JP2019029933A - Content distribution device, content distribution system, content distribution program, and content distribution method - Google Patents

Abstract

To enable a user to browse a content, which was browsed during contract period, even after cancellation of contract.SOLUTION: A content distribution system 10 encrypts a content 5 with a common key 6. Next, the content distribution system 10 encrypts the common key 6 with public keys 3a, 3b, 3c assigned to multiple contract users, respectively. Next, the content distribution system 10 registers the encrypted content 5a and the encrypted common keys 6a, 6b, 6c, respectively, in a block chain 18. Thereafter, the content distribution system 10 updates the information of the contract users. Next, the content distribution system 10 updates the common key 6 and encrypts the updated common key by the public keys, assigned to the multiple contract users, respectively in response to the update of the common key 6. The content distribution system 10 registers the encrypted and updated common keys in the block chain 18, respectively.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a content distribution device, a content distribution system, a content distribution program, and a content distribution method.

  There are services that provide content over a computer network. The provided contents are various, such as e-mail magazines and video information. In the content distribution service, the server managed by the service provider transmits the content to the terminal device after confirming that the user using the terminal device to which the content is transmitted is a service contractor. For example, in the case of a video distribution service, a user accesses a server of a service provider via a network using a terminal device and logs in to the server. The server recognizes that the content distribution contract is concluded for the logged-in user, and transmits the content to the terminal device used by the user.

  As a technique related to billing for distributed content, for example, an information processing apparatus that allows a poster to easily and efficiently earn income by posting content is considered.

Japanese Patent Laying-Open No. 2006-162431

  Conventionally, when the user cancels the contract for the content distribution service, the user loses the login qualification for the server, and thereafter, the user cannot access the server from the terminal device. In other words, when the contract is canceled, the user cannot refer to not only the content distributed after the contract cancellation but also the content distributed during the contract period.

  If the user has paid the appropriate consideration for referring to the content that was delivered during the user's contract period, the paid content that was delivered during the contract period just because the contract was terminated If it becomes impossible to refer to the user, the disadvantage of the user is too great. However, in the conventional content distribution technology, after the user's contract is canceled, the user's reference to the content distributed during the user's contract period is permitted while the user's reference to the newly distributed content is suppressed. Can not do it.

  In one aspect, the object of the present invention is to make it possible to refer to content that the user was able to refer to during the contract period even after the contract is canceled.

In one proposal, a content distribution apparatus having a key generation unit, a key distribution unit, an encryption unit, a registration unit, and a key update unit is provided.
The key generation unit generates a public key for each of a plurality of contract users who are contracting users for a contract for receiving content distribution. The key distribution unit distributes a secret key corresponding to the public key to each of a plurality of contract users. The encryption unit encrypts the content with a common key, refers to a storage unit that stores a user database that holds information on a plurality of contract users, and stores the common key to each of the plurality of contract users stored in the user database. Encrypt with each assigned public key. The registration unit registers the content encrypted with the common key and each of the encrypted common key in the block chain. The key update unit updates the common key.

  The encryption unit refers to the storage unit in which the contract user information has been updated after the registration process is executed by the registration unit in response to the update of the common key, and acquires the updated common key from the user database. Encryption is performed with each public key assigned to each of a plurality of contract users. The registration unit registers each encrypted updated common key in the block chain.

  According to one aspect, the content registered during the contract period can be referred to even after the contract is canceled.

It is a figure which shows an example of the content delivery system which concerns on 1st Embodiment. It is a figure which shows an example of a structure of the network system of 2nd Embodiment. It is a figure which shows one structural example of the hardware of the block chain node used for 2nd Embodiment. It is a figure which shows the example of a block chain network. It is a block diagram which shows an example of the function of each apparatus. It is a figure which shows an example of the correspondence of the distributed key and content. It is a figure which shows an example of distribution of the common key to the user during a contract period, and content provision. It is a figure which shows an example of distribution of the common key and content provision after some users withdraw. It is a flowchart which shows an example of the procedure of the process which a key distribution agent performs. It is a flowchart which shows an example of the procedure of the process which a content management agent performs. It is a flowchart which shows an example of the procedure of the process which an entrance / exit management system performs. It is a flowchart which shows an example of the procedure of the process which a content reader performs. It is a figure which shows an example of distribution of the common key to the user in the contract period in 3rd Embodiment, and content provision. It is a figure which shows an example of distribution of a common key and content provision after some users withdraw in 3rd Embodiment. It is a flowchart which shows an example of the procedure of the process of the content management agent in 3rd Embodiment. It is a flowchart which shows an example of the procedure of the process which a mailer performs. It is a block diagram which shows an example of the function of each apparatus in 4th Embodiment. It is a figure which shows an example of distribution of the common key to the user in the contract period in 4th Embodiment, and content provision. It is a figure which shows an example of distribution of the common key and content provision after some users withdraw in 4th Embodiment. It is a flowchart which shows an example of the procedure of the process of the content management agent in 4th Embodiment. It is a flowchart which shows an example of the procedure of the process which a reproduction | regeneration application performs. It is a flowchart which shows an example of the procedure of the process which a content server performs. It is a block diagram which shows an example of the function of each apparatus in 5th Embodiment. It is a figure which shows an example of a user's membership process. It is a flowchart which shows an example of the procedure of the process which an enrollment agent performs. It is a figure which shows an example of a user's withdrawal process. It is a flowchart which shows an example of the procedure of the process which a withdrawal agent performs. It is a figure which shows an example of an accounting process. It is a flowchart which shows an example of the procedure of the content provision process using automatic billing.

Hereinafter, the present embodiment will be described with reference to the drawings. Each embodiment can be implemented by combining a plurality of embodiments within a consistent range.
[First Embodiment]
First, a first embodiment will be described.

  FIG. 1 is a diagram illustrating an example of a content distribution system according to the first embodiment. The content distribution system 10 is realized by operating a plurality of content distribution apparatuses 10a, 10b, 10c,. Each of the plurality of content distribution apparatuses 10a, 10b, 10c,... Is a computer, for example.

  The content distribution system 10 includes a storage unit 11, a key generation unit 12, a key distribution unit 13, an encryption unit 14, a registration unit 15, a user update unit 16, and a key update unit 17. The storage unit 11 is, for example, a memory or a storage device included in at least one of the plurality of content distribution devices 10a, 10b, 10c,. Each of the key generation unit 12, the key distribution unit 13, the encryption unit 14, the registration unit 15, the user update unit 16, and the key update unit 17 includes, for example, a plurality of content distribution apparatuses 10a, 10b, 10c,. Is a processor or an arithmetic circuit included in at least one of the above.

The storage unit 11 stores a user database (DB) 11a that holds information on a plurality of contract users who are contracting users for contracts for receiving content distribution.
The key generation unit 12 generates a public key corresponding to each of a plurality of contract users. For example, the key generation unit 12 generates key pairs 12a, 12b, and 12c corresponding to each of a plurality of contract users. The key pairs 12a, 12b, and 12c are pairs of public keys 3a, 3b, and 3c and secret keys 4a, 4b, and 4c, respectively. In the example of FIG. 1, three users 1a, 1b, and 1c are contract users, and key pairs 12a, 12b, and 12c for the users 1a, 1b, and 1c are generated. Encryption data encrypted using a public key included in one key pair as an encryption key can be decrypted by using a secret key included in the key pair as a decryption key.

  The key distribution unit 13 distributes the secret keys 4a, 4b, and 4c corresponding to the public keys 3a, 3b, and 3c to each of a plurality of users 1a, 1b, and 1c under contract. For example, the key distribution unit 13 sends the secret keys 4a, 4b, 4c of the users 1a, 1b, 1c used to the terminal devices 2a, 2b, 2c used by the plurality of users 1a, 1b, 1c, respectively. Send.

  The encryption unit 14 encrypts the content 5 with the common key 6. As a result, encrypted content 5a (encrypted data) is generated. The content 5 is, for example, a document, a photograph, a moving image, or the like provided to the users 1a, 1b, 1c. The content 5 may be position information indicating a storage location of other content. The encryption unit 14 further encrypts the common key 6 with each of the public keys 3a, 3b, 3c assigned to each of the plurality of contract users (users 1a, 1b, 1c) stored in the user DB 11a. . Accordingly, the common key 6a (encrypted data) encrypted with the public key 3a of the user 1a, the common key 6b (encrypted data) encrypted with the public key 3b of the user 1b, and the public key 3c of the user 1c are encrypted. A common key 6c (encrypted data) is generated.

  The registration unit 15 registers the content 5a encrypted with the common key 6 and each of the encrypted common keys 6a, 6b, and 6c in the block chain 18. The registration unit 15 may register the content 5a and each of the common keys 6a, 6b, and 6c together into the block chain 18 as a single block, or may register the content 5a and the common keys 6a, 6b, and 6c into the block chain 18 as a plurality of blocks. Good. For example, the registration unit 15 registers one block including a plurality of common keys 6a, 6b, and 6c in the block chain 18. Then, the registration unit 15 registers one block including the content 5a in the block chain 18.

