JP2006277754A - Storage device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To allow the copyright of a content to be protected by efficiently restricting the number of replicated contents. <P>SOLUTION: This storage device has identification information and is provided with: a storage means including an identification information storage area for storing the identification information, a secret area accessible by a hidden specific procedure, and an open area other than the secret area; and a control means for executing the specific procedure for accessing the secret area to determine whether the secret area is accessible or not and for enabling access to the secret area when it is accessible. An encrypted content and first control information encrypted by key information generated based on the identification information and required for a reproduction process of the encrypted content are stored in the open area; and second control information for generating the key information required for the reproduction process of the encrypted content is stored in the secret area. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a recording medium.

  Conventionally, copy management has been performed for contents (such as copyrighted works). By managing copy generation and managing the number of copies, we have balanced the protection of copyright and the convenience of use.

  Furthermore, the concept of “move” has appeared instead of copy management. In contrast to copying not erasing the original data, moving transfers the data to a different location (media) and erases the original data. The digitalization of content and the spread of networks, etc. are behind the emergence of copy protection by movement.

  In recent years, since it has become possible to faithfully copy originals through a network or the like, it has become difficult to protect copyrights only with copy management. Also, unlimited movement from media to media, such as for-profit (distributed) distribution of data, cannot perform copyright management.

  As described above, it has become difficult to reliably manage copying of original data (particularly, content that is subject to copyright protection).

  Therefore, in view of the above problems, the present invention limits the number of duplicate contents that can be recorded on a storage medium, thereby restricting the copy of the contents and protecting the copyright of the contents (storage medium). The purpose is to provide.

The storage device (recording medium) of the present invention is
A storage device having identification information,
An identification information storage area for storing the identification information, a secret area accessible in a concealed specific procedure, and a storage means including a public area other than the secret area;
Performing the specific procedure for accessing the secret area, determining whether or not to access the secret area, and control means for enabling access to the secret area when it is determined that access is possible;
With
The public area stores the encrypted content and first control information necessary for the reproduction process of the encrypted content encrypted with the key information generated based on the identification information,
The secret area stores second control information for generating the key information necessary for the reproduction process of the encrypted content.

  According to the present invention, it is possible to efficiently restrict the number of duplicate contents and to protect the copyright of the contents.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

  FIG. 1 shows a music content use management system (hereinafter, simply referred to as LCM) 1 using a content management method for regulating the number of duplicate contents that can be stored in a storage medium (media) according to the present embodiment. This is an example of the configuration. Here, music is used as an example of content, but this is not the only case, and it may be a movie, game software, or the like. Further, although a memory card (MC) is used as a medium, the present invention is not limited to this, and various storage media such as a floppy (registered trademark) disk and a DVD may be used.

  An EMD (Electronic Music Distributor) is a music distribution server or a music distribution broadcast station.

  The content usage management system 1 is, for example, a personal computer (PC) and includes receiving units # 1 to # 3 corresponding to a plurality of EMDs (here, EMDs # 1 to # 3), and the EMD distributes them. Encrypted content or its license (use conditions and encrypted content decryption key) are received. The receiving units # 1 to # 3 may have a reproduction function and a billing function. A playback function is used to audition the distributed music content. In addition, it is possible to purchase a favorite content using a billing function.

  The LCM 1 includes a secure content server (herein, Secure Music Server: SMS, which may be simply referred to as SMS hereinafter) 2, and content purchased by the user is an EMD interface (I / F) unit. 3 is stored in SMS 2 via 3. The music content is decrypted by the EMDI / F unit 3 as necessary, and subjected to format conversion and re-encryption. When the SMS 2 receives the encrypted content, it stores it in the music data storage unit 10 and stores the music data decryption key in the license storage unit 9. The SMS 2 may have a playback function. With the reproduction function, music content managed by the SMS 2 can be reproduced on the PC.

  The SMS 2 has a function of outputting content data to a medium 13 (hereinafter sometimes simply referred to as MC (memory card)). The MC 13 can be set in a recording / reproducing apparatus (hereinafter also referred to simply as a PD (Portable Device)) 12 and contents recorded in the MC 13 can be reproduced.

  Content recording from the SMS 2 to the MC 13 can be performed directly through the media (MC) interface (I / F) unit 6 or via the PD 12.

  The MC 13 has identification information (MID) unique to the medium and cannot be rewritten, and the content stored in the MC 13 is encrypted with a content decryption key that depends on the MC 13.

  The content decryption key is encrypted with the encryption key Kp stored in the media I / F unit 6 and the PD 12 and recorded in the MC 13.

The content in the MC 13 and the content decryption key can be copied to a separate arbitrary storage medium (hereinafter referred to as MCb).
1. Since only the legitimate PD 12 has the encryption key Kp, the content stored in the MCb cannot be reproduced correctly unless it is the legitimate PD 12. However,
2. Since the identification information MID of the MC 13 cannot be copied, the identification information MID of the MCb is different from the identification information MID of the MC 13 that is the copy source. Consequently, the content copied to the MCb cannot be reproduced correctly. In other words, it is possible to prevent duplicate content recorded by the SMS 2 on the MC 13 from being copied to another MC one after another.

  The above is the configuration of the LCM 1 that has been conventionally considered. Next, the method and components according to the present invention will be described.

  First, check-in / check-out will be described with reference to LCM 1 in FIG.

