FIG. 3 is not performed. The hardware configuration of the DRM client 21 and the renderer 22 is the same as that in the first embodiment. In the thirteenth embodiment, an operation when the DRM client 21 and the renderer 22 are executing a predetermined program on the CPU will be described. Since the license stored in the DRM client 21 according to the thirteenth embodiment is the same as that in the third embodiment, FIG. 9 is used.

  FIG. 32 is a diagram illustrating a data structure of a response message returned from the DRM client 21 according to the thirteenth embodiment of the present invention to the renderer in response to a playback start request from the renderer. As shown in FIG. 32, the response message includes a renderer usage condition and a content key. The renderer usage conditions include usage conditions and preprocessing information. The preprocessing information is an ID of a license to be used immediately before. The content key is a content key corresponding to the resource ID specified in the reproduction start request from the renderer.

  The operation of the DRM client 21 according to the thirteenth embodiment is similar to the operation of the DRM client 21 according to the eleventh embodiment. Therefore, FIG. 29 is used in the thirteenth embodiment. Hereinafter, the operation of the DRM client 21 according to the thirteenth embodiment will be described with reference to FIG.

  The operations in steps S701 to S702 and S703 are the same as in the eleventh embodiment. In step S704, the DRM client 21 extracts usage conditions and preprocessing information (license ID to be used immediately before) from the license, and extracts a content key corresponding to the resource ID specified in the reproduction start request. Then, a response message in which these are combined is generated and transmitted to the renderer.

  The operation of the renderer according to the thirteenth embodiment is similar to the operation of the renderer according to the eleventh embodiment. Accordingly, FIG. 30 is used in the thirteenth embodiment. The operation of the renderer according to the thirteenth embodiment will be described below with reference to FIG.

  The operations in steps S801, S802, and S803 are the same as those in the eleventh embodiment. In step S804, the renderer determines whether or not the preprocessing information included in the renderer usage conditions is satisfied. Specifically, the renderer recognizes the license ID of the previous license that is currently held. The renderer determines whether or not the currently held license ID matches the license ID specified in the preprocessing information. If they match, the renderer determines that the processing specified in the preprocessing information has been executed. Thereafter, in step S805, the renderer records the license ID at the time of the reproduction start request, and proceeds to the operation of step S806 as in the eleventh embodiment.

  Thus, according to the thirteenth embodiment, the renderer can reproduce a desired resource only when the license specified in the preprocessing information is used before the resource is reproduced. Therefore, the use of the license can be restricted so as to match the intention of the content creator.

  In the thirteenth embodiment, the preprocessing information is determined only by the renderer. However, the preprocessing information may be determined by the DRM client.

(Fourteenth embodiment)
In the fourteenth embodiment, since the configuration and operation of the entire system are the same as those in the first embodiment, FIG. 1 and FIG. 3 are used. In the fourteenth embodiment, the recording process (step S5) in FIG. 3 is not performed. The hardware configuration of the DRM client 21 and the renderer 22 is the same as that in the first embodiment. In the fourteenth embodiment, an operation when the DRM client 21 and the renderer 22 are executing a predetermined program on the CPU will be described. Since the license stored in the DRM client 21 according to the fourteenth embodiment is the same as that in the fourth embodiment, FIG. 11 is used.

  FIG. 33 is a diagram illustrating a data structure of a response message that is returned by the DRM client 21 according to the fourteenth embodiment of the present invention to the renderer in response to a playback start request from the renderer. As shown in FIG. 33, the response message includes a renderer usage condition and a content key. The renderer usage conditions include usage conditions and preprocessing information. The preprocessing information is resource identification information related to a resource to which a global address to be viewed immediately before is assigned. The content key is a content key corresponding to the resource ID specified in the reproduction start request from the renderer.

  The operation of the DRM client 21 according to the fourteenth embodiment is similar to the operation of the DRM client 21 according to the eleventh embodiment. Therefore, FIG. 29 is used in the fourteenth embodiment. Hereinafter, the operation of the DRM client 21 according to the fourteenth embodiment will be described with reference to FIG.

