JP2007188530A - License transfer device, storage medium, and medium reading method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To copy and distribute a content while protecting a person who has the right for the content in a license transfer system for transferring the right of use of the content. <P>SOLUTION: The content is encrypted with a key 1, and the key 1 and use right information 41 are encrypted with a key 2 composed of a medium ID for specifying a storage medium 10 storing them. When the use right of the content is transferred, the content is transferred to a storage medium 30 of a transfer destination as it is encrypted with the key 1. The key 1 and the use right information 41 are decoded with the medium ID of the storage medium 10 before transfer, further encrypted with the medium ID of the storage medium 30 of the transfer destination, and stored in the storage medium 30 of the transfer destination. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a license delegation apparatus for delegating content usage rights from a first storage medium to a second storage medium.

  In recent years, it has become a problem how to protect copyrights effectively.

  For example, in the case of a tangible object such as a book, the distribution itself is not accompanied by reproduction, and if the book is resold, the book goes to the purchaser and the book does not exist under the seller. Although it is relatively easy to protect rights, in the case of a digitalized work, for example, when the digitized work is transmitted over a network, the same work is generated on both the own side and the other side. However, the distribution itself results in duplication, and it is usually considered extremely difficult to effectively protect the copyright for such digitalized work.

  In view of the above circumstances, the present invention provides a license delegation apparatus capable of delegating the right to use content such as digitized documents, movies, programs, etc. while protecting those who have rights regarding the content. With the goal.

The license delegation device of the present invention that achieves the above object is as follows.
The first medium ID includes both the content encrypted with a predetermined key, the first media ID for identifying itself, and the first usage information indicating the use right of the key and the content together or separately. To access the first storage medium storing the first encrypted secure information encrypted by the first storage medium and the second storage medium storing the second medium ID for identifying itself. In the license delegation apparatus for delegating the right to use the content stored in the storage medium from the first storage medium to the second storage medium,
In delegating the right to use the content, the first encrypted secure information stored in the first storage medium is decrypted using the first media ID to obtain the key and the first usage right information. The first usage right represented by the decryption means, the key obtained by the decryption by the decryption means, and the first use right information obtained by the decryption by the decryption means is transferred or distributed. The second storage right information is generated by encrypting both the second usage right information representing the second usage right together with or separately from the second media ID and generating the second encrypted secure information. It is characterized by comprising encryption means for storing in a medium.

  Here, in the license delegation apparatus of the present invention, the encryption means further includes a third usage right representing a third usage right after the second usage right is subtracted from the first usage right. By encrypting the information or both the key and the third usage right information with the first media ID and writing back to the first storage medium, the first storage medium stores the first information. Instead of the encrypted secure information, the third encrypted media information in which both the key and the third usage right information are encrypted with the first media ID may be stored. Alternatively, when the entire right to use the content of the first storage medium is delegated to the second storage medium, the encryption means includes the key obtained by the decryption by the decryption means, and the first The second usage that inherited all of the usage rights of 1 The second encrypted secure information obtained by encrypting the second usage right information representing the right is generated and stored in the second storage medium, and the first stored in the first storage medium You may destroy the key which comprises encryption secure information.

  The above-mentioned “first encrypted secure information obtained by encrypting both the key and the first usage right information together or separately with the first media ID” includes the key The first usage right information is encrypted with the first media information separately from the first media ID, and the encrypted key and the encrypted first usage right information are combined. May be referred to as first encrypted secure information, or a combination of both the key and the first usage right information is encrypted with the first media information, and the encrypted information is This means that it may be referred to as one encrypted secure information.

  In addition, the above-mentioned “key and .... the second usage right information together or separately .... the second encrypted secure information is generated by encrypting with the second media ID ... The same applies to “...” and “third encrypted secure information in which both the key and the third usage right information are encrypted with the first media ID”.

  Further, the above-mentioned "third usage right information or ... key and ... both of the third usage right information and ... encrypt with the first media ID ..." In a system that separately encrypts the first usage right information or the second usage right information, only the third usage right information needs to be encrypted, and the key and the first (or second) usage right are encrypted. In a system for encrypting a series of information, this means that a series of both a key and third usage right information is encrypted.

  The license delegation apparatus of the present invention has been completed by paying attention to the fact that a unique ID (referred to as a media ID) is attached to each of, for example, an MO (magneto-optical disk) and a hard disk.

  By distributing content encrypted with a predetermined key, the encrypted content itself cannot be used unless it is decrypted using the key. Therefore, both the key for decrypting the encrypted content and the usage right information (for example, information indicating whether or not the use of the content is permitted) are both represented by the media ID unique to the storage medium. Encrypt it. By doing so, the encrypted content cannot be used even if it is distributed by itself leaving the storage medium on which the content was originally stored, and if the key is distributed as it is, the encrypted content will not be used. Since the media IDs are different, the key cannot be decrypted, and therefore unauthorized use by a person without usage rights can be prevented.

