JP2009205627A - Storage area allocation method and information processor - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To allow a content provider to securely distribute a content to even a general-purpose information processor without theft of the content while holding versatility of the information processor. <P>SOLUTION: A content distribution server 1701 being a provision source of a content can safely distribute the content through Internet 1720 without theft of the content, even to a general-purpose information processor 100 like a PC whose software can be easily peeped at and tampered by the third person. This structure has a configuration allowing the use of existing specifications. In Figure 1, an interface 1712 and a GUI 1715 are not secured software (not required to be secured). Meanwhile, a player 1713, plug-in software 1714, and charging software 1716 are secured software. Modules 101A and 101B are secured LSIs. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a storage area allocating method and an information processing apparatus for providing content from a content providing source to an information processing apparatus that is a content providing destination.

  With the progress of the Internet, devices such as personal computers (hereinafter referred to as “PCs”) that allow third parties to look at and revise software are used as general-purpose information processing devices for content on the Internet. As a result, the content distributor can efficiently allow viewers from all over the world to view the content.

  If a “dedicated information processing device” is used, the content distributor is forced to develop a “dedicated information processing device” one by one, and is forced to bear a heavy burden. Moreover, since the technological progress is rapid, there is a risk that the “dedicated information processing apparatus” will soon become obsolete. If it is a software-oriented information processing device such as a PC, even if the technology becomes obsolete, if the software is upgraded, the old information processing device can be used as it is, and the development risk is Can be shared around the world.

  The general-purpose information processing apparatus is specified by TCG (Trusted Computing Group) of Non-Patent Document 1 below, and the content is specified by the international standard such as ISAN (International Standard-Audio-Video-Number) of Patent Document 2 below. There is a recognized standard.

  FIG. 17 is a system configuration diagram of a conventional content distribution system using the Internet. The content distributor obtains content from a plurality of content providers and stores it in the content distribution server 1701.

  A viewer who wants to view content first accesses the site of his / her favorite content distributor and registers as a user in the distributor. Information such as name, address, bank deposit number, personal identification number, and e-mail address is registered in the user information server 1702 of the distributor. Next, the distributor distributes content browsing software unique to the distributor to the viewer. Distributed is software that can be operated on the PC 1710 of the viewer.

  The viewer browses a list of contents existing in the content distribution server 1701 of the content distributor using the distributed software, and specifies if a desired content is found. The content distribution server 1701 distributes the designated content. The distributed content may be viewed after being temporarily stored in an HD (Hard Disk) 1711 on the PC 1710, or may be viewed immediately (streaming) without being stored in the HD 1711.

  The flow of content viewing is as follows. When the content passes through the Internet 1720, the content is encrypted and distributed to the content distribution server 1701. The PC 1710 receives this in an encrypted state by the interface 1712. Further, the encrypted content is decrypted after securely receiving the encryption / decryption key sent from the content distribution server 1701. The content is generally compressed when passing through the Internet 1720. Since the decrypted content is in a compressed state, it is decompressed.

  The PC 1710 has software called a player 1713. Since there are a plurality of compression methods used in the PC 1710, the player 1713 has a plurality of decompression software. These are called plug-in software (embeddable software) 1714, and when a new compression method appears, plug-in type decompression software corresponding to the compression method is incorporated into the player 1713, and the content can be viewed.

  Note that the player 1713 has a GUI (Graphical User Interface) 1715 and can change a content viewing format (for example, image size, image brightness, sound size, etc.). The viewing calendar of the content can be saved by the billing software 1716 on the viewer's PC 1710. Since there is a risk of falsification, the data is basically transmitted to the billing server 1703 and the user information server 1702 of the content distributor.

  The billing server 1703 charges the bank for a fee and performs a settlement process. The bank sends an invoice or receipt to the viewer's house, and the settlement ends. Note that the PC 1710 is a general-purpose information processing apparatus, and a substantial part of the interface and structure is open to the public. Because it is open to the public, a third party can arbitrarily develop a program, and an arbitrary program is distributed to PC users all over the world via the Internet 1720, so the PC 1710 has also become popular.

“Trusted Computing Group: TPM”, [online], Trusted Computing Group, [Search February 22, 2008], Internet <URL: https: // www. trustedcomputing group. org / groups / tpm /> “ISA (International Standard Audio Number)”, [online], International Standard Audio Number, [February 22, 2008 search], Internet <URL: http: // www. isan. org / portal / page? _pageid = 168, 1 & _add = portal & _schema = PORTAL>

  However, the above-described general-purpose information processing apparatus has a problem that it involves a security risk. This is because a third party can easily look into the existing content viewing software and revise the software to steal the content. In the case of content, there is a problem that this risk increases. This is because the content viewer wants to copy the content illegally.

  Specifically, there is a possibility that a content viewer will look into the content viewing software provided by the content distributor and develop software that will revise the software to steal the content. In addition, there is a possibility of downloading content “software revised to steal content” on the Internet and stealing content.

  For example, in the example of FIG. 17, the data on the PC 1710 can be viewed by a third party relatively freely. If this is prevented, the versatility of the PC 1710 is lost. For this reason, there is a possibility that software existing on the PC 1710 is copied without permission by “hacking” by a hacker, is analyzed, and a “hacking program” is developed. On the PC 1710, there are a billing program 1716 distributed by a content distributor and a content viewing program (player 1713). If this software has been tampered with by a hacker, the following can be assumed:

  If the content viewing program (player 1713) is hacked, the content may be decrypted and copied by hackers and viewers without permission and distributed to the Internet 1720 without permission. Although it may be a hacker to copy, in general, the viewer may also copy the content without permission. There is also the possibility that a hacker develops a hacking program, places it on any site on the Internet 1720, and viewers download the hacking program from this site and copy it without permission.

  Further, if the billing software 1716 is hacked, the bank account number may leak to the hacker without the viewer's knowledge, and the content may be viewed by the hacker without permission. In order to prevent this, current software makes it difficult to hack software by a technique called “obfuscation”. The first step in hacking is to “peek” at the software itself and “analyze” how it can tamper with the program and peek at the content the program processes.

  If “analysis” is made difficult, hacking can be prevented. For this reason, “obfuscation” complicates the program on purpose and makes “analysis”, which is the premise of “hacking”, difficult. However, no matter how complicated it is, it will be hacked and a hacking program will be developed if sufficient effort is made just by making it complicated. In the “obfuscation”, the industry as a whole recognizes that it is difficult to prevent sufficient hacking.