  Checkout means that the LMS 1 stores the content as “parent” and copies the duplicate as “child” content to the MC 13. “Child” content can be freely played back on the PD 12, but “child” content cannot be created from “child” content. The number of “children” that a “parent” can produce is defined as an attribute of the “parent”. Check-in is, for example, that the MC 13 is connected to the LCM 1 and the LCM 1 deletes (or cannot use) the “child” content, so that the “parent” content in the LCM 1 has the right to create one “child”. It means to recover. This is also called checking in with the “parent”.

  If this check-in / check-out is simply realized by the conventional LCM 1, the following “attack” actually exists. That is, the “child” stored in the MC 13 is saved in another storage medium (except for the MID), and the “child” of the MC 13 is checked in to the “parent”. Next, the previously saved “child” is written back to the MC 13. Since the check-in has already been completed, the “parent” on the LCM 1 may copy the “child” to another MC 13. In this way, it is possible to create “children” that can be used in an arbitrary number.

  The above-mentioned “attack” can be countered by performing authentication at the time of data transfer between the MC 13 and the LCM 1. That is, it is assumed that the MC 13 does not accept data transfer from other than the valid LCM 1 and that the LCM 1 does not accept data transfer from other than the valid MC 13. In this case, the “child” in the MC 13 cannot be saved to another recording medium. Also, the LCM 1 cannot be checked in false. Therefore, the above “attack” breaks down.

  However, in reality, check-in / check-out cannot be realized even if authentication between LCM 1 and MC 13 is assumed. This is because the following “attack” exists. That is, first, in a state where the “parent” on the LCM 1 does not create a “child”, the data of the LCM 1 (particularly, information in the license storage unit 9) is backed up to another storage medium. After the “child” is copied to the MC 13, the backed up LCM1 data is restored. Since the “parent” of the LCM 1 returns to the state before the “child” is created, the “child” can be created in another MC 13. In this way, an arbitrary number of “children” can be created.

  Next, problems other than the problems that occur in realizing check-in / check-out will be described. That is, the recording is performed on the MC 13 via a predetermined communication path such as the Internet. There is no problem because the regular Internet distribution by EMD is a legitimate distribution performed with the permission of the copyright owner. However, content can be recorded on the MC 13 via the Internet in the form shown in FIG. The communication unit 201 on the personal computer (PC) in FIG. 21 merely relays the protocol for writing to the MC 13. The LCM 1 may distinguish between the PD 12 directly connected to the PC # 2 on which the LCM 1 operates and the PD 12 connected to the PC # 2 on which the LCM 1 operates remotely connected via the communication unit 201. Since this is not possible, it is possible to distribute (illegal) content over a network such as the Internet.

  The following describes the check-in / check-out and means for regulating content recording to the MC 13 via the network, which are the gist of the present invention, in the order of the following items.

1. Check-in / check-out (1-1) Check-in / check-out (1-2) Check-in / check-out of duplicate contents using level 2 MC (1-3) Other management method of duplicate contents by hotel book ( 1-4) Reproduction of duplicate content stored in level 2 MC (1-5) Check-in / check-out of duplicate content using level 1 MC, reproduction of duplicate content (1-6) Level 0 MC Check-in / check-out of copied content and reproduction of copied content using 2. Means for restricting recording of duplicate content to MC via network Secret area (check-in / check-out)
In order to realize check-in / check-out, a memory area in the MC 13 is provided with an area (secret area) that cannot be read and written by the disclosed procedure, and information necessary for content decryption is recorded therein (see FIG. 2). In addition, an area (secret area) that can be accessed only by a private procedure is provided on the storage area of the LCM 1 (for example, when the LCM 1 is configured by a PC, a hard disk (HDD)), and a guest book as described later is provided. Store in the secret area (see FIG. 2). Furthermore, an area (secret area) that can be accessed only by a private procedure may be provided on the storage area of the PD 12, and information necessary for content decoding may be recorded therein (see FIG. 2). Here, an area that can be normally accessed by a procedure other than the secret area in the storage area is referred to as a public area.

  As shown in FIG. 1, in the LCM 1, the secret book area is provided with a hotel book storage unit 8, and after the specific procedure for accessing the book book storage unit 8 is performed in the SMS 2, the secret book area is stored. A secret area driver 7 is provided for reading data from.

  As shown in FIG. 4C, the MC 13 includes an identification information storage unit 13b configured to be non-rewritable and not copyable from the outside for storing the identification information MID. The authentication unit 13d performs authentication each time the area 13c, the public area 13a, and the secret area 13c are accessed so that the secret area 13c can be accessed only when it is confirmed as a legitimate partner. The switch (SW) 13e which opens is provided. Note that there are three types of MCs 13 that can be used in the present embodiment, and the type of the MC 13 that has both the identification information MID and the secret area as shown in FIG. 4C is referred to as “level 2”. The type of MC 13 as shown in FIG. 4B which does not have a secret area but has identification information MID is called “level 1”. The type of MC 13 as shown in FIG. 4A that has neither a secret area nor identification information is called “level 0”. For example, level 0 and other types can be discriminated based on the presence / absence of identification information MID, and further, level 1 and level 2 are discriminated from the configuration of identification information MID. For example, when the identification information is a continuous numerical value, it is assumed that the predetermined value or more is level 2.

  Hereinafter, the case of the MC2 of level 2 will be described as an example unless otherwise specified.

