JP2017016680A - Method for controlling remote access to content - Google Patents

Abstract

PROBLEM TO BE SOLVED: To suppress utilization exceeding a range of private use, when transmitting content accumulated at home through an external network, according to digital transmission content protection (DTCP).SOLUTION: Utilization of content by a third party which exceeds a range of private use is suppressed by allowing a terminal to perform remote access to content in a server only during a first prescribed period after a registration date of the terminal to the server. The utilization of the content by the third party which exceeds the range of the private use is preferably suppressed by limiting content usable by remote access from the terminal to the content which is stored before a second prescribed period after the registration date of the terminal to the server.SELECTED DRAWING: Figure 12

Description

  The technology disclosed in the present specification relates to a communication device that encrypts and transmits content using a key shared according to a predetermined mutual authentication and key exchange (AKE) algorithm such as DTCP, and a computer program distribution system. The present invention relates to a communication apparatus and a computer program distribution system for transmitting contents stored in a home via an external network while suppressing use beyond the scope of private use.

  The digitized content is relatively easy to perform illegal operations such as copying and falsification. In particular, in remote access, there is a need for a mechanism for preventing unauthorized use involved in content transmission, that is, copyright protection, while allowing the use of personal or home content. As an industry standard technique regarding transmission protection of digital contents, there is DTCP (Digital Transmission Content Protection) developed by DTLA (Digital Transmission Licensing Administrator).

  In DTCP, an authentication protocol between devices at the time of content transmission and a transmission protocol for encrypted content are decided. To summarize, the DTCP compliant device does not send out compressed content that is easy to handle in an unencrypted state outside the device, and the key exchange required to decrypt the encrypted content is a predetermined mutual authentication. And the key exchange (Authentication and Key Exchange: AKE) algorithm, and limiting the range of devices that perform key exchange using the AKE command.

  DTCP was originally defined for content transmission on a home network using IEEE 1394 or the like as a transmission path. Recently, as typified by DLNA (Digital Living Network Alliance), there has been a full-fledged movement to distribute digital contents via IP networks even at home. Therefore, development of DTCP-IP (DTCP mapping to IP), in which the DTCP technology is ported to the IP network, is underway.

  For example, when using broadcast contents and movies such as movies stored on a home server remotely from outside, it is desirable to prevent them from being used beyond the scope of private use by appropriate control. ing.

  The current DTCP-IP (DTCP-IP Volume 1 Specification Revision 1.4) registers remote access to a server in the home with the intention of restricting the use of content by a third party. It is limited to the terminal that has been. In addition, when registering a terminal with a server in the home, a round trip time (RTT) of a command is limited to a maximum of 7 milliseconds and an upper limit of the number of hops of the IP router is imposed.

  For example, in the AKE procedure at the time of remote access, the above-mentioned restrictions on RTT and TTL are released to enable key sharing for remote access, while pre-registration to the server of the remote access terminal, remote content A proposal has been made for a communication system that restricts remote access from an unspecified number of users by imposing restrictions on the number of access usage and the number of key supply (for example, see Patent Document 1). ).

  However, according to the current DTCP-IP standard, if the terminal is registered only once in the home server, the content in the server can be continuously used by remote access without performing registration again. . For this reason, once a third party's terminal is registered with the server, there is a problem that the third party can continue to use the content in the server.

JP 2011-82952 A

  The purpose of the technique disclosed in this specification is to use content beyond the scope of private use when transmitting content stored in a home via an external network according to a predetermined mutual authentication and key exchange algorithm such as DTCP. An object of the present invention is to provide an excellent communication apparatus and a computer program distribution system that can be suitably suppressed.

The technology disclosed in the present specification has been made in consideration of the above-mentioned problems, and the first aspect thereof is
A storage device for storing computer programs;
A computer program distribution system comprising a communication device that permits download of the computer program in response to receiving a request to download the computer program, the computer program comprising:
A content acquisition unit for acquiring content to be provided to the terminal, or a content recording unit for recording content to be provided to the terminal,
A terminal registration unit for registering terminals that provide content;
A content provider that controls the provision of content to the terminal based on the registration date and time of the terminal;
A computer program written in a computer-readable format to function as
Computer program distribution system.

  However, “system” here refers to a logical collection of a plurality of devices (or functional modules that realize specific functions), and each device or functional module is in a single housing. It does not matter whether or not (hereinafter the same).

In addition, the second aspect of the technology disclosed in this specification is:
A storage device for storing computer programs;
A computer program distribution system comprising a communication device that permits download of the computer program in response to receiving a request to download the computer program, the computer program comprising:
A receiving unit that selects and receives broadcast content,
A terminal registration unit for registering terminals that provide content;
A content providing unit that controls provision of content received by the receiving unit to the terminal under restrictions based on the registration date and time of the terminal;
A computer program written in a computer-readable format to function as
Computer program distribution system.

  According to the third aspect of the technology disclosed in the present specification, the computer program distribution system according to either the first or second aspect provides a terminal that transmits a request to download the computer program. And an information notification device for notifying information indicating the name of the computer program.

  According to a fourth aspect of the technology disclosed in the present specification, the information notification device of the computer program distribution system according to the third aspect includes a remote terminal that stores commercial content recorded in the home together with the name. It is configured to notify information indicating that it is an application to be provided.

  According to a fifth aspect of the technique disclosed in this specification, in the computer program distribution system according to any one of the first and second aspects, the terminal registration unit includes a first predetermined period at a registration date of the terminal. And the content providing unit is configured to restrict the provision of content to the terminal whose expiration date has passed.

  According to a sixth aspect of the technology disclosed in this specification, in the computer program distribution system according to any one of the first and second aspects, the terminal registration unit includes a second predetermined period at a registration date of the terminal. The content providing unit controls the provision of content to the terminal whose acquisition date / time of the content acquisition unit or the recording date / time to the content recording unit is after the limit date / time. It is configured as follows.

  According to a seventh aspect of the technology disclosed in this specification, in the computer program distribution system according to any one of the first and second aspects, the content providing unit is a predetermined number registered in the terminal registration unit The terminal is exempted from restrictions based on the registration date and time and is provided with content.

  According to the eighth aspect of the technology disclosed in this specification, in the computer program distribution system according to either the first or second aspect, a restriction based on the registration date is exempted for each content or each content group. The content providing unit is configured to provide the content regardless of the registration date and time to a terminal exempted from restrictions based on the registration date and time for the content to be provided or the content group including the content. Has been.

  According to a ninth aspect of the technology disclosed in the present specification, the computer program distribution system according to the fifth aspect sets a terminal exempt from a restriction based on an expiration date for each content or each content group. The content providing unit is configured to provide content to a content group including the content to be provided or a terminal in which the exemption is set for the content to be provided regardless of the expiration date.

  According to the tenth aspect of the technology disclosed in the present specification, the computer program distribution system according to the sixth aspect sets a terminal exempt from restriction based on the limit date and time for each content or each content group. The content providing unit is configured to provide content to a content group including content to be provided or a terminal to which the exemption is set for content to be provided regardless of the limit date and time.

  According to an eleventh aspect of the technology disclosed in this specification, in the computer program distribution system according to the second aspect, the content information providing unit provides the content information to the terminal based on the registration date and time of the terminal. Is configured to restrict.

In addition, the twelfth aspect of the technology disclosed in this specification is:
A storage device for storing computer programs;
A computer program distribution system comprising a communication device that permits download of the computer program in response to receiving a request to download the computer program, the computer program comprising:
An input section where user operation information is input,
A registration request unit that makes a registration request to the server that manages the registration date and time,
A content requesting unit that requests content from the server according to operation information input to the input unit;
A content playback unit that is allowed to play back the content from the server under a restriction based on the registration date and time in response to the request for the content;
A computer program written in a computer-readable format to function as
Computer program distribution system.

The thirteenth aspect of the technology disclosed in this specification is:
A storage device for storing computer programs;
A computer program distribution system comprising a communication device that permits download of the computer program in response to receiving a request to download the computer program, the computer program comprising:
An input section where user operation information is input,
A registration request unit that makes a registration request to the server that manages the registration date and time,
A content information browsing unit for browsing information on content that can be provided by the server;
A content requesting unit that requests the server to select content selected via information browsed by the content information browsing unit according to operation information input to the input unit;
A content playback unit that is allowed to play back the content from the server under a restriction based on the registration date and time in response to the request for the content;
A computer program written in a computer-readable format to function as
Computer program distribution system.

  According to a fourteenth aspect of the technology disclosed in this specification, a computer program distribution system according to any one of the twelfth and thirteenth aspects is provided to a terminal that transmits a request to download the computer program. And an information notification device for notifying information indicating the name of the computer program.

  According to a fifteenth aspect of the technology disclosed in this specification, the information notification apparatus of the computer program distribution system according to the fourteenth aspect allows the commercial content recorded in the home together with the name to be viewed at a remote place. It is configured to notify information indicating that the application is permitted to do.

The sixteenth aspect of the technology disclosed in this specification is:
A content acquisition unit that acquires content to be provided to the terminal, or a content recording unit that records content to be provided to the terminal;
A terminal registration unit for registering terminals that provide content;
A content information providing unit that provides information on content that can be provided to the terminal to the terminal;
A content providing unit that provides content selected via content information viewed on the terminal side under restrictions based on the registration date and time of the terminal;
It is a communication apparatus which comprises.

  According to the seventeenth aspect of the technology disclosed in this specification, the content information providing unit of the communication apparatus according to the sixteenth aspect restricts provision of content information to the terminal based on the registration date and time of the terminal. It is configured.

  According to an eighteenth aspect of the technology disclosed in this specification, the content information providing unit of the communication device according to the seventeenth aspect has a predetermined number of terminals registered in the terminal registration unit at a registration date and time. It is configured to provide content information exempt from restrictions based on it.

The nineteenth aspect of the technology disclosed in this specification is:
An input unit for inputting operation information by the user;
A registration request unit that makes a registration request to a server that manages the registration date and time;
A content information browsing unit for browsing information on content that can be provided by the server;
A content requesting unit that requests the server to select content selected via information browsed by the content information browsing unit according to operation information input to the input unit;
In response to the request for content, a content playback unit that is allowed to play back the content from the server under restrictions based on the registration date and time,
It is a communication apparatus which comprises.