  The TCG of Non-Patent Document 1 executes PC identity verification at the time of PC startup (power-on) in a partially or incomplete manner. However, after startup, unauthorized software is downloaded via the Internet. There is a problem that the PC cannot be protected.

  Further, even if the identity verification of the PC at power-on is performed, there is a problem that only the software registered in the PC can be verified. In other words, if there is unregistered software, the identity of the PC including it cannot be verified, and it cannot be guaranteed if the unregistered software operates illegally after the PC starts up.

  In the first place, when third party software is downloaded freely via the Internet, there is no reason to be able to verify the identity of any software. For this reason, the identity verification in the current TCG is very ambiguous. The content industry, etc., is considered suspicious and is currently in a state of being reluctant to process important content on a PC. Although ISAN has been recognized internationally and a mechanism for providing a unique content number for each content has been created, it is still in the dark how to apply this.

  In order to solve the above-described problems caused by the prior art, the first object of the present invention is to allow content distributors to distribute content over the Internet without worrying about the content being stolen by a general-purpose information processing apparatus. .

  A second object is to provide a globally operable management system for content distribution in the world of general-purpose information processing devices. The Internet is a global common infrastructure. A personal computer, which is a general-purpose information processing device, is a common platform worldwide. These will be combined well to realize content distribution and content management that can be operated globally. A system that can distribute, manage, and charge how to identify general-purpose information processing devices scattered all over the world without having to be deceived by hackers and what kind of content is distributed to each specified device. For realization, it is essential to divert standards already recognized to some extent worldwide. This is because it takes a lot of time and effort to start a new standard.

  Therefore, a third object is to realize content distribution and content management that can be operated globally by diverting existing standards and technologies that are recognized to some extent worldwide.

  In order to solve the above-described problems and achieve the object, the storage area allocating method and the information processing apparatus receive information provided from the content provider as the storage destination of confidential information regarding the content via a network. A storage area allocating method and an information processing apparatus to be allocated in the apparatus, wherein a unique number of the information processing apparatus is generated by the provider and is mounted in a non-detachable manner on the information processing apparatus. The first secure module having a (Module) structure securely transfers the generated unique number from the provider to the second secure module having the TRM structure mounted on the information processing apparatus, and the second secure module A secure module transfers the confidential information and the transferred A hash value related to the combined information with the network number, and the second secure module securely stores the calculated hash value, the unique number, and the confidential information in a storage area in the information processing apparatus. Is a requirement.

  According to this storage area allocation method and information processing apparatus, a secure storage area for a content provider can be allocated to each provider in the information processing apparatus. In this secure storage area, confidential information regarding the content is stored.

  According to the storage area allocating method and the information processing apparatus, a general-purpose information processing apparatus has an effect that the content distributor can distribute the contents on the Internet without anxiety without stealing the contents. In addition, there is an effect that a general-purpose information processing apparatus can provide an operational management system for content distribution. Furthermore, there is an effect of realizing operational content distribution and content management by diverting existing standards and technologies within a recognized range as much as possible.

  Exemplary embodiments of a storage area allocation method and an information processing apparatus will be described below in detail with reference to the accompanying drawings. In the present embodiment, when a content provider (content distributor server 1701, user information server 1702, billing server 1703, etc.) of a content provider provides the content to an information processing apparatus via the Internet, This is a system in which confidential information (content processing history and personal information) related to content is allocated to a secure storage area in the apparatus and stored securely. Then, by securely monitoring software that handles confidential information (plug-in software 1714 and billing software 1716), the security of confidential information and content distribution is improved.

  FIG. 1 is a system configuration diagram of a content distribution system using the Internet according to an embodiment. The same contents as those in FIG. With the structure shown in FIG. 1, even in a general-purpose information processing apparatus 100 such as a PC that allows a third party to look at and tamper with software relatively easily, the content is not stolen. The content distribution server 1701 as a provider can distribute content on the Internet 1720 with peace of mind. Moreover, this structure becomes a structure which can divert the existing standard.

  In FIG. 1, an interface 1712 and a GUI 1715 are unsecured software (which is not necessary). On the other hand, the player 1713, plug-in software 1714, and billing software 1716 are secured software. The modules 101A and 101B are secured large scale integrations (LSIs).

  FIG. 2 is a block diagram illustrating a hardware configuration of the information processing apparatus. The information processing apparatus is versatile and becomes a content provider. In FIG. 2, the information processing apparatus includes an HD 1711, secure modules 101A and 101B, a CPU (Central Processing Unit) 201, a main memory 202, a south bridge 203, a graphics LSI 204, a graphic memory 205, and a display device. 206, a PCI (Peripheral Component Interconnect) bus 207, a local bus 208, and a non-volatile memory 210.

  The HD 1711 is a large-capacity storage device, and stores secure software (player 1713, plug-in software 1714, and billing software 1716) executed by the CPU 201, other software, distributed content, and various data. The secure software is encrypted and stored, and can be decrypted by the secure module 101B. The HD 1711 also stores content distributed from the content distribution server 1701 and a terminal number described later.

  The CPU 201 executes various arithmetic processes according to secure software stored in the HD 1711 and other software, and controls each unit of the apparatus. The main memory 202 is used as a work area for the CPU 201. The south bridge 203 has a function of interconnecting the CPU 201 and the PCI bus 207, and has a built-in bridge circuit.

  The graphics LSI 204 has a function of storing the decoded image information in the graphic memory 205 or displaying it as an image on the display device 206. The graphic memory 205 stores image information under the control of the graphics LSI 204.

The PCI bus 207 is a bus that interconnects the secure module 101B and the south bridge 203. A local bus 208 is a bus that interconnects the secure module 101A, the CPU 201, the south bridge 203, and the graphics LSI 204.

  Here, the secure modules 101A and 101B will be specifically described. The secure module 101A is, for example, a security chip called a TPM (Trusted Platform Module) LSI proposed by the Trusted Computing Group. The TPM LSI has the following functions (1) to (4) at a minimum.

(1) A function for storing a hash value of software used for finding falsification of software such as BIOS (Basic Input / Output System), OS (Operating System), and applications.
(2) A function for generating and holding a secret key stored in the TPM LSI used to ensure that a valid TPM LSI is used.
(3) A protected storage function for securely storing encryption keys.
(4) Public key cryptographic operations, random number generation, and hash calculation functions for safely and accurately executing cryptographic processing.

