JP2007183910A - Design information providing system and server - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a design information providing system having a mechanism that does not allow the production of a product to continue unless a patent license agreement is entered into. <P>SOLUTION: The design information providing system 1 includes: a terminal device 40a of a user who manufactures a commodity (BD player 50); a patent license issuing server 20a which, when the license agreement required to manufacture the BD player 50 is entered into with the user of the terminal device 40a, issues a certificate of agreement 60 for certifying the conclusion of the agreement to the terminal device 40a; and a design information providing server (encryption key issuing server 30a) which, when the terminal device 40a requests design information (encryption key 80) characteristic of the BD player 50, sends the encryption key 80 to the terminal device 40a on condition that the certificate of agreement 60 is verified. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a design information providing system and a design information providing server, and more particularly to a technique for providing design information unique to a product manufactured by a user.

  For example, in the current DVD-Video, under the DVD consortium, as shown in FIG. 15, contracts for licenses of format, encryption key, and patent are individually performed.

  Here, the format indicates, for example, a specification describing the physical structure of the disk, the structure of data recorded on the disk, and the like.

  In addition, in order to prevent casual copying using a computer by a general user, a DVD copyright protection system CSS (Content Scramble System) using encryption using an encryption key has been developed. The content to be recorded on the DVD is encrypted using a three-level key (title key, disc key, master key). In the DVD player, a master key corresponding to the manufacturer licensed by the CSS management mechanism is secretly embedded in advance. Only this DVD player has a mechanism capable of decoding and reproducing it (see Non-Patent Document 1).

  In addition, in order to record a large amount of content on a DVD, a patented technique for efficiently compressing and encoding and decompressing and decoding the content is also employed.

Accordingly, a manufacturer that manufactures a DVD player or the like that reproduces encrypted content recorded on a DVD generally acquires each license and pays a license fee for each license.
National Technical Report, Vol. 43, No. 3, Natsume Matsuzaki, “DVD Copyright Protection System”, Matsushita Electric Industrial Co., Ltd., Technical General Affairs Center, June 18, 1997, p118-122

  However, the conventional system has the following problems. Here, in order to clarify the location of the problem, it is assumed that two licensors A and B exist independently as shown in FIG. It is assumed that the license of the licensor A and the license of the licensor B applied to the same product exist independently of each other. The license of the licensor A is a patent license for design information (for example, the above-described decompression decoding technology) that can be manufactured without receiving a license. The license of the licensor B can be manufactured without receiving a license. This is a license for impossible design information (for example, a secret key such as the above master key).

  Under such conditions, a license may be obtained from the licensor B, but there may be a manufacturer that manufactures a product without receiving the license of the licensor A.

  In such a case, the licensor A can also insist on the product or claim compensation for damages with a patent right, but it is difficult to exercise the right due to a factory relocation or the like.

  Therefore, there is a demand for a mechanism that does not allow product production to continue unless a patent license contract is concluded.

  Accordingly, an object of the present invention is to provide a design information providing system and a design information providing server having a mechanism that prevents product production from continuing unless a patent license contract is concluded.

  Here, the inventor of the present application includes information (for example, an encryption key) that cannot make a product without the design information, and information (for example, patent information related to the decompression decoding technology) that cannot be made without the design information. We focused on the fact that design information that cannot be produced without this is compulsory to conclude a license contract and is a source for contract conclusion. In other words, based on the source of the contract conclusion, the inventors have conceived that it is possible to conclude contracts for licenses of other licensors by using the compulsory power of the license contract conclusion.

  Therefore, in order to achieve the above object, in the design information providing system according to the present invention, the terminal device used by the first user who manufactures the product and the license contract for the patent necessary for the manufacture of the product are included in the terminal A design information providing system for communicatively connecting a patent license issuing server used by a second user who concludes with a first user of a device and a design information providing server for providing design information unique to the product. The patent license issuing server includes confirmation information generating means for generating confirmation information for confirming the conclusion of the license contract, and confirmation information output means for outputting the confirmation information generated by the confirmation information generating means to the outside. And the design information providing server issues design information for issuing the design information to the terminal device that has requested the issue of the design information. Stop the issuing of the design information to the terminal device that could not confirm the conclusion of the license contract by the confirmation information, the confirmation information obtaining means for obtaining the confirmation information output by the confirmation information output means, and the confirmation information And control means for controlling the design information issuing means.

  This facilitates the conclusion of a license contract between the licensor, who is the user of the patent license issuing server, and the user of the terminal device, and forms a mechanism in which product production cannot be continued unless the patent license is paid. it can.

  Further, in the design information providing system according to the present invention, the confirmation information is a contractor list indicating a list of first users who have concluded the license contract, and the control means is configured to perform a predetermined grace period after elapse. Only browsing the contractor list and controlling the design information issuing means to stop issuing the design information to the terminal device of the first user who is not listed in the contractor list as a result of the browsing. Can be a feature.

  As a result, the resources required for the terminal device, patent license issuance server, and encryption key issuance server can be applied to a system with a small performance and cost load. A system with a grace period can also be established to confirm that it is concluded.