  In such a system, in order to transfer the right of use of the user (first storage medium) to the transfer destination (second storage medium), the key and the user's right of use are transferred with the media ID of the user (first storage medium). Decrypt the information, distribute the usage right (or the entire usage right) within the scope of your usage right (for example, the remaining number of times it can be used), the key, The usage right information as a whole is encrypted with the media ID (second media ID) of the delegation destination (second storage medium) and stored in the delegation destination (second storage medium). The user (first storage medium) encrypts the remaining usage rights (including the usage right that there is no usage right) with the media ID (first media ID) of the user (first storage medium). Write back to me (first storage medium). Alternatively, when delegating all of the usage rights, instead of encrypting and writing back the remaining usage rights (in this case, the usage rights that do not exist), the self (first storage medium) The key stored in the encrypted format on one storage medium) may be destroyed. By doing so, the right to use can be transferred without violating the rights of those who have rights regarding the content.

Here, in the license delegation apparatus of the present invention, the content for which the use right is to be delegated is stored in the first storage medium before delegating the right to use the content,
Content transfer means for reading the encrypted content to be transferred stored in the first storage medium and storing it in the second storage medium in the encrypted state when transferring the right to use the content It is preferable to provide.

  Since the content itself is distributed in an encrypted state, it may be distributed at any time. For example, when the content is already distributed, only the key and the right to use may be passed. In delegating the right to use the content, the content may be moved (replicated) from the first storage medium to the second storage medium.

  In the license delegation apparatus of the present invention, the first use right information and the second use right information indicate that the use right exists, and the third use right information indicates that the use right exists. It may be that it does not exist, or the first usage right information represents the first usable number of times or the usable time, and the second usage right information is the first usage right information. This represents the second usable number or usable time within one usable number or usable time, and the third usage right information is the second usable number from the first usable number or usable time. It may represent a third usable number or usable time after subtracting the usable number or usable time.

  In addition, for example, an ID for identifying a person who has a right to use may be used as the right-of-use information, and the right-to-use information may be any information as long as it represents the presence / absence or range of the right to use.

The license delegation apparatus of the present invention includes a first drive and a second drive for driving the first storage medium and the second storage medium, respectively, and the first drive and the second drive are: Each having a first firmware and a second firmware for accessing the first storage medium and the second storage medium, respectively;
The decryption means and the encryption means are configured in firmware as a composite of the first firmware and the second firmware,
Only the first firmware has the right to access the first storage medium driven by the first drive, and only the second firmware accesses the second storage medium driven by the second drive It is preferable that it has the title to do.

  Here, “only the first firmware has the right to access the first storage medium”, “only the second firmware has the right to access the second storage medium”, for example, an application This means that the program or the like cannot be directly accessed to the first storage medium or the second storage medium without the first firmware or the second firmware. With such a configuration, the right of a person who has a legitimate right regarding the content is more reliably protected including the following cases.

  In other words, in the case of a system in which a storage medium can be accessed directly from an application program without intervention of firmware, the application program uses the first before transferring the usage right from the first storage medium to the second storage medium. The first encrypted secure information described above is read out by directly accessing one storage medium and stored in the third storage medium. After making such preparations, the right to use is transferred from the first storage medium to the second storage medium. After the delegation is completed, the first encrypted secure information before delegation that has been reproduced in advance to the third storage medium by directly accessing the first storage medium again with the application program is stored in the first storage medium. Write back to In this case, the first storage medium returns to the state prior to the transfer of the right of use, and the right of use is also generated in the second storage medium, resulting in the violation of the right of the right holder.

  Therefore, by making access possible only from the firmware as described above, it is possible to prevent the occurrence of fraud as described above, and to protect the right of the rightful owner more reliably.

  As described above, according to the present invention, it is possible to copy or distribute the content without violating the rights of those who have rights regarding the content.

  Hereinafter, embodiments of the present invention will be described.

  Here, for ease of understanding, conceptual embodiments will be described first, and then specific embodiments will be described.

  FIG. 1 is a configuration diagram showing an embodiment of a license delegation apparatus of the present invention, and FIG. 2 is a schematic diagram for explaining the embodiment.

  FIG. 1 shows a first storage medium 10, a drive 20, and a second storage medium 30. Neither the first storage medium 10 nor the second storage medium 30 asks the type of the storage medium, but it is necessary to have a media ID that identifies the storage medium. This media ID does not need to reliably identify the same type of storage medium, and is unique to the storage medium, for example, so that two storage media having the same media ID can hardly be expected to meet each other. I just need it.

  In the present embodiment, the drive 20 is a first drive for driving the first storage medium 10, for example, a magneto-optical disk drive device when the first storage medium 10 is an MO (magneto-optical disk), and a second When the second storage medium 30 is a hard disk, for example, when the second storage medium 30 is a hard disk, it is considered as a complex with a hard disk drive device that drives the hard disk.