  The operations in steps S701 to S702 and S703 are the same as in the eleventh embodiment. In step S704, the DRM client 21 extracts the usage conditions and preprocessing information (resource identification information related to the resource to be viewed immediately before) from the license, and corresponds to the resource ID specified in the reproduction start request. The content key is extracted, a message in which these are combined is generated, and transmitted to the renderer.

  FIG. 34 is a flowchart showing the operation of the renderer according to the fourteenth embodiment. The operation of the renderer according to the fourteenth embodiment will be described below with reference to FIG.

  First, the renderer receives a message from the DRM client 21 and determines whether it is an NG message or a response message (step S901).

  If the message is an NG message, the renderer causes the output device to output a message indicating that reproduction is not possible (step S902).

  On the other hand, if it is a response message, the renderer extracts the renderer usage conditions and the content key included in the response message (step S903). Next, the renderer determines whether or not the process specified by the preprocessing information has been executed (step S904). Specifically, the renderer recognizes resource identification information related to the resource that is currently held and played back immediately before. The renderer determines whether or not the resource identification information currently held matches the resource identification information specified in the preprocessing information. If they match, the renderer determines that the processing specified in the preprocessing information has been executed.

  If it is determined in step S904 that the process specified in the pre-processing information has not been executed, the renderer causes the output device to output that playback is not possible (step S902).

  On the other hand, if the renderer determines that the process specified in the pre-processing information has been executed, the renderer decrypts and decodes the desired resource with the content key included in the response message from the client. Playback is performed (step S905). Next, the renderer decodes the digital watermark of the resource, extracts the ID embedded in the resource (step S906), records the resource identification information (step S907), and ends the process.

  As described above, according to the fourteenth embodiment, the renderer can only select the desired resource when reproducing the resource to which the global address specified by the preprocessing information is reproduced before reproducing the desired resource. Can play the resource. Therefore, content can be generated by linking a program and a resource (typically a commercial) to which a certain global address is assigned.

  In the fourteenth embodiment, the preprocessing information is determined only by the renderer. However, the preprocessing information may be determined by the DRM client.

  Note that by allowing the renderer to generate a content key from the CM key, it is possible to force viewing of the CM before viewing the content. Also, by allowing the client to generate a content key from the CM key sent to the renderer, viewing of the CM can be forced before viewing the content. In this way, the resource playback order can also be controlled by enabling generation of another content key from the content key.

  The content reproduction system according to the present invention can control the reproduction of resources in an order that matches the intention of the content creator, and is useful in the field of content distribution and the like.

