JP2020205636A - Reception device and reception method - Google Patents

Abstract

To improve quality of service using an out-of-broadcast managed application.SOLUTION: An information processing device includes a broadcast reception unit capable of receiving a broadcast. The information processing device is configured to: control operation of an application by obtaining, by communication, a first application information table storing at least first utilization permission information indicating a utilization permission range of resources by the application using broadcast resources; and control operation of the application by obtaining a second application information table storing at least second utilization permission information indicating a utilization permission range of the resources by the application by using the broadcast reception unit during execution of the application.SELECTED DRAWING: Figure 8

Description

This technology is based on an information processing device capable of executing an application using an application information table as well as presenting broadcast content, a broadcasting device that sends out broadcast content received by this information processing device, and an information processing device. Regarding the receiving method.

In recent years, there have been known technologies that enable the execution of applications distributed via networks such as the Internet at the same time as the reproduction of broadcast contents. As such a technique, a technique called hybrid broadcast Broadband TV (hereinafter referred to as "HbbTV") is known. As a standard for HbbTV, "ETSI TS 102 796" (see Non-Patent Document 1) has been established in Europe. In Japan, the corresponding standards "IPTVFJ STD-0010" (see Non-Patent Document 2) and "IPTVFJ STD-0011" (see Non-Patent Document 3) have been established.

For example, in a system such as HbbTV where an application is executed at the same time as the broadcast content is played, the life cycle from the start to the end of the application is based on a data structure called an AIT section (Application Information Table) superimposed on the broadcast content. Be managed. The information terminal that has acquired the AIT section controls the application based on the application control code included in the AIT section.

Further, there is XML-AIT described in XML format as an optimum format for providing information about an application to a receiver by using a communication network such as the Internet, which has information equivalent to that of the broadcast AIT section.

ETSI (European Telecommunications Standards Institute) "ETSI TS 102 796 V1.1.1 (2010-06)" http://www.etsi.org/deliver/etsi_ts/102700_102799/102796/01.01.01_60/ts_102796v010101p.pdf (2011) (Viewed on October 21) General Incorporated Association IPTV Forum "Broadcasting Communication Cooperation System Specification 1.0 Version" https://www.iptvforum.jp/download/input.html (accessed December 4, 2013) IPTV Forum "IPTV FJ STD-0011 HTML5 Browser Specification 1.0 Version" https://www.iptvforum.jp/download/input.html (accessed December 4, 2013)

In the future, it is expected that businesses other than broadcasting stations, such as application businesses such as terminal makers and third parties, will provide applications that use broadcast programs in some form. Hereinafter, such an application will be referred to as a "non-broadcast managed application".

However, in actually operating a service using such a non-broadcasting managed application, various problems to be solved still remain, and countermeasures are desired.

In view of the above circumstances, the purpose of this technology is to provide information processing devices, broadcasting devices, and receiving methods that enable service providers to precisely reflect the restrictions on the behavior of non-broadcasting managed applications and improve the quality of services. Is to provide.

In order to solve the above problems, the information processing device related to this technology is
A broadcast receiver that can receive broadcasts and
The application controls the operation of the application by acquiring at least the first application information table in which at least the first license information indicating the license range of the resource by the application using the broadcast resource is stored by communication. Is being executed, the broadcast receiving unit is used to acquire a second application information table in which at least the second license information indicating the license range of the resource by the application is stored, and control the operation of the application. It has a controller that is configured to do so.

The controller may be configured to acquire the application based on the information in the first application information table and start the acquired application.

When the controller compares the first license information with the second license information and detects a difference, the controller switches from the first license information to the second license information. It may be configured to control the range of use of the resource by the application.

The application may be an application provided by a third party other than the broadcasting station.

In the information processing apparatus according to the present technology, the first application information table and the second application information table store area information that defines an area on a display screen on which the application may be displayed.
The controller may be configured to set the area based on the area information and display the application in this area.

Broadcasting equipment related to this technology
It is provided with a broadcasting unit that transmits a broadcasting signal including an application information table in which at least the license information indicating the license range of the broadcasting resource by an application that can use the broadcasting resource is stored.

The broadcasting unit may be configured to store and send out area information that defines an area on a display screen on which the application may be displayed in the application information table.

The receiving method related to this technology is
The controller controls the operation of the application by acquiring at least the first application information table in which at least the first license information indicating the license range of the resource by the application using the broadcast resource is stored by communication.
During the execution of the application, the operation of the application is controlled by acquiring at least the second application information table in which the second license information indicating the license range of the resource by the application is stored from the broadcast.

As described above, according to the present technology, the service provider can precisely reflect the restrictions on the behavior of the non-broadcast managed application and improve the quality of the service.

