JP2012083953A - Server device and authentication method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a server device and an authentication method with which a client device can be authenticated without individual expansion in communications between the server device and the client device.SOLUTION: A confirmation unit 23 confirms whether a client device 3 transmitting a request signal for requesting information on content or a container is a registered client device. When the client device 3 is an unregistered client device, a response generation unit 25 generates a response signal including container specification information on a character input container and transmits the signal to the transmission source client device. The confirmation unit 23 recognizes input of characters by the client device 3, which receives the response signal including the container specific information on the character input container, on the basis of container specification information on a character input container included in a request signal transmitted from the client device 3 and selected by the client device 3, and performs password authentication on the basis of the recognized characters.

Description

  The present invention relates to a server apparatus and an authentication method for authenticating a client apparatus connected via a network.

  2. Description of the Related Art In recent years, so-called home networks that allow home appliances, computers, and other peripheral devices to be connected to each other in a home and communicated between the devices are becoming popular.

  UPnP (Universal Plug and Play) is known as a protocol suitable for home network configuration. UPnP can easily construct a network without complicated operations, and can receive services provided by each connected device in a device connected to the network without complicated operations and settings. It is.

  UPnP exchanges definition files based on XML (eXtensible Markup Language) between connected devices, and performs mutual recognition between devices. The outline of UPnP processing is as follows.

(1) Addressing processing for acquiring a self device ID such as an IP address.
(2) Discovery processing for searching for each device on the network, receiving a response from each device, and acquiring information such as device type and function included in the response.
(3) Service request processing for requesting a service from each device based on information acquired by the discovery processing.

  By performing the above processing procedure, it is possible to provide and receive a service using a device connected to the network. A device newly connected to the network acquires a device ID by the above addressing process, acquires information of another device connected to the network by the discovery process, and requests a service from another device based on the acquired information. Is possible.

  For example, a content stored in a server device such as a PC (personal computer) can be searched from a client device such as a digital television connected to a network, and desired content can be reproduced.

  By the way, there is a risk of unauthorized access to the server device as described above. For example, in the case of a network configured by wireless LAN, a situation occurs in which a server device in a house illegally enters a network using communication equipment from outside or the like and exploits content. Can do.

  In order to eliminate the unauthorized access as described above, in Patent Documents 1 and 2, a password is set in the server device in advance, and when the client device matches the password transmitted to the server device, Techniques for authenticating and permitting access to client devices have been proposed.

JP 2004-341657 A JP 2008-9744 A

  However, in the techniques of Patent Documents 1 and 2, it is necessary to add unique password input means and password transmission means to the client device. Correspondingly, the server device needs its own password receiving means and password analyzing means. That is, in the techniques of Patent Documents 1 and 2, it is necessary to perform a unique extension for communication between the server apparatus and the client apparatus.

  The present invention has been made in view of the above, and an object of the present invention is to provide a server device and an authentication method capable of authenticating a client device without performing a unique extension for communication with the client device.

  According to one aspect of the present invention, a confirmation unit (23) that confirms whether or not a client device that is a transmission source of a request signal that requests information about content or a container is a registered client device, and a response to the request signal A response generation unit (25) that generates a signal and transmits the signal to the transmission source client device, and the response generation unit includes one or a plurality of response signals when the transmission source client device is an unregistered client device. A response signal including container specifying information of a character input container corresponding to a character is generated and transmitted to the client device of the transmission source, and the confirmation unit receives a response signal including container specifying information of the character input container. Before being selected by the source client device, included in the received request signal from the source client device There is provided a server device (2) characterized by recognizing character input in the transmission source client device based on container specifying information of a character input container and performing password authentication based on the recognized character. .

  According to another aspect of the present invention, a confirmation unit (23) for confirming whether or not a client device that is a transmission source of a request signal for requesting information about content or a container is a registered client device, and a request signal A response generation unit (25) that generates a response signal and transmits the response signal to the transmission source client device, and the response generation unit includes one or more when the transmission source client device is an unregistered client device. A response signal including the content specifying information of the character input content corresponding to the character of the character is generated and transmitted to the transmission source client device, and the confirmation unit includes a response signal including the content specifying information of the character input content Selected by the transmission source client device included in the request signal transmitted from the transmission source client device. A server device (2A) that recognizes input of characters in the transmission source client device based on the content specifying information of the character input content and performs password authentication based on the recognized characters; Provided.

  According to another aspect of the present invention, a confirmation unit (23) for confirming whether or not a client device that is a transmission source of a request signal for requesting information about content or a container is a registered client device, and a request signal A response generation unit (25) that generates a response signal and transmits the response signal to the transmission source client device, and the response generation unit includes a plurality of characters when the transmission source client device is an unregistered client device. To the client device that is the transmission source, and the confirmation unit transmits the content for character input. The character input content when playback is stopped in the transmission source client device. Based on the reproduction stop position of the upper, to recognize characters input in the sender 'client device, the server device and performs password authentication based on the recognized characters (2B) is provided.

  According to another aspect of the present invention, a confirmation unit (23) for confirming whether or not a client device that is a transmission source of a request signal for requesting information about content or a container is a registered client device, and a request signal A response generation unit (25) that generates a response signal and transmits the response signal to the transmission source client device, and the response generation unit, when the transmission source client device is an unregistered client device, The authentication content, which is music content, is transmitted to the transmission source client device, and the confirmation unit is on the authentication content when reproduction is stopped in the transmission source client device that reproduces the authentication content. Based on whether or not the playback stop position is within a predetermined range, authentication of the transmission source client device is performed. Server and wherein the (2C) is provided.

  According to another aspect of the present invention, there is provided an authentication method in a server device that performs authentication of a client device, wherein a client device that is a transmission source of a request signal for requesting information about content or a container is a registered client device. And confirming whether or not the transmission source client device is an unregistered client device, generating a response signal including container specifying information of a character input container corresponding to one or a plurality of characters, and A step of transmitting to a transmission source client device; and a transmission source client device including a request signal transmitted from the transmission source client device that has received a response signal including container specifying information of the character input container. Based on the container specifying information of the selected character input container, the transmission source Recognizes input of a character in the client apparatus, authentication method characterized by comprising the steps of performing password authentication based on the recognized character is provided.

  According to another aspect of the present invention, there is provided an authentication method in a server device that performs authentication of a client device, wherein a client device that is a transmission source of a request signal for requesting information about content or a container is a registered client device. And confirming whether or not the transmission source client device is an unregistered client device, generating a response signal including content specifying information of content for character input corresponding to one or more characters, and A step of transmitting to the transmission source client device, and the transmission source client device including the request signal transmitted from the transmission source client device that has received the response signal including the content specifying information of the character input content. Based on the content specifying information of the selected character input content Wherein recognizing the input of a character in the sending client device, authentication method characterized by comprising the steps of performing password authentication based on the recognized character is provided.

  ADVANTAGE OF THE INVENTION According to this invention, the server apparatus and authentication method which can authenticate a client apparatus can be provided, without performing original extension for communication between client apparatuses.

