JP2007005929A - Image processing apparatus and method, and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a technology capable of providing a hybrid service comprising type I contents and type II contents. <P>SOLUTION: In the type I contents, ordinary broadcast programs are stored in a receiver in the unit of programs and the stored program is distributed to a viewer in its preferred timing by utilizing a prescribed license, and in the type II contents, storage exclusive broadcast programs are stored in the receiver in the unit of programs and the stored program is distributed to the viewer in its preferred timing by utilizing the prescribed license. These contents are stored in a way as shown in Fig. 10, and the type I contents (TYPE1_Stream_1) resulting from storing the ordinary TV programs and the type II contents (files BML, JPEG, PNG) resulting from reproducing the type I contents in the unit of scenes through the operation of the viewer can realize nonlinear viewing of TV programs such as digest reproduction of the TV programs. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to an information processing apparatus, method, and program, and more particularly, to an information processing apparatus, method, and program that can perform limited reproduction that can support a plurality of forms of content distribution in server-type broadcasting.

  With the development of broadcasting technology, various forms of content distribution have been developed. For example, there is a service that allows only a designated content (or content group) to be viewed once for a fee. This service is realized by controlling reproduction based on a license distributed for each content (see Patent Document 1).

JP 2002-116856 A

  However, conventionally, it has not been proposed to integrally provide contents to be played back by different methods.

  The present invention has been made in view of such a situation, and makes it possible to integrally provide contents to be played back by different methods.

  The information processing apparatus according to the present invention includes a first acquisition unit that acquires from a broadcast a main license that indicates the existence of a right to use a plurality of contents and includes a work key, a right to use the main license, and one content. Second acquisition means for acquiring from the communication an individual license indicating presence and including content key and content usage condition information; first storage means for permanently storing the main license and the individual license; and first storage means Reading means for reading one designated license from the main license and the individual license stored in step 1, output means for outputting information on the license stored in the first storage means, and individual read by the reading means Read content key and content usage condition information included in license faster A second storage means for developing and temporarily storing in a possible form, a sub-license encrypted with a work key of the main license corresponding to the information including the content key and the content usage condition information, and the first storage Third storage means for decrypting with the work key of the corresponding main license stored by the means, expanding the content key and content usage condition information included in the sublicense into a form that can be read at high speed, and temporarily storing the content key; Only when the content use condition information temporarily stored by the second storage means or the third storage means is determined at the start of content use and the content use condition information is satisfied, the second storage means or third Supply means for supplying a content key temporarily stored in the storage means.

  When the content is encrypted with the scramble key for each part, the supply means inputs information obtained by encrypting the scramble key for each part with the content key, and the second storage means or the third storage means The content key Kc stored in the above can be used for encryption / decryption, and the scramble key Ks for each part obtained as a result can be supplied.

  The first acquisition unit or the second acquisition unit temporarily stores the individual license or the main license when the first storage unit cannot store the individual license or the main license, and the reading unit stores the designated license in the first acquisition unit. Alternatively, when the license is an individual license or a main license temporarily stored by the second acquisition unit, it can be read from the first acquisition unit or the second acquisition unit.

  When the content is reproduced simultaneously with reference to another content, the second storage means and the third storage means respectively relate to the license corresponding to the reference source content and the license corresponding to the reference destination content. The content key and the content usage condition information included in the file are expanded and temporarily stored in a form that can be read out at a higher speed, and the supply means relates to the two licenses stored in the second storage means or the third storage means. When the content is used, content usage determination is performed using the license usage condition information stored in the corresponding second storage means or third storage means according to the license specification, and only when the conditions are satisfied A content key can be supplied.

  The information processing method according to the present invention includes a first acquisition step of acquiring a main license including a work key indicating presence of a right to use a plurality of contents from a broadcast, a main license, and a right to use one piece of content. A second acquisition step of acquiring from the communication an individual license indicating presence and including a content key and content usage condition information; a first storage step of permanently storing the main license and the individual license; and a first storage step A read step for reading out one designated license from the main license and the individual license stored in the processing in step 1, an output step for outputting information relating to the license stored in the processing in the first storage step, and processing in the read step The content key and the content included in the individual license read in The second storage step for expanding and temporarily storing the usage condition information of the content in a form that can be read out at a higher speed, and the information including the content key and the content usage condition information is encrypted with the work key of the corresponding main license The sublicense is input and decrypted with the work key of the corresponding main license stored in the processing of the first storage step, so that the content key and content usage condition information included in the sublicense can be read at high speed. The third storage step that is expanded and temporarily stored, and the content usage condition information that is temporarily stored in the processing of the second storage step or the third storage step at the start of content usage is determined, and the content usage condition information is obtained. Only when satisfied, the content stored temporarily in the processing of the second storage step or the third storage step. Characterized in that it comprises a supply step of supplying tool key.

  The program of the present invention shows a first acquisition step for acquiring a main license including a work key indicating the existence of a right to use a plurality of contents from a broadcast, a main license, and the existence of a right to use one piece of content. Processing of the second acquisition step of acquiring the individual license including the content key and content usage condition information from the communication, the first storage step of permanently storing the main license and the individual license, and the processing of the first storage step A read step for reading out one designated license from the main license and the individual license stored in step 1, an output step for outputting information on the license stored in the process of the first storage step, and a read step for reading. Content key and container included in the issued individual license The second storage step for expanding and temporarily storing the usage condition information in a form that can be read out at a higher speed, and the information including the content key and the content usage condition information encrypted with the work key of the corresponding main license The sublicense is input and decrypted with the work key of the corresponding main license stored in the processing of the first storage step, so that the content key and content usage condition information included in the sublicense can be read at high speed. The third storage step that is expanded and temporarily stored, and the content usage condition information that is temporarily stored in the processing of the second storage step or the third storage step at the start of content usage is determined, and the content usage condition information is obtained. Only when satisfied, the content temporarily stored in the process of the second storage step or the third storage step Characterized in that it comprises a supply step of supplying the key.

  According to the present invention, it is possible to integrally provide content that is played back by different methods.

  Embodiments of the present invention will be described below. Correspondences between constituent elements described in the claims and specific examples in the embodiments of the present invention are exemplified as follows. This description is to confirm that specific examples supporting the invention described in the claims are described in the embodiments of the invention. Therefore, even if there are specific examples that are described in the embodiment of the invention but are not described here as corresponding to the configuration requirements, the specific examples are not included in the configuration. It does not mean that it does not correspond to a requirement. On the contrary, even if a specific example is described here as corresponding to a configuration requirement, this means that the specific example does not correspond to a configuration requirement other than the configuration requirement. not.

  Further, this description does not mean that all the inventions corresponding to the specific examples described in the embodiments of the invention are described in the claims. In other words, this description is an invention corresponding to the specific example described in the embodiment of the invention, and the existence of an invention not described in the claims of this application, that is, in the future, a divisional application will be made. Nor does it deny the existence of an invention added by amendment.