It is a figure which shows the outline of the information processing system of this embodiment. It is a figure which shows the data structure of XML-AIT. It is a figure which shows the syntax of the license information descriptor. It is a figure which shows the data structure of a section AIT. It is a figure which shows the syntax of the external application control descriptor. It is a figure which shows the definition of an application control code. It is a block diagram which shows the structure of the information processing apparatus of this embodiment. It is a sequence diagram which shows the flow of exchange between a broadcasting station, an application server, an XML-AIT server, and an information processing apparatus. It is a flowchart which shows the processing procedure by the application controller of an information processing apparatus. It is a sequence diagram which shows the flow of exchange between a broadcasting station, an application server, an XML-AIT server, and an information processing apparatus when a direct channel selection operation occurs during execution of a non-broadcasting managed application. It is a flowchart which shows the control flow of the application controller when the direct channel selection operation occurs during the execution of the non-broadcast managed application. It is a figure which shows the setting example of the overlay area based on the overlay area information in the license information descriptor 21 of XML-AIT. It is a figure which shows the 1st update example of an overlay area. It is a figure which shows the 2nd update example of an overlay area. It is a figure which shows the 3rd update example of an overlay area. It is a block diagram for explaining the mechanism of generation and verification of a digital signature. It is a conceptual diagram of a dedicated module system. It is a figure which shows the structure of the broadcasting station public key certificate descriptor. It is a flowchart about acquisition and renewal of a broadcasting station public key certificate by a dedicated module system. It is a figure which shows the structure of the root certificate descriptor by the data broadcasting extension system (the 1). It is a flowchart about acquisition and renewal of a broadcasting station public key certificate by a data broadcasting extension system (the 1). It is a figure which shows the structure of the root certificate descriptor by the data broadcasting extension system (the 2). It is a flowchart about acquisition and renewal of a broadcasting station public key certificate by a data broadcasting extension system (the 2). It is a figure for demonstrating the generation of a digital signature and a hash value, and the mechanism of these verifications.

Hereinafter, embodiments of the present technology will be described with reference to the drawings.
<First Embodiment>
[Information processing system]
FIG. 1 is a diagram showing a configuration of an information processing system of the present embodiment.
The information processing system 10 of the present embodiment includes a broadcasting station 100, a first network 200 such as the Internet, an application server 300, an XML-AIT server 400, an edge router 500, and a LAN (Local Area Network). It has a second network 600 and an information processing device 700 as a receiver for broadcasting.

The broadcasting station 100 (broadcasting apparatus) has a broadcasting facility (broadcasting unit) that transmits a digital broadcasting signal via a communication medium such as a terrestrial wave, a satellite wave, or an IP (Internet Protocol) network. The broadcasting station 100 transmits an AV stream in which each transport stream such as video, audio, and subtitles is multiplexed, and a so-called broadcast stream in which data accompanying the AV stream is superimposed. The data associated with the AV stream controls the operation of broadcast-managed applications, broadcast-managed applications, and non-broadcast-managed applications written in markup languages such as HTML and BML, and script languages such as Java (registered trademark) scripts. AIT (Application Information Table) in the form of a section for this purpose is included. Hereinafter, this AIT will be referred to as a "section AIT". This section AIT corresponds to the "second application information table" in the claims.

In the present embodiment, an AV stream in which each transport stream such as video, audio, and subtitles is multiplexed and transmitted is referred to as "broadcast content", and this term includes the meaning of application and section AIT. I will not do it.

The application server 300 is made connectable to the first network 200, and provides the information processing apparatus 700 with an application to be processed together with the broadcast content through the first network 200. Here, the application supplied from the application server 300 is referred to as a "non-broadcasting managed application", and is described separately from the "broadcasting managed application" which is an application supplied from the broadcasting station 100.

The section AIT is originally information for controlling the broadcast managed application to operate in conjunction with the broadcast content. In this embodiment, the syntax of section AIT is defined so that it can also be used to control non-broadcast managed applications. Details of the syntax of this section AIT will be described later.

The XML-AIT server 400 is capable of connecting to the first network 200, and informs the information processing apparatus 700 of the XML-AIT corresponding to the non-broadcast managed application provided by the application server 300 through the first network 200. It is delivered in response to a request from the processing device 700. This XML-AIT contains at least information for controlling the launch of a non-broadcast managed application. Section AIT, on the other hand, contains information for controlling post-launch behavior of non-broadcast managed applications launched according to XML-AIT. This XML-AIT corresponds to the "first application information table" in the claims.

The application server 300 and the XML-AIT server 400 may be one server. The application server 300 and the XML-AIT server 400 each include a CPU, a main memory, a data storage device, a user interface, and the like, and have a configuration as a typical computer. A program for making the above-mentioned computer function as a table transmission unit is stored in the main memory or the data storage device.

The edge router 500 is a router for connecting the first network 200 and the second network 600. The second network 600 may be wired or wireless.

The information processing device 700 is, for example, a personal computer, a mobile phone, a smartphone, a television device, a game machine, a tablet terminal, an audio / video playback device, or the like, but the specific form of the product does not matter.

The information processing device 700 receives a digital broadcast signal from the broadcasting station 100 and demodulates it to obtain a transport stream. The information processing device 700 separates a broadcast stream from the transport stream, decodes it, and connects to the information processing device 700 with a display unit (not shown), a speaker unit (not shown), and a recording device (not shown). It is possible to output to.

The display unit, the speaker unit, and the recording device may be integrated with the information processing device 700, or are connected to the information processing device 700 directly or via a second network 600 as independent devices. May be good. Alternatively, a device having a display unit and a speaker unit (not shown) may be connected to the information processing device 700 directly or via a second network 600.

The information processing apparatus 700 acquires XML-AIT from the XML-AIT server 400, and accesses the application server 300 based on the location information described in the XML-AIT. The information processing device 700 acquires a non-broadcast managed application that is a control target of XML-AIT from the application server 300.

The information processing apparatus 700 extracts the application identifier of the non-broadcast managed application to be controlled from the acquired XML-AIT, and selects the application identifier from one or more section AITs multiplexed on the received transport stream. Extract the section AIT that has. The information processing apparatus 700 controls the operation of an already launched non-broadcast managed application according to this section AIT.