It is a block diagram which shows the structure of the content reproduction system which concerns on 1st Embodiment. It is explanatory drawing of the container for character input. It is a flowchart which shows the procedure of the authentication process of the client apparatus by the server apparatus in 1st Embodiment. It is a figure which shows an example of a container list screen. It is a figure which shows the example of a description of the browse request by a client apparatus. It is a figure which shows the example of a description of the browse response with respect to the client apparatus registered by the server apparatus. It is a figure which shows the example of a description of the browse response with respect to the unregistered client apparatus 3 by the server apparatus in 1st Embodiment. It is a flowchart which shows operation | movement of the content reproduction system in 2nd Embodiment. It is a figure which shows the example of a description of the search request by a client apparatus. It is a figure which shows the example of a description of the search non-correspondence error with respect to the unregistered client apparatus 3 by the server apparatus in 2nd Embodiment. It is a block diagram which shows the structure of the content reproduction system which concerns on 3rd Embodiment. It is a flowchart which shows the procedure of the authentication process of the client apparatus by the server apparatus in 3rd Embodiment. It is a flowchart which shows the procedure of the authentication process of the client apparatus by the server apparatus in 3rd Embodiment. It is a figure which shows an example of a content list screen. It is a figure which shows the example of a description of the browse response with respect to the unregistered client apparatus 3 by the server apparatus in 3rd Embodiment. It is a block diagram which shows the structure of the content reproduction system which concerns on 4th Embodiment. It is a figure which shows an example of the corresponding | compatible table in 4th Embodiment. It is a flowchart which shows the procedure of the authentication process of the client apparatus by the server apparatus in 4th Embodiment. It is a flowchart which shows the procedure of the authentication process of the client apparatus by the server apparatus in 4th Embodiment. It is explanatory drawing of the character input in 4th Embodiment. It is a block diagram which shows the structure of the content reproduction system which concerns on 5th Embodiment. It is a figure which shows an example of the corresponding | compatible table in 5th Embodiment. It is a flowchart which shows the procedure of the authentication process of the client apparatus by the server apparatus in 5th Embodiment. It is a flowchart which shows the procedure of the authentication process of the client apparatus by the server apparatus in 5th Embodiment. It is explanatory drawing of the authentication method in 5th Embodiment.

  Embodiments of the present invention will be described below with reference to the drawings. Throughout the drawings, the same or equivalent parts and components are denoted by the same or equivalent reference numerals, and the description thereof is omitted or simplified.

(First embodiment)
FIG. 1 is a block diagram showing a configuration of a content reproduction system according to the first embodiment. As shown in FIG. 1, the content reproduction system 1 includes a server device 2 and a client device 3. The server device 2 and the client device 3 are connected via a network 4 so that they can communicate with each other. In the present embodiment, the server device 2 and the client device 3 are configured by UPnP compatible devices.

  The server device 2 is a device that stores content such as image content and music content and provides the content to the client device 3 in response to a request from the client device 3. The server device 2 includes a communication unit 21, an analysis unit 22, a confirmation unit 23, an authentication DB (database) 24, a response generation unit 25, a character input container DB 26, and a container / content DB 27.

  The communication unit 21 is for transmitting and receiving data to and from the client device 3 via the network 4.

  The analysis unit 22 analyzes the browse request signal transmitted from the client device 3. The browse request signal is a signal (request signal) that is transmitted when the client apparatus 3 requests the server apparatus 2 for these pieces of information in order to provide the user with information about the content or the container. Here, the container is a directory including content, and has a tree-like hierarchical structure. In addition, when a content request signal requesting acquisition of content data is transmitted from the client device 3, the analysis unit 22 analyzes the content request signal.

  Based on the client specifying information included in the browse request signal from the client device 3, the confirmation unit 23 confirms whether or not the client device 3 that is the transmission source of the browse request signal is a client device registered in the authentication DB 24 described later. To do. The client specifying information is an IP address, a MAC address, or the like of the client device. In addition, the confirmation unit 23 performs authentication using a password for an unregistered client device. Details of the authentication by the password will be described later.

  The authentication DB 24 stores an allow list and a deny list. The permission list is a list in which client identification information of an authenticated client device that permits access to the server device 2 is registered. The rejection list is a list in which client identification information of a client device that rejects access to the server device 2 is registered. The authentication DB 24 stores a password used for authentication of the client device.

  The response generation unit 25 generates a browse response signal (response signal) for the browse request signal from the client device 3, and transmits this to the client device 3 via the communication unit 21. When the client apparatus 3 that is the transmission source of the browse request signal is an unregistered client apparatus in the authentication DB 24, the response generation unit 25 generates a browse response signal that includes container information of a character input container, which will be described later. Transmit to device 3. Further, when a content request signal is transmitted from the client device 3, the response generation unit 25 reads the content specified thereby from the container / content DB 27, and transmits this to the client device 3 via the communication unit 21. .

  The character input container DB 26 stores container information of character input containers. The container information of the character input container includes a container name and a container ID. The character input container is used for character input when performing authentication by the password of the client device 3. The container ID of the character input container corresponds to the container specifying information in the claims.

  FIG. 2 is an explanatory diagram of a character input container. In the present embodiment, the password will be described as consisting of a four-letter alphabet. The content is not stored in the character input container.

  In FIG. 2, the first character input containers 11 </ b> A to 11 </ b> Z are in the hierarchy one level lower than the root container 10 with the container ID = “0” corresponding to the root directory. The container names of the character input containers 11A to 11Z are 'A' to 'Z', and the container IDs are 'P-A' to 'P-Z'.

  There is a character input container for the second character in the hierarchy one level lower than the character input containers 11A to 11Z for the first character. For example, there are second character input containers 12A to 12Z below the character input container 11A. The container names of the character input containers 12A to 12Z are ‘A’ to ‘Z’, and the container IDs are ‘P-AA’ to ‘P-AZ’. Similarly, there are 26 character input containers corresponding to A to Z below the character input containers 11B to 11Z, respectively.

  Similarly, there is a third character input container for the fourth character. For example, the third character input containers 13A to 13Z are below the character input container 12A, and the fourth character input containers 14A to 14Z are below the character input container 13A. The container names of the character input containers 13A to 13Z are 'A' to 'Z', and the container IDs are 'P-AAA' to 'P-AAZ'. The container names of the character input containers 14A to 14Z are 'A' to 'Z', and the container IDs are 'P-AAAAA' to 'P-AAAZ'.

  Here, “P-” and subsequent characters in the container ID of the character input container are referred to as an input character portion. As described above, in the container ID of the first character input container, the input character portion consists of one character. In the container ID of the character input container for the second character, the third character, and the fourth character, the input character portion consists of two characters, three characters, and four characters, respectively.

  The container / content DB 27 stores content such as image content and music content. The container / content DB 27 also stores information such as content information (content name, content ID, URL indicating the location of the content), and container information (container name, container ID) of the content container.

  The client device 3 is a device that can reproduce the content provided from the server device 2. The client device 3 is configured by a conventional UPnP compatible device. The client device 3 includes a communication unit 31, an analysis unit 32, a playback unit 33, a display unit 34, an audio output unit 35, an operation reception unit 36, and a request generation unit 37.

  The communication unit 31 is for transmitting and receiving data to and from the server device 2 via the network 4.

  The analysis unit 32 analyzes the browse response signal transmitted from the server device 2 and displays the container list screen or the content list screen on the display unit 34 via the reproduction unit 33 based on the result. When the reproduction of the content selected from the content list screen is instructed by the user operation and the content is transmitted from the server device 2 in response thereto, the analysis unit 32 causes the reproduction unit 33 to reproduce the content.

  The playback unit 33 plays back the content, displays an image on the display unit 34, and outputs sound from the sound output unit 35. Further, the playback unit 33 causes the display unit 34 to display a container list screen and a content list screen.

  The display unit 34 displays a content image, a container list screen, a content list screen, and the like.

  The audio output unit 35 outputs the audio of the content.

  The operation reception unit 36 receives a user operation and outputs an operation signal based on the operation.

  The request generation unit 37 generates a browse request signal based on an operation in which the user selects a container, and transmits the browse request signal to the server device 2 via the communication unit 31. The browse request signal includes the container ID of the character input container or content container selected by the user operation, and the client specifying information of the client device 3. When content reproduction is instructed by a user operation, the request generation unit 37 generates a content request signal and transmits it to the server apparatus 2 via the communication unit 31.

  Next, the operation of the content reproduction system 1 will be described.

  When the client device 3 tries to reproduce the content, the request generation unit 37 generates a browse request signal and transmits it to the server device 2 in order to acquire information about the content or the container. The server device 2 that has received the browse request signal generates a browse response signal including content information or container information in the response generation unit 25 based on the content ID or container ID included in the browse request signal, and sends this to the client device 3. Send. Normally, the client device 3 can search the target content by following the hierarchy of the container by repeating the browse request with the container ID = '0' indicating the root container as a base point.

  In the present embodiment, the password input in the client device 3 and the password authentication in the server device 2 are performed using the communication between the client device 3 and the server device 2 as described above. FIG. 3 is a flowchart showing the procedure of this authentication process.

