JP2016106308A - Licensing method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a licensing method capable of preventing the issuance of a license to content of a pirated edition and the forgery of a license.SOLUTION: A system 1 (a first server) generates a license A containing a random number Ra; a system 2 (a second server) generates a license B containing the random number Ra; and a terminal 3 determines whether or not values of the random number Ra shared by the licenses A and B are identical and, if they are identical, allows the use of content C.SELECTED DRAWING: Figure 2

Description

  The present invention relates to a license management method in which use of content is permitted by combining a first license and a second license.

Conventionally, there is known a license management method in which use of content is permitted by combining a first license and a second license. For example, the technique described in Japanese Patent Application Laid-Open No. 2004-139238 discloses a technique of a software license management method, a software license management system, and a computer program.
JP 2004-139238 A

  By the way, the above-described conventional license management method includes first license information (public key Pd) pre-installed in software and second license information (secret key Sd, public key Pm, and secret) supplied by the license holding terminal. In combination with the key Sm), the use of the software is permitted. However, there was a problem that pirated content could not be excluded.

  SUMMARY OF THE INVENTION Accordingly, an object of the present invention is to provide a license method that can prevent issuance of a license for a pirated content or forgery of a license.

  In order to solve the above-described problem, in the licensing method of the present invention, each system (1, 2) has a set of shared information (Ra) shared by a set of licenses (A, B) by a series of processes. It is determined whether or not all match, and the set shared information (Ra) that is permitted to use the content (C) is generated, and each license (A, B) is generated.

According to the present invention, the license method is configured such that the first server issues the first license and the second server issues the second license, so that the first license and the second license of the unique pair are the first. Since it is issued simultaneously by the server and the second server, it is possible to prevent issuance of a license for pirated contents and forgery of the license.
Also, even if a user uploads content to a file sharing site, others cannot use it.

  Hereinafter, embodiments of the present invention will be described in detail.

FIG. 1 is a configuration diagram of a license management system according to the embodiment.
The license management system of the present invention includes a first server 1 for generating a first license A that is a unique pair with the second license B, and a second server for generating a second license B that is a unique pair with the first license A. The server 2 and the terminal 3 for obtaining the first license A and the second license B are configured.

Devices such as the first server 1, the second server 2, and the terminal 3 are connected to a network system such as the Internet 10, and include a CPU, ROM, RAM, HDD (hard disk drive), various interfaces, input / output units, communication LSIs, and the like. The computer part which has.
Here, the input / output unit includes a keyboard, a display, a mouse, and the like.

The first server 1 includes a first encryption key Ka and a second decryption key Kd in its own ROM.
The second server 2 includes a plurality of contents C in its own HDD, and includes a second encryption key Kc and a content encryption key Ke in its own ROM.
The terminal 3 includes an authentication integrated circuit 30 having identification information Id and a first decryption key Kb in its various interfaces. Here, the identification information Id is an identifier assigned to the user or the terminal 3.
The pair of first encryption key Ka and first decryption key Kb, and the pair of second encryption key Kc and second decryption key Kd are keys of a public key cryptosystem such as RSA encryption, and each key is for encryption and decryption. It has unidirectionality that allows only one direction.

The content C includes a content identifier Ic and a program Pc encrypted with the content encryption key Ke.
The first license A includes a set of a random number Ra encrypted with the first encryption key Ka, a content identifier Ic, identification information Id, an expiration date De, and a second decryption key Kd.
The second license B includes a random number Ra encrypted with the second encryption key Kc, a content identifier Ic, identification information Id, an expiration date De, and a content encryption key Ke.
The random number Ra is used to prove that the first license A and the second license B are a unique pair.

Next, a sequence flowchart will be described.
FIG. 2 is a sequence flowchart of the license management system according to the embodiment.
<Identification information allocation>
The terminal 3 transmits an identification information request (not shown) to the first server 1.
The first server 1 that has received the identification information request allocates identification information Id and transmits the identification information Id to the terminal 3 (step S01).
Having received the identification information Id (step S02), the terminal 3 writes the identification information Id into the authentication integrated circuit 30.

<License issuance>
The second server 2 transmits a web page (not shown) to the terminal 3. Here, the Web page includes a plurality of buttons Bu for selecting contents such as downloadable electronic books, music contents, video contents, and software.
The terminal 3 that has received the Web page displays it on its own display, causes the user of the terminal to select one button Bu in the Web page, obtains the identification information Id from the authentication integrated circuit 30, and obtains the identification information. Id and button Bu are transmitted to the second server 2 (step S03).

  Receiving the identification information Id and the button Bu (step S04), the second server 2 reads the content C corresponding to the button Bu from its own HDD (step S05), generates a random number Ra, and generates an expiration date De (step S05). S06), the content identifier Ic of the content C is acquired, and a first license generation request is transmitted to the first server 1 (step S07). Here, the first license generation request includes a random number Ra, a content identifier Ic, identification information Id, and an expiration date De.

  Receiving the first license generation request (step S08), the first server 1 acquires the first encryption key Ka and the second decryption key Kd of its own ROM, the random number Ra, the content identifier Ic, the identification information Id, the expiration date De The first license A is generated by encrypting one set of the second decryption key Kd with the first encryption key Ka (step S09), and the first license A is transmitted to the second server 2 (step S10).