[application]
Next, applications such as broadcast managed applications and non-broadcast managed applications will be described. The application is provided to the information processing apparatus 700 from the broadcasting station 100 and the application server 300. The application is composed of, for example, HTML (Hyper Text Markup Language) document, BML document (Broadcast Markup Language), MHEG document (Multimedia and Hypermedia information coding), Java (registered trademark) script, still image file, moving image file and the like.

The application can be visible or invisible. The visible state is a state in which the user can see the operation of the application through the screen. The invisible state is a state in which the user cannot see the operation of the application through the screen.

Further, the application may be an interactive application capable of changing the information or function to be presented according to an operation by the user of the information processing apparatus 700, or an application for presenting information to the user in one direction.

[XML-AIT data structure]
Next, the data structure of XML-AIT will be described.
FIG. 2 is a diagram showing a data structure of XML-AIT of the present embodiment.

XML-AIT includes application name (appName), application identifier (applicationId), application descriptor (applicationDescriptor), transport protocol descriptor (applicationTransport), application location descriptor (applicationLocation), and application boundary descriptor for each application. (ApplicationBoundary), application specific descriptor (applicationSpecificDescriptor), application usage descriptor (applicationUsageDescriptor), license information descriptor 21 (broadcastResourcePermissionDescriptor) and the like are stored.

The application descriptor includes an application type (type), an application control code (controlCode) 22, a flag (visibility) that specifies the visibility and invisibility of the application, a flag (serviceBound) that indicates whether the application is associated with a service, and an application. The priority, the version of the application, the icon information, the information for the information processing apparatus 700 to record or cache the application (storageCapability), and the like are stored.

[License information descriptor syntax]
The license information descriptor 21 is a descriptor added when the use of the broadcast resource is permitted to the non-broadcast managed application.

FIG. 3 is a diagram showing the syntax of the license information descriptor 21.
In the license information descriptor 21, one or more service license information (Service_permission) and one or more overlay area information (Overlay_area) can be described.

The service license information includes a permission designation unit (scope) indicating the scope of application of the license. The permission specification units are as follows.
all: All broadcasters
affiliate: affiliate
broadcaster: Broadcaster
service: channel
event: program
series: series

When the permission specification unit is "affiliate", which affiliated station is specified by the affiliated ID (affiliation_id).

When the permission designation unit is "broadcaster", which broadcaster is specified by the broadcaster ID (broadcaster_id).

When the permission specification unit is "service", which channel is specified by the network ID (network_Id), the transport stream ID (transport_stream_id), and the service ID (service_id).

When the permission specification unit is "event", which program is specified by the network ID, transport stream ID, service ID, and event ID (event_id).

When the permission specification unit is "series", which series is specified by the network ID, transport stream ID, service ID, and series ID (series_id).

A permission bitmap (permission) is further stored in the service license information. The permission bitmap is binary data of service license information.

The permission bitmap is stored in the memory of the application controller 708. The application controller 708 controls the range of use of broadcast resources by the non-broadcast managed application with reference to the permission bitmap stored in this memory.

The permission bitmap stored in the memory is compared with the permission bitmap stored in the external application control descriptor of the section AIT acquired by the information processing apparatus 700 after starting the non-broadcast managed application. If there is a difference between the two permission bitmaps, the permission bitmap stored in the external application control descriptor of section AIT overwrites the permission bitmap in memory. After that, the application controller 708 controls the range of use of the broadcast resource by the non-broadcast managed application with reference to the overwritten permission bitmap.

As a result, for example, a mechanism that allows the broadcasting station side to dynamically change the range of license information set in XML-AIT created by a third party such as a provider of a non-broadcasting managed application using section AIT. It will be realized.

In the service license information, information (Overlay_Permission_error_behaviour) regarding the behavior at the time of permission error is further described. Information on the behavior when a permission error occurs includes, for example, the following.
app_off: Hide the application.
video_off: Hides the video of the broadcast resource.
app_suspend: Hides the application and suspends the operation of the application.
In this way, when a permission error occurs, at least the video of the broadcast resource is hidden, so that the broadcast resource cannot be used substantially.

Next, overlay area information (Overlay_area) will be described.
Overlay area information is information for defining an overlay area. The overlay area is the area on the display screen on which the non-broadcast managed application may be displayed. In other words, the overlay area is an area that is mainly set over the area on which the broadcast image is displayed.

Information for defining the overlay area includes area ID (areaId), element ID (elementId) in the HTML application, area upper left horizontal coordinate (upper_left_horizontal), area upper left vertical coordinate (upper_left_vertical), and area horizontal size (horizontal_size). And area vertical size (vertical_size) and so on.

The area ID is an identifier for identifying the overlay area.
The ID of the element in the HTML application is an identifier that identifies the element in the non-broadcast managed application or the non-broadcast managed application associated with the overlay area.

The area upper left horizontal coordinates and the area upper left vertical coordinates are information that specifies the coordinates of the upper left corner of the overlay area.
The area vertical size and the area horizontal size are information that specifies the vertical and horizontal sizes of the overlay area.

[XML-AIT digital signature]
An electronic signature for detecting tampering is attached to this XML-AIT. As the electronic signature, for example, an XML signature is used. The format of the XML signature may be either a detached signature independent of XML-AIT, an environment signature having a format including XML-AIT, or an enveloped signature having a format included in XML-AIT. In order to suppress the influence on the XML-AIT format, it is preferable to adopt the detached signature.