  That is, the secure module 101A can be used for improving the degree of security of the entire information processing apparatus 100, setting the terminal number of the information processing apparatus 100 (assigned from the content distribution server 1701), and the like. The secure module 101A includes a unique secret key that does not go out of the door, a related encryption / decryption function (public key, encryption / decryption function of a secret key pair, etc.), a hash value such as an OS function of the information processing apparatus 100, and the like. . Based on this unique secret key, the terminal number of the information processing apparatus 100 can be secured securely. It is possible to prove that the number is generated from the secure module 101A by linking the terminal number and the secret key.

  Further, the secure module 101B can access the nonvolatile memory 210. The secure module 101B is an LSI having a TRM (Tamper Resistant Module) structure, and is hardware that prevents peeping from the outside and preventing alteration of internal data.

  The TRM structure refers to a structure for physically and logically protecting internal analysis and tampering of a semiconductor chip (in this case, the secure module 101B). Specifically, in the secure module 101B, a strong and highly adhesive coating is applied inside, and when the surface is peeled off, the internal circuit is completely destroyed or dummy wiring is arranged.

  The secure module 101B has a function of reading secure software from the HD 1711, a function of irregularly rewriting the secure software installed in the main memory 202, a function of irregularly changing the positions of various buffers set in the main memory 202, and an encryption Function, decryption function, etc.

  The secure module 101B includes a processor 211 and an encryption circuit 212. The processor 211 executes various functions of the secure module 101B described above by executing firmware stored in an internal memory (not shown) of the secure module 101B. The encryption circuit 212 realizes an encryption function and a decryption function in cooperation with the processor 211. The nonvolatile memory 210 stores confidential information, hash values, and terminal numbers. Confidential information and hash values may be encrypted and stored. The confidential information will be described later.

  When there is a possibility that the nonvolatile memory 210 may be taken out externally, the contents of the nonvolatile memory 210 are encrypted. Otherwise (when there is no risk of being taken out), encryption is not necessary. In the case of encryption, there is generally a master key that does not go out of the gate in the secure module 101B. A confidential information key is randomly generated in the secure module 101B, and the confidential information is encrypted with the confidential information key. Further, the confidential information key is encrypted with the master key and is also stored in the nonvolatile memory 210. Thereby, confidential information can be securely stored.

  Here, the secure module 101B will be described more specifically. The secure module 101B in the present embodiment realizes software security by LSI hardware monitoring instead of the “obfuscation” described in the above-described conventional technology, or in combination with the conventional “obfuscation”.

  LSI, which is hardware, is several times more secure than “obfuscated” software. Peeping, analyzing, and tampering with "obfuscated" software can be done with sufficient effort. On the other hand, it can be easily imagined that it is extremely difficult to analyze the electrical signal in the LSI and to tamper with the LSI, compared with peeping & analyzing & tampering with software.

  The secure module 101B is generally a TRM-structured LSI that cannot be viewed or tampered from the outside. Using this TRM structure as a reliability base, the secure area is expanded. Only the reliability base is an LSI (secure module 101B), and software on the information processing apparatus 100 is used to realize other functions, so that software flexibility (LSI is difficult to change and modify) and low cost (software equipment) (Because the assets of the information processing apparatus 100 can be diverted).

  Note that the implementation method of “LSI hardware monitoring” instead of “obfuscation” of software security is to apply, for example, the secure modules of Japanese Patent Laid-Open Nos. 2003-198527 and 2004-129227 as they are to the secure module 101B. Can be realized. Specifically, for example, the LSI hardware monitoring shown in the following 1) to 3) is realized. The secure software LSI hardware monitoring may be configured such that the secure module 101B can execute at least one of the following 1) to 3).

1) First, LSI hardware monitoring is realized by randomly scanning (reading) a program code of secure software to calculate a hash value. The calculated hash value is compared with the hash value of the secure software stored in the nonvolatile memory 210 in advance. If the hash values match, it can be confirmed that the secure software has not been tampered with.

2) Secondly, when the secure software is started on the information processing apparatus 100, LSI hardware monitoring is realized by reconfiguring the program code of the secure software. The reconfiguration means that the secure module 101B “replaces the program code of the secure software with a different program code although the function is the same when the secure software is activated”. At the time of this reconfiguration, the hash value of 1) is calculated and stored in the nonvolatile memory 210.

  Specifically, for example, the program code is divided into a plurality of program codes that can be shuffled, and the secure module 101B shuffles at random at startup. When shuffled, a jump instruction is embedded in each divided code so that the program after shuffling can be executed in the same manner as before shuffling.

  It is also possible to replace it with “program code that works the same but is different”. For example, the program code “X = 10−9 + 2Y−Y” obtained by replacing the program code “X = 1 + Y” is the same as that before the replacement, but is another program code. In this way, the secure software program code becomes "same work but different program code" every time it is started. Hackers can obtain the code of secure software by “peek”, but the program code is different every time, so it is difficult to analyze. Also, there is an advantage that it is not possible to know which part of the program code has the important code.

3) Thirdly, using the “secret number communication program”, LSI hardware monitoring is performed by communicating and authenticating between the secure software and the secure module 101B based on the “secret number” after starting the secure software. Realize.

  This “secret number communication program” is a program for communicating the “secret number” between the secure module 101B and the secure software in the secure software so that the secure module 101B confirms the safety of the secure software. It is.

  For example, after the secure module 101B notifies the secure software of the secret number, the secure software returns a regular secret number to the secure module 101B. Here, when a number other than the regular secret number is returned to the secure module 101B, the secure module 101B determines that the secure software has been tampered with. The secret number may be a number sequence composed of a plurality of numbers.

For this reason, since the “secret number” comes from the secure module 101B (an area that cannot be tampered with and peeped from the outside), it cannot be estimated in advance, and very high security can be ensured. As a result, it is possible to prevent falsification of secure software that has not been scanned in 1) above.

  The content itself is generally transmitted in an encrypted state on the Internet 1720 and stored in the HD 1711 in an encrypted state. When viewing, this is decrypted by the content viewing program (player 1713). The secure module 101B monitors that the content viewing program is not hacked. The secure software is also encrypted and stored in the HD 1711, but is decrypted by the secure module 101B.

  In addition, the secure module 101B holds a decryption key for the encrypted content on the HD 1711, and the encrypted content can be decrypted by providing it to the content viewing program. The content decryption key is received securely (for example, public key cryptosystem) from the content distribution server 1701, for example.

(Function sharing between secure module 101A and secure module 101B)
The secure module 101A calculates a hash value of software code (BIOS, OS, secure software (player 1713, plug-in software 1714, and billing software 1716)) to be loaded when the information processing apparatus 100 is started up and recorded in advance. By confirming the match with the hash value, it is checked that there is no abnormality in the state when the PC is activated (the OS or the like has not been tampered with). If an abnormality is detected, take measures such as notifying the user.

