JP2007188324A - Method for preventing illegal use of data - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a method for preventing illegal use of data for preventing illegal use of the data even after decoding them. <P>SOLUTION: The system is provided with a management center 110 for managing use of data 10 and a plurality of terminals 120 which can be communicated to the management center 110 each other via a communication line α and has functions to process the data 10. The terminals 120 requests the management center to check use permission regarding the data 10 by a control unit 121 processing a plugin-program 30 and, as a result of the use permission check of the data 10 in response to the request, the management center 110 transmits that the use has been permitted. When the terminals 120 receive the permission, they continue processing of the plugin-program 30, and display and output the data 10 to a display part 122. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to an unauthorized use prevention method capable of preventing unauthorized use of data.

  In recent years, with the spread of image editing programs such as Illustrator (registered trademark) and Photoshop (registered trademark), image data such as JPEG and GMP can be edited by processing the image editing program on a computer. (See Patent Document 1).

  In such an environment, image data (so-called material) for editing using the image editing program is sold on homepages on the Internet. That is, the user downloads image data from the home page through the Internet line to his computer and uses the image data. Some of the image data is encrypted in order to prevent unauthorized use by persons other than the purchaser.

JP 2000-151985

  However, once the image data is decoded, the image data can be used freely, and its management is left to the ethics of the user. For this reason, the decoded image data flows out on the Internet, and a third party can use it illegally.

  The present invention was devised in view of the above circumstances, and an object of the present invention is to provide a method for preventing unauthorized use of data that can prevent unauthorized use of data even after decryption. is there.

  In order to solve the above-described problems, a method for preventing unauthorized use of data according to the present invention is a management means for managing the use of data, a computer having a function for processing the data, and the management means and a communication line via a communication line. And a terminal device capable of mutual communication, wherein the management means includes a permission information database in which permission information indicating that the user of the terminal device has received permission to use the data is recorded. , The data, the main program, and a recording unit in which a plug-in program for adding a predetermined function to the main program is recorded, and the main program is processed to process the data, and the main program And a control unit that performs the data addition processing by processing the plug-in program according to the processing of the instruction code. The terminal device makes a request for confirmation of the use permission related to the data to the management unit by the control unit processing the plug-in program, and the management unit refers to the permission information in the permission information database in response to the request. Confirming the use permission of the user of the terminal device, and when it is determined that the use permission has already been received as a result of the confirmation, the terminal device control unit transmits a message indicating that the use has been permitted. When the permission is received, the plug-in program processing is continued and the data addition processing is performed.

  When the terminal device has a display unit for displaying the data, the content of the data addition processing can be displayed on the display unit.

  The data is encrypted, a part of the bit length different from the decryption bit length is lost, and the gap between the missing parts can be made continuous. In this case, the management means has a missing data database in which position data indicating the missing data of the data and which part of the missing data is recorded in advance, and the control unit of the terminal device , By processing the plug-in program, it is determined whether or not missing data related to the data is recorded in the recording unit, and if it is determined that the data is not recorded as a result of this determination, permission to use the management means Request for missing data related to the data, and the management means confirms the use permission of the user of the terminal device with reference to the permission information in the permission information database in response to the request. As a result of the confirmation, if it is determined that the use permission has already been obtained, the fact that the permission has been granted and the missing data related to the data from the missing data database are displayed. Data and position information are read out and transmitted to the terminal device, and the control unit of the terminal device receives the missing data and position information and records them in the recording unit. When the unit determines that missing data is recorded on the recording unit as a result of determining whether or not missing data related to the data is recorded, or when the missing data and position information are recorded on the recording unit The process of the plug-in program is continued to recognize the missing part of the data with reference to the position information on the recording part, and the missing data read from the recording part is combined with the missing part, and the data Are decoded for each decoding bit length and displayed on the display unit.

  When the data is compressed before being encrypted, the control unit of the terminal device recognizes the missing part of the data by referring to the position information on the recording unit by continuing the processing of the plug-in program Then, the missing data on the recording unit is coupled to the missing part, the data is decoded for each decoding bit length, the data is restored from the compressed state to the original state for each decoding bit length, and displayed on the display unit. It is supposed to be displayed.

  The bit length of missing data is preferably a bit length different from a divisor or multiple of the decoding bit length. When the data is dropped at a plurality of locations, the bit length of the missing data × the number of missing locations is preferably a bit length different from a divisor or multiple of the decoding bit length.

  In the case of the data unauthorized use prevention method according to claim 1 of the present invention, when the control unit of the terminal device processes the plug-in program in accordance with the processing of the predetermined instruction code of the main program, the main program is processed. If the management means confirms the use permission of the data to be processed by the management means, and if the management means confirms the use permission of the data, the plug-in program process is performed. The data addition process can be performed by continuing. For this reason, even if a person who has illegally acquired the data operates his / her terminal device to cause the control unit to process the main program and to process the data, the predetermined instruction code of the main program In the process of the plug-in program corresponding to the above process, the management means cannot confirm the permission to use the data. Therefore, the process of the plug-in program cannot be continued and the data addition process cannot be performed. Therefore, unauthorized use by a person other than the user who has acquired the data properly can be suitably prevented. In addition, since the control unit of the terminal device processes the plug-in program, the management means confirms the data use permission. Therefore, if the plug-in program can be acquired separately from the main program, It can also be used for existing main programs.