  Also, in the design information providing system according to the present invention, the confirmation information is a contract certificate issued to prove the conclusion of a contract to the terminal device that has concluded the license contract, and the control information The device confirms the conclusion of the contract by the contract certificate each time the terminal device requests to issue design information specific to the product, and permits the confirmed terminal device to issue the design information. As described above, the design information issuing means can be controlled.

  As a result, the license agreement between the licensor and the terminal device user, who are the users of the patent license issuing server, is further promoted, and a system that allows product production to continue without a patent license is quickly formed. can do.

  In the design information providing system according to the present invention, the design information issuance request can include the requested quantity of the design information and the contract certificate, and the design information providing server includes: The communication device further includes a communication unit that communicates with the terminal device, and the control unit transmits a message to the terminal device that the design information cannot be issued if the design certificate issuance request does not include the contract certificate. The communication unit may be instructed to do so.

  Further, in the design information providing system according to the present invention, the control means determines whether the contract certificate is valid when the design certificate issuance request includes the contract certificate. If not valid, the communication means may be instructed to send a message to the terminal device that the design information cannot be issued.

  In the design information providing system according to the present invention, the contract certificate includes a validity period of the license, and the control means, when the contract certificate is valid, The communication means may be instructed to transmit to the terminal device a message indicating that the design information cannot be issued if the license is not valid.

  In the design information providing system according to the present invention, the control means determines whether the requested quantity included in the request for the design information is a quantity within a contract quantity when the license is valid. The communication means may be instructed to send a message to the terminal device that the design information cannot be issued for a quantity exceeding the contract quantity.

  In the design information providing system according to the present invention, the control means includes the contract certificate in the request for the design information, the contract certificate is valid, the license is valid, and the design information is provided. When the requested quantity included in the request is a quantity within the contract quantity, the issuing means is controlled to issue the requested quantity design information, and the issued design information is sent to the terminal device. The communication means may be controlled.

  As a result, the design information and the license are linked, and if the license contract is not concluded, the design information cannot be obtained, and if the license contract expires, the design information cannot be obtained. In addition, the number of products manufactured for patent licenses can be grasped based on the number of design information issued.

  In the design information providing system according to the present invention, the design information is an encryption key, and the design information providing server further includes a sticker for indicating that the product is licensed. Seal issuing means for issuing to the user, and the control means controls the seal issuing means so as to issue a quantity of stickers according to the number of design information to be issued.

  By attaching a sticker to the product, it is possible to make it explicit whether or not the license is received. By not having the sticker, unauthorized products using the same encryption key or non-licensed products stand out. It can also be made. As a result, it becomes easy to identify an unauthorized product or a non-licensed product, and the control is facilitated.

  Further, the design information is an encryption key, and the design information providing server further includes an invalidating unit that invalidates the encryption key for the terminal device that could not confirm the conclusion of the license contract. It can be.

  This will further promote the conclusion of a license agreement between the licensor who is the user of the patent license issuance server and the user of the terminal device, and quickly create a mechanism that will not allow product production to continue unless the patent license is paid. can do.

  The present invention can be realized not only as such a design information providing system, but also as a design information providing server that constitutes such a design information providing system, or as a characteristic feature of the design information providing server. It can be realized as a design information providing method using means as steps, or as a program for causing a computer to execute these steps. Needless to say, such a program can be distributed via a recording medium such as a CD-ROM or a transmission medium such as the Internet.

  As is clear from the above description, according to the design information providing system and the design information providing server according to the present invention, the license agreement is concluded between the licensor as the user of the patent license issuing server and the user of the terminal device. It is promoted, and it is possible to form a mechanism in which product production cannot be continued unless a patent license is paid. In addition, if the design information and the license are linked and a license agreement is not concluded, the design information cannot be obtained, and if the license agreement is expired, the design information can not be obtained. In addition, the number of products manufactured for patent licenses can be grasped based on the number of design information issued.

  Furthermore, by attaching a sticker to the product, it is possible to clearly indicate whether or not the license is received. By not having a sticker, unauthorized products using the same encryption key or non-licensed products stand out. You can also. As a result, it becomes easy to identify an unauthorized product or a non-licensed product, and the control is facilitated.

  Therefore, according to the present invention, the conclusion of a license contract is promoted, and the practical value of the present invention of today when DVDs and BDs have become widespread is extremely high.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

(Embodiment 1)
FIG. 1 is a diagram showing an overall configuration of a system according to the first embodiment.

  The design information providing system 1 is a system that provides design information and a license while prompting a user who manufactures a product to conclude a license such as a patent.

Here, the description will be made based on the following assumptions.
Assumption 1: The first design information (for example, specifications) and the second design information (for example, the encryption key 80) are prepared, and a product (for example, a BD (Blu-ray Disc) player 50) can be manufactured. .