  The MC 13 may be used by being set on the PD 12 connected to the LCM 1 or may be used by being set directly on the LCM 1.

  FIG. 3 shows a configuration example of the PD 12, and the MC 13 is set in the media interface (I / F unit) 12f. When the LCM 1 reads / writes to / from the MC 13 via the PD 12, the LCM 1 accesses the secret area of the MC 13 via the secret area access unit in the PD 12. The media I / F unit 12f includes a secret area access unit for accessing the secret area of the MC 13. The secret area in the PD 12 may be provided in the flash memory 12d. A program for performing mutual authentication with the MC 13 and a program for determining the type of the MC 13 are written in the ROM 12c. According to this program, the mutual authentication with the MC 13 is controlled under the control of the CPU 12a. Then, processing such as type discrimination is executed.

  FIG. 5 shows the configuration of the media I / F unit 6 of the LCM 1, an authentication unit 6c for performing mutual authentication with the MC 13, a media discrimination unit 6b for discriminating the type of the MC 13, and the whole It is comprised from the control part 6a for controlling. The authentication unit 6 c is a secret area access unit for accessing the secret area of the MC 13.

  Next, a guest book stored in the secret area of the LCM 1 will be described.

  All music contents held in the SMS 2 have a content ID (TID) which is identification information for identifying each music content, a predetermined number of duplicatable contents, that is, a remaining number of children and a checkout list. As attribute information. This attribute information is called a hotel book. The hotel book is recorded in the hotel book storage unit 8 provided in the secret area in the form as shown in FIG.

  In FIG. 7A, for example, the remaining number of children with content ID “TID1” is “2”, and the checkout list is L1.

  The checkout list is a list of identification information of the MC 13 in which the copied content (child) is recorded. For example, in FIG. 7A, the checkout list L1 has identification information “m1” and “m2”. It can be seen that the child of the content with the content ID “TID1” is checked out in the two MCs 13.

(Check-in / check-out of duplicate content using Level 2 MC)
Next, check-in / check-out using the level 2 MC 13 configured as shown in FIG. 4C will be described with reference to FIGS.

  When the MC 13 is set in the media I / F unit 6 or the PD 12 of the LCM 1, mutual authentication is performed between the media IF unit 6 and the MC 13 or between the PD 12 and the MC 13 (step S1 in FIG. 9). ), When it is determined that both parties are legitimate (step S2), the media I / F unit 6 or the PD 12 determines the type of the MC 13 based on the identification information MID read from the MC 13 (step S3). . Here, since the type of MC 13 is level 2, the media I / F unit 6 or the PD 12 executes a check-in / check-out process corresponding to the type (step S6).

  A case where a checkout instruction is given to the SMS 2 via the user interface (I / F) unit 15 of the LCM 1 or via the PD 12 will be described with reference to FIG. The SMS 2 examines the remaining number n of children of the content (for example, the content ID is “TID1”) requested to be checked out of the hotel book (step S101). If n> 0, if necessary, the MC 13 Are mutually authenticated (step S102), and when the mutual validity is confirmed, the MC 13 then forwards the identification information MID (for example, MID = m0) (step S103). .

  The SMS 2 generates a random number r, and generates an encryption key w using the random number r, the identification information m0 of the MC 13, and the key generation algorithm W shared between the valid MC 13 and the LCM 1. The key generation algorithm W takes two arguments (here, r and m0) and plays a role of changing the encryption key w every time. Further, in SMS2, the content decryption key K (C) for decrypting the encrypted content is encrypted with the encryption key Kp shared between MC13 and LCM1 and the encryption key w generated previously. It is expressed as w [Kp [k (C)]]. Also, the content C is encrypted with the key K (C). This is expressed as K (C) [C] (step S104).

  When the SMS 2 creates a folder named “TID1”, for example, in the storage area of the MC 13 (step S105), the encrypted content K (C) [C] and the encrypted content are stored in the public area of the folder. The decryption key w [Kp [k (C)]] is written (step S106, step S107).

  Next, the SMS 2 performs mutual authentication with the MC 13 in order to access the secret area 13c of the MC 13, and when the validity of both is confirmed and the gate to the secret area 13c is opened by the switch 13e, the random number r Is written in the area corresponding to the folder “TID1” in the secret area 13c (steps S108 to S109). When this is completed, the gate that made it possible to access the secret area 13c is closed by the switch 13e. In step S108, it is desirable to protect the transfer of the route from the random number r to the secret area 13c by encrypting the random number r.

  Finally, as shown in FIG. 7B, the SMS 2 subtracts “1” from the remaining child number n of the content ID “TID1” for which the checkout request of the hotel book was requested, and the checkout list L1 The identification information “m0” of the MC 13 is added (step S110).

  FIG. 6 shows the contents stored in the MC 13 when the above processing is completed.

  A case where the check-in instruction is given to the SMS 2 via the user interface (I / F) unit 15 of the LCM 1 or via the PD 12 will be described with reference to FIG.

  If necessary, the SMS 2 performs mutual authentication with the MC 13 (step S201), and when the mutual validity is confirmed, the MC 13 then receives the identification information MID (for example, MID = m0). Is transferred (step S202).