  In the data unauthorized use prevention method according to claim 2 of the present invention, the content of the data addition processing is the content for displaying the data on the display unit of the terminal device. By making the content of the data addition process indispensable for processing the data in this way, it is possible to more suitably prevent unauthorized use of the data by a person other than the user who has acquired the data properly Can do.

  According to the method for preventing unauthorized use of data according to claim 3 of the present invention, the data is encrypted, a part of the bit length different from the decrypted bit length is lost, and the gap between the missing parts is made continuous. Has been processed. If the data is processed in this way, the data string of the data after the missing part of the data can be made a data string different from the data string when encrypted (that is, the data string before being deleted). For this reason, even if the plug-in program is processed by the control unit of the terminal device in the state where missing data has not been acquired and decoding is performed sequentially for each decoding bit length (predetermined calculation is performed) Is not returned to the data string before encryption, but is converted to an unknown number string or alphanumeric string. That is, if the missing data is not obtained from the management means, the data portion after the missing portion cannot be properly decrypted by the terminal device, and the data portion after the missing portion of the data is correctly displayed on the display unit. Since it cannot be displayed, unauthorized use by a person other than the user who has acquired the data properly can be prevented more appropriately. Moreover, as described above, when data is processed, a plug-in program is indispensable for displaying the data on the display unit. That is, even if another program is used, the data cannot be processed, so that there is a merit in further appropriately preventing unauthorized use by a person other than the user who obtained the data properly. In particular, when the data is highly versatile still image data data such as JPEG format, the effect becomes remarkable.

  In the data unauthorized use prevention method according to claim 4 of the present invention, the data is compressed before being encrypted. For this reason, if the plug-in program is processed by the control unit of the terminal device without acquiring the missing data and the decryption is sequentially performed for each decoding bit length, the data string of the data after the missing part is encrypted. Since it is different from the data string at the time of conversion, it is converted into an unknown number string or alphanumeric string. When the unknown number sequence or alphanumeric sequence is to be restored from the compressed state to the original state, the restoration process is stopped. For this reason, since data cannot be displayed on a display part, there exists a very merit in preventing unauthorized use of data.

  In the data illegal use prevention method according to claim 5 of the present invention, the bit length of the missing data is set to a bit length different from a divisor or a multiple of the decoding bit length. If the bit length of the missing data is a divisor or multiple of the decryption bit length, the data sequence of the data after the missing portion is the same as the data sequence when encrypted (that is, the data sequence before being deleted) Become. Thereby, it is possible to prevent a portion other than the missing portion of the data from being displayed on the display unit.

  In the method for preventing unauthorized use of data according to claim 6 of the present invention, the bit length of missing data × the number of missing portions is a bit length different from a divisor or multiple of the decoded bit length. If the bit length of missing data x the number of missing parts is a divisor or multiple of the decryption bit length, the data sequence of the data after the missing portion is encrypted (that is, the data sequence before being deleted) and This makes it possible to prevent the portions other than the missing data portion from being displayed on the display unit.

  Hereinafter, a method for preventing unauthorized use of data according to an embodiment of the present invention will be described with reference to the drawings. FIG. 1 is a configuration diagram of a data unauthorized use prevention system for realizing a data unauthorized use prevention method according to an embodiment of the present invention, and FIG. 2 is a configuration diagram of data used in the system. Is a diagram showing the configuration of the data body of the data, (b) is a diagram showing the processing steps of the data body, FIG. 3 is a flowchart of the authentication and accounting interrupt program processed by the control unit of the management center of the system, FIG. 4 is a flowchart of an interrupt program for software distribution processed by the control unit of the management center of the system, FIG. 5 is a flowchart of an image editing program processed by the control unit of the terminal device of the system, and FIG. It is a flowchart of the plug-in program processed by the control part of the terminal device.

  A data unauthorized use prevention system 100 shown in FIG. 1 is a system for realizing a method for preventing unauthorized use of data 10, and is a system for preventing data 10 from being illegally used.

  The system 100 includes a management center 110 (management means) that manages the use of data 10, and a plurality of management centers 110 that can communicate with each other via the communication line α and have a function of processing the data 10. And a terminal device 120. This will be described in detail below.

  The communication line α is a wired or wireless Internet line such as a digital line such as an optical communication line or an analog line such as a telephone line, or a line that transmits / receives radio signals such as digital broadcast or satellite broadcast.

  The data 10 has a data body 11 that is still image data and a header portion 12 of the data body 11.

  In the header section 12, read information for causing the terminal device 120 to read the data body 11, content information such as the content name of the data 10, the content ID assigned to the data body 11 and the data body 11 are subject to copyright protection. The copyright protection target data indicating that it is included. The read information is an address value or the like to be read first in the data body 11. Only the read information in the header portion 12 is encrypted.