  However, the secure module 101A calculates the hash value of the software code only when the information processing apparatus 100 is activated, and cannot detect falsification of the software code after the information processing apparatus 100 is activated. Moreover, even if it says a software code, all the program codes which exist on PC cannot be confirmed only by carrying out the hash confirmation of the program code of the secure software registered among the secure software. Therefore, unregistered secure software program code exists in the PC and cannot be detected even if it is tampered with after the information processing apparatus 100 is activated. Nor can peeping be prevented. The improvement in the degree of security stays at a certain level, not 100%.

  The secure module 101B performs 1) falsification detection by code scanning, 2) prevention of peeping by reconfiguration, and the like of the program code in operation. The function of the secure module 101A is to measure the degree of PC security when the information processing apparatus 100 is started up, to improve the degree of security, and to prove the terminal number of the information processing apparatus 100. The terminal number of the information processing apparatus 100 is a unique number given from the content distribution server 1701.

  Note that the secure module 101A is fixed to the information processing apparatus 100. That is, it is mounted so that it cannot be easily separated from the information processing apparatus 100. Specifically, for example, the secure module 101A is covered with a mold package. The secure module 101A is mounted so that it cannot be restored once it is disconnected from the information processing apparatus 100.

  Specifically, for example, the structure cannot be restored to the original by the above-described mold package. Further, by mounting on the mother board by BGA (Ball Grid Array) on the connection surface of the secure module 101A, once the terminal is removed, the same terminal connection cannot be made again. With such a structure, the secure module 101A can guarantee the unique number of the information processing apparatus 100.

  As described above, since the secure module 101A is fixed to the information processing apparatus 100 and cannot be removed, secure connection between the secure modules 101A and 101B (connection without confirming with a third party while confirming with the person) ), The terminal number of the information processing apparatus 100 possessed by the secure module 101A can be securely given to the secure module 101B. Specifically, for example, it can be realized by a public key cryptosystem. Note that the TRM structure of the secure module 101B has a function of a TPM structure like the secure module 101A.

(Content of confidential information)
FIG. 3 is an explanatory diagram showing the contents of confidential information. The confidential information S is information including information related to content (hereinafter, “content information 301”) and personal information 303. The content information 301 can be divided for each content distributor and for each provider. The actual management depends on the business scheme.

  The content information 301 includes, for example, a unique number (ISAN number) of the content, a content viewing history (number of times, date), a viewing fee, a commercial viewing calendar (number of times, date) associated with content viewing, and commercial viewing. Includes information on the processing results of the content, such as the access calendar (number of times, date) of the Internet and the product purchase calendar (product, purchase source, number of times, date). The ISAN number is a content number that is guaranteed to be the only in the world.

  If the content is copied or moved, the unique number (ISAN number) of the content, the copy calendar of the content (number of times, date), copy fee, commercial viewing calendar accompanying the content viewing (number of times, year) Month and date), the access calendar (number of times, date) to the Internet site associated with the commercial viewing, the product purchase calendar (product, purchase source, number of times, date), and the like.

  The personal information 303 includes an information disclosure range setting (non-disclosure, anonymous disclosure, distributor disclosure, provider disclosure) and an anonymous disclosure double public disclosure (public unique number, date / time, disclosure partner). There is. The general personal information 303 includes age, sex, preference, region, and the like. Private information includes name, address, bank deposit number, office, and work calendar.

  The content information 301 is generated by a content processing application (for example, plug-in software 1714). The confidential information S generally needs to be stored securely because it is not easy for someone else to peep or tamper with it. As a method for securely storing, for example, the encrypted data is stored in the nonvolatile memory 210 attached to the secure module 101B. In this case, only the secure module 101B can access the confidential information S.

(Terminal registration / Secure area setting sequence)
FIG. 4 is a sequence diagram showing a terminal registration / secure area setting sequence. In the following sequence diagrams, for simplicity, the secure module 101A is represented as “LSI-A” and the secure module 101B is represented as “LSI-B”.

  First, the secure module 101A transmits a contract request (including an LSI-A public key and a secure software tampering confirmation result) to the content distribution server 1701 (step S401). The tampering confirmation result is a result obtained from the secure modules 101A and 101B.

  Upon receiving the contract request, the content distribution server 1701 confirms the safety from the falsification confirmation result (step S402). In the safety confirmation, for example, if no alteration is confirmed in the alteration confirmation result, it is determined to be safe. The content distribution server 1701 generates a random number and a terminal number (step S403). The terminal number is a number unique to the information processing apparatus 100 that has made a contract quest. Then, the random number and the terminal number are transmitted to the secure module 101A (step S405).

  The secure module 101A registers the received terminal number (step S405), and transmits the terminal number to the secure module 101B (step S406). Communication between the secure modules 101A and 101B will be described later. The terminal number is stored in the nonvolatile memory 210 that can be accessed only by the secure module 101B. The secure module 101B reads the personal information 303 from the nonvolatile memory 210 and transmits it to the secure module 101A (step S407).

  The secure module 101A calculates a hash value of “personal information 303 + random number + terminal number” (step S408). “Xxx + yyy” is a data string in which xxx and yyy are connected. Therefore, “personal information 303 + random number + terminal number” is a unique data string. The secure module 101A encrypts the calculated hash value with the secret key (step S409), and transmits “personal information 303 + random number + terminal number” and the encrypted hash value to the content distribution server 1701 (step S410). .

  The content distribution server 1701 calculates a hash value of “personal information 303 + random number + terminal number” (step S411). Also, the encrypted hash value is decrypted with the public key of the secure module 101A received in step S401 (step S412). Then, the hash value calculated in step S411 and the hash value decrypted in step S412 are determined to match (step S413).

  If they match, the terminal number is formally registered as the terminal number of the information processing apparatus 100 (step S414), and a registration completion notification is transmitted to the secure module 101B (step S415). Only the secure module 101A that knows the secret key paired with the public key can generate a hash value that can be decrypted with the public key. In addition, since “random numbers” are exchanged, the information is not received mechanically by a third party in advance (referred to as a replay attack), but is certainly transmitted from the information processing apparatus 100 installed in the secure module 101A. Can be confirmed. When the secure module 101B receives a registration completion notification from the content distribution server 1701, the secure module 101B executes a process for storing the confidential information S (step S416).

