JP2009037532A - Content management apparatus - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To set a use period as a use condition of content data and to surely apply the condition of the use period. <P>SOLUTION: In the case of reproducing an encrypted content downloaded from a content server together with a content key for decrypting the content, a reproduction start date of the content is stored and reproduction time up to stop of the reproduction is counted. When the reproduction is stopped, a state that a reproduction stop date calculated by adding the reproduction time to the reproduction start time is newer than a date indicated by an inner clock (clock part 210) is confirmed, and then the content key is encrypted on the basis of the reproduction stop date, and the reproduction stop date and the encrypted content key are stored so as to be used for decryption at next content reproduction. In the next content reproduction, a state that a date indicated by the inner clock is advanced (newer) from the stored reproduction stop date is confirmed and the content key is decrypted on the basis of the reproduction stop date to acquire the content key and decode the content. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a content management apparatus for restricting the use of data (content data) including content composed of video and audio. In particular, the present invention relates to a content management apparatus for providing a viewing time limit as a viewing condition for content and ensuring that the viewing condition is observed.

  In recent years, digital content distribution services using the Internet and the like have begun to spread widely, but various content viewing restrictions have been made for the purpose of protecting the copyright of the content.

  For example, a content provider (content server) encrypts content data and distributes the content data to a content user (user's personal computer) via the Internet, and decrypts the content data only for a specific member ( Key) Information is sent, or the key information for decryption is sent only when the content user purchases online using a credit card, etc. A method is known in which only a user can decrypt and reproduce content data.

Furthermore, there is an increasing need to protect content data in response to various viewing restrictions such as the period and number of times that the content can be used. As a method for protecting content data related to such viewing conditions, for example, in Patent Document 1 below, a device that uses content is connected to a content provider or a third party server or device each time the content is used. Thus, a method for obtaining permission to use content is disclosed. Patent Document 2 below records date / time information as reference date / time information in order to eliminate communication for receiving content usage every time the content is used in an apparatus that uses the content. A method is disclosed in which the expiration date can be correctly applied only by a device that uses content by making it possible to detect that the clock has been illegally changed by comparing the current date and time information.
Japanese Patent Laid-Open No. 10-2222063 JP 2003-22339 A

  However, for example, according to the technique disclosed in Patent Document 1, there is a problem that it is necessary to perform communication for obtaining a use permission every time content is used. Further, according to the technique disclosed in Patent Document 2, although communication is not required as in the technique according to Patent Document 1, management information such as reference date / time information is basically an area where content data is recorded. For example, there is a problem that it is not assumed that a recording medium having no protection area is used.

  In addition, in the technique disclosed in Patent Document 2, management information is recorded in an area other than the protected area by encrypting and recording the management information. However, there is actually no correlation with the date and time information. For example, even if a prescribed value is used as a value for checking, the value against snooping can be protected, but it is not sufficient for detection of tampering to detect whether the value has been illegally changed. Therefore, even in this case, there is a problem in that it is difficult to ensure that the content use time limit is complied with in the content use device using the recording medium having no protection area.

  The present invention has been made in view of the above problems, and an object thereof is to provide a content management apparatus for setting a use time limit as a use condition of content data and ensuring that this use time limit condition is applied. .

In order to achieve the above object, according to the present invention, there is provided a content management apparatus for managing a content expiration date,
Reproduction state detection means for detecting the reproduction state of the content to be reproduced by decrypting the encrypted content using a content key;
Reproduction stop date and time acquisition means for acquiring date and time information including date and time when the reproduction stop of the content is detected by the reproduction state detection means as reproduction stop date and time information;
Content key encryption means for encrypting the content key using the reproduction stop date information acquired by the reproduction stop date acquisition means;
Information storage means for storing the content key encrypted by the content key encryption means and the reproduction stop date and time information so that they can be used for decrypting the encrypted content during the next content reproduction;
A content management apparatus is provided.

  Furthermore, in the present invention, in addition to the above-described configuration, it is preferable to include date / time information encryption means for encrypting the reproduction stop date / time information using unique information of the content management apparatus.

Furthermore, in the present invention, in addition to the above-described configuration, time measuring means for outputting date and time information indicating the current date and time,
Reproduction start date and time acquisition means for acquiring date and time information output from the timing means as reproduction start date and time information when the reproduction status detection means detects the reproduction start of the content;
Playback time measuring means for measuring the playback time from the start of playback of the content to the stop of playback;
Date and time information that calculates the date and time when the reproduction time is added to the date and time indicated by the reproduction start date and time information and outputs the first date and time information indicating the date and time when the reproduction state detection means detects the reproduction stop of the content A calculation means;
Date and time information acquisition means for acquiring date and time information output from the time measuring means as second date and time information when the reproduction state detection means detects the stop of playback of the content;
Date and time information comparing means for comparing the date and time indicated by the first date and time information with the date and time indicated by the second date and time information;
If the date and time indicated by the first date and time information coincides with the date and time indicated by the second date and time information as a result of the comparison by the date and time information comparison means, or the date and time indicated by the first date and time information, When the date and time indicated by the date and time information is advanced, either the first or second date and time information is used as the reproduction stop date and time information, and the content key encrypted by the information storage unit and the reproduction stop or the like Control is performed so that the date and time information is stored, and if the date and time indicated by the first date and time information is ahead of the date and time indicated by the second date and time information, the subsequent reproduction of the content is performed. Reproduction control means for controlling so as not to
It is suitable to have.