  In the data body 11, start position information indicating the start position of the data body 11 is recorded in the first part. The data body 11 is compressed into a JPEG format by a computer (not shown), is encrypted, and a part of the data body 11 (hereinafter, a part of the missing data body 11 is referred to as missing data 11a) is missing. Then, the missing portion is filled and made continuous, and dummy data having the same bit length as the missing data 11a is added to the rear end thereof (see FIG. 2).

  The bit length of the missing data 11a is a bit length different from the decoding bit length of the decoding process of the terminal device 120, and a bit length different from a divisor or multiple of the decoding bit length. When the data body 11 is dropped at a plurality of locations, the bit length of the missing data 11a × the number of missing locations is set to a bit length different from a divisor or multiple of the decoding bit length. For example, when the decoding bit length is 10 bytes (ie, 80 bits), the bit length of the missing data 11a is 10 bytes and 7 bytes (ie, 56 bits) which is a bit length other than a divisor or a multiple thereof. ), 13 bytes (ie 104 bits), etc. When the bit length of the missing data 11a is 7 bytes, the data body 11 is not lost at 10 or 20 locations. This is because if the decoding bit length is 10 bytes and the bit length of the missing data 11a is 20 bytes, the data string of the decoding bit length data after the missing portion of the data body 11 causes the missing data 11a to be lost. This is because it is the same before and after deletion, and as a result, the portion after the missing portion of the data body 11 can be read. Further, when 10 missing data 11a having a bit length of 7 bytes is deleted, a data string having a decoded bit length after the 10th missing part of the data body 11 is lost before and after the missing data 11a is deleted. This is because there is a possibility that the part after the 10th missing part of the data body 11 can be displayed normally.

  The data 10 processed in this way is transferred from the computer to the management center 110 via the communication line α and recorded in the content DB 116 of the management center 110. The missing data 11a is transferred from the computer to the management center 110 via the communication line α together with position information indicating which part of the data body 11 the missing data 11a is, and the missing data DB 111 of the management center 110 is transferred. To be recorded. The position information is the data length and time from the start position information to the missing part.

  The management center 110 is operated by a person who conducts a business of selling the data body 11 of the data 10 to the user of the terminal device 120 under a contract with the copyright holder of the copyrighted work included in the data body 11. It is a server. In the figure, reference numeral 111 denotes missing data 11a, position information indicating which part of the data body 11 the missing data 11a is, decryption key c1 and data 10 for decrypting read information included in the header portion 12 of the data 10. A missing data DB in which a decryption c2 for decrypting the data body 11 is recorded in advance, 112 is a user information DB (permission information DB) in which user information about the user such as a user ID and password is recorded, and 113 is a computer , Etc., a control unit 114 connected to the communication line α and performing communication, 115 a memory unit such as a hard disk, 116 a content DB in which data 10 is recorded in advance, 117 a plug-in program 30 in advance This is a recorded software DB. Each DB includes not only one installed at the same location as the management center 110 but also one installed at another location and connected via the communication line α.

  The content ID of the data 10 corresponding to the missing data 11a is added to the missing data 11a on the missing data DB 111. The correspondence relationship between the missing data 11a on the missing data DB 111 and the data 10 is matched using this content ID.

  In addition to basic programs such as an operation system as a server, the memory unit 115 includes a data transmission interrupt program (not shown), a missing data transmission interrupt program shown in FIG. 3, a software distribution interrupt program shown in FIG. Is recorded. Although the contents of these programs will be described later, since the data transmission interrupt program is processed by the control unit 113, the server transmits the data 10 in response to the request for the data 10 of the terminal device 120. A function as a management center 110 for managing usage is exhibited. Note that the memory unit 115 also records an IP address of a charging center 130 described later.

  The management center 110 is connected not only to the terminal device 120 but also to the charging center 130 via the communication line α so that they can communicate with each other. This billing center 130 is a well-known server operated by a business operator who collects the charge of the data body 11 of the data 10 from the user on behalf of the person who operates the management center 110. Therefore, although detailed explanation is omitted, the billing center 130 collects the billing data recorded in the database sequentially or every predetermined period and bills the bank / card company or directly bills the user and transfers it to the user. And make payments at convenience stores.

  The terminal device 120 is a general-purpose computer used by a user. In the figure, 121 is a control unit such as a CPU, 122 is a display unit such as a monitor or a speaker (including not only those built in the terminal device 120 but also those connected via a communication cable), 123 is a keyboard, An operation unit such as a mouse, 124 is a read / write unit that reads / writes data from / to a recording medium, 125 is an auxiliary storage unit (recording unit) such as a hard disk, 126 is a main storage unit such as a DRAM, and 127 is The communication unit is connected to the communication line α and performs communication.

  In addition to the basic program such as an operation system as a computer, the auxiliary storage unit 125 records the image editing program 20 (main program) shown in FIG. 5, the plug-in program 30, the data 10, the missing data 11a, etc. shown in FIG. Is done.