  According to a twentieth aspect of the technology disclosed in this specification, the content information browsing unit of the communication device according to the nineteenth aspect relates to content that can be provided by the server under a restriction based on a registration date / time to the server. Information can be browsed.

  According to the technology disclosed in the present specification, when content stored in a home is transmitted via an external network according to a predetermined mutual authentication and key exchange algorithm such as DTCP, the usage beyond the range of private use is achieved. An excellent communication apparatus and a computer program distribution system that can be suitably suppressed can be provided.

  According to the technology disclosed in this specification, remote access from a terminal to a server in the home is restricted based on the date and time of registration with the server of the terminal, so that a third party who has registered once continues to use it. And the use of content beyond the scope of private use can be suitably suppressed.

  Further, according to the technology disclosed in the present specification, it is possible to remotely access the content in the server from the terminal only during the first predetermined period from the registration date and time of the terminal to the server, that is, from the registration date and time. By prohibiting remote access after the first predetermined period has elapsed, use of content beyond the scope of private use by a third party can be suppressed.

  Further, according to the technology disclosed in the present specification, the content that can be used by the terminal by remote access is limited to the content recorded before the second predetermined period from the registration date and time of the terminal to the server. Thus, the use of content that exceeds the range of private use by a third party can be suitably suppressed.

  In addition, according to the technology disclosed in the present specification, up to a predetermined number of terminals, by exempting the restriction of remote access based on the date and time of registration with the server, content usage within the scope of private use can be avoided. Convenience can be ensured.

  Further, according to the technology disclosed in the present specification, by setting a terminal exempt from remote access restrictions based on the registration date and time to the server for each content or for each group of content, for example, It is possible to ensure the convenience of content use within the range of private use by a plurality of terminals for each member.

  Other objects, features, and advantages of the technology disclosed in the present specification will become apparent from a more detailed description based on the embodiments to be described later and the accompanying drawings.

FIG. 1 is a diagram schematically illustrating a configuration example of a communication system 100 to which the technology disclosed in this specification is applied. FIG. 2 is a diagram schematically illustrating another configuration example of the communication system 200 to which the technology disclosed in this specification is applied. FIG. 3 is a diagram schematically illustrating a functional configuration of the communication apparatus 300 that operates as the servers 101 and 201 in FIGS. 1 and 2. FIG. 4 is a diagram schematically illustrating a functional configuration of the communication apparatus 400 that operates as the terminals 102 and 202 in FIGS. 1 and 2. FIG. 5 is a diagram showing a procedure for registering a sink for remote access described in the DTCP specification in the source. FIG. 6 is a diagram showing a procedure for registering a sink device that performs remote access in a source device together with an expiration date. FIG. 7 is a diagram exemplifying registered contents of a remote sink registry in which a sink-ID and an expiration date are paired. FIG. 8 is a diagram schematically showing a procedure for performing content transmission by remote access between a source device and a sink device. FIG. 9 is a diagram schematically showing the contents of the content list browsing phase (SEQ 801). FIG. 10 shows the V1SE. It is the figure which showed the content of RA-AKE procedure phase described in 10.7.2. FIG. 11 is a diagram showing the contents of the RA-AKE procedure phase including the process of deleting the expired Sink-ID from the remote sink registry. FIG. 12 is a flowchart showing the procedure of the maintenance process of the remote sink registry. FIG. 13 is a diagram showing a procedure for registering a sink device that performs remote access in the source device together with the limit date and time. FIG. 14 is a diagram exemplifying registered contents of a remote sink registry in which a sink-ID and a limit date / time are paired. FIG. 15 is a diagram showing a state in which the remote access exchange key K _R and its exchange key label K _{R —} label are associated with the Sink-ID and stored as a RAC record. Figure 16 is a diagram schematically showing the contents of a content transmission phase for transmitting encrypted (SEQ803) using the exchange key K _R for remote access. FIG. 17 is a flowchart showing a procedure of content output management processing performed in SEQ1602. FIG. 18 is a diagram schematically showing the contents of the content transmission phase (SEQ803) including content output management based on the expiration date. FIG. 19 is a flowchart showing a processing procedure of content output management performed in SEQ1802. FIG. 20 is a flowchart showing a processing procedure of content output management when a terminal exempting application of remote access restriction based on an expiration date is registered. FIG. 21 is a flowchart showing a processing procedure of content output management in a case where a terminal exempting application of remote access restriction based on the limit date is registered. FIG. 22 is a flowchart showing a processing procedure for restricting provision of CDS information based on an expiration date of a sink device to be remotely accessed. FIG. 23 is a flowchart showing a processing procedure for exempting the CDS information provision restriction based on the expiration date of the sink device in the content list browsing phase. FIG. 24 is a flowchart showing a processing procedure for restricting the provision of CDS information based on the limit date and time of the sink device to be remotely accessed. FIG. 25 is a flowchart showing a processing procedure for exempting the CDS information provision restriction based on the limit date and time of the sink device in the content list browsing phase. FIG. 26 is a diagram showing a configuration of a computer program distribution system 2600.

  Hereinafter, embodiments of the technology disclosed in this specification will be described in detail with reference to the drawings.

A. System Configuration FIG. 1 schematically shows a configuration example of a communication system 100 to which the technology disclosed in this specification is applied. The illustrated communication system 100 includes a server 101 and a terminal 102 connected on a home network 110 installed in a home. In the figure, for simplification, only one server and one terminal are depicted, but it is assumed that two or more servers and terminals are installed on the home network.

  The server 101 stores content to be provided to the terminal 102. The server 101 is, for example, broadcast content received by terrestrial digital broadcasting, commercial content such as a movie read from a recording medium (not shown) such as a Blu-ray disc, and download from a content server (not shown) on the Internet. Accumulated content.

  DTCP technology is applied to content transmission between the server 101 and the terminal 102 via the home network 110. Accordingly, the terminal 102 that wants to use the content performs mutual authentication with the server 101 and shares the key in accordance with a predetermined mutual authentication and key exchange (AKE) algorithm, and then stores the content stored in the server 101. Can be requested. The server 101 encrypts and transmits the requested content using the shared key. The server 101 that provides content corresponds to a source device, and the terminal 102 that uses the content corresponds to a sink device.

  When the terminal 102 wants to access the server 101 from outside the home network 110 such as a place where the user is out, the terminal 102 needs to be pre-registered in the server 101 on the home network 110.

  FIG. 2 schematically illustrates another configuration example of the communication system 200 to which the technology disclosed in this specification is applied. The illustrated communication system 200 includes a server 201 connected on a home network 210 installed in a home and a terminal 202 connected on an external network 220 such as the Internet. The home network 210 and the external network 220 are interconnected via a router 230 in accordance with an IP (Internet Protocol) protocol. In the figure, for simplification, only one server and one terminal are shown, but two or more servers are installed on the home network 210, and there are terminals on the home network 210. It is also assumed that two or more terminals are connected on the external network 220.

  The server 201 stores content to be provided to the terminal 202 such as broadcast content and commercial content. The DTCP-IP technology is applied to content transmission between the server 201 and the terminal 202 via the home network 210 and the external network 220. Therefore, the terminal 202 that wants to use the content needs to be registered in advance in the server 201 on the home network 210 (described above). The terminal 202 can request content stored in the server 201 after mutual authentication with the server 201 and sharing of the exchange key via the IP network including the home network 210 and the external network 220. The server 201 encrypts and transmits the requested content using the shared exchange key. The server 201 that provides content corresponds to a source device, and the terminal 202 that uses the content corresponds to a sink device.

  FIG. 3 schematically illustrates a functional configuration of the communication apparatus 300 that operates as the servers 101 and 201 (that is, the source device) in FIGS. 1 and 2.

  The communication / control unit 301 controls the communication operation via the home network and the external network, and controls the overall operation of the communication device 300. Further, the communication / control unit 301 includes an interface for connecting to an external device such as HDMI (High Definition Multimedia Interface) or USB (Universal Serial Bus) (or for digital output of content), and includes a hard disk device, A recording / playback device such as a Blu-ray disc device can be connected.

  The content recording unit 302 records content to be provided to the terminal via the home network and the external network. Each content recorded in the content recording unit 302 holds a recording date and time and an access date and time under the management of a general file system.

  In this embodiment, remote access restrictions may be set for each content recorded in the content recording unit 302, or a plurality of contents may be grouped to set remote access restrictions for each content group. The details will be given later. The content recording unit 302 also records metadata of each content or content group.

  The content acquisition unit 303 acquires content to be provided to the terminal. The content acquisition unit 303 includes a terrestrial digital broadcast tuner, for example, and acquires broadcast content. In this case, the content acquisition unit 303 is based on specifications defined by, for example, ARIB (Association of Radio Industries and Businesses). The content acquisition unit 303 includes, for example, a reception function for all or part of a broadcast channel segment, an EPG (Electronic Program Guide) function (program search, program information display, program reservation), HDCP (High-bandwidth Digital Content), and the like. A copy control function based on the (Protection) specification and the like, a content protection function for encrypting a broadcast content when it is limitedly received or when the received broadcast content is externally output, and the like.

  The content acquisition unit 303 includes a media playback device such as a Blu-ray disc, and reads commercial content such as movies from the media. The content acquisition unit 303 includes a browser and downloads paid or free content from a content server (not shown) on the Internet. The content acquisition unit 303 may record the acquired content in the content recording unit 302 as necessary. In addition, the content acquisition unit 303 may acquire content to be provided to the terminal from the content recording unit 302.

  The acquisition date and time of broadcast content, commercial content, etc. is the current date and time when the content acquisition unit 303 receives the broadcast content or reads the commercial content. The acquisition date and time of the content in the content recording unit 302 is the recording date and time when the content is recorded, and is managed by the file system or the like. In the present embodiment, there is one feature in that the provision of content is restricted based on the acquisition date or recording date of the content to a remotely accessed terminal, and details thereof will be described later.

  In response to a request from the terminal, the content providing unit 304 provides the content acquired by the content acquisition unit 303 to the terminal. The content providing unit 304 transmits content to the terminal using, for example, an HTTP (Hyper Text Transfer Protocol) protocol. The content providing unit 304 encrypts the content to be transmitted using the exchange key shared with the terminal by the authentication / key sharing unit 306. When a terminal requests content by remote access from an external network, the terminal must be registered in advance in the terminal management unit 307. In the present embodiment, the content providing unit 304 has one feature in that content provision is limited based on the registration date and time and the content acquisition date and time to a remotely accessed terminal. Details thereof will be described later. Give up.