The information processing apparatus according to claim 1 (for example, the server type CAS module 33 in FIG. 2)
First acquisition means (for example, a main license (for example, the main license in FIG. 5) indicating the existence of a right to use a plurality of contents and including a work key (for example, the server type work key Kws in FIG. 5) from broadcasting. , License management section 55) of FIG.
A second acquisition unit (for example, an individual license (for example, the individual license in FIG. 6) that indicates the existence of the right to use the main license and one content and includes the content key and the content usage condition information from the communication (for example, The license server I / F 51 and the license management unit 55) of FIG.
First storage means for permanently storing the main license and the individual license (for example, the license store unit 56 in FIG. 9);
Reading means (for example, license management unit 55 in FIG. 9) for reading out one designated license from the main license and individual license stored in the first storage means;
Output means (for example, license management unit 55) for outputting information about the license stored in the first storage means;
Second storage means (for example, the license management unit 55 in FIG. 9) that expands and temporarily stores the content key and content usage condition information included in the individual license read by the reading means in a form that can be read at higher speed. Current license cache unit 60) (for example, server-type CAS module 33 in FIG. 6);
The sublicense (for example, ACI in FIG. 5) encrypted with the work key of the main license corresponding to the information including the content key and the content usage condition information is input, and the corresponding main stored in the first storage unit is stored. Third decryption is performed with the work key of the license (for example, the sublicense decrypting unit 59 in FIG. 9), and the content key and the content usage condition information included in the sublicense are expanded and temporarily stored in a form that can be read at high speed. Storage means (for example, license management unit 55, current license cache unit 60 in FIG. 9) (for example, server-type CAS module 33 in FIG. 5);
Only when the content use condition information temporarily stored by the second storage means or the third storage means is determined at the start of content use and the content use condition information is satisfied, the second storage means or third Supply means (for example, use condition determining unit 61, renderer I / F 65 in FIG. 9) (for example, server-type CAS module 33 in FIGS. 5 and 6) for supplying a content key temporarily stored in the storage means It is characterized by that.

The information processing apparatus according to claim 2
In the case where the content is encrypted with a scramble key for each part (for example, the content shown in FIG. 3 or 4), the supply means encrypts the information for which the scramble key for each part is encrypted with the content key (for example, FIG. 3 or ECM-Kc in FIG. 4 is input, and decrypted by the content key Kc stored in the second storage means or the third storage means, and the resulting scramble key Ks is supplied for each part. (For example, ECM-Kc decoding unit 62, Ks cache unit 63, renderer I / F 65 in FIG. 9) (for example, server type CAS module 33 in FIGS. 3 and 4)
It is characterized by that.

An information processing apparatus according to claim 3 is provided.
When the first storage unit cannot store the individual license or the main license, the first acquisition unit or the second acquisition unit (for example, the license management unit 55 in FIG. 9) temporarily stores the license,
When the specified license is an individual license or a main license temporarily stored by the first acquisition unit or the second acquisition unit, the reading unit reads the license from the first acquisition unit or the second acquisition unit. It is characterized by reading.

The information processing apparatus according to claim 4 is:
When the content (for example, type 1 content) refers to another content (for example, type 2 content) and plays back simultaneously, the second storage means and the third storage means each have a reference source content (for example, , Type 2 content) and a license corresponding to a reference destination content (for example, type 1 content), the content key and content usage condition information included in the license are expanded in a form that can be read out at higher speed. Temporarily remember,
The supply unit stores the two licenses stored in the second storage unit or the third storage unit in the corresponding second storage unit or the third storage unit according to the designation of the license when the content is used. The content usage determination is performed using the license usage condition information, and the content key is supplied only when the condition is satisfied.

The information processing method according to claim 5 and the program according to claim 6 are:
A first acquisition step (for example, “license acquisition process” in FIG. 8) of acquiring the main license including the work key indicating the presence of the right to use the plurality of contents from the broadcast;
A second acquisition step (for example, “license acquisition process” in FIG. 8) that acquires the main license and an individual license that indicates the existence of the right to use one piece of content and includes a content key and content use condition information. When,
A first storage step for permanently storing the main license and the individual license (for example, “license holding / management process” in FIG. 8);
A reading step of reading one designated license from the main license and the individual license stored in the processing of the first storage step;
An output step of outputting information on the license stored in the first storage step;
A second storage step (for example, “License holding / management” in FIG. 8) that expands and temporarily stores the content key and content usage condition information included in the individual license read in the reading step into a form that can be read at higher speed. Processing "),
The sublicense encrypted with the work key of the main license corresponding to the content key and the information including the use condition information of the content is input, and encrypted with the work key of the corresponding main license stored in the processing of the first storage step. A third storage step (for example, “license setting process in FIG. 8”) that decrypts and expands and temporarily stores the content key and content usage condition information included in the sublicense in a form that can be read at high speed;
Only when the content usage condition information temporarily determined in the processing of the second storage step or the third storage step is determined at the start of content usage and the content usage condition information is satisfied, the second storage step or A supply step of supplying the content key temporarily stored in the third storage step (for example, “license use processing”).

(1) Server type broadcasting Normal broadcasting is based on the premise that video signals, audio signals, etc. are continuously transmitted by broadcast waves, which are continuously received by a receiver and reproduced immediately. That is, the viewer views the program at the time when the program is broadcast. On the other hand, in the server type broadcasting, the viewer can view the program (content) that he / she wants to watch at the time he / she wants to view it.

  As a server-type broadcast operation mode, normal broadcasts are stored as content on a receiver-by-program basis in the storage media of the receiver, and viewers can use a predetermined license that is distributed separately and at a desired timing. There is a form in which the content stored in the storage medium can be viewed. As a result, for example, it is possible to provide services such as prohibiting recording and allowing paid viewing under predetermined conditions. Content distributed in this operation mode (content that stores and uses normal TV broadcasts) is referred to as type 1 content.

  As another operational form of server-type broadcast, the broadcast station side broadcasts content for storage only, not normal broadcast, and the broadcast is stored in the storage media of the receiver as content on a program basis. However, there is a form in which the content stored in the storage medium can be viewed at a desired timing using a predetermined license distributed separately. Content distributed in this operation mode (dedicated content for storage-only service) is referred to as type 2 content.

  As an advanced form of this operation form, there is a form in which content stored in the storage medium is downloaded not only from the broadcast but also via communication. There is also a mode in which a viewer requests a server on a communication network at a timing when he / she wants to view and receives and directly reproduces the content he / she wants to view by a so-called streaming transmission method.

  That is, the present invention relates to a limited reproduction technique in the case of providing various content distribution forms in an integrated manner, for example, in the case of providing a mixture of type 1 content distribution and type 2 content distribution.

  By providing type 1 content and type 2 content in a mixed form, for example, BML (Broadcast) that reproduces the type 1 content in which normal TV programs are stored and the type 1 content in a scene unit by the operation of the viewer. Non-linear viewing of TV programs, such as digest playback of TV programs, can be realized with Type 2 content including Markup Language) files and metadata files.

(2) Server type broadcast system FIG. 1 shows an example of the configuration of a server type broadcast system to which the present invention is applied.

  The broadcasting station 1 produces type 1 content and type 2 content, applies necessary encryption, and sends out as a broadcast wave by a prescribed transmission method.

  The broadcast station 1 transmits an individual license for each receiver 2, and an EMM (Entitlement Management Message) generated by the Kms management server 13 and encrypted with the server type master key Kms for each receiver 2. (Individual information for each subscriber) is transmitted.

  Each of the receiver 2-1, the receiver 2-2, and the receiver 2-3 (hereinafter referred to simply as the receiver 2 when there is no need to distinguish them individually. The same applies in other cases). This is a server-type broadcast-compatible receiver that includes storage media 31-1, 31-2, and 31-3. In this example, the receivers 2-1 and 2-2 belong to the same household, and the receiver 2-3 belongs to another household.

  The receivers 2-1 and 2-2 are connected to each other via the home network 4 so that the contents can be mutually used.

  Each home receiver 2 is connected to the broadband network 8 via the gateway 5 or 6 and can communicate with the content server 9 to the domain management server 12 on the broadband network 8 as necessary.

  The content server 9 supplies content to the receiver 2 via the broadband network 8 (provides content separately from broadcasting). As a method for supplying this content, there are a method of temporarily downloading to the storage medium 31 of each receiver 2 and a method of directly reproducing by streaming.