1 is a block diagram showing a functional configuration of an entire content distribution system to which a content reproduction system according to a first embodiment of the present invention is applied. The figure which shows the data structure of the license in 1st Embodiment. The sequence diagram which shows the outline of operation | movement of the whole content delivery system shown in FIG. A block diagram showing a functional configuration of the DRM client 21 executing the program A block diagram showing a functional configuration of the renderer 22 executing the program The flowchart which shows operation | movement of the DRM client 21 which concerns on 1st Embodiment. The flowchart which shows operation | movement of the renderer 22 which concerns on 1st Embodiment. The figure which shows the data structure of the license in the 2nd Embodiment of this invention. The figure which shows the data structure of the license in the 3rd Embodiment of this invention. The flowchart which shows operation | movement of the DRM client 21 which concerns on 3rd Embodiment. The figure which shows the data structure of the license in the 4th Embodiment of this invention. The flowchart which shows operation | movement of the DRM client 21 which concerns on 4th Embodiment. The figure which shows the data structure of the license based on the 5th Embodiment of this invention. The figure which shows the data structure of the response message which the DRM client 21 which concerns on the 5th Embodiment of this invention returns to the renderer 22 according to the reproduction | regeneration start request from the renderer 22. The flowchart which shows operation | movement of the DRM client 21 which concerns on 5th Embodiment. Flowchart showing the operation of the renderer according to the fifth embodiment The figure which shows the data structure of the license which concerns on the 6th Embodiment of this invention. The figure which shows the data structure of the response message which the DRM client 21 which concerns on the 6th Embodiment of this invention returns to the renderer 22 according to the reproduction | regeneration start request | requirement from the renderer 22 The figure which shows the data structure of the license based on the 7th Embodiment of this invention. The figure which shows the data structure of the response message which the DRM client 21 which concerns on the 7th Embodiment of this invention returns to the renderer 22 according to the reproduction | regeneration start request from the renderer 22. The figure which shows the data structure of the license based on the 8th Embodiment of this invention. The figure which shows the data structure of the response message which the DRM client 21 which concerns on the 8th Embodiment of this invention returns to the renderer 22 according to the reproduction | regeneration start request from the renderer 22. Flowchart showing the operation of the renderer 22 according to the eighth embodiment. The figure which shows the data structure of the license based on the 9th Embodiment of this invention. The figure which shows the data structure of the response message which the DRM client 21 which concerns on the 9th Embodiment of this invention returns to the renderer 22 according to the reproduction | regeneration start request from the renderer 22. The figure which shows the data structure of the license based on the 10th Embodiment of this invention. The figure which shows the data structure of the response message which the DRM client 21 which concerns on the 10th Embodiment of this invention returns to the renderer 22 according to the reproduction | regeneration start request from the renderer 22. The figure which shows the data structure of the response message which the DRM client 21 which concerns on the 11th Embodiment of this invention returns to a renderer according to the reproduction | regeneration start request | requirement from a renderer. A flowchart showing an operation of the DRM client 21 according to the eleventh embodiment. Flowchart showing the operation of the renderer according to the eleventh embodiment The figure which shows the data structure of the response message which the DRM client 21 which concerns on the 12th Embodiment of this invention returns to a renderer according to the reproduction | regeneration start request from a renderer. The figure which shows the data structure of the response message which the DRM client 21 which concerns on the 13th Embodiment of this invention returns to a renderer according to the reproduction | regeneration start request from a renderer. The figure which shows the data structure of the response message which the DRM client 21 which concerns on the 14th Embodiment of this invention returns to a renderer according to the reproduction | regeneration start request from a renderer. Flowchart showing the operation of the renderer according to the fourteenth embodiment

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 DRM server 2 Content reproduction system 3 Output device 21 DRM client 22 Renderer 23 Content storage part 211 Usage condition processing part 212,222 SAC processing part 213 Preprocessing information determination part 214 License interpretation part 215 Storage part 221 Renderer usage condition processing part 225 Renderer usage condition interpretation unit 226 Storage unit 227 Decrypt / decode unit

Claims (26)