  The image editing program 20 is an image editing program typified by Illustrator (registered trademark), Photoshop (registered trademark), and the like, and is processed by the control unit 121 so that images such as JPEG, GIF, BMP, and TIFF are displayed. This is a program for processing and editing data (for example, processing for changing the color, shape, etc. of image data). The image editing program 20 is sold in a state of being recorded on a homepage or recording medium on the Internet. That is, the image editing program 20 is downloaded and installed from the homepage to the auxiliary recording unit 125 via the communication line α when the user of the terminal device 120 operates the operation unit 123, or the user of the terminal device 120 The recording medium is set in the read / write unit 124 and the operation unit 123 is operated to install the recording medium in the auxiliary recording unit 125.

  The plug-in program 30 is a program for adding a display function of the data 10 to the image editing program 20, and the control unit 121 uses a predetermined instruction code of the image editing program 20 (step 14 of the plug-in program 30 described later). It is processed by processing. As will be described in detail later, the plug-in program 30 is downloaded and installed from the management center 110 on condition of user registration when the user of the terminal device 120 operates the operation unit 123.

  Hereinafter, a method for preventing unauthorized use of data using the data unauthorized use prevention system 100 will be described, and operations of the management center 110 and the terminal device 120 and contents of each program processed by each control unit will be described. For convenience of explanation, it is assumed that the data body 11 is missing only at one place. It is assumed that the image editing program 20 is already installed in the auxiliary recording unit 125 of the terminal device 120.

  First, the user operates the operation unit 123 of his / her terminal device 120 to access the management center 110 via the communication line α (ie, a search site (server) connected via the communication line α “Internet”). The management center 110 is accessed) and a request for acquiring the plug-in program 30 is transmitted. When the management center 110 receives the acquisition request, the control unit 113 processes the software distribution interrupt program shown in FIG. 4 and transmits user registration information input data to the terminal device 120 (s1). Upon receiving the user registration information input data, the terminal device 120 reads the user registration information input data, and displays and outputs the user registration screen on the display unit 122. After that, the user inputs his / her name, address, payment conditions such as “your own bank account number or credit card number” according to what the user registration screen shows through the operation unit 123 of the terminal device 120, and this registration data is transmitted to the communication line α. To the management center 110 via Upon receiving the registration data, the management center 110 creates a user ID and password, registers the user ID and password together with the registration data in the user information DB 124 (s2), and charges the user ID, password and registration data. The data is transmitted to the center 130 (s3). When the charging center 130 receives the user ID, password, and registration data, the control unit records the data in the database by processing the registration program. Then, data indicating the completion of recording is transmitted to the terminal device 120. When the terminal device 120 receives data indicating the completion of recording, the terminal device 120 reads the plug-in program 30 from the software DB 117 and transmits it to the user terminal device 120 via the communication line α together with the user ID and password. Then, the processing of the software distribution interrupt program is terminated. The terminal device 120 receives the plug-in program 30 and the user ID and records them in the auxiliary recording unit 125. The user ID and password may be entered by the user himself / herself during user registration.

  Thereafter, when the user operates the operation unit 123 of the terminal device 120, the plug-in program 30 is installed in the auxiliary recording unit 125.

  When acquiring the data 10 from the management center 110, the terminal device 120 accesses the management center 110 using a search site (server) or the like in the same manner as described above according to the operation through the operation unit 123 of the user, A request for list data of data 10 is made. Then, in the management center 110, the control unit 113 processes a content download interrupt program (not shown), and transmits the list data of the data 10 to the terminal device 120. The terminal device 120 reads this list data and displays and outputs a list of data 10 on the display unit 122. Thereafter, when the user operates the operation unit 123 to select and select the data 10 to be downloaded from the list, the content management unit 110 uses the content ID of the selected data 10 included in the list data as an application for downloading the data 10. Send.

  When the management center 110 receives the content ID, the control unit 113 processes the data transmission interrupt program. Then, the user ID and password input data included in the program are transmitted to the terminal device 120. Upon receiving the input data, the terminal device 120 reads the input data and displays and outputs the input screen on the display unit 122. Thereafter, the user inputs a user ID and a password on the input screen through the operation unit 123 of the terminal device 120 and transmits them to the management center 110. When the management center 110 receives the user ID and password, the management center 110 refers to the user ID, reads registration data related to the user ID from the user information DB 112, and confirms whether the user ID and password match (that is, And authenticating the user related to the user ID).

  When the user ID and the password do not match as a result of the authentication, the management center 110 transmits data indicating that the authentication is impossible to the terminal device 120. Then, the data transmission interrupt program is terminated. On the other hand, when the user ID and the password match, the content ID and the user ID are transmitted to the charging center 130.

  When the charging center 130 receives the content ID and the user ID, the control unit processes a charging program (not shown) on the recording unit, and refers to the fee table included in the program to store the fee related to the content ID in the database. In the recording location related to the user ID. Then, data indicating that charging has been completed is transmitted to the management center 110. When the management center 110 receives the data indicating that the charging is completed, the management center 110 refers to the user ID and records the content ID in the user information DB 112 as information indicating that the use permission of the data 10 related to the content ID is obtained. Data 10 corresponding to the content ID is read from the content DB 116 with reference to the content ID and transmitted to the terminal device 120. When receiving the data 10, the terminal device 120 records the data in the auxiliary storage unit 125.