  The user updating unit 16 updates the contract user information stored in the storage unit 11 after the registration unit 15 performs the registration process. For example, when there is a user who has canceled the contract, the user update unit 16 deletes the user information from the user DB 11a.

  The key update unit 17 updates the common key 6. For example, the key update unit 17 periodically updates the common key 6. The key update unit 17 also updates the common key 6 when the user update unit 16 deletes the contract user from the user DB 11a.

  The encryption unit 14 refers to the storage unit 11 in response to the update of the common key 6 by the key update unit 17, and is assigned to each of the plurality of contract users who have acquired the updated common key from the user database 11a. Encrypt with each public key. Then, the registration unit 15 registers each encrypted updated common key in the block chain 18.

  According to such a content distribution system 10, if all of the three users 1a, 1b, and 1c are in the contract period, the secret keys 4a are assigned to the terminal devices 2a, 2b, and 2c of the users 1a, 1b, and 1c, respectively. , 4b, 4c are distributed. Then, the encrypted content 5a and the common keys 6a, 6b, 6c encrypted with the public keys 3a, 3b, 3c of the users 1a, 1b, 1c are registered in the block chain 18. In this case, for example, the user 1a acquires the content 5a and the common key 6a from the block chain 18 by the terminal device 2a used by the user 1a. The terminal device 2a uses the secret key 4a to decrypt the common key 6a and obtain the plaintext common key 6. Further, the terminal device 2 a decrypts the content 5 a using the common key 6 to obtain the plaintext content 5. Then, the terminal device 2a displays the content 5 on the monitor. Thereby, the user 1a can refer to the content 5. Similarly, the user 1b can refer to the content 5 by acquiring the content 5a and the common key 6b from the block chain 18 using the terminal device 2b. The user 1c can refer to the content 5 by acquiring the content 5a and the common key 6c from the block chain 18 using the terminal device 2c.

  Thereafter, for example, it is assumed that the contract for the user 1c to receive the provision of content is canceled. The cancellation of the contract includes a case where the user 1c performs the contract cancellation procedure and a case where the contract period expires without the contract being extended. The cancellation of the contract of the user 1c is input to the user update unit 16 by, for example, a content distribution manager. Then, the user update part 16 deletes the information of the user 1c from the contract user information in the user DB 11a. For example, the user update unit 16 sets a flag indicating invalidity of the contract for the information of the user 1c in the user DB 11a. Thereby, the information of the user 1c is no longer the information of the contract user. That is, the information of the user 1c is deleted from the contract user information.

  After the user DB 11 a is updated by the user update unit 16, the common key 6 is updated by the key update unit 17. Then, the updated common key is encrypted by the encryption unit 14 with the public keys 3a and 3b of the users 1a and 1b excluding the user 1c whose contract has been canceled. Then, the updated common key encrypted with the public keys 3 a and 3 b of the users 1 a and 1 b is registered in the block chain 18 by the registration unit 15. The content distributed thereafter is encrypted with the updated common key by the encryption unit 14, and the encrypted content is registered in the block chain 18 by the registration unit 15.

  In this case, the user 1a during the contract period uses the terminal device 2a to update the updated common key encrypted with the public key 3a of the user 1a and the content encrypted with the updated common key. By acquiring from the block chain 18, the content can be referred to. Similarly, the user 1b during the contract period uses the terminal device 2b to block the updated common key encrypted with the public key 3b of the user 1b and the content encrypted with the updated common key. By acquiring from the chain 18, the content can be referred to. On the other hand, the user 1c whose contract has been canceled cannot obtain the updated common key encrypted with the public key 3c of the user 1c, and refers to the content encrypted with the updated common key. I can't.

  The block once registered in the block chain 18 is held as a part of the block chain 18 even if a new block is registered thereafter. Accordingly, the content 5a registered during the contract period of the user 1c is registered in the block chain 18 even after the contract of the user 1c is canceled. Therefore, the user 1c can acquire the content 5a and the common key 6c provided during the contract period from the block chain 18 by the terminal device 2c even after the contract is canceled. The user 1c can cause the terminal device 2c to decrypt the content 5a using the pre-update common key 6, and display the content 5 obtained by the decryption. That is, the user 1c can refer to the content 5 provided during the contract period even after the contract is canceled.

  As described above, according to the first embodiment, even when a user distributes content without logging in to the login page, the content that has continued in time can be distributed only to contract users. Then, the user who cancels the contract and loses his / her qualification can not refer to the contents after the cancellation. However, even a canceled user can refer to the content information during the contract without redistribution because it is stored in the block chain.

  The storage unit 11 can also realize the user DB 11a by a user management block chain. In this case, the user update unit 16 registers user information indicating a user who has concluded a contract for receiving content distribution in the user management block chain as contract user information. Further, the user update unit 16 deletes the information of the contract user who has canceled the contract for receiving the content distribution from the user management block chain. As described above, by realizing the user DB 11a with a user management block chain, it is possible to reduce the operating cost of the content distribution system 10 without preparing a computer for managing contract users.

  Further, in the content distribution system 10, for each content to be provided, the user who refers to the content can be charged for the content, and only the user who has been charged can refer to the content. In this case, the content distribution system 10 further includes, for example, a charging unit that performs a charging process on the virtual currency of one user who uses one terminal device when receiving a request for providing one content from one terminal device. The encryption unit 14 encrypts the common key with the public key assigned to one user when the charging process is normally completed. Then, the registration unit 15 registers the common key encrypted with the public key assigned to one user in the block chain 18. As a result, the content distribution service can be charged for each content. Even if the content distribution service is charged for each content, each user will continue to pay for the content once paid even if the user's content distribution contract is canceled. You can refer to it.

[Second Embodiment]
Next, a second embodiment will be described.
FIG. 2 is a diagram illustrating an example of a configuration of a network system according to the second embodiment. In the network system according to the second embodiment, a plurality of block chain nodes 100 and 100a to 100f are connected via network switches 31 to 35. Each of the block chain nodes 100, 100a to 100f is a computer that functions as one node on the block chain.

  The content providing server 200 and a plurality of terminal devices 300, 300a, 300b are connected to the network. The content providing server 200 is a computer managed by a service provider that provides content distribution services. In the content providing server 200, registration of blocks including content to be distributed to the block chain and management of users to be distributed are performed. The plurality of terminal devices 300, 300a, and 300b are computers used by users 41 to 43 who perform transactions via a network. It is assumed that the name of the user 41 is “Mr. A”, the name of the user 42 is “Mr. B”, and the name of the user 43 is “Mr. C”.

  In addition to the illustrated block chain nodes 100 and 100a to 100f, a number of block chain nodes not shown are connected to the network system of the second embodiment. Similarly, in addition to the illustrated terminal devices 300, 300a, and 300b, a number of terminal devices not shown are connected to the network system of the second embodiment.

  FIG. 3 is a diagram illustrating a configuration example of hardware of a block chain node used in the second embodiment. The entire block chain node 100 is controlled by the processor 101. A memory 102 and a plurality of peripheral devices are connected to the processor 101 via a bus 109. The processor 101 may be a multiprocessor. The processor 101 is, for example, a CPU (Central Processing Unit), an MPU (Micro Processing Unit), or a DSP (Digital Signal Processor). At least a part of the functions realized by the processor 101 executing the program may be realized by an electronic circuit such as an ASIC (Application Specific Integrated Circuit) or a PLD (Programmable Logic Device).

  The memory 102 is used as a main storage device of the block chain node 100. The memory 102 temporarily stores at least part of an OS (Operating System) program and application programs to be executed by the processor 101. Further, the memory 102 stores various data used for processing by the processor 101. As the memory 102, for example, a volatile semiconductor storage device such as a RAM (Random Access Memory) is used.

  Peripheral devices connected to the bus 109 include a storage device 103, a graphic processing device 104, an input interface 105, an optical drive device 106, a device connection interface 107, and network interfaces 108a and 108b.

  The storage device 103 writes and reads data electrically or magnetically with respect to a built-in recording medium. The storage device 103 is used as an auxiliary storage device of a computer. The storage device 103 stores an OS program, application programs, and various data. For example, an HDD (Hard Disk Drive) or an SSD (Solid State Drive) can be used as the storage device 103.

  A monitor 21 is connected to the graphic processing device 104. The graphic processing device 104 displays an image on the screen of the monitor 21 in accordance with an instruction from the processor 101. Examples of the monitor 21 include a display device using a CRT (Cathode Ray Tube) and a liquid crystal display device.

  A keyboard 22 and a mouse 23 are connected to the input interface 105. The input interface 105 transmits signals sent from the keyboard 22 and the mouse 23 to the processor 101. The mouse 23 is an example of a pointing device, and other pointing devices can also be used. Examples of other pointing devices include a touch panel, a tablet, a touch pad, and a trackball.