  Assumption 2: The second design information (encryption key 80) is information relating to the individuality of the product manufactured by the licensee. Since the BD player 50 can be manufactured only after the encryption key 80 is present, it is necessary to conclude a license for the encryption key 80, and there is a compelling force to conclude.

  Assumption 3: The third design information is information (for example, content decryption technology information) related to the content of the product, and is obtained from a patent publication or the like. And in order to produce goods properly using this information, it is necessary to conclude a patent license, but there is no compelling force to conclude.

  As shown in FIG. 1, the design information providing system 1 includes a specification server 10 that provides specifications as first design information necessary for manufacturing the BD player 50, and contents necessary for manufacturing the BD player 50. Used by a patent license issuing server 20a that issues a patent license for decryption technology, an encryption key issuing server 30a that issues an encryption key 80 necessary for manufacturing the BD player 50, and a user (licensee) that manufactures the BD player 50. The terminal device 40a and a network such as the Internet connecting them are configured.

  When manufacturing the BD player 50, the licensee terminal device 40a requests the design server 10 for the first design information (specification). When there is a request for a specification, the specification server 10 provides the specification to the licensee terminal device 40a. The specification describes the IP address of the patent license issuing server 20a that provides the patent license and the IP address of the encryption key issuing server 30a that provides the encryption key 80.

  The licensee terminal device 40a makes a contract request to the first license issuing server (patent license issuing server 20a) together with the number of contracts and the like, and pays a license fee corresponding to the number of contracts. When the license fee is paid, the patent license issuing server 20a transmits the contract certificate 60 to the licensee terminal device 40a.

  Upon receiving the contract certificate 60, the licensee terminal device 40a sends a key issuance request 70 including the contract certificate 60 together with the desired amount of the second design information (encryption key 80) to the second license issuance server (encryption key). Send to the issuing server 30a) and request the encryption key 80. In addition, the license request corresponding to the contract quantity may be paid together with the key issuance request 70 and the encryption key issuance server 30a together with the contract quantity, but here, the patent license issuance server 20a may be paid. As in the case of, it is assumed that a contract request is made in advance together with the contract quantity to the encryption key issuing server 30a and a license fee corresponding to the contract quantity is paid.

  When there is a key issuance request 70, the second license issuance server confirms the validity of the contract certificate included in the key issuance request 70, and the design information of the encryption key 80 for the quantity requested by the key issuance request 70. To the licensee.

  Next, the configuration of each device constituting the design information providing system 1 will be described. In the design information providing system 1, the specification server 10 only provides the specification, so the detailed description of the configuration of the specification server 10 is omitted.

  FIG. 2 is a block diagram showing detailed configurations of the patent license issuing server 20a, the encryption key issuing server 30a, and the terminal device 40a shown in FIG.

  The patent license issuing server 20 a includes a company license management DB 21, a contract certificate creation unit 22, a communication unit 23, and a control unit 24.

  The in-house license management DB 21 manages licenses relating to patents owned by the company. The management content of the in-house license management DB 21 includes a licensee name (license ID), a contract period, a contract quantity, a license fee, and the like.

  The contract certificate creating unit 22 generates a contract certificate 60 that includes the signature of the patent license issuing server and certifies the license contract. A format configuration example of the contract certificate 60 is shown in FIG.

  As shown in FIG. 3, the contract certificate 60 includes an issuance date 61 of the contract certificate 60, a licensee name (licensee ID) 62 of the licensee that has concluded the contract, a contract period 63, a contract quantity 64, It consists of a contract ID 65 for specifying the contract certificate 60 and a digital signature 66 for the above-mentioned issue date 61 to contract ID 65, which is applied by the patent license issuing server 20a.

The communication unit 23 communicates with the terminal device 40a and the like via a network.
The control unit 24 performs overall control of the company license management DB 21 to the communication unit 23. Specifically, when there is a contract request together with the number of contracts from the terminal device 40a or payment of a license fee corresponding to the number of contracts from the terminal device 40a, the control unit 24 manages this patent license in its own license management DB 21 to verify the contract. The document creation unit 22 creates a contract certificate 60 corresponding to this patent license, and transmits the created contract certificate 60 to the terminal device 40a via the communication unit 23.

  The terminal device 40 a includes a license management DB 41, a contract certificate management DB 42, a communication unit 43, and a control unit 44.

  The license management DB 41 manages the specifications acquired from the specification server 10, the patent license acquired from the patent license issuing server 20a and its patent information, the license acquired from the encryption key issuing server 30a, and its encryption key 80.

  The contract certificate management DB 42 manages the contract certificate 60 acquired from the patent license issuance server 20a.

  The communication unit 43 communicates with the specification server 10, the patent license issuing server 20a, the encryption key issuing server 30a, and the like via the network.

  The control unit 44 performs overall control of the license management DB 41 to the communication unit 43. Specifically, the control unit 44 requests a specification document from the specification server 10 via the communication unit 43, receives a specification document from the specification server 10, or requests a contract from the patent license issuing server 20a. Or receiving a patent license or a contract certificate 60 from the patent license issuance server 20a, generating a key issuance request 70 including the quantity of the requested encryption key and the contract certificate, and generating the generated key issuance request 70 as an encryption key. The data is transmitted to the issuing server 30a, and a necessary amount of the encryption key 80 is received from the encryption key issuing server 30a. An example of the format configuration of the key issue request 70 is shown in FIG.

