JP2005346424A - Contents communication method, contents communication permission/prohibition determining program, and contents communication system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To prevent a second information apparatus taken away to a home network other than a home network, which is allowed to use contents and connected to a first information apparatus and the second information apparatus, from making access for continuous acquisition of contents, which is legally downloaded by the first information apparatus, from the first information apparatus. <P>SOLUTION: As to a gateway connecting the home network and the Internet together, a gateway capable of performing contents communication is associated. The number of communication limit from the home network not available to the contents and the number of continuous communication limit are provided. Based on the associated gateway, the number of communication limit, and the number of continuous communication limit, continuous contents communication from the external network is prevented. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  In the present invention, a network that is permitted to use content such as a home or an organization is defined. Usually, an information device used in the network is taken out of the network, and the taken out information device is connected to the network. When a content communication request is issued to another information device, it automatically determines whether or not the content communication is possible, and an unauthorized content user continuously uses the right information device to The present invention relates to a content communication method for preventing acquisition, a content communication availability determination program, and a content communication system.

  With the spread of the Internet, content such as music, games, and images can be downloaded to a personal information device through a content providing server or broadcast, or used for streaming communication with the content providing server. There are an increasing number of forms that use content.

  A content distributor who distributes content using a content providing server or the like generally makes a contract with a user who has purchased the content in advance so that the content is not distributed to a third party. A third party often indicates a person who has not purchased content or a person who is not included in the home or organization to which the person who purchased the content belongs.

  In conventional content distribution, content that can be copied is distributed, so a method that protects content from unauthorized copying by the user's conscience or law, and a method that enables content to be used only by the information device that received the content distribution A method has been adopted in which authentication is performed between an information device that has received a content distribution and an information device that uses the content to prevent unauthorized use of the content from the information device.

  Furthermore, as a mechanism that enables the use of content only within the home network, the key necessary for decrypting the encrypted content is shared between legitimate information devices connected to the home network. Therefore, means for preventing the use of contents from unauthorized information devices is also employed. Furthermore, there is a mechanism in which the key is not easily derived by generating the key using information embedded in the device of the information device and the public key block information.

  As a means for preventing unauthorized access to a device, a method using a public key certificate as shown in Patent Document 1 is used.

  In Patent Document 1, a recording medium in which an electronic certificate including an electronic certificate is stored is handed over to a user of an out-of-home device used outside the house, and the user uses the electronic certificate from the recording medium. Is downloaded to the external device. When the outside device accesses the home server, it digitally signs with a common key and transmits an electronic certificate including a user ID to the home server, and the home server receives the user ID. The authentication of the external device is disclosed by specifying and decrypting the common key from the above.

JP 2003-69561 A

A problem of the prior art for performing authentication between a first device that has downloaded content from a content provider or location and a second device that acquires and uses the content of the first device will be described. A user who is authorized to use content under a legitimate contract performs authentication processing with the first device that downloaded the content from the user's second device, and is suitable for content use through authentication. Receive a certificate certifying that the device is compatible. Once the certificate is received, the user's second device can communicate with the first device that downloaded the content from any location, and the content can be transferred to the first device at any time. Can be obtained from. Therefore, even if the user rents the second device to a third party, the third party may use the second device to continuously illegally acquire or use the content. There was a problem of being able to do it.

  Next, a description will be given of a problem of a mechanism for preventing content usage from an unauthorized device by sharing a key necessary for decrypting encrypted content among a plurality of devices. In this mechanism, a key for decrypting the content is generated by using the information embedded in the device of the device and the public key block information. Even in this case, if a legitimate user rents the device to a third party, or if the device is stolen, the device has a key to decrypt the content, so the third party continues. Could illegally use the content. Naturally, if the content provider is aware of unauthorized use of the content, it is possible to take measures such as changing the public key block information, but there is no mechanism for automatically restricting unauthorized use.

  The purpose of this application is to ensure that the first device that has downloaded the content properly and the second device that can communicate are continuously connected to the first device from outside the network that should originally exist, It is an invention that prevents content contained in a device from being acquired or used by communication.

The invention shown in the present application includes a first gateway that connects the first network and the second network, and a second gateway that connects the second network and the third network. Whether the content included in the first information device connected to the first network may be communicated to the second information device connected to the third network is determined by the first information device or the first information device. A content communication method determined by one gateway,
Associating in advance identification information of a plurality of gateways capable of communicating content, predetermining a total communication limit number of times that the second information device can communicate with the first network, and from the second information device, When the first information device or the first gateway receives a communication request for content contained in one information device, the communication record of the second information device previously accessing the first network is recorded. The communication log is used to count the number of times the second information device has been connected to the first network in the past, and the number of times counted is equal to or less than the total communication limit number and the associated gateway When the identification information of the first gateway and the identification information of the second gateway are associated with the identification information of And second information device, and permits the communication of content between the first information device.