  The optical drive device 106 reads data recorded on the optical disc 24 using laser light or the like. The optical disc 24 is a portable recording medium on which data is recorded so that it can be read by reflection of light. The optical disc 24 includes a DVD (Digital Versatile Disc), a DVD-RAM, a CD-ROM (Compact Disc Read Only Memory), a CD-R (Recordable) / RW (ReWritable), and the like.

  The device connection interface 107 is a communication interface for connecting peripheral devices to the block chain node 100. For example, the memory device 25 and the memory reader / writer 26 can be connected to the device connection interface 107. The memory device 25 is a recording medium equipped with a communication function with the device connection interface 107. The memory reader / writer 26 is a device that writes data to the memory card 27 or reads data from the memory card 27. The memory card 27 is a card type recording medium.

  The network interfaces 108a and 108b are connected to network switches 31 and 33, respectively. The network interface 108a transmits / receives data to / from other computers or communication devices via the network switch 31. The network interface 108b transmits / receives data to / from another computer or communication device via the network switch 33.

  With the hardware configuration as described above, the processing function of the second embodiment in the block chain node 100 can be realized. The other block chain nodes 100 a to 100 f can also be realized by the same hardware as the block chain node 100.

  Note that the content distribution apparatuses 10a, 10b, 10c,... Shown in the first embodiment can also be realized by hardware similar to the block chain node 100 shown in FIG.

  The block chain node 100 implements the processing functions of the second embodiment by executing a program recorded on a computer-readable recording medium, for example. A program describing the processing contents to be executed by the block chain node 100 can be recorded in various recording media. For example, a program to be executed by the block chain node 100 can be stored in the storage device 103. The processor 101 loads at least a part of the program in the storage apparatus 103 into the memory 102 and executes the program. A program to be executed by the block chain node 100 can also be recorded on a portable recording medium such as the optical disc 24, the memory device 25, and the memory card 27. The program stored in the portable recording medium becomes executable after being installed in the storage apparatus 103 under the control of the processor 101, for example. The processor 101 can also read and execute a program directly from a portable recording medium.

Next, a block chain network including the block chain nodes 100 and 100a to 100f will be described.
FIG. 4 is a diagram illustrating an example of a block chain network. The block chain nodes 100 and 100a to 100f communicate with each other to realize three block chains. The content management block chain 51 is a block chain used for managing user keys and content. The virtual currency block chain 52 is a block chain used for charge management. The user management block chain 53 is a block chain used for user information management. The user management block chain 53 is an example of the user DB 11a shown in FIG. That is, in the second embodiment, information on contract users in the user DB 11 a shown in FIG. 1 is managed by the user management block chain 53.

Next, functions of each device will be described.
FIG. 5 is a block diagram illustrating an example of the function of each device. The content providing server 200 has an OS 210 and an entrance / exit management system 220 operating on the OS 210. The entrance / exit management system 220 manages entry (contract) and withdrawal (cancellation of cancellation) for the content distribution service, and registers the provided content in the block chain. For example, the entrance / exit management system 220 includes a user management unit 222 and a charge management unit 223 for managing entrance / exit. The user management unit 222 performs user membership processing, and stores user information of the joined user in the user management block chain 53. In addition, the user management unit 222 performs a user withdrawal process, and deletes the user information of the withdrawn user from the user management block chain 53. The billing management unit 223 performs billing processing for the joined user.

  In addition, the entrance / exit management system 220 includes a mail management unit 224 for registering content in the block chain. When the content to be provided to the user is input, the mail management unit 224 registers a block including the input content in the content management block chain 51 using an email.

  The block chain node 100 includes an OS 110, a block chain subsystem 120, an SMTP (Simple Mail Transfer Protocol) server 130, a key distribution agent 140, and a content management agent 150. The block chain subsystem 120, the SMTP server 130, the key distribution agent 140, and the content management agent 150 operate on the OS 110.

  The block chain subsystem 120 cooperates with other block chain nodes 100a, 100b,... To register blocks in the block chain and provide information such as contents in the blocks. The SMTP server 130 receives an e-mail including content to be distributed from the content providing server 200. Further, the SMTP server 130 transfers the received electronic mail to the block chain subsystem 120. The key distribution agent 140 manages a key (common key) for encrypting and decrypting content. The content management agent 150 manages the content distributed to the terminal devices 300, 300a, and 300b used by the users 41 to 43. Both the key distribution agent 140 and the content management agent 150 are realized by the block chain node 100 executing a chain code in the block chain, for example.

  The block chain node 100a includes an OS 110a, a block chain subsystem 120a, an HTTP (HyperText Transfer Protocol) server 130a, a key distribution agent 140a, and a content management agent 150a. The block chain subsystem 120a, the HTTP server 130a, the key distribution agent 140a, and the content management agent 150a operate on the OS 110a.

  The block chain subsystem 120a cooperates with other block chain nodes 100, 100b,... To register blocks in the block chain and provide information such as contents in the blocks. The HTTP server 130a provides the content registered in the content management block chain 51 to the terminal devices 300, 300a, and 300b. The key distribution agent 140a manages a common key for encrypting and decrypting content. The content management agent 150a manages the content distributed to the terminal devices 300, 300a, and 300b used by the users 41 to 43.

Block chain nodes 100b other than the block chain nodes 100 and 100a have the same functions as the block chain node 100a.
The terminal device 300 includes an OS 310, a web browser 320, a key management agent 330, and a content reader 340. The web browser 320, the key management agent 330, and the content reader 340 operate on the OS 310.

  The web browser 320 acquires content from the block chain nodes 100a, 100b,. The web browser 320 transmits the acquired content to the content reader 340. The key management agent 330 manages a common key for decrypting the encrypted content. The content reader 340 displays the acquired content on the monitor.

  The three block chains shown in FIG. 4 are managed by the block chain subsystems 120, 120a,. As for the blocks included in each of the block chains, blocks having the same contents are held in the block chain subsystems 120, 120a,. For example, a block registered in one of the block chain subsystems 120, 120a,... Is transferred to another block chain subsystem and held in each block chain subsystem. The users 41 to 43 can acquire a block including a common key or content from any of the plurality of block chain nodes 100, 100a, 100b,... Using the terminal devices 300, 300a, and 300b.

  In addition, the line which connects between each element shown in FIG. 5 shows a part of communication path, and communication paths other than the illustrated communication path can also be set. Further, the function of each element shown in FIG. 5 can be realized, for example, by causing a computer to execute a program module corresponding to the element.

  In the second embodiment, the provided content is encrypted and registered in the content management block chain 51. The common key used for content encryption is changed at a predetermined timing. For example, the common key is periodically changed. In addition, the common key is changed each time a user withdrawal procedure is performed. Each user 41 to 43 can receive the common key used for encrypting the content distributed during the contract period using the terminal devices 300, 300a, and 300b. Thereby, even after the withdrawal, each user 41 to 43 can refer to the content provided during the contract period using the common key acquired during the contract period.

  FIG. 6 is a diagram illustrating an example of a correspondence relationship between a distributed key and content. In the example of FIG. 6, it is assumed that the users 41 to 43 are in a contract period for receiving content. In this case, the common key “sk1” is distributed to each of the users 41 to 43. For example, the common key “sk1” is encrypted and distributed with the public keys of the users 41 to 43. Then, the content provider registers the block 61 including the content 61 a encrypted with the common key “sk1” in the content management block chain 51 using the content providing server 200. The block 61 includes, for example, the hash value of the block registered immediately before the block 61 with respect to the content management block chain 51. The content 61a includes documents and images.

  Each of the users 41 to 43 uses the terminal devices 300, 300a, and 300b to transfer the content 61a in the block 61 registered in the content management block chain 51 to one of the plurality of block chain nodes 100 and 100a to 100f. Get from. The terminal devices 300, 300a, and 300b decrypt the common key “sk1” encrypted with the public keys of the users 41 to 43 with the secret keys of the users 41 to 43, respectively. The terminal devices 300, 300a, and 300b decrypt the content 61a using the decrypted common key “sk1”, and display a document or an image included in the content 61a.

  Thereafter, if there is no user to withdraw, the content provider registers the block 62 including the content 62a encrypted with the same common key “sk1” as before in the content management block chain 51 using the content providing server 200. . Each of the users 41 to 43 acquires the content 62a in the block 62 using the terminal devices 300, 300a, and 300b. Then, the terminal devices 300, 300a, and 300b decrypt the content 62a using the common key “sk1” decrypted with the secret keys of the users 41 to 43, and display the documents and images included in the content 62a.