  For example, in response to a request from the terminal, the content list providing unit 305 provides the terminal with a list of contents that can be provided to the terminal and detailed information. As can be seen from the above, the content that the servers 101 and 201 can provide to the terminal includes broadcast content received by the content acquisition unit 303, commercial content read from the media, and content already recorded in the content recording unit 302. . For providing the content list, for example, a content directory service (CDS) function that distributes the content list and the detailed information of the content in a hierarchy, which is formulated in UPnP (Universal Plug and Play) which is the base of DLNA, is applied. Is done. In the present embodiment, there is one feature in that the provision of content is restricted based on the registration date / time and the content acquisition date / time with respect to a terminal to be remotely accessed. Details thereof will be described later.

The authentication / key sharing unit 306 shares the exchange key for mutual authentication and content encryption according to the authentication and key exchange (AKE) algorithm defined by the DTCP-IP with the terminal that requests the content. Do. Authentication and key sharing unit 306 for the terminal coming requesting content by remote access from the external network, and share the exchange key K _R for remote access (see below).

  The terminal management unit 307 manages information on a terminal that requests content. The terminal management unit 307 performs pre-registration processing for a terminal that uses content by remote access from an external network, and information on the terminal as “remote sink registry” or “RAC (Remote Access Connection) registry”. The details will be given later. Content usage should be limited to private use. In the present embodiment, the use of content is restricted to the range of private use by restricting the provision of the content based on the registration date / time and the content acquisition date / time to the remote access terminal. There are three characteristics, but the details will be given later.

  Note that the functional blocks 303 to 307 can also be realized as application programs executed on the upper level of the operating system or TCP / IP protocol in the communication / control unit 301. In addition, this type of application program can be distributed at a predetermined download site over a wide area network such as the Internet, and is a multi-function such as a digital broadcasting tuner, a TV receiver (CE) device such as a TV receiver, a smartphone, etc. It is downloaded to the terminal for use.

  Such a download site includes, for example, a server 2610 including a storage device 2611 that stores a computer program and a communication device 2612 that accepts the download in response to receiving a download request for the computer program ( The computer program distribution system 2600 is configured together with a client device (DTCP_Source or DTCP_Sink) for installing the downloaded computer program. This type of server further includes an information notification device 2613 for notifying information indicating the name of the computer program in response to a download request for the computer program from the client. The information notification device 2613 notifies the computer program name and information indicating that the application provides a commercial content recorded in the home to a remote terminal, for example.

  FIG. 4 schematically illustrates a functional configuration of the communication apparatus 400 that operates as the terminals 102 and 202 (that is, the sink) in FIGS. 1 and 2.

  The communication / control unit 401 controls the communication operation via the home network and the external network, and comprehensively controls the operation of the communication device 400 as a whole.

  The content list browsing unit 402 makes a content list acquisition request to the servers 101 and 201 serving as the sources, and displays the acquired content list browsing screen. For example, when a list of contents that can be provided by the servers 101 and 201 is acquired as CDS information (described above), a contents list screen is displayed. The user can select contents to be reproduced and output through this list screen. In the present embodiment, in the case of the terminal 202 that remotely accesses the server 201, there is one feature in that the list of contents that can be provided is limited based on the registration date and time and the content acquisition date and time in the server 201. The details will be described later.

  The content acquisition unit 403 transmits a content acquisition request to the servers 101 and 201 to acquire content in the server. For example, the content acquisition unit 403 requests acquisition of content selected by the user in the content list screen displayed by the content / list browsing unit 402. For example, an HTTP protocol is used for content acquisition requests to the servers 101 and 201 and content acquisition (described later). In the present embodiment, in the case of the terminal 202 that remotely accesses the server 201, there is one feature in that the content that can be acquired is limited based on the registration date and time and the content acquisition date and time in the server 201. Details will be given later.

  The content acquired from the servers 101 and 201 is encrypted using the exchange key shared with the servers 101 and 201 by the authentication / key sharing unit 406. The content decrypting unit 404 decrypts the encrypted content acquired from the servers 101 and 201 using this encryption key. Then, the content reproduction output unit 405 reproduces and outputs the decrypted content.

The authentication / key sharing unit 406 is an encryption key for mutual authentication and content encryption according to an authentication and key exchange (AKE) algorithm defined by DTCP-IP with the servers 101 and 201 that are content request destinations. Share. Authentication and key sharing unit 406, between the server 201 to request the content by remote access from the external network, and share the exchange key K _R for remote access. The authentication / key sharing unit 406 performs pre-registration for remote access to the server 101 when the home network 210 is connected.

  The functional blocks 402 to 406 can also be realized as application programs executed on the upper level of the operating system or TCP / IP protocol in the communication / control unit 401. This type of application program can be distributed on a predetermined download site over a wide area network such as the Internet, and downloaded to a multifunction terminal that plays back content in a home server such as a smartphone. The

  Such a download site includes, for example, a server 2610 including a storage device 2611 that stores a computer program and a communication device 2612 that accepts the download in response to receiving a download request for the computer program ( The computer program distribution system 2600 is configured together with a client device (DTCP_Source or DTCP_Sink) for installing the downloaded computer program. This type of server further includes an information notification device 2613 for notifying information indicating the name of the computer program in response to a download request for the computer program from the client. The information notification device 2613 notifies information indicating that the application is permitted to browse commercial content recorded in the home, for example, together with the name of the computer program.

  In this embodiment, the remote access from the terminal 202 to the server 201 as shown in FIG. 2 is controlled based on the registration date / time to the server 201, and the remote access is restricted when a predetermined period elapses from the registration date / time. (To be described later). In the remote access terminal 202, for example, the authentication / key sharing unit 406 manages the registration date and time in the server 201, and automatically executes a re-registration procedure before a predetermined period of time elapses, so that remote access is not restricted. As described above, the registration date and time may be refreshed.

B. Registration Procedure FIG. 5 shows a DTCP specification, DTCP Volume 1 Supplement E Mapping DTCP to IP, Revision 1.4ed1 (Informational Version) V1SE. Fig. 10 illustrates a procedure for registering a sink device for remote access to a source device described in section 10.7.1. In the figure, it is understood that the sink device corresponds to the terminal 202 and the source device corresponds to the server 201.

  First, an AKE procedure is performed between a source device and a sink device under the restriction of RTT (Round Trip Time) (SEQ501). For example, if the source device and the sink device are in the home network 210, the RTT restriction is cleared and the AKE procedure ends successfully. Since the RTT-AKE procedure itself is not directly related to the gist of the technique disclosed in this specification, a detailed description thereof is omitted here.

  Next, the sink device sends the command RA_REGISTER. Using CMD, the user's own Sink-ID is transmitted to the Source device (SEQ502).

  Here, the Sink device transmits its own Device ID or IDu as the Sink-ID (the Sink device implements the Common Device Key and the Common Device Certificate, and the Device ID becomes the specific information of the Sink. If not, IDu is used as the Sink-ID).

  The Source device is RA_REGISTER. It is checked whether the Sink-ID received by the CMD matches the Device ID or IDu received by the RTT-AKE procedure completed immediately before.

  Further, the source device checks whether the received sink-ID is already stored in the remote sink registry (managed by the terminal management unit 307). If the received Sink-ID is already stored, this procedure is terminated.

  On the other hand, when the received sink-ID is not yet stored in the remote sink registry, the source device confirms that the remote sink registry is not full. Then, if the received sink-ID matches the device ID or IDu received in the RTT-AKE procedure completed immediately before and the remote sink registry is not full, the source device additionally stores in the remote sink registry ( SEQ504).

  Also, the source device sends the registered result to the command RA_REGISTER. Return to the sink device with RSP (SEQ503).

  Considering this by applying to the communication system 200 shown in FIG. 2, the server 201 as the source device receives the sink-ID of the terminal 201 (when connected to the home network 210) that has succeeded in the RTT-AKE procedure. Then, it is additionally stored in the remote sink registry managed by the terminal management unit 307.

  Here, if the server 201 continues to hold the sink-ID once registered in the remote sink registry, once the third party terminal is registered in the server once, the third party continues to use the content in the server. There is a problem of being able to.

  Therefore, in this embodiment, the server 201 restricts remote access from the terminal 202 based on the registration date and time of the terminal 202 to the server 201, thereby preventing a third party who has once registered from continuing to use. In addition, the use of content beyond the scope of private use is suitably suppressed.

C. Restrict remote access based on registration date (1)
As one of the methods for restricting remote access from the terminal 202 based on the registration date and time, the server 201 allows the terminal to allow remote access for a first predetermined period (for example, 30 days) from the registration date and time. The method of setting as a time limit is mentioned. If the terminal 202 that requested remote access to the content is within the expiration date, the server 201 permits the use of the content, but does not permit remote access from the terminal 202 that has passed the expiration date.

  For example, when registering the terminal 202 in the remote sink registry, the server 201 calculates the expiration date of the terminal 202 by adding the first predetermined period to the current date and time, and pairs the expiration date with the sink-ID. Thus, it may be stored in the terminal management unit 307.

  FIG. 6 illustrates a procedure for registering a sink device that performs remote access in a source device together with an expiration date. However, the Source device corresponds to the server 201 installed in the home network 210 and transmits content, and the Sink device corresponds to the terminal 202 that requests content from the server 201 (the same applies hereinafter). The Sink device once performs the registration procedure shown in FIG. 6 on the home network 210 and then remotely accesses the server 201 from the external network 220 such as the Internet.

  First, an AKE procedure is performed between a source device and a sink device under the restriction of RTT (Round Trip Time) (SEQ601).

  When the RTT-AKE procedure is successfully completed, the sink device transmits the command RA_REGISTER. Using CMD, the user's own Sink-ID is transmitted to the Source device (SEQ602).

  On the other hand, the Source device has RA_REGISTER. Whether the sink-ID received by the CMD matches the device ID or IDu received by the RTT-AKE procedure completed immediately before, is not yet stored in the remote sink registry, and whether the remote sink registry is not full. To check. Then, when these conditions are cleared and the sink-ID is additionally stored in the remote sink registry, the source device uses the command RA_REGISTER. It returns to the sink device by RSP (SEQ603).