  The first drive is equipped with first firmware for accessing a first storage medium driven by the first drive, which is a combination of the microcomputer and software operating on the microcomputer. Similarly, the second drive is also accessed to access a first storage medium driven by the second drive, which is a combination of a microcomputer and software running on the microcomputer. The second firmware is installed. Here, it is assumed that firmware as a complex of the first firmware and the second firmware is mounted on the drive 20.

  Each of the first storage medium 10 and the second storage medium 20 includes MID areas 11 and 31 for storing its own media ID, and a secure area 12 for storing usage right information and other information related to attributes of content. , 32 and user areas 13 and 33 in which the content itself is stored. Here, the right to use the content held by the first storage medium 10 is to be transferred to the second storage medium 30, and therefore, here, the MID area 11, the secure area 12, and the first storage medium 10 It is assumed that the media ID, usage right information, other attributes, and content of the first storage medium 10 are actually stored in the user area 13, respectively.

  On the other hand, the media ID of the medium 30 of the second storage medium 30 is stored in the MID area 31 of the second storage medium 30, but the secure area 32 and the user area 33 are prepared as areas in advance. Alternatively, these areas may be generated when delegating the right to use the content.

  The decryption unit 21, the encryption unit 22, and the content transfer unit 23 described below are built in firmware installed in the drive 20, and the application program can start the firmware. It is configured such that it cannot enter the operation of the firmware to control the operation of the firmware, or cannot directly access the first storage medium or the second storage medium without the intervention of the firmware. Yes.

  That is, the MID areas 11 and 31 are areas where reading by the firmware is permitted and writing is prohibited, and in principle, the application is prohibited from accessing the MID areas 11 and 31 including the case where firmware is interposed. ing.

  Further, the secure areas 12 and 32 and the user areas 13 and 33 are areas where reading and writing by the firmware area are permitted. In the present embodiment, the secure area 12 and the user area 13 and 33 are only when the farm area is interposed. 32 and user areas 13 and 33 can be accessed, and direct read / write cannot be performed. However, the user areas 13 and 33 may be areas where direct access by an application is permitted.

  The MID areas 11 and 31 are preferably provided on a nonvolatile storage medium that is physically rewritable independently of the secure areas 12 and 32 and the user areas 13 and 33. However, in this embodiment, the MID area is provided on the first storage medium and the second storage medium together with the secure area and the user area.

  Here, as shown in FIG. 2, the content stored in the user area 13 of the first storage medium 10 is stored in a format encrypted with the key 1, and the key 1 includes the usage right information 41. At the same time, it is stored in the secure area 12 in a format encrypted with the key 2 which is stored in the MID area 11 and made up of the media ID of the first storage medium 10. Here, in FIG. 2, “1 → 0” is shown as the usage right information 41 stored in the secure area 12, but “1” means that the right to use the content exists, “0” means there is no right to use the content, and “1 → 0” means “1” before delegating the usage right, and it is rewritten to “0” when delegating the usage right. I mean. Further, in FIG. 2, the secure area 12 and the user area 13 are drawn so as to extend further to the right, but this is because a plurality of user areas of one storage medium (here, the first storage medium 10) are included in the user area. This means that contents are stored, and keys, usage right information, etc. may be stored in the secure area 12 for each of the plurality of contents.

  Here, when the key 1 and the usage right information 41 are encrypted with the key 2, in FIG. 2, the combined information of the key 1 and the usage right information 41 is depicted as being encrypted with the key 2. The key 1 may be encrypted with the key 2, and the usage right information 41 may be encrypted with the key 2. In any case, the combination of both the key 1 encrypted with the key 2 and the usage right information encrypted with the key 2 is herein referred to as encrypted secure information (the first term referred to in the present invention). 1 encrypted secure information).

  In delegating the right to use the content, the media ID of the first storage medium 10 (referred to in the present invention) stored in the MID area 11 of the first storage medium 10 by the decryption means 21 of the drive 20 shown in FIG. The first encrypted secure information stored in the secure area 12 is decrypted with the key 2 consisting of the first media ID), and the plaintext key 1 and the usage right information 41 (here, the usage right) are decrypted by the encryption. '1') indicating that exists. Therefore, this time, the encryption means 22 of the drive 20 shown in FIG. 1 shows that the key 1 and the usage right information 41 ('1' indicating that the usage right exists) returned to the plaintext by the decryption. The third encrypted secure information is generated by encrypting with the key 3 composed of the media ID (second media ID according to the present invention) stored in the MID area 31 of the second storage medium 30, Stored in the secure area 32 of the storage medium 30. The usage right information 42 drawn in the secure area 32 of the second storage medium 30 in FIG. 2 is “0 → 1” because there is no usage right before the usage right is delegated and “0”. It means that it has been rewritten to “1” indicating that the usage right exists by receiving the transfer of the usage right.