  First, in step S <b> 10, the request generation unit 37 of the client device 3 generates a browse request signal and transmits it to the server device 2 via the communication unit 31. Here, initially, it is assumed that the request generation unit 37 generates a browse request signal including container ID = “0” in response to an operation in which the user selects a root container. The browse request signal includes client specifying information (IP address, MAC address, etc.) of the client device 3.

  In step S20, the analysis unit 22 of the server device 2 receives the browse request signal from the client device 3 via the communication unit 21, and analyzes it. Then, the analysis unit 22 supplies the confirmation unit 23 with the container ID and the client identification information included in the browse request signal.

  Next, in step S <b> 30, the confirmation unit 23 confirms whether or not the client device 3 that has transmitted the browse request signal has been registered in the authentication DB 24 based on the client identification information acquired from the analysis unit 22. The confirmation unit 23 determines that the client device 3 has been registered if the client identification information is registered in either the allow list or the reject list of the authentication DB 24. If it is determined that registration has been completed (step S30: YES), the confirmation unit 23 ends the process because authentication of the client device 3 is unnecessary.

  If it is determined that it has not been registered (step S30: NO), the confirmation unit 23 determines in step S40 that the number of characters in the input character portion of the container ID acquired from the analysis unit 22 is the authentication password stored in the authentication DB 24. It is determined whether the number of characters has been reached. For example, initially, the container ID = “0” and there is no input character portion, so the confirmation unit 23 determines that the number of characters in the password has not been reached. If the confirmation unit 23 determines that the number of characters in the input character portion of the container ID has not reached the number of characters in the password (step S40: NO), the confirmation unit 23 proceeds to step S50 and determines that the number of characters in the password has been reached (step S40). : YES), the process proceeds to step S90.

  In step S <b> 50, the confirmation unit 23 causes the response generation unit 25 to generate a browse response signal including the container information of the character input container of the next lower layer, and transmits this to the client device 3 via the communication unit 21. . For example, if it is a browse response signal for the first browse request signal including container ID = '0', the container of the first character input containers 11A to 11Z shown in FIG. Names “A” to “Z” and container ID = “PA” to “PZ” are included.

  In step S60, the analysis unit 32 of the client device 3 receives the browse response signal from the server device 2 via the communication unit 31, and analyzes it.

  Next, in step S70, the analysis unit 32 causes the playback unit 33 to display a container list screen on the display unit 34 based on the container information of the character input container included in the browse response signal.

  An example of a container list screen corresponding to the first character input containers 11A to 11Z is shown in FIG. As shown in FIG. 4, the container list screen 40 includes icons 41A to 41Z corresponding to the character input containers 11A to 11Z, and title display fields 42A to 42Z for displaying container names corresponding to the icons 41A to 41Z. Is displayed. The user can select one character input container corresponding to the input character by performing an operation on the operation receiving unit 36 while viewing the container list screen 40. Thereby, the user can input the character of the password. For example, if the user selects the icon 41Z, the user can input the character “Z”.

  In step S <b> 80, the request generation unit 37 determines whether one character input container has been selected from the container list screen 40 based on the operation signal from the operation reception unit 36. If it is determined that it has not been selected (step S80: NO), the request generator 37 repeats the process of S80 until one character input container is selected.

  If it is determined that one character input container has been selected (step S80: YES), the request generation unit 37 returns to step S10, generates a browse request signal including the container ID of the selected character input container, This is transmitted to the server device 2 via the communication unit 31. Then, the process after step S20 is performed.

  As described above, when the browse request signal and the browse response signal are repeatedly transmitted and received, and the browse request signal including the container ID of the fourth character input container is transmitted to the server device 2, the confirmation unit 23 performs step S40. In step S40, it is determined that the number of characters in the input character portion of the container ID has reached the number of characters in the password (step S40: YES), and the process proceeds to step S90.

  In step S90, the confirmation unit 23 determines whether the input character portion of the container ID matches the password. When it is determined that they match (step S90: YES), in step S100, the confirmation unit 23 authenticates the client device 3 and registers the client specifying information in the permission list of the authentication DB 24.

  When it is determined that the input character portion of the container ID does not match the password (step S90: NO), in step S110, the confirmation unit 23 determines that the password authentication has failed and stores the client identification information of the client device 3 in the authentication DB 24. Register on the Deny List. Thus, the authentication process of the client device 3 ends.

  An example in which the user inputs “ZZAB” as a password will be described. By the processing of the flowchart of FIG. 3 as described above, first, in response to a browse request signal including container ID = “0”, the container name “A” to “Z” and container ID = “P−” A browse response signal including A ′ to “PZ” is transmitted. In the client device 3 that has received this browse response signal, the container list screen 40 shown in FIG. 4 is displayed. When the user performs an operation of selecting the icon 41Z corresponding to the first character “Z” of the password, a browse request signal including the container ID = “PZ” is transmitted from the client device 3 to the server device 2. The

  Next, from the server apparatus 2 that has received the browse request signal including the container ID = “PZ”, the container names “A” to “Z” and the container IDs = “P-ZA” to “P-ZZ” are set. A browse response signal is transmitted. In the client device 3 that has received this browse response signal, the container list screen 40 is displayed on the display unit 34. The container list screen 40 is displayed in the same way regardless of how many characters are input. When the user performs an operation of selecting the icon 41Z corresponding to the second character “Z” of the password, a browse request signal including the container ID = “P-ZZ” is transmitted from the client device 3 to the server device 2. The

  Next, from the server apparatus 2 that has received the browse request signal including the container ID = “P-ZZ”, the container names “A” to “Z” and the container IDs = “P-ZZA” to “P-ZZZ” are set. A browse response signal is transmitted. In the client device 3 that has received this browse response signal, the container list screen 40 is displayed on the display unit 34. When the user performs an operation of selecting the icon 41A corresponding to the third character “A” of the password, a browse request signal including the container ID = “P-ZZA” is transmitted from the client device 3 to the server device 2. The

  Next, from the server apparatus 2 that has received the browse request signal including the container ID = “P-ZZA”, the container names “A” to “Z” and the container IDs = “P-ZZAA” to “P-ZZZ” are set. A browse response signal is transmitted. In the client device 3 that has received this browse response signal, the container list screen 40 is displayed on the display unit 34. When the user performs an operation of selecting the icon 41B corresponding to the fourth character “B” of the password, a browse request signal including the container ID = “P-ZZAB” is transmitted from the client device 3 to the server device 2. The

  Then, in the server device 2, it is determined whether or not the input character part “ZZAB” of the container ID = “P-ZZAB” matches the password. Based on the determination result, the client specifying information of the client device 3 is registered in the allow list or the deny list in the authentication DB 24, and the authentication process ends.

  When the client device 3 is registered in the permission list, the response generation unit 25 of the server device 2 responds to the browse request signal from the client device 3 thereafter based on the container information or content information in the container / content DB 27. A browse response signal is generated.

  For example, in response to a browse request signal including the container ID = '0' from the client device 3 registered in the permission list, the response generation unit 25 of the server device 2 sets the container information of the content container for each content genre. Generate a browse response signal containing. The browse response signal includes, for example, container names of content containers such as “Audio” and “Video”, and container IDs corresponding to them. The response generation unit 25 transmits this browse response signal to the client device 3 via the communication unit 21. Upon receiving this browse response signal, the playback unit 33 of the client device 3 causes the display unit 34 to display a container list screen (not shown) of content containers such as “Audio” and “Video”. The user can select a container from this container list screen.

  When a browse request signal including a container ID of a container including content in the immediately lower layer is transmitted from the client device 3, the response generation unit 25 of the server device 2 displays a browse response including content information of the content in the container. A signal is generated and transmitted to the client device 3. The content information includes a content name, a content ID, and a URL indicating the location of the content. The playback unit 33 of the client device 3 that has received the browse response signal causes the display unit 34 to display a content list screen (not shown). The user can select a container from the content list screen.