  The license server 10 supplies the license to the receiver 2 when it is necessary to acquire the license through the communication path when the receiver 2 is necessary (when such operation is performed).

  The shop / settlement server 11 has a function as a Web server that performs navigation for a viewer to purchase content from the receiver 2 using BML or the like, and a function that performs billing or settlement.

  The domain management server 12 manages information about which receiver 2 belongs to which domain in order to properly operate the domain. In server type broadcasting, the domain of each household is basically managed, and the license for using the content is granted to the domain. Thus, for example, the receivers 2-1 and 2-2 can use content with a common license, but the receiver 2-3 is in a different domain, so the receivers 2-1 and 2-2 Requires a separate license.

  The domain management server 12 generates and manages a domain key, and acquires the domain key by broadcasting or direct communication so that domain control is properly performed in each receiver 2.

  The Kms management server 13 manages the server type master key Kms embedded in the receiver 2 individually. The server type master key Kms is used for encryption of a license or the like as necessary for the security of the entire server type broadcasting system, or a security base when license transmission is performed between the license server 10 and the receiver 2. Used as

(3) Server type broadcast compatible receiver FIG. 2 shows a configuration example of the receiver 2. The receiver 2 also has a normal digital broadcast receiving function.

  When a normal broadcast is received, a data stream (TS) including a channel to be selected is extracted by a tuner 22 from a broadcast wave input 21 of an intermediate frequency. When the scramble is applied in pay broadcasting or the like, the scramble is decrypted by the descrambler 23 which is judged to be viewable by the B-CAS card 24 by the descrambler 23 and inputted to the demultiplexer 25. In the demultiplexer 25, signals such as video, audio, and data broadcast signals constituting the channel to be selected are filtered, the video signal is the video decoder 26, the audio signal is the audio decoder 27, and the data broadcast signal is the BML browser 28. Are respectively input and decoded. Finally, the video output 29 and the audio output 30 are presented to the viewer.

  On the other hand, when the server type broadcast is received, the stream to be serviced is extracted from the broadcast wave input 21 by the tuner 22 as in the case of receiving the normal broadcast, but the descrambler 23 does not perform descrambling. The stream is input to the demultiplexer 25 as it is.

  At this time, the demultiplexer 25 extracts data to be stored as content, and the extracted content is stored as a content file group in the storage medium 31 based on the storage control information included in the stream.

  When the server type broadcast is received, the license is input to the server type CAS module 33 by broadcast or communication prior to the reproduction of the content, so that the license can be used. As license forms, there are a one-tier license and a two-tier license.

  In the case of a one-tier license, the license is transmitted by communication and input from the communication input / output 34 to the server type CAS module 33 via the communication interface 35.

  The two-tier license is composed of a main license and a sub license. The main license indicating the viewer's right to use is assumed to be used for both broadcast transmission and communication transmission.

  When transmitted by broadcast, the main license is embedded in the broadcast stream as an EMM packet independent of content transmission, extracted from the broadcast wave input 21 by the demultiplexer 25 via the tuner 22, and sent to the server-type CAS module 33. Entered.

  When the data is transmitted by communication, it is input from the communication input / output 34 via the communication interface 35 to the server type CAS module 33 as in the case of the one-layer license.

  Since the sublicense is transmitted as a part of the content, the sublicense is stored in the storage medium 31 according to the above-described flow. However, the sublicense is input to the server type CAS module 33 before the content is reproduced.

  In the case of a one-tier license, after the license has been entered, in the case of a two-tier license, after both the main license and sub-license are entered, the license is made available on the server type CAS client before content is played. The usage condition included in the license is determined, and if it can be used, the content key included in the license is output from the server type CAS module 33 and set in the encryption / decryption device 32. As a result, the encryption / decryption device 32 can decrypt the encryption of the content read from the storage medium 31, so that the content can be reproduced.

  The content is assumed to be in the form of a stream including video and audio, and in the form of a file such as a BML document file or JPEG (Joint Photographic Coding Experts) file. In the former case, the stream is decoded from the encryption / decryption device 32. It is supplied to the multiplexer 25 where it is separated into video and audio. The video is decoded by the video decoder 26 and the audio is decoded by the audio decoder 27 and presented to the viewer as a video output 29 and an audio output 30.

  In the latter case, the file is supplied from the encryption / decryption device 32 to the BML browser 28, where it is played back in multimedia, and finally presented as a video output 29 together with the video.

  Note that the demultiplexer 25 through the BML browser 28 and the encryption / decryption device 32 that perform content reproduction processing will be appropriately referred to as a renderer 36 in the following.

(4) Limited playback processing in type 1 content The limited playback processing realized in the present invention for each content and operation variation assumed in server-type broadcasting will be described.

  First, the limited reproduction process for type 1 content will be described. Type 1 content is such that limited playback control is performed after a normal broadcast program is stored as content. There are two possible service models.

  One is a free broadcast but scrambled for copyright protection. In addition to recording, it is stored as type 1 content to allow advanced use such as digest playback using segment metadata. It is a service model to let you. The other is a service model in which recording is prohibited in premium programs such as PP (pay per view), but it is stored as content and limited playback such as once is allowed for a fee. .

  The former free program can be realized by the two-tier license model shown in FIG. The limited reproduction process in this case will be described. The numbers in FIG. 3 correspond to the order of this limited reproduction process.

  First, as a process corresponding to the number 1 in FIG. 3, it corresponds to a range of type 1 content flat tier subscribers such as viewers who have made a contract for a high level of use, and the like. The main license including the server type work key Kws and the usage conditions GroupRMPI related to the entire contract is encrypted with the server type master key Kms specific to the server type CAS module 33 of the receiver 2 used by the viewer, and broadcast station 1 as EMM. Is broadcast for a certain period of time. The viewer operates the receiver 2 to receive it, whereby the main license is input to the server-type CAS module 33 and decrypted with the server-type master key Kms and held.

  Next, as processing corresponding to number 2, as shown in FIG. 3, content as content for each program from the broadcasting station 1 to a stream of a normal TV program that can be received and reproduced by a normal receiver that does not support the server type. Key Kc and its usage conditions EachRMPI encrypted with server type work key Kws Kc distribution ECM and scramble key Ksi of program AV signal packet updated every few seconds (i = 1,2, ..., n , N + 1,...), Two types of packets of ECM-Kc in which the content key Kc is encrypted are added and broadcast. The Kc distribution ECM is information that functions as a sublicense. In the receiver 2, the stream for one program that remains scrambled is stored in the storage medium 31 as content in the form of a file.

  Next, as processing corresponding to the number 3, when the reproduction of the content stored in the storage medium 31 of the receiver 2 is activated, the sublicense Kc distribution ECM is extracted and stored in the server-type CAS module 33. The server type work key Kws included in the main license (the process corresponding to number 1) input and held in the server type CAS module 33 is decrypted, and the sub license content key Kc and the main license The merged RMPI of the sub-licenses is set to a usable state in the server type CAS module 33.

  Next, as processing corresponding to the number 4, when the content reproduction is started, the renderer 36 makes a reproduction start permission request to the server type CAS module 33, and the ECM-Kc that first appears in the content stream is the server type CAS module 33. Is input. At that time, the RMPI usage condition is determined by the server-type CAS module 33. If it can be used, the ECM-Kc is decrypted with Kc, and the scramble key Ks is output to the renderer 36.

  The renderer 36 uses the scramble key Ks to unscramble the AV stream packet from the storage medium 31 and reproduce it. Thereafter, every time ECM-Kc is updated, ECM-Kc is input to server-type CAS module 33 to determine whether RMPI is used, and if it is available, scramble key Ks is output to renderer 36. The AV stream is unscrambled and played back (playback continues).