  Also, in the first storage medium 10, the decrypted usage right information 41 is rewritten to “0” indicating that the usage right does not exist, and the decrypted key 1 and the usage right do not exist. Is encrypted with the key 2 consisting of the media ID of the first storage medium 10, and new encrypted secure information (third secure information according to the present invention) is generated. Instead of the first encrypted secure information stored in the secure area 12 of one storage medium 10, the newly generated third secure information is stored in the secure area 12.

  Alternatively, since the right to use the content no longer exists in the first storage medium 10, the key 1 is unnecessary, and the third secure information is generated and stored in the secure area 12 of the first storage medium 10. Instead of storing, the key 1 stored in an encrypted form in the secure area 12 may be destroyed.

  Further, the content encrypted with the key 1 and stored in the user area 13 of the first storage medium 10 is read from the first storage medium 10 by the content transfer means 23 of the drive 20 shown in FIG. Then, it is stored in the user area 33 of the second storage medium 33 while being encrypted with the key 1.

  As described above, the right to use the content that has been owned by the first storage medium 10 is transferred to the second storage medium 20.

  Thereafter, in the second drive that drives the second storage medium 20, when there is a request for reading this content from the application program, the second firmware installed in the second drive Encrypted secure information stored in the secure area 32 with the key 3 made up of the media ID of the second storage medium 30 accessed in the storage medium 30 and stored in the MID area 31 of the second storage medium 30 Is decrypted, the use right is confirmed, the encrypted content stored in the user area 33 is decrypted with the key 1, and the decrypted content is returned to the application program.

  On the other hand, after delegating the usage right, if the first drive that drives the first storage medium 10 receives a request to read the content delegated the usage right from the application program, the first drive The first firmware installed in one drive accesses the first storage medium 10 and is a key composed of the media ID of the first storage medium 30 stored in the MID area of the first storage medium. 2. When the encrypted secure information stored in the secure area 12 is decrypted and the existence of the usage right is confirmed, it is recognized that the usage right does not exist, or the above-described system for destroying the key 1 Recognizes that key 1 has been destroyed or that the content cannot be decrypted, and the content is read by the application program. To notify that is a non-issue. In this way, the right to use the content can be effectively delegated without violating the rights of those who have rights regarding the content.

  Here, in the above-described embodiment, for the sake of simplicity, the usage right information is described as binary information of “1” indicating that the usage right exists and “0” indicating that the usage right does not exist. However, the usable number of times may be used as the usage right information. For example, it is assumed that the usage right information of the first storage medium 10 before delegation is “10” indicating the usable number of times 10 and a part of the usable number of times, for example, only the usable number of times 3 is the second. The storage medium 30 may be delegated. In this case, the right-of-use information of the second storage medium 30 is “3” indicating the number of times of use is “3”, and the first storage medium 10 is “7” indicating the number of times of use of seven as the right-of-use information. Is written back. When the content is used in the first storage medium 10 or the second storage medium 30, the first firmware installed in the first drive or the second firmware installed in the second drive each time the content is used. The number of usable times of the first storage medium 10 or the second storage medium 30 is subtracted by 1 by one firmware.

  Here, when the usage rights for three times delegated to the second storage medium 30 are used up, if the usage rights still remain in the first storage medium 10, a part or all of the usage rights are as described above. It is also possible to delegate to the second storage medium again by the same procedure. However, in this case, since the encrypted content itself has already been transferred to the second storage medium 30, it is not necessary to transfer the content itself to the second storage medium 30, and only the right to use the content is stored in the second storage medium 30. To the storage medium 30.

  In the example shown in FIG. 2, both the key 1 and the usage right information are regarded as one information, and the encrypted secure information for the first storage medium 10 is obtained by encrypting the information with the key 2. The encrypted secure information for the second storage medium 30 is generated by generating both the key 1 and the usage right information as one piece of information and encrypting the information with the key 3. 1 and usage right information may be encrypted separately. In that case, since the key 1 is already stored in the first storage medium 10 in the form of encryption when delegating the usage right, only the new usage right information can be encrypted and written back to the first storage medium 10. That's fine. In addition, when delegating the number of usable times in a plurality of times, since the second delegation is already stored in the second storage medium 30 in the format in which the key 1 is encrypted with the key 3 It is only necessary to encrypt only the usage right information indicating the usable number of times of delegation and write it in the secure area 32 with the key 3.

  In addition to the key 1 and the usage right information, attributes other than the usage right information of the content such as the name of the content, the last access date and time of the content may be stored together in the secure area. If it is not necessary to encrypt the attribute, it may be stored as plain text, or it may be encrypted together with the key 1 and usage right information even if those attributes do not need to be encrypted. May be used.

  Furthermore, in the above description, the use right information is described by taking the presence or absence of the use right and the number of times of use, but in addition to this, the usable time may be used as the use right information, and an ID representing a person who is permitted to access is used. The right-of-use information may be used, and various types of information representing the presence / absence of the right-of-use or the usable range can be used as the right-of-use information.