  When the user performs an operation of selecting content from the content list screen and instructing playback, the request generation unit 37 of the client device 3 generates a content request signal and transmits it to the server device 2 via the communication unit 31. To do. The content request signal includes the URL of the selected content. When the content request signal is transmitted, the analysis unit 22 of the server device 2 analyzes the content request signal and notifies the response generation unit 25 of the URL of the content included therein. The response generation unit 25 reads the content from the container / content DB 27 based on the URL, and transmits this to the client device 3 via the communication unit 21. Then, in the client device 3 that has received the content, the reproduction unit 33 reproduces the content.

  When the client device 3 is registered in the rejection list, the server device 2 rejects the request for the subsequent browse request signal from the client device 3. Note that the server device 2 may authenticate the client device registered in the rejection list again with the same password as that of the unregistered client device.

  FIG. 5 is a diagram showing a description example of a browse request in the browse request signal transmitted by the client device 3, and FIG. FIG. 7 is a diagram illustrating a description example of a browse response, and FIG. 7 is a diagram illustrating a description example of a browse response in a browse response signal that the server device 2 transmits to the client device 3 that is not registered in the authentication DB 24. 5 to 7 are described in the XML format.

  In FIG. 5, a portion surrounded by a broken line is a portion describing a container ID. Here, container ID = “0”, and the root container is designated.

  In FIG. 6, a part surrounded by a broken line is a part describing a container ID and a container name of a content container. Here, container ID = “A01”, “V01”, “I01”, and container names “Audio”, “Video”, and “Image” are described.

  On the other hand, in FIG. 7, a container ID and a container name of a character input container are described in a portion surrounded by a broken line. Here, container ID = “P-A” to “P-Z” and container names “A” to “Z” of the first character input containers 11A to 11Z are described. That is, the description of FIG. 7 is obtained by replacing only the description part related to the container information (container ID and container name) of the content container with the description related to the container information of the character input container.

  If the client apparatus 3 that has transmitted the browse request signal including the description as shown in FIG. 5 is already registered in the authorization list of the authentication DB 24, the server apparatus 2 returns a browse request signal including the description as shown in FIG. . On the other hand, if the transmission source client apparatus 3 is not registered in the allow list and deny list of the authentication DB 24, the server apparatus 2 returns a browse request signal including the description as shown in FIG.

  As described above, the description of FIG. 7 is the same as that of FIG. 6 except that the container information is that of the character input container. Therefore, the analysis unit 32 of the client device 3 receives the browse response signal including the container information of the normal content container as shown in FIG. 6 even when the browse response signal including the container information of the character input container is received. The container list screen 40 shown in FIG. 4 can be displayed by the reproducing unit 33 by the same processing as that described above.

  When the user performs an operation of selecting a character input container from the container list screen 40, the request generation unit 37 of the client device 3 surrounds the container ID of the selected character input container with a broken line in FIG. The browse response signal described in the part is generated and transmitted to the server device 2. Then, the confirmation unit 23 of the server device 2 that has received the browse response signal recognizes the input character portion of the container ID as an input character for password input in the client device 3.

  By performing such communication, the server device 2 recognizes the character input in the client device 3 based on the container ID of the character input container, and the password authentication of the client device 3 based on the recognized input character. I do.

  As described above, in the first embodiment, by using the container information of the character input container, the client device in the server device 2 does not carry out a unique extension to the communication between the server device 2 and the client device 3. 3 authentication can be performed.

  It should be noted that a container hierarchy with a container name indicating what number of characters of the password is input may be provided between each hierarchy of character input containers. For example, a container having a container name “Next is the fourth character of the password” is provided between the hierarchy of the third character input container and the fourth character input container. Thereby, before the container list screen 40 shown in FIG. 4 for inputting the fourth character is displayed on the client device 3, the title “Next is the fourth password” is displayed in correspondence with the icon. A container display screen (not shown) is displayed. As a result, the user can be surely ascertained what character of the password is input.

  Further, a container hierarchy having container names such as “OK (input completion)” and “RETRY (input again)” may be provided below the hierarchy of the fourth character input container. Thereby, the error of a user's character input can be reduced.

  In the present embodiment, the characters after “P-” in the container ID of the character input container correspond to the input characters as they are, but in this case, there is a possibility that the password may be stolen by interception of the network packet. Therefore, a conversion table may be prepared in the server apparatus 2 and a container ID obtained by replacing the part after “P-” with the conversion table may be used every time the client apparatus 3 accesses. Thereby, safety can be improved.

  In the present embodiment, the password has been described as consisting of a four-letter alphabet, but is not limited to this. You can change the number of characters in the password by changing the number of character input container hierarchies. In addition, the character type can be changed by changing the number of characters input containers and the container names in each layer.

  In addition, the number of passwords is not limited to one, and a plurality of passwords corresponding to the access authority to the server device 2 may be prepared.

(Second Embodiment)
Since the content reproduction system according to the second embodiment has the same configuration as that of the content reproduction system 1 according to the first embodiment shown in FIG. 1, the second embodiment also uses FIG. explain.

  The server device 2 and the client device 3 have a search request function in addition to the browse request function used in the first embodiment. In the search request function, the client device 3 acquires content and container information that matches a specified search condition such as a content type, a content name, a part of a character string of the container name, and the like in a container having a specified container ID. It is a function to do.

  The browse request function is an essential function. In contrast, the search request function is an optional function that can be used only when both the server apparatus 2 and the client apparatus 3 support the search request function. The client device 3 having a search request function may acquire content information from the beginning by a search request instead of the method of following the container hierarchy as described in the first embodiment.

  When a search condition is specified by a user operation, the request generation unit 37 of the client device 3 generates a search request signal including the search condition and transmits it to the server device 2 via the communication unit 31. When the analysis unit 32 receives a search response signal including a search result from the server device 2 in response to the search request signal, the analysis unit 32 analyzes the search response signal.

  When receiving the search request signal from the client device 3, the analysis unit 22 of the server device 2 analyzes this. The response generation unit 25 generates a search response signal corresponding to the search request signal.

  Next, the operation of the content reproduction system 1 when the client apparatus 3 makes a search request will be described with reference to the flowchart of FIG.

  First, in step S <b> 210, the request generation unit 37 of the client device 3 generates a search request signal including a search condition designated by a user operation, and transmits this to the server device 2 via the communication unit 31. The search request signal includes client specifying information of the client device 3.

  In step S220, the analysis unit 22 of the server device 2 receives the search request signal from the client device 3 via the communication unit 21, and analyzes it. Then, the analysis unit 22 supplies the search condition and client specifying information included in the search request signal to the confirmation unit 23.

  Next, in step S <b> 230, the confirmation unit 23 confirms whether or not the client device 3 that has transmitted the search request signal has been registered in the authentication DB 24 based on the client identification information acquired from the analysis unit 22. The confirmation unit 23 determines that the client device 3 has been registered if the client identification information is registered in either the allow list or the reject list of the authentication DB 24.

  If it is determined that registration has been completed (step S230: YES), the confirmation unit 23 does not require authentication of the client device 3, and thus ends the processing of the flowchart of FIG. In this case, the response generation unit 25 generates a search response signal based on the container information or content information in the container / content DB 27 that matches the search condition, and transmits this to the client device 3.

  If it is determined that it has not been registered (step S230: NO), in step S240, the confirmation unit 23 causes the response generation unit 25 to generate a search response error signal, and transmits this to the client device 3 via the communication unit 21. .

  Here, when the client device 3 that has transmitted the search request signal is not registered in the authentication DB 24 (step S230: NO), the server device 2 needs to authenticate the client device 3 with a password. However, in some cases, the client apparatus 3 may use only the content information as a search condition. For this reason, it is not necessarily permitted to return the container information of the character input container shown in the first embodiment to the client device 3 in response to the search request signal. Therefore, the server device 2 transmits a search response error signal to the client device 3 as in step S240. The search response error signal includes a content that the server apparatus 2 does not support the search request function. Thereby, the server apparatus 2 prompts the client apparatus 3 to use the browse request function.

  In step S250, the analysis unit 32 of the client device 3 receives the search response error signal from the server device 2 via the communication unit 31, analyzes this, and recognizes that it is a search response error.

  In step S <b> 260, the analysis unit 32 causes the reproduction unit 33 to display an error display on the display unit 34.