  The latter type of service model for type 1 content (a service model in which recording is prohibited in a premium program such as PPV, but limited playback such as recording once and allowing only one charge for a fee) In this case, it can be realized by the one-tier license model shown in FIG. The limited reproduction process in this case will be described. The numbers in FIG. 4 correspond to the order of this limited reproduction process.

  First, as a process corresponding to number 1 in FIG. 4, an AV signal of a program that is updated every few seconds as shown in FIG. 4 to a stream of a PPV TV program that can be received and reproduced even by a normal receiver that does not support the server type. An ECM-Kc obtained by encrypting a scramble key Ks of a packet with a content key Kc included in an individual license, which will be described later, is added and broadcast from the broadcast station 1. In the receiver 2, the stream for one program that remains scrambled is stored in the storage medium 31 as content in the form of a file.

  Next, as a process corresponding to number 2, the viewer communicates with the shop / payment server 11 (FIG. 1) to view the premium program content stored in the storage medium 31, and performs a purchase operation. Do. As a result, the shop / settlement server 11 performs settlement, and as a result, the license server 10 generates an individual license corresponding to this content for the receiver 2 of the corresponding viewer. The server-type CAS module 33 of the receiver 2 acquires and holds the generated individual license through secure communication with the license server 10 based on mutual authentication.

  Next, as processing corresponding to the number 3, when the reproduction of the content stored in the storage medium 31 of the receiver 2 is activated, the individual license held in the server CAS module 33 is converted into the server master key Kms. Thus, the encryption is broken and the content key Kc and RMPI are set to be usable.

  Next, as processing corresponding to the number 4, when the content reproduction is started, the renderer 36 makes a reproduction start permission request to the server type CAS module 33, and the ECM-Kc that first appears in the content stream is the server type CAS module. 33. At that time, the RMPI usage condition is determined by the server-type CAS module 33. If it is available, the ECM-Kc is decrypted with the content key Kc, and the scramble key Ks is output to the renderer 36.

  The renderer 36 uses the scramble key Ks to unscramble the AV stream packet from the storage medium 31 and reproduce it. Thereafter, every time ECM-Kc is updated, ECM-Kc is input to server-type CAS module 33 to determine whether RMPI is used, and if it is available, scramble key Ks is output to renderer 36. The AV stream is unscrambled and played back (playback continues).

(5) Limited playback method for type 2 content Next, a limited playback method for type 2 content will be described. Type 2 content is configured as a file group of one program, which is broadcasted and transmitted as a storage-only service that cannot be viewed immediately upon reception, and received and stored as content by the receiver 2, and then under limited playback control Played. Therefore, it is assumed that transmission by broadcast is sent over a time different from the reproduction time.

  As a service model of type 2 content, it is assumed that a program is stored in the storage medium 31 of the receiver 2 as content and is viewed on demand for a fee. There are two types of operation: flat-rate billing based on contracts (flat-tier billing) and methods for charging individual contents (pay-per-use billing), and the limited playback method differs depending on the billing method.

  In the former flat-tier billing operation, the two-tier license model shown in FIG. 5 is considered suitable. The limited reproduction process in this case will be described. The numbers in FIG. 5 correspond to the order of this limited reproduction process.

  First, as a process corresponding to number 1 in FIG. 5, the viewer contracts an on-demand service for type 2 content that allows viewing of a plurality of contents on a monthly basis. The contract is assumed to be online by communication between the shop / payment server 11 (FIG. 1) and the receiver 2 or offline where the viewer contracts by telephone or the like, but the flat tier of type 2 content is used. For a contract, a server type master key Kms specific to the server type CAS module 33 of the receiver 2 used by the viewer is determined by the main license including the server type work key Kws corresponding to the scope and the use condition GroupRMPI related to the entire contract. The EMM is encrypted and transmitted as EMM by broadcasting from the broadcasting station 1 for a certain period. The viewer operates the receiver 2 so as to receive it, whereby the main license is input to the server-type CAS module 33 and is decrypted and held by the server-type master key Kms.

  Next, as a process corresponding to the number 2, the business operator creates contents to be broadcast in a specific time zone using the storage service as a file group to be stored in the receiver 2. For example, in the case of video content such as a movie, a file obtained by encrypting data obtained by multiplexing a video signal and an audio signal for two hours in the MPEG2-TS format with a content key Kc is generated. In the case of multimedia content, it is assumed that a plurality of files each encrypted with a content key Kc are configured.

  In addition to the content body file group, a sublicense file in which information including the content key Kc and the content usage condition EachRMPI is encrypted with the server-type work key Kws corresponding to the flat tier contract (hereinafter referred to as ACI, as appropriate) Is also generated.

  All these files are broadcast from the broadcast station 1 as a broadcast stream in a data carousel system suitable for broadcasting the files. In the receiver 2, these files are extracted from the received storage service and stored on the storage medium 31. At this time, accumulation control is performed based on information included in the data carousel so that a file group is generated with a directory configuration designated on the accumulation medium 31.

  Next, as a process corresponding to the number 3, when the reproduction of the content stored in the storage medium 31 of the receiver 2 is activated, a sublicense (ACI) file is input to the server type CAS module 33, and the server type The sub-license is decrypted with the server-type work key Kws included in the main license held in the CAS module 33, and the ACI content key Kc and the RMPI obtained by merging the main license and sub-license are used as the server-type CAS. It is set in a usable state in the module 33.

  Next, as a process corresponding to the number 4, when the content reproduction is started, the renderer 36 makes a reproduction start permission request to the server CAS module 33, and at that time, the use condition determination by RMPI is performed in the server CAS module 33. If available, the content key Kc is transferred to the renderer 36. The renderer 36 sets this in the encryption / decryption device 32 (FIG. 2), reads the content main body file, and decrypts the encryption to reproduce the content.

  In the case of pay-per-use billing for type 2 content, it can be realized by the one-tier license model shown in FIG. The limited reproduction process in this case will be described. The numbers in FIG. 6 correspond to the order of this limited reproduction process.

  First, in response to the number 1 in FIG. 6, the business operator produces content broadcasted in a specific time zone using the storage-type service as a file group to be stored in the receiver 2. For example, in the case of video content such as a movie, a file obtained by encrypting data obtained by multiplexing a video signal and an audio signal for two hours in the MPEG2-TS format with a content key Kc is generated. In the case of multimedia content, it is assumed that a plurality of files encrypted with the content key Kc are generated. These files are broadcast as a broadcast stream by the data carousel method. The receiver 2 extracts these files from the received storage service and stores them on the storage medium 31. At this time, accumulation control is performed based on information included in the data carousel so that a file group is generated with a directory configuration designated on the accumulation medium 31.

  Next, as processing corresponding to number 2, the viewer communicates with the shop / payment server 11 and performs a purchase operation in order to view the content stored in the storage medium 31. As a result, the shop / settlement server 11 performs settlement, and as a result, the license server 10 generates an individual license corresponding to this content for the receiver 2 of the corresponding viewer. The server-type CAS module 33 of the receiver 2 acquires and holds the generated individual license through secure communication with the license server 10 based on mutual authentication.

  Next, as processing corresponding to the number 3, when the reproduction of the content stored in the storage medium 31 is started, the encryption of the individual license held in the server CAS module 33 is the server master key Kms. After being unlocked, the content key Kc and RMPI are set to be usable.

  Next, as processing corresponding to number 4, at the time of content playback, the renderer 36 makes a request for permission to start playback to the server type CAS module 33, and at that time, the server type CAS module 33 makes use condition determination by RMPI. If available, the content key Kc is transferred to the renderer 36. The renderer 36 sets this in the encryption / decryption device 32, reads the content main body file, and decrypts the encryption to reproduce the content.