  As shown in FIG. 4, the key issuance request 70 certifies the contract between the licensee name (licensee ID) 71 of the licensee that has signed the contract, the requested encryption key quantity 72, and the patent license issuance server 20a. And a contract certificate 73 for doing so.

  The encryption key issuing server 30 a includes a company license management DB 31, another company license link management DB 32, an encryption key issuing unit 33, a communication unit 34, and a control unit 35.

  The in-house license management DB 31 manages licenses owned by the company. The management content of the in-house license management DB 31 includes a licensee name (license ID), a contract period, a contract quantity, a license fee, and the like, similar to the management content of the in-house license management DB 21 of the patent license issuing server 20a.

  The other company license link management DB 32 manages the quantity of the issued encryption key 80, the contract quantity included in the contract certificate 60, etc. in order to link the encryption key 80 and the patent license of the other company.

The encryption key issuing unit 33 issues a unique encryption key 80 for each BD player 50.
The communication unit 34 communicates with the terminal device 40a and the like via a network.

  The control unit 35 performs overall control of the company license management DB 31 to the communication unit 34. Specifically, when there is a contract request from the terminal device 40a together with the number of contracts and the payment of a license fee corresponding to the number of contracts, the control unit 35 manages the license for the issuance of the encryption key 80 in its own license management DB 31. Let If there is a key issuance request 70 including the requested quantity of the encryption key 80 and the contract certificate 60, the control unit 35 manages the valid contract certificate 60 with the other company's license link management DB 32, or performs encryption key issuance processing. Or execute.

  FIG. 5 is a flowchart showing the operation of the encryption key issuing process performed by the control unit 35 of the encryption key issuing server 30a.

  The control unit 35 waits for reception of a key issue request via the communication unit 34 (S11). When the key issue request is received (Yes in S11), the control unit 35 determines whether or not a contract certificate is attached (S12). When the contract certificate is not attached (No in S12), the control unit 35 instructs the communication unit 34 to transmit a message indicating that the encryption key cannot be issued (S17). Instead of this message or together with this message, a message indicating that a license contract with the patent licensor should be concluded may be transmitted.

  When the contract certificate is attached (Yes in S12), the control unit 35 determines whether or not the contract certificate is valid (S13). This determination is made based on whether or not the digital signature is correct.

  When the contract certificate is not valid (No in S13), the control unit 35 instructs the communication unit 34 to transmit a message indicating that the encryption key cannot be issued (S17).

  If the contract certificate is valid (Yes in S13), the control unit 35 determines whether the patent license is valid (S14). This determination is made based on whether or not the patent license is within the contract period. Needless to say, it is also performed depending on whether the license period of the encryption key is within the contract period. Note that if the contract certificate does not have a period item, the determination in step 14 can be omitted.

  When the patent license is not valid (No in S14), the control unit 35 instructs the communication unit 34 to transmit a message indicating that the encryption key cannot be issued (S17).

  When the patent license is valid (Yes in S14), the control unit 35 determines whether the requested quantity is the quantity of the encryption key within the contract quantity (S15). Specifically, this determination is made by comparing the total number of encryption keys requested this time with the number of encryption keys issued so far, and the contract quantity for patent licenses. Needless to say, this is also performed by comparing the total number of encryption keys requested this time with the number of encryption keys issued so far and the contract quantity for the encryption key license.

  When the requested quantity is not the quantity of the encryption key within the contract quantity (No in S15), the control unit 35 instructs the communication unit 34 to transmit a message indicating that the encryption key cannot be issued (S17). When the requested quantity is insufficient but the contract quantity remains, the remaining encryption keys are issued, and a message that the design information cannot be issued for the quantity exceeding the contract quantity is sent to the terminal. You may make it instruct | indicate to the communication part 34 to transmit to an apparatus.

  When the requested quantity is the quantity of the encryption key within the contract quantity (Yes in S15), the control unit 35 instructs the encryption key issuing unit 33 to issue the requested quantity of encryption key, and is issued to the communication unit 34. Instructed to transmit the encrypted key (S16).

  That is, if the answer is No in any of steps S12 to S15, a message indicating that the encryption key cannot be issued is transmitted. Therefore, in order to manufacture the BD player 50, it is necessary to obtain the encryption key 80, and the encryption key 80 becomes a “source of the license conclusion compulsory force”, and it is necessary to submit a valid contract certificate 60. Further, with the enforcement force of the license for the encryption key 80, it is possible to promote a license agreement even for a patent license without the enforcement force of the license, and to secure the conclusion of the license agreement with the patent licensor. Become.