The application controller 708 of the information processing apparatus 700 verifies the XML signature according to the core validation procedure including the reference validation and the signature validation.
The reference verification is a method of verifying the digest value (DigestValue) of the reference (Reference) by applying the normalization transformation process (Transform) and the digest calculation algorithm (DigestMethod) to the resource (XML-AIT). The result obtained by the reference verification is compared with the registered digest value (DigestValue), and if they do not match, the verification fails.
Signature verification is to serialize the signature information (SignatureInfo) element by the normalization method specified by the XML normalization algorithm (CanonicalizationMethod), acquire the key data using the key information (KeyInfo), etc., and use the signature algorithm (SignatureMethod). This is a method for verifying the signature using the method specified in.

[Structure of Section AIT]
FIG. 4 is a diagram showing a data structure of section AIT.
Section AIT includes table ID (table_id), section syntax instruction (section_syntax_indicator), section length (section_length), application type (application_type), version number (version_number), current next instruction (current_next_indicator), section number (section_number), and final. The section number (last_section_number), common descriptor area 41 (descriptor), application information loop length (application_loop_length), application identifier (application_identifier), application control code 42 (application_control_code), application descriptor (application_descriptor), and the like are stored.

The common descriptor area 41 stores an external application control descriptor (External_application_control_descriptor) for controlling the operation of the non-broadcast managed application.

[External application control descriptor syntax]
FIG. 5 is a diagram showing the syntax of the external application control descriptor (External_application_control_descriptor).
In the external application control descriptor, a descriptor tag (descriptor_tag), a descriptor length (descriptor_length), a number of permission bitmaps (permission_bitmap_count), a permission bitmap 51 (permission_bitmap), and the like are described.

The permission bitmap 51 described in the section AIT is binary data indicating the scope of license of the broadcast resource by the non-broadcast managed application already activated in the information processing apparatus 700, that is, binary data of the service license information. .. This permission bitmap is compared with the permission bitmap already stored in the memory of the application controller 708 of the information processing apparatus 700.

The permission bitmap of XML-AIT and the permission bitmap of section AIT may include binary data of information regarding the behavior at the time of a permission error. However, in this embodiment, only for XML-AIT, the permission bitmap includes binary data of information on the behavior at the time of permission error.

In the external application control descriptor, the overlay permission polarity (overlay_admission_polarity) and the number of overlay control areas (overlay_contolled_area_count) are described as information about the overlay area.

The overlay permission polarity is information that specifies whether the overlay area defined in section AIT is an available area or an unusable area.

The number of overlay control areas is information that specifies the number of overlay areas.

The external application control descriptor also contains information about the overlay area: overlay area tag (overlay_controlled_area_tag), area upper left horizontal (upper_left_horizontal), area upper left vertical (upper_left_vertical), area horizontal size (horizontal_size) and area vertical size (upper_left_horizontal). vertical_size) etc. are described.

The overlay area tag is tag information that identifies the overlay area.

The information specified by each of the area upper left horizontal coordinate, the area upper left vertical coordinate, the area horizontal size, and the area vertical size is the same as the descriptor having the same name in the XML-AIT license information descriptor.

In the external application control descriptor, the number of black / white application lists (bw_application_list_count), application ID (application_identifier), black / white polarity (black_white_polarity), and the like are further described.

The number of black / white application lists is information that specifies the number of applications that permit or prohibit the use of broadcasting resources.

The application ID is an application ID of an application that permits or prohibits the use of broadcasting resources.

Black / white polarity is information that specifies whether to permit or prohibit the use of broadcast resources. For example, if the overlay allow polarity is specified as the polarity that allows the overlay area to be used, but is specified as "prohibited" by the black / white polarity for a particular non-broadcast managed application. The use of broadcast resources by that particular non-broadcast managed application is prohibited. In addition, even if the overlay permission polarity is specified so that the overlay area cannot be used, if "permission" is specified by the black / white polarity for a specific non-broadcast managed application, Use of broadcast resources by that particular non-broadcast managed application is licensed.

[Definition of application control code]
The life cycle of the application is dynamically controlled by the information processing apparatus 700 based on the application control codes 22 and 42 stored in the XML-AIT and the section AIT.

FIG. 6 is a diagram showing definitions of application control codes 22 and 42.
As shown in the figure, the standard application control codes 22 and 42 are "AUTOSTART", "PRESENT", "DESTROY", "KILL", "PREFETCH", "REMOTE", "DISABLED", and "PLAYBACK_AUTOSTART". Exists above. The definitions of these application control codes are as follows.

"AUTOSTART" is a code that instructs to start the application automatically when the service is selected. This is not the case if the application is already running.
"PRESENT" is a code that instructs the application to be executable while the service is selected. However, the target application is not automatically started when the service is selected, but is started in response to a start instruction from the user.
"DESTROY" is a code that instructs the permission to terminate the application.
"KILL" is a code that instructs the forced termination of the application.
"PREFETCH" is a code that indicates the cache of the application.
"REMOTE" is a code indicating that the application cannot be acquired by the current transport stream. The application is available by retrieving it from another transport stream or cache.
"DISABLED" is a code indicating that the application is prohibited from starting.
"PLAYBACK_AUTOSTART" is a code for starting an application when the broadcast content recorded in the storage (recording device) is played back.

[Configuration of information processing device 700]
FIG. 7 is a block diagram showing the configuration of the information processing apparatus 700 of the present embodiment.
The information processing device 700 includes a broadcasting interface 701, a demultiplexer 702, an output processing unit 703, a video decoder 704, an audio decoder 705, a subtitle decoder 706, a communication interface 707, and an application controller 708 (controller).