(6) Integrated Server Type CAS System and Integrated Server Type CAS Module FIG. 7 shows an integrated server type CAS system that realizes the limited playback processing of various contents described so far with one server type module.

  The square frame number 1 and number 4 are ECM and EMM for limited broadcast reception, respectively, which are independent of other server-type CAS-related data as distribution routes. In the cage receiver 2, processing is performed by the B-CAS card 24 independent of the server type CAS module 33.

  The domain key Kd is distributed regardless of the content type. When the domain key Kd is distributed by broadcasting, it is transmitted as EMM (Kd) through the route of number 6, encrypted at the broadcasting station 1 side with the key Kms at symbol E6, and on the receiver 2 side, the server type CAS module 33 Thus, the symbol D6 is decrypted with the key Kms and held as the domain key Kd. When the domain key Kd is distributed by communication, the domain key Kd is transferred through a secure communication path based on the key Kms of both the license server 10 and the server type CAS client via the path number 9 and the server type CAS module 33. Stored as a domain key Kd.

  In the distribution of the main license of the two-tier license, it can be handled without distinction between content types such as type 1 content and type 2 content. In broadcasting, it is transmitted as EMM (Kws) through the route of number 5, encrypted on the broadcasting station 1 side with the key Kms at symbol E5, and on the receiver 2 side, decrypted with the key Kms at symbol D5 by the server type CAS module 33. Held as the main license. When the main license is distributed by communication, it is transferred on the secure communication path based on the key Kms of both the license server 10 and the server type CAS client through the route of number 8 and is held as the main license in the server type CAS module 33. .

  Also, distribution of individual licenses of one-tier licenses can be handled without distinction between content types. It is transferred through a secure communication path based on the key Kms of both the license server 10 and the server type CAS client through the path of number 7 and held as an individual license in the server type CAS module 33. The individual license specified at the time of reproducing the content is set in a state where it can be used as a usage license.

  The sublicense is a route of number 3 in the figure, and is common in the processing that the information including the content key Kc is encrypted with the key Kws in the symbol E3 on the provider system side. The distribution ECM and other contents are broadcast as an ACI file or transmitted via a communication path, and therefore the path varies. After being acquired by the receiver 2, the common processing is as follows.

  When the sublicense is input to the server-type CAS module 33, it is encrypted with the domain key Kd at the symbol E7 and is output. From here, it becomes the path number 3 'in the figure, and is temporarily stored in the storage medium 31 together with the content. When it is input to the server-type CAS module 33 at the time of reproduction again, the domain key Kd is decrypted with the symbol D7 and further decrypted with the key Kws of the main license with the symbol D3, and the contained content key Kc and RMPI can be used as a usage license Is set to the correct state.

  As data specific to type 1 content, the ECM-Kc transmits a frequently updated scramble key Ks as data encrypted with the key Kc at symbol E2 as a packet in the type 1 content. If it is stored in the storage medium 31 as part of the type 1 content in the receiver 2 as it is, it is input to the server-type CAS module 33 at the time of playback and can be used in the usage determination based on the RMPI of the usage license. The symbol K2 is decrypted with the key Kc and the key Ks is output and set in the descrambler 23.

In the case of type 2 content, download content, etc., the usage determination of the usage license in the server type CAS module is performed at the start of playback, and if available, the content key Kc is output and the content is decrypted. Is called.
(7) Limited playback process of mixed service In the above, the limited playback process has been described for each type 1 content and type 2 content. However, the limited playback process in the case of providing a mixture of type 1 content and type 2 content is described. This will be described with reference to FIG. This limited playback process is executed by each unit being controlled by the resident application 40 executed by the receiver 2.

  The server type CAS module in which the main license (FIG. 3 or FIG. 5) of the two-tier license and the individual license of the one-tier license (FIG. 4 or FIG. 6) to be acquired are transmitted through either the broadcast or communication route. 33 (“license acquisition process”).

  It is assumed that the license is acquired at the time of service application (content purchase) or content playback.

  The acquired main license and individual license are held in the permanent storage function in the server type CAS module 33. It is possible to hold a plurality of licenses as long as the storage capacity of the permanent storage function permits, but for these management, license information output and deletion according to a request from the resident application 40 is executed as appropriate (“ License retention / management process ").

  Next, the license specified by the instruction from the resident application 40 is made available immediately before the start of reproduction of the specific content (“license setting process”).

  In the case of a two-tier license, the sub-license (FIG. 3 or FIG. 5) stored together with the content is input to the server type CAS module 33, and the main license corresponding to the sub-license is merged. The license is an available state license composed of content key Kc and RMPI information.

  In the case of a one-tier license, the corresponding individual license is read as it is and becomes a usable license (FIG. 4 or FIG. 6).

  The license that has become available will remain available until the next time another license is set unless the power is turned off. In other words, the usage control of the specific content is performed under the same usage conditions until another content is activated.

  In response to a reproduction permission request from the renderer 36 at the start of content reproduction, the following “license use processing” is performed.

  First, regarding the license that is available at that time, the usage condition is determined for the RMPI item that can be determined in the server-type CAS module 33. When the determination result is unavailable, reproduction is not permitted, and information such as the content key Kc is not transferred to the renderer 36 and cannot be reproduced by the renderer 36.

  When the determination result is available, different processing is performed as follows for type 1 content and type 2 content.

  In the case of type 2 content, among the RMPI items of the available state license, the renderer usage condition and the content key Kc, which summarize the usage control targets in the renderer 36 and the external output I / F 41, are transferred to the renderer 36. The As a result, the content can be reproduced by the renderer 36.

  In the case of type 1 content, only the renderer usage conditions are transferred to the renderer 36 at this time. After the start of type 1 content playback, every time the ECM-Kc packet included in the content (TS) is updated, the ECM-Kc is input to the server-type CAS module 33 (FIG. 3). Is done. Therefore, when the determination result cannot be used, the scramble key Ks included in the ECM-Kc is not transferred, and the reproduction by the renderer 36 cannot be continued. If the determination result is available, the ECM-Kc is decrypted with the content key Kc, and the scramble key Ks included therein is transferred to the renderer 36. As a result, reproduction by the renderer 36 becomes possible.

  The above-mentioned “license acquisition process”, “license holding / management process”, “license setting process”, and “license use process” (hereinafter referred to collectively as license process when there is no need to distinguish them individually) The server type CAS module 33 is closed and secured.

  At the time of content reproduction, the renderer 36 that has obtained the reproduction permission as a result of the use condition determination based on the license from the server type CAS module 33 as described above obtains the content key Kc or the scramble key Ks, and the encryption or scramble is decrypted. ("Descramble process", "Encryption / decryption process").

  In the case of type 2 content, the content key Kc is supplied to the renderer 36, and the renderer usage conditions are supplied to the renderer 36 and the external output I / F 41.

  The renderer 36 controls the reproduction of the decrypted data, and the external output I / F 41 controls the output of the data reproduced by the renderer 36 based on the renderer usage conditions.

  In the case of type 2 content, if the content key Kc is obtained at the start of playback, playback of the same content can be continued indefinitely depending on the creation of the receiver 2. Playback can be interrupted when the license expiration date passes. The renderer usage conditions can be a trick play limit and an external output limit in addition to the playback time limit.

  The limited playback process described above can be used not only for broadcast contents of type 1 contents and type 2 contents, but also for communication contents in a distribution form such as download and streaming.

(8) Configuration of Server Type CAS Module FIG. 9 shows a functional configuration example of the server type CAS module 33 that executes the license processing described with reference to FIG.