Furthermore, in the present invention, in addition to the above-described configuration, time measuring means for outputting date and time information indicating the current date and time,
Reproduction stop date and time information reading means for reading out the reproduction stop date and time information stored in the information storage means when the reproduction state detection means detects the reproduction start of the content;
Reproduction start date and time acquisition means for acquiring date and time information output from the timing means as reproduction start date and time information when the reproduction status detection means detects the reproduction start of the content;
Date and time information comparing means for comparing the date and time indicated by the reproduction stop date and time information with the date and time indicated by the reproduction start date and time information;
As a result of the comparison by the date / time information comparison means, if the date / time indicated by the reproduction start date / time information is ahead of the date / time indicated by the reproduction stop date / time information, the encrypted data is encoded using the reproduction stop date / time information. In addition to decrypting the content key, the encrypted content is controlled to be decrypted using the decrypted content key, and the date and time indicated by the reproduction stop date and time information and the date and time indicated by the reproduction start date and time information Or when the date indicated by the reproduction stop date / time information is ahead of the date / time indicated by the reproduction start date / time information, reproduction control means for controlling the content not to be reproduced, ,
It is suitable to have.

  The present invention has the above-described configuration, and has an effect of setting a use time limit as a use condition of content data and ensuring that this use time limit condition is applied. In addition, the present invention has an effect of ensuring that viewing conditions using time information are applied even in a content utilization device using a recording medium having no special protection area. In addition, the present invention has an effect of realizing more strict content protection because an unauthorized change of the clock is detected particularly in consideration of the reproduction time of the content data.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

  First, the configuration of the entire system according to the embodiment of the present invention will be described with reference to FIG. 1A. FIG. 1A is a diagram showing an example of the configuration of the entire system in the embodiment of the present invention. FIG. 1A shows a state in which the content server 100 and the content use device 200 are connected via the network 300.

  The content server 100 is a server for distributing content data (hereinafter also simply referred to as content), while the content using device 200 is content provided from the content server 100 via the network 300. It is an apparatus for receiving data and using (eg, reproducing) the received content data. That is, the content server 100 is a device on the content distribution side, and the content use device 200 is a device on the content user (user) side. The network 300 may be a global network such as the Internet, or may be a small network or a private network. Furthermore, the network 300 may be a simple link.

  Next, the configurations of the content server 100 and the content utilization device 200 illustrated in FIG. 1A will be described with reference to FIGS. 1B and 1C.

  FIG. 1B is a block diagram showing an example of the configuration of the content server in the embodiment of the present invention. In FIG. 1B, the functions of the content server 100 are schematically illustrated by blocks, but each of these functional blocks can be realized by hardware and / or software (program).

  1B includes a content data input unit 101, an encryption unit 102, a content data recording medium 103, a data recording / reading unit 104, a key information management unit 105, a content data management unit 106, an expiration date. An information management unit 107, a time measurement unit 108, a data transmission / reception unit 109, and a user information management unit 110 are included.

  The content data input unit 101 is an interface for capturing content from outside (an arbitrary content storage device or content recording medium). The content data input unit 101 is, for example, a camera or a microphone for moving image shooting when it is configured to directly record video, audio, or the like with the content server 100, from a recording medium on which content has already been recorded. This is an interface for acquiring content from a recording medium when reading content. Furthermore, when the data format of the content to be acquired is different from the data format that can be processed by the content server 100, the content data input unit 101 may convert the data format.

  Further, the encryption unit 102 has a function of performing encryption processing on the content acquired by the content data input unit 101 using a key (hereinafter also referred to as a content key). As will be described later, the content key used for the encryption process by the encryption unit 102 is generated by the key information management unit 105, and is stored and managed.

  Note that the encryption method employed for encryption in the encryption unit 102 is arbitrary. In general, when the amount of data is large, such as content data, encryption is performed by a common key encryption method capable of performing encryption / decryption processing at high speed, but many data are encrypted with the same key. Since this increases the possibility of unauthorized decryption, it is desirable to change the key at regular intervals. When changing the key, the key information management unit 105 generates a new key each time, and the key used for content encryption is stored in the content data management unit 106 as the content key. Added to the content list.

  In addition to the ECB (Electric Code Book) mode, various encryption modes including a CBC (Cipher Block Chaining) mode are known as the common key encryption method, and the encryption unit 102 selects any mode. It may be used, and the mode may be changed as appropriate. However, the decryption unit 207 existing in the content use apparatus 200 that uses encrypted content must be able to use the same encryption method and encryption mode as those used for encryption.

  The content data recording medium 103 is a recording medium for recording the content encrypted by the encryption unit 102 (hereinafter also referred to as encrypted content). Since the content data recording medium 103 records a large amount of content, for example, it is desirable that the content data recording medium 103 is a large-capacity hard disk device. However, as long as all content to be recorded can be recorded, an optical disk, magnetic tape, semiconductor memory, etc. Any kind of data recording medium including the above may be used.

  Further, the data recording / reading unit 104 has a function of recording the encrypted content encrypted by the encryption unit 102 on the content data recording medium 103, and conversely, the encrypted content recorded on the content data recording medium 103. Has a function of reading out. The data recording / reading unit 104 needs to be able to perform data recording / reading according to the content data recording medium 103, and if necessary, can also perform processing such as data modulation and error correction according to the content data recording medium 103. It is desirable.