  FIG. 5 is a flowchart showing a detailed processing procedure of the confidential information S storage processing (step S416). In FIG. 5, the terminal number is added to the head of the confidential information S (step S501), and the hash value of “terminal number + confidential information” is calculated (step S502). Then, the calculated hash value and confidential information S are encrypted with the master key of the secure module 101B (step S503). The encrypted hash value and encrypted confidential information S are stored in the nonvolatile memory 210 (step S504). Thereby, the confidential information S can be securely stored.

(Secure software monitoring sequence)
FIG. 6 is a sequence diagram showing a monitoring sequence of secure software. The secure software monitoring sequence is a sequence in which the secure modules 101A and 101B monitor the secure software when the information processing apparatus 100 is started and when the secure software is executed in order to prevent hacking.

  First, activation of the terminal is detected in the secure modules 101A and 101B (steps S601 and S602), and the secure module 101A calculates a hash value of the program code of the secure software (step S603). Then, the hash value of the program code of the secure software that has already been calculated is read out, and the hash value match determination is performed (step S604). If the hash values match, it can be seen that the data has not been tampered with. Thereafter, the determination result is output (step S605).

  The secure module 101B requests a random number and a terminal number after detecting activation (step S606). Upon receiving the request, the secure module 101A generates a random number (step S607), calculates a hash value of “random number + terminal number” (step S608), and uses the calculated hash value as the private key of the secure module 101A. (Step S609). Then, “random number + terminal number” and the encrypted hash value are transmitted to the secure module 101B (step S610).

  The secure module 101B calculates a hash value of “random number + terminal number” using the same hash function as that of the secure module 101A (step S611), and decrypts the encrypted hash value using the public key of the secure module 101A (step S612). Then, a hash value matching determination is performed (step S613). Since the hash value is always stored as the latest value, if the hash values do not match, the abnormality of the secure module 101A can be detected early. Here, if the hash values match, the terminal number assigned to the information processing apparatus 100 has been successfully transmitted to the secure module 101B without being removed while the secure module 101A is mounted on the information processing apparatus 100. It is confirmed.

  After the validity of the communication is confirmed in this way, the secure module 101B executes secure software monitoring processing (step S614). Specifically, for example, at least one of secure hardware LSI hardware monitoring (1) to 3) described above is executed. As a result, it is possible to prevent tampering during startup and execution of the secure software.

(Content distribution sequence)
FIG. 7 is a sequence diagram showing a content distribution sequence. The content distribution sequence is a sequence in which content is securely distributed and securely decrypted in the secure module 101B.

  First, the secure module 101B acquires the public key of the content distribution server 1701 (step S701), and transmits a content distribution request to the content distribution server 1701 (step S702). Upon receiving the content distribution request, the content distribution server 1701 transmits the encrypted content obtained by encrypting the requested content to the secure module 101B of the information processing apparatus (step S703).

  When the secure module 101B receives the encrypted content, the secure module 101B generates a random number (step S704), and transmits a request for a content decryption key (including a random number) to the content distribution server 1701 (step S705).

  The content distribution server 1701 calculates a hash value of “random number + content decryption key” (step S706), and encrypts the calculated hash value with a secret key (step S707). Then, “random number + content decryption key” and the encrypted hash value are transmitted to the secure module 101B (step S708).

  The secure module 101B decrypts the encrypted hash value with the public key of the content distribution server 1701 (step S709), and calculates the hash value of “random number + content decryption key” with the same hash function as the hash function of the content distribution server 1701. (Step S710). Then, a match determination between the decrypted hash value and the calculated hash value is performed (step S711). Since a one-time random number is used to calculate the hash value, it can be seen that the content decryption key is not legitimate data if the hash values do not match. If they match, the content decryption key included in “random number + content decryption key” is valid data.

  Since the secure module 101B knows the random number generated by itself, it extracts the content decryption key from “random number + content decryption key”, and decrypts the encrypted content with the content decryption key (step S712). As a result, the secure module 101B can receive the content decryption key securely while being sure that the content is distributed from the content distribution server 1701. Therefore, content can be delivered securely.

(Renewal sequence of confidential information S)
FIG. 8 is a sequence diagram showing an update sequence of the confidential information S. The confidential information S update sequence is a sequence in which the confidential information S securely stored by the secure module 101B is securely updated and securely stored again. The confidential information S is updated when, for example, the content is viewed or the content is copied / moved to another recording medium (internal HD, DVD, external HD).

  In FIG. 8, first, when the secure software for processing the content processes the decrypted content (for example, reproduction, copying, moving) (step S801), an update request for the confidential information S is transmitted to the secure module 101B (step S801). Step S802). The secure module 101B reads the encrypted confidential information S in the nonvolatile memory 210 (step S803), and decrypts the encrypted confidential information S with the master key (step S804). Then, a hash value of “terminal number + confidential information S” is calculated (step S805).

  Further, the hash value in the nonvolatile memory 210 is extracted (step S806), and the calculated hash value is matched with the extracted hash value (step S807). Since the hash value is always stored as the latest value, it can be seen that if the hash values do not match, the confidential information S or the terminal number is different. If they match, since it is confirmed that the access is normal from the secure software, the confidential information S is updated (step S808). For example, when the content is viewed, the number of times of viewing is added once. Then, a process for re-storing the updated confidential information S is executed (step S809).

  FIG. 9 is a flowchart showing a detailed processing procedure of the re-storing process (step S809) of the confidential information S after the update. First, the terminal number is added to the head of the updated confidential information S (step S901), and the hash value of “terminal number + updated confidential information S” is calculated (step S902). Further, the calculated hash value and the updated confidential information S are encrypted with the master key of the secure module 101B (step S903). Then, the encrypted hash value and the encrypted confidential information S are stored in the nonvolatile memory 210 (step S904). The encrypted hash value before update is discarded by overwriting the updated encrypted hash value. Thereby, the updated confidential information S can also be securely stored.

(Browsing sequence of confidential information S)
FIG. 10 is a sequence diagram showing a browsing sequence of the confidential information S. The browsing sequence of the confidential information S is a sequence for securely browsing the confidential information S stored securely in the information processing apparatus 100 from the content distribution server 1701.

  First, the content distribution server 1701 transmits a browsing request for confidential information S (step S1001). When receiving the browsing request, the secure module 101B reads the encrypted confidential information S in the nonvolatile memory 210 (step S1002), and decrypts the encrypted confidential information S with the master key (step S1003). Then, the hash value of “terminal number + confidential information S” is calculated (step S1004).