  Further, when the source device acquires the current date and time as the registration date and time of the sink device (SEQ604), the source device adds the first predetermined period (for example, 30 days) as the effective period of the sink device registration to the current date and time. When the time limit is calculated (SEQ 605), the sink-ID / expiration date pair is stored in the remote sink registry (SEQ 606).

  FIG. 7 illustrates the registered contents of the remote sink registry in which the sink-ID and the expiration date are stored as a pair. However, the management of terminal registration date / time and expiration date information as shown in FIG. 7 is not performed individually in the server 201 on the home network 210, but on a management server placed on the cloud or the like. You may make it carry out centrally.

  The source device (server 201) indicates the current date and time as the registration date and time, for example, a clock function built in the server (not shown in FIG. 3), a time signal included in the broadcast wave (for example, the content acquisition unit 303 has a tuner function). It can be obtained from time information obtained from a server (not shown) on the network.

  The terminal 202 manages the registration date and time to the server 201 with the authentication / key sharing unit 406 or the like so that remote access to the server 201 is not restricted based on the registration date and time without the user's knowledge. Then, the re-registration procedure (that is, the restart of the processing sequence shown in FIG. 6) is automatically executed before the predetermined period elapses, so that the registration date and time is refreshed so that remote access is not restricted. May be. Of course, the user of the terminal 202 may refresh the registration date and time by manual operation.

FIG. 8 schematically shows a procedure for performing content transmission by remote access between the Source device and the Sink device after the above pre-registration. In the illustrated content transmission, the remote access exchange key is implemented by performing a mutual authentication and key exchange procedure between the source device and the sink device, and a content list browsing phase (SEQ801) for designating the content that the sink device requests to transmit. and K share _R RA-AKE procedure phase (SEQ802), has been the content specified in the content list view phase, consisting of the content transmission phase for transmitting encrypted (SEQ803) using the exchange key K _R for remote access .

  FIG. 9 schematically shows the contents of the content list browsing phase (SEQ801).

  From the sink device, a content list browsing request is issued from the content list browsing unit 402 (SEQ901).

  In the present embodiment, the content list browsing is applied with a content directory service (CDS) function, which is developed by UPnP, which is a DLNA base, and distributes a content list and detailed content information in a hierarchy. . Therefore, in SEQ901, a CDS: Browse action is issued from the sink device.

  The browse request for the content list includes a Sink-ID that identifies the sink device. As a means for sending a Sink-ID by a CDS: Browse request, it is conceivable to newly provide a header field (for example, SinkID.dtcp.com) and send it as an HTTP header part as a parameter.

  On the source device side, content that can be provided by the content providing unit 304 (for example, broadcast content or commercial content that can be acquired by the content acquisition unit 303, or content that is already recorded in the content recording unit 302 that is its own storage) Since the CDS: Browse action has been issued, the content list providing unit 305 obtains all obtainable content information regarding the corresponding content (SEQ902), and generates CDS information with a sufficient amount of information. (SEQ903). The source device may restrict the provision of the CDS information to the sink device to be remotely accessed based on the expiration date of the sink device (described later). Then, the Source device returns a CDS Result to the Sink device (SEQ904).

  On the sink device side, the content list browsing unit 402 analyzes the received CDS Result and displays the content information including the title of the content and more detailed information (SEQ905).

  FIG. 22 is a flowchart showing a processing procedure for the source device to restrict the provision of CDS information to the sink device to be remotely accessed based on the expiration date of the sink device in the content list browsing phase (SEQ801). It is shown in the form of

  First, the source device clears content information that can be provided (step S2201).

  Next, the source device acquires the expiration date corresponding to the sink-ID of the requesting sink device from the remote sink registry (step S2202), and acquires the current date and time (step S2203).

  Then, the source device checks whether or not the current date has passed the expiration date of the requesting sink device (step S2204). If the current date and time has passed the expiration date (No in step S2204), the subsequent content information adding process is skipped, and the content information is transmitted while it is empty (step S2208).

  On the other hand, when the current date and time have not passed the expiration date of the requesting sink device (Yes in step S2204), content information is created as usual. That is, until all the content information is processed (No in step S2205), the content information of the unprocessed content is referred to (step S2206), and the content information is added to the content information that can be provided (step S2207). , Repeat. Then, the source device transmits the completed content information to the requesting sink device (step S2208).

  The processing procedure shown in FIG. 22 is performed, for example, in SEQ903 in the sequence diagram shown in FIG. However, the source device does not necessarily need to perform this processing procedure, and may provide content information for all content that can be provided by itself regardless of the expiration date of the sink device.

  The user of the sink device can select content to be reproduced from the displayed content list. When the content is selected, transmission of the content from the source device to the sink device is started. Before the content transmission, mutual authentication and key exchange for remote access between the sink device and the source device, that is, RA-AKE processing is performed.

  FIG. 10 shows V1SE. Of the DTCP specification (described above). Details of the contents of the RA-AKE procedure phase (SEQ802) described in Section 10.7.2 are shown.

The sink device transmits a CHALLENGE command including an exchange key field in which a bit for remote access exchange K _R (Remote Exchange Key) is set, and requests the source device to perform an AKE process (SEQ1001). Then, the challenge / response portion of the authentication procedure is executed between the source device and the sink device (SEQ1002 to 1004).

However, when the bit for K _R of CHALLENGE command is not set, Source device aborts the RA-AKE procedure, it is possible to continue the AKE procedure other than RA-AKE.

  When the source device receives the device ID or IDu as a sink-ID from the sink device in the challenge / response procedure (SEQ1005), the source device registers the remote-sink registry managed in the terminal management unit 307 of the source device. It is checked whether it has been done (SEQ1006).

  If the Sink-ID is not listed in the remote sink registry (NO in SEQ1006), the Source device transmits an AKE_CANCEL command to the Sink device (SEQ1014), and cancels the RA-AKE procedure (SEQ1015).

  On the other hand, when the sink-ID is already registered in the remote sink registry (YES in SEQ1006), the source device determines whether or not the RAC record corresponding to the sink-ID already exists. The contents in the registry (described later) are checked (SEQ1007).

When the RAC record corresponding to the Sink-ID exists (Yes in SEQ1007), the source device uses the remote access exchange key K _R and the exchange key label K _R _label stored in the RAC record. Decide on. Alternatively, if the source device does not transmit content using the remote access exchange key K _R , the source device refers to the inside of the RAC record and updates the stored values of K _R and K _R _label. You may make it (SEQ1013).

If the sink-ID has already been registered in the remote sink registry, but the corresponding RAC record does not exist (No in SEQ1007), the source device determines whether the count value RACC for counting the RAC record is less than RACC _max . Is checked (SEQ1008). Here, RACC _max is a counter that counts remote access connections, and is initialized to zero when there is no remote access connection.

When the RACC is not less than the RACC _max (NO in SEQ1008), the source device transmits an AKE_CANCEL command to the sink device (SEQ1014), and cancels the RA-AKE procedure (SEQ1015).

If RACC is less than RACC _max (SEQ1008 of Yes), Source device, after incrementing by 1 the value of the RACC (SEQ1009), according to a predetermined calculation rule, exchange key K _R and exchange key label for remote access K and generates an _R _label (SEQ1010), these in association with Sink-ID of the Sink device, and stores the RAC record in RAC registry (SEQ1011). The server 201 manages the RAC record in the terminal management unit 307, for example. FIG. 15 shows a state in which the remote access exchange key K _R generated for the sink device and the exchange key label K _{R —} label are stored as RAC records in association with the sink-ID.

Then, the source device can use the remote access exchange key K _R extracted from the existing RAC record and its exchange key label K _R _label (including the case where it is updated), or a newly generated remote access exchange key K. _R and its exchange key label K _{R —} label are transmitted to the sink device (SEQ1016).

Source device if it supports RA_MANAGEMENT function, to initiate K _R for survival timer for maintaining the replacement K _R for remote access, for holding at least one minute K _R (SEQ1012).

V1SE. Of the DTCP specification shown in FIG. In the RA-AKE procedure described in Section 10.7.2, the source device confirms that the sink device's sink-ID is registered in the remote sink registry in the first condition determination SEQ1006. and exchange to share the key K _R for access.

  As described above, if the source device continues to hold the sink-ID once registered in the remote sink registry, once the third-party terminal is registered in the server, the third-party uses the content in the server thereafter. There is a problem of being able to continue.

  Therefore, in this embodiment, the source device sets an expiration date from the registration date and time to the sink-ID registered in the remote sink registry (see FIGS. 6 and 7), and the sink-ID whose expiration date has expired. Is deleted from the remote sink registry, so that a third party once registered is prevented from continuing to use, and the use of content exceeding the range of private use is suitably suppressed. The deletion process of the sink-ID whose expiration date has expired can be performed, for example, in the source device.

  FIG. 11 shows the details of the contents of the RA-AKE procedure phase (SEQ802) including the process of deleting the expired Sink-ID from the remote sink registry.

Sink device sends laden CHALLENGE command the exchange key field bit is set in the replacement K _R for remote access, requesting the AKE process on Source device (SEQ1101), Source between the device and the Sink Device Thus, the challenge / response portion of the authentication procedure is executed (SEQ 1102 to 1104). Then, the source device can receive the device ID or IDu as a sink-ID from the sink device in a challenge / response procedure (SEQ1105).

  Here, the source device performs maintenance of the remote sink registry, that is, the process of deleting the expired sink-ID from the remote sink registry (SEQ1106). By deleting the Sink-ID whose expiration date set based on the registration date and time from the remote sink registry, it is prevented that a registered third party continues to use it. It is assumed that only entries within the validity period remain after the maintenance process of the remote sink registry is performed. Details of the maintenance process of the remote sink registration will be described later.

  Next, the source device checks whether or not the received sink-ID is listed in the remote sink registry managed in its own terminal management unit 307 (SEQ 1107).

  When the Sink-ID is not listed in the remote sink registry (No in SEQ1107), the Source device transmits an AKE_CANCEL command to the Sink device (SEQ1116) and cancels the RA-AKE procedure (SEQ1117).