  FIG. 3 is an external perspective view showing an example of a computer system on which an embodiment of the license delegation apparatus of the present invention is mounted, and FIG. 4 is a block diagram showing the configuration of the computer system.

  As shown in FIG. 3, the computer system 50 has a main body 51 incorporating a CPU, a memory, and the like, an image display device 52 that displays an image on a display screen 52 a, and various types of computer system 50. Are constituted by a keyboard 53 which is an operator for instructing the above and a mouse 54 which is an operator for designating a position on the display screen 52a of the image display device 52. Further, the main body 51 shows an MO loading port 51a into which an MO (magneto-optical disk) 100 is loaded and detachably loaded.

  Further, as shown in FIG. 4, the computer system 50 includes a CPU 55 that executes various programs, a memory 56 that is used as a temporary storage area for programs to be executed and data, and a keyboard 53. A keyboard interface 57 for transferring data to and from the mouse, a mouse interface 58 for transmitting data associated with the operation of the mouse 54, a display interface 59 for transmitting display data to the image display device 52, and the MO loading port 51 shown in FIG. An MO drive 60 for driving the loaded MO 100 and a hard disk drive 61 for driving a built-in hard disk 62 are provided, and these are connected to each other via a bus 63 as shown in FIG.

  Here, the case where the right to use the content stored in the MO 100 is delegated to the hard disk 62 in the computer system 50 shown in FIGS. 3 and 4 will be described. In the case where it is set, since the case of delegating a part of the usable number of times within the usable number of times to the first time has already been described with reference to FIG. 1 and FIG. A case will be described where the usable number of times used is exhausted and the predetermined usable number of times is delegated again. The description with reference to FIGS. 1 and 2 is a conceptual description for understanding the present invention, but a more detailed description will be given here.

  FIG. 5 is a diagram showing a procedure for delegating the right to use content stored in the MO 100 to the hard disk 62.

  In FIG. 5, the application 64 and the drive 20 are shown. The application 64 is a program that can be directly operated by an operator of the computer system 50 and that is executed by the CPU 55. Here, a program that instructs to transfer the right to use content in the MO 100 to the hard disk 62. Appears. Here, the drive 20 is a composite of the MO drive 60 and the hard disk drive 61 shown in FIG. A procedure for delegating the right to use the content stored in the MO 100 to the hard disk 62 will be described below, but here, the right to use the content to be delegated for the remaining 10 times remains in the MO 100. It is assumed that the right to use the three times is transferred to the hard disk 62.

  Here, for the sake of simplicity, it is assumed that there is only one content that can be delegated, and the term “content” means content that is delegated (or the right of use has been transferred to the hardware 62 as a result of the delegation). To do.

  (1) First, from the application 64 to the drive 20, it is specified to the drive 20 that the content delegation source is the MO 100 and the content delegation destination is the hard disk 62 (FIG. 5A).

  (2) Then, the drive 20 prepares to access the MO 100 and the hard disk 62, and when the drive 20 is ready, the drive 20 reports that the application 64 is ready (FIG. 5 ( B)).

  (3) Then, the application 64 sends a password for concealing information sent from the drive 20 to the application to the drive 20 (both the MO drive 60 and the hard disk drive 61), and also secures the MO100 secure area (FIG. 1, FIG. 2 (see 2), the right-of-use information is used as information indicating the number of times of use according to the premise described above, and the right-of-use information indicating that the MO100 is currently usable 10 times. A command to read “10” is issued to the drive 20 (FIG. 5C).

  (4) Then, the following processing is executed in the MO drive 60 (see FIG. 4) constituting the drive 20. Here, a CPU is also mounted in the MO drive 60, and a micro program for accessing the loaded MO 100 is also mounted. Firmware that combines the hardware and software of the MO drive 60 is installed. The processing in the MO drive 60 is executed.

  (4-1) Read the media ID of the MO 100 from the MID area of the MO 100 (see the MID area 11 in FIGS. 1 and 2).

  (4-2) The usage right information encrypted with the media ID is read from the secure area of the MO 100 (see the secure area 12 in FIGS. 1 and 2).

  (4-3) The read usage right information is decrypted with the media ID.

  (4-4) The decrypted usage right information is encoded with the password sent from the application 64 in the step (3).

  (4-5) The encoded information is transmitted to the application 64 (FIG. 5D).

  (5) Then, the application 64 executes the following processing.

  (5-1) The usage right information sent from the MO drive 60 is decoded with a password.

  (5-2) Confirm that the number of usable times represented by the decoded usage right information is not “0” indicating that it cannot be used any more (here, “10 representing the number of usable times is represented as“ 10 ”as a premise of explanation). 'Is set, not' 0 ').

  (5-3) This time, an instruction for reading the usage right information of the hard disk 62 to which the usage right is transferred is issued to the drive 20 (FIG. 5E). As described above, here, as a premise of the description, the hard disk 62 has been set with the right to use the content several times last time, and the usable number of times becomes “0”. Assumed.