  Thereafter, it is assumed that the user 43 (Mr. C) has withdrawn. Then, a new common key “sk2” is distributed to the users 41 and 42 who have not withdrawn. For example, the common key “sk2” is encrypted with the public keys of the users 41 and 42 and distributed. The content provider registers the block 63 including the content 63 a encrypted with the new common key “sk2” in the content management block chain 51 using the content providing server 200. Each of the users 41 and 42 acquires the content 63a in the block 63 using the terminal devices 300 and 300a. The terminal devices 300 and 300a decrypt the common key “sk2” encrypted with the public keys of the users 41 and 42, with the secret keys of the users 41 and 42, respectively. Then, the terminal devices 300 and 300a decrypt the content 63a using the decrypted common key “sk2”, and display a document or an image included in the content 63a.

  On the other hand, even if the user 43 acquires the content 63a in the block 63 using the terminal device 300b, the user 43 does not have the common key “sk2” encrypted with the public key of the user 43. Cannot decrypt the content 63a. Note that the user 43 has the common key “sk1” encrypted with the public key of the user 43 distributed during the contract period even after withdrawal. Therefore, the user 43 decrypts the common key “sk1” with the secret key of the user 43, and uses the decrypted common key “sk1” to refer to the content 61a or the content 62a provided during the contract period after withdrawal. Is possible.

  In the second embodiment, distribution of the common key to each of the users 41 to 43 is also performed using the content management block chain 51. Hereinafter, a method for distributing the common key and providing the content will be described with reference to FIGS.

FIG. 7 is a diagram showing an example of common key distribution and content provision to users during a contract period. In the example of FIG. 7, three users 41 to 43 have signed a contract with the content provider for receiving the content. Each of the users 41 to 43 receives a contractor's key pair (public key, secret key) from the content provider at the same time as the contract. The entrance / exit management system 220 passes the public keys “PK _A ”, “PK _B ”, and “PK _C ” of each of the users 41 to 43 to, for example, the key distribution agent 140. For example, the entrance / exit management system 220 registers a block including the public keys “PK _A ”, “PK _B ”, and “PK _C ” in the user management block chain 53. The key distribution agent 140 acquires the public keys of the users 41 to 43 from the user management block chain 53.

The key distribution agent 140 generates a common key “sk1” and transmits the generated common key “sk1” to the content management agent 150. Next, the key distribution agent 140 encrypts the common key “sk1” using the public keys “PK _A ”, “PK _B ”, and “PK _C ” of the users 41 to 43. Thus, the common key “sk1” encrypted with the public key “PK _A ” of Mr. A, the common key “sk1” encrypted with the public key “PK _B ” of Mr. _B , and the public key “ A common key “sk1” encrypted with “PK _C ” is generated. The key distribution agent 140 registers the block 60 including the common key “sk1” encrypted with each of the three types of public keys in the content management block chain 51. For example, the key distribution agent 140 generates the block 60. Then, an agreement is formed between the key distribution agent 140 and the other key distribution agents 140a,... That the block 60 is valid. If the consensus is correctly formed, the key distribution agent 140 registers the block 60 in the content management block chain 51 managed by the block chain subsystem 120. Note that a block including a common key like the block 60 is particularly called a key block.

  The content management agent 150 that has received the common key “sk1” encrypts the content using the common key “sk1” when the content to be provided to the users 41 to 43 is input. The content management agent 150 registers the block 61 in which the content ID “1” is assigned to the encrypted content in the content management block chain 51. Then, an agreement is formed between the content management agent 150 and the other content management agents 150a,... That the block 61 is valid. If the consensus is correctly formed, the content management agent 150 registers the block 61 in the content management block chain 51 managed by the block chain subsystem 120. Note that a block including content, such as the block 61, is particularly referred to as a content block.

  The content management agent 150 uses the common key “sk1” for encrypting the content to be distributed until the common key “sk1” is updated. For example, the content management agent 150 encrypts newly distributed content with the common key “sk1”, and registers the block 62 (content block) in which the content ID “2” is added to the encrypted content in the content management block chain 51. To do.

The user 41 uses the content reader 340 to acquire the common key “sk1” encrypted with his / her public key “PK _A ” from the content management block chain 51. For example, the user 41 activates the content reader 340 in the terminal device 300. The content reader 340 requests the key management agent 330 (see FIG. 5) to acquire a common key. The key management agent 330 acquires the common key “sk1” encrypted with the public key “PK _A ” for the user 41 from the block chain subsystem 120a of the block chain node 100b. The key management agent 330 transmits the encrypted common key “sk1” to the content reader 340. The content reader 340 decrypts the acquired common key “sk1” with the secret key of the user 41.

  When the content reader 340 receives an input of a content reference request from the user 41, the content reader 340 acquires the corresponding content from the content management block chain 51. Then, the content reader 340 decrypts the acquired content with the common key “sk1” and displays it on the monitor. Thereby, the user 41 can refer to the content.

Similarly, the other users 42 and 43 can refer to the content using the content readers 340a and 340b, respectively.
Next, processing for distributing a common key to a user and providing content after any user has withdrawn will be described.

FIG. 8 is a diagram illustrating an example of common key distribution and content provision after some users have withdrawn. In the example of FIG. 8, it is assumed that the user 43 (Mr. C) has withdrawn. For example, the entrance / exit management system 220 registers a block including the public keys “PK _A ” and “PK _B ” between the user 41 and the user 42 in the user management block chain 53. This block does not include the public key “PK _C ” of the user 43 who has withdrawn. The key distribution agent 140 acquires the public keys of the users 41 and 42 from the user management block chain 53.

When the key distribution agent 140 confirms that a predetermined valid time has elapsed since the creation of the common key “sk1”, the key distribution agent 140 generates a new common key “sk2”, and the generated common key “sk2” is the content management agent. 150. Next, the key distribution agent 140 encrypts the new common key “sk2” using the public keys “PK _A ” and “PK _B ” of the users 41 and 42 during the contract period. Then, the key distribution agent 140 registers the block 63 including the encrypted common key “sk2” in the content management block chain 51.

  Upon receiving the content to be provided to the users 41 and 42, the content management agent 150 that has received the common key “sk2” encrypts the newly provided content using the common key “sk2”. The content management agent 150 registers the block 64 in which the content ID “3” is added to the encrypted content in the content management block chain 51.

The user 41 uses the content reader 340 to acquire the common key “sk2” encrypted with his / her public key “PK _A ” from the content management block chain 51. The content reader 340 decrypts the acquired common key “sk2” with the secret key of the user 41. When the content reader 340 receives an input of the latest content reference request from the user 41, the content reader 340 acquires the corresponding content (content ID: 3) from the content management block chain 51. Then, the content reader 340 decrypts the acquired content with the common key “sk2” and displays it on the monitor. Thereby, the user 41 can refer to the latest content.

  Similarly, the user 42 can refer to the content using the content reader 340a. The user 43 who has withdrawn cannot acquire the common key “sk2” in the block 63 because the common key “sk2” encrypted with the public key of the user 43 is not included in the block 63. Therefore, the user 43 cannot refer to the content provided after withdrawal.

  In this way, reference to contents started to be provided after withdrawal by the user 43 who has withdrawn can be suppressed, and contents started to be provided during the contract period of the user 43 can be referred to by the user 43 even after withdrawal. It can be. In the method shown in the second embodiment, even if the number of users is large, only one content to be provided to the users needs to be registered in the content management block chain 51. Even if the number of users increases, registration is possible. The number of contents to be increased does not increase.

  In addition, since the effective time of the common key is set and the common key is automatically updated when the effective time elapses, the key distribution agent 140 does not need to confirm whether or not the user has withdrawn. The validity period of the common key is set according to, for example, the calculation unit of the user's contract period. For example, when the user's contract period is calculated in units of one day, the effective period of the common key is set to one day. In this case, for example, the key distribution agent 140 changes the common key every day at midnight. Thus, even if the common key is not changed every time a user who has withdrawn occurs, it is possible to prevent the user who has withdrawn from referring to the content distributed after the contract period expires.

The common key may be changed every time a user withdrawal procedure is performed, for example.
Next, a procedure of processing executed by the key distribution agent 140 will be specifically described.

FIG. 9 is a flowchart illustrating an example of a procedure of processing executed by the key distribution agent. In the following, the process illustrated in FIG. 9 will be described in order of step number.
[Step S101] The key distribution agent 140 generates a common key for content encryption and decryption.

[Step S102] The key distribution agent 140 transmits a common key to the content management agent 150.
[Step S103] The key distribution agent 140 encrypts the common key with the public key of each user during the contract period.

[Step S104] The key distribution agent 140 registers the encrypted common key in the content management block chain 51.
[Step S105] The key distribution agent 140 starts measuring the usage time of the common key.

  [Step S106] The key distribution agent 140 determines whether or not the usage time since the start of the measurement in Step S105 has passed the preset effective time of the common key. If the valid time has elapsed, the key distribution agent 140 proceeds with the process to step S101. If the valid time has not elapsed, the key distribution agent 140 repeats the process of step S106.