  On the other hand, when the sink-ID is listed in the remote sink registry (YES in SEQ1107), the source device determines whether or not the RAC record corresponding to the sink-ID already exists. The inside is checked (SEQ 1108).

When the RAC record corresponding to the Sink-ID exists (Yes in SEQ1108), the source device uses the remote access exchange key K _R and the exchange key label K _R _label stored in the RAC record. Decide on. Alternatively, if the source device does not transmit content using the remote access exchange key K _R , the source device refers to the inside of the RAC record and updates the stored values of K _R and K _R _label. You may make it (SEQ1114).

The sink-ID is listed in the remote sink registry, but if the corresponding RAC record does not exist (No in SEQ1108), the source device determines whether the count value RACC for counting the RAC record is less than RACC _max . Is checked (SEQ1109).

When the RACC is not less than the RACC _max (NO in SEQ 1109), the source device transmits an AKE_CANCEL command to the sink device (SEQ 1115), and cancels the RA-AKE procedure (SEQ 1116).

If RACC is less than RACC _max (SEQ1109 of Yes), Source device, after incrementing by 1 the value of the RACC (SEQ1110), according to a predetermined calculation rule, exchange key K _R and exchange key label for remote access K and generates an _R _label (SEQ1111), these in association with Sink-ID of the Sink device, and stores the RAC record in RAC registry (SEQ1112). The server 201 manages the RAC record in the terminal management unit 307, for example. FIG. 15 shows a state in which the remote access exchange key K _R generated for the sink device and the exchange key label K _{R —} label are stored as RAC records in association with the sink-ID.

Then, the source device can use the remote access exchange key K _R extracted from the existing RAC record and its exchange key label K _R _label (including the case where it is updated), or a newly generated remote access exchange key K. _R and its exchange key label K _{R —} label are transmitted to the sink device (SEQ 1117). Also, Source device if it supports RA_MANAGEMENT function, to initiate K _R for survival timer for maintaining the replacement K _R for remote access, for holding at least one minute K _R (SEQ1113).

  In the maintenance process of the remote sink registry performed in SEQ1106, refer to the registration contents of the remote sink registry (see FIG. 7) stored as a pair of the sink-ID and the expiration date, and refer to the registration date and time. The Sink-ID entry whose set expiration date has expired is deleted from the remote sink registry. This maintenance processing can be performed in the server 201 as a source device, but it may be performed together with management of terminal registration date and time information on a management server placed on the cloud or the like. Good.

  FIG. 12 shows a maintenance process procedure of the remote sink registry in the form of a flowchart. In the following, for the sake of convenience, description will be made assuming that maintenance processing is performed in the server 201 as a source device. This maintenance process is performed, for example, by the authentication / key sharing unit 306 in the server 201 during the RA-AKE procedure phase.

  In the remote sink registry managed in the terminal management unit 307, the server 201 relates to the sink device whose expiration date has not been confirmed (No in step S1201), and sets the expiration date stored as a pair with the sink-ID. Reference is made (step S1202), and it is checked whether or not the current date has passed the expiration date (step S1203). Then, the entry of the sink-ID whose current date and time has passed the expiration date (step S1203: Yes) is deleted from the remote sink registry (step S1204).

  And it repeats until it completes the process of step S1202-S1204 about all the entries of Sink registered in the remote sink registry (Yes of step S1201).

  The maintenance process of the remote sink registry shown in FIG. 12 is not performed individually by each server 201 (in other words, performed in units of the home network 210 in which the server 201 is installed), but a management server on the cloud, etc. Thus, the remote sink registry of the server 201 in each home may be centrally managed.

  Further, the maintenance process of the remote sink registry as shown in FIG. 12 is not sequentially performed during the RA-AKE procedure, but the server 201 or a management server on the cloud (whether or not to execute the RA-AKE procedure). (Despite this) it may be done periodically.

  Further, in FIGS. 11 and 12, the expiration date confirmation process is executed for all entries in the remote sink registry in one maintenance process, but the sink that is the target of the RA-AKE procedure is used. -Only the entry corresponding to the ID may be subjected to the expiry date confirmation process (deletion process for entries that have expired).

In addition, instead of performing the deletion process of the record of the terminal whose expiration date has passed in the RA-AKE procedure phase, “content output management” that restricts the transmission of the content to the terminal whose expiration date has passed in the subsequent content transmission phase. It may be included. In this case, the RA-AKE procedure is performed in accordance with the procedure shown in FIG. 10 not including the erasure processing instead of FIG. 11, and the remote access exchange key K _R and its key are assigned to all sink devices regardless of the expiration date. An exchange key label K _R _label is distributed. Then, in the content transmission phase of SEQ803, the expiration date of the requesting sink device is checked.

  FIG. 18 schematically shows the contents of the content transmission phase (SEQ803) including content output management based on the expiration date.

The sink device acquires the remote access exchange key K _R acquired by the RA-AKE procedure and its exchange key label K _{R —} label, and then, for example, by an HTTP request (HTTP GET request) using an HTTP GET method. The device is requested to transmit content (SEQ1801). At the time of the request, along with the URL (Uniform Resource Locator) of the content, and sends the label K _R _label the ID of the exchange key K _R for remote access. We define a header field for sending ID (K _R _label) of the exchange key to the Source device from Sink device.

  Here, when receiving a content transmission request from the sink device, the source device executes content output management processing based on the expiration date (SEQ1802).

Source device in RA-AKE procedure, in sending exchange key K _R and exchange key label K _R _label for remote access to the Sink device stores a RAC record in association with these Sink-ID (See above and FIG. 15). Therefore, the source device can check the sink-ID of the requesting sink device from the RAC record corresponding to the exchange key label K _R _label included in the content request.

  Also, the source device calculates the expiration date and stores it as a pair with the sink-ID when registering the sink device, that is, when registering the sink-ID in the remote sink registry (see FIG. 7 and FIG. 7). checking). Therefore, the expiration date of the sink device can be checked based on the sink-ID obtained from the RAC record.

  The source device permits the content request if the current date and time does not exceed the expiration date of the requesting sink device, but does not permit the content request when the current date and time exceeds the expiration date. Further, the source device may delete the entry of the sink device that has passed the expiration date from the remote sink registry.

When the source device permits the content request from the sink device, the remote device extracts the remote access exchange key K _R specified by the exchange key label K _R _label from the RAC record and encrypts the content using this. Then, it is transmitted to the sink device as an HTTP response (HTTP GET response) (SEQ1803).

  FIG. 19 shows a processing procedure of content output management performed in SEQ1802 in the form of a flowchart. Hereinafter, for the sake of convenience, description will be made assuming that, for example, the content providing unit 304 performs content output management processing in the server 201 as the source device.

The server 201 refers to the exchange key label K _R _label included in the content request (HTTP GET request) (step S1901), and determines whether or not the RAC record of the same exchange key label K _R _label exists in the terminal management unit 307. A check is made (step S1902).

Here, if there is no RAC record of the same exchange key label K _R — label (No in step S1902), the request source sink device may not have performed an RA-AKE procedure, and so on. is there. Therefore, the server 201 skips all subsequent processing and ends this processing routine.

On the other hand, if there is a RAC record of the same exchange key label K _R — label (Yes in step S1902), the server 201 acquires a Sink-ID corresponding to the exchange key label K _R — label from the RA record ( Step S1903).

  Next, the server 201 acquires the expiration date stored as a pair with the sink-ID from the remote sink registry in the terminal management unit 307 (step S1904). However, when the expiration date of each Sink-ID is entrusted to, for example, a management server on the cloud, the server 201 accesses the management server via the communication / control unit 301 to obtain information on the corresponding expiration date. get.

  The server 201 acquires the current date and time (step S1905), and checks whether the current date and time has passed the expiration date of the requesting sink device (step S1906). If the current date and time has passed the expiration date (Yes in step S1906), the corresponding sink-ID entry is deleted from the remote sink registry (step S1907), and this processing routine ends.

  On the other hand, when the current date and time has not passed the expiration date of the requesting sink device (No in step S1906), the server 201 permits the content request from the sink device and transmits the requested content, for example, HTTP GET response. (Step S1908).

  In this way, an expiration date is set by adding the first predetermined period to the registration date and time of the terminal to the server, and only the terminals within the expiration date are allowed to remotely access the contents in the server and are valid. By prohibiting remote access after the expiration date, the use of content beyond the scope of private use by a third party can be suppressed.

D. Restrict remote access based on registration date (2)
As another method in which the server 201 restricts remote access from the terminal 202 based on the registration date and time, content of content that can be remotely accessed by the terminal 202 for a second predetermined period α (for example, 3 days) from the registration date and time. The method of setting as a limit date is mentioned. For example, remote access of content recorded in the content recording unit 302 before the limit date and time of the terminal 202 is permitted, but remote access of content recorded after the limit date and time is not permitted. In addition, remote access of content acquired by the content acquisition unit 303 before the limit date is permitted, but remote access of content acquired by the content acquisition unit 303 after the limit date is not permitted.

  For example, when registering the terminal 202 in the remote sink registry, the server 201 calculates the limit date and time of the terminal 202 by adding the second predetermined period α to the current date and time, and pairs the limit date and time with the sink-ID. And remember it.

  FIG. 13 illustrates a procedure for registering a sink device that performs remote access in the source device together with the limit date and time.

  First, an AKE procedure is performed between a source device and a sink device under the restriction of RTT (Round Trip Time) (SEQ1301). When the RTT-AKE procedure is successfully completed, the sink device transmits the command RA_REGISTER. Using CMD, the user's own Sink-ID is transmitted to the Source device (SEQ1302).

  The Source device is RA_REGISTER. Whether the sink-ID received by the CMD matches the device ID or IDu received by the RTT-AKE procedure completed immediately before, is not yet stored in the remote sink registry, and whether the remote sink registry is not full. To check. Then, when these conditions are cleared and the sink-ID is additionally stored in the remote sink registry, the source device uses the command RA_REGISTER. It returns to the sink device with RSP (SEQ1303).

  Further, when the source device acquires the current date and time as the registration date and time of the sink device (SEQ1304), the source device adds a second predetermined period α (for example, three days) as the limit date and time of registration of the sink device to the current date and time. The limit date and time is calculated (SEQ 1305), and the pair of sink-ID and limit is stored in the remote sink registry (SEQ 1306).