  In the invention described in the present application, one or a plurality of information devices belonging to the first network permitted to use the content are taken out of the first network and are connected to the first network. When trying to access the contents of a device, the content communication can be controlled based on the number of times the second network to which the taken out information device is connected, or the number of times the first network is accessed via the second network. . As a result, the content is continuously used by a person who does not seem to be a legitimate user, such as when a legitimate user rents a device to a third party for a long period of time. Can be prevented. Also, by providing an access policy server, the content provider can monitor unauthorized use of content.

  An embodiment of a content communication system shown in the present invention is shown in FIG. The content communication availability determination program 11 in FIG. 1 is installed in an access policy server 22 connected to the Internet 21. A content communication availability determination program 24 is installed in the information device 14 in the home 12. A home network 13 exists in the home 12, and a home gateway 15 is provided to connect the home network 13 and the Internet 21. It is assumed that the home information device 14 connected to the home network 13 has already acquired content from the content providing server 20 through the Internet 21.

  A home network 17 exists in the home 16, and a home gateway 19 is provided to connect the home network 17 and the Internet 21. In this embodiment, it is assumed that an information device 18 that is originally connected to the home network 13 of the home 12 is brought into the home 16 and the information device 18 is for the home gateway 15 or a dedicated device. Assume that the device certificate distributed by the certificate authority is provided.

  In the present embodiment, an example in which the content 23 is provided from the content providing server 20 to the information device 14 via the Internet 21 is described. However, the present application can be applied even if the content 23 is provided through broadcasting. It is.

  Next, the configuration of the information device 14 will be described with reference to FIG. The information device 14 includes a hard disk 201, a control unit 202, and a transmission / reception unit 203. The hard disk 201 includes a device certificate 204 distributed in advance from the home gateway 15 or a dedicated device certificate authority (not shown). And a secret key 205 used for the encryption is stored. Further, the hard disk 201 stores a gateway CA certificate 206 received from the home gateway 15. This configuration is assumed to include the same configuration for any information equipment that can be used for content included in the present application.

  Next, the configuration of the home gateway 15 will be described with reference to FIG. The home gateway 15 receives information from the hard disk 301, the control unit 303, the Internet transmission / reception unit 302 that transmits / receives information to / from the Internet 21, the home network transmission / reception unit 304 that transmits / receives information to / from the home network 13, and the display 307. Are displayed, and an input unit 306 that receives information from the remote controller 308 is included. The hard disk 301 includes a gateway certificate 311 distributed in advance from a gateway certificate authority (not shown), a private key 312 used for encryption, a home appliance CA certificate 309, and a private key 310 used for encryption. Is remembered.

  Next, referring to FIG. 4 and FIG. 5, the flow of processing for acquiring from the home gateway 15 a home device certificate that proves that the information device 14 or 18 is a device that is legitimately used in the home 12 will be described. While explaining.

  First, the flow of processing on the information equipment side will be described with reference to FIG. This process is performed every time the user of the information device connects the information device to the home network.

  Step S401 in FIG. 4 is a step of checking whether or not the information device can perform data communication with the home gateway through the home network. If it is detected that data communication with the home gateway is possible, the process proceeds to step S402. If it is found that data communication is not possible, the processing ends as a network communication error.

  For example, when the information device 14 is connected to the home network 13 by the user of the information device 14 in FIG. 1, it is checked whether data communication with the home gateway 15 is enabled via the home network 13.

  The next step S402 is a step of determining whether or not the information device already has a home device certificate. If already provided, this process ends. If not, the process moves to step S403.

  Step S403 is a step in which the information device transmits a request for issuing a home device certificate to the home gateway. In FIG. 1, the information device 14 transmits a home device certificate issuance request to the home gateway 15.

  Step S404 is a step in which the information device receives the gateway certificate transmitted from the home gateway. In FIG. 1, the information device 14 receives a gateway certificate from the home gateway 15.

  In step S405, the information device determines whether the gateway certificate received in step S404 is a valid certificate. If it is a valid certificate, the process proceeds to step S406. If it is not a valid certificate, the process ends.

  Step S406 is a step in which the information device generates a shared key. Step S407 is a step in which the information device encrypts the shared key and transmits it to the home gateway. In FIG. 1, the information device 14 transmits the encrypted shared key to the home gateway 15.

  Step S408 is a step in which the information device encrypts a device certificate provided in advance and transmits it to the home gateway. In FIG. 1, the information device 14 transmits the encrypted device certificate to the home gateway 15.

  Step S409 is a step in which the information device exchanges the shared key with the home gateway. Step S410 is a step in which the information device starts IPsec communication with the home gateway. Step S411 is a step in which the information device creates a public key / private key pair. Step S412 is a step in which the information device transmits a public key to the home gateway.

  Step S413 is a step in which the information device receives the home device certificate and the home device CA certificate from the home gateway. In FIG. 1, the information device 14 receives a home device certificate and a home device CA certificate from the home gateway 15.