  Further, the hash value in the nonvolatile memory 210 is extracted (step S1005), and the calculated hash value and the extracted hash value are determined to match (step S1006). Since the hash value is always stored as the latest value, it can be seen that if the hash values do not match, the confidential information S or the terminal number is different. If they match, since it is confirmed that the access is normal from the content distribution server 1701, “terminal number + confidential information S” is encrypted with the public key of the content distribution server 1701 (step S1007), and content distribution is performed. The encrypted “terminal number + confidential information S” (encrypted information) is transmitted to the server 1701 (step S1008).

  The content distribution server 1701 receives the encrypted information and decrypts it with the secret key (step S1009). Then, the confidential information S is extracted from the decrypted “terminal number + confidential information S” (step S1010). Since the content distribution server 1701 knows the terminal number, the confidential information S can be extracted from “terminal number + confidential information”. The operator of the content distribution server 1701 can browse the confidential information S by displaying the confidential information S (step S1011). As a result, the confidential information S stored securely can be securely transmitted only to an external authorized person (content distribution server 1701). Therefore, the secure confidential information S can be securely browsed from the outside.

  In the above-described embodiment, the secret information S is stored securely in the nonvolatile memory 210 that can be accessed only by the secure module 101B. However, the secret information S may be stored in the HD 1711. For example, when the capacity of the nonvolatile memory 210 is insufficient, the secure area is securely extended to the HD 1711 of the information processing apparatus 100. Thereby, the secure area can be practically infinite.

  FIG. 11 is a block diagram (part 2) illustrating the hardware configuration of the information processing apparatus 100. The hardware configuration itself is the same as the hardware configuration shown in FIG. In FIG. 11, HD 1711 stores encrypted confidential information corresponding to a plurality of contents. Here, the content of distributor B1 is C1, and the content of distributor B2 is C2. The confidential information for the distributor B1 is confidential information S1, the encrypted confidential information is E (S1), the confidential information for the distributor B2 is confidential information S2, and the encrypted confidential information is E (S2). ). The nonvolatile memory 210 stores an encrypted hash value E (H1) for the content C1 and an encrypted hash value E (H2) for the content C2.

  FIG. 12 is an explanatory diagram showing the confidential information shown in FIG. The confidential information S1 includes content information 301 and personal information 303 of the distributor B1. The confidential information S2 includes content information 302 and personal information 303 of the distributor B2. If the confidential information S1 is encrypted, it becomes encrypted confidential information E (S1), and if the confidential information S2 is encrypted, it becomes encrypted confidential information E (S2). When the secure storage area is expanded to HD 1711, the confidential information S storage processing (step S416) shown in FIGS. 4 and 5 is performed as follows.

  FIG. 13 is a flowchart showing a detailed processing procedure of the confidential information S1 and S2 storage processing (step S416) when the secure area is expanded. Here, the confidential information S1 will be described as an example. In FIG. 13, a terminal number is added to the head of confidential information S1 (step S1301), and a hash value of “terminal number + confidential information” is calculated (step S1302). The calculated hash value is set as H1. In the case of the confidential information S2, the hash value H2. This hash value H1 and confidential information S1 are encrypted with the master key of the secure module 101B (step S1303). The encrypted hash value E (H1) (in the case of confidential information S2, the encrypted hash value E (H2)) is stored in the nonvolatile memory 210 (step S1304).

  Further, a secure area is set out of the areas in the HD 1711 (step S1305), and the encrypted confidential information E (S1) is stored in the HD 1711 (step S1306). Thereby, the secure storage area can be expanded virtually infinitely. Such a process is the same for the re-storing process (step S809) of the confidential information S1 after the update.

  FIG. 14 is a flowchart showing a detailed processing procedure of the re-storing process (step S809) of the confidential information S1 after the update. First, the terminal number is added to the head of the updated confidential information S1 (step S1401), and the hash value of “terminal number + updated confidential information” is calculated (step S1402). Also, the newly calculated hash value H1 and the updated confidential information S1 are encrypted with the master key of the secure module 101B (step S1403).

  Then, the encrypted hash values E (H1) and E (H2) are stored in the nonvolatile memory 210 (step S1404). Also, the encrypted confidential information E (S1) and E (S2) are stored in the HD 1711 (step S1405). Thereby, even when the secure area is expanded, confidential information can be securely stored.

  In the embodiment described above, the secure modules 101A and 101B are configured as separate modules, but the secure modules 101A and 101B may be integrated. That is, the secure modules 101A and 101B are a single module.

  FIG. 15 is a system configuration diagram in the case of a single module. This eliminates the need for communication between the secure modules 101A and 101B (within the dotted line in FIG. 6). In this case, the single module 1500 is mounted so that it cannot be easily separated from the information processing apparatus 100, like the secure module 101A.

  Specifically, for example, the single module 1500 is covered with a mold package. The single module 1500 is mounted so that it cannot be restored once it is disconnected from the information processing apparatus 100. Specifically, for example, the structure cannot be restored to the original by the above-described mold package. In addition, by mounting on the mother board by BGA (Ball Grid Array) on the connection surface of the single module 1500, the same terminal connection cannot be made once removed. With this structure, the single module 1500 can guarantee the unique number of the information processing apparatus 100.

  In the above-described embodiment, the disclosure range of the personal information 303 can be set by an individual, and a distributor or the like may provide a privilege to the individual depending on the disclosure range. As the stage of the disclosure range, for example, stages such as “anonymous publication” and “public after giving personal name” can be considered. In the above, “individual general information” is “anonymous information”, and “individual private information” is a disclosure range of a level that can identify an individual. From the standpoint of a distributor, the personal information 303 is valuable information for business with individuals. It will be possible to propose products suitable for individuals. Individuals are welcome to propose products that are suitable for them. It is possible to expand the scope of business by setting the disclosure range of information.

  FIG. 16 is an explanatory diagram showing an example of a business technique using the present embodiment. In FIG. 16, the seller obtains information from the buyer and gives a privilege to the buyer in the form of a coupon. The amount of coupons varies depending on the level of information from the buyer (whether anonymous or personally identifiable). The seller then proposes a product based on the buyer's information, and the buyer purchases the product if they like it. At the time of purchase, use a coupon and get a discount.

  It is also conceivable to store confidential information disclosure history as confidential information. This prevents double disclosure of public information, or when confidential information is requested twice from a specific distributor, someone is trying to obtain illegal information and confidential information by pretending to be a distributor This will help ensure a certain level of security.

  As described above, in this embodiment, in the information processing apparatus 100 that can be easily peeped or tampered with from the outside such as a PC, (A) a terminal number, a key, and the like are requested in response to a request from the distributor (content distribution server 1701). (B) secure storage area for the distributor in the information processing apparatus 100 based on the set key, (C) secure the content processing application program for the distributor, (D) The secure information is stored in a secure storage area for the distributor, and (E) secure means for securely transmitting the confidential information according to the request of the distributor is constructed.