The broadcast interface 701 (broadcast reception unit) has an antenna and a tuner, and uses these to receive a digital broadcast signal selected by the user. The broadcasting interface 701 outputs the transport stream obtained by performing demodulation processing or the like on the received digital broadcasting signal to the demultiplexer 702.

The demultiplexer 702 separates the broadcast content stream packet, the application packet, and the AIT section packet from the transport stream. The demultiplexer 702 separates the video ES (Elementary Stream), the audio ES, and the subtitle ES from the stream packet of the broadcast content. The demultiplexer 702 converts the video ES into the video decoder 704, the audio ES into the audio decoder 705, the subtitle ES into the subtitle decoder 706, the application packet, and the PSI / SI (Program Specific Information / Service Information) including the AIT section. Packets are distributed to the application controller 708, respectively.

The video decoder 704 decodes the video ES to generate a video signal, and outputs the generated video signal to the output processing unit 703. The voice decoder 705 decodes the voice ES to generate a voice signal, and outputs the generated voice signal to the output processing unit 703.
The subtitle decoder 706 decodes the subtitle ES to generate a subtitle signal, and outputs the generated subtitle signal to the output processing unit 703.

The broadcast interface 701, demultiplexer 702, output processing unit 703, video decoder 704, audio decoder 705, and subtitle decoder 706 are broadcast content processing units that perform processing for receiving and presenting broadcast content.

The communication interface 707 is an interface for communicating with an external device through a second network 600 such as a LAN. The communication interface 707 may be wireless communication or wired communication.

The application controller 708 (controller) is a controller that performs processing related to application control.

The output processing unit 703 synthesizes the video signal from the video decoder 704, the audio signal from the audio decoder 705, the subtitle signal from the subtitle decoder 706, the video signal and the audio signal from the application controller 708, and the like, and combines them into the information processing device 700. Output to the connected recording device (not shown), display unit and speaker unit (not shown).

A part or all of the configuration including at least the application controller 708 of the information processing apparatus 700 is provided by a computer having a CPU (Central Processing Unit) and a memory, and a program that causes the computer to function as the application controller 708 and the like. ..

[Operation of information processing system 10]
Next, the operation of the information processing system 10 of the present embodiment will be described.

(1. Control of the license range of broadcasting resources (1))
FIG. 8 is a sequence diagram showing a flow of exchanges between the broadcasting station 100 (broadcasting apparatus), the application server 300, the XML-AIT server 400, and the information processing apparatus 700. FIG. 9 is a flowchart showing a processing procedure by the application controller 708 of the information processing apparatus 700.

The information processing device 700 displays an application launcher selected by the user using, for example, a remote controller (step S101). The application launcher is realized by, for example, a so-called resident application implemented in the information processing apparatus 700, HTML5 (Hyper Text Markup Language 5) presented by an HTML browser, BML (Broadcast Markup Language), or the like. The application launcher displays a menu of selectable non-broadcast managed applications.

The user can select the non-broadcast managed application to be used by using, for example, a remote controller. The menu of the non-broadcast managed application of the menu displayed on the application launcher incorporates a script for causing the information processing apparatus 700 to acquire XML-AIT for the non-broadcast managed application.

When any non-broadcast managed application is selected by the user's operation using the remote control on the menu of the non-broadcast managed application displayed on the application launcher (step S102), the application controller 708 sets the non-broadcast managed application. By executing the script corresponding to, the XML-AIT for the arbitrary non-broadcast managed application is acquired from the XML-AIT server 400 (step S103).

The application controller 708 of the information processing apparatus 700 acquires a non-broadcast managed application from the application server 300 based on the location information of the application described in the acquired XML-AIT (step S104).

The application controller 708 starts the acquired non-broadcast managed application according to the application control code "AUTOSTART" described in XML-AIT (step S105).

After activating the non-broadcast managed application, the application controller 708 monitors the access request for the broadcast resource from the non-broadcast managed application (step S106). When the application controller 708 detects an access request for a broadcast resource from a non-broadcast managed application (Y in step S107), the broadcast station public key certificate corresponding to this broadcast resource is stored in the memory in the information processing apparatus 700. Check if there is any (step S107).

In the application controller 708 of the information processing device 700, when the broadcasting station public key certificate is not stored in the memory in the information processing device 700, the target broadcasting station public key certificate is transmitted by the data carousel. Wait for. When the application controller 708 receives the target broadcasting station public key certificate, it saves it in the memory (step S108).

The application controller 708 verifies the electronic signature attached to the running non-broadcast managed application using the broadcast station public key certificate stored in the memory (step S110). If the verification of the digital signature fails (N in step S111), the application controller 708 prohibits access to all broadcasting resources of the broadcasting station, assuming that the non-broadcasting managed application has not been authenticated by the broadcasting station. (Step S112). In the state where access to the broadcast resource is prohibited, access to the broadcast resource is disabled even if the non-broadcast managed application is started.

When the verification of the electronic signature is successful (Y in step S111), the application controller 708 is used by the non-broadcast managed application based on the service license information in the license information descriptor 21 described in XML-AIT. It is determined whether or not the broadcast resource for which access is requested can be accessed (step S113).

The service license information in the license information descriptor 21 described in XML-AIT is held in the memory of the application controller 708 as a permission bitmap (binary data). The application controller 708 refers to this permission bitmap to determine whether or not to access the broadcast resource requested to be accessed by the non-broadcast managed application.