  FIG. 14 exemplifies the registered contents of the remote sink registry in which the sink-ID and the limit date / time are stored as a pair. However, the management of terminal registration date / time and limit date / time information as shown in FIG. 14 is not performed individually in the server 201 on the home network 210, but on a management server placed on the cloud or the like. You may make it carry out centrally.

  The source device (server 201) uses the current date and time as the registration date and time, for example, a clock function built in the server (not shown in FIG. 3), a time signal included in the broadcast wave (for example, the content acquisition unit 303 uses the tuner). When receiving a broadcast wave with a function), it can be obtained from time information obtained from a server (not shown) on the network.

  Prior to content transmission, content transmission is started after mutual authentication and key exchange, that is, RA-AKE processing for remote access is performed between the sink device and the source device.

Figure 16 is the content of the content transmission phase for transmitting encrypted using the exchange key K _R for remote access (SEQ803) schematically shown. The illustrated sequence includes content output management processing based on the limit date and time.

The sink device acquires the remote access exchange key K _R acquired by the RA-AKE procedure and its exchange key label K _{R —} label, and then, for example, by an HTTP request (HTTP GET request) using an HTTP GET method. The device is requested to transmit content (SEQ1601). At the time of the request, along with the URL (Uniform Resource Locator) of the content, and sends the label K _R _label the ID of the exchange key K _R for remote access. We define a header field for sending ID (K _R _label) of the exchange key to the Source device from Sink device.

  Here, when receiving a content transmission request from the sink device, the source device executes content output management processing based on the limit date (SEQ1602).

Source device in RA-AKE procedure, when sending the exchange key K _R and exchange key label K _R _label for remote access to the Sink device stores a RAC record in association with these Sink-ID (See above and FIG. 15). Therefore, the source device can check the sink-ID of the requesting sink device from the RAC record corresponding to the exchange key label K _R _label included in the content request.

  Further, the source device calculates the limit date and time when registering the sink device, that is, when registering the sink-ID in the remote sink registry, and stores it as a pair with the sink-ID (as described above and FIG. 14). checking). Therefore, the limit date and time of the sink device can be checked based on the sink-ID obtained from the RAC record.

  If the content is recorded in the source device before the limit date and time of the requesting sink device, the source device permits the content request from the sink device, but records it in the source device after the limit date and time has passed. For the content that has been set, the content request from the sink device is not permitted.

When the source device permits the content request from the sink device, the remote device extracts the remote access exchange key K _R specified by the exchange key label K _R _label from the RAC record and encrypts the content using this. Then, it is transmitted to the sink device as an HTTP response (HTTP GET response) (SEQ1603).

  FIG. 17 shows the procedure of content output management processing executed in SEQ1602 in the form of a flowchart. Hereinafter, for the sake of convenience, description will be made assuming that, for example, the content providing unit 304 performs content output management processing in the server 201 as the source device.

The server 201 refers to the exchange key label K _R — label included in the content request (HTTP GET request) (step S1701), and determines whether or not the RAC record of the same exchange key label K _R — label exists in the terminal management unit 307. A check is made (step S1702).

Here, if there is no RAC record of the same exchange key label K _R — label (No in step S1702), the request source sink device may not be performing the RA-AKE procedure, and so on. is there. Therefore, the server 201 skips all subsequent processing and ends this processing routine.

On the other hand, when the RAC record of the same exchange key label K _R _label exists (Yes in step S1702), the server 201 acquires the Sink-ID corresponding to the exchange key label K _R _label from the RA record ( Step S1703).

  Next, the server 201 acquires the limit date and time stored as a pair with the sink-ID from the remote sink registry in the terminal management unit 307 (step S1704). However, when the limit date and time of each Sink-ID is entrusted to, for example, a management server on the cloud, the server 201 accesses the management server via the communication / control unit 301 to obtain information on the corresponding limit date and time. get.

  Further, the server 201 acquires the recording date and time when the content requested by the content request (HTTP GET request) is recorded in the content recording unit 302 from the file system (step S1705). However, when the requested content is content acquired by the content acquisition unit 304 such as broadcast content, the current date and time (reception date and time) is acquired as the acquisition date and time.

  Then, the server 201 checks whether or not the recording date / time or the acquisition date / time of the requested content exceeds the limit date / time set in the sink device (step S1706).

  When the recording date / time or the acquisition date / time of the content does not exceed the limit date / time of the sink device (Yes in step S1706), the server 201 permits the content request from the sink device, and in step S1707, the requested content is transmitted. For example, the HTTP GET response is performed.

  Further, when the recording date / time or the acquisition date / time of the content exceeds the limit date / time of the sink device (No in step S1706), the server 201 does not permit the content request from the sink device, skips subsequent processing, This processing routine ends.

  In this way, by setting the limit date and time obtained by adding the second predetermined period to the registration date and time of the terminal to the server, the content that the terminal can use by remote access is the content recorded before the limit date or limit By restricting only content acquired before the date and time, it is possible to suitably suppress the use of content that exceeds the scope of private use by a third party.

  The remote access restriction based on the limit date and time can also be performed in the content list browsing phase (SEQ801).

  FIG. 24 is a flowchart showing a processing procedure for the source device to restrict the provision of CDS information to the sink device to be remotely accessed based on the limit date and time of the sink device in the content list browsing phase (SEQ 801). It is shown in the form of

  First, the source device clears content information that can be provided (step S2401). Next, the source device acquires the limit date and time corresponding to the sink-ID of the requesting sink device from the remote sink registry (step S2402).

  Then, the source device creates content information until all content information is processed (No in step S2403). That is, when the source device refers to the content information of the unprocessed content (step S2404), the recording date and time when the content is recorded in the content recording unit 302 is acquired from the file system (step S2405). However, when the requested content is content acquired by the content acquisition unit 304 such as broadcast content, the current date and time (reception date and time) is acquired as the acquisition date and time.

  Then, the source device checks whether the recording date / time or the acquisition date / time of the content does not exceed the limit date / time set in the sink device (step S2406).

  If the recording date / time or the acquisition date / time of the content does not exceed the limit date / time of the sink device (Yes in step S2406), the source device adds the content information to the content information that can be provided (step S2407). Then, the process returns to step S2403, and it is checked whether or not all content information has been processed.

  On the other hand, when the recording date / time of the content exceeds the limit date / time of the sink device (No in step S2406), the source device does not add the content information to the content information that can be provided, and proceeds to step S2403. Return and check if all content information has been processed.

  When the processing of all content information is completed (Yes in step S2403), the source device transmits the completed content information to the requesting sink device (step S2408).

  In this way, it is possible to limit the content recorded before the date and time or acquired only before the date and time, and to provide content information to the Sink device. The use of the content can be suitably suppressed.

E. Relaxation of restrictions on remote access based on registration date / time In the above-mentioned items C and D, remote access from the terminal 202 using an expiration date or a limit date / time set based on the registration date / time when the terminal 202 is registered in the server 201 is used. By restricting the content, it is possible to prevent a registered third party from continuing to use the content, and to suppress the use of content beyond the scope of private use.

  However, imposing restrictions on remote access based on the registration date and time for all terminals registered in the server 201 can suppress use by a third party, but legitimate users (ie, private use) Use of content (within the range) is unnecessarily limited, which may cause inconvenience to the user. If inconvenience is given to the user, the use of the communication system 200 will not spread.

  Therefore, a predetermined number of terminals registered in the server 201 may be exempted from the restrictions on remote access based on the registration date and time.

In this case, by performing the RA-AKE procedure in accordance with the procedure shown in FIG. 10 rather than 11, without performing the deregistration process by the expiration date, the exchange key K _R and for remote access to all of the Sink Device An exchange key label K _R _label is distributed. Then, in the procedure for registering the sink device to the source device (see FIG. 6 and FIG. 13), a predetermined number of terminals are exempt from a large value as the expiration date or the limit date, or from the expiration date or the limit date. Set a specific value to indicate that In this way, in the content output management process in the content transmission phase (see FIGS. 18 and 16) (see FIGS. 19 and 17), in step S1905 and step S1706, the expiration date and the limit date and time. The restriction by can be prevented.

  By exempting remote access restrictions based on the date and time of registration with the server up to a predetermined number of terminals, it is possible to ensure the convenience of content use within the scope of private use.

  22 and 24 show a processing procedure for restricting the provision of CDS information to the sink device to be remotely accessed based on the expiration date and the limit date and time in the content list browsing phase (SEQ801). Indicated. In this case as well, by providing CDS information to a predetermined number of terminals without restriction based on the date and time of registration with the server, it is possible to ensure the convenience of content use within the scope of private use. it can.

  In addition, a terminal exempt from application of remote access restrictions based on registration date and time may be set for each content recorded in the server 201 or for each group of content.

  For example, when a user makes a content recording reservation or recording request to the server 201, the restriction is exempted from the available terminals registered in the terminal management unit 307 (that is, remote sink registry). By selecting the terminal to be used and the Sink-ID of the terminal exempting the application of restrictions for each user, and automatically applying the terminal of the user who performed the recording reservation or recording request operation A method of assigning exemptions is conceivable. As means for recognizing the user at that time, for example, a login ID to the server 201, a user instruction, a user recognition by a camera or a sensor, and the like can be cited.

  When registering a terminal exempt from application of restrictions for each content, the sink-ID of the terminal is held as metadata related to each content. In addition, when a terminal exempt from application of restrictions is registered for each content group, the sink-ID of the terminal is held as metadata regarding each content group.

When setting a terminal exempt from remote access restriction for each content or each group of content, the RA-AKE procedure is performed according to the procedure shown in FIG. 10 instead of FIG. without performing the deregistration process, keep distributing the exchange key K _R and exchange key label K _R _label for remote access to all of the Sink device. Then, in the content output management process in the content transmission phase (see FIGS. 18 and 16), the content transmission to the terminal is controlled according to the remote access restriction exemption set for each content or each content group To do.

  FIG. 20 shows the procedure of content output management processing in the form of a flowchart in the case where a terminal exempting application of remote access restriction based on the expiration date is registered. Hereinafter, for the sake of convenience, description will be made assuming that, for example, the content providing unit 304 performs content output management processing in the server 201 as the source device.