A content reproduction system for reproducing content composed of at least one encrypted resource,
A content playback device that decrypts and plays back the resource;
A license management device for managing a license necessary for decrypting the resource,
The license includes information on processing to be executed before decrypting the resource as preprocessing information,
When the content reproduction apparatus desires to decrypt a resource, the desired resource is decrypted only when the process specified by the pre-processing information has been executed. The preprocessing information is information related to the order in which resources are played back,
When the content playback device desires to decrypt a resource, the desired resource is decrypted only when the resource specified in the preprocessing information to be played before playing the desired resource has been played. The content reproduction system according to claim 1, wherein: The license management device includes:
Resource ID storage means for storing an identifier relating to a resource corresponding to a content key that has been transmitted to the content playback device one time before;
Based on the resource identifier stored in the resource ID storage means and the preprocessing information, the resource playback completed for determining whether the resource to be played back before playing the desired resource has been played back Judgment means,
Only when the resource reproduction determination means determines that the resource to be reproduced before reproducing the desired resource has been reproduced, the content key necessary for decrypting the desired resource is reproduced. The content reproduction system according to claim 2, further comprising content key transmission means for transmitting to the device. The pre-processing information is a reproduction order list relating to an order of reproducing the plurality of resources;
The resource reproduction completion judging unit refers to the reproduction order list, recognizes an identifier of a resource to be reproduced before reproducing the desired resource, and recognizes the identifier of the recognized resource and the resource ID storage unit. 4. The content reproduction according to claim 3, wherein when the identifier of the stored resource matches, it is determined that the resource to be reproduced has been reproduced before reproducing the desired resource. system. The preprocessing information is a flag indicating whether or not to be reproduced in a reproduction order according to a predetermined rule,
The resource regeneration completion judging means refers to the flag, judges whether or not the reproduction order is designated according to a predetermined rule, and when the reproduction order is designated according to a predetermined rule, Recognizing an identifier of a resource to be reproduced before reproducing the desired resource, and when the identifier of the recognized resource matches the identifier of the resource stored in the resource ID storage means, the desired identifier The content reproduction system according to claim 3, wherein it is determined that the resource to be reproduced has been reproduced before the resource is reproduced. The preprocessing information is an identifier related to a resource to be reproduced immediately before that is associated with each resource,
The resource reproduction completion determination unit is configured such that an identifier of a resource stored in the resource ID storage unit matches an identifier related to a resource to be reproduced immediately before associated with the desired resource. The content reproduction system according to claim 3, wherein it is determined that a resource to be reproduced has been reproduced before reproducing the desired resource. The preprocessing information is an identifier that uniquely identifies a resource to be played before playing the content to which the desired resource belongs from the same and different content,
The resource reproduction completion judging means, before reproducing the desired resource, when the identifier of the resource stored in the resource ID storage means matches the identifier specified in the preprocessing information 4. The content reproduction system according to claim 3, wherein it is determined that the resource to be reproduced has been reproduced.   8. The content reproduction system according to claim 7, wherein the identifier specified by the preprocessing information is an identifier that uniquely identifies a commercial. When the reproduction of the resource is requested, the license management device transmits a content key corresponding to the resource and the preprocessing information to the content reproduction device,
The content playback device
Resource ID storage means for storing an identifier relating to a resource that has been played back one time before;
Resource playback for determining whether or not a resource to be played has been played before playing back the desired resource with reference to the resource identifier and the preprocessing information stored in the resource ID storage means And a means for judging
Only when the resource reproduction determination means determines that the resource to be reproduced before reproducing the desired resource has been reproduced, the content key sent from the license management apparatus is used. The content reproduction system according to claim 2, further comprising: decryption means for decrypting the desired resource. The pre-processing information is a reproduction order list relating to an order of reproducing the plurality of resources;
When the reproduction of the resource is requested, the license management device transmits a content key corresponding to the resource and the reproduction order list to the content reproduction device,
The resource reproduction completion judging unit refers to the reproduction order list, recognizes an identifier of a resource to be reproduced before reproducing the desired resource, and recognizes the identifier of the recognized resource and the resource ID storage unit. The content reproduction according to claim 9, wherein if the identifier of the stored resource matches, it is determined that the resource to be reproduced has been reproduced before reproducing the desired resource. system. The preprocessing information is a flag indicating whether or not to be reproduced in a reproduction order according to a predetermined rule,