  FIG. 9 is a diagram illustrating a description example of a search request in a search request signal transmitted by the client device 3. FIG. 10 is a diagram illustrating a search response error signal transmitted from the server device 2 to a client device 3 that is not registered in the authentication DB 24. It is a figure which shows the example of description of a correspondence error.

  In the example of FIG. 9, the search for the video (moving image content) in the root container is specified by the description of the part surrounded by the broken line. Further, in FIG. 10, the portion surrounded by a broken line describes a search non-corresponding error.

  In the case of a search non-corresponding error, the client device 3 searches for the target content by the browse request function instead of the search request function. For this reason, the processing of the content reproduction system 1 proceeds to step S10 of the flowchart of FIG. 3 described in the first embodiment after step S260 of FIG. 8, and the client device 3 is authenticated by the server device 2. .

  As described above, in the second embodiment, the server device 2 returns a search response error signal in response to the search request signal from the unregistered client device 3. After that, as in the first embodiment, the client device 3 is authenticated by the server device 2 using the browse request function. Therefore, according to the second embodiment, the client device 3 is authenticated by the server device 2 using the browse request function even for the client device 3 that uses the search request function that is an optional function from the beginning. It can be performed.

  In the discovery process (2) in the outline of the UPnP process described above, for the unregistered client apparatus 3, the server apparatus 2 describes the search request function in the service function list XML called a service description. In the first place, the client apparatus 3 may be prompted to use the browse request function instead of the optional search request function. However, in this case, the client apparatus 3 remains in a state where the server apparatus 2 is recognized as being incompatible with the search request function even after authentication. For this reason, it is necessary to cause the client device 3 to perform discovery processing again by restarting the server device 2 or the like.

(Third embodiment)
FIG. 11 is a block diagram showing a configuration of a content reproduction system according to the third embodiment. As shown in FIG. 11, the content reproduction system 1A is obtained by replacing the server device 2 with a server device 2A in the content reproduction system 1 of the first embodiment shown in FIG.

  The server device 2A has a configuration in which the character input container DB 26 is replaced with a character input content DB 28 with respect to the server device 2 of FIG.

  The character input content DB 28 stores character input content. The character input content is, for example, a still image content of a character image composed of a JPEG image. In the present embodiment, it is assumed that the character input content DB 28 stores 26 character input contents corresponding to alphabetic characters (A to Z). The character input content is used for character input when performing authentication by the password of the client device 3. The character input content DB 28 stores content information of the character input content. The content information of the character input content includes a content name and a URL indicating the location of the character input content. The URL of the character input content corresponds to the content specifying information in the claims.

  Next, processing for authenticating the client device 3 by the server device 2A will be described with reference to the flowcharts of FIGS.

  First, in step S <b> 310, the request generation unit 37 of the client device 3 generates a browse request signal and transmits it to the server device 2 via the communication unit 31. Here, it is assumed that a browse request signal including container ID = '0' is generated in response to an operation for selecting a root container by the user. The browse request signal includes client specifying information of the client device 3.

  In step S320, the analysis unit 22 of the server device 2A receives the browse request signal from the client device 3 via the communication unit 21, and analyzes it. Then, the analysis unit 22 supplies the client specifying information included in the browse request signal to the confirmation unit 23.

  Next, in step S330, based on the client identification information acquired from the analysis unit 22, the confirmation unit 23 has registered the client device 3 that has transmitted the browse request signal in either the allow list or the deny list in the authentication DB 24. Check whether or not. If it is determined that registration has been completed (step S330: YES), the confirmation unit 23 terminates the process because authentication of the client device 3 is unnecessary.

  If it is determined that it has not been registered (step S330: NO), the confirmation unit 23 causes the response generation unit 25 to generate a browse response signal including the content information of the character input content in step S340, and this is transmitted to the communication unit 21. Via the client device 3.

  Here, in the browse response signal, the content name “A” to “Z” and the URL indicating the location of each character input content are included as the content information of each character input content corresponding to each character of A to Z. included. The URL of each character input content corresponding to each of the characters A to Z is, for example, 'http://192.168.0.100/password/A. jpg '-' http: //192.168.0.100/password/Z. jpg '.

  In step S350, the analysis unit 32 of the client device 3 receives the browse response signal from the server device 2 via the communication unit 31, and analyzes it.

  Next, in step S360, the analysis unit 32 causes the reproduction unit 33 to display a content list screen on the display unit 34 based on the content information of the character input content included in the browse response signal.

  An example of a content list screen for character input content is shown in FIG. As shown in FIG. 14, the content list screen 50 includes icons 51A to 51Z corresponding to the character input contents A to Z and title display fields 52A to 52 for displaying content names corresponding to the icons 51A to 51Z. 52Z is displayed. The user can select one character input content corresponding to the input character by performing an operation on the operation receiving unit 36 while viewing the content list screen 50. Thereby, the user can input the character of the password. For example, the user can input the character “Z” by selecting the icon 51Z.

  In step S <b> 370, the request generation unit 37 determines whether one character input content is selected from the content list screen 50 based on the operation signal from the operation reception unit 36. If it is determined that it has not been selected (step S370: NO), the request generation unit 37 repeats the process of step S370 until one character input content is selected.

  When it is determined that one character input content has been selected (step S370: YES), in step S380, the request generation unit 37 generates a content request signal including the URL of the selected character input content. The data is transmitted to the server device 2A via the communication unit 31.

  Next, in step S390, the analysis unit 22 of the server device 2A receives the content request signal from the client device 3 via the communication unit 21, and analyzes it. Then, the analysis unit 22 notifies the confirmation unit 23 of the URL of the character input content included in the content request signal.

  Next, in step S <b> 400, the confirmation unit 23 determines an input character by a user operation from the URL notified from the analysis unit 22. For example, if the URL is' http://192.168.0.100/password/Z. If it is jpg, the confirmation unit 23 determines that the input character is ‘Z’ from the ‘password / Z’ portion. The confirmation unit 23 stores the determined input character in an internal storage unit (not shown).

  Next, in S410, the confirmation unit 23 causes the response generation unit 25 to read the character input content data from the character input content DB 28 based on the URL notified from the analysis unit 22, and transmits the data via the communication unit 21. To be transmitted to the client device 3.

  In step S420, the analysis unit 32 of the client device 3 receives the character input content from the server device 2A via the communication unit 31, and causes the reproduction unit 33 to display the content on the display unit 34. Thereby, for example, a still image on which the character “Z” corresponding to the input character is drawn is displayed on the display unit 34.

  Next, in step S430, the confirmation unit 23 determines whether or not the number of stored input characters has reached the number of characters in the authentication password. If the confirmation unit 23 determines that the number of input characters has not reached the number of characters in the password (step S430: NO), the check unit 23 proceeds to step S440. If the confirmation unit 23 determines that the number of characters in the password has been reached, the processing proceeds to step S460. In this embodiment, it is assumed that the password has 4 characters.

  In step S440, the confirmation unit 23 causes the response generation unit 25 to generate image data of a character input instruction screen (not shown) that prompts the user to input the next character, and this is generated via the communication unit 21 by the client device 3. To send to.

  Next, in step S450, the analysis unit 32 of the client device 3 receives the image data of the character input instruction screen from the server device 2 via the communication unit 31, and based on this, the reproduction unit 33 displays the character input instruction screen. It is displayed on the display unit 34. For example, a message such as “Please enter the second character of the password.” Is displayed on the character input instruction screen.

  Thereafter, the process returns to step S360, and the analysis unit 32 causes the reproduction unit 33 to display the content list screen 50 illustrated in FIG. As a result, the next character is input. Note that the same content list screen 50 is displayed on the display unit 34 no matter how many characters are input.

  When the fourth character is input and the input character is determined and stored in step S400, the confirmation unit 23 determines in step S430 that the stored number of input characters has reached the number of characters in the authentication password. (Step S430: YES), the process proceeds to Step S460.

  In step S460, the confirmation unit 23 determines whether or not the input character string in which the input characters are arranged in the storage order matches the password. When it is determined that they match (step S460: YES), in step S470, the confirmation unit 23 authenticates the client device 3 and registers the client specifying information in the permission list of the authentication DB 24.