  The common key is repeatedly generated in such a procedure, and the generated common key is encrypted with the public key of the user who is currently contracting and registered in the content management block chain 51.

Next, the process executed by the content management agent 150 will be specifically described.
FIG. 10 is a flowchart illustrating an example of a procedure of processing executed by the content management agent. In the following, the process illustrated in FIG. 10 will be described in order of step number.

[Step S111] The content management agent 150 acquires a common key from the key distribution agent 140.
[Step S112] The content management agent 150 encrypts the content using the common key as an encryption key.

[Step S113] The content management agent 150 registers a block including the encrypted content in the content management block chain 51.
The process shown in FIG. 10 is executed each time content to be provided is input to the block chain node 100 from the entrance / exit management system 220 of the content providing server 200, for example. As a result, the content encrypted with the latest common key is added to the content management block chain 51.

Next, the processing executed by the entrance / exit management system 220 will be specifically described.
FIG. 11 is a flowchart illustrating an example of a procedure of processing executed by the entrance / exit management system. In the following, the process illustrated in FIG. 11 will be described in order of step number.

[Step S121] The entrance / exit management system 220 accepts a withdrawal request from a user.
[Step S122] The entrance / exit management system 220 registers, in the user management block chain 53, user management information in which a deletion flag is set in the record of the user who wishes to withdraw.

  Thereby, by acquiring the latest block of the user management block chain 53, the latest user management information can be referred to. For example, the key distribution agent 140 acquires user management information included in the latest block from the user management block chain 53 when the common key is updated. In the user management information, a record indicating user management information including registered users is registered. The user's record includes the user's public key. The record of the user who has withdrawn includes a deletion flag. The key distribution agent 140 encrypts the common key using the public key of the record that does not include the deletion flag.

Next, the process executed by the content reader 340 will be specifically described.
FIG. 12 is a flowchart illustrating an example of a procedure of processing executed by the content reader. In the following, the process illustrated in FIG. 12 will be described in order of step number.

  [Step S131] The content reader 340 acquires a common key encrypted with the public key of the user 41 using the terminal device 300 from the content management block chain 51.

  [Step S132] The content reader 340 decrypts the acquired common key with the secret key of the user 41. The content reader 340 stores the decrypted common key in a storage medium such as a storage device.

  [Step S133] The content reader 340 acquires the content from the content management block chain 51 by designating the content ID of the designated content in response to the designation input of the content to be browsed from the user 41. For example, the content reader 340 can acquire the old content by designating the content ID of the old content provided before the content instead of the content provided last.

  [Step S134] The content reader 340 decrypts the acquired content with the common key. If the content reader 340 acquires old content, the common key used for encrypting the content may not be the latest. When the content reader 340 acquires the old content encrypted with the old common key, the content reader 340 decrypts the content using the common key corresponding to the content acquired and stored previously.

[Step S135] The content reader 340 displays the decrypted content on the monitor.
Thereby, the user 41 can browse the content designated as the browsing target. That is, the user 41 can browse the content by arbitrarily specifying the content provided during the contract period of the user 41 as well as the latest content. Even when the contract for receiving the content of the user 41 is canceled, the user 41 can freely browse the content provided before the contract is canceled.

[Third Embodiment]
Next, a third embodiment will be described. The third embodiment is an example in which a mail magazine is provided as content. Hereinafter, differences between the third embodiment and the second embodiment will be described.

  FIG. 13 is a diagram illustrating an example of common key distribution and content provision to users during a contract period according to the third embodiment. In FIG. 13, elements having the same functions as those of the second embodiment are denoted by the same reference numerals as the corresponding elements of the second embodiment.

  In the third embodiment, the content provided from the content management agent 150 includes a mail magazine. The content management agent 150 has price information indicating the price of the mail magazine to be provided.

  In the example of FIG. 13, all of the users 41 to 43 are in the contract period. When the users 41 to 43 are in the contract period, the entrance / exit management system 220 can withdraw the price of the content from the users 41 to 43 from the virtual currency block chain 52. Also, the entrance / exit management system 220 registers user management information indicating that the users 41 to 43 are in the contract period in the user management block chain 53. The key distribution agent 140 obtains the user management information from the user management block chain 53 and recognizes that the users 41 to 43 are in the contract period.

The terminal devices used by the users 41 to 43 have mailers 350, 350a, and 350b, respectively. When the users 41 to 43 are all in the contract period, the key distribution agent 140 generates the common key “sk1” and transmits the generated common key “sk1” to the content management agent 150. Next, the key distribution agent 140 encrypts the common key “sk1” using the public keys “PK _A ”, “PK _B ”, and “PK _C ” of each of the users 41 to 43. Then, the key distribution agent 140 registers the block 70 including the encrypted common key “sk1” in the content management block chain 51.

  The content management agent 150 that has received the common key “sk1” encrypts the provided content by using the common key “sk1” every time a mail magazine is input as the content to be provided to the users 41 to 43. The content management agent 150 registers, in the content management block chain 51, blocks 71 and 72 that include encrypted content assigned with content IDs “1” and “2” and price information.

The user 41 uses the mailer 350 to obtain from the content management block chain 51 the common key “sk1” encrypted with his / her public key “PK _A ”. The mailer 350 decrypts the acquired common key “sk1” with the secret key of the user 41. When the mailer 350 receives an input of a content reference request from the user 41, the mailer 350 acquires the corresponding content (content ID “1”, “2”) and price information from the content management block chain 51. Mailer 350 then displays price information on the monitor. When the user 41 receives an input for approving the price indicated in the price information, the mailer 350 decrypts the acquired content with the common key “sk1” and displays the mail magazine on the monitor. Thereby, the user 41 can refer to the mail magazine. Similarly, the other users 42 and 43 can read the mail magazine using the mailers 350a and 350b, respectively.

  FIG. 14 is a diagram illustrating an example of common key distribution and content provision after a part of users are unsubscribed in the third embodiment. In the example of FIG. 14, it is assumed that the user 43 (Mr. C) has withdrawn.

When the key distribution agent 140 confirms that a predetermined valid time has elapsed since the creation of the public key “sk1”, the key distribution agent 140 generates a new common key “sk2” and uses the generated common key “sk2” as the content management agent. 150. Next, the key distribution agent 140 encrypts the new common key “sk2” using the public keys “PK _A ” and “PK _B ” of the users 41 and 42 during the contract period. Then, the key distribution agent 140 registers the block 73 including the encrypted common key “sk2” in the content management block chain 51.

  Upon receiving the mail magazine to be provided to the users 41 and 42, the content management agent 150 that has received the common key “sk2” encrypts the newly provided mail magazine using the common key “sk2”. The content management agent 150 registers the block 74 including the encrypted content assigned the content ID “3” and the price information in the content management block chain 51.

The user 41 uses the mailer 350 to obtain from the content management block chain 51 the common key “sk2” encrypted with his / her public key “PK _A ”. The mailer 350 decrypts the acquired common key “sk2” with the secret key of the user 41. When the mailer 350 receives an input of a content reference request from the user 41, the mailer 350 acquires the corresponding content (content ID “3”) and price information from the content management block chain 51. Mailer 350 then displays price information on the monitor. When the user 41 receives an input for approving the price indicated by the price information, the mailer 350 decrypts the acquired content with the common key “sk2” and displays the mail magazine on the monitor. Thereby, the user 41 can refer to the latest mail magazine.

  Similarly, the user 42 can refer to the mail magazine using the mailer 350a. The user 43 who has withdrawn cannot acquire the common key “sk2” in the block 73 because the common key “sk2” encrypted with the public key of the user 43 is not included in the block 73. That is, the user 43 cannot refer to the mail magazine provided after the withdrawal.

  Of the processing of each element in the third embodiment, the processing of the key distribution agent 140 is the same as the processing of the second embodiment shown in FIG. Moreover, the process of the entrance / exit management system 220 is the same as the process of 2nd Embodiment shown in FIG. Hereinafter, the procedure of the process to be executed will be specifically described with respect to elements that execute processes different from those of the second embodiment.

  FIG. 15 is a flowchart illustrating an example of a processing procedure of the content management agent according to the third embodiment. In the following, the process illustrated in FIG. 15 will be described in order of step number.

[Step S201] The content management agent 150 acquires a common key from the key distribution agent 140.
[Step S202] The content management agent 150 encrypts the content including the mail magazine using the common key as the encryption key.

[Step S203] The content management agent 150 registers a block including encrypted content and price information in the content management block chain 51.
Next, the process executed by the mailer 350 will be specifically described.

FIG. 16 is a flowchart illustrating an example of a procedure of processing executed by the mailer. In the following, the process illustrated in FIG. 16 will be described in order of step number.
[Step S211] The mailer 350 acquires, from the content management block chain 51, a common key encrypted with the public key of the user 41 using the terminal device 300.