  In addition, the key information management unit 105 has a function of generating a key (content key) used by the encryption unit 102 to encrypt content. Further, the key information management unit 105 has a function of storing and managing a content key used for content encryption by the encryption unit 102.

  The key information management unit 105 can randomly generate a key having the number of bits corresponding to the encryption method. For example, if the encryption method is DES (Data Encryption Standard), a 64-bit key (of which 8 bits are parity bits) is used, and if it is AES (Advanced Encryption Standard), the number of bits is 128, 192, or 256 bits. Generate a key for. In order to generate a random value, the output value of the linear feedback shift register may be used, or thermal noise may be used.

  Also, in common key cryptography such as DES, first, a fixed value is input and the result of encrypting the fixed input value is output as a content key. Thereafter, when the content key is required In addition, the result encrypted last time using the previously output result as an input may be output as the key of the next content. However, depending on the encryption method, if the first input value and the value used as the key satisfy a specific condition, there is a possibility that a specific value will be repeatedly output. Need to be selected.

  Further, the content data management unit 106 has a function of managing content recorded on the content data recording medium 103. Note that the content data management unit 106 holds a content list for storing various information related to content in order to manage the content. The information on the content managed by the content list is, for example, information on the content content such as the content title, performers and performers. The content list includes information for using the content such as a key (content key) used for encrypting the content, a content expiration date, and a fee for downloading the content, and content data recording medium 103. Information necessary for accessing the recorded content (address information on the content data recording medium 103) may be included.

  Further, the content data management unit 106 acquires the current date / time information output from the time measuring unit 108 when the content is recorded on the content data recording medium 103, and the date / time information on which the content is recorded on the content data recording medium 103 It may be recorded in a list. Further, if an input device such as a keyboard or a mouse is connected to the content server 100, information such as a content title may be set from the outside (for example, manually input by an operator of the content server 100).

  Further, the usage time limit information management unit 107 has a function of setting and managing a usage time limit for the content recorded in the content data recording medium 103. The usage time limit information includes, for example, a content ID that is information for specifying the content, and information indicating a period during which the use of the content is permitted. The period for permitting the use of content includes, for example, a method for expressing the period for permitting the use of content by a permission start date and time and a permission end date and a method for expressing the permission start date and time and a period for continuing permission (permit continuation period) Exists.

For example, the date / time information can be expressed using a BCD (Binary Coded Decimal) code, and when the period during which the use of the content is permitted is expressed by the permission start date / time and the permission end date / time,
For example, from 19:00 on September 27, 2006 to 18:59 on October 27, 2006 Permitted start time: 0010 0000 0000 0110 0000 1001 0010 0111 0001 1001 0000 0000
Permitted end time: 0010 0000 0000 0110 0001 0000 0010 0111 0001 1000 0101 1001
It can be expressed as

In addition, when the period for permitting the use of content is expressed by the permission start date and the period for continuing the permission,
For example, when the period for permitting use is 1 week on September 27, 2006 at 19:00 Permitted start time: 0010 0000 0000 0110 0000 1001 0010 0111 0001 1001 0000 0000
Permit duration: 0000 0111 0000 0000 0000 0000
It can be expressed as

  The timer 108 has a function of outputting current date information and is an internal clock of the content server 100. Note that the time measuring unit 108 preferably outputs accurate date and time information, and may have a function of correcting the time according to a signal from an external network or a received standard radio wave, for example.

  Further, the data transmission / reception unit 109 has a function of transmitting and receiving data to and from an apparatus (for example, the content using apparatus 200) that is connected to the network 300 and can communicate via the network 300.

  In addition, the user information management unit 110 has a function of storing and managing information related to the content user and the content use device 200 used by the content user.

  Although not shown in FIG. 1B, the content server 100 is a display unit that displays a CPU, a memory, an input device such as a keyboard and a mouse for operating the content server 100, and information for grasping the operation status. It is assumed that a general server device has a configuration and functions such as a display monitor, a power supply unit necessary for operating the content server 100, and the like.

  FIG. 1C is a block diagram showing an example of the configuration of the content use device according to the embodiment of the present invention. In FIG. 1C, the functions of the content using apparatus 200 are schematically illustrated by blocks, but each of these functional blocks can be realized by hardware and / or software (program).

  1C includes a data transmission / reception unit 201, a user information management unit 202, a user information input unit 203, a content data recording medium 204, a data recording / reading unit 205, and a content data management unit 206. A decryption unit 207, a key information management unit 208, an expiration date information management unit 209, a timing unit 210, and a content data output unit 211.

  The data transmission / reception unit 201 is connected to the network 300 and has a function of transmitting / receiving data to / from a device (for example, the content server 100) that can communicate via the network 300.

  In addition, the user information management unit 202 has a function of storing and managing information related to a content user who operates the content usage device 200.

  The user information input unit 203 is an interface for capturing input information (for example, user information) input by the content user.

  The content data recording medium 204 is a recording medium for recording the encrypted content downloaded from the content server 100 through the data transmission / reception unit 201. As with the content data recording medium 103, the content data recording medium 204 is preferably a large-capacity hard disk device, for example. However, as long as all contents to be recorded can be recorded, an optical disk, a magnetic tape, a semiconductor memory, etc. Or any other type of data recording medium.

  Further, the data recording / reading unit 205 has a function of recording the encrypted content downloaded from the content server 100 on the content data recording medium 204, and conversely, a function of reading the encrypted content recorded on the content data recording medium 204. have. Note that the data recording / reading unit 205 needs to be able to perform data recording / reading according to the content data recording medium 204, and can also perform processing such as data modulation and error correction according to the content data recording medium 204 if necessary. It is desirable.