  The SMS 2 stores the identification information of the MC 13, that is, “m0” in the checkout list from the lodging book of the content for which the check-in request is made (for example, the content ID is “TID1”). Random numbers r1 and r2 are generated (step S203). Then, the information stored in the area corresponding to the folder of the content (here, the folder “TID1”) in the public area 13a of the MC 13 is erased by overwriting with the random number r2 (step S204). In order to access the secret area 13c of the MC 13, mutual authentication is performed with the MC 13, and when the validity of both is confirmed and the gate to the secret area 13c is opened by the switch 13e, the folder “ The area corresponding to “TID1” is erased by overwriting with the random number r1 (step S205). When this is completed, the gate that made it possible to access the secret area 13c is closed by the switch 13e. In step S205, it is desirable to protect the transfer of the random number r1 by encrypting the random number r1 or the like until the random number r1 is transferred to the secret area 13c.

  Thereafter, the SMS 2 asks the MC 13 to transfer the value of each area after overwriting to confirm overwriting (step S206), and checks whether it matches the numbers r1 and r2 (step S207). When confirmation of overwriting is performed, the folder “TID1” is deleted from the MC 13 (step S208).

  Finally, as shown in FIG. 7 (c), “1” is added to the remaining child number n of the content ID “TID1” for which the check-in request of the hotel book was requested, and the MC 13 The identification information m0 is deleted (step S209).

  The random number r recorded in the secret area 13c in the MC 13 cannot be saved to another storage medium (because the validity by authentication cannot be confirmed). Accordingly, after the check-in of the content “TID1”, the content returned to the MC 13 cannot be used. Also, the hotel book stored in the secret area of the LCM 1 cannot be saved to another recording medium (because the authenticity cannot be confirmed by authentication). Therefore, after checking out the content “TID1”, the hotel book cannot be returned to the state before the checkout. Thus, the present invention provides a countermeasure against the above-described attack.

  Note that overwriting the contents of the secret area of the MC 13 with a random number at the time of check-in is important for security. Only the legitimate SMS 2 can write to the secret area of the MC 13, but the legitimate SMS 2 always writes to the secret area by the secrecy procedure. The authenticity of the MC 13 is assured by the successful writing by the confidential procedure. That is, it is possible to prevent unauthorized check-in. In order to improve safety, the SMS 2 overwrites the secret area with an arbitrary random number, reads the contents (by the secret procedure), and confirms that the random number is overwritten.

(Other methods for managing duplicate contents using a hotel book)
Note that the SMS 2 may check in content with a title (content ID) that is not in the guest book. Also, check-in from MC 13 that is not in the check-out list may be permitted. In this case, the hotel book does not have a checkout list for each content. This is because the check-out list is referred to in order to prevent check-in from the MC 13 “I don't remember”. FIG. 8A shows the stored contents of the hotel book in this case.

  As shown in FIG. 8A, only the content ID and the number of remaining children are registered in the book of each content.

  Consider a case where a content having a content ID of TID7 is checked in from an MC 13 having media identification information MID = m0. That is, the content with the content ID “TID7” currently checked out from another SMS 2 is stored in the MC 13 in the form shown in FIG.

  In the procedure shown in FIG. 11, the LCM 1 deletes the stored contents of the secret area and the public area in the MC 13 without referring to the checkout list in step S203 and deletes the folder “TID7”. Then, the new book of the contents (TID 7, 1) is registered in the book.

  By checking in content that LCM1 does not have in the book, for example, the following becomes possible. Assume that the “parent” content stored in the LCM 1 configured on the home PC can have two “children”. Check out one “child” from the home PC to the MC 13 and check in the PC at the friend's house. This means that the number of “parents” purchased by the user is reduced by one and the content is presented to a friend.

  Thus, if the LCM 1 can check in content that is not in the book, the “child” content can be “moved” through the LCM 1. This is a convenient function for the user, but it also creates a cause for the establishment of a second-hand content market. In fact, the following second-hand content sales are established. That is, after the user purchases a new content from the EMD and holds it for a short period of time, the user checks in the content to the LCM 1 of the used data store. At this time, the user receives the price. A used data store sells data to another purchaser at a price lower than the regular price of EMD.

  In this way, the establishment of a “second-hand market” in which the copyright of the content cannot be controlled is undesirable for the copyright holder. Therefore, each content may have a check-out attribute flag f so that the copyright holder can control check-in to different LCMs 1.

  FIG. 18A shows the format of the lodging book that the LCM 1 has in this case.

  As shown in FIG. 18A, the content ID, the number of remaining children, the checkout list, and the checkout attribute flag f are registered in the book of each content.

  When the flag f is “1”, the content can be checked out and checked in to another LCM1, but when the flag f is “0”, the content cannot be checked into at least another LCM1. Can not.

  For example, consider a case where a content with a content ID “TID6” is checked out. First, the SMS 2 checks the hotel book and confirms that the checkout attribute flag of the content is “1”. Here, when this value is “0”, the LCM 1 does not check out the content. When the flag f is “1”, “1” is subtracted from the remaining number of children of the book of the content ID “TID6” in the same manner as the procedure shown in FIG. b)). Incidentally, the checkout list L6 is empty (denoted by φ), and the flag f is “1”, and the content can be checked into the LCM 1 provided on another PC. There is no need to have. The flag f is recorded together with the random number r in the secret area of the MC 13.

  Next, a case where the content with the content ID “TID6” is checked in to the same LCM1 as the checked-out LCM1 or another LCM1 will be described with reference to the flowchart shown in FIG.