[Step S212] The mailer 350 decrypts the acquired common key with the secret key of the user 41. The mailer 350 stores the decrypted common key in a storage medium such as a storage device.
[Step S213] The mailer 350 specifies the content ID of the specified content in response to the input of the content to be browsed from the user 41, and acquires the price information of the content from the content management block chain 51. The mailer 350 then displays the price of the mail magazine indicated in the price information, and accepts an approval input from the user 41 for the price.

  [Step S214] The mailer 350 specifies the content ID of the specified content in response to the approval input from the user 41, and acquires the mail magazine from the content management block chain 51.

[Step S215] The mailer 350 decrypts the acquired mail magazine with the common key.
[Step S216] The mailer 350 displays the decrypted mail magazine on the monitor.
Thereby, the user 41 can browse the mail magazine designated as the browsing target.

[Fourth Embodiment]
Next, a fourth embodiment will be described. In the fourth embodiment, the common key is managed by the content management block chain 51, but the content is managed by other than the content management block chain 51. For example, if the content is moving image data, the amount of data of one content is large, and if the content is managed by the block chain, the resource consumption of the block chain nodes 100, 100a, 100b,. Therefore, in the fourth embodiment, the content can be managed separately from the content management block chain 51.

  FIG. 17 is a block diagram illustrating an example of the function of each device according to the fourth embodiment. In FIG. 17, elements having the same functions as those in the second embodiment are denoted by the same reference numerals as those in the second embodiment.

  In the fourth embodiment, a content server 400 that stores content is provided. The content server 400 is a computer that holds content such as moving image data. For example, the content server 400 verifies the signature of being a contractor of the content providing service, and transmits the content to the terminal device used by the user who has been confirmed to be the contractor.

  In the fourth embodiment, the content providing server 200 encrypts the content position information stored in the content server 400 with the common key and registers it in the content management block chain 51 via the block chain node 100. . The location information is, for example, a URL (Uniform Resource Locator). The terminal device 300 has a playback application 360. The playback application 360 acquires position information registered in the content management block chain 51 from the block chain node 100a, and decrypts the acquired position information with a common key. Then, the playback application 360 accesses the content in the content server 400 based on the position information and plays back the content.

  FIG. 18 is a diagram illustrating an example of common key distribution and content provision to users during a contract period according to the fourth embodiment. In the fourth embodiment, the content provided from the content management agent 150 includes a URL as content location information.

In the content management block chain 51, a block 80 including the public keys of the users 41 to 43 is registered.
The terminal devices 300, 300a, and 300b used by the users 41 to 43 have playback applications 360, 360a, and 360b, respectively. When the users 41 to 43 are all in the contract period, the key distribution agent 140 generates the common key “sk1” and transmits the generated common key “sk1” to the content management agent 150. Next, the key distribution agent 140 encrypts the common key “sk1” using the public keys “PK _A ”, “PK _B ”, and “PK _C ” of each of the users 41 to 43. Then, the key distribution agent 140 registers the block 81 including the encrypted common key “sk2” in the content management block chain 51.

  Upon receiving the URL of the content to be provided to the users 41 to 43, the content management agent 150 that has received the common key “sk1” encrypts the URL of the content to be provided using the common key “sk1”. The content management agent 150 registers, in the content management block chain 51, the block 82 including the encrypted URL assigned with the content ID “1” and the price information of the content.

The user 41 uses the playback application 360 to acquire the common key “sk1” encrypted with his / her public key “PK _A ” from the content management block chain 51. The playback application 360 decrypts the acquired common key “sk1” with the secret key of the user 41. When the reproduction application 360 receives an input of a content reference request from the user 41, the reproduction application 360 acquires the URL and price information of the corresponding content (content ID “1”) from the content management block chain 51. Then, the playback application 360 displays price information on the monitor. When the user 41 receives an input for approving the price indicated in the price information, the playback application 360 decrypts the acquired URL with the common key “sk1”. The reproduction application 360 transmits an access request in which the signature of the user's private key is attached to the URL obtained by decryption to the content server 400.

  The content server 400 acquires the public key of the user 41 using the terminal device 300 that transmitted the access request from the content management block chain 51, and confirms the validity of the signature using the public key. When the content server 400 recognizes that the signature is valid, the playback application 360 acquires the content at the position indicated by the transmitted URL from the content server 400. The playback application 360 plays back the acquired content (for example, moving image data) and displays the playback result on the monitor. Thereby, the user 41 can browse the content stored in the content server 400. Similarly, the other users 42 and 43 can browse the content by using the reproduction applications 360a and 360b, respectively.

  FIG. 19 is a diagram illustrating an example of common key distribution and content provision after a part of users have withdrawn in the fourth embodiment. In the example of FIG. 19, it is assumed that the user 43 (Mr. C) has withdrawn.

When the key distribution agent 140 confirms that a predetermined valid time has elapsed since the creation of the common key “sk1”, the key distribution agent 140 generates a new common key “sk2”, and the generated common key “sk2” is the content management agent. 150. Next, the key distribution agent 140 encrypts the new common key “sk2” using the public keys “PK _A ” and “PK _B ” of the users 41 and 42 during the contract period. Then, the key distribution agent 140 registers the block 83 including the encrypted common key “sk2” in the content management block chain 51.

  Upon receiving the URL of the content to be provided to the users 41 and 42, the content management agent 150 that has received the common key “sk2” encrypts the URL of the newly provided content using the common key “sk2”. . The content management agent 150 registers, in the content management block chain 51, the block 84 including the encrypted URL assigned with the content ID “3” and the price information.

The user 41 uses the playback application 360 to acquire the common key “sk2” encrypted with his / her public key “PK _A ” from the content management block chain 51. The playback application 360 decrypts the acquired common key “sk2” with the secret key of the user 41. When the reproduction application 360 receives an input of a content reference request from the user 41, the reproduction application 360 acquires the URL and price information of the corresponding content (content ID “3”) from the content management block chain 51. Then, the playback application 360 displays price information on the monitor. When the user 41 receives an input for approving the price indicated by the price information, the playback application 360 decrypts the acquired URL with the common key “sk2”. The reproduction application 360 transmits an access request in which the signature of the user's private key is attached to the URL obtained by decryption to the content server 400.

  When the content server 400 recognizes that the signature is valid, the playback application 360 acquires the content at the position indicated by the transmitted URL from the content server 400. The playback application 360 plays back the acquired content (for example, moving image data) and displays the playback result on the monitor. Thereby, the user 41 can browse the content stored in the content server 400.

  Similarly, the user 42 can refer to the content using the reproduction application 360a. The user 43 who has withdrawn cannot acquire the common key “sk2” in the block 83 because the common key “sk2” encrypted with the public key of the user 43 is not included in the block 83. That is, the user 43 cannot refer to the content provided after the withdrawal.

  Of the processing of each element in the fourth embodiment, the processing of the key distribution agent 140 is the same as the processing of the second embodiment shown in FIG. Moreover, the process of the entrance / exit management system 220 is the same as the process of 2nd Embodiment shown in FIG. Hereinafter, the procedure of the process to be executed will be specifically described for elements that execute processes different from those of the second embodiment in the fourth embodiment.

  FIG. 20 is a flowchart illustrating an example of a processing procedure of the content management agent according to the fourth embodiment. In the following, the process illustrated in FIG. 20 will be described in order of step number.

[Step S301] The content management agent 150 acquires a common key from the key distribution agent 140.
[Step S302] The content management agent 150 encrypts the URL of the content using the common key as an encryption key.

[Step S303] The content management agent 150 registers a block including the encrypted URL and price information in the content management block chain 51.
Next, the process executed by the playback application 360 will be specifically described.

FIG. 21 is a flowchart illustrating an example of a procedure of processing executed by the playback application. In the following, the process illustrated in FIG. 21 will be described in order of step number.
[Step S311] The playback application 360 acquires a common key encrypted with the public key of the user 41 using the terminal device 300 from the content management block chain 51.

  [Step S312] The playback application 360 decrypts the acquired common key with the secret key of the user 41. The playback application 360 stores the decrypted common key in a storage medium such as a storage device.

  [Step S <b> 313] The playback application 360 specifies the content ID of the specified content in accordance with the designation input of the content to be browsed from the user 41, and acquires the price information of the content from the content management block chain 51. Then, the playback application 360 displays the price of the content indicated in the price information, and accepts an approval input from the user 41 for the price.

  [Step S314] The playback application 360 specifies the content ID of the specified content in accordance with the approval input of the user 41, and acquires the URL of the corresponding content from the content management block chain 51.

[Step S315] The playback application 360 decrypts the acquired URL with the common key.
[Step S316] The playback application 360 transmits an access request in which the signature is attached to the user 41 to the decrypted URL to the content server 400. For example, the playback application 360 encrypts the hash value of the URL with the private key of the user 41 and sets it as the signature of the URL.

  [Step S317] When access is permitted in the content server 400, the playback application 360 accesses the content at the decrypted URL, and plays back and displays this content.