  The content data management unit 206 has a function of managing content recorded on the content data recording medium 204. Note that content management is performed by, for example, a content list capable of storing various information related to each content. Furthermore, the content data management unit 206 has a playback control function for performing playback control of content based on a comparison result of date / time information (such as playback start date / time and playback stop date / time) when content is played back / stopped.

  In addition, the decryption unit 207 has a function of performing decryption processing on the encrypted content downloaded from the content server 100 using a key (content key). As will be described later, the content key used for the decryption process in the decryption unit 207 is generated and stored / managed by the key information management unit 208. Note that the decryption unit 207 needs to have a function of decrypting the encryption method employed by the encryption unit 102 of the content server 100.

  The key information management unit 208 has a function of generating a content key used by the decryption unit 207 to decrypt the content. Further, the key information management unit 208 generates information for generating a content key used for decrypting the content by the decryption unit 207 (for example, an encrypted content key, encrypted date / time information (playback stop date / time, etc.)). It has a function to store and manage.

  In addition, the usage time limit information management unit 209 has a function of storing and managing usage time limit information indicating a usage time limit that allows use of content. Further, the expiration date information management unit 209 stores the date / time information output from the time measuring unit 210 at the same time as the reproduction of the content in the content data output unit 211 as the reproduction start time, and the reproduction of the content in the content data output unit 211. It has a function of storing date and time information output from the time measuring unit 210 simultaneously with the stop as a playback stop time.

  The timer unit 210 has a function of outputting the current date and time information, and is an internal clock of the content use device 200. The timer unit 210 preferably outputs accurate date and time information. You may have a function which corrects time according to the signal from a network, or the received standard radio wave.

  The content data output unit 211 has a function of outputting the content decrypted by the decryption unit 207 to the outside. Note that the present invention does not specifically limit the method of using the content output from the content data output unit 211. For example, the content output from the content data output unit 211 can be used to output video or audio ( (That is, reproduction) may be performed, and output / recording may be performed on another device or a recording medium. The content data output unit 211 is, for example, a display monitor if the content to be played is video, and an amplifier for driving a speaker if the content is audio. In addition, when transferring content to another display device, the content data output unit 211 is an interface for data transfer.

  The content data output unit 211 has a function of measuring the playback time from the start of playback to the end of playback during playback of the content. The content data output unit 211 may have a timer for measuring the playback time. However, if the content is MPEG (Moving Picture Experts Group) data, the content playback unit 211 measures the time stamp to reproduce the content. It is possible to grasp the time.

  Although not shown in FIG. 1C, the content use device 200 includes an input unit for performing various operations such as content playback / stop / fast forward / rewind / pause, and a power supply unit for operating the content use device. It is assumed that the content playback apparatus such as a general video player or audio player has the configuration and functions.

  In addition, the content use device 200 has a content selection unit that allows a desired content to be selected from a plurality of contents, and the user selects content from a list of content titles, performers, performers, and the like. It is desirable that a specific content can be selected from a large number of contents by using an input device such as a display unit, a keyboard, a mouse, or a remote controller. Further, such a display unit and an input device can also be used when inputting user identification information, and the user information input unit 203 may also serve as an input interface for user identification information.

  Next, the basic operation of the content server 100 shown in FIG. 1 will be described with reference to the flowchart shown in FIG.

  First, content is input into the content server 100 through the content data input unit 101 of the content server 100 (step S401). When content is input to the content server 100 in this way, information regarding the input content is added to the content list in the content data management unit 106 and managed (step S402).

  Next, the key information management unit 105 generates key information (content key) necessary for encrypting the content (step S403). The key information generated in step S403 is supplied from the key information management unit 105 to the encryption unit 102 and the content data management unit 106. The content data management unit 106 adds the key information supplied from the key information management unit 105 as content key information to the content list corresponding to the content.

  On the other hand, the encryption unit 102 encrypts the content input through the content data input unit 101 using the key information supplied from the key information management unit 105 (step S404), and passes through the data recording / reading unit 104. The encrypted content is recorded on the content data recording medium 103 (step S405). Note that the processing up to step S405 is pre-processing that is performed in order for the content server 100 to distribute content to the content using apparatus 200.

  On the other hand, it is assumed that the content using device 200 requests the content server 100 to download a specific content in order to download the desired content. At this time, when the content server 100 receives a content request signal for requesting specific content from the content use device 200 (step S406), the content server 100 obtains the user information and the internal clock (time count unit 210) of the content use device 200. The content utilization apparatus 200 is requested for the current date and time information (step S407). Then, when the content server 100 receives the user information and the current date and time information from the content utilization device 200 (step S408), the content server 100 determines whether or not the content requested in step S406 can be distributed based on these information. . The user information received in step S408 is stored and managed by the user information management unit 110 of the content server 100.

  First, the content server 100 determines whether or not the current date and time information received from the content utilization device 200 matches the current date and time information output from the timekeeping unit 108 of the content server 100 itself or is within a certain error range. Judgment is made (step S409). When the current date and time information received from the content use device 200 does not match the current date and time information output from the time measuring unit 108 of the content server 100 itself and is not within a certain error range (that is, the content use device 200). In this case, the usage time limit information management unit 107 of the content server 100 indicates that the content cannot be transmitted because the date and time information is shifted with respect to the content use device 200, for example. A content transmission impossible signal is returned, and the process ends.