  When the user performs an operation for executing the image editing program 20 on the auxiliary storage unit 125 of the terminal device 120, the control unit 121 processes the image editing program 20 shown in FIG. Then, it is determined whether or not the user has read image data such as data 10 (s10). If it is determined that there is no image data reading operation as a result of this determination, it is determined whether there is another operation (such as an existing editing operation of the image editing program 20) (s16). If there is no other operation, the process returns to step 10. On the other hand, if there is another operation, the other operation process is performed, and the process returns to Step 10. Note that the processing of the image editing program 20 is terminated by the user's termination operation.

  As a result of the determination in step 10, when it is determined that there has been an operation for reading image data, the header portion of the image data is read (s11), and it is determined whether or not the image data is data 10 (s12). ) That is, it is determined whether or not copyright protection target data is recorded in the header portion of the image data. As a result of the determination, if it is determined that the copyright protection target data is not recorded, the data body of the image data is read and displayed on the display unit 122 (s13). Thereafter, the process returns to step 10. On the other hand, when it is determined that the copyright protection target data is recorded (that is, data 10), the plug-in program 30 shown in FIG. 6 on the auxiliary recording unit 125 is processed (s14). Then, the process returns to step 10.

  When the plug-in program 30 is processed, it is determined whether or not the missing data 11a related to the data 10 is recorded on the auxiliary recording unit 125 (s20). As a result of this determination, when it is determined that the data is not recorded, the content ID included in the header portion 11 of the data 10 (this is used as a confirmation request for permission to use the data 10) is used as the missing data related to the data 10. It is transmitted to the management center 110 together with the request of 11a (s21).

  When the management center 110 receives the request and the content ID, the control unit 113 processes the authentication and billing interruption program shown in FIG. Then, the user ID and password input data included in the program are transmitted to the terminal device 120 (s40). When receiving the input data, the terminal device 120 reads the input data and displays and outputs the input screen on the display unit 122. Thereafter, the user inputs the user ID and password on the input screen through the operation unit 123 of the terminal device 120, and transmits them to the management center 110 (s22). When the management center 110 receives the user ID and password, the management center 110 reads the registration data related to the user ID from the user information DB 112 with reference to the user ID, and confirms whether the user ID and the password match (that is, (Authenticate the user related to the user ID) (s41).

  If the user ID and the password do not match as a result of the authentication, the management center 110 transmits data indicating that the authentication is impossible to the terminal device 120 (s42). Then, the authentication and accounting interrupt program is terminated. On the other hand, if the user ID and the password match, it is determined whether or not the content ID is recorded in the user information (that is, whether or not the data 10 related to the content ID is permitted to be used) ( s43). When it is determined that the content ID is recorded as a result of the determination, the missing data 11a, the position information, and the decryption keys c1 and c2 related to the content ID are read from the missing data DB 111 with reference to the content ID. The missing data 11a, the position information, and the decryption keys c1 and c2 are transmitted to the terminal device 120 (s44). Then, the processing of the authentication and billing interruption program ends. On the other hand, if it is determined that the content ID is not recorded, the content ID and the user ID are transmitted to the charging center 130 (s45).

  When the charging center 130 receives the content ID and the user ID, the control unit processes a charging program (not shown) on the recording unit, and refers to the fee table included in the program to store the fee related to the content ID in the database. In the recording location related to the user ID. Then, the management center 110 is notified that charging has been completed. When the management center 110 receives information that the accounting is completed (s46), the management center 110 refers to the user ID and records the content ID in the user information DB 112 as information indicating that the use of the data 10 related to the content ID is obtained ( s47). On the other hand, with reference to the content ID, the missing data 11a, the position information, and the decryption keys c1, c2 related to the content ID are read from the missing data DB 111, and the missing data 11a, the position information, and the decryption keys c1, c2 are read to the terminal device 120. Transmit (s48). Then, the processing of the authentication and billing interruption program ends.

  When the terminal device 120 receives data indicating that authentication is not possible from the management center 110 (s23), the terminal device 120 reads the data and outputs an error message on the display unit 122 (s24). And the process of the plug-in program 30 is complete | finished. On the other hand, when the missing data 11a, the position information and the decryption keys c1 and c2 are received (s23), the missing data 11a, the position information and the decryption keys c1 and c2 are recorded in a predetermined registry of the auxiliary storage unit 125 (s25), and step Return to 20.

  When the terminal device 120 determines in step 20 that the missing data 11a is recorded, the read information included in the header part 12 of the data 10 on the auxiliary storage unit 125 is read out on the main storage unit 126, while The decryption key c1 is read from the storage unit 125, and the read information is decrypted using the decryption key c1. Then, using the read information, the data body 11 of the data 10 on the auxiliary storage unit 125 is sequentially read into the main storage unit 126 for each decryption bit length, and the decryption key c2 is transferred from the auxiliary storage unit 125 to the main storage unit 126. Read and sequentially decrypt the data on the main storage unit 126 using the decryption key c2 for each decryption bit length, and sequentially restore the data from the compressed state to the original state through a JPEG filter. The main body 11 is displayed and output on the display unit 122 (s26).