The resource reproduction completion judging means refers to the flag to determine whether or not the reproduction order is designated according to a predetermined rule. When the reproduction order is designated according to a predetermined rule, Recognizing an identifier of a resource to be reproduced before reproducing the desired resource, and when the identifier of the recognized resource matches the identifier of the resource stored in the resource ID storage means, the desired identifier 10. The content reproduction system according to claim 9, wherein it is determined that the resource to be reproduced has been reproduced before reproducing the resource. The preprocessing information is an identifier related to a resource to be reproduced immediately before that is associated with each resource,
When the reproduction of the resource is requested, the license management device transmits a content key corresponding to the resource and an identifier specified by the preprocessing information to the content reproduction device,
The resource reproduction completion judging means, before reproducing the desired resource, when the identifier of the resource stored in the resource ID storage means matches the identifier specified in the preprocessing information The content reproduction system according to claim 9, wherein it is determined that the resource to be reproduced has been reproduced. The preprocessing information is an identifier that uniquely identifies a resource to be played before playing the content to which the desired resource belongs from the same and different content,
The license management device, when a reproduction request for the resource is made, transmits a content key corresponding to the resource and an identifier specified by the preprocessing information to the content reproduction device,
The resource reproduction completion judging means, before reproducing the desired resource, when the identifier of the resource stored in the resource ID storage means matches the identifier specified in the preprocessing information The content reproduction system according to claim 9, wherein it is determined that the resource to be reproduced has been reproduced.   14. The content reproduction system according to claim 13, wherein the identifier specified by the preprocessing information is an identifier that uniquely identifies a commercial. The pre-processing information is information related to a license that should be used before playing back resources.
2. The desired resource is decrypted only when the license specified in the preprocessing information is already used when the content reproduction apparatus desires to decrypt the resource. The content reproduction system described. The license management device includes:
A license ID storage means for storing an identifier relating to the license used immediately before;
Based on the license identifier stored in the license ID storage means and the preprocessing information, the license used to determine whether or not the license to be used before playing the desired resource is used Judgment means,
Only when the license usage determining means determines that the license to be used before reproducing the desired resource has already been used, the content key necessary for decrypting the desired resource is reproduced. The content reproduction system according to claim 15, further comprising content key transmission means for transmitting to the device. When the reproduction of the resource is requested, the license management device transmits a content key corresponding to the resource and the preprocessing information to the content reproduction device,
The content playback device
License ID storage means for storing the identifier of the license used immediately before;
Based on the license identifier stored in the license ID storage means and the preprocessing information, the license used to determine whether or not the license to be used before playing the desired resource is used Judgment means,
Only when the license usage determining means determines that the license to be used before reproducing the desired resource has already been used, the content key necessary for decrypting the desired resource is reproduced. The content reproduction system according to claim 15, further comprising content key transmission means for transmitting to the device. The preprocessing information is information relating to a content key that should be acquired before playing a resource,
When the content playback device desires to decrypt a resource, the desired resource is decrypted only when the content playback device has already acquired the content key specified in the preprocessing information. The content reproduction system according to claim 1. At least part of the content key of the resource is encrypted with the content key of another resource,
The preprocessing information is a content key encryption method list related to content keys of other resources that encrypt the content key of the resource,
When the content reproduction device desires to reproduce a resource, the license management device transmits a content key corresponding to the resource and the content key encryption method list to the content reproduction device,
The content playback device
Content key storage means for storing the acquired content key;
A content key recognizing means for recognizing a content key necessary for decrypting the content key encryption of the desired resource with reference to the content key encryption method list transmitted from the license management device;
Content key determination means for determining whether or not all the content keys recognized by the content key recognition means are stored in the content key storage means;
When the content key determination unit determines that all the content keys recognized by the content key recognition unit are stored, the encryption of the content key of the desired resource is stored in the content key storage unit. The content reproduction system according to claim 18, further comprising: a resource decrypting unit that decrypts the desired resource with the decrypted content key after decrypting with the content key. At least part of the content key of the resource is encrypted with the content key of another resource,
The preprocessing information is content key encryption method information related to content keys of other resources that are encrypting content keys of the resources associated with the resources,
When the content reproduction device desires to reproduce a resource, the license management device transmits a content key corresponding to the resource and the content key encryption method information to the content reproduction device,
The content playback device
Content key storage means for storing the acquired content key;
Referring to the content key encryption method information transmitted from the license management device, a content key recognizing means for recognizing a content key necessary for decrypting the encryption of the content key of the desired resource;