  Note that the certain error range is, for example, a time in consideration of communication waiting time (latency). In communication, it is difficult to maintain simultaneity, and even if the timing unit 108 of the content using device 200 outputs the same date and time information as the timing unit 210 of the content server, the content using device 200 outputs the date and time information. The transmission signal is processed into a transmission signal, transmitted to the content server 100 via the network 300, and the content server 100 performs processing for restoring date / time information from the transmission signal. It has been determined that the time has elapsed from the time when the date / time information is output until the time when the content server 100 refers to the date / time information, and the time is shifted by at least this time. The total sum of all the times related to the propagation and processing of information in such communication and apparatus is a constant error, which is a value depending on the communication path and the like. Further, even if the time range of the time measuring unit 108 of the content using device 200 and the time measuring unit 210 of the content server are taken into account, the error range may be arbitrarily expanded by several tens of seconds to several minutes. Good.

  On the other hand, if the current date and time information received from the content use device 200 matches the current date and time information output from the time measuring unit 108 of the content server 100 itself, or is within a certain error range, the content server 100 Then, based on the user information received from the content use device 200, it is determined whether or not the content download permission can be given to the user (step S410).

  This user information is information of a user (user) who uses the content use apparatus 200. For example, information for identifying an individual such as the name and address of the user and necessary for content purchase Information necessary for billing such as credit card information. The information for identifying the individual does not necessarily have to be the user's own information. A device ID storage unit that stores a device ID (device identification information) unique to the content use device 200 is provided in the content use device 200. Any information may be used as long as it can be distinguished from other devices, such as identifying using the device ID. In addition, a general prepaid card or the like may be used for information necessary for billing. In this case, an input device for inputting a prepaid card number is required for the content use device 200, and means for confirming the balance of the prepaid card is required for the content server 100. It should be noted that if this information is received as it is by a third party, the information may be misused, so it is desirable that the information be transmitted after being encrypted.

  For example, in step S410, whether or not to give download permission based on the user information is determined by first checking the charge for the corresponding content recorded in the content data management unit 106 and the information required when charging the user information. It is done by comparison with. When credit card information is included in the user information, it is necessary to inquire of the charge management server of the credit card company whether or not the content fee can be withdrawn. As for the prepaid card, for example, if the prepaid card is a card that is used only for communication with the content server 100, the remaining amount of the prepaid card is stored in the user information management unit 110, and there is a remaining amount from which content can be downloaded. Whether or not there exists may be referred to, or in the same manner as a credit card, an inquiry may be made as to whether or not points can be withdrawn by communicating with the point management server. In this case, if the balance of the prepaid card is equal to or more than the content fee, the requested content is allowed to be downloaded and the balance of the prepaid card is updated (reduced). Note that downloading to a specific content using apparatus may be prohibited regardless of the charge.

  If it is determined in step S410 that permission can be given to the content download request from the user (content utilization device 200) based on the user information, the content server 100 is necessary for content distribution, for example. A content transmission impossible signal indicating that charging could not be performed is returned, and the process ends.

  On the other hand, if it is determined in step S410 that permission for the content download request from the user (content use device 200) cannot be issued based on the user information, the requested content remains encrypted. In other words (in the encrypted content state), the data transmitting / receiving unit 109 transmits the content to the content using device 200 (step S411). Further, along with the transmission of the encrypted content, key information (content key) necessary for decrypting the encrypted content and expiration date information set for the content are transmitted.

  It is desirable that the content use time limit information is transmitted after being encrypted by the content server 100 so that the content use device 200 at the transmission destination cannot be illegally decrypted. For encryption of expiration date information, common key encryption can be used in the same way as content encryption. Key information used when encrypting expiration date information is key information common to the system. In addition, it is possible to use unique information (ID) of the content using apparatus 200 that is a transmission destination.

  On the other hand, even if the usage time limit information is encrypted, the content usage device 200 cannot decrypt the usage time limit information, but may be able to be tampered with. Therefore, even when the expiration date information is encrypted, a message digest is created from the expiration date information before encryption using a hash function such as SHA-1, and the secret key of the content server is used as the message digest. The digital signature information is created by using DSA (Digital Signature Algorithm) or the like, and the digital signature information and a public key for verifying the digital signature information are transmitted to the content usage apparatus 200 as a part of the usage information. do it.

  Note that the private key necessary for creating the electronic signature information and the public key necessary for verifying the electronic signature information are managed by the expiration date information management unit 107 of the content server 100, and the expiration date information management unit 107 stores the electronic signature information. Can be created. In the content usage apparatus 200 that has received the usage information including the electronic signature information and the public key for verifying the electronic signature information, the electronic signature information and the public key are, for example, the usage time limit information management unit 209 of the content usage apparatus 200. Is stored and managed.

  In addition, here, the content charging process based on the user information is performed. However, for example, when the content can be downloaded free of charge, this charging process is not necessary, and the content use apparatus 200 does not necessarily require it. There is no need to obtain user information.

  In addition, data transmitted / received between the content server 100 and the content using apparatus 200 is not transmitted / received at a time, but actually the data is transmitted / received in packets. For example, in the case of TCP / IP (Transmission Control Protocol / Internet Protocol), transmission / reception is performed with a destination MAC (Media Access Control) address or IP address added as a header, and a reception confirmation response is returned from the destination. In some cases. The present invention does not limit the data communication method between the content server 100 and the content using apparatus 200, and any data communication method can be adopted in the present invention.