  Along with the processing of step 26, the start position information of the data body 11 is read from the auxiliary storage unit 125 onto the main storage unit 126, while the position information is read from the auxiliary storage unit 125 onto the main storage unit 126, and the start position information is read from the start position information. Counting of the data length and time up to the position information is started (s27). Thereafter, it is determined whether or not the counting is finished (s28). Thereby, the missing portion of the data body 11 is recognized.

  As a result of this determination, when it is determined that the counting has been completed and the missing portion of the data body 11 is recognized, if the bit length of the missing data 11a is smaller than the decoded bit length, the data body 11 The missing data 11a is read onto the main storage unit 126 (that is, the data body 11 and the missing data are transferred as decoded bit length data) and combined (s29). Then, the decrypted bit length data on the main storage unit 126 is decrypted using the decryption key c2 (s30), and the data is passed through a filter such as JPEG to restore the compressed state to the original state (s31). The data is sequentially displayed on the display unit 122 (s32).

  When the bit length of the missing data 11a is larger than the decoding bit length, the data body 11 and a part of the missing data 11a are read from the auxiliary storage unit 125 onto the main storage unit 126 (that is, on the recording medium 110). The data body 11 and a part of the missing data 11a on the auxiliary storage unit 125 are transferred as decoded bit length data), and then the remaining missing data 11a (decoded bit) is transferred from the auxiliary storage unit 125. (Long data) is read out on the main memory 126 (s29). Then, the data on the main storage unit 126 is decrypted for each decryption bit length by using the decryption key c2 (s30), and the data is passed through a filter such as JPEG and restored from the compressed state to the original state (s31). The data is displayed and output on the display unit 122 (s32).

  Alternatively, a part of the missing data 11a (data corresponding to the decoding bit length) is read from the auxiliary storage unit 125 onto the main storage unit 126, and then the data body 11 and the remaining missing data 11a are read from the auxiliary storage unit 125. Are read and combined on the main storage unit 126 (s29). Then, the data on the main storage unit 126 is decrypted for each decryption bit length by using the decryption key c2 (s30), and the data is passed through a filter such as JPEG and restored from the compressed state to the original state (s31). The data is displayed and output on the display unit 122 (s32). Thereafter, data after the missing portion of the data body 11 is read into the main storage unit 126 for each decryption bit length, sequentially decrypted for each decryption bit length using the decryption key c2, and the data is passed through a filter such as JPEG. Then, the compressed state is restored to the original state sequentially, and the data after the missing portion of the data body 11 is displayed and output on the display unit 122 (s33). In this way, the entire data body 11 is displayed on the display unit 122. If the bit length of the missing data is twice or more than the decoded bit, the processing from step 29 to step 32 is repeated. The processing of the plug-in program 30 ends when the user performs an end operation of the image editing program 20 or a display end operation of the data 10 through the operation unit 123.

  In the case of the data unauthorized use prevention method realized by the data unauthorized use prevention system 100, the control unit 121 of the terminal device 120 performs plug-in according to the processing of the activation command of the plug-in program 30 of the image editing program 20. When processing the program 30, the management center 110 confirms the use permission of the data 10, and if the result of the check indicates that the management center 110 has confirmed the use permission of the data 10, the plug-in The processing of the program 30 is continued and the data 10 is displayed on the display unit 122. Therefore, even if a person who has illegally acquired the data 10 operates his / her terminal device 120 to cause the control unit 121 to process the image editing program 20 and edit the data 10, the plug-in program 30. In this process, the management center 110 cannot confirm the permission to use the data 10, so the processing of the plug-in program 30 cannot be continued and the data 10 cannot be displayed on the display unit 122. Therefore, unauthorized use by a person other than the user who has acquired the data 10 properly can be suitably prevented. In addition, since the plug-in program 30 can be acquired separately from the image editing program 20, the existing image editing program 20 already installed on the auxiliary recording unit 125 of the terminal device 120 can be supported.

  Furthermore, the data 10 is compressed, encrypted, and processed so that a part of the bit length different from the decryption bit length is lost and the gap between the lost parts is continuous. If the data 10 is processed in this way, the data string of the data after the missing part of the data body 11 of the data 10 is different from the data string when encrypted (that is, the data string before being deleted). Therefore, if it is attempted to sequentially decode (predetermined calculation) for each decoding bit length without obtaining the missing data 11a, the data after the missing part does not return to the data string before encryption. , Converted to unknown number sequence or alphanumeric sequence. When this unknown number sequence or alphanumeric sequence is passed through a filter such as JPEG (recovery is attempted), the recovery process is stopped. For this reason, unless the missing data 11a is obtained from the management center 110, the data 10 cannot be displayed on the display unit 122. Therefore, unauthorized use by a person other than the user who has acquired the data 10 can be prevented more appropriately.