Here, for example, it is assumed that the permission specification unit in the service license information is "service". In this case, the service license information in the license information descriptor 21 specifies the information for identifying the channel by the network ID, the transport stream ID, and the service ID. Here, the channel is referred to as "channel x". In this example, if the non-broadcast managed application requests access to "channel x", the application controller 708 grants the access request to allow access to "channel x".

If the other channel is requested to be accessed by the non-broadcast managed application, the application controller 708 determines that a permission error has occurred. In this case, the application controller 708 controls the operation of the non-broadcast managed application according to the information regarding the behavior at the time of the permission error stored in the service license information in the license information descriptor 21.

In this way, when the application controller 708 succeeds in verifying the electronic signature, the non-broadcast managed application can access the broadcast resource to the extent permitted based on the service license information of XML-AIT. Control is performed (step S114).

On the other hand, the broadcasting station 100 periodically sends out a section AIT for controlling the operation of the non-broadcasting managed application running on the information processing apparatus 700. The transmission cycle of section AIT is, for example, about 100 ms. The generation of section AIT is managed by version number. The application controller 708 holds the version number of the section AIT acquired last, and receives the section AIT having a version number different from the held version number (step S115).

The application controller 708 confirms whether or not the external application control descriptor is added to the received section AIT (step S116). When the external application control descriptor is not added (N in step S116), the license control of the broadcast resource based on the license information descriptor 21 (permission bitmap held in the memory) stored in XML-AIT. Is continued.

When the external application control descriptor is added to the acquired section AIT (Y in step S116), the application controller 708 sets the permission bitmap of the external application control descriptor and the permission bitmap held in the memory. Compare (step S117). If the permission bitmaps of both are different (Y in step S117), the application controller 708 updates the permission bitmap of the memory with the permission bitmap of the external application control descriptor (step S118). As a result, the license range of the broadcasting resource intended by the broadcasting station side is set in the information processing apparatus 700.

If there is no difference between the permission bitmap of the external application control descriptor and the permission bitmap held in the memory (N in step S117), the permission bitmap held in the memory is left as it is. Control of broadcast resource licenses based on permission bitmaps continues.

After that, for example, when an application termination instruction or a transition to another application occurs by the user operating the remote controller (YES in step S120), the application controller 708 of the information processing apparatus 700 terminates the non-broadcast managed application (YES in step S120). Step S122).

Further, when the application control code 708 of the information processing apparatus 700 describes an application control code other than "AUTOSTART", "DESTROY", and "KILL" in the section AIT acquired during execution of the non-broadcast managed application, After performing processing such as transitioning the state of the non-broadcast managed application according to the application control code (step S121), the next section AIT is waited for.

After that, the same processing is performed for the received section AIT.

After that, even when a program is switched (program A → program B) within the same channel (channel x), the same process is repeated for the section AIT acquired after the program B is switched.

Further, when the channel is switched, the same process is repeated for the section AIT acquired after the channel is switched.

(2. Control of the license range of broadcasting resources (Part 2))
When a non-broadcast managed application is running, for example, an operation (direct channel selection operation) in which a broadcast channel is switched by a user's manual operation may be performed.

FIG. 10 shows an exchange between the broadcasting station 100 (broadcasting transmission device), the application server 300, the XML-AIT server 400, and the information processing device 700 when a direct channel selection operation occurs during execution of a non-broadcasting managed application. It is a sequence diagram which shows the flow of. FIG. 11 is a flowchart showing a control flow of the application controller 708 when a direct channel selection operation occurs during execution of a non-broadcast managed application.

When a direct channel selection operation occurs during execution of a non-broadcast managed application (step S201), the application controller 708 of the information processing apparatus 700 has information on the broadcast station public key certificate corresponding to the directly selected broadcast channel. It is checked whether or not it is stored in the memory in the processing device 700 (step S202).

The application controller 708 of the information processing device 700 is a data carousel of the broadcasting channel to which the target broadcasting station public key certificate is switched when the broadcasting station public key certificate is not stored in the memory in the information processing device 700. When the target broadcasting station public key certificate transmitted by the data carousel or the like is received, it is saved in the memory (step S203).
In addition, although the example in which the public key certificate of the broadcasting station is transmitted by the data carousel is shown here, the public key certificate using communication is obtained, such as obtaining the public key certificate from the server specified in advance. You may try to do it.

The application controller 708 verifies the electronic signature attached to the running non-broadcast managed application using the broadcaster public key certificate stored in the memory (step S205). If the signature of the electronic signature fails (N in step S206), the application controller 708 terminates the non-broadcast managed application (step S209).

If the digital signature is successfully signed (Y in step S206), the application controller 708 continues the operation of the non-broadcast managed application, and the non-broadcast managed application is a broadcast resource to the extent permitted based on the permission bitmap. Is controlled to access (step S207).

Subsequent operations are the same as those after step S120 in FIG.

Further, as shown in FIG. 11, the transition to another non-broadcast managed application is made during the operation of the non-broadcast managed application, for example, by executing a script embedded in the non-broadcast managed application or manually operating the user. Instructions may occur. In this case, the application controller 708 controls in the same manner as when a non-broadcast managed application is selected by the user from the application launcher described above.

(3. Overlay area control)
As described above, in the XML-AIT and the section AIT, overlay area information (Overlay_area) for defining an area on the display screen D on which the non-broadcast managed application may be displayed as an overlay area can be described. ..