  Step S414 is a step in which the information device stores the home device certificate and home device CA certificate received in step S413.

  The above processing is a flow of processing in which the information device issues a request to issue a home device certificate to the home gateway and receives the home device certificate. Next, the flow of processing on the home gateway side will be described with reference to FIG.

  Step S501 in FIG. 5 is a step in which the home gateway receives a request for issuing a home device certificate from the information device. In FIG. 1, the home gateway 15 receives a request for issuing a home device certificate from the information device 14.

  The next step S502 is a step in which the home gateway transmits a gateway certificate provided in advance to the information device that has issued the in-home device certificate issuance request. In FIG. 1, the home gateway 15 transmits a gateway certificate to the information device 14.

  Step S503 is a step in which the home gateway receives the encrypted shared key from the information device and decrypts the shared key. Step S504 is a step in which the home gateway receives the encrypted device certificate from the information device and decrypts the device certificate.

  Step S505 is a step in which the home gateway determines whether or not the device certificate received in step S503 is valid. As a determination method, a device certificate of a device that can be connected to the home gateway is held in advance and collated with it. If it is not a valid device certificate, the process ends. If it is a valid device certificate, the process proceeds to step S506.

  Step S506 is a step in which the home gateway exchanges a shared key with the information device that has transmitted the in-home device certificate issuance request. Step S507 is a step of starting IPsec communication with the information device from which the home gateway has issued the in-home device certificate issuance request. Step S508 is a step in which the home gateway receives the public key from the information device. Step S509 is a step in which the home gateway creates a home device certificate. Step S510 is a step in which the home gateway transmits the home device certificate and the home device CA certificate to the information device. In FIG. 1, the home gateway 15 transmits a home device certificate and a home device CA certificate to the information device 14.

Step S511 is a step in which the home gateway stores the home device certificate and home device CA certificate transmitted to the information device in step S510.

  The above is the flow of processing in which the home gateway issues a home device certificate to an information device that has issued a request to issue a home device certificate.

  Next, FIG. 6 shows the configuration of the content communication control program 24 installed in the information device 14 in FIG. The content communication control program 24 includes an access receiving unit 601, a device information transmitting unit 602, a communication availability information receiving unit 603, and a content communication unit 604.

  The access receiving unit 601 has a function of receiving an access from an external information device via the Internet 21. The device information transmission unit 602 has a function of acquiring identification information of an accessed information device and transmitting it to the access policy server 22. The communication availability information receiving unit 603 has a function of receiving a communication availability result from the access policy server 22. The content communication unit 604 has a function of communicating content with the accessing information device.

  Next, FIG. 7 shows the configuration of the content communication availability determination program 11 installed in the access policy server 22 in FIG. The content communication availability determination program 11 includes a gateway check unit 701, a content communication availability determination unit 702, a communication availability information transmission unit 703, a communication information recording unit 704, an access policy 705, and a content communication log 707. Consists of rule 706.

  The gateway check unit 701 is between the home gateway 19 of the home network 17 to which the information device 18 that has transmitted the request for content communication is connected and the home gateway 15 of the home network 13 to which the information device 14 of the content communication destination is connected. Thus, it is possible to check whether the content can be communicated with reference to the access policy 705.

  The content communication availability determination unit 702 has a function of determining whether content communication is possible between the home gateway 15 and the home gateway 19 based on the content communication log 707 and the communication availability rule 706.

  The communication availability information transmitting unit 703 has a function of transmitting information on whether or not content can be communicated between information devices connected to different home networks to the home gateways of the two home networks. In FIG. 1, information on whether or not content communication between the information device 14 and the information device 18 is possible is transmitted to the home gateway 15 and the home gateway 19.

  The communication information recording means 704 identifies the time at which communication was started or the time at which communication was disconnected and the information device that requested the content communication when the content was communicable between information devices connected to different home gateways. Information and the identification information of the home gateway of the home network to which the information device that requested the content communication is connected are recorded in the content communication log 207. For example, the IP address of the information device 18 that has requested the content communication, the IP address of the home gateway 19, the communication start time, the communication disconnection time, and the like are recorded.

  In the access policy 705, identification information of a home gateway permitted for content communication is associated and recorded. An example of the access policy 705 is shown in FIG. In FIG. 8, the IP address of the home gateway is recorded in association with each other. For example, what is described in the first line is ZZZ. ZZ. ZZZ. Home gateway having Z as an IP address, and XXX. XX. XX. This indicates that content communication is possible with a home gateway having X as an IP address. In general, the IP address is expressed by a numerical string, but in the present specification, all are replaced by an alphabetic string.

  Furthermore, in the access policy 705 of the present embodiment, the IP address of the home gateway is recorded in association with it, but this may be information that can be identified by the home gateway, such as an ID or public key assigned at the time of manufacturing the home gateway. You can use a certificate.