  The data 10 is recorded in the auxiliary recording unit 125 of the terminal device 120 in the state processed as described above. In displaying the data 10 on the display unit 122, the data 10 is read from the auxiliary recording unit 125 onto the main storage unit 126 and processed so that it can be displayed (that is, the missing part is combined and decoded). To be restored). That is, the data 10 can be displayed only on the main storage unit 126 which is a volatile memory, and is always encrypted on the auxiliary recording unit 125 which is a non-volatile memory. Therefore, this point also has an advantage in preventing unauthorized use of the data 10.

  Further, since the plug-in program 30 is indispensable for displaying the data 10 on the display unit 122, the data 10 cannot be edited using another image editing program. This is also advantageous in preventing unauthorized use of the data 10.

  In addition, even if the content of the plug-in program 30 is a response from the management center 110 that the use permission of the data 10 is confirmed, the user is authenticated and charged. The missing data 11a related to the data 10 is transmitted to the terminal device 120 of the user. For this reason, even if the data 10 is illegally leaked to the Internet, it is possible to collect a charge related to its use. In other words, since secondary and tertiary charging of the data 10 can be performed, there is an advantage in promoting the distribution of the data 10.

  Although the data body 11 of the data 10 is still image data in JPEG format, it goes without saying that still image data in other formats such as GIF, BMP, and TIFF may be used. When the data body 11 is still image data in an uncompressed format such as the BMP format, if the data body 11 is illegally read, the portion after the missing portion of the data body 11 is a sequence of unknown numbers or alphanumeric strings. The data is displayed on the display unit 122. Even in this case, since the data after the missing portion of the data body 11 is not correctly displayed, unauthorized use of the data body 11 can be prevented. The data body 11 can be not only still image data but also moving picture data such as MPEG.

  Furthermore, although the data body 11 is encrypted and processed such that a part of the bit length different from the decrypted bit length is lost and the gap between the lost parts is continuous, the data body 11 is processed. Whether or not is arbitrary. Further, not only the data main body 11 but also other data can be deleted at the position where the data 10 is deleted. For example, read information of the header portion 12 of the data 10 or the like.

  Although the data 10 is recorded in advance in the content DB 116 of the management center 110, the present invention is not limited to this. For example, the data 10 is recorded on a recording medium and distributed, and the user sets the recording medium in the read / write unit 124 of the terminal device 120 and operates the operation unit 123 so as to be recorded in the auxiliary storage unit 125. May be. In this case, the management center 110 does not need the content DB 116.

  The position information is the data length and time from the start position information to the missing part, but may be an address value or the like indicating the missing part. In this case, for example, it is sequentially determined whether or not the address value of the data body 11 to be read out next matches the position information. As a result of this determination, if it is determined that they do not match, the data body 11 indicated by the address value is changed. When it is determined that the data coincide with each other, the missing data 11a on the auxiliary storage unit 125 is read.

  Further, it is possible to determine a missing part in advance and include the position information in the image editing program 20. In this case, it is not necessary to record the positional information together with the missing data 11a in the missing data DB 111 of the management center 110.

  The image editing program 20 is an example, and other programs can be used as the main program. For example, as a main program, a browsing program (browser) for displaying homepage information on the Internet, a reproduction program for reproducing audio / video data, a display program for displaying still image data / document data, There are office programs such as word processors, spreadsheets, and databases, and programs that process and display text data.

  The plug-in program 30 may be any content that allows the management center 110 to make a usage permission confirmation request for the data 10 and to continue the subsequent processing when it receives the permission from the management center 110. Therefore, when the data 10 is not processed as in the embodiment, the data 10 may be simply read instead of the contents of the combination, decryption, and restoration processing of the data 10. In this case, the content for requesting the missing data 11a is not necessary together with the request for confirming permission to use the data 10.

  Although the content of the additional processing of the plug-in program 30 is the display processing of the data 10, it is not limited to this. For example, if the main program is a viewing program, a display program for displaying still image data / document data, an office program such as a word processor / spreadsheet / database, a program for processing and displaying text data, the addition The content of the process can be a display process of the data, and if the main program is a reproduction program for reproducing audio / video data, the content of the additional process is a reproduction process of the data Can do. When data is encrypted, the content of the additional process can be a decryption process of the data.

  The management center 110 performs authentication and billing. However, the billing center 130 may perform authentication, and the management center 110 may be permitted to transmit the missing data 11a according to the authentication result. Similarly, although the management center 110 performs user registration, it is naturally possible that the charging center 130 performs user registration and transfers this user information to the management center 110. Further, the billing center 130 and the management center 110 can be combined and operated by a single server. If the billing center 130 is connected to the bank / card company via the communication line α, it is of course possible to make an immediate payment.