  (6) Then, the hard disk drive 61 that drives the hard disk 62 executes the following processing. The hard disk drive 61 is also provided with a CPU and a microprogram, and the processing in the hard disk drive 61 is executed by firmware as a complex of the hardware and software, similarly to the processing in the MO drive 60.

  (6-1) Read the media ID of the hard disk 62 from the MID area of the hard disk 62 (see the MID area 31 in FIGS. 1 and 2).

  (6-2) Read the usage right information encrypted with the media ID of the hard disk 62 from the secure area of the hard disk 62 (see the secure area 32 in FIGS. 1 and 2).

  (6-3) The read usage right information is decrypted with the media ID of the hard disk 62.

  (6-4) The decrypted usage right information is encoded with the password sent from the application 64 in the above step (3).

  (6-5) The encoded usage right information is transmitted to the application 64 (FIG. 5F).

  (7) Then, the application 64 executes the following processing.

  (7-1) The usage right information sent from the hard disk drive 61 is decoded with a password.

  (7-2) It is confirmed that the decoded usage right information indicates the usable number of times “0”.

  If the number of usable times is not “0” and it is still usable, in the present embodiment, it is displayed on the display screen 52a (see FIG. 3) indicating that the number of usable times is still usable. The process is interrupted at this stage.

  Here, the usable number of times is “0” as a premise of the description, and in this case, the process proceeds further.

  (7-3) Information (referred to as new number information) representing the number of times of use newly set in the hard disk 62 (here, three times based on the premise of the description) is encoded with a password and the drive 20 (MO drive 60 And the hard disk drive 61 (FIG. 5G).

  (8) The MO drive 60 receives the new number information and executes the following processing.

  (8-1) Read the media ID of MO100.

  (8-2) Read the usage right information encrypted in the MO100 media ID stored in the MO100 secure area.

  (8-3) The encrypted usage right information is decrypted with the media ID of the MO 100 to extract the usable count “10”.

  (8-4) The password-encoded new number of times information sent from the application 64 is decoded with the password sent in step (3) above, and the usable number of times “3” is extracted.

  (8-5) A new usable number ‘7’ is obtained by subtracting the usable number ‘3’ to be transferred to the hard disk 62 from the usable number ‘10’ stored until now in the MO 100.

  (8-6) The new usage right information representing the new usable count “7” is encrypted with the media ID of the MO 100.

  (8-7) The encrypted new usage right information is overwritten on the usage right information representing the available number of times “10” stored in the MO 100 until then. As a result, the usable count “7” is set in the MO 100.

  (9) On the other hand, in the hard disk drive 61, the following processing is executed in response to the new number of times information sent in the above step (7-3).

  (9-1) The media ID of the hard disk 62 is read.

  (9-2) The password-encoded new number information sent from the application 64 is decoded with the password sent in the above step (3) to extract the usable number “3”.

  (9-3) The new usage right information representing the usable number of times “3” extracted by the decoding is encrypted with the media ID of the hard disk 62.

  (9-4) The encrypted new usage right information is overwritten on the usage right information representing the usable count “0” stored in the hard disk 62. As a result, the usable count “3” is set in the hard disk 62.

  (10) The drive 20 notifies the application 64 that the above-described use right transfer process has been completed.

  As described above, the right to use the content is delegated (here, part of the usage right is delegated).

  In the above description with reference to FIG. 5, the movement of the key itself for decrypting the content itself and the encrypted content from the MO 100 to the hard disk 62 is not mentioned. Describes the case where the number of times the content can be used is set again. Therefore, it is assumed that the content itself and the key for decrypting the content are already passed to the hard disk 62 at the time of the first transfer. . The content itself is moved (replicated) from the MO 100 to the hard disk 62 in the encrypted form at the time of the first transfer, and the above description is that the key is encrypted independently of the usage right information by each media ID. It is assumed that it is stored in each secure area.

  In the embodiment described with reference to FIG. 5, as described above, the application 64 and the drive 20 perform the process of delegating the right to use the content while performing various communications. Instead of the delegation process, the application 64 delegates the content for which the usage right is to be delegated, the delegation source of the right to use the content (here, MO100), the delegation destination (here, the hard disk 62), and the usage right that is being delegated After that, the process is entrusted to the drive 20 (in this case, both the MO drive 60 and the hard disk drive 61), the above delegation process is executed in the drive 20 independently of the application 64, and the delegation process is completed. And the delegation process is not successful due to some inconvenience. (For example, the number of usable times remained less than the number of usable times designated for delegation in MO 100, or the usable number of times for which delegation was last given to hard disk 62 was not yet '0'. Etc.) may be configured to report to the application 64 only.

  In addition, in the above description, the delegation process 60 is shared between the MO drive 60 and the hard disk drive 61, but one of the MO drive and the hard disk drive 61 is dedicated to access. The delegation process may be configured to be performed exclusively on the other side.