  In the communication permission / prohibition rule 706, the total communication limit number, the continuous communication limit number, and the timeout time are recorded. The total communication limit count indicates the total number of times that an information device that has requested content communication can communicate with an information device having content via a network other than the home network to which the information device belongs. In the communication permission / inhibition rule 706 shown in FIG. This indicates that communication exceeding 100 times is impossible.

  The next continuous communication limit number indicates the continuous number of times that an information device that has requested content communication can perform content communication via a network other than the home network to which the information device belongs. In the communication permission / inhibition rule 706 shown, it is 10 times. This indicates that communication is impossible when the request for content communication exceeds 10 times continuously. Once the information device is directly connected to the home network to which the information device originally belongs, the number of times is 0. It shall be cleared.

  The next time-out time indicates a time-out time for disconnecting communication when a non-communication state continues.

  The content communication log 707 is a place where a communication record in which content communication is performed via the content communication availability determination program 11 is described. FIG. 10 shows an example of the content communication log 707. The content communication log 707 shown in FIG. 10 is a comma-separated CSV file format. From the top, the date and time when the log was acquired, the communication status, and the information device accessed from the external network requesting the content communication The IP address that is the identification information of the home network and the IP address that is the identification information of the home gateway of the home network to which the information device is connected are recorded. In this embodiment, the IP address is used as the identification information. However, this may be information that can be identified by the information device or the home gateway, and may be an ID assigned at the time of manufacture or a public key certificate.

  For example, the first line of FIG. 10 shows that XX. DFY. KJE. From an information device having JJ as an IP address, ZZZ. ZZ. ZZZ. There is a communication request via a home gateway having ZZ as an IP address, and “connected” indicating that communication is started is recorded as the communication state.

  Next, the processing flow of the present application for determining whether or not content communication is possible when the information device 18 in FIG. 1 acquires or uses the content of the information device 14 will be described.

  First, a processing flow of the content communication control program 24 installed in the information device 14 will be described with reference to FIGS. 1, 6, and 11.

  Step S1101 in FIG. 11 is a step in which the access receiving means 610 of the content communication control program 24 installed in the information device 14 receives a content communication request from the information device 18.

  In the next step S1102, the device information transmission unit 602 of the content communication control program 24 receives the IP address that is the identification information of the information device 18 that has received the content communication request in step S1101, and the network access path that the information device 18 has accessed. This is a step of acquiring identification information of the home gateway 19 included in the information.

  In step S1103, the identification information of the information device 18 acquired by the device information transmission unit 602 of the content communication control program 24 in step S1102, the identification information of the home gateway 19 of the information device 18, and the information device 14 that has received the communication request. This is a step of transmitting the identification information of the home gateway 15 to the access policy server 22.

  The access policy server 22 that has received the identification information of the device information 18 and the identification information of the home gateway 15 and the home gateway 19 determines whether or not communication is possible using the installed content communication availability determination program 11, and determines the communication availability result as an information device. Return to 14. The processing flow of the content communication availability determination program 11 will be described separately.

  Step S1104 is a step in which the communication availability information receiving unit 603 of the content communication control program 24 receives communication availability information indicating whether or not content communication is allowed from the access policy server 22.

  Step S1105 is a step in which the communication availability information receiving unit 603 of the content communication control program 24 determines whether or not the communication availability result received in step S1104 is communicable. If communication is possible, the process proceeds to step S1106. If communication is not possible, the process ends.

  Step S1106 is a step in which the content communication means of the content communication control program 24 communicates the content of the information device 14 to the information device 18.

  Next, a processing flow of the content communication availability determination program 11 will be described with reference to FIGS. 1 and 12.

  In step S1201 of FIG. 12, the gateway check unit 701 of the content communication availability determination program 11 receives the identification information of the information device 18 that transmitted the content communication request from the information device 14 that received the content communication request, and the information device 18 This is a step of receiving the identification information of the home gateway 19.

  The next step S1202 is a step in which the gateway check means 701 of the content communication availability determination program 11 receives the identification number of the home gateway 15 that is the home gateway of the information device 14 that has received the request for content communication.

  In step S1203, based on the identification number of the home gateway 19 received by the gateway check unit 701 in step S1201, the identification number of the home gateway 15 received in step S1202, and the access policy 705, the two identification numbers are determined. This is a step of determining whether or not the gateways shown are capable of content communication. If the gateways can perform content communication, the process proceeds to step S1204. If the content communication is not possible, the process proceeds to step S1207.

  For example, the IP address of the home gateway 15 is set to ZZZ. ZZ. ZZZ. Z, and the IP address of the home gateway 19 is XXX. XX. XX. X and the identification number is an IP address, and the access policy 705 is as shown in FIG. ZZ. ZZZ. A gateway having Z as an IP address, and XXX. XX. XX. Since the gateway having X as an IP address is associated with FIG. 8, it is determined that the home gateway 15 and the home gateway 19 are capable of content communication. In this embodiment, the home gateway identification number is an IP address, but it goes without saying that the home gateway can be identified.