  Although the user registration has been described as being performed when the plug-in program 30 is downloaded, the present invention is not limited to this. When the plug-in program 30 is distributed in a state of being recorded on a recording medium, it may be manually performed at the time of distribution. Further, the user registration information is not limited to the contents of the above embodiment. That is, other information can be added. Other information includes unique information of the terminal device 120 (CPU number, hard disk number, etc. recorded in the auxiliary recording unit 125). In this case, the terminal device 120 transmits the unique information of the terminal device 120 (CPU number, hard disk number, etc. recorded in the auxiliary recording unit 125) together with the user ID and the like by the process of step 21 of the plug-in program 30. To. The management center 110 performs authentication using the unique information together with the user ID and the like. In this way, the terminal device 120 that has purchased the data 10 can be identified, and the data 10 can be made unusable by other than the terminal device 120. Therefore, there is an advantage in preventing unauthorized use of the data 10.

  In the above embodiment, the method for selling the data 10 has been described. However, the data 10 may be rented. In this case, a missing data deletion program is added to the image editing program 20. This missing data deletion program obtains the difference between the date and time when the missing data 11a was received and the current date and time as an elapsed period from the time when the missing data 11a was transmitted, and when this has reached the rental period included in the rental information Indicates that the missing data 11a and the position information are deleted from the auxiliary storage unit 125 because it is outside the rental period.

1 is a configuration diagram of a data unauthorized use prevention system for realizing a data unauthorized use prevention method according to an embodiment of the present invention; FIG. FIG. 2 is a diagram showing the configuration of data used in the system, in which (a) shows the configuration of the data body of the data, and (b) shows the processing steps of the data body. It is a flowchart figure of the authentication and charging interruption program processed by the control part of the management center of the same system. It is a flowchart of the interruption program for software delivery processed by the control part of the management center of the same system. It is a flowchart of the image editing program processed by the control part of the terminal device of the same system. It is a flowchart of the plug-in program processed by the control part of the terminal device of the same system.

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 Data 11 Data main body 12 Header part 20 Image editing program 30 Plug-in program 100 Data unauthorized use prevention system 110 Management center (management means)
120 Terminal device 130 Billing center

Claims (6)

In a system comprising management means for managing the use of data, and a computer having a function for processing the data and a terminal device capable of mutual communication with the management means via a communication line,
The management means has a permission information database in which permission information that the user of the terminal device has received permission to use the data is recorded,
The terminal device performs processing of the data by processing the main program, a recording unit in which data, a main program, and a plug-in program for adding a predetermined function to the main program are recorded. A control unit that performs the process of adding the data by processing the plug-in program according to the processing of a predetermined instruction code of the program,
In the terminal device, the control unit processes the plug-in program to request the management unit to confirm the use permission related to the data,
The management means confirms the use permission of the user of the terminal device with reference to the permission information in the permission information database in response to the request, and if it is determined that the use permission has already been obtained as a result of the confirmation, the permission is granted. Is sent to the terminal device,
6. A method of preventing unauthorized use of data, wherein when the control unit of the terminal device receives the permission, the plug-in program process is continued to perform the data addition process. The method for preventing unauthorized use of data according to claim 1, wherein the terminal device has a display unit for displaying the data.
The method of preventing unauthorized use of data, wherein the content of the data addition process is to display the data on a display unit. In the method of preventing unauthorized use of data according to claim 2,
The data is encrypted, a part of the bit length different from the decryption bit length is omitted, and the gap between the missing parts is continuous,
The management means includes a missing data database in which position data indicating the missing data of the data and which portion of the data the missing data is recorded in advance.
When the control unit of the terminal device determines whether or not missing data related to the data is recorded in the recording unit by processing the plug-in program, and determines that the data is not recorded as a result of this determination Makes a request for confirmation of use permission to the management means, and requests for missing data related to the data,
The management means refers to the permission information on the permission information database in response to the request, confirms the use permission of the user of the terminal device, and when it is determined that the use permission has already been received as a result of the check, With the fact that it is permitted, the missing data and the position information related to the data are read from the missing data database and transmitted to the terminal device,
The control unit of the terminal device is configured to receive the missing data and position information and record them in a recording unit,
When the control unit of the terminal device determines that missing data is recorded on the recording unit as a result of determining whether or not missing data related to the data is recorded, or records missing data and position information In the case of recording in the recording section, by continuing the processing of the plug-in program, by referring to the position information on the recording section, the missing portion of the data is recognized, and the missing data read from the recording portion in the missing portion A method for preventing unauthorized use of data, characterized in that the data is combined and decoded for each decoding bit length and displayed on a display unit. The method of preventing unauthorized use of data according to claim 3, wherein the data is compressed before being encrypted.
The control unit of the terminal device recognizes the missing part of the data by referring to the position information on the recording unit by continuing the processing of the plug-in program, and combines the missing data on the recording unit with the missing part. The data is decoded for each decoding bit length, and the data is restored from the compressed state to the original state for each decoding bit length and displayed on the display unit. Method.   5. The method for preventing illegal use of data according to claim 3, wherein the bit length of missing data is a bit length different from a divisor or multiple of the decoded bit length.   5. The method of preventing unauthorized use of data according to claim 3 or 4, wherein the data is deleted at a plurality of locations, wherein the bit length of the missing data × the number of missing locations is a bit length different from a divisor or multiple of the decoding bit length. A method for preventing unauthorized use of data.

Images