  The license server I / F 51 establishes a secure communication path with the license server 10 and the domain management server 12, transmits a license acquisition message and a domain information acquisition message on the secure communication path, and transmits a license (main license, individual license). , Get domain information.

  The resident application I / F unit 52 analyzes the command from the resident application 40 to instruct each functional block to process, or generates a response of the command based on the response from each block to the resident application 40. Respond.

  The EMM decryption unit 53 decrypts the EMM injected from the resident application 40 with the master key Kms. The EMM decrypting unit 53 also extracts the main license and domain information from the EMM.

  The Kms storage unit 54 holds a server type master key (embedded key) Kms.

  The license management unit 55 receives the license when acquiring the license and causes the license store unit 56 to hold it.

  The license management unit 55 deletes the target license from the license store unit 56 in response to the license deletion request, or deletes expired licenses at once.

  The license management unit 55 temporarily holds the acquired license when the license store unit 56 has insufficient free space.

  The license management unit 55 confirms the presence or absence of a license or reconfigures a part of the contents of the license into license information in response to a license information acquisition request.

  The license management unit 55 sets the license for the individual license and makes it available (FIGS. 4 and 6).

  The license store unit 56 permanently holds the acquired main license and individual license.

  The domain information holding unit 57 holds a plurality of pairs of domain ID and domain key Kd (for private domains and a plurality of business operator domains).

  The sublicense localization unit 58 encrypts the sublicense with the domain key Kd or decrypts the sublicense encrypted with the domain key Kd.

  The sublicense decrypting unit 59 acquires the main license corresponding to the sublicense, and decrypts the sublicense with the work key Kws of the acquired main license. The sublicense decrypting unit 59 merges the RMPI of the sublicense and the main license, sets the license together with the content key Kc, and sets the license to the usable state (FIGS. 3 and 5).

  The current license cache unit 60 expands the available state license as the content key Kc, the content key Kc, and the RMPI, and temporarily holds it. The current license cache unit 60 holds two available licenses for type 2 content and type 1 content.

  The usage condition determination unit 61 determines the usage condition at that time from the RMPI of the current license cache unit 60. The usage condition determination unit 61 determines based on the information in the metadata producer ID cache 64 if the metadata producer designation exists in the RMPI in the type 1 content usage determination.

  The ECM-Kc decryption unit 62 decrypts the ECM-Kc with the content key Kc of the current license cache unit 60 when the ECM-Kc is input, and outputs the contents scramble key Ks to the Ks cache unit 63.

  The Ks cache unit 63 temporarily holds the scramble key Ks in the case of type 1 content.

  The metadata producer ID cache unit 64 temporarily holds a metadata producer ID.

  In response to the reproduction start request received from the renderer 36, the renderer I / F unit 65 instructs the use condition determination unit 61 to determine the RMPI of the current license cache unit 60 in the case of type 2 content, and the determination can be used. The corresponding content key Kc is extracted from the current license cache unit 60 and transferred to the renderer 36.

  In response to the scramble key Ks transfer request received from the renderer 36, the renderer I / F unit 65 instructs the usage condition determination unit 61 to determine the RMPI of the current license cache unit 60 at that time, and if the determination is available, the Ks cache unit. The scramble key Ks at 63 is acquired and transferred to the renderer 36.

(9) Functional Specification of Server Type CAS Module 33 Next, the operation of each part of the server type CAS module 33 when performing each process described with reference to FIG. 8 will be described.

"License acquisition process"
The license server I / F 51 acquires a main license and an individual license that are acquisition targets. As an acquisition route, the main license can be used in two ways: broadcasting and communication. Individual licenses can only be used for communication.

  When it is acquired by broadcasting, the EMM decrypting unit 53 extracts the main license by decrypting the EMM received by the receiver 2 and input to the server type CAS module 33 with the master key Kms.

  When acquiring by communication, the license server I / F 51 establishes a SAC based on mutual authentication with the license server 10 specified by the license acquisition request from the resident application 40, and corresponds to the specified license ID and domain ID. Obtain an individual license or a main license.

"License retention / management process"
The license management unit 55 holds the acquired main license and individual license in the license store unit 56. The license store unit 56 has a storage capacity sufficient to hold a sufficient number of licenses for operation.

  The license management unit 55 performs the following processing as “license holding / management processing”.

"License information output process"
The license management unit 55 reconfigures and outputs information such as a license header and RMPI corresponding to a specific license specified by an instruction from the resident application 40 as license information.

"License ID list output process"
The license management unit 55 outputs a license ID list of all licenses held based on an instruction from the resident application 40.

"License retention capacity management process"
The license management unit 55 manages the free capacity of the license holding area of the license store unit 56 and outputs it according to a request from the resident application 40.

"License deletion process"
The license management unit 55 deletes the license in the following three cases.
-Delete a specific license designated by the resident application 40.
-With the trigger from the resident application 40, all licenses that have expired at that time are deleted.
・ When using a license with a limited number of usages, delete the license.

"License temporary storage process"
When the license store unit 56 does not have enough free space to permanently hold the acquired license, the license management unit 55 can cache only the license acquired through communication in the temporary storage area. When a license is set, the license is set in the same manner as the license permanently held in the license store unit 56. Since the license acquired through communication can be acquired from the license server 10 at any time during playback while the user has the right to use, this function reduces the number of cases where content cannot be played due to insufficient free space in the license store unit 56. be able to.

"License setting process"
The license management unit 55 develops the content key Kc and RMPI included in the corresponding license in the current license cache unit 60 and makes them available when reproducing specific content.

  In the case of a one-tier license, the designated individual license is read and the contained content key Kc and RMPI are set in a usable state. In the case of a two-tier license, the storage sublicense input from the resident application 40 is first decrypted with the domain key Kd (sublicense localization unit 58). Further, the corresponding main license is read out, decrypted with the work key Kws included therein (sublicense decrypting unit 59), and the content key Kc included in the sublicense and the conditions of the main license and sublicense are integrated. The RMPI is set to an available state (current license cache unit 60).

  In this case, as will be described later, since the content is played back with reference to another content, the license for the content of the reference source (primary usage license) and the license for the content of the reference destination (secondary usage license) ) Two available state licenses are set.

  The license that has become available is maintained in the current license cache unit 60 for each of the above two license cache areas until another license is set next unless the power is turned off. Content usage control is performed under the same usage conditions.

"License Usage Processing"
The use condition determination unit 61 permits the use of the target content based on the use determination using RMPI.

  License use for type 2 content is basically performed each time playback of individual resources constituting the content is started. In response to a reproduction permission request from the renderer 36, a use condition determination is performed for the designated primary or secondary availability license. The terms of use are transferred.

  License usage for type 1 content is divided into two stages. First, when the reproduction of the target stream resource is started, the use condition determination is performed with respect to the primary / secondary availability state license designated by the reproduction permission request from the renderer 36. Only transferred. Next, when the ECM-Kc included in the stream resource is input for each update period, the use condition is determined at that time, and the ECM-Kc is decrypted with the content key Kc only when it is determined that use is possible. The scramble key Ks obtained as a result is transferred.

(10) Mixed type service of type 2 content and type 1 content The data structure of content in the case of providing a mixture of type 2 content and type 1 content will be described with reference to FIG. With this service, digest playback of TV programs using type 1 content that stores normal TV programs, and type 2 content that includes BML files and metadata files that allow playback of the type 1 content in units of viewers by viewer operation, etc. Non-linear viewing of TV programs can be realized.

  In this service, type 1 content and type 2 content may be transmitted at the same time, but it is also assumed that they are transmitted on different routes at different times.