  Thereby, the distributor obtains revenue from the user (viewer) or the advertiser based on the confidential information, and provides the provider (A) to (E) of the securing means (for example, the information processing apparatus 100 or the secure module 101A). , 101B manufacturer / seller) can obtain a profit by lending the securement means (A) to (E) and a secure storage area to a distributor or the like.

  Further, the hash value of the information to be secured and the encryption key when the information to be secured (confidential information) is encrypted are stored in a small area in the secure storage area by such a content distribution scheme. When updating the information to be secured (confidential information), be sure to save the hash value so that it can be confirmed that it is the latest information. The information to be secured is encrypted and stored in a non-secure area such as HD 1711 on the information processing apparatus 100 after being encrypted.

  When reading the information, the information is decrypted, and the latest information is confirmed by the hash value. In this way, even if the secure area existing in the secure storage area is small, a large capacity memory such as the HD 1711 on the information processing apparatus 100 can be used and the storage area can be expanded as much as possible.

  In addition, the above-described disclosure range of content information 301 (viewing calendar + age + past viewing calendar + gender + area of residence, etc.) and disclosure partner (content provider, content distributor) can be set by the viewer at an external request. In addition, it is possible to allow the provider or distributor to investigate the content consumption status, commercial viewing status, and product-related Internet site click status related to the content.

  In the above-described embodiment, the content fee is reduced by releasing the commercial viewing calendar. For example, the commercial viewing calendar and the click calendar are transmitted to the Internet content distributor. The content distributor will ask for a commercial fee based on the click calendar.

  In the above-described embodiment, there is a content number (ISAN number) guaranteed to be the only in the world, and the viewer can select a content distributor with the best conditions from the content distributors based on the number. Can be. Also, TPM (terminal number authentication) and TRM LSI can be paired or made into one chip. Furthermore, in the above-described embodiment, the first secure module 101A has a TPM structure, but similarly to the second secure module 101B, it may have a TRM structure rather than a TPM structure. Since the TRM structure is a higher structure than the TPM structure, it includes all the functions of the TPM. Therefore, the same processing as that of the TPM structure can be performed.

  Further, in the above-described embodiment, a secure storage area can be lent to a content distributor, and the content distributor business of the content distributor can be enabled. Furthermore, the viewer can set a disclosure range of secure confidential information. In addition, by setting a secure disclosure range of confidential information, the viewer obtains a “privilege (for example, partial money back)” from the seller, and the seller uses the confidential information to propose a product suitable for the buyer. be able to. For example, the amount of privilege may be different depending on the disclosure level. In addition, it is possible to record the disclosure information of the confidential information and the disclosure content, prevent the confidential information from being disclosed twice, and improve the overall security strength.

  As described above, according to the present embodiment, since the general-purpose information processing apparatus 100 can prevent tampering with secure software such as content viewing software and billing software, content stealing can be prevented. . Accordingly, the content provider can distribute content on the Internet with peace of mind while maintaining the versatility of the information processing apparatus 100.

  Further, in order to detect whether or not the software being executed has been tampered with not only when the information processing apparatus 100 is started up but also during execution of software (whether it is secure software or not), unauthorized operation of the software being executed or the Internet It is possible to protect the information processing apparatus 100 from illegal software download via the Internet.

  In addition, a general-purpose information processing apparatus 100 can provide an operational management system for content distribution. Furthermore, it is possible to realize operable content distribution and content management by diverting existing standards and technologies within a recognized range as much as possible. In addition, the following additional remarks are disclosed regarding embodiment mentioned above.

(Supplementary note 1) A storage area allocation method for allocating a storage location of confidential information related to content via a network in an information processing apparatus receiving the content from the content provider,
A generation step of generating a unique number of the information processing apparatus by the provider;
A unique number generated in the generation step is mounted from the provider to the information processing device by a first secure module having a TRM (Tamper Resistant Module) structure that is mounted in a state that is not removable from the information processing device. A transfer step for securely transferring to a second secure module having a TRM structure,
A calculation step of calculating a hash value related to combined information between the confidential information and the unique number transferred by the transfer step by the second secure module;
A storage step of securely storing the hash value calculated in the calculation step, the unique number, and the confidential information in the storage area in the information processing apparatus by the second secure module;
A storage area allocating method characterized by comprising:

(Additional remark 2) The software alteration detection process which detects the presence or absence of alteration of the software which processes the said content by the said 1st or 2nd secure module,
The generation step includes
The storage area allocating method according to appendix 1, wherein a unique number of the information processing apparatus is generated by the provider when the software tampering detection step detects that the tampering has not occurred.

(Appendix 3) The storing step
The storage according to claim 1 or 2, wherein the second secure module stores the hash value, the unique number, and the confidential information in a storage area accessible only by the second secure module. Space allocation method.

(Appendix 4) The storing step
The second secure module stores the hash value and the unique number in a storage area accessible only by the second secure module, and secures the confidential information in a storage area other than the storage area. The storage area allocating method according to appendix 1 or 2, characterized in that:

(Supplementary Note 5) When the content is processed by the software, a unique number stored in the storage area by the second secure module in the storage step (hereinafter referred to as “first storage step”), confidential information A confidential information alteration detection step of detecting presence or absence of alteration of the confidential information based on the information and the hash value;
An update step of updating the confidential information in accordance with the processing of the content by the second secure module when the confidential information alteration detection step detects no alteration;
The second secure module discards the hash value calculated by the calculation step (hereinafter referred to as “first calculation step”) and combines the confidential information updated by the update step with the unique number. A second calculation step of calculating a hash value related to information;
A second storage step of storing, in the storage area, the hash value calculated by the second calculation step, the unique number, and the updated confidential information by the second secure module;
The storage area allocating method according to any one of appendices 1 to 4, further comprising:

(Appendix 6) When there is a request for browsing the confidential information including the unique number from the provider, the second secure module uses the unique number, confidential information, and hash value stored in the storage area. , A confidential information alteration detection step for detecting presence or absence of alteration of the confidential information;
An encryption step of encrypting the confidential information by an encryption / decryption method that can be decrypted only by the provider by the second secure module, when the confidential information alteration detection step detects no alteration;
A transmission step of transmitting confidential information encrypted by the encryption step to the provider;
The storage area allocating method according to any one of appendices 1 to 5, characterized by including:

(Supplementary note 7) The storage area allocating method according to any one of Supplementary notes 1 to 6, wherein the first secure module is a module having a TPM (Trusted Platform Module) structure.