  Next, a basic operation when the content using apparatus 200 illustrated in FIG. 1 downloads content from the content server 100 will be described with reference to the flowchart illustrated in FIG.

  When the content use device 200 downloads specific content from the content server 100, it transmits a content request signal to the content server 100 (step S501). The content request signal includes information for specifying the content. The information for specifying the content includes, for example, information such as an ID assigned in advance for specifying the content, but may be information such as a content name, a performer or a performer.

  Information for specifying such content is easily input by the user of the content utilization device 200 by providing the content utilization device 200 with an input device such as a keyboard and a mouse and a display monitor for confirming the input content. This makes it easy to select a desired content from a plurality of contents. Even if the user does not input a character string such as a content name, the user can obtain the content list from the content data management unit 106 of the content server 100 on the display monitor and display the content list so that the user can Alternatively, the content may be selected from the displayed content list using the above-described input device. Further, the user information input unit 203 may also serve as such an input device or a display monitor.

  The content request signal transmitted from the content utilization device 200 in this way is processed by the content server 100. The content use device 200 receives from the content server 100 a request for user information for using the content and date / time information output from the internal clock (clock unit 210) in the content use device 200 (step S502). Then, the content use device 200 transmits the user information and the current date and time information output from the time measuring unit 210 to the content server 100 (step S503). In addition, as described above, the user information includes information for specifying the user himself / herself or the content utilization device 200 and information necessary for billing such as credit card information necessary for content purchase. ing.

  As can be seen from the operation illustrated in FIG. 2, the content server 100 determines whether or not the content can be distributed to the content using device 200 based on the user information and the current date and time information output from the time measuring unit 210. decide.

  The content use device 200 receives a content transmission disable signal indicating that the content cannot be transmitted because the date and time information is shifted, and a content transmission disable signal indicating that the billing required for content distribution could not be performed. If received from the server 100 (“Yes” in step S504), the content download fails and the process ends.

  On the other hand, when the content server 100 determines that the content can be distributed to the content use device 200, the content use device 200 uses the key for decrypting the desired content (encrypted content) and the encrypted content. Information (content key) and usage time limit information are received from the content server 100 (step S505). These pieces of information (encrypted content, key information, expiration date information) are collectively recorded from the data recording / reading unit 205 to the content data recording medium 204 (step S506).

  For example, only the encrypted content may be recorded in the content data recording medium 204, and the key information and the expiration date information may be stored and managed by the key information management unit 208 and the expiration date information management unit 209. As the content is recorded, the content data management unit 206 creates a content list and records information about the recorded content in the content list. The above processing is processing for downloading and recording content from the content server 100, which is performed by the content using device 200.

  Next, a basic operation when the content use device 200 shown in FIG. 1 uses (reproduces) the encrypted content will be described with reference to the flowchart shown in FIG. .

  The user of the content use device 200, for example, by pressing a play button provided in the content use device 200, downloads the content from the content server 100 and records the encrypted content in the content data recording medium (FIG. 3). (Encrypted content recorded in step S506) can be reproduced. In this case, the content utilization apparatus 200 receives a signal for specifying the content to be reproduced and instructing the reproduction of the content (step S511). In addition, by installing an input device such as a display monitor, a keyboard, a mouse, or a remote controller, a user can easily select desired content as a playback target from among a plurality of playable content. desirable.

  When the content to be reproduced is specified, the expiration date information of the content to be reproduced is read from the content data recording medium 204, and whether or not the content to be reproduced is reproducible based on the expiration date information. Is determined (step S512). In determining whether or not the content can be played back, for example, confirmation is made as to whether the expiration date information has been tampered with or whether the content satisfies the playback conditions based on the expiration date information (comparison with the current date and time information). Is done.

  If it is determined in step S512 that the content can be reproduced, the data recording / reading unit 205 further reads out key information for decrypting the content to be reproduced from the content data recording medium 204 (or Generate key information from some information) and supply the encrypted content and key information (content key) to the decryption unit 207. The decryption unit 207 decrypts the encrypted content, and outputs the content (decrypted content) from the content data output unit 211 to the outside (step S513). In the present invention, the content key cannot be obtained (or generated), the content decryption in step S513 may fail, and the content may not be output.

  When the reproduction of the content is completed (for example, when the user presses the stop button and a content stop instruction is input), the key information is based on information (for example, reproduction time information) based on the current content reproduction. And the key information related to this content recorded on the content data recording medium 204 is overwritten with the updated key information (step S514).

  Next, details of the processing (determination of whether content can be played back and playback processing) shown in FIG. 4 will be described. As described above, the content use device 200 verifies that the usage time limit information has not been tampered with when determining whether or not the content can be reproduced. For example, the usage time limit information management unit 209 of the content usage device 200 verifies the authenticity of the electronic signature information of the usage time limit information of the content to be played back using the corresponding public key. If the authenticity of the electronic signature information cannot be confirmed, it is determined that the content expiration date information has been tampered with, and the content reproduction process is not performed.

  On the other hand, if the authenticity of the electronic signature information is confirmed as a result of verification and it can be determined that the expiration date information has not been tampered with, the current date is within the expiration date indicated by the expiration date information of the content. Is confirmed. When the usage time limit condition is not satisfied, the content reproduction process is not performed. On the other hand, when the usage time limit condition is satisfied, the decrypting unit 207 decodes the content and outputs (reproduces) the content.