  Receiving the first license A (step S11), the second server 2 acquires the second encryption key Kc and content encryption key Ke of its own ROM, and receives a random number Ra, content identifier Ic, identification information Id, expiration date De and A second license B is generated by encrypting one set of the content encryption key Ke with the second encryption key Kc (step S12), and the first license A, the second license B, and the content C are transmitted to the terminal 3 (step S12). S13).

The terminal 3 that has received the first license A, the second license B, and the content C (step S14) stores the first license A, the second license B, and the content C in its own HDD, and the first license A from the own HDD. The second license B and the content C are read out and sent to the authentication integrated circuit 30.
<License authentication>
The authentication integrated circuit 30 that has received the first license A, the second license B, and the content C decrypts the first license A with its own first decryption key Kb, and acquires the second decryption key Kd from the first license A. The second license B is decrypted with the second decryption key Kd, it is confirmed that the random numbers Ra of the first license A and the second license B match, and the content identifiers of the first license A, the second license B, and the content C Ic is confirmed to match, the first license A, the second license B and the self identification information Id are confirmed to match, and the expiration date De of the first license A and the second license B has passed. License authentication (step S15) is performed to confirm that there is no content, and when license authentication is permitted, the content encryption key Ke is acquired from the second license B. Decoding the program Pc content C by the content encryption key Ke, it sends the program Pc to the terminal 3.
<Content playback>
The terminal 3 that has received the program Pc causes the CPU to execute the program Pc and reproduce the content C on its display (step S16).

In the above embodiment, the content identifier Ic, the identification information Id, and the expiration date De may be provided in either the first license A or the second license B.
The random number Ra may be generated by the first server 1 and transmitted to the second server 2.
The license management system may be configured such that the terminal 3 includes the content C in advance and the second server 2 acquires the content identifier Ic of the content C from the terminal 3. The terminal 3 may be configured to provide the function of the authentication integrated circuit 30 with software executed by its own CPU. The identification information Id in that case is written in the ROM of the terminal 3.

According to the above embodiment, the license management system is configured such that the first server issues the first license and the second server issues the second license, so that the unique pair of the first license and the second license can be obtained. Since it is issued simultaneously by the first server and the second server, it is possible to prevent the issuance of a license for pirated contents and the forgery of the license.
Also, even if a user uploads content to a file sharing site, others cannot use it.

  In the above description, the case where various control programs including the communication control program are stored in the ROM in advance has been described. However, the control program may be recorded on a storage medium readable by the computer unit. With such a configuration, when the program is read from the storage medium by the computer unit and the computer unit executes processing according to the read program, the same operation and effect as those of the apparatus of the above-described embodiment can be obtained.

  Here, the storage medium is a semiconductor storage medium such as RAM or ROM, a magnetic storage type storage medium such as FD or HDD (hard disk drive), an optical reading type storage medium such as CD, DVD or BD, or a magnetic such as MO. Any storage medium that can be read by a computer regardless of electronic, magnetic, optical, or other reading method. May be.

  It is also possible to download, install, and execute a control program via a network system such as the Internet or a LAN.

It is a block diagram of the license management system of an embodiment. It is a sequence flowchart of the license management system of an embodiment.

  DESCRIPTION OF SYMBOLS 1 ... 1st server, 2 ... 2nd server, 3 ... Terminal, 10 ... Internet, 30 ... Integrated circuit for authentication, Ka ... 1st encryption key, Kb ... 1st decryption key, Kc ... 2nd encryption key, Kd ... Second decryption key, Ke ... content encryption key, Id ... identification information, Bu ... button, C ... content, Ic ... content identifier, Pc ... program, A ... first license, B ... second license, Ra ... random number, De ... expiration date

  In order to solve the above-described problem, in the licensing method of the present invention, each system (1, 2) generates one set determination information (Ra), each of which includes the set determination information (Ra) and content ( C) Each license (A, B) that permits use of the license (C) is generated, and the device (3) compares the pair determination information (Ra) of each license (A, B), and each license (A, B) ) Includes a process of determining that the set is a set, and a process of permitting use of the content (C).

  In order to solve the above problem, in the licensing method of the present invention, each system (1, 2) generates one piece of combination determination information (Ra), and each of the contents includes the combination determination information (Ra). (C) each license (A, B) is generated, and the device (3) uses the pair determination information (Ra) of each license (A, B) to generate each license (A, B). B) includes a step of determining whether or not the set is a set and a step of permitting use of the content (C).

According to the present invention, claims 1 to 5 prevent the issuance of a license or forgery of a license for pirated contents because each set of licenses including the pair determination information is continuously issued in each system. Can do.
In addition, it is possible to provide an apparatus that determines whether each license is a set using the group determination information included in each license.
The license method cannot be used by others even if the user uploads content to the file sharing site.

Claims (5)

  In each system (1, 2), through a series of processes, one of the contents (C) is determined by determining whether or not all of the group shared information (Ra) shared by a pair of licenses (A, B) matches. ), And each license (A, B) including each set shared information (Ra) is generated.   An apparatus for judging whether or not all of the respective set shared information (Ra) of each license (A, B) according to claim 1 are matched and permitting the use of the content (C) 3).   An integrated circuit, characterized in that it implements the device (3) according to claim 2.   A control program for causing a computer to function as the device (3) according to claim 2.   A system (1, 2) characterized in that it constitutes one of the systems (1, 2) used to realize the method according to claim 1.

Images