  In step S1204, the information device 18 indicated by the identification number received in step S1201 has communicated with the information device connected to the home gateway 15 indicated by the identification number received in step S1202 how many times until now. The content communication availability determination unit 702 of the content communication availability determination program 11 searches the content communication log 707 for a search.

  Next, the content communication availability determination unit 702 of the content communication availability determination program 11 determines whether the number of times is equal to or less than the total number of communications included in the communication availability rule 706. If the communication is more than the total number of communication, the process proceeds to step S1207. If the communication count is less than or equal to the total communication count, the process moves to step S1205.

  A specific example in the case where the communication permission / prohibition rule 706 is that shown in FIG. For example, if the total number of times the information device 18 of FIG. 1 has accessed the home gateway 15 of the home 12 from the outside is 101 times or more, content communication is rejected, and the process proceeds to step S1207.

  In step S1205, the information device 18 indicated by the identification number received in step S1201 continuously communicates with the information device connected to the home gateway 15 indicated by the identification number received in step S1202. The content communication availability determination unit 702 of the content communication availability determination program 11 searches the content communication log 707 for a search.

  Next, the content communication availability determination unit 702 of the content communication availability determination program 11 determines whether or not the continuous number is less than or equal to the continuous communication limit number included in the communication availability rule 706. If the communication is performed more than the continuous communication limit number, the process proceeds to step S1207. If the communication count is less than or equal to the total communication count, the process moves to step S1206.

  Specifically, if the number of times that the information device 18 of FIG. 1 is continuously connected to the home gateway 15 of the home 12 via the home gateway 19 is 11 times or more, the content communication is rejected, and the process proceeds to step S1207. Processing moves. This continuous count is cleared to 0 when the information device 18 is directly connected to the home network 13 to which it originally belongs. This direct connection means connection without any other network. Therefore, this continuous number means the continuous number of times that the information device 18 has accessed the home network 13 for content use via a network other than the home network 13.

  The meaning of clearing the number of consecutive times is to consider a case where a legitimate user sometimes takes out the information device 18 to another home network 17 and normally uses it on the home network 13 to which the user originally belongs. In some cases, it is assumed that the mobile phone is being carried by a legitimate user. In other words, if it is continuously connected to another home network 17 without being connected to the home network 13 to which it originally belongs, there is a high possibility that it is being used by a third party who is not a legitimate user. That's what it means.

  In this embodiment, whether communication is possible or not is determined based on the total number of communications and the number of continuous communications. However, the number of continuous communications days may be used. When it is directly connected to the home network 13 to which it originally belongs, it is cleared on the 0th day. Therefore, this continuous number of days means the continuous number of days that the information device 18 has accessed the home network 13 for content use via a network other than the home network 13.

  Further, it is possible to set both the total communication count and the continuous communication count included in the communication permission / inhibition rule 706 to 0, but in this case, a plurality of information devices permitted to use content are taken out to an external network. It is not realistic because the content cannot be used at all.

  Step S1206 is a step in which the communication enable / disable information transmitting unit 703 of the content communication enable / disable determining program 11 transmits information enabling communication to the information device 14 that has received the content communication request.

  In the form of FIG. 1 described above, the content communication availability determination program 11 transmits information enabling content communication to the information device 14.

  In step S1207, the communication availability information transmitting unit 703 of the content communication availability determination program 11 transmits information that disables communication to the information device 14 that has received the content communication request.

  In the form of FIG. 1 described above, the content communication availability determination program 11 transmits information that disables content communication to the information device 14.

  Step S1208 is a step in which the communication information recording unit 704 of the content communication availability determination program 11 records communication information in the content communication log 707.

  The above is the overall processing flow of the content communication availability determination program 11. It should be noted that even between the information device 14 and the information device 18 in FIG. 1 in which the content can be communicated, authentication between devices is performed by an encryption authentication method using a certificate for each device distributed by the home gateway 15 in advance. By doing so, security can be further enhanced.

  The flow of the inter-device authentication process will be described with reference to FIG. Step S1301 in FIG. 13 is a step in which the information device receives a home device certificate from another information device to which the content is communicated. In FIG. 1, if the information device 14 and the information device 18 are trying to perform content communication, the information device 14 receives a home device certificate from the information device 18. Of course, the information device 18 may receive the home device certificate from the information device 14.

  The next step S1302 is a step in which the information device determines whether the home device certificate received in step S1301 is valid. If it is valid, the process proceeds to step S1303, and if it is not valid, the process proceeds to step S1307.