Thereby, the user 41 can browse the content designated as the browsing target.
Next, processing executed by the content server 400 will be described.

FIG. 22 is a flowchart illustrating an example of a procedure of processing executed by the content server. In the following, the process illustrated in FIG. 22 will be described in order of step number.
[Step S321] The content server 400 accepts an access request including a URL for content access and the signature of the contractor.

  [Step S322] The content server 400 acquires the public key of the user who has transmitted the access request from the content management block chain 51 in order to verify the signature of the contractor.

  [Step S323] The content server 400 determines whether or not the signature attached to the access request is valid. For example, the content server 400 decrypts the signature with the user's public key and calculates the hash value of the URL. The content server 400 determines that the signature is valid if the decrypted value and the calculated hash value are the same. If the signature is valid, the content server 400 proceeds with the process to step S324. If the signature is invalid, the content server 400 proceeds with the process to step S325.

  [Step S324] The content server 400 permits access to the content, and transmits the content of the URL indicated in the access request to the terminal device that has transmitted the access request. Thereafter, the content server 400 ends the process according to the access request.

  [Step S325] The content server 400 denies access to the content from the terminal device that transmitted the content request. When the access is rejected, for example, the content server 400 transmits an access rejection response to the terminal device that has transmitted the access request.

  In this way, even when content is stored in a location different from the block chain, browsing management of the content can be appropriately performed using the block chain.

[Fifth Embodiment]
Next, a fifth embodiment will be described. In the fifth embodiment, instead of the entrance / exit management system 220 in the fourth embodiment, user entrance / exit and billing processing are realized using a block chain. Further, in the fifth embodiment, the price of the content that the user desires to browse is charged with virtual currency, and the user can browse the content only when charging is completed normally.

  FIG. 23 is a block diagram illustrating an example of the function of each device according to the fifth embodiment. In FIG. 23, elements having the same functions as those in the fourth embodiment are denoted by the same reference numerals as those in the fourth embodiment.

  In the fifth embodiment, an enrollment agent 160, a withdrawal agent 170, and a charging agent 180 are added to the block chain node 100. The enrollment agent 160 performs membership enrollment processing. The withdrawal agent 170 performs membership withdrawal processing. The billing agent 180 performs billing processing using virtual currency each time a member refers to the content. The joining agent 160, the withdrawal agent 170, and the charging agent 180 are realized, for example, by causing the block chain node 100 to execute a chain code. Similarly, the block chain node 100a also has a joining agent 160a, a withdrawal agent 170a, and a charging agent 180a. The other block chain nodes 100b,... Have the same elements as the block chain node 100a.

The billing agent is an example of the billing unit described in the first embodiment.
FIG. 24 is a diagram illustrating an example of a user joining process. The membership agent 160 acquires user information from the Web browser 320 of the terminal device 300 used by the user 41, for example. For example, the user 41 accesses the enrollment agent 160 of the block chain node 100 through the Web browser 320 and acquires the data of the enrollment screen for the content service. The user 41 inputs user information such as a login ID, a password, and a wallet ID on the membership screen displayed by the web browser 320. Note that on the enrollment screen, the content to be browsed can be selected, and the content ID and price of the selected content are displayed on the enrollment screen. User information input by the user 41 is transmitted from the Web browser 320 to the membership agent 160.

  The enrollment agent 160 acquires the user registration public key 501 from the user management block chain 53 and encrypts the user information sent from the Web browser 320 with the user registration public key 501. Next, the enrollment agent 160 verifies the validity of the user 41's wallet (electronic wallet). For example, the enrollment agent 160 acquires wallet information corresponding to the wallet ID of the user 41 from the virtual currency block chain 52, and verifies that the wallet is valid using the mechanism of the virtual currency block chain 52.

  Next, the enrollment agent 160 generates a user key (a pair of the secret key 502 and the public key 503). The enrollment agent 160 transmits the generated secret key 502 to the reproduction application 360 in the terminal device 300 used by the user 41. The enrollment agent 160 registers the block 90 (key block) including the generated public key 503 in the content management block chain 51.

  Next, the enrollment agent 160 gives the login ID of the user 41 and a validity flag “1” indicating that the user information is valid to the encrypted user information. The enrollment agent 160 registers the user information with the login ID and the valid flag in the user management block chain 53.

  The user registration secret key for decrypting the user information registered in the user management block chain 53 is managed by each of the withdrawal agent 170 and the billing agent 180. The withdrawal agent 170 and the billing agent 180 can each decrypt the encrypted user information.

Next, the process executed by the membership agent 160 will be specifically described.
FIG. 25 is a flowchart illustrating an example of a procedure of processing executed by the membership agent. In the following, the process illustrated in FIG. 25 will be described in order of step number.

[Step S401] The membership agent 160 transmits the membership screen data to the terminal device used by the user, and displays the membership screen on the terminal device.
[Step S402] The enrollment agent 160 acquires the login ID, password, and wallet ID entered on the enrollment screen by the user as user information from the terminal device.

  [Step S403] The enrollment agent 160 acquires the user registration public key 501 from the user management block chain 53. The enrollment agent 160 encrypts the user information acquired from the terminal device using the acquired user registration public key 501 as an encryption key.

[Step S404] The enrollment agent 160 accesses the virtual currency block chain 52 and confirms the validity of the wallet for the wallet ID indicated in the user information.
[Step S405] If the wallet is valid, the enrollment agent 160 advances the process to step S406. If the wallet is not valid, the enrollment agent 160 advances the process to step S401.

[Step S406] The enrollment agent 160 generates a user key pair (public key + private key).
[Step S407] The enrollment agent 160 transmits the generated key pair to the terminal device used by the user, and causes the terminal device to execute processing for registering the secret key to the implemented reproduction application.

[Step S408] The enrollment agent 160 registers the user's public key in the content management block chain 51.
[Step S409] The enrollment agent 160 adds a login ID and a valid flag indicating “valid (1)” to the encrypted user information, and registers the user information in the user management block chain 53.

In this way, the user membership process is completed. Next, the user withdrawal process will be described.
FIG. 26 is a diagram illustrating an example of a user withdrawal process. For example, the user 41 accesses the withdrawal agent 170 via the Web browser 320 of the terminal device 300 and inputs a withdrawal request including a login ID and a password from the withdrawal screen. The withdrawal request is transmitted from the web browser 320 to the withdrawal agent 170. When the withdrawal agent 170 receives the withdrawal request, the withdrawal agent 170 acquires user information corresponding to the login ID indicated in the withdrawal request from the user management block chain 53. At this point, the acquired user information is assigned a valid flag “1” indicating “valid”. The withdrawal agent 170 uses the user registration secret key 504 to decrypt the user information.

  Next, the withdrawal agent 170 verifies the validity of the password, and if the password is valid, deletes the user information of the user 41 to be withdrawn from the user management block chain 53. For example, the withdrawal agent 170 registers a set of a login ID of the user 41 and a valid flag “0” indicating that the user information is invalid in the user management block chain 53. Further, the withdrawal agent 170 registers the block 99 from which the public key of the user 41 is deleted in the content management block chain 51.

Next, the process executed by the withdrawal agent 170 will be specifically described.
FIG. 27 is a flowchart illustrating an example of a procedure of processing executed by the withdrawal agent. In the following, the process illustrated in FIG. 27 will be described in order of step number.

[Step S411] The withdrawal agent 170 receives a withdrawal request including a pair of a login ID and a password from a terminal device used by the user.
[Step S412] The withdrawal agent 170 obtains valid user information corresponding to the login ID indicated in the withdrawal request from the user management block chain 53.

[Step S413] The withdrawal agent 170 uses the user registration secret key as a decryption key to decrypt the acquired user information.
[Step S414] The withdrawal agent 170 determines whether the password is valid based on the combination of the login ID and the password included in the withdrawal request. For example, the withdrawal agent 170 determines that the password is valid when the password included in the decrypted user information matches the password included in the withdrawal request. If the password is valid, the withdrawal agent 170 advances the process to step S415. If the password is not valid, the withdrawal agent 170 advances the process to step S411.

[Step S415] The withdrawal agent 170 registers, in the user management block chain 53, a set of a login ID of the user to be withdrawn and a valid flag “0” (deleted).
[Step S416] The withdrawal agent 170 registers the block from which the public key of the user to be removed is deleted in the content management block chain 51.

In this way, the user withdrawal process is performed. Next, a charging process for each content by the charging agent 180 will be described.
FIG. 28 is a diagram illustrating an example of the billing process. In the example of FIG. 28, registered in the content management block chain 51 are a block 90 containing the public key of a user who has registered as a member in advance, and a block 91 containing URL and price information encrypted with the common key “sk1”. It is assumed that

  Here, for example, when the user 41 browses the content, the accounting agent 180 is accessed using the Web browser 320 to display the content acquisition screen. The user 41 selects content to browse on the content acquisition screen and inputs a login ID and a password. The web browser 320 transmits the input content ID and user information (login ID and password) to the billing agent 180.