  FIG. 6 is a diagram showing an example of a computer network in which an embodiment of the license delegation apparatus of the present invention is incorporated, and FIG. 7 is a usage of content from one computer system constituting the computer network to another computer system. It is a figure which shows the procedure at the time of delegating the right.

  Here, a computer system 70 for content management and two computer systems 80 and 90 on the content use side are shown, and these three computer systems 70, 80 and 90 connect the communication line 200. Are connected to each other.

  Each of the computer systems 70, 80, 90 has the same configuration as the computer system 50 shown in FIG. That is, each computer system 70, 80, 90 includes each main body 71, 81, 91, each image display device 72, 82, 92, each keyboard 73, 83, 93, and each mouse 74, 84, 94. Further, each of the computer systems 70, 80, 90 has an internal configuration similar to the internal configuration shown in FIG. Detailed description is omitted.

  Here, it is assumed that the content management computer system 70 is installed at the head office of a certain company, and the computer systems 80 and 90 on the content use side are installed at each branch of the company. Hereinafter, for simplicity of explanation, the computer systems 70, 80, and 90 installed in the main store and each branch are referred to as the main store 70, the branch 80, and the branch 90 as they are.

  Here, it is assumed that licenses for all branches of various contents are purchased at the main store, licenses are distributed from the main store to the respective branches, and licenses for all the branches are managed at the main store. That is, here, even for the same content, a necessary number of usage rights are purchased at the head office, and the usage rights are distributed to the branches that need the content. The necessary number of usage rights for the same content here does not mean the number of times the content is used, but the use of the same content in the same way as purchasing a plurality of the same books (for example, 3). As many rights are purchased as necessary, and here, the purchased usage rights are meant. At the head office, the number of usage rights purchased and the remaining number of usage rights distributed to branches are managed, and each branch does not require multiple usage rights for the same content. For each content, it only manages whether or not the right of use exists in its own branch. The head office and each branch manage use right information of a large number of contents. Here, a list of the use right information of the many contents is referred to as 'license information'.

  Here, the right to use various contents has already been delegated from the head office 70 to the respective branches 80 and 90, and this time, the right to use certain contents to a branch from the head office 70 (here called the branch 80). (Here, the content for which a new usage right is to be delegated is referred to as “new content”), and here, a scene in which the usage right for the new content is delegated to the branch 80 will be described. . Here, it is assumed that the right to use the new content is transferred from the hard disk of the main store 70 to the hard disk of the branch office 80.

  (1) First, the head office 70 is notified to the branch office 80 that the right to use the new content is transferred (FIG. 7A).

  (2) Then, the branch office 80 receives the notification, sets the hard disk of the branch office 80 in a ready state, and reports that the head office 70 is ready when access is ready (FIG. 7B).

  (3) Then, the head office 70 sends a password for concealing information sent from the branch 80 to the branch 80, and further, permission information stored in the secure area of the hard disk of the branch 80 (each of the plurality of contents). A command is issued to send a list of information indicating the presence or absence of usage rights (FIG. 7C).

  (4) In response to this instruction, the branch 80 executes the following processing.

  (4-1) Read the media ID of the hard disk of the branch 80.

  (4-2) The license information encrypted with the media ID of the hard disk is read from the secure area of the hard disk of the branch 80.

  (4-3) Decrypt the read permission information with the read media ID.

  (4-4) The decrypted permission information and the media ID of the hard disk of the branch 80 are encoded with the password sent from the head office 70 in the above step (3).

  (4-5) The encoded permission information and media ID are sent to the head office 70 (FIG. 7D).

  (5) Then, the head office 70 executes the following processing.

  (5-1) The license information and the media ID sent from the branch 80 are decoded with the password.

  (5-2) Look at the decoded permission information, and confirm that there is no usage right for the new content to be transferred to the branch 80 from the branch 80. This is to avoid setting the same right to use the same content for the same branch.

  (5-3) The media ID of the hard disk of the main store 70 is read.

  (5-4) From the secure area of the hard disk of the head office 70, the license information encrypted with the media ID of the hard disk and the content that is also encrypted with the media ID and whose license is to be licensed is decrypted. Read the key to do.

  (5-5) The read permission information and key are decrypted with the read media ID.

  (5-6) With reference to the decrypted permission information, it is confirmed that there is a remaining usage right regarding the content (new content) to be newly delegated to the branch 80.

  If there is no remaining information, the branch 80 is informed that use of the new content cannot be permitted. Here, it is assumed that the right to use the new content remains in the head office 70.

  (5-7) The information indicating the right to use the new content in the permission information of the branch 80 decoded in the above step (5-1) is rewritten from “no use right” to “use right”.

  (5-8) Encode both the rewritten permission information and the key with a password.

  (5-9) The encrypted new content is read from the hard disk user area of the main store 70.