  In the procedure shown in FIG. 11, mutual authentication is performed between the MC 13 and the LCM 1 (step S11), and the identification information MID of the MC 13 is acquired (step S12).

  The SMS 2 performs mutual authentication with the above-described secret procedure (MC 13) in the secret area 13c of the MC 13 regardless of whether the content requested for check-in is registered in the hotel book, and the validity of both is confirmed. The gate to the secret area 13c is opened by the switch 13e), and the flag f is read from the secret area 13c (step S13). When the flag f is “1” (step S14), steps S204 to S208 in FIG. 11 are performed (steps S15 to S16), and when the flag f is “0”, the process ends. And finally, when the content is not registered in the hotel book, a new hotel book (TID6, 1, φ, 1) of “TID6” with the remaining number of children of the content as “1” is registered, When the content is registered in the hotel book, “1” is added to the remaining number of children of the content (step S17).

(Reproduction of duplicate content stored in level 2 MC)
Next, reproduction of the copied content stored in the level 2 MC 13 configured as shown in FIG. 4C will be described with reference to FIG. When the MC 13 is set in the PD 12, the PD 12 has the identification information MID (for example, MID = m0) transferred from the MC 13 (step S301). At this time, based on the identification information MID = m0, it can be determined that the type of MC13 is level 2. Therefore, the PD 12 reads w [Kp [k (C)]] from the public area of the MC 13 (step S302), performs mutual authentication with the MC 13 to access the secret area 13c of the MC 13, and both When the validity is confirmed and the gate to the secret area 13c is opened by the switch 13e, the random number r is read from the area corresponding to the folder “TID1” in the secret area 13c (step S303). When this is completed, the gate that made it possible to access the secret area 13c is closed by the switch 13e.

  The PD 12 generates the encryption key w using the random number r, the identification information m0 of the MC 13, and the key generation algorithm W shared between the legitimate MC 13 and the PD 12. The content decryption key K (C) is decrypted from the encryption key w, the encryption key Kp shared between the MC 13 and the LCM 1, and w [Kp [k (C)]] read from the MC 13 (step) S304).

  Then, the PD 12 reads the encrypted content K (C) [C] from the public area of the MC 13 (step S305), decrypts the content C with the decryption unit 12g, decodes it with the decoder 12h, and performs D / A conversion. The digital signal is converted into an analog signal by the unit, and music is reproduced (step S306).

(Check-in / check-out of duplicate content using level 1 MC, reproduction of duplicate content)
Next, check-in / check-out using the level 2 MC 13 configured as shown in FIG. 4B will be described with reference to FIGS. In addition, since the MC 13 of level 1 does not have a secret area, the check-in cannot be performed.

  The process from when the MC 13 is set in the media I / F unit 6 of the LCM 1 or the PD 12 until the type of the MC 13 is determined is the same as in FIG.

  Here, since the type of the MC 13 is level 1, the media I / F unit 6 or the PD 12 executes a check-in / check-out process corresponding to the type (step S5).

  If the check-in instruction is given to the SMS 2 via the user interface (I / F) unit 15 of the LCM 1 or the PD 12, it is determined that the type of the MC 13 is level 1. Is rejected.

  A case where a checkout instruction is given to the SMS 2 via the user interface (I / F) unit 15 of the LCM 1 or via the PD 12 will be described with reference to FIG.

  The SMS 2 checks the number of remaining children n of the content requested to be checked out of the hotel book (for example, the content ID is “TID1”) (step S401). If n> 0, if necessary, the MC 13 Are mutually authenticated (step S402), and when the mutual validity is confirmed, next, the identification information MID (for example, MID = m0) is transferred from the MC 13 (step S403). .

  The SMS 2 generates the random number r, generates the encryption key w, encrypts the content key using w and Kp, encrypts the content C (step S404), and stores the storage area of the MC 13 as in the case of the level 2 For example, a folder named “TID1” is created (here, only in the public area) (step S405). Then, the encrypted content K (C) [C], the encrypted content decryption key w [Kp [k (C)]], and the random number r are written in the folder (steps S406 to S408).

  Finally, as shown in FIG. 7B, the SMS 2 subtracts “1” from the remaining child number n of the content ID “TID1” for which the checkout request of the hotel book was requested, and the checkout list L1 The identification information “m0” of the MC 13 is added (step S409).

  Next, reproduction of the copied content stored in the level 1 MC 13 will be described with reference to FIG. When the MC 13 is set in the PD 12, the PD 12 has the identification information MID (for example, MID = m0) transferred from the MC 13 (step S501). At this time, based on the identification information MID = m0, it can be determined that the type of MC 13 is level 1. Therefore, the PD 12 reads w [Kp [k (C)]] from the storage area (only the public area) of the MC 13, reads the random number r (steps S 502 to S 503), the random number r, the identification information m 0 of the MC 13, An encryption key w is generated using a key generation algorithm W shared between the MC 13 and the PD 12. The content decryption key K (C) is decrypted from the encryption key w, the encryption key Kp shared between the MC 13 and the LCM 1, and w [Kp [k (C)]] read from the MC 13 (step) S504).

  Then, the PD 12 reads the encrypted content K (C) [C] from the storage area (only the public area) of the MC 13 (step S505), decrypts the content C with the decryption unit 12g, and decodes it with the decoder 12h. The D / A converter converts the digital signal into an analog signal and reproduces the music (step S506).