  In addition, when all of steps S12 to S15 are Yes, that is, on the condition that the contract certificate 60 is confirmed, the encryption key and the patent license are linked. Therefore, if the patent license contract is not concluded, the “encryption key” is not obtained, and if the patent license contract is expired, the “encryption key” is not obtained. In addition, the number of units manufactured for patent licenses can be grasped based on the number of encryption keys issued.

(Embodiment 2)
Next, a system according to Embodiment 2 will be described.

  FIG. 6 is a diagram showing the overall configuration of the system according to the second embodiment. In addition, the same number is attached | subjected to the part corresponding to the structure of the design information provision system 1 of Embodiment 1, and the description is abbreviate | omitted.

  By the way, there is a possibility that a plurality of encryption keys 80 as “second design information” “giving individuality to a device” are obtained by contracting only a part of the keys. In such a case, it is very difficult to detect the fraud. Therefore, the design information providing system 2 according to the second embodiment has a function of issuing a quantity of hologram stickers 90 corresponding to the number of encryption keys 80 to the terminal device 40a instead of the encryption key issuing server 30a. The encryption key issuing server 30b is used. The hologram sticker 90 issued to the terminal device 40a is attached to an easily noticeable portion of the manufactured BD player 50 as a proof that the license has been received. The number of hologram stickers 90 corresponding to the number of encryption keys 80 is preferably the same as the number of encryption keys. In addition, it may be issued by increasing a certain percentage in consideration of the failure of sticking to the product. In this case, it may be necessary to report an incremental usage amount or to return the failed sticker. The correspondence relationship between the encryption key and the hologram sticker 90 may be maintained.

FIG. 7 is a block diagram showing a configuration of the encryption key issuing server 30b.
As shown in FIG. 7, the encryption key issuing server 30b includes a hologram seal issuing unit 36 and an invalidation key input unit 37 in addition to the in-house license management DB 31 to the control unit 35 constituting the encryption key issuing server 30a. It is prepared for.

  The hologram sticker issuing unit 36 issues the same number of hologram stickers 90 as the encryption key 80 issued by the encryption key issuing unit 33 based on an instruction from the control unit 35.

  The revocation key input unit 37 receives input of information on the encryption key to be revoked instructed by the user. Information on the encryption key to be revoked is sent to a CA that issues a public key certificate based on an instruction from the control unit 35, and is posted on a public key certificate revocation list (CRL), or the content is encrypted to a BD. It is notified to the maker etc. which record to.

  FIG. 8 is a flowchart showing the operation of the encryption key issuing process performed by the control unit 35 of the encryption key issuing server 30b. Note that the same step numbers are assigned to the portions corresponding to the encryption key issuing process in FIG.

  When the encryption key issuing unit 33 is instructed to issue the requested number of encryption keys and the communication unit 34 has been instructed to transmit the issued encryption key (S16), the control unit 35 causes the hologram sticker issuing unit to 36 is instructed to issue the required quantity of hologram stickers, and instructed to send the issued hologram sticker 90 to the user or the like (S18). That is, the same number of hologram stickers 90 as the encryption key 80 are sent to the licensee of the terminal device 40a.

  Here, the hologram seal 90 has a specific mark that appears when light is irradiated, and cannot be counterfeited.

  For this reason, it is possible to explicitly indicate whether the license is received by attaching the hologram sticker 90 to the product, and since there is no hologram sticker 90, an unauthorized product using a plurality of the same encryption key 80, Unlicensed products can also stand out. As a result, it becomes easy to identify an unauthorized product or a non-licensed product, and the control is facilitated.

  Then, the BD player 50 without the hologram seal 90 was found to ensure that the encryption key 80 is individual for each device and that the duplicate use of the encryption key 80 is not permitted in order to grasp the number of contracts. In this case, the encryption key 80 of the BD player 50 is analyzed, and information on the encryption key 80 is input from the invalidation key input unit 37 to invalidate the encryption key.

  Here, in the case of the authentication base, when an encryption key is used for authentication, certificate exchange occurs for public key encryption before authentication (Challenge-Response authentication). At that time, the authentication side can write the certificate ID corresponding to the encryption key to be revoked in the CRL (certificate revocation list) and make the encryption key unusable.

  FIG. 9 is a diagram illustrating an example of challenge-response authentication using public key cryptography. In the figure, SCA is a private key of the certificate authority CA, PCA is a public key for the SCA, SX is a private key of the person to be authenticated X, PX is a public key corresponding to SX, and CertX is PX. , Sign represents a digital signature algorithm, Verify represents a Sign verification algorithm, and CertX represents IDX || PX || (CA digital signature for “IDX || PX”). . The format of CertX is not limited to this example, and other formats may be used.

The person to be authenticated X transfers the authentication request and CertX to the certifier Y (S21).
The certifier Y checks whether CertX is not listed in the CRL (S22).

  If it is posted (NG in S22), the authenticator Y rejects the authentication (S23). If it is not listed, the certifier Y confirms whether or not CertX is a correct certificate by verify (signature part of PCA, IDX || PX, CertX) (S24). If the result of the confirmation is NG, step S23 is executed.