The server 201 refers to the exchange key label K _R — label included in the content request (HTTP GET request) (step S2001), and determines whether or not the RAC record of the same exchange key label K _R — label exists in the terminal management unit 307. Check (step S2002).

Here, if there is no RAC record of the same exchange key label K _R _label (No in step S2002), an illegal content request may be caused by a cause such as the requesting sink device not performing the RA-AKE procedure. is there. Therefore, the server 201 skips all subsequent processing and ends this processing routine.

On the other hand, when the RAC record of the same exchange key label K _R — label exists (Yes in step S2002), the server 201 acquires the Sink-ID corresponding to the exchange key label K _R — label from the RA record ( Step S2003).

  Next, the server 201 exempts whether or not this Sink-ID exists in the metadata of the content group including the requested content, that is, exempts the restriction of remote access by the expiration date for the content group. It is checked whether the Sink-ID has been set (step S2004). If the sink-ID is present in the metadata of the content group (Yes in step S2004), the server 201 permits the content request from the sink device and transmits the requested content, for example, HTTP GET. The response is performed (step S2009).

  Further, the server 201 determines whether or not the Sink-ID exists in the requested content metadata, that is, the Sink-ID exempted from the application of the remote access restriction based on the expiration date for the content. It is checked whether or not there is (step S2005). If the Sink-ID exists in the metadata of the content (Yes in step S2005), the server 201 permits the content request from the sink device and transmits the requested content using, for example, an HTTP GET response. This is performed (step S2009).

  On the other hand, when the Sink-ID does not exist in any metadata of the content group and the content, that is, when the application of the remote access restriction due to the expiration date is not exempted (No in steps S2005 and S2004). The expiration date stored as a pair with the sink-ID is acquired from the remote sink registry in the terminal management unit 307 (step S2006).

  The server 201 acquires the current date and time (step S2007), and checks whether the current date and time has passed the expiration date of the requesting sink device (step S2008). If the current date has passed the expiration date (No in step S2008), the processing routine is terminated without transmitting the content.

  On the other hand, when the current date and time has not passed the expiration date of the requesting sink device (Yes in step S2008), the server 201 permits the content request from the sink device and transmits the requested content, for example, HTTP GET response. (Step S2009).

  Note that the remote access restriction exemption based on the expiration date can also be performed in the content list browsing phase (SEQ801).

  FIG. 23 is a flowchart showing a processing procedure for exempting the provision of CDS information based on the expiration date of the sink device from the source device to the sink device remotely accessed in the content list browsing phase (SEQ801). It is shown in the form of

  First, the source device clears content information that can be provided (step S2301).

  Next, the source device acquires the expiration date corresponding to the sink-ID of the requesting sink device from the remote sink registry (step S2302), and acquires the current date and time (step S2303).

  Then, the source device creates content information until all content information is processed (No in step S2304).

  When the source device refers to the content information of the unprocessed content (step S2305), it is determined whether or not the requesting sink-ID exists in the metadata of the content group including the content, that is, for the content group. It is checked whether or not the Sink-ID is exempt from application of remote access restrictions due to the expiration date (step S2306). If the sink-ID exists in the metadata of the content group (Yes in step S2306), the source device adds the content information referenced in step S2305 to the content information that can be provided (step S2305). S2309), the process returns to step S2304.

  Further, the source device is a sink-ID exempted from the application of whether or not the request source sink-ID exists in the metadata of the content, that is, the restriction of remote access due to the expiration date for the content. Is checked (step S2307). If a sink-ID is present in the metadata of the content (Yes in step S2307), the source device adds the content information referenced in step S2305 to the content information that can be provided (step S2309). Return to step S2304.

  On the other hand, when the Sink-ID does not exist in any metadata of the content group and the content, that is, when the application of the remote access restriction due to the expiration date is not exempted (No in steps S2306 and S2307). The source device checks whether the current date and time acquired in step S2303 has passed the expiration date of the requesting sink device (step S2308).

  If the current date / time has not yet passed (Yes in step S2308), the source device adds the content information referenced in step S2305 to the content information that can be provided (step S2309), and then step S2304. Return to.

  On the other hand, if the current date has passed the expiration date (No in step S2308), the process returns to step S2304 without adding the content information referenced in step S2305 to the content information that can be provided.

  When all the content information has been processed (Yes in step S2304), the source device transmits the completed content information to the requesting sink device (step S2310).

  FIG. 21 is a flowchart showing the procedure of content output management processing when a terminal that is exempted from application of remote access restriction based on the limit date is registered. Hereinafter, for the sake of convenience, description will be made assuming that, for example, the content providing unit 304 performs content output management processing in the server 201 as the source device.

The server 201 refers to the exchange key label K _R — label included in the content request (HTTP GET request) (step S2101), and determines whether or not the RAC record of the same exchange key label K _R — label exists in the terminal management unit 307. Check (step S2102).

If there is no RAC record of the same exchange key label K _R _label (No in step S2102), the server 201 skips all subsequent processes and ends this processing routine.

On the other hand, when the RAC record of the same exchange key label K _R _label exists (Yes in step S2102), the server 201 acquires the Sink-ID corresponding to the exchange key label K _R _label from the RA record ( Step S2103).

  Next, the server 201 exempts whether or not this Sink-ID exists in the metadata of the content group including the requested content, that is, the remote access restriction by the limit date and time for the content group is exempted. It is checked whether the Sink-ID is set (step S2104). If the sink-ID is present in the metadata of the content group (Yes in step S2104), the server 201 permits the content request from the sink device and transmits the requested content, for example, HTTP GET. The response is performed (step S2109).

  Further, the server 201 determines whether or not the Sink-ID exists in the requested content metadata, that is, the Sink-ID exempted from the application of the remote access restriction based on the limit date and time for the content. It is checked whether or not there is (step S2105). If the Sink-ID exists in the metadata of the content (Yes in step S2105), the server 201 permits the content request from the sink device, and transmits the requested content using, for example, an HTTP GET response. This is performed (step S2109).

  On the other hand, when the Sink-ID does not exist in the metadata of the content group and the content, that is, when the application of the remote access restriction by the limit date / time is not exempted (No in steps S2105 and S2104). The limit date and time stored as a pair with the sink-ID is acquired from the remote sink registry in the terminal management unit 307 (step S2106).

  In addition, the server 201 acquires the recording date and time when the requested content is recorded in the content recording unit 302 from the file system (step S2107). However, when the requested content is content acquired by the content acquisition unit 304 such as broadcast content, the current date and time (reception date and time) is acquired as the acquisition date and time.

  Then, the server 201 checks whether or not the recording date / time or the acquisition date / time of the requested content exceeds the limit date / time set in the sink device (step S2108).

  When the recording date / time or the acquisition date / time of the content does not exceed the limit date / time of the sink device (Yes in step S2108), the server 201 permits the content request from the sink device, and in step S2109, the requested content is transmitted. For example, the HTTP GET response is performed.

  Further, when the recording date / time or the acquisition date / time of the content exceeds the limit date / time of the sink device (No in step S2108), the server 201 does not permit the content request from the sink device, skips subsequent processing, This processing routine ends.

  It should be noted that the remote access restriction exemption based on the limit date and time can also be performed in the content list browsing phase (SEQ801).

  FIG. 25 is a flowchart showing a processing procedure for exempting the source device from providing the CDS information based on the limit date and time of the sink device to the sink device that is remotely accessed in the content list browsing phase (SEQ801). It is shown in the form of

  First, the source device clears content information that can be provided (step S2501). Next, the source device acquires the limit date and time corresponding to the sink-ID of the requesting sink device from the remote sink registry (step S2502).

  Then, the source device creates content information until all content information is processed (No in step S2503).

  When the source device refers to the content information of the unprocessed content (step S2504), it is determined whether or not the requesting sink-ID exists in the metadata of the content group including the content, that is, for the content group. It is checked whether or not the Sink-ID is exempt from application of remote access restriction by the limit date (step S2505). If the sink-ID exists in the metadata of the content group (Yes in step S2505), the source device adds the content information referred in step S2504 to the content information that can be provided (step S2504). S2509), the process returns to step S2503.

  Further, the source device is a sink-ID exempted from the application of whether or not the request source sink-ID exists in the metadata of the content, that is, the remote access restriction by the limit date and time for the content. Is checked (step S2506). If a sink-ID exists in the metadata of the content (Yes in step S2506), the source device adds the content information referenced in step S2504 to the content information that can be provided (step S2509). Return to step S2503.

  On the other hand, when the Sink-ID does not exist in any metadata of the content group and the content, that is, when the application of the remote access restriction by the limit date / time is not exempted (No in steps S2505 and S2506). The source device checks whether the content information referred in step S2504 has exceeded the limit date.

  In order to check the limit date and time, the Source device acquires the recording date and time when the content was recorded in the content recording unit 302 from the file system (step S2507). However, when the requested content is content acquired by the content acquisition unit 304 such as broadcast content, the current date and time (reception date and time) is acquired as the acquisition date and time. Then, the source device checks whether the recording date / time or the acquisition date / time of the content does not exceed the limit date / time set in the sink device (step S2508).

  When the recording date / time or the acquisition date / time of the content does not exceed the limit date / time of the sink device (Yes in step S2508), the source device adds the content information to the content information that can be provided (step S2509), and then the step. The process returns to S2503.

  On the other hand, when the recording date / time of the content exceeds the limit date / time of the sink device (No in step S2508), the source device does not add the content information to the content information that can be provided, and proceeds to step S2503. Return.

  When all content information has been processed (Yes in step S2503), the source device transmits the completed content information to the requesting sink device (step S2510).

  As shown in FIG. 20, FIG. 21 and FIG. 23, FIG. 25, it is not specific to a specific terminal and exempt from remote access restrictions, but for each content or for each group of content. To ensure the convenience of content use within the scope of private use by multiple terminals for each family member, for example, by setting a terminal that exempts remote access restrictions based on the date and time of registration with the server Can do.

  As described above, the technology disclosed in this specification has been described in detail with reference to specific embodiments. However, it is obvious that those skilled in the art can make modifications and substitutions of the embodiments without departing from the scope of the technology disclosed in this specification.