(Check-in / check-out of duplicate content using MC of level 0, reproduction of duplicate content)
Next, check-in / check-out using the level 0 MC 13 configured as shown in FIG. 4A will be described with reference to FIGS. 9 and 15 to 16.

  Level 0 MC 13 can only check in / out and play back using PD 12. Further, since it does not have the identification information MID, the identification information PID of the PD 12 is used in check-in / check-out instead.

  The process from when the MC 13 is set to the PD 12 until the type of the MC 13 is determined is the same as that in FIG.

  Here, since the type of the MC 13 is level 0, the PD 12 executes a check-in / check-out process corresponding to the type (step S4).

  A case where a checkout instruction is issued to the SMS 2 via the PD 12 will be described with reference to FIG.

  The SMS 2 checks the number of remaining children n of the content requested to be checked out of the guest book (for example, the content ID is “TID1”) (step S601). If the authentication is performed (step S602) and the mutual validity is confirmed, then the identification information PID is transferred from the PD 12 (step S603).

  As in the case of level 2, the SMS 2 generates a random number r, generates an encryption key w, encrypts the content key using w and Kp, and encrypts the content C (step S604). However, here, the two arguments taken by the key generation algorithm W are r and PID.

  Next, a folder named “TID1”, for example, is created in the storage area of MC 13 (here, only the public area) (step S605). Then, the encrypted content K (C) [C] and the encrypted content decryption key w [Kp [k (C)]] are written in the folder (steps S606 to S607). The random number r is written in the secret area of the PD 12 (step S608). In step S608, it is desirable that the route to transfer the random number r to the secret area of the PD 12 is transfer-protected by encrypting the random number r.

  Finally, as shown in FIG. 7B, the SMS 2 subtracts “1” from the remaining child number n of the content ID “TID1” for which the checkout request of the hotel book was requested, and the checkout list L1 Identification information “PID” of the PD 12 is added (step S609).

  A case where a check-in instruction is issued to the SMS 2 via the PD 12 will be described with reference to FIG.

  The SMS 2 performs mutual authentication with the PD 12 (step S701), and when the mutual validity is confirmed, next, the PD 12 transfers the identification information PID (step S702).

  When the identification information “PID” of the PD 12 is registered in the checkout list from the lodging book of the content for which the check-in request is made (for example, the content ID is “TID1”), the SMS 2 r2 is generated (step S703). Then, the information stored in the area corresponding to the content folder (here, the folder “TID1”) in the public area 13a of the MC 13 is erased by overwriting with the random number r2 (step S704). In order to access the secret area of the PD 12, mutual authentication is performed with the PD 12, and when the validity of both is confirmed and the gate to the secret area is opened, the folder “TID1” in the secret area 13c is associated. The area is erased by overwriting with the random number r1 (step S705). When that is done, the gate that allowed access to the secret area is closed. Further, in step S705, it is desirable that the route until the random number r1 is transferred to the secret area is transfer protected by encrypting the random number r1.

  Thereafter, in SMS2, the value after overwriting is transferred from the MC 13 in order to confirm overwriting and erasing, and the above-mentioned predetermined concealment procedure is also performed from the secret area of the PD 12, and the value after overwriting of the area is set. Reading (step S706), it is checked whether or not it matches the random numbers r1 and r2 (step S707). If overwriting and erasure are confirmed, the folder “TID1” is erased from the MC 13 (step S708).

  Finally, as shown in FIG. 7C, “1” is added to the remaining child number n of the content ID “TID1” for which the check-in request of the guest book was requested, and the PD 12 is identified from the checkout list L1. The information “PID” is deleted (step S709).

  Next, reproduction of the copied content stored in the level 0 MC 13 will be described with reference to FIG. When the MC 13 is set in the PD 12, the PD 12 requests the transfer of the identification information MID from the MC 13, but since the MC 13 does not have the identification information, the PD 12 can determine that the MC 13 is level 0. Accordingly, the PD 12 reads w [Kp [k (C)]] from the storage area (only the public area) of the MC 13 (step S801), and stores the identification information “PID” of the PD 12 itself and the secret area. The encryption key w is generated using the random number r and the key generation algorithm W. Then, the content decryption key K (C) is decrypted from the encryption key w, the encryption key Kp, and w [Kp [k (C)]] read from the MC 13 (step S802).

  The PD 12 reads the encrypted content K (C) [C] from the storage area (only the public area) of the MC 13 (step S803), decrypts the content C by the decryption unit 12g, decodes it by the decoder 12h, and D The digital signal is converted into an analog signal by the / A conversion unit, and music is reproduced (step S804).

(Means for regulating duplicate content recording to MC via network)
In order to solve the second problem of the present invention, that is, in order to restrict the recording of content on the MC 13 via the network, the present invention provides a timeout determination unit 4 as shown in FIG. Yes.

  The time-out determination unit 4 sets a fixed time limit in the reading / writing (one or both) procedure to the MC 13, and interrupts the process if the process does not end within the time limit. Since communication over a network usually takes much longer time than communication with a directly connected device, the time-out function can counter illegal copying through the network. Band limiting can also be used. Assuming that the communication band with the device is a certain level or more, the upper limit of the time required to transfer data of a certain size to the device can be calculated. If the actual transfer time exceeds it, the process is interrupted.