FIG. 12 is a diagram showing an example of setting an overlay area based on the overlay area information in the license information descriptor 21 of XML-AIT.

In this setting example, there are two overlay areas, areaId = 1 and areaId = 2. For each overlay area, an area on the display screen D is defined by the area upper left horizontal coordinate (upper_left_horizontal), the area upper left vertical coordinate (upper_left_vertical), the area horizontal size (horizontal_size), and the area vertical size (vertical_size).

The application controller 708 creates each overlay area based on the overlay area information (Overlay_area) in the license information descriptor 21 of XML-AIT.

The application controller 708 re-uses the overlay area based on the information about the overlay area included in the external application control descriptor (External_application_control_descriptor) of the common descriptor area 41 (descriptor) of the section AIT acquired after starting the non-broadcast managed application. Can be created. That is, it can be updated to the overlay area intended by the broadcasting station 100.

FIG. 13 is a diagram showing a first update example of the overlay area.
In this example, the overlay area 1 is created based on the overlay area information (Overlay_area) in the XML-AIT license information descriptor 21. Further, it is assumed that the display area 2 of the non-broadcast managed application is provided in the overlay area 1.

For example, after channel switching, the application controller 708 creates a new overlay area 3 in place of the existing overlay area 1 based on the information about the overlay area included in the external application control descriptor of the received section AIT. ..

When the change from the overlay area 1 to the overlay area 3 occurs, the application controller 708 moves the display area 2 of the non-broadcast managed application into the newly created overlay area 3 according to the program built in the overlay area 1 in advance. To control.

The position of the display area 2 of the non-broadcast managed application is controlled by the application controller 708. For example, the display area 2 of the non-broadcast managed application is controlled to be arranged at a predetermined position. When the display areas 2 of a plurality of non-broadcast managed applications are displayed at the same time, their positions are exclusively controlled by the application controller 708.

FIG. 14 is a diagram showing a second update example of the overlay area.
In this example, the application controller 708 is preliminarily incorporated into itself when a change occurs from the existing overlay area 1 to the overlay area 3 based on the information about the overlay area included in the external application control descriptor of the section AIT. The following control is performed according to the program.

First, the application controller 708 reduces the broadcast video display unit 4 from the state where, for example, the entire surface of the display screen D is used as the broadcast video display unit 4, and sets the free area created by this as the application display unit 5. .. The application controller 708 controls the display area 2 of the non-broadcast managed application so as to be displayed on the application display unit 5 regardless of the information regarding the overlay area of the external application control descriptor.

As a result, it is possible to prevent the non-broadcast managed application from being superposed on the video of the broadcast video display unit 4.

FIG. 15 is a diagram showing a third update example of the overlay area.
In this example, it is assumed that the overlay area 1 that uses the entire screen of the display screen D is set based on the overlay area information of XML-AIT. The display area 2 of the non-broadcast managed application is allocated to the entire overlay area 1, and the broadcast video display unit 4 is set in a part of the display area 2.

The application controller 708 creates a new overlay area 3 in place of the existing overlay area 1 based on the information about the overlay area included in the external application control descriptor of the section AIT received after, for example, channel switching. ..

At this time, the application controller 708 sets the broadcast image display unit 4 to the full screen of the display screen D according to a program incorporated in advance, and hides the display area 2 of the non-broadcast managed application. As a result, it is possible to prevent the video of the broadcast video display unit 4 from being partially hidden by the non-broadcast managed application. Further, in this third update example, when the child element (specified by elementId) constituting the non-broadcast managed application is specified at the position of the overlay area 3, the child element may be displayed.

(4. Generation and verification of electronic signatures)
Next, the generation and verification of the electronic signature will be described.
FIG. 16 is a block diagram for explaining a mechanism for generating and verifying an electronic signature.

The XML-AIT server 400 and the application server 300 may be one server owned by the application creator, or may be separate servers. Here, the XML-AIT server 400 and the application server 300 are collectively referred to as a "server". A server is a device having a typical computer configuration. Therefore, it is composed of a CPU, a main memory, a storage device such as an HDD, an input device such as a mouse and a keyboard, and a display unit such as a liquid crystal display. The main memory and storage device include OS (Operating System), software such as application programs for servers, non-broadcast managed applications provided to the information processing device 700, XML-AIT files for each application, signature generation keys, etc. It is stored.

The server has a signed application generator 350. Specifically, the signed application generation unit 350 is realized by a program loaded in the main memory and a CPU that executes this program.

The application creator requests the broadcasting station 100 to authenticate the non-broadcasting managed application 351 and XML-AIT355.

The broadcasting station 100 examines the contents of the non-broadcasting managed application 351 and the XML-AIT355, which are the targets of the authentication requested by the application creator, and if there is no problem, the private key issued by the route CA800 (Fig. 1). The private key of the broadcasting station public key certificate pair is set in the signature generator 356 as the signature generation key 357. The signature generator 356 generates a digest of the non-broadcast managed application 351 using a hash function for signature, and encrypts this digest with a signature generation key (private key) 357 to generate an XML signature 358. Broadcasting station 100 responds to the server with the generated XML signature 358. The signed application generation unit 350 adds the XML signature 358 returned from the broadcasting station 100 to the non-broadcasting managed application 351 to generate the electronically signed application 360, and distributes it to the information processing apparatus 700.

The application controller 708 of the information processing apparatus 700 extracts the XML signature from the application 360 with the electronic signature acquired from the server by the signature generator 753, and uses the signature verification key extracted from the broadcasting station public key certificate to extract the XML signature. Verification is performed using a certain public key 754 to obtain a signature verification result 755.