  Step S1303 is a step in which the information device transmits its home device certificate to the other information device with which the content is communicated. Step S1304 is a step in which the information device exchanges a shared key with another information device with which the content is communicated. Step S1305 is a step in which the information device performs encrypted communication of the content with another information device that is the content communication destination. Step S1307 is a step in which the information device abnormally ends the content communication process. The above is the flow of authentication processing between information devices that perform content communication.

  By using the content communication availability determination program 11 of the present application, it becomes difficult to continuously use content from other than the home network to which it originally belongs. As a result, by lending the device to another person, it is possible to prevent unauthorized use in which another person who does not have content usage qualifications continuously uses the content. In addition, by changing the content of the access policy by the content owner, the usage range can be determined, and unauthorized use such as allowing other people to use the content without limitation can be prevented.

  The present application can also be realized by installing the content communication control program 24 in the home gateway. This form is shown in FIG. In the case of this form, it is possible to control content communication for all information devices that have accessed the home gateway.

  Further, the present application can be realized by installing the content communication availability determination program 11 and the content communication control program 24 in the home gateway. This form is shown in FIG. In the case of this form, it is possible to control content communication for all information devices that have accessed the home gateway.

FIG. 16 is an example of an embodiment using a recording medium storing the content communication availability determination program 11 shown above. It is also possible for the computer 161 that can be a gateway or an access policy server to read the content communication availability determination program 11 stored in the recording medium 162 and execute the content communication availability determination program 11. The above is an embodiment showing an embodiment of the present invention.
(Appendix 1)
A first gateway that connects the first network and the second network, and a second gateway that connects the second network and the third network, and is connected to the first network. Content communication in which the first information device or the first gateway determines whether the content included in the first information device may be communicated to the second information device connected to the third network A method,
Associating the identification information of multiple gateways that can communicate content in advance,
Predetermining the total number of communication limits that can be communicated from the second information device to the first network,
When the first information device or the first gateway receives a communication request for content included in the first information device from the second information device,
From a communication log in which a communication record in which a second information device has accessed the first network in the past is recorded, the number of times the second information device has been connected to the first network in the past is counted,
The number of times counted is less than or equal to the total number of communication limits, and
When the identification information of the first gateway and the identification information of the second gateway are associated with the identification information of the associated gateway, the second information device and the first information A content communication method characterized by permitting content communication with a device.
(Appendix 2)
The content communication method according to attachment 1, further comprising:
Predetermining the continuous communication limit number that can be continuously communicated from the second information device to the first network,
When the first information device or the first gateway receives a communication request for content included in the first information device from the second information device,
From the communication log, count the number of continuous communications from the second information device continuously communicated to the first information device connected to the first network,
A content communication method, wherein communication of content between the second information device and the first information device is permitted when the counted number of continuous communication is equal to or less than the continuous communication limit number. .
(Appendix 3)
A first gateway that connects the first network and the second network, a second gateway that connects the second network and the third network, and an access policy server that connects to the second network; And determining whether the content included in the first information device connected to the first network can be communicated to the second information device connected to the third network. The content communication availability determination program installed in the gateway of
The first gateway,
Means for receiving a communication request for content contained in the first information device from the second information device;
Means for acquiring, from the access policy server, a communication record stored in the access policy server and having accessed the first network in the past from the second information device;
Means for counting the number of times the second information device has accessed the first network from the acquired communication record;
Means for acquiring, from the access policy server, a total communication limit number stored in advance in the access policy server and capable of communicating from the second information device to the first network;
Means for acquiring correspondence information associated with identification information of a plurality of gateways capable of content communication stored in advance in the access policy server from the access policy server;
The first gateway identification information and the second gateway identification information are associated with the acquired correspondence information when the counted number is equal to or less than the acquired total communication limit number. In some cases, the content communication availability determination program causes a function to permit communication of content between the second information device and the first information device.
(Appendix 4)
A first gateway that connects the first network and the second network, a second gateway that connects the second network and the third network, and an access policy server that connects to the second network; And determining whether the content included in the first information device connected to the first network can be communicated to the second information device connected to the third network. A content communication availability determination program installed in the information device of
The first information device is
Means for receiving a communication request for content contained in the first information device from the second information device;
Means for acquiring, from the access policy server, a communication record stored in the access policy server and having accessed the first network in the past from the second information device;
Means for counting the number of times the second information device has accessed the first network from the acquired communication record;
Means for acquiring, from the access policy server, a total communication limit number stored in advance in the access policy server and capable of communicating from the second information device to the first network;
Means for acquiring correspondence information associated with identification information of a plurality of gateways capable of content communication stored in advance in the access policy server from the access policy server;
The first gateway identification information and the second gateway identification information are associated with the acquired correspondence information when the counted number is equal to or less than the acquired total communication limit number. In some cases, the content communication availability determination program causes a function to permit communication of content between the second information device and the first information device.
(Appendix 5)
A first gateway that connects the first network and the second network, a second gateway that connects the second network and the third network, and an access policy server that connects to the second network; A content communication system configured to determine whether content included in a first information device connected to the first network may be communicated to a second information device connected to the third network There,
The access policy server is:
Means for storing an access policy in which identification information of a plurality of gateways capable of communicating content is associated;
Means for storing a total communication limit number that can be communicated from the second information device to the first network;
Means for storing a communication record of a second information device accessing the first network in the past,
The first information device is
Means for receiving a communication request for content contained in the first information device from the second information device;
Means for obtaining the communication record from the access policy;
Means for acquiring the number of times of communication from the second information device to the first network from the acquired communication record;
When the number of times is equal to or less than the total communication limit number, and when the identification information of the first gateway and the identification information of the second gateway are associated with the access policy, the second A content communication system comprising: means for allowing the communication of content between the first information device and the first information device to function.
(Appendix 6)
A first gateway that connects the first network and the second network, a second gateway that connects the second network and the third network, and an access policy server that connects to the second network; And determining whether the content included in the first information device connected to the first network can be communicated to the second information device connected to the third network. A recording medium on which a content communication availability determination program to be installed in the gateway is recorded,
The first gateway,
Means for receiving a communication request for content contained in the first information device from the second information device;
Means for acquiring, from the access policy server, a communication record stored in the access policy server and having accessed the first network in the past from the second information device;
Means for counting the number of times the second information device has accessed the first network from the acquired communication record;
Means for acquiring, from the access policy server, a total communication limit number stored in advance in the access policy server and capable of communicating from the second information device to the first network;
Means for acquiring correspondence information associated with identification information of a plurality of gateways capable of content communication stored in advance in the access policy server from the access policy server;
The first gateway identification information and the second gateway identification information are associated with the acquired correspondence information when the counted number is equal to or less than the acquired total communication limit number. A computer-readable recording medium having recorded therein a content communication availability determination program that functions as means for permitting communication of content between the second information device and the first information device.
(Appendix 7)
A first gateway that connects the first network and the second network, a second gateway that connects the second network and the third network, and an access policy server that connects to the second network; And determining whether the content included in the first information device connected to the first network can be communicated to the second information device connected to the third network. A recording medium on which a content communication availability determination program to be installed in an information device is recorded,
The first information device is
Means for receiving a communication request for content contained in the first information device from the second information device;
Means for acquiring, from the access policy server, a communication record stored in the access policy server and having accessed the first network in the past from the second information device;
Means for counting the number of times the second information device has accessed the first network from the acquired communication record;
Means for acquiring, from the access policy server, a total communication limit number stored in advance in the access policy server and capable of communicating from the second information device to the first network;
Means for acquiring correspondence information associated with identification information of a plurality of gateways capable of content communication stored in advance in the access policy server from the access policy server;
The first gateway identification information and the second gateway identification information are associated with the acquired correspondence information when the counted number is equal to or less than the acquired total communication limit number. A computer-readable recording medium having recorded therein a content communication availability determination program that functions as means for permitting communication of content between the second information device and the first information device.