  The type 1 content and type 2 content constituting the mixed service are stored on the storage medium 31 in the directory structure shown in FIG.

  In the type 2 content, all the configured files are arranged under the root directory “TYPE2_Contents_1”. Directly under the root directory “TYPE2_Contents_1”, directories “0000” to “0003” are arranged, and are grouped for each function in the content.

  Several control files are arranged under the directory “0000”. These are not subject to encryption for limited playback.

  The startup document (ERI) is a file that is read first when the content is reproduced, and describes reference information to the license, a file name to be reproduced first, and the like. ACI is a file containing a sublicense of this content.

  Under the directory “0001”, a BML file BML_1 and mono media files (files JPEG_1 to JPEG_n and PNG_1 to PNG_n) such as JPEG and PNG that are immediately read out are arranged. These are encrypted with the same content key Kc1.

  Under the directory “0002”, there is one type 2 content stream file TYPE2_Stream_1 referred to from the BML document, and this stream file is reproduced by the operation of the viewer on the screen of the BML document. This is encrypted solely with the content key Kc2.

  Under the directory “0003”, segment metadata describing time position information for each scene used for reproducing a stream file of type 1 content in units of scenes (segment reproduction) by viewer operation from the BML document. Files SegmentMeta_1 to SegmentMeta_n are arranged. The plurality of segment metadata files SegmentMeta used here are encrypted with the content key Kc3 and are a part of type 2 content.

  This type 2 content is assumed to be a two-tier license as a corresponding license form, the main license is acquired by communication at the start of reproduction, and the sublicense is stored as the ACI.

  For type 1 content, a stream file TYPE1_Stream_1 in which a TV program is recorded is arranged under the root directory “TYPE1_Contents_1”. It is assumed that the type 1 content is also a two-tier license and the main license has already been acquired. The sublicense is stored together with the stream file as a sublicense file Sublicense by separating the ECM for Kc distribution upon reception.

  Next, the operation of the receiver 2 when using the mixed service in which the type 1 content and the type 2 content are mixed will be described with reference to the flowchart of FIG. In FIG. 11, the vertical arrows indicate the passage of time, and the horizontal arrows indicate the exchange of information between the entities.

  The entities other than the license server 10 are entities in the receiver 2. The stream renderer 36A is composed of a part of the renderer 36 for decrypting and reproducing the stream file (for example, the encryption / decryption device 32, the demultiplexer 25 to the audio decoder 27), and the multimedia renderer 36B decrypts and reproduces the BML file and the monomedia file. The renderer 36 (for example, the encryption / decryption device 32 and the BML browser 28).

  When playback of type 2 content is activated by a viewer operation, in step S1, the resident application 40 reads the activation document ERI from the storage medium 31, and in step S2, the server-type CAS module is based on the license information contained therein. A request for obtaining a main license is made to 33.

  In step S <b> 3, the server type CAS module 33 acquires the main license from the license server 10 and holds it.

  In step S4, the resident application 40 further reads the ACI file from the storage medium 31 from the information of the activation document ERI, and in step S5, inputs the sublicense included therein to the server type CAS module 33 to make a license setting request. .

  The server-type CAS module 33 decrypts the sub-license with the main license of type 2 content and expands the content keys Kc1 to Kc3 and RMPI in the current license cache unit 60 as the primary usable state license (for example, FIG. 5). (Process corresponding to number 3) ("license setting process" in FIG. 8).

  In step S6, the resident application 40 instructs the multimedia renderer 36B to reproduce the file BML_1 to be reproduced first from the activation document ERI. In step S7, the multimedia renderer 36B makes a reproduction start request to the server type CAS module 33.

  The server-type CAS module 33 makes a use condition determination for the primary availability license at that time, and returns the content key Kc1 and the renderer use condition to the multimedia renderer 36B if available (for example, number 4 in FIG. 5). (Process corresponding to “license use process” in FIG. 8).

  In step S8, the multimedia renderer 36B reads the file BML_1 document, performs decryption with the content key Kc1 in step S9, and starts display. In the process, resources such as file JPEG and file PNG are referenced. Since these are encrypted with the same content key Kc1 as the file BML_1, the server-type CAS module 33 is not accessed for each resource, and decryption is performed each time it is read, and display according to BML is performed.

  By the processing so far, for example, as shown in FIG. 12, the display unit W on which the type 1 content is displayed as described later, or predetermined information (“animal illustration book”, buttons B1, B2 for explaining the display) , B3, B11, B12) are displayed on a display unit (not shown) of the receiver 2.

  When the viewer instructs to display the video of the type 2 content by operating the remote control key, in step S10, the multimedia renderer 36B instructs the stream renderer 36A to play.

  In step S <b> 11, the stream renderer 36 </ b> A makes a reproduction start request to the server CAS module 33. The server-type CAS module 33 makes a usage condition determination for the primary availability license at that time, and if available, returns the content key Kc2 and the renderer usage conditions to the stream renderer 36A.

  In step S12, the stream renderer 36A reads the file TYPE2_Stream_1, decrypts it with the content key Kc2, and performs video playback.

  Next, when the viewer instructs segment playback of part of the video of the type 1 content by operating the remote control key (when the button B1 is operated in the example of FIG. 12), the multimedia renderer 36B is set in step S13. Since the segment reproduction function in the file BML document is called and the segment metadata SegmentMeta_1 to SegmentMeta_n are referred to, a reproduction start request is made to the server-type CAS module 33 before reading the segment metadata.

  The server type CAS module 33 makes a usage condition determination for the primary availability license at that time, and returns the content key Kc3 and renderer usage conditions to the multimedia renderer 36B if available.

  In step S14, the multimedia renderer 36B (segment playback function execution unit not shown) reads the segment metadata SegmentMeta_1, performs decryption with the content key Kc3, and further performs falsification detection and signature verification with a digital signature. If there is no problem, the metadata producer ID included in the signature is input to the server type CAS module 33 in step S15. Also, the start and end relative times corresponding to the segment specified by the segment playback function are extracted.

  The multimedia renderer 36B (segment playback function execution unit not shown) starts the type 1 content activation sequence. First, in step S16, the multimedia renderer 36B reads out the sublicense file SubLicense stored accompanying the type 1 content, and inputs it in step S17 to make a license setting request to the server type CAS module 33.

  The server-type CAS module 33 decrypts the sub-license with the main license of type 1 content and expands the content key Kc and RMPI in the current license cache unit 60 as the secondary usable state license (for example, number 3 in FIG. 3). (Process corresponding to “license setting process” in FIG. 8). At this time, both the primary available state license (type 2 content license) and the secondary available state license (type 1 content license) are deployed in the current license cache unit 60.

  In step S18, the multimedia renderer 36B (segment playback function execution unit) instructs the stream renderer 36A to play the file TYPE1_Stream_1 resource. In step S <b> 19, the stream renderer 36 </ b> A makes a reproduction start request to the server type CAS module 33.

  The server-type CAS module 33 makes a use condition determination regarding the secondary availability license at that time, and returns the renderer use condition to the stream renderer 36A if it can be used.

  In step S20, the stream renderer 36A accesses the file TYPE1_Stream_1 on the storage medium 31 and reads the stream from the byte position corresponding to the start relative time and the end relative time extracted from the segment metadata.

  In step S21, the resident application 40 detects ECM-Kc (update) from this stream, and inputs it to the server CAS module 33 in step S22.

  The server type CAS module 33 decrypts the ECM-Kc with the content key Kc and extracts the scramble key Ks.