  If it is determined that the input character string does not match the password (step S460: NO), in step S480, the confirmation unit 23 assumes that the password authentication has failed and puts the client identification information of the client device 3 in the rejection list of the authentication DB 24. sign up. Thus, the authentication process of the client device 3 ends.

  When the authentication of the client device 3 succeeds in step S470 and the registration to the permission list is completed, the confirmation unit 23 sends the image data of a rebrowse instruction screen (not shown) that prompts the user to rebrowse to the response generation unit 25. It is generated and transmitted to the client device 3.

  The reproduction unit 33 of the client device 3 that has received the image data of the rebrowse instruction screen causes the display unit 34 to display the rebrowse instruction screen. For example, a message such as “Authentication completed. Please browse again” is displayed on the re-browse instruction screen.

  Thereafter, the client apparatus 3 transmits a browse request signal including the container ID = “0” to the server apparatus 2A, so that the container information of the content container such as “Audio” and “Video” is transferred from the server apparatus 2A to the client apparatus 3. Will be replied to. Thereafter, the browse request signal and the browse response signal are repeatedly transmitted and received to trace the hierarchy of the content container, and the user finally performs an operation to instruct the reproduction of the content, whereby the content request signal is transmitted from the client device 3 to the server device. 2A. In response to this, the content is sent from the server device 2A to the client device 3, and normal content is reproduced.

  FIG. 15 is a diagram illustrating a description example of the browse response in the browse response signal transmitted from the server apparatus 2A to the client apparatus 3 that is not registered in the authentication DB 24 in step S340. The description of the browse request in the browse request signal transmitted by the client device 3 in step S310 is the same as that in FIG. 5 shown in the first embodiment.

  In FIG. 15, the content name and URL of each of the character input contents A to Z are described in a portion surrounded by a broken line.

  The description of FIG. 15 is obtained by replacing the description related to the container information of the content container with the description related to the content information of the character input content in the description of FIG. 6 shown in the first embodiment. Therefore, the analysis unit 32 of the client device 3 receives the browse response signal including the container information of the normal content container as shown in FIG. 6 even when the browse response signal including the content information of the character input content is received. The content list screen 50 shown in FIG. 14 can be displayed on the display unit 34 by the same processing as that described above.

  When the user performs an operation of selecting the character input content from the content list screen 50, the request generation unit 37 of the client device 3 generates a browse response signal including the URL of the selected character input content. Is transmitted to the server device 2A. Then, the confirmation unit 23 of the server device 2A that has received this browse response signal recognizes the input of a character for password input in the client device 3 based on the URL. By performing such communication, the server device 2 performs password authentication of the client device 3 based on the recognized input character.

  As described above, by using the content information of the character input content, the server device 2A can perform the client in the third embodiment without performing a unique extension to the communication between the server device 2A and the client device 3. The device 3 can be authenticated.

  Note that the character input content is not limited to the still image content including the JPEG image as described above, but may be still image content in other formats, moving image content, or music content. If moving image content or music content is used as the character input content, the user can be prompted to input characters by moving image or voice.

  Also in the present embodiment, the character of the password is not limited to the alphabet, and the character type can be changed by changing the number of character input contents and the content name. It is also possible to change the number of characters in the password.

  In this embodiment, a part of the character input content corresponds to the password input character as it is, but in this case, the password may be stolen by interception of the network packet. Therefore, a conversion table may be prepared in the server apparatus 2A, and a URL obtained by replacing the character part for password input with the conversion table may be used each time the client apparatus 3 accesses. Thereby, safety can be improved.

(Fourth embodiment)
FIG. 16 is a block diagram showing a configuration of a content reproduction system according to the fourth embodiment. As shown in FIG. 16, the content reproduction system 1B is obtained by replacing the server device 2A with the server device 2B as compared with the content reproduction system 1A of the second embodiment shown in FIG.

  The server apparatus 2B has a configuration in which a correspondence table storage unit 29 is added to the server apparatus 2A of FIG.

  The correspondence table storage unit 29 stores a correspondence table 60 as shown in FIG. In the present embodiment, as will be described later, the confirmation unit 23 recognizes character input in the client device 3 based on the playback stop position of the character input content (character input video content) that is video content, Password authentication is performed based on the recognized characters. The correspondence table 60 is used for discrimination of input characters by the confirmation unit 23, and the contents will be described later.

  In the present embodiment, the character input content DB 28 stores moving image content for character input. In the present embodiment, it is assumed that the moving-image content for character input is moving-image content in which videos corresponding to alphabetic characters (A to Z) are sequentially switched. The character input content DB 28 stores content information of moving image content for character input. The content information of the character input moving image content includes a content name and a URL indicating the location of the character input moving image content.

  Next, processing for authenticating the client device 3 by the server device 2B will be described with reference to the flowcharts of FIGS.

  The processes in steps S510 to S530 in FIG. 18 are the same as steps S310 to S330 in FIG. 12 described in the third embodiment, and a description thereof will be omitted.

  If it is determined in step S530 that the client device 3 has not been registered in the authentication DB 24 (step S530: NO), the confirmation unit 23 includes the content information of the character input moving image content in the response generation unit 25 in step S540. A browse response signal is generated and transmitted to the client apparatus 3 via the communication unit 21.

  Here, the browse response signal includes a content name and a URL indicating the location of the character input moving image content as the content information of the character input moving image content. As a content name of the moving image content for character input, for example, a name such as 'password' is given. In addition, the URL of the moving-image content for character input is, for example, URL = 'http: //192.168.0.100/password/password. mpg '.

  In step S550, the analysis unit 32 of the client device 3 receives the browse response signal from the server device 2B via the communication unit 31, and analyzes it.

  Next, in step S560, the analysis unit 32 causes the reproduction unit 33 to display a content list screen on the display unit 34 based on the content information of the moving image content for character input included in the browse response signal.

  The content list screen displayed here has the same screen configuration as the content list screen 50 of FIG. 14 described in the third embodiment. However, since there is only one moving image content for character input, only one icon and title display column is displayed.

  When inputting the password, the user performs an operation for selecting the moving image content for character input from the content list screen on the operation reception unit 36.

  In step S <b> 570, the request generation unit 37 determines whether the character input moving image content is selected from the content list screen based on the operation signal from the operation reception unit 36. If it is determined that it has not been selected (step S570: NO), the request generator 37 repeats the process of S570 until the moving image content for character input is selected.

  When it is determined that the character input moving image content has been selected (step S570: YES), in step S580, the request generation unit 37 generates a content request signal including the URL of the character input moving image content, and this is transmitted to the communication unit 31. Is transmitted to the server device 2 via.

  Next, in step S590, the analysis unit 22 of the server device 2B receives the content request signal from the client device 3 via the communication unit 21, and analyzes it. The analysis unit 22 notifies the confirmation unit 23 of the URL of the moving image content for character input included in the content request signal.

  Next, in S600, based on the URL notified from the analysis unit 22, the confirmation unit 23 causes the response generation unit 25 to transmit the character input moving image content data stored in the character input content DB 28 to the client device 3. To start.

  In step S610, the analysis unit 32 of the client device 3 receives the character input moving image content data from the server device 2B via the communication unit 31, and causes the reproduction unit 33 to start reproducing the character input moving image content. As a result, display on the display unit 34 starts from the image displaying ‘A’, and then the displayed characters sequentially change from ‘B’ to ‘C’.

  The user performs an operation of instructing the operation receiving unit 36 to stop the reproduction of the moving-image content for character input when the video of the character to be input for password input is displayed on the display unit 34.

  In step S620, the request generation unit 37 determines whether or not an instruction to stop the reproduction of the character input moving image content is given based on the operation signal from the operation reception unit 36. If it is determined that playback stop is not instructed (step S620: NO), the request generator 37 repeats the process of step S620 until playback stop is instructed.

  If it is determined that playback stop has been instructed (step S620: YES), in step S630, the request generation unit 37 generates an instruction signal for stopping transmission of the character input moving image content data, and this is transmitted to the communication unit. 31 to the server device 2B.