  The charging agent 180 acquires user information of the user 41 from the user management block chain 53. Then, the billing agent 180 decrypts the user information acquired from the user management block chain 53 using the user registration private key 504 as a decryption key. Next, the billing agent 180 acquires price information of content corresponding to the content ID sent from the Web browser 320 from the content management block chain 51. Then, the billing agent 180 performs billing processing for the content price on the wallet of the user 41 via the virtual currency block chain 52. For example, the billing agent 180 registers in the virtual currency block chain 52 a block indicating that the amount corresponding to the price of the content from the user's 41 wallet is transferred to the content provider's wallet.

After the accounting process, the accounting agent 180 transmits to the key distribution agent 140 an instruction to register a common key for content decryption by the terminal device 300 of the user 41. In response to the common key registration instruction, the key distribution agent 140 registers the block 92 including the common key “sk1” encrypted with the public key “PK _X ” of the user 41 in the content management block chain 51.

The playback application 360 acquires the common key “sk1” encrypted with the public key “PK _X ” of the user 41 from the content management block chain 51, and decrypts the common key “sk1” with the private key of the user 41. Next, the playback application 360 acquires the URL of the content encrypted with the common key “sk1” from the content management block chain 51 and decrypts the URL with the common key “sk1”. The playback application 360 transmits the access request with the signature of the user 41 to the content server 400 by specifying the URL obtained by the decryption. The content server 400 obtains the public key of the user 41 from the content management block chain 51, confirms the validity of the signature, and permits access to the content if the signature is valid. The reproduction application 360 permitted to access the content acquires the content stored in the content server 400, and reproduces and displays the content.

Next, a content providing process using automatic billing will be specifically described.
FIG. 29 is a flowchart illustrating an example of a content providing process using automatic billing. In the following, assuming that the user 41 refers to the content using the terminal device 300, the processing illustrated in FIG. 29 will be described along step numbers.

[Step S421] The accounting agent 180 obtains a login ID, a password, and a content ID from the terminal device 300 used by the user 41.
[Step S422] The billing agent 180 acquires user information from the user management block chain 53. The billing agent 180 decrypts the acquired user information with the user registration secret key 504.

[Step S423] The billing agent 180 acquires content price information from the content management block chain 51.
[Step S424] The billing agent 180 charges the wallet of the user 41 in the virtual currency block chain 52 for the amount indicated in the price information of the content.

  [Step S425] The billing agent 180 determines whether billing has ended normally. The charging agent 180 proceeds with the process to step S427 when the charging ends normally. Also, the billing agent 180 proceeds with the process to step S426 when billing cannot be completed normally due to a lack of the balance of the wallet of the user 41 or the like.

[Step S426] The charging agent 180 transmits an abnormal end of charging to the terminal device 300 used by the user 41, and ends the process.
[Step S427] The accounting agent 180 instructs the key distribution agent 140 to register a common key for decryption of the user.

[Step S428] The key distribution agent 140 registers the common key encrypted with the public key of the user 41 in the content management block chain 51.
[Step S429] The playback application 360 acquires the common key encrypted with the public key of the user 41 from the content management block chain 51, and decrypts the common key with the secret key of the user 41. Furthermore, the playback application 360 acquires the encrypted URL of the content from the content management block chain 51 and decrypts the URL with the common key.

[Step S430] The playback application 360 transmits an access request in which the signature of the user 41 is attached to the URL to the content server 400.
[Step S431] When the content server 400 permits access, the playback application 360 acquires content from the content server 400, and plays back and displays the content.

  In this way, automatic charging for each content can be performed. Only the user who has been charged can acquire the common key for decrypting the content and refer to the content. Also in the fifth embodiment, since each user has a common key used for encrypting the content for which the price has been paid, the user can refer to the content even after withdrawal.

[Other Embodiments]
As mentioned above, although embodiment was illustrated, the structure of each part shown by embodiment can be substituted by the other thing which has the same function. Moreover, other arbitrary structures and processes may be added. Further, any two or more configurations (features) of the above-described embodiments may be combined.

1a, 1b, 1c User 2a, 2b, 2c Terminal device 3a, 3b, 3c Public key 4a, 4b, 4c Private key 5, 5a Content 6, 6a, 6b, 6c Common key 10 Content distribution system 10a, 10b, 10c, ... Content distribution device 11 Storage unit 11a User DB
12 Key generation unit 12a, 12b, 12c Key pair 13 Key distribution unit 14 Encryption unit 15 Registration unit 16 User update unit 17 Key update unit 18 Block chain

Claims (9)

A key generation unit for generating a public key for each of a plurality of contract users who are contracting users for a contract for receiving content distribution;
A key distribution unit that distributes a secret key corresponding to the public key to each of the plurality of contract users;
The content is encrypted with a common key, and a storage unit that stores a user database that holds information on the plurality of contract users is referred to, and the common key is assigned to each of the plurality of contract users stored in the user database. An encryption unit for encrypting with each of the public keys provided;
A registration unit that registers the content encrypted with the common key and each of the encrypted common keys in a block chain;
A key update unit for updating the common key;
Have
In response to the update of the common key, the encryption unit refers to the storage unit in which the information on the contract user has been updated after the registration process by the registration unit is executed, and uses the updated common key. Encrypted with each of the public keys assigned to each of the plurality of contract users acquired from the user database,
The registration unit registers each encrypted updated common key in the block chain.
A content distribution apparatus characterized by the above.   The content distribution apparatus according to claim 1, wherein the key update unit periodically updates the common key.   The content distribution apparatus according to claim 1, wherein the key update unit updates the common key when the contract user information stored in the storage unit is updated.   4. The content distribution apparatus according to claim 1, wherein the content is position information indicating a storage location of other content. When a request for providing one content is received from one terminal device, it further includes a billing unit that performs billing processing for the virtual currency of one user who uses the one terminal device,
The encryption unit encrypts the common key with the public key assigned to the one user when the charging process is normally completed,
The registration unit registers the common key encrypted with the public key assigned to the one user in the block chain;
The content distribution device according to claim 1, wherein the content distribution device is a content distribution device. A storage unit for storing a user database that holds information on a plurality of contract users who are contracting users for contracts for receiving content distribution;
A key generation unit that generates a public key for each of the plurality of contract users;
A key distribution unit that distributes a secret key corresponding to the public key to each of the plurality of contract users;
An encryption unit that encrypts the content with a common key and encrypts the common key with each of the public keys assigned to each of the plurality of contract users stored in the user database;
A registration unit that registers the content encrypted with the common key and each of the encrypted common keys in a block chain;
A user updating unit that updates the information on the contract user stored in the storage unit after the registration unit performs the registration process;
A key update unit for updating the common key;
Have
The encryption unit refers to the storage unit in response to the update of the common key, and the public key assigned to each of the plurality of contract users who acquired the updated common key from the user database. Encrypt with each
The registration unit registers each encrypted updated common key in the block chain.
A content distribution system characterized by that. The storage unit realizes the user database by a user management block chain,
The user update unit registers user information indicating a user who has signed a contract for receiving the content distribution in the user management block chain as the contract user information, and receives a contract for receiving the content distribution. 7. The content distribution system according to claim 6, wherein the information on the contract user whose license has been canceled is deleted from the user management block chain. On the computer,
Generate a public key for each of a plurality of contract users who are contracting users for contracts for receiving content distribution,
Distributing a secret key corresponding to the public key to each of the plurality of contract users,
Encrypt the content with a common key,
Reference is made to a storage unit that stores a user database that holds information on the plurality of contract users, and the common key is encrypted with each of the public keys assigned to the plurality of contract users stored in the user database. And
Register the content encrypted with the common key and each of the encrypted common keys in the block chain,
Updating the common key;
In response to the update of the common key, the plurality of contracts obtained by acquiring the updated common key from the user database with reference to the storage unit in which the contract user information is updated after the registration process is executed. Encrypt with each of the public keys assigned to each of the users,
Register each of the encrypted updated common keys in the blockchain;
A content distribution program characterized by causing a process to be executed. Computer
Generate a public key for each of a plurality of contract users who are contracting users for contracts for receiving content distribution,
Distributing a secret key corresponding to the public key to each of the plurality of contract users,
Encrypt the content with a common key,
Reference is made to a storage unit that stores a user database that holds information on the plurality of contract users, and the common key is encrypted with each of the public keys assigned to the plurality of contract users stored in the user database. And
Register the content encrypted with the common key and each of the encrypted common keys in the block chain,
Updating the common key;
In response to the update of the common key, the plurality of contracts obtained by acquiring the updated common key from the user database with reference to the storage unit in which the contract user information is updated after the registration process is executed. Encrypt with each of the public keys assigned to each of the users,
Register each of the encrypted updated common keys in the blockchain;
A content distribution method characterized by the above.

Images