  If the certificate is correct, the authenticator Y generates a random number Cha (S25), and transmits the Cha to the person to be authenticated X (S26).

  The person to be authenticated X generates a digital signature Res for Cha using SX (S27). Here, Res = Sign (SX, Cha). Then, the to-be-authenticated person X transmits Res to the certifier Y (S28).

  The authenticator Y confirms with Verify (PX, Cha, Res) whether Res is a correct digital signature for Cha (S29). If the result of the confirmation is NG, step S23 is executed. If the result of the confirmation is OK, it is authenticated that the communication partner is indeed X (S30).

  By performing such a process, it is possible to eliminate the use of a redundantly used encryption key.

  Also, in the case of authentication base, in the case of common key cryptography, the authentication side holds the same common key data, so the authentication side recognizes invalidation (the above list exists) and authenticates Can be refused.

  Further, in the case of an encryption key block that is a technique for revoking a part of a key without using a CRL, an MKB technique (Japanese Patent Laid-Open No. 2000-31922) or an RKB technique (Japanese Patent Laid-Open No. 2002-281913) The content key is invalidated by sending it "efficiently encrypted" based on the device key (corresponding to the encryption key 80) that is given to the device and used as a common key for authentication. The device that holds the encryption key can make the content key unavailable.

  Therefore, the use of a duplicated encryption key can also be eliminated by performing such processing.

  In the second embodiment, the hologram seal 90 is used. However, it is verified whether or not there is a proof that the license has been received by using a sticker such as a device-attached IC tag that holds data including a watermark. You may make it do.

(Embodiment 3)
Next, a system according to Embodiment 3 will be described.

  FIG. 10 is a diagram showing the overall configuration of the system according to the third embodiment. In addition, the same number is attached | subjected to the part corresponding to the structure of the design information provision systems 1 and 2 of Embodiment 1, 2, and the description is abbreviate | omitted.

  In the design information providing systems 1 and 2, the contract certificate 60 confirms that the terminal device 40a has concluded a license with the patent license issuing server 20a. However, if the contract certificate 60 is used to confirm the conclusion of the license, the resources required for the terminal device 40a, the patent license issuance server 20a, and the encryption key issuance servers 30a and 30b are increased, and this is in terms of performance and cost. The load also increases. For this reason, a design information providing system that requires less resources for the terminal device, the patent license issuance server, and the encryption key issuance server and has a small performance and cost load is desired.

  In the design information providing systems 1 and 2, when the terminal device 40a receives a key issuance request 70 from the encryption key issuance server 30a, the user of the terminal device 40a signs a license with the patent license issuance server 20a. I have confirmed that. However, in order to design the player 50, a certain period of time is required, and the license is usually concluded only after the design is completed. For this reason, a design information providing system having a predetermined grace period is also desired for confirming that the terminal device has concluded a license with the patent license issuing server.

  Therefore, in this design information providing system 3, the patent license issuing server 20b generates a contractor list 100 indicating a list of users of terminal devices that have concluded a license contract instead of the contract certificate 60, and the generated contract. The user list 100 is distributed to the encryption key issuing server 30c. The encryption key issuing server 30c issues the encryption key 80 without confirming the contractor list 100 until the predetermined grace period elapses. After the predetermined grace period elapses, the terminal device is used by the contractor list 100. It is configured to check whether or not the user 40a has signed a license with the patent license issuance server 20a, and if not, issuance of the encryption key 80 is stopped.

  FIG. 11 is a block diagram showing detailed configurations of the patent license issuing server 20b, the encryption key issuing server 30c, and the terminal device 40b shown in FIG. The parts corresponding to the configurations of the patent license issuing server 20a, the encryption key issuing server 30a, and the terminal device 40a shown in FIG.

  As shown in FIG. 11, the patent license issuance server 20 b includes a contractor list creation unit 26 that creates a contractor list 100 instead of the contract certificate creation unit 22. As shown in FIG. 12, the contractor list 100 includes a licensor name 101 for identifying a licensor, a target patent 102 to be licensed, and a licensee name for identifying the name of a licensee that has concluded a license. 103 or the like. The contractor list 100 is generated each time a license contract is signed with a new manufacturer for the target patent 102 or the license contract expires, that is, every time the contents of the licensee name 103 change. The contractor list 100 may include license contents indicating the license period, quantity, region, and the actual form (IC chip or the like) of the patented invention.

  The terminal device 40b is configured by deleting the contract certificate management DB 42 from the terminal device 40a.

  The other company's license link management DB 32 of the encryption key issuing server 30c stores and manages the contractor list 100 distributed from the patent license issuing server 20b. The in-house license management DB 31 manages a series of key issuance requests 70, the issuance date of the keys issued by the encryption key issuing unit 33, the number of issues, and the like. The control unit 35 issues the encryption key 80 with the confirmation of the contractor list 100 until the predetermined grace period elapses, but after the predetermined grace period elapses, the contractor list managed by the other company license link management DB 32 100 confirms whether the user of the terminal device 40a has concluded a license with the patent license issuing server 20a.