Next, a method of transmitting the broadcasting station public key certificate from the broadcasting station 100 to the information processing device 700 will be described.
Methods for transmitting a broadcasting station public key certificate from the broadcasting station 100 to the information processing device 700 include a dedicated module method, a data broadcasting extension method (No. 1), and a data broadcasting extension method (No. 2).

(Dedicated module method)
FIG. 17 is a conceptual diagram of the dedicated module system.
In the dedicated module method, a dedicated module (for example, module_id) for transmitting the broadcasting station public key certificate 43 to component_tag = 0x40, which is a module containing a start document to be started first when a data broadcasting program is selected by the user. (= 0xFFFE, etc.) 44 is newly placed.
Further, in order to notify the information processing apparatus 700 of the update of the broadcasting station public key certificate distributed by the above-mentioned dedicated module, a broadcasting station public key certificate descriptor DII (Download Info Indication) is arranged.

FIG. 18 is a diagram showing the structure of a broadcasting station public key certificate descriptor.
The broadcaster public key certificate descriptor (broadcast certificate_descriptor) includes an ID (broadcaster_certificate_id) that identifies the broadcaster public key certificate and a version of the broadcaster public key certificate (broadcaster_certificate_version).

FIG. 19 is a flowchart relating to acquisition and renewal of a broadcasting station public key certificate by a dedicated module method.

First, the application controller 708 of the information processing apparatus 700 monitors the module information of DII transmitted by the data carousel (step S401). When the application controller 708 of the information processing apparatus 700 detects that the module information of the DII includes the broadcasting station public key certificate descriptor (Y in step S402), the application controller 708 analyzes the broadcasting station public key certificate descriptor. Then, the ID and the version are extracted from the public key certificate descriptor of the broadcasting station (step S403).

The application controller 708 compares the ID of the broadcasting station public key certificate already stored in the memory with the ID acquired this time, and checks whether the broadcasting station public key certificate having the same ID is stored in the memory. (Step S404). When the corresponding broadcasting station public key certificate is not stored (N in step S405), the application controller 708 acquires the broadcasting station public key certificate transmitted by the data carousel and stores it in the memory (step S406). .. After that, it returns to the monitoring state of the module information of DII.

When the corresponding broadcasting station public key certificate is stored (Y in step S405), the application controller 708 confirms the version of the broadcasting station public key certificate stored in the memory (step S407). The application controller 708 compares the confirmed version of the broadcasting station public key certificate with the version of the broadcasting station public key certificate acquired this time, and determines whether or not a version upgrade of the broadcasting station public key certificate has occurred (step). S408).

When it is determined that the version upgrade of the broadcasting station public key certificate has not occurred (N in step S408), the application controller 708 returns to the monitoring state of the module information of DII.

When it is determined that the version upgrade of the broadcasting station public key certificate has occurred (N in step S408), the application controller 708 acquires the broadcasting station public key certificate transmitted by the data carousel and stores it in the memory (step). S409). After that, it returns to the monitoring state of the module information of DII.

As described above, the information processing apparatus 700 can acquire the latest version of the broadcasting station public key certificate of one or more types having different IDs and store it in the memory.

(Data broadcasting expansion method (1))
FIG. 20 is a diagram showing a configuration of a root certificate descriptor by the data broadcasting extension method (No. 1).
In the data broadcasting extension method (No. 1), the root_certificate_type of the root certificate descriptor is extended to transmit the public key certificate of the new service, and the ID (broadcaster_certificate_id) that identifies the broadcasting station public key certificate and the ID (broadcaster_certificate_id) The version (broadcaster_certificate_version) of the broadcasting station public key certificate is described.

FIG. 21 is a flowchart relating to acquisition and renewal of a broadcasting station public key certificate by the data broadcasting extension method (No. 1).

First, the application controller 708 of the information processing apparatus 700 monitors the root certificate descriptor of DII transmitted by the data carousel (step S501). When the application controller 708 of the information processing apparatus 700 detects the root certificate descriptor of DII (Y in step S502), it analyzes the root certificate descriptor and indicates a new service in the root certificate descriptor (Y). It is determined whether or not root_certificate_type = 2) is described (step S503). If the value indicating the new service (root_certificate_type = 2) is not described, the data broadcasting process is performed (step S504), and then the process returns to the monitoring state of the root certificate descriptor of DII.

When the root certificate descriptor contains a value indicating a new service (root_certificate_type = 2), the application controller 708 extracts the ID and version of the broadcasting station public key certificate from the root certificate descriptor. (Step S505). Since the subsequent operations from step S506 to step S511 are the same as steps S404 to S409 of the dedicated module system, the description thereof will be omitted.

The application controller 708 compares the ID of the broadcasting station public key certificate already stored in the memory with the ID acquired this time, and checks whether the broadcasting station public key certificate having the same ID is stored in the memory. (Step S404). When the corresponding broadcasting station public key certificate is not stored (N in step S405), the application controller 708 acquires the broadcasting station public key certificate transmitted by the data carousel and stores it in the memory (step S406). .. After this, it returns to the monitoring state of the root certificate descriptor of DII.

When the corresponding broadcasting station public key certificate is stored (Y in step S405), the application controller 708 confirms the version of the broadcasting station public key certificate stored in the memory (step S407). The application controller 708 compares the confirmed version of the broadcasting station public key certificate with the version of the broadcasting station public