  (5-10) The encoded permission information and key, and the new encrypted content are sent to the branch 80 (FIG. 7E).

  (5-11) Further, in the head office 70, the number of usage rights related to the new contents for which the right of use is granted to the branch 80 in the license information of the head office 70 decrypted in the above step (5-5). The information is updated to new permission information by subtracting 1 from the information.

  (5-12) The new permission information updated in this way is encrypted with the media ID of the hard disk of the head office 70.

  (5-13) The encrypted new permission information is stored in the secure area of the hard disk of the head office 70 in place of the previous permission information stored therein.

  (6) The branch 80 receives the encoded permission information and key and the encrypted new content sent in the above step (5-10), and executes the following processing.

  (6-1) The received new content is stored in the user area of the hard disk of its own (branch 80) while being encrypted.

  (6-2) The received permission information and key are decoded with the password sent in the above step (3).

  (6-3) Read the media ID of the hard disk of own (branch 80).

  (6-4) The license information and key decoded with the password are encrypted with the read media ID.

  (6-5) The encrypted license information and key are stored in the secure area of the hard disk of their own (branch 80) so as to rewrite the license information stored so far.

  As described above, the right to use the new content is transferred from the head office 70 to the branch 80.

  As shown in each of the above embodiments, the license delegation apparatus of the present invention can be realized in one apparatus composed of one computer or the like or in a network connecting a plurality of computers and the like. .

It is a block diagram which shows one Embodiment of the license transfer apparatus of this invention. It is a schematic diagram for description of the license transfer apparatus shown in FIG. It is an external appearance perspective view which shows an example of the computer system by which one Embodiment of the license transfer apparatus of this invention is mounted. FIG. 4 is a block diagram showing a configuration of a computer system whose appearance is shown in FIG. 3. It is a figure which shows the procedure which delegates the use right of the content stored in MO to a hard disk. It is a figure which shows an example of the computer network in which one Embodiment of the license transfer apparatus of this invention was integrated. It is a figure which shows the procedure at the time of delegating the use right of a content from the computer system which comprises the computer network shown in FIG. 6 to another computer system.

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 1st storage medium 11 MID area 12 Secure area 13 User area 20 Drive 21 Decryption means 22 Encryption means 23 Content transfer means 30 2nd storage medium 31 MID area 32 Secure area 33 User area 41, 42 Usage right information 50 Computer System 51 Main Unit 51a MO Loading Port 52 Image Display Device 52a Display Screen 53 Keyboard 54 Mouse 55 CPU
56 Memory 57 Keyboard interface 58 Mouse interface 59 Display interface 60 MO drive 61 Hard disk drive 62 Hard disk 70, 80, 90 Computer system 71, 81, 91 Main unit 72, 82, 92 Image display device 73, 83, 93 Keyboard 74, 84 , 94 Mouse 100 MO (Magnetic optical disc)
200 communication line

Claims (6)

A media reading device for reading from a medium storing encrypted secure information obtained by encrypting a content encrypted with a predetermined key, a media ID for identifying itself, and an encryption key with the media ID. And
When there is an access request to the content on the media, a secure information decrypting unit that reads the encrypted secure information and the media ID from the media, and combines the read encrypted secure information with the read media ID;
Media decrypting means for decrypting the content on the media with the encryption key decrypted by the secure information decrypting means;
A license delegation apparatus comprising:   The encrypted key is recorded in an area protected from user writing of the medium, and the encrypted content is recorded in a user writable area of the medium. The license delegation apparatus according to claim 1.   The media ID is recorded in an area protected from user writing of the other medium, and the encrypted content is recorded in a user writable area of the other medium. The license delegation apparatus according to claim 1 or 2.   The encrypted content is recorded in a user writable area of the another medium, and the media ID is recorded in a media ID area of the other medium, and the encrypted content is recorded. The license delegation apparatus according to claim 1, wherein the key is recorded in a security area of the other medium, and the media ID area and the security area are areas protected from user writing. A computer that executes processing for reading from a medium that stores encrypted content that is encrypted with a predetermined key, a media ID that identifies the content, and an encryption key that is encrypted with the media ID. The
When there is an access request to the content on the media, secure information decrypting means for reading the encrypted secure information and the media ID from the media, and decrypting the read encrypted secure information with the read media ID,
Media decrypting means for decrypting the content on the media with the encryption key decrypted by the secure information decrypting means;
And a computer-readable recording medium storing a media reading program. A computer that executes processing for reading from a medium that stores encrypted content that is encrypted with a predetermined key, a media ID that identifies the content, and an encryption key that is encrypted with the media ID. But,
When there is an access request to the content on the media, a secure information decrypting step of reading the encrypted secure information and the media ID from the media, and decrypting the read encrypted secure information with the read media ID,
A media decrypting step for decrypting the content on the media with the encryption key decrypted in the secure information decrypting step;
A media reading method characterized by executing

Images