  However, in the present invention, for example, the date and time information output from the internal clock (time measuring unit 210) of the content using device 200 is illegally changed so that the current date and time satisfies the usage expiration condition. The processing as shown in FIGS. 5 and 6 below is performed so that the illegal reproduction processing of the content is not performed by the change of the date information.

  Next, a description will be given of a process when reproduction of encrypted content is stopped by the content using apparatus 200 according to the embodiment of the present invention. FIG. 5 schematically shows an example of processing when reproduction of encrypted content is stopped by the content using apparatus according to the embodiment of the present invention.

  When content reproduction is started in the content use device 200, decryption of the encrypted content by the decryption unit 207 is started (Process A), and date / time information output from the time measuring unit 210 at the same time as reproduction start is the reproduction start date / time. (Process B). Also, during content playback, when content playback is stopped, for example, by a user inputting a playback stop instruction, the content playback time is output (Process C). Then, for example, the use time limit information management unit 209 adds the reproduction start time and the reproduction time, and calculates the first reproduction stop date (process D). Further, the usage time limit information management unit 209 stores the current date and time output from the time measuring unit 210 when the reproduction of the content is stopped as the second reproduction stop date and time (Processing E).

  Then, the usage time limit information management unit 209 compares the first and second playback stop dates and times (Processing F), and the two match or the second playback stop date and time is advanced (second playback stop date and time). If it is newer), the timing unit 210 knows that it is outputting the correct time without being tampered with. At this time, if the second playback stop date / time is advanced, it is determined that the date / time of the timing unit 210 has been tampered with, for example, a warning that the date / time of the timing unit 210 is incorrect. Etc. may be controlled so that subsequent processing (reproduction processing related to this content) cannot be performed.

  If the date / time of the time measuring unit 210 has not been tampered with illegally, the content key is encrypted using the playback stop date / time (first or second playback stop date / time) as an encryption key (process G), and the content up to that point Instead of the key, the encrypted content key is recorded as the content key of this content. In order to use the reproduction stop date and time as an encryption key, the number of bits necessary for encryption may be obtained by using a BCD code in the same way as the above-mentioned use period information, and transposition, other information and logical operations, etc. The predetermined result of calculation may be used. It is necessary to always obtain the same encryption key from the same playback stop date and time. When the content key is encrypted and recorded as described above, when the content is downloaded, the current date and time (that is, the download date and time) obtained from the timing unit 210 is used to encrypt and record the content key. May be. Further, since the reproduction stop date and time used for encrypting the content key may be illegally decrypted or falsified as it is, it is desirable that the key information management unit 208 encrypts and holds the information with the unique information of the content using device 200 ( Process H).

  Next, processing at the time of reproduction of encrypted content by the content utilization device in the embodiment of the present invention will be described. FIG. 6 schematically shows an example of processing at the time of reproduction of the encrypted content by the content utilization device in the embodiment of the present invention. The process at the time of reproduction of the encrypted content shown in FIG. 6 is basically performed by reversing the procedure of the process at the time of reproduction stop of the encrypted content shown in FIG. It is.

  When content reproduction is started in the content use device 200, the key information management unit 208 decrypts the encrypted reproduction stop date corresponding to the content using the unique information of the content use device 200 as a decryption key. As a result, information on the playback stop date and time when the previous playback was stopped is obtained (processing J).

  Next, the usage time limit information management unit 209 compares the reproduction stop date and time obtained by the decryption process with the current date and time obtained from the time measuring unit 210 (processing K). If the current date and time is later than the playback stop date and time obtained by the decoding process (or if both match), the subsequent processing is stopped so that playback is not performed. Note that the reproduction stop date and time obtained by the decoding process is the date and time when the previous reproduction was stopped, and the current date and time cannot normally be older than this. Therefore, when the current date and time is later than the reproduction stop date and time obtained by the decoding process, it is determined that the time measuring unit 210 is not operating correctly (or the time measuring unit 210 has been tampered with illegally). The playback process is stopped.

  Further, by recording the reproduction stop date and time used for encrypting the content key with the unique information of the content using apparatus 200 and recording it, the date and time when the reproduction stop date and time is intended even if the user tries to cheat. It is impossible to change it illegally. That is, if the playback stop date / time used for encrypting the content key is not encrypted, it is relatively easy to illegally play the content by altering the date / time to an older date / time. Even in the old and new relationship with the current date and time obtained from the time measuring unit 210, the date and time can be set so that no contradiction occurs.

  On the other hand, in the present invention, by encrypting the reproduction stop date and time used for encrypting the content key, it becomes difficult to tamper with the date and time, and even if an attempt is made to tamper with it, It is difficult to make the date and time possible. In addition, there is an advantage that the reproduction using other content using apparatus 200 cannot be performed by encrypting using the unique information of the content using apparatus 200.

  On the other hand, when the current date / time is ahead of the playback stop date / time obtained by the decryption process, the usage time limit information management unit 209 is encrypted using the playback stop date / time obtained by the decryption process as a decryption key. The content key is decrypted (process L). Then, using the content key obtained by the decryption process as a decryption key, the encrypted content to be reproduced is decrypted to obtain the decrypted content and the content is reproduced (Process M). As described with reference to FIG. 5, when the content is reproduced, the reproduction start date and time are stored and the reproduction time is measured.