Content key determination means for determining whether or not all the content keys recognized by the content key recognition means are stored in the content key storage means;
When the content key determination unit determines that all the content keys recognized by the content key recognition unit are stored, the encryption of the content key of the desired resource is stored in the content key storage unit. The content reproduction system according to claim 18, further comprising: a resource decrypting unit that decrypts the desired resource with the decrypted content key after decrypting with the content key. At least part of the content key of the resource is encrypted with the content key of another resource according to a predetermined rule,
The preprocessing information includes a content key encryption state flag regarding whether or not the content key of the resource associated with each resource is encrypted according to the predetermined rule,
When the content reproduction device desires to reproduce a resource, the license management device transmits a content key corresponding to the resource and the content key encryption state flag to the content reproduction device,
The content playback device
Content key storage means for storing the acquired content key;
Referring to the content key encryption state flag transmitted from the license management device, a content key recognizing means for recognizing a content key necessary for decrypting the encryption of the content key of the desired resource;
Content key determination means for determining whether or not all the content keys recognized by the content key recognition means are stored in the content key storage means;
When the content key determination unit determines that all the content keys recognized by the content key recognition unit are stored, the encryption of the content key of the desired resource is stored in the content key storage unit. The content reproduction system according to claim 18, further comprising: a resource decrypting unit that decrypts the desired resource with the decrypted content key after decrypting with the content key. At least a portion of the resource is encrypted with a plurality of content keys;
The preprocessing information is a resource encryption method list related to a content key that encrypts the resource,
When the content reproduction device desires to reproduce a resource, the license management device transmits a content key corresponding to the resource and the resource encryption method list to the content reproduction device,
The content playback device
Content key storage means for storing the acquired content key;
A content key recognizing means for recognizing a content key necessary for decrypting the encryption of the desired resource with reference to the resource encryption method list transmitted from the license management device;
Content key determination means for determining whether or not all the content keys recognized by the content key recognition means are stored in the content key storage means;
The content key stored in the content key storage means when the content key determination means determines that all the content keys recognized by the content key recognition means are stored. The content reproduction system according to claim 18, further comprising: a resource decryption means for decrypting with At least a portion of the resource is encrypted with a plurality of content keys;
The preprocessing information is resource encryption method information relating to a content key that encrypts the resource associated with each resource,
When the content reproduction device desires to reproduce a resource, the license management device transmits a content key corresponding to the resource and the resource encryption method information to the content reproduction device,
The content playback device
Content key storage means for storing the acquired content key;
A content key recognizing means for recognizing a content key necessary for decrypting the cipher of the desired resource with reference to the resource encryption method information transmitted from the license management device;
Content key determination means for determining whether or not all the content keys recognized by the content key recognition means are stored in the content key storage means;
The content key stored in the content key storage means when the content key determination means determines that all the content keys recognized by the content key recognition means are stored. The content reproduction system according to claim 18, further comprising: a resource decryption means for decrypting with At least a part of the resource is encrypted with a plurality of content keys according to a predetermined rule,
The preprocessing information includes a resource encryption state flag regarding whether or not the resource is encrypted according to the predetermined rule for each resource,
When the content reproduction device desires to reproduce a resource, the license management device transmits a content key corresponding to the resource and the resource encryption state flag to the content reproduction device,
The content playback device
Content key storage means for storing the acquired content key;
Referring to the resource encryption state flag transmitted from the license management device, a content key recognition means for recognizing a content key necessary for decrypting the encryption of the desired resource;
Content key determination means for determining whether or not all the content keys recognized by the content key recognition means are stored in the content key storage means;
The content key stored in the content key storage means when the content key determination means determines that all the content keys recognized by the content key recognition means are stored. The content reproduction system according to claim 18, further comprising: a resource decryption means for decrypting with In a content reproduction system for reproducing content composed of a plurality of encrypted resources, a license management apparatus for managing a license necessary for decrypting the resource,
A license management apparatus, comprising: a license that includes, as preprocessing information, information relating to processing to be executed before the resource is decrypted. In a content playback system for playing back content composed of a plurality of encrypted resources, a content playback device that decrypts and plays back the resources,
The license necessary for decrypting the resource includes information on processing to be executed before decrypting the resource, as preprocessing information,
A content playback apparatus characterized by decrypting a desired resource only when the process specified by the pre-processing information has been executed when the resource is desired to be decrypted.

Images