(Supplementary note 8) An information processing apparatus that receives content provided via a network and processes the content,
A first secure module having a TRM (Tamper Resistant Module) structure mounted in a non-detachable state on the information processing apparatus;
A second secure module that can be securely connected to the first secure module and has a TRM structure mounted on the information processing apparatus;
Storage means,
The first secure module is:
Transfer means for securely transferring the unique number of the information processing device generated by the content provider to the second secure module;
The second secure module is
A calculation unit that calculates a hash value related to combined information between the confidential information and the unique number transferred by the transfer unit;
An information processing apparatus comprising: a storage unit that securely stores the hash value, the unique number, and the confidential information calculated by the calculation unit in the storage unit.

(Supplementary Note 9) The first or second secure module is
Software tampering detection means for detecting the presence or absence of tampering with software that processes the content,
The first secure module is:
Supplementary note 8 wherein the unique number of the information processing apparatus generated by the content provider when the software tampering detection unit detects that the tampering has not occurred is securely transferred to the second secure module. The information processing apparatus described in 1.

(Supplementary note 10) The information processing apparatus according to supplementary note 8 or 9, wherein the storage unit is a storage area accessible only to the second secure module.

(Supplementary Note 11) The storage means has a storage area accessible only to the second secure module, and a storage area other than the storage area,
The storage means includes
The hash value and the unique number are stored in a storage area accessible only to the second secure module, and the confidential information is securely stored in a storage area other than the storage area. The information processing apparatus according to appendix 8 or 9.

(Supplementary Note 12) The second secure module is
When the content is processed by the software, based on the unique number, confidential information and hash value stored in the storage means, confidential information falsification detection means for detecting the presence or absence of falsification of the confidential information;
An update means for updating the confidential information in accordance with the processing of the content when the confidential information alteration detection means detects no falsification,
The calculating means includes
Discarding the hash value (hereinafter referred to as “first hash value”), calculating a second hash value relating to the combined information of the confidential information updated by the updating means and the unique number;
The storage means includes
The information according to any one of appendices 8 to 11, wherein the second hash value, the unique number, and the updated confidential information calculated by the calculation unit are stored in the storage unit. Processing equipment.

(Supplementary Note 13) The second secure module is
When there is a request for browsing the confidential information including the unique number from the provider, the confidentiality is detected based on the unique number, the confidential information, and the hash value stored in the storage unit. Information alteration detection means;
An encryption means for encrypting the confidential information by an encryption / decryption method that can be decrypted only by the provider, when the confidential information alteration detection means detects no alteration;
Transmitting means for transmitting confidential information encrypted by the encryption means to the provider;
The information processing apparatus according to any one of supplementary notes 8 to 12, comprising:

(Supplementary note 14) The information processing apparatus according to any one of supplementary notes 8 to 13, wherein the first secure module is a module having a TPM (Trusted Platform Module) structure.

(Supplementary note 15) The information processing apparatus according to any one of supplementary notes 8 to 14, wherein the first and second secure modules are single modules.

1 is a system configuration diagram of a content distribution system using the Internet according to an embodiment. FIG. FIG. 3 is a block diagram (part 1) illustrating a hardware configuration of the information processing apparatus. It is explanatory drawing which shows the content of confidential information. It is a sequence diagram which shows a terminal registration / secure area | region setting sequence. It is a flowchart which shows the detailed process sequence of a confidential information storage process. It is a sequence diagram which shows the monitoring sequence of secure software. It is a sequence diagram which shows a content delivery sequence. It is a sequence diagram which shows the update sequence of confidential information. It is a flowchart which shows the detailed process sequence of the re-storing process of the confidential information after an update. It is a sequence diagram which shows the browsing sequence of confidential information. FIG. 3 is a block diagram (part 2) illustrating a hardware configuration of the information processing apparatus. It is explanatory drawing which shows the confidential information shown in FIG. It is a flowchart which shows the detailed process sequence of the storage process of confidential information when a secure area | region is expanded. It is a flowchart which shows the detailed process sequence of the re-storing process of the confidential information after an update. It is a system configuration diagram in the case of a single module. It is explanatory drawing which shows an example of the business technique using this Embodiment. It is a system configuration | structure figure of the content delivery system using the conventional internet.

Explanation of symbols

DESCRIPTION OF SYMBOLS 100 Information processing apparatus 101A 1st secure module 101B 2nd secure module 210 Non-volatile memory 301,302 Content information 303 Personal information 1500 Single module 1701 Content distribution server 1702 User information server 1703 Charge server 1711 HD (hard disk)
S, S1, S2 Confidential information

Claims (5)

A storage area allocation method for allocating a storage location of confidential information related to content via a network in an information processing apparatus that receives the content from the content provider,
A generation step of generating a unique number of the information processing apparatus by the provider;
A TRM structure in which a unique number generated in the generation step is mounted on the information processing apparatus from the provider by a first secure module having a TRM structure mounted in a state that is not detachable from the information processing apparatus. A transfer step for securely transferring to a second secure module having:
A calculation step of calculating a hash value related to combined information between the confidential information and the unique number transferred by the transfer step by the second secure module;
A storage step of securely storing the hash value calculated in the calculation step, the unique number, and the confidential information in the storage area in the information processing apparatus by the second secure module;
A storage area allocating method characterized by comprising: The storing step includes
The storage area according to claim 1, wherein the second secure module stores the hash value, the unique number, and the confidential information in a storage area accessible only by the second secure module. Assignment method. The storing step includes
The second secure module stores the hash value and the unique number in a storage area accessible only by the second secure module, and secures the confidential information in a storage area other than the storage area. The storage area allocating method according to claim 1, wherein the storage area is stored in the storage area. An information processing apparatus that receives content provided via a network and processes the content,
A first secure module having a TRM structure mounted in a non-detachable manner on the information processing apparatus;
A second secure module that can be securely connected to the first secure module and has a TRM structure mounted on the information processing apparatus;
Storage means,
The first secure module is:
Transfer means for securely transferring the unique number of the information processing device generated by the content provider to the second secure module;
The second secure module is
A calculation unit that calculates a hash value related to combined information between the confidential information and the unique number transferred by the transfer unit;
An information processing apparatus comprising: a storage unit that securely stores the hash value, the unique number, and the confidential information calculated by the calculation unit in the storage unit.   The information processing apparatus according to claim 4, wherein the first and second secure modules are single modules.

Images