  As described above, the content communication method of the present invention includes the total communication limit number, the communication continuous limit number, and the continuous communication days as communication permission / inhibition rules, and allows content communication between information devices connected to a plurality of home networks. When implemented, the past communication log is used to prevent unauthorized use of content. This allows users to use content that is not intended by the content provider, such as unauthorized use in which another person continuously uses the content by lending the device to another person, or content that has been stolen in the stolen information device. There is an effect to prevent that.

It is the figure which showed the whole structure of this-application embodiment. It is the figure which showed the structure of the information equipment in this-application embodiment. It is the figure which showed the structure of the home gateway in this embodiment. It is the flowchart which showed the flow of the process in which the information equipment in this-application embodiment receives issuing of an in-home apparatus certificate. It is the flowchart which showed the flow of the process in which the home gateway in this embodiment issues a household device certificate. It is a figure which shows the structure of the content communication control program in this-application embodiment. It is a figure which shows the structure of the content communication availability judgment program in this application embodiment. It is the figure which showed an example of the access policy in this embodiment. It is the figure which showed an example of the communication permission rule in this embodiment. It is the figure which showed an example of the content communication log in this-application embodiment. It is a flowchart which shows the flow of a process of the content communication control program in this embodiment. It is the flowchart which showed the flow of the process of the content communication availability judgment program in this embodiment. It is the flowchart which showed the flow of the process of the authentication between information devices. It is the figure which showed the form which installed the content communication control program in the home gateway. It is the figure which showed the form which installed the content communication control program and the content communication availability determination program in the home gateway. It is the figure which showed the form which installs the recording medium which recorded the content communication availability judgment program in a computer.