  In the present specification, the technology disclosed in this specification has been described mainly with respect to an embodiment in which the technology disclosed in this specification is applied to an IP network and a DTCP specification network. However, the gist of the technology disclosed in this specification is not limited thereto. Absent. The technology disclosed in the technology disclosed in the present specification can also be applied to various communication systems other than DTCP-IP that have restrictions on remote access to content in a home network.

  Further, the scope of application of the technology disclosed in this specification is not limited to remote access to a home network. The technology disclosed in the present specification can be similarly applied when it is desired to restrict access based on the registration date and time of a terminal to the home server even during local access in the home network.

  In short, the technology disclosed in the present specification has been described in the form of exemplification, and the description content of the present specification should not be interpreted in a limited manner. In order to determine the gist of the technology disclosed in this specification, the claims should be taken into consideration.

Note that the technology disclosed in the present specification can also be configured as follows.
(1) a storage device for storing a computer program;
A computer program distribution system comprising a communication device that permits download of the computer program in response to receiving a request to download the computer program, the computer program comprising:
A content acquisition unit for acquiring content to be provided to the terminal, or a content recording unit for recording content to be provided to the terminal,
A terminal registration unit for registering terminals that provide content;
A content provider that controls the provision of content to the terminal based on the registration date and time of the terminal;
A computer program written in a computer-readable format to function as
Computer program distribution system.
(2) a storage device for storing a computer program;
A computer program distribution system comprising a communication device that permits download of the computer program in response to receiving a request to download the computer program, the computer program comprising:
A receiving unit that selects and receives broadcast content,
A terminal registration unit for registering terminals that provide content;
A content providing unit that controls provision of content received by the receiving unit to the terminal under restrictions based on the registration date and time of the terminal;
A computer program written in a computer-readable format to function as
Computer program distribution system.
(3) An information notification device for notifying information indicating the name of the computer program to a terminal that transmits a request for downloading the computer program;
3. The computer program distribution system according to either 1 or 2 above.
(4) The information notification apparatus notifies information indicating that the application provides a commercial content recorded in a home to a remote terminal together with the name.
The computer program distribution system according to (3) above.
(5) The terminal registration unit manages an expiration date obtained by adding a first predetermined period to the registration date and time of the terminal together with information on the terminal,
The content providing unit restricts the provision of content to a terminal whose expiration date has passed;
3. The computer program distribution system according to either 1 or 2 above.
(6) The terminal registration unit manages the limit date and time obtained by adding the second predetermined period to the registration date and time of the terminal together with the terminal information,
The content providing unit restricts the provision of content to the terminal whose acquisition date / time of the content acquisition unit or recording date / time to the content recording unit is after the limit date / time,
3. The computer program distribution system according to either 1 or 2 above.
(7) For the predetermined number of terminals registered in the terminal registration unit, the content providing unit exempts restrictions based on the registration date and provides content.
3. The computer program distribution system according to either 1 or 2 above.
(8) For each content or content group, set a terminal exempt from restrictions based on the registration date and time,
The content providing unit provides content regardless of the registration date and time to a terminal exempt from restrictions based on the registration date and time for the content to be provided or a content group including the content,
3. The computer program distribution system according to either 1 or 2 above.
(9) For each content or content group, set a terminal exempt from restrictions based on the expiration date,
The content providing unit provides content to a content group including content to be provided or a terminal in which the exemption is set for content to be provided regardless of an expiration date.
The computer program distribution system according to (5) above.
(10) For each content or content group, set a terminal exempt from restrictions based on the limit date and time,
The content providing unit provides content to a content group including content to be provided or a terminal for which the exemption is set for content to be provided regardless of the limit date and time.
The computer program distribution system according to (6) above.
(11) The content information providing unit restricts the provision of content information to the terminal based on the registration date and time of the terminal.
The computer program distribution system according to (2) above.
(12) a storage device for storing a computer program;
A computer program distribution system comprising a communication device that permits download of the computer program in response to receiving a request to download the computer program, the computer program comprising:
An input section where user operation information is input,
A registration request unit that makes a registration request to the server that manages the registration date and time,
A content requesting unit that requests content from the server according to operation information input to the input unit;
A content playback unit that is allowed to play back the content from the server under a restriction based on the registration date and time in response to the request for the content;
A computer program written in a computer-readable format to function as
Computer program distribution system.
(13) a storage device for storing a computer program;
A computer program distribution system comprising a communication device that permits download of the computer program in response to receiving a request to download the computer program, the computer program comprising:
An input section where user operation information is input,
A registration request unit that makes a registration request to the server that manages the registration date and time,
A content information browsing unit for browsing information on content that can be provided by the server;
A content requesting unit that requests the server to select content selected via information browsed by the content information browsing unit according to operation information input to the input unit;
A content playback unit that is allowed to play back the content from the server under a restriction based on the registration date and time in response to the request for the content;
A computer program written in a computer-readable format to function as
Computer program distribution system.
(14) An information notification device for notifying information indicating the name of the computer program to a terminal that transmits a request for downloading the computer program;
14. The computer program distribution system according to any one of 12 or 13 above.
(15) The information notification device notifies information indicating that the commercial content recorded in the home together with the name is an application that is permitted to be viewed remotely.
The computer program distribution system according to (14) above.
(16) a content acquisition unit that acquires content to be provided to the terminal, or a content recording unit that records content to be provided to the terminal;
A terminal registration unit for registering terminals that provide content;
A content information providing unit that provides information on content that can be provided to the terminal to the terminal;
A content providing unit that provides content selected via content information viewed on the terminal side under restrictions based on the registration date and time of the terminal;
A communication apparatus comprising:
(17) The content information providing unit restricts the provision of content information to the terminal based on the registration date and time of the terminal.
The communication device according to (16) above.
(18) The terminal registration unit manages an expiration date obtained by adding a first predetermined period to the registration date and time of the terminal together with information on the terminal,
The content information providing unit restricts the provision of content information to a terminal whose expiration date has passed;
The communication device according to (17) above.
(19) The terminal registration unit manages the limit date and time obtained by adding the second predetermined period to the registration date and time of the terminal together with the terminal information,
The content information providing unit restricts provision of content information to a terminal for content whose acquisition date / time of the content acquisition unit or recording date / time to the content recording unit is after the limit date / time,
The communication device according to (17) above.
(20) The content information providing unit provides content information for a predetermined number of terminals registered in the terminal registration unit, excluding restrictions based on registration date and time,
The communication device according to (17) above.
(21) For each content or content group, set a terminal exempt from restrictions based on the expiration date,
Even if the content information providing unit is a terminal whose expiration date has passed, content information included in a content group in which the exemption is set for the terminal, or content information of the content in which the exemption is set provide,
The communication device according to (18) above.
(22) For each content or content group, set a terminal exempt from restrictions based on the limit date and time,
The content information providing unit provides content information for the content or content group for which the exemption is set for the terminal of the provision destination even if the acquisition date / time or the recording date / time is after the limit date / time,
The communication device according to (19) above.
(23) an input unit for inputting operation information by a user;
A registration request unit that makes a registration request to a server that manages the registration date and time;
A content information browsing unit for browsing information on content that can be provided by the server;
A content requesting unit that requests the server to select content selected via information browsed by the content information browsing unit according to operation information input to the input unit;
In response to the request for content, a content playback unit that is allowed to play back the content from the server under restrictions based on the registration date and time,
A communication apparatus comprising:
(24) The content information browsing unit browses information related to content that can be provided by the server under a restriction based on a registration date and time to the server.
The communication device according to (23) above.
(25) The content information browsing unit is restricted from browsing the content information after the expiration date obtained by adding the first predetermined period to the registration date and time to the server.
The communication device according to (23) above.
(26) The content information browsing unit is restricted from browsing the content information acquired or recorded by the server after the date and time when the second predetermined period is added to the registration date and time to the server.
The communication device according to (23) above.
(27) When registered in the server within the predetermined number, the content information browsing unit can browse the content information without being restricted based on the registration date and time to the server.
The communication device according to (24) above.
(28) The content information browsing unit can browse content information included in a content or content group exempted from restrictions based on an expiration date for the communication device regardless of a set expiration date. ,
The communication device according to (25) above.
(29) The content information browsing unit may acquire or record content information included in a content or content group exempted from restriction based on a limit date with respect to the communication device, if the date or time acquired by the server is before the limit date Can be viewed regardless of
The communication device according to (26) above.

DESCRIPTION OF SYMBOLS 100 ... Communication system 101 ... Server, 102 ... Terminal, 110 ... Home network 201 ... Server, 202 ... Terminal 200 ... Communication system 201 ... Server, 202 ... Terminal 210 ... Home network, 220 ... External network 230 ... Router 300 ... Communication device (Source device)
DESCRIPTION OF SYMBOLS 301 ... Communication / control part, 302 ... Content recording part 303 ... Content acquisition part, 304 ... Content provision part 305 ... Content list provision part, 306 ... Authentication and key sharing part 307 ... Terminal management part 400 ... Communication apparatus 401 ... Communication Control unit 402: content list browsing unit, 403 ... content acquisition unit 404 ... content decryption unit, 405 ... content reproduction output unit 406 ... authentication / key sharing unit, 407 ... input unit

Claims (3)

A client requesting a server to download a computer program;
Allowing the server to download the computer program to the client according to the request;
A content remote access management step in which the client performs remote access management of content according to the computer program;
A content remote access management method using a download program, comprising:
The content remote access management step further comprises:
A content acquisition step in which the client acquires content to be provided to the terminal, or a content recording step to record content to be provided in the terminal;
A terminal registration step in which the client registers a terminal that provides content within a home network under a limit of a round-trip delay time of a command;
A content providing step in which the client controls the provision of content to a terminal to be remotely accessed based on the registration date and time of the terminal;
Including
The terminal registration step further includes a step in which the client manages an expiration date obtained by adding a first predetermined period to the registration date and time of the terminal in association with the terminal information,
In the content providing step, the client does not limit a round-trip delay time of a command to terminals that are remotely accessed up to a predetermined number of terminals that have not expired among the terminals registered in the terminal registration step. Including providing content,
Content remote access management method by download program.   The content remote control according to claim 1, further comprising the step of notifying the client of information indicating a name of the computer program or information indicating an explanation of the computer program to the client. Access management method. In the content providing step, the provision of content information to a terminal to be remotely accessed is limited based on an expiration date.
The content remote access management method by the download program of Claim 1.