  Next, in step S640, when the analysis unit 22 of the server device 2B receives the transmission stop instruction signal from the client device 3, the response generation unit 25 stops the transmission of the character input video content data to the client device 3. Let

  Thereby, in step S650, the playback unit 33 of the client device 3 stops the playback of the character input moving image content. As a result, the video on the display unit 34 stops.

  In step S660, the response generation unit 25 detects the playback stop position on the moving-image content for character input when playback is stopped by the client device 3. The response generation unit 25 detects the playback stop position based on the amount of transmitted data. For example, when the transmission of the character input moving image content data is stopped at the point of transmission of 1000000 bytes from the start of transmission, the response generation unit 25 detects the byte position b = 1000000 as the playback stop position. The byte position indicates the position on the moving-image content for character input by the amount of data from the start of the moving-image content for character input. When the response generation unit 25 detects the reproduction stop position, the response generation unit 25 notifies the confirmation unit 23 of this.

  Next, in step S <b> 670, the confirmation unit 23 refers to the correspondence table 60 stored in the correspondence table storage unit 29 based on the reproduction stop position notified from the response generation unit 25, by user operation on the client device 3. Determine the input character.

  FIG. 20 is an explanatory diagram of character input in the present embodiment. As shown in FIG. 20, the characters displayed on the display unit 34 are switched every predetermined time from the start of the reproduction of the character input moving image content. The correspondence table 60 holds the correspondence between the byte position range of each character displayed in this way and each character. For example, when the reproduction of the moving image content for character input is stopped in response to a user operation while “Z” is displayed on the display unit 34, the response generation unit 25 detects the byte position at that time as the reproduction stop position. Then, the confirmation unit 23 refers to the correspondence table 60 based on the reproduction stop position, and determines that the input character is ‘Z’.

  When the input character is determined, the confirmation unit 23 stores the input character in an internal storage unit (not shown).

  Next, in step S680, the confirmation unit 23 determines whether the number of stored input characters has reached the number of characters in the authentication password. In this embodiment, it is assumed that the password has 4 characters. If the confirmation unit 23 determines that the number of input characters has not reached the number of characters in the password (step S680: NO), the confirmation unit 23 returns to step S540. Thereafter, steps S540 to S670 are performed again, whereby the next input character is determined and stored by the confirmation unit 23.

  When the fourth character is input and the input character is determined and stored in step S670, the confirmation unit 23 determines in step S680 that the number of stored input characters has reached the number of characters in the authentication password. (Step S680: YES), the process proceeds to Step S690.

  The processing in steps S690 to S710 is the same as that in steps S460 to S480 in FIG. 13 described in the third embodiment. Thus, the authentication process of the client device 3 ends.

  In the present embodiment, the description of the browse request in the browse request signal transmitted by the client apparatus 3 in step S510 is the same as that in FIG. 5 shown in the first embodiment. Further, the description of the browse response in the browse response signal transmitted from the server apparatus 2B to the unregistered client apparatus 3 in step S540 is surrounded by the broken line in FIG. 15 shown in the third embodiment, although not shown. The description of the part is changed. In other words, the description part related to the content information of a plurality of character input contents in the part surrounded by a broken line in FIG. 15 is changed to a description related to the content information of one moving picture content for character input.

  For this reason, the analysis unit 32 of the client device 3 performs steps similar to the case where the browse response signal including the container information of the normal content container as shown in FIG. 6 shown in the first embodiment is received. In S560, the content list screen can be displayed on the display unit 34.

  Then, when the user performs an operation of selecting the moving image content for character input from the content list screen and instructing the reproduction, the server device 2B starts transmitting the data of the moving image content for character input to the client device 3. The client device 3 starts to reproduce the character input moving image content. When the user gives an instruction to stop reproduction in the client device 3, the confirmation unit 23 of the server device 2 </ b> B recognizes input of a character for password input in the client device 3 based on the reproduction stop position. The server device 2 performs password authentication of the client device 3 based on the recognized input character.

  As described above, by using the moving image content for character input, the client device 3 in the server device 2B can be used in the server device 2B without performing a unique extension in the communication between the server device 2B and the client device 3 in the fourth embodiment. Can be authenticated.

  Further, according to the fourth embodiment, since one character input moving image content is used, there is no need to display a list of character input content for the number of characters as in the third embodiment. For this reason, even when the display unit 34 of the client device 3 has only a small display screen, the user can input a password.

  In the present embodiment, the case where the character input content is video content has been described, but the character input content may be music content. In this case, the music content for character input is music content in which sounds corresponding to a plurality of characters are sequentially switched. For example, it is assumed that the music content in which the sound that pronounces each letter of the alphabet is switched every predetermined time. The user can input a password by performing an operation of stopping reproduction at a position corresponding to each character while listening to the audio of the music content reproduced by the client device 3 and output from the audio output unit 35. Since the specific processing procedure of password authentication is the same as that in the case of using the moving image content for character input described in this embodiment, the description thereof is omitted.

  Also in this embodiment, the character of the password is not limited to the alphabet, and the character type can be changed by changing the content of the character input content. It is also possible to change the number of characters in the password.

(Fifth embodiment)
FIG. 21 is a block diagram showing a configuration of a content reproduction system according to the fifth embodiment. As shown in FIG. 21, the content reproduction system 1C is obtained by replacing the server device 2B with the server device 2C as compared with the content reproduction system 1B of the second embodiment shown in FIG.

  The server device 2C has a configuration in which the character input content DB 28 is replaced with an authentication content storage unit 30 with respect to the server device 2B of FIG.

  The authentication content storage unit 30 stores authentication content. In the present embodiment, it is assumed that the authentication content is music content in which music of different genres (pops, classics, etc.) are sequentially switched. The authentication content storage unit 30 stores content information of authentication content. The content information of the authentication content includes a content name and a URL indicating the location of the authentication content.

  In the present embodiment, the correspondence table storage unit 29 stores a correspondence table 70 as shown in FIG. In the present embodiment, as will be described later, the confirmation unit 23 authenticates the client device 3 based on the reproduction stop position of the authentication content. The correspondence table 70 is used for authentication of the client device 3 by the confirmation unit 23, and the contents will be described later.

  Next, processing for authenticating the client device 3 by the server device 2C will be described with reference to the flowcharts of FIGS.

  The processing in steps S810 to S830 in FIG. 23 is the same as steps S310 to S330 in FIG. 12 described in the third embodiment, and a description thereof will be omitted.

  If it is determined in step S830 that the client device 3 has not been registered in the authentication DB 24 (step S830: NO), the confirmation unit 23 in step S840 includes a browse response signal including the content information of the authentication content in the response generation unit 25. Is transmitted to the client device 3 via the communication unit 21.

  Here, the browse response signal includes a content name and a URL indicating the location of the authentication content as content information of the authentication content.

  In step S850, the analysis unit 32 of the client device 3 receives the browse response signal from the server device 2C via the communication unit 31, and analyzes it.

  Next, in step S860, the analysis unit 32 causes the reproduction unit 33 to display a content list screen on the display unit 34 based on the content information of the authentication content included in the browse response signal.

  The content list screen displayed here has the same screen configuration as the content list screen 50 of FIG. 14 described in the third embodiment. However, since there is only one content for authentication, only one icon and title display field is displayed.

  When performing an operation for authentication of the client device 3, the user performs an operation of selecting the authentication content from the content list screen on the operation reception unit 36.

  In step S870, the request generation unit 37 determines whether authentication content has been selected from the content list screen based on the operation signal from the operation reception unit 36. If it is determined that it has not been selected (step S870: NO), the request generator 37 repeats the process of S870 until authentication content is selected.

  If it is determined that the authentication content has been selected (step S870: YES), in step S880, the request generation unit 37 generates a content request signal including the URL of the authentication content, and this is transmitted to the server via the communication unit 31. Transmit to device 2.

  Next, in step S890, the analysis unit 22 of the server device 2C receives the content request signal from the client device 3 via the communication unit 21, and analyzes it. The analysis unit 22 notifies the confirmation unit 23 of the URL of the authentication content included in the content request signal.