  In step S23, the stream renderer 36A requests the scramble key Ks. The server-type CAS module 33 makes a use condition determination regarding the secondary availability license at that time, and returns the scramble key Ks to the stream renderer 36A if it can be used (processing corresponding to number 4 in FIG. 3) ( “License Usage Processing” in FIG. 8). As a result, in step S24, the stream TYPE1_Stream_1 is descrambled with the scramble key Ks and reproduced (in the example of FIG. 12, the video “horse” is displayed on the display unit W).

  By repeating step S22 to step S24, the reproduction continues and the type 1 content reproduction ends at the relative end time of the segment. During this time, the execution of BML documents as type 2 content continues.

  In this way, a mixed service in which type 1 content and type 2 content are mixed can be used.

  In addition, for example, since the mixed type 1 content and type 2 content are stored in a hierarchical manner, the server type CAS module 33 can be easily configured even if variations in license form and license transmission path increase. It is possible to suppress the high cost of the apparatus.

  In addition, when the license store unit 56 has insufficient free space to store a license, the license management unit 55 temporarily stores the license, so that it is not necessary to prepare a large-capacity license store unit 56. Therefore, the high cost of the apparatus can be suppressed.

  The series of processes described above can be executed by dedicated hardware or can be executed by software.

  In the present specification, the steps described in the flowcharts are executed in parallel or individually even if they are not necessarily processed in time series, as well as processes performed in time series in the described order. It also includes processing.

It is a figure which shows the structural example of the server type | mold broadcast system to which this invention is applied. It is a block diagram which shows the structural example of the receiver 2 of FIG. It is a figure explaining limited reproduction processing. It is a figure explaining other limited reproduction processes. It is a figure explaining other limited reproduction processes. It is a figure explaining other limited reproduction processes. It is a figure which shows the data path | route of the comprehensive server type CAS system to which this invention is applied. It is a figure explaining the license process and content reproduction process which concern on this invention. It is a block diagram which shows the functional structural example of the server type CAS module 33 of FIG. It is a figure which shows the data structure of the content of a mixed service. It is a flowchart explaining operation | movement of the receiver 2 in the case of using a mixed service. It is a figure which shows the example of a display of a mixed type service.

Explanation of symbols

1 broadcast station 2 receiver 9 content server 10 license server
11 shop / payment server, 12 domain management server, 31 storage media,
33 server type CAS module, 36 renderer, 40 resident application, 51 license server I / F, 52 resident application I / F, 53 EMM decryption unit, 54 Kms holding unit, 55 license management unit, 56 license store unit, 57 domain information Holding section, 58 sublicense localization section, 59 sublicense decryption section, 60 current license cache section, 61 usage condition determination section, 62 ECM-Kc decryption section, 63 Ks cache section, 64 meta producer ID cache section, 65 renderer I / F, 66 renderer usage condition generator

Claims (6)

In an information processing apparatus for controlling reproduction processing using a content key of content stored in a storage medium and distributed by broadcasting or communication based on the usage right and usage conditions,
First acquisition means for acquiring from a broadcast a main license indicating the existence of a right to use a plurality of contents and including a work key;
Second acquisition means for acquiring from the communication an individual license that indicates the existence of a right to use the main license and one content and includes a content key and content usage condition information;
First storage means for permanently storing the main license and the individual license;
Reading means for reading one designated license from the main license and the individual license stored in the first storage means;
Output means for outputting information on the license stored by the first storage means;
Second storage means for expanding and temporarily storing the content key and content usage condition information included in the individual license read by the reading means in a form that can be read at a higher speed;
The sublicense encrypted with the work key of the main license corresponding to the content key and the information including the usage condition information of the content is input, and the work key of the corresponding main license stored in the first storage unit is input. Third storage means for decrypting, expanding and temporarily storing the content key and content usage condition information included in the sublicense in a form that can be read at high speed;
Only when the content usage condition information temporarily stored by the second storage means or the third storage means is determined at the start of content usage and the content usage condition information is satisfied, the second storage means An information processing apparatus comprising: a storage unit or a supply unit that supplies the content key temporarily stored by the third storage unit. When the content is encrypted with a scramble key for each part, the supply means inputs information obtained by encrypting the scramble key for each part with the content key, and the second storage means or The information processing apparatus according to claim 1, wherein the content key Kc stored in the third storage unit is used for encryption and decryption, and the scramble key Ks obtained for each part is supplied. If the first storage means cannot store the individual license or the main license, the first acquisition means or the second acquisition means temporarily stores this,
When the designated license is the individual license or the main license temporarily stored by the first acquisition unit or the second acquisition unit, the reading unit converts the license into the first acquisition unit or the main license. It reads from a 2nd acquisition means. The information processing apparatus of Claim 1 characterized by the above-mentioned. When the content refers to another content and plays back simultaneously, the second storage means and the third storage means respectively have a license corresponding to the reference source content and a license corresponding to the reference destination content. , The content key and content usage condition information included in these are expanded and temporarily stored in a form that can be read more quickly,
The supply means relates to the second storage means or the third storage means corresponding to the two licenses stored in the second storage means or the third storage means according to the designation of the license when using the content. 2. The information processing apparatus according to claim 1, wherein content usage determination is performed using the usage condition information of the license stored in, and the content key is supplied only when the condition is satisfied. In an information processing method for controlling reproduction processing using a content key of content stored in a storage medium and distributed by broadcasting or communication based on the usage right and usage conditions,
A first acquisition step of acquiring from a broadcast a main license indicating the existence of a right to use a plurality of contents and including a work key;
A second acquisition step of acquiring from the communication an individual license indicating the existence of the right to use the main license and one content and including a content key and content usage condition information;
A first storage step for permanently storing the main license and the individual license;
A reading step of reading one designated license from the main license and the individual license stored in the processing of the first storage step;
An output step of outputting information on the license stored in the processing of the first storage step;
A second storage step of expanding and temporarily storing the content key and content usage condition information included in the individual license read in the processing of the reading step in a form that can be read at a higher speed;
The sublicense encrypted with the work key of the main license corresponding to the content key and the information including the usage condition information of the content is input, and the work of the corresponding main license stored in the processing of the first storage step A third storage step of decrypting with a key, expanding and temporarily storing the content key and content usage condition information included in the sublicense in a form readable at high speed;
The content use condition information temporarily stored in the processing of the second storage step or the third storage step is determined at the start of content use, and the content use condition information is satisfied only when the content use condition information is satisfied. And a supply step of supplying the content key temporarily stored in the process of the second storage step or the third storage step. In a program that causes a processor that controls an information processing device that controls reproduction of content that is stored in a storage medium and that is distributed by broadcasting or communication using a content key based on the usage right and usage conditions,
A first acquisition step of acquiring from a broadcast a main license indicating the existence of a right to use a plurality of contents and including a work key;
A second acquisition step of acquiring from the communication an individual license indicating the existence of the right to use the main license and one content and including a content key and content usage condition information;
A first storage step for permanently storing the main license and the individual license;
A reading step of reading one designated license from the main license and the individual license stored in the processing of the first storage step;
An output step of outputting information on the license stored in the processing of the first storage step;
A second storage step of expanding and temporarily storing the content key and content usage condition information included in the individual license read in the processing of the reading step in a form that can be read at a higher speed;
The sublicense encrypted with the work key of the main license corresponding to the content key and the information including the usage condition information of the content is input, and the work of the corresponding main license stored in the processing of the first storage step A third storage step of decrypting with a key, expanding and temporarily storing the content key and content usage condition information included in the sublicense in a form readable at high speed;
The content use condition information temporarily stored in the processing of the second storage step or the third storage step is determined at the start of content use, and the content use condition information is satisfied only when the content use condition information is satisfied. And a supply step of supplying the content key temporarily stored in the processing of the second storage step or the third storage step.

Images