  FIG. 13 is a flowchart showing the operation of the encryption key issuing process executed by the control unit 35 of the encryption key issuing server 30c.

  The control unit 35 determines whether a key issue request has been received via the communication unit 34 (S11). When the key issuance request is received (Yes in S11), the control unit 35 determines whether or not the key issuance request 70 is the first key issuance request (S21). If it is the first key issue request (Yes in S21), the control unit 35 instructs the encryption key issuing unit 33 to issue the requested number of encryption keys, and transmits the issued encryption key to the communication unit 34. (S22).

  If the key issue request has not been received (No in S11), or if it is not the first issue request (No in S21), that is, irregularly, the control unit 35 determines whether or not the license conclusion confirmation time has come. Judgment is made (S23). The confirmation timing of the license conclusion may be, for example, the date when one year and six months have passed since the first key issuance, or the date when two years have passed since the license start of the first license server (patent license issuance server 20b). This is because such a day is sufficient as a grace period necessary for the user of the terminal device 40b to finish designing the player 50.

  When it is time to confirm the license conclusion, the control unit 35 browses the contractor list 100 managed by the other company's license link management DB 32, and uses the terminal device 40b as the licensee name 103 of the contractor list 100. It is determined whether or not a person name exists (S25). When the user name does not exist (No in S25), the control unit 35 stops issuing the encryption key (S26). When stopping the issuance of the encryption key, the control unit 35 may instruct the communication unit 34 to transmit a message indicating that the encryption key cannot be issued. Instead of this message or together with this message, A message indicating that a license agreement should be concluded with the patent licensor may be transmitted.

  When the license conclusion confirmation time has not arrived (No in S23), or after the license conclusion confirmation time has arrived, the user name of the terminal device 40b exists in the contractor list 100 (Yes in S25). The control unit 35 instructs the encryption key issuing unit 33 to issue the requested number of encryption keys, and instructs the communication unit 34 to transmit the issued encryption key (S22).

  That is, if the answer is No in any of steps S11 and S21, Yes in step S23, and No in step S25, issuance of the encryption key is stopped. Therefore, in order to manufacture the BD player 50, it is necessary to acquire the encryption key 80, and the encryption key 80 becomes a “source of a license conclusion compulsory force”, and a license contract must be concluded. Further, with the enforcement force of the license for the encryption key 80, it is possible to promote a license agreement even for a patent license without the enforcement force of the license, and to secure the conclusion of the license agreement with the patent licensor. Become.

  In addition, after a predetermined grace period, the encryption key and the patent license are linked on the condition that the contract is confirmed by the contractor list 100. Therefore, if the patent license contract is not concluded, the “encryption key” is not obtained, and if the patent license contract is expired, the “encryption key” is not obtained.

  Therefore, it can also be applied to a system that requires less resources for the terminal device, patent license issuance server, and encryption key issuance server, and has a smaller performance and cost load. It is possible to establish a system with a grace period to confirm that it is doing.

(Embodiment 4)
In the design information providing system 3 of the third embodiment described above, the patent license issuing server 20b directly distributes the contractor list 100 to the encryption key issuing server 30c, but the design information providing system shown in FIG. As shown in FIG. 4, the patent license issuing server 20b may upload the contractor list 100 to the homepage HP, and the other company's license link management DB 32 of the encryption key issuing server 30d may download the contractor list 100 from the homepage HP. In this case, the patent license issuing server 20b notifies the encryption key issuing server 30d in advance of the URL of the homepage HP where the contractor list 100 exists, and the other company's license link management DB 32 of the encryption key issuing server 30d The contractor list 100 may be downloaded at the timing of executing step S23 according to the instruction 35.

  The design information providing system of the present invention can be applied in the manufacture of manufactured DVD players and BD players.

It is a figure which shows the whole structure of the system in this Embodiment 1. FIG. It is a block diagram which shows the detailed structure of the patent license issue server 20a shown in FIG. 1, the encryption key issue server 30a, and the terminal device 40a. It is a figure which shows the format structural example of the contract certificate 60 shown by FIG. It is a figure which shows the format structural example of the key issue request | requirement 70 shown by FIG. It is a flowchart which shows the operation | movement of the encryption key issuing process performed by the control part 35 of the encryption key issuing server 30a. It is a figure which shows the whole structure of the system in this Embodiment 2. FIG. It is a block diagram which shows the structure of the encryption key issue server 30b shown by FIG. It is a flowchart which shows the operation | movement of the encryption key issuing process performed by the control part 35 of the encryption key issuing server 30b. It is a figure which shows the example of Challenge-Response authentication using a public key encryption. It is a figure which shows the whole structure of the system in this Embodiment 3. FIG. It is a block diagram which shows the detailed structure of the patent license issue server 20b, the encryption key issue server 30c, and the terminal device 40b which are shown by FIG. It is a figure which shows the structural example of the contractor list | wrist 100 shown by FIG. It is a flowchart which shows the operation | movement of the encryption key issuing process which the control part 35 of the encryption key issuing server 30c performs. It is a figure which shows the whole structure of the system in this Embodiment 4. It is a figure which shows the conclusion relationship of the license contract in the existing DVD-Video. It is a figure which shows the conclusion relationship of the license in case two licensors A and B exist independently.