  This will be described in more detail with reference to the configuration of the timeout determination unit 4 shown in FIG. 22 and the flowchart shown in FIG. The timeout time is set to t in advance. For example, the communication bandwidth between the LCM 1 and the PD 12 is b. For example, the processing operation of the timeout determination unit 4 will be described with reference to an example in which checkout is performed with the MC 13 set in the PD 12.

  First, along with the start of one read / write processing operation in the procedure for checkout with the MC 13 set in the PD 12, a determination start signal is input from the SMS 2 via the determination start signal input unit 102 (step At the same time, the size s of packet data exchanged between the SMS 2 and the PD 12 is input from the data size input unit 101 (step S21), and the control unit 105 starts from the clock 107 via the time acquisition unit 106. The current time T is acquired (step S22). Accordingly, the bandwidth b is acquired from the bandwidth storage unit 108 (step S23), and the scheduled end time T ′ is calculated (step S24). Stored in the final scheduled time storage unit 111 (step S25).

  The scheduled end time T ′ can be obtained from the bandwidth b and the data size s by T ′ = T + s / b.

  When the read / write processing operation with the MC 13 set in the PD 12 is completed and a determination end signal is input from the SMS 2 via the determination end signal input unit 103 (step S26), the current time T is acquired again. (Step S27) The difference between the estimated end time T ′ calculated earlier and the current time T is compared with the timeout time t (Step S28). If the difference exceeds the timeout time t, it is determined as “NG”, and the fact is notified to the SMS 2 (step S30). If the PD 12 is connected to the LCM 1 in the PC # 1 performing the check-out as shown in FIG. 21 and the other PC # 2 connected through the network, the determination result “NG” is obtained. Since it is obtained, the LCM1 of PC # 1 interrupts the process for subsequent checkout.

  Alternatively, when the read / write processing operation has not ended even after the scheduled end time T ′ has elapsed, the determination result may be “NG”.

  Alternatively, the timeout determination unit 4 operates in two modes. One is when the data size s is input to the data size input unit 101. At this time, the timeout determination unit calculates the scheduled end time T ′ = T + s / b and stores it in the scheduled end time storage unit 111. Store. When receiving the determination end signal, the timeout determination unit 4 compares the current time T with the time T ′ stored in the scheduled end time storage unit. When the former is smaller than the latter, the timeout determination unit 4 notifies the determination result OK to the SMS 2. In other cases, the determination result NG is notified to the SMS 2.

  The operation in the other mode is when a determination start signal is input to the determination start signal input unit 102, and the timeout determination unit 4 stores the current time T + timeout time t in the scheduled end time storage unit 111. The operation for time-out determination is the same as that in the above one mode.

(Confidential area)
In the LCM 1 of the present invention, a secret area is used to store a check-in / check-out book. When the LCM 1 is configured by a PC, this secret area is created on a hard disk (HDD).

  Here, the secret area on the HDD will be described.

  A normal partition exists on the HDD. The partition is recognized as one drive by the OS. There are multiple sectors in each partition, and data is recorded on the sectors. Data arrangement within a sector is called a logical format. The file system usually has a file allocation table. In the file allocation table, positions of each file and directory on the sector are recorded. The OS refers to the file arrangement table, acquires the position of the access target file, and reaches the target file. The physical arrangement of sectors is called a physical format. Each partition can have a different physical format. The position of the sector is identified by the position of the head. The starting position of each sector is identified by a magnetic mark.

  For the file system supported by the OS, the OS has a driver. The driver recognizes the physical format and logical format of the file system, can reach the file allocation table and each file by tracing the sectors in the partition, and can read and write the contents.

  FIG. 24 shows a file system for configuring the secret area of the present invention. In a normal file system, sectors are arranged at equal intervals, but this is not the case in this file system. There is a sector arrangement table at the head of the first sector. In the sector allocation table, sector positions are recorded in the following form.

Head position # 2, Head position # 3, ..., Head position #n
The positions of the second sector, the third sector,..., The nth sector are shown in order. The sector allocation table is encrypted. The key for decrypting this encryption depends on the unique ID of the system. For example, an OS ID, a BIOS ID, or a CPU ID is used as the system-specific ID.

  Furthermore, a file allocation table exists at the head of the second sector. This is of the form

(File 1, (sector number, position in sector)),
(File 2, (sector number, position in sector)),
...
The position in the sector is the number of bytes from the head of the sector. The file placement table is also encrypted. This encryption key also depends on the system-specific ID.

  Access to the file system of the present invention is performed using a special driver (the secret area driver 7 in FIG. 1). The operation of the secret area driver 7 is shown in FIG. The driver 7 also has a function of changing the sector arrangement. The operation of the secret area driver 7 at the time of sector arrangement update is shown in FIG.

(Authentication)
In the above description, for example, examples of mutual authentication performed when MC 13 is set in LCM 1 and authentication processing performed when accessing a secret area are given. This is conventional and is authentication using a public key cryptosystem, but the present invention is not limited to this.

  In FIG. 20, a case will be described in which B attempting to access A from A is authenticated between two devices (for example, LCM1 and MC13).

  In this case, the device A holds the public key kp, and if the device A can access the device A, the device B holds the secret key ks corresponding to the public key kp. Upon receiving the random number R generated by the device A, the device B encrypts it with the secret key ks (represented as ks [R]) and returns ks [R] to the device A. In the device A, ks [R] is decrypted using the public key, and if the decryption result is equal to the previously generated random number R, it is determined that the device B is a correct partner.