Explanation of symbols

11 Content communication availability determination program 12, 16 Home 13, 17 Home network 14, 18 Information device 15, 19 Home gateway 20 Content providing server 21 Internet 22 Access policy server 23 Content 24 Content communication control program 161 Computer 162 Recording medium 201, 301 Hard disk 202, 303 Control unit 203 Transmission / reception unit 204 Device certificate 205, 310, 312 Private key 206 Gateway CA certificate 302 Internet transmission / reception unit 304 Home network transmission / reception unit 305 Display unit 306 Input unit 307 Display 308 Remote control unit 309 Domestic device CA certification 311 Gateway certificate 601 Access reception means 602 Device information transmission means 603 Communication availability information Receiving means 604 the contents communication unit 701 gateway checking means 702 content communication possibility determining section 703 communication availability information transmitting unit 704 communication information recording means 705 the access policy 706 communicability rules 707 content communication log

Claims (5)

A first gateway that connects the first network and the second network, and a second gateway that connects the second network and the third network, and is connected to the first network. Content communication in which the first information device or the first gateway determines whether the content included in the first information device may be communicated to the second information device connected to the third network A method,
Associating the identification information of multiple gateways that can communicate content in advance,
Predetermining the total number of communication limits that can be communicated from the second information device to the first network,
When the first information device or the first gateway receives a communication request for content included in the first information device from the second information device,
From a communication log in which a communication record in which a second information device has accessed the first network in the past is recorded, the number of times the second information device has been connected to the first network in the past is counted,
The number of times counted is less than or equal to the total number of communication limits, and
When the identification information of the first gateway and the identification information of the second gateway are associated with the identification information of the associated gateway, the second information device and the first information A content communication method characterized by permitting content communication with a device. The content communication method according to claim 1, further comprising:
Predetermining the continuous communication limit number that can be continuously communicated from the second information device to the first network,
When the first information device or the first gateway receives a communication request for content included in the first information device from the second information device,
From the communication log, count the number of continuous communications from the second information device continuously communicated to the first information device connected to the first network,
A content communication method, wherein communication of content between the second information device and the first information device is permitted when the counted number of continuous communication is equal to or less than the continuous communication limit number. . A first gateway that connects the first network and the second network, a second gateway that connects the second network and the third network, and an access policy server that connects to the second network; And determining whether the content included in the first information device connected to the first network can be communicated to the second information device connected to the third network. The content communication availability determination program installed in the gateway of
The first gateway,
Means for receiving a communication request for content contained in the first information device from the second information device;
Means for acquiring, from the access policy server, a communication record stored in the access policy server and having accessed the first network in the past from the second information device;
Means for counting the number of times the second information device has accessed the first network from the acquired communication record;
Means for acquiring, from the access policy server, a total communication limit number stored in advance in the access policy server and capable of communicating from the second information device to the first network;
Means for acquiring correspondence information associated with identification information of a plurality of gateways capable of content communication stored in advance in the access policy server from the access policy server;
The first gateway identification information and the second gateway identification information are associated with the acquired correspondence information when the counted number is equal to or less than the acquired total communication limit number. In some cases, the content communication availability determination program causes a function to permit communication of content between the second information device and the first information device. A first gateway that connects the first network and the second network, a second gateway that connects the second network and the third network, and an access policy server that connects to the second network; And determining whether the content included in the first information device connected to the first network can be communicated to the second information device connected to the third network. A content communication availability determination program installed in the information device of
The first information device is
Means for receiving a communication request for content contained in the first information device from the second information device;
Means for acquiring, from the access policy server, a communication record stored in the access policy server and having accessed the first network in the past from the second information device;
Means for counting the number of times the second information device has accessed the first network from the acquired communication record;
Means for acquiring, from the access policy server, a total communication limit number stored in advance in the access policy server and capable of communicating from the second information device to the first network;
Means for acquiring correspondence information associated with identification information of a plurality of gateways capable of content communication stored in advance in the access policy server from the access policy server;
The first gateway identification information and the second gateway identification information are associated with the acquired correspondence information when the counted number is equal to or less than the acquired total communication limit number. In some cases, the content communication availability determination program causes a function to permit communication of content between the second information device and the first information device. A first gateway that connects the first network and the second network, a second gateway that connects the second network and the third network, and an access policy server that connects to the second network; A content communication system configured to determine whether content included in a first information device connected to the first network may be communicated to a second information device connected to the third network There,
The access policy server is:
Means for storing an access policy in which identification information of a plurality of gateways capable of communicating content is associated;
Means for storing a total communication limit number that can be communicated from the second information device to the first network;
Means for storing a communication record of a second information device accessing the first network in the past,
The first information device is
Means for receiving a communication request for content contained in the first information device from the second information device;
Means for obtaining the communication record from the access policy;
Means for acquiring the number of times of communication from the second information device to the first network from the acquired communication record;
When the number of times is equal to or less than the total communication limit number, and when the identification information of the first gateway and the identification information of the second gateway are associated with the access policy, the second A content communication system comprising: means for allowing the communication of content between the first information device and the first information device to function.

Images