  As described above, the date / time information is used as the encryption key for encrypting the content key (the key for decrypting the encrypted content), and the encryption key (date / time information) is constantly updated each time the content is played back. For this reason, it becomes difficult to illegally use the content by unauthorized tampering. Even if the date and time of the time measuring unit 210 is illegally changed, the clock is always advanced at least for the time required for reproduction every time it is reproduced, and a state in which the expiration date is not set for the content. It is impossible to continue playing the content.

  The operation of the present invention can be realized by a CPU (Central Processing Unit) mounted on a computer such as a PC (Personal Computer) executing a predetermined program. It is also possible to configure by hardware.

  The present invention has an effect of setting a use time limit as a use condition of content data and ensuring that this use time limit condition is applied, and includes data composed of video, audio, etc. Applicable to technology for restricting the use of (content data), and in particular, to technology for ensuring that viewing conditions for content are restricted so that the viewing conditions can be reliably observed Is possible.

It is a figure which shows an example of a structure of the whole system in embodiment of this invention. It is a block diagram which shows an example of a structure of the content server in embodiment of this invention. It is a block diagram which shows an example of a structure of the content utilization apparatus in embodiment of this invention. It is a flowchart which shows the basic operation | movement of the content server in embodiment of this invention. 5 is a flowchart showing a basic operation when a content use device downloads content from a content server in the embodiment of the present invention. 5 is a flowchart showing a basic operation when a content use device uses encrypted content in an embodiment of the present invention. It is a figure which shows typically an example of the process at the time of reproduction | regeneration stop of the encryption content by the content utilization apparatus in embodiment of this invention. It is a figure which shows typically an example of the process at the time of reproduction | regeneration of the encryption content by the content utilization apparatus in embodiment of this invention.

Explanation of symbols

DESCRIPTION OF SYMBOLS 100 Content server 101 Content data input part 102 Encryption part 103,204 Content data recording medium 104,205 Data recording / reading part 105,208 Key information management part 106,206 Content data management part 107,209 Expiration date information management part 108 , 210 Timekeeping unit 109, 201 Data transmission / reception unit 110, 202 User information management unit 200 Content usage device 203 User information input unit 207 Decoding unit 211 Content data output unit 300 Network

Claims (4)

A content management device that manages the expiration date of content,
Reproduction state detection means for detecting the reproduction state of the content to be reproduced by decrypting the encrypted content using a content key;
Reproduction stop date and time acquisition means for acquiring date and time information including date and time when the reproduction stop of the content is detected by the reproduction state detection means as reproduction stop date and time information;
Content key encryption means for encrypting the content key using the reproduction stop date information acquired by the reproduction stop date acquisition means;
Information storage means for storing the content key encrypted by the content key encryption means and the reproduction stop date and time information so that they can be used for decrypting the encrypted content during the next content reproduction;
A content management apparatus.   The content management apparatus according to claim 1, further comprising date / time information encryption means for encrypting the reproduction stop date / time information using unique information of the content management apparatus. A time measuring means for outputting date and time information indicating the current date and time;
Reproduction start date and time acquisition means for acquiring date and time information output from the timing means as reproduction start date and time information when the reproduction status detection means detects the reproduction start of the content;
Playback time measuring means for measuring the playback time from the start of playback of the content to the stop of playback;
Date and time information that calculates the date and time when the reproduction time is added to the date and time indicated by the reproduction start date and time information and outputs the first date and time information indicating the date and time when the reproduction state detection means detects the reproduction stop of the content A calculation means;
Date and time information acquisition means for acquiring date and time information output from the time measuring means as second date and time information when the reproduction state detection means detects the stop of playback of the content;
Date and time information comparing means for comparing the date and time indicated by the first date and time information with the date and time indicated by the second date and time information;
If the date and time indicated by the first date and time information coincides with the date and time indicated by the second date and time information as a result of the comparison by the date and time information comparison means, or the date and time indicated by the first date and time information, When the date and time indicated by the date and time information is advanced, either the first or second date and time information is used as the reproduction stop date and time information, and the content key encrypted by the information storage unit and the reproduction stop or the like Control is performed so that the date and time information is stored, and if the date and time indicated by the first date and time information is ahead of the date and time indicated by the second date and time information, the subsequent reproduction of the content is performed. Reproduction control means for controlling so as not to
The content management apparatus according to claim 1 or 2. A time measuring means for outputting date and time information indicating the current date and time;
Reproduction stop date and time information reading means for reading out the reproduction stop date and time information stored in the information storage means when the reproduction state detection means detects the reproduction start of the content;
Reproduction start date and time acquisition means for acquiring date and time information output from the timing means as reproduction start date and time information when the reproduction status detection means detects the reproduction start of the content;
Date and time information comparing means for comparing the date and time indicated by the reproduction stop date and time information with the date and time indicated by the reproduction start date and time information;
As a result of the comparison by the date / time information comparison means, if the date / time indicated by the reproduction start date / time information is ahead of the date / time indicated by the reproduction stop date / time information, the encrypted data is encoded using the reproduction stop date / time information. The content key is decrypted and the encrypted content is controlled to be decrypted using the decrypted content key, and the date and time indicated by the reproduction stop date and time information and the date and time indicated by the reproduction start date and time information Or when the date indicated by the reproduction stop date / time information is ahead of the date / time indicated by the reproduction start date / time information, reproduction control means for controlling the content not to be reproduced, ,
The content management apparatus according to claim 1 or 2.

Images