  Thereafter, mutual authentication can be performed by performing the same operation as described above from the device B to the device A. In this case, device B holds the public key, device A holds the secret key, device A encrypts the random number generated by device B with the secret key, and device B decrypts it using the public key. Check if it is equal to the previously generated random number.

The figure which showed the structural example of the music content utilization management system (LCM) using the content management method for restrict | limiting the number of the replication content which can be memorize | stored in the storage medium (media) which concerns on embodiment of this invention. The figure which showed the structural example of the memory area. The figure which showed the internal structural example of the recording / reproducing apparatus (PD). The figure for demonstrating the characteristic of three types of storage media. The figure which showed the internal structural example of the media interface (I / F) part. The figure for demonstrating the recording content of the storage medium after check-in. The figure which showed the example of a memory | storage of the hotel book stored in the secret area | region of LCM. The figure which showed the other memory | storage example of the hotel book stored in the secret area | region of LCM. FIG. 5 is a flowchart for explaining a check-in / check-out processing procedure, showing a procedure from determining a type of media to selecting a process according to the type. The figure for demonstrating the checkout procedure in case the classification of a storage medium is level 2. FIG. The figure for demonstrating the check-in procedure in case the classification of a storage medium is level 2. FIG. The figure for demonstrating the reproduction | regeneration procedure in case the classification of a storage medium is level 2. FIG. The figure for demonstrating the checkout procedure in case the classification of a storage medium is level 1. FIG. The figure for demonstrating the reproduction | regeneration procedure in case the classification of a storage medium is level 1. FIG. The figure for demonstrating the checkout procedure in case the classification of a storage medium is level 0. The figure for demonstrating the check-in procedure in case the classification of a storage medium is level 0. The figure for demonstrating the reproduction | regeneration procedure in case the classification of a storage medium is level 0. The figure which showed the other example of a memory | storage of the hotel book stored in the confidential area | region of LCM, and shows the hotel book containing a flag. The flowchart for demonstrating the outline of the check-in process using a flag. The figure for demonstrating the authentication procedure using a public key encryption system. The figure which showed the apparatus structural example in the case of recording the replication content to a storage medium via a network. The figure which showed the internal structural example of the timeout determination part. The flowchart for demonstrating an example of timeout determination processing. The figure for demonstrating the file system for comprising a secrecy area. The flowchart for demonstrating operation | movement of a secret area | region driver. The flowchart for demonstrating operation | movement of the secret area | region driver at the time of sector arrangement | positioning update.

Explanation of symbols

1. Content usage management system 2. Secure content server (SMS)
DESCRIPTION OF SYMBOLS 3 ... EMD interface part 4 ... Timeout determination part 5 ... PD interface (I / F) part 6 ... Media interface (I / F) part 7 ... Secret area driver 8 ... Accommodation book storage part 9 ... License storage part 10 ... Music data storage Unit 11 ... CD interface (I / F) unit 12 ... Recording / reproducing apparatus (PD)
13. Storage medium (MC)

Claims (8)

A storage device having identification information,
A storage area that stores the identification information; a secret area that is accessible in a concealed specific procedure; and a storage unit that includes a public area other than the secret area;
Performing the specific procedure for accessing the secret area, determining whether or not to access the secret area, and control means for enabling access to the secret area when it is determined that access is possible;
With
The public area stores the encrypted content and first control information necessary for the reproduction process of the encrypted content encrypted with the key information generated based on the identification information,
A storage device that stores second control information for generating the key information necessary for the reproduction process of the encrypted content in the secret area. The encrypted content stored in the public area is
Using the key information generated based on the identification information read from the identification information storage area and the second control information read from the secret area that can be accessed by a secret specific procedure 2. The storage device according to claim 1, wherein the storage device is reproduced by using the first control information read from the public area, which is decrypted.   In order to erase the encrypted content stored in the public area, the recording area of the second control information stored in the secret area that can be accessed by a secret specific procedure is overwritten with a random number and erased. The storage device according to claim 1, wherein: A storage device having identification information,
First storage means for storing the identification information;
Encrypted content, first control information necessary for reproduction processing of the encrypted content encrypted with key information generated based on the identification information stored in the first storage means, and Second storage means for storing second control information for generating the key information necessary for the reproduction processing of the encrypted content;
A storage device comprising: The encrypted content stored in the second storage means is
The first information read from the second storage means decoded using the identification information read from the second storage means and the key information generated based on the second control information. 5. The storage device according to claim 4, wherein the storage device is reproduced using control information. A storage device that records content from other devices through legitimate procedures,
An identification information storage area for storing identification information unique to the storage device, a secret area accessible in a concealed specific procedure, and a storage unit having a public area that can be normally accessed;
An authentication means for performing an authentication procedure for accessing the secret area and enabling access to the secret area when it is determined that access is possible;
With
In the secret area, control information transmitted through the authentication procedure with the other device is stored,
The storage device, wherein the content encrypted in such a manner that it can be decrypted using the control information and the identification information is stored in the public area. The encrypted content stored in the public area is
The decryption is performed using the identification information read from the identification information storage area and the control information read from the secret area that is made accessible by a concealed specific procedure. 6. The storage device according to 6.   The control information stored in the concealed area that is accessible by a concealed specific procedure is erased in order to erase the encrypted content stored in the public area. Item 7. The storage device according to Item 6.

Images