  Next, in S900, based on the URL notified from the analysis unit 22, the confirmation unit 23 causes the response generation unit 25 to transmit the authentication content data stored in the authentication content storage unit 30 to the client device 3. Let it begin.

  In step S910, the analysis unit 32 of the client device 3 receives the authentication content data from the server device 2C via the communication unit 31, and causes the playback unit 33 to start playback of the authentication content. As a result, the audio output unit 35 starts outputting the audio of the authentication content, and the music of different genres is sequentially played.

  The user performs an operation of instructing the operation reception unit 36 to stop the reproduction of the authentication content when music of a genre predetermined for authentication of the client device 3 is output from the audio output unit 35. .

  In step S920, the request generation unit 37 determines whether or not an instruction to stop the reproduction of the authentication content has been issued based on the operation signal from the operation reception unit 36. If it is determined that playback stop is not instructed (step S920: NO), the request generation unit 37 repeats the process of step S920 until playback stop is instructed.

  If it is determined that an instruction to stop playback has been given (step S920: YES), in step S930, the request generation unit 37 generates an instruction signal for stopping the transmission of the authentication content data, and this is transmitted to the communication unit 31. To the server device 2C.

  Next, in step S940, when receiving the transmission stop instruction signal from the client device 3, the analysis unit 22 of the server device 2C causes the response generation unit 25 to stop transmitting the authentication content data to the client device 3.

  Thereby, in step S950, the playback unit 33 of the client device 3 stops the playback of the authentication content. As a result, the audio output from the audio output unit 35 is stopped.

  In step S960, the response generation unit 25 detects the reproduction stop position on the authentication content when the reproduction is stopped by the client device 3, and notifies the confirmation unit 23 of this. The method in which the response generation unit 25 detects the reproduction stop position is the same as that in the fourth embodiment, and the response generation unit 25 detects the reproduction stop position based on the amount of transmitted data.

  Next, in step S970, the confirmation unit 23 refers to the correspondence table 70 stored in the correspondence table storage unit 29, and determines whether or not the reproduction stop position notified from the response generation unit 25 is within a predetermined permission range. to decide.

  FIG. 25 is an explanatory diagram of an authentication method according to the present embodiment. As shown in FIG. 25, the genre of music output from the audio output unit 35 is switched every predetermined time from the start of the reproduction of the authentication content. The correspondence table 70 defines whether the range of byte positions on the authentication content corresponding to each genre is a permitted range or a rejected range. For example, when the reproduction of the authentication content is stopped according to the user operation during the reproduction of the rock music, the response generation unit 25 detects the byte position at that time as the reproduction stop position. Then, the confirmation unit 23 refers to the correspondence table 70 based on the reproduction stop position, and determines that the reproduction stop position is within the permitted range.

  When it is determined that the reproduction stop position is within the permitted range (step S970: YES), in step S980, the confirmation unit 23 authenticates the client device 3 and registers the client specifying information in the permitted list of the authentication DB 24.

  If it is determined that the reproduction stop position is not within the permitted range (step S970: NO), in step S990, the confirmation unit 23 registers the client specifying information of the client device 3 in the rejection list of the authentication DB 24 as the authentication failure. To do. Thus, the authentication process of the client device 3 ends.

  As described above, by using the authentication content, in the fifth embodiment, the server device 2C authenticates the client device 3 without performing a unique extension to the communication between the server device 2C and the client device 3. It can be performed.

  Further, the server apparatus 2C can authenticate the client apparatus 3 based on whether or not the reproduction stop position is within a predetermined range (permitted range) by stopping the reproduction of the authentication content once. Etc. is unnecessary, so the user's trouble can be reduced.

  Note that the authentication content is not limited to music content, and may be video content. In this case, the video content is such that videos of different genres are switched sequentially so that the user can easily discriminate them.

  The server apparatuses 2 to 2C and the client apparatus 3 according to the above-described embodiments can be configured to realize their functions when the CPU executes a program. The program may be read from a recording medium and taken into the apparatus, or may be transmitted via a communication network or the like and taken into the apparatus.

1-1C Content reproduction system 2-2C Server device 3 Client device 21 Communication unit 22 Analysis unit 23 Confirmation unit 24 Authentication DB
25 Response generator 26 Character input container DB
27 Container / Content DB
28 Content DB for character input
29 correspondence table storage unit 30 authentication content storage unit 31 communication unit 32 analysis unit 33 reproduction unit 34 display unit 35 audio output unit 36 operation reception unit 37 request generation unit

Claims (6)

A confirmation unit for confirming whether or not a client device that is a transmission source of a request signal for requesting information about content or a container is a registered client device;
A response generation unit that generates a response signal to the request signal and transmits the response signal to the transmission source client device,
When the transmission source client device is an unregistered client device, the response generation unit generates a response signal including container specifying information of a character input container corresponding to one or a plurality of characters to generate the response source To the client device
The confirmation unit includes the character input selected by the transmission source client device included in a request signal transmitted from the transmission source client device that has received a response signal including container specifying information of the character input container. A server device that recognizes input of characters in the client device of the transmission source based on container specifying information of a container for use and performs password authentication based on the recognized characters. A confirmation unit for confirming whether or not a client device that is a transmission source of a request signal for requesting information about content or a container is a registered client device;
A response generation unit that generates a response signal to the request signal and transmits the response signal to the transmission source client device,
When the transmission source client device is an unregistered client device, the response generation unit generates a response signal including content specifying information of content for character input corresponding to one or more characters, and transmits the transmission source To the client device
The confirmation unit includes the character input selected by the transmission source client device included in a request signal transmitted from the transmission source client device that has received a response signal including content specifying information of the character input content. A server device that recognizes input of characters in the client device of the transmission source based on content specifying information of content for use and performs password authentication based on the recognized characters. A confirmation unit for confirming whether or not a client device that is a transmission source of a request signal for requesting information about content or a container is a registered client device;
A response generation unit that generates a response signal to the request signal and transmits the response signal to the transmission source client device,
When the transmission source client device is an unregistered client device, the response generation unit is a moving image content in which videos corresponding to a plurality of characters are sequentially switched or a character that is music content in which sounds corresponding to a plurality of characters are sequentially switched Transmitting the input content to the transmission source client device;
The confirming unit determines the character of the transmission source client device based on the reproduction stop position on the character input content when reproduction is stopped in the transmission source client device that reproduces the character input content. A server device that recognizes input and performs password authentication based on the recognized character. A confirmation unit for confirming whether or not a client device that is a transmission source of a request signal for requesting information about content or a container is a registered client device;
A response generation unit that generates a response signal to the request signal and transmits the response signal to the transmission source client device,
The response generation unit, when the transmission source client device is an unregistered client device, transmits authentication content that is video content or music content to the transmission source client device,
The confirmation unit determines whether the transmission stop position on the authentication content when the reproduction is stopped in the transmission source client device that reproduces the authentication content is within a predetermined range. A server device that authenticates an original client device. An authentication method in a server device that performs authentication of a client device,
Checking whether the client device that is the source of the request signal for requesting information about the content or container is a registered client device;
When the transmission source client apparatus is an unregistered client apparatus, a response signal including container specifying information of a character input container corresponding to one or a plurality of characters is generated and transmitted to the transmission source client apparatus. Steps,
Container specification of the character input container selected by the transmission source client device included in the request signal transmitted from the transmission source client device that has received a response signal including container identification information of the character input container An authentication method comprising: recognizing input of characters in the client device of the transmission source based on information, and performing password authentication based on the recognized characters. An authentication method in a server device that performs authentication of a client device,
Checking whether the client device that is the source of the request signal for requesting information about the content or container is a registered client device;
When the transmission source client device is an unregistered client device, a response signal including content specifying information of character input content corresponding to one or a plurality of characters is generated and transmitted to the transmission source client device. Steps,
Content specification of the character input content selected by the transmission source client device included in a request signal transmitted from the transmission source client device that has received a response signal including content specification information of the character input content An authentication method comprising: recognizing input of characters in the client device of the transmission source based on information, and performing password authentication based on the recognized characters.

Images