Explanation of symbols

1, 2, 3, 4 Design information providing system 10 Specification server 20a, 20b Patent license issuing server 22 Contract certificate generating unit 26 Contractor list generating unit 30a, 30b, 30c, 30d Encryption key issuing server 31 Own license management DB
32 Other company license link management DB
33 Encryption Key Issuing Unit 34 Communication Unit 35 Control Unit 36 Hologram Sticker Issuing Unit 37 Invalidation Key Input Unit 50 BD Player 60 Contract Certificate 70 Key Issue Request 80 Encryption Key 90 Hologram Sticker 100 Contractor List

Claims (13)

A terminal device used by a first user who manufactures a product; a patent license issuance server used by a second user who concludes a license contract with the first user of the terminal device for a patent necessary for manufacturing the product; A design information providing system for connecting a design information providing server for providing design information specific to a product so as to be communicable,
The patent license issuing server is
Confirmation information generating means for generating confirmation information for confirming the conclusion of the license contract;
Confirmation information output means for outputting the confirmation information generated by the confirmation information generation means to the outside,
The design information providing server includes:
Design information issuing means for issuing the design information to the terminal device that has requested the issue of the design information;
Confirmation information acquisition means for acquiring the confirmation information output by the confirmation information output means;
Control information for controlling the design information issuing means so as to stop issuing the design information to the terminal device that could not confirm the conclusion of the license contract based on the confirmation information. system. The confirmation information is a contractor list indicating a list of first users who have concluded the license contract,
The control means browses the contractor list only after the elapse of a predetermined grace period, and stops issuing the design information to the terminal device of the first user not listed in the contractor list as a result of browsing. The design information providing system according to claim 1, wherein the design information issuing means is controlled. The confirmation information is a contract certificate issued to prove the conclusion of the contract to the terminal device that has concluded the license contract,
The control device confirms the conclusion of the contract by the contract certificate each time the terminal device requests to issue design information unique to the product, and issues the design information to the confirmed terminal device. The design information providing system according to claim 1, wherein the design information issuing means is controlled to allow The design information issuance request can include the requested quantity of the design information and the contract certificate,
The design information providing server further includes communication means for communicating with the terminal device,
The control means instructs the communication means to transmit a message that the design information cannot be issued to the terminal device when the design certificate issuance request does not include the contract certificate. The design information providing system according to claim 3. When the contract certificate is included in the design information issuance request, the control unit determines whether the contract certificate is valid, and if not valid, the design information cannot be issued. 5. The design information providing system according to claim 4, wherein the communication unit is instructed to transmit the message to the terminal device. The contract certificate includes a validity period of the license,
If the contract certificate is valid, the control means determines whether the license is valid, and if the license is not valid, the control means sends a message indicating that the design information cannot be issued to the terminal The design information providing system according to claim 5, wherein the communication unit is instructed to transmit to a device. If the license is valid, the control means determines whether the requested quantity included in the design information request is a quantity within a contract quantity, and for the quantity exceeding the contract quantity, the design information The design information providing system according to claim 6, wherein the communication unit is instructed to transmit a message to the terminal device that the message cannot be issued. The control means includes the contract certificate included in the design information request, the contract certificate is valid, the license is valid, and the requested quantity included in the design information request is a quantity within the contract quantity. 8. The control unit according to claim 7, wherein the issuing unit is controlled to issue design information of a requested quantity, and the communication unit is controlled to transmit the issued design information to the terminal device. The design information provision system described. The design information is an encryption key;
The design information providing server further includes a seal issuing unit that issues a seal for indicating that the product is licensed to a user of the terminal device,
The design information providing system according to claim 8, wherein the control means controls the seal issuing means so as to issue a quantity of stickers according to the number of design information to be issued. The design information is an encryption key, and the design information providing server further includes an invalidating unit that invalidates the encryption key for a terminal device that could not confirm the conclusion of the license contract. Item 4. The design information providing system according to Item 1. Communication means for communicating with a terminal device of a user who manufactures a product;
Design information issuing means for issuing information specific to the product;
Confirmation information acquisition means for acquiring confirmation information for confirming the conclusion of a license contract with the user of the terminal device;
Control information for controlling the design information issuing means so as to stop issuing the design information to the terminal device that could not confirm the conclusion of the license contract based on the confirmation information. server. A communication step of communicating with a terminal device of a user who manufactures a product;
A design information issuing step for issuing information unique to the product;
A confirmation information acquisition step of acquiring confirmation information for confirming the conclusion of a license contract with the user of the terminal device;
A design step for controlling the design information issuance step so as to stop issuing the design information to the terminal device that could not confirm the conclusion of the license contract according to the confirmation information. Method.   The program for making a computer perform the step contained in the design information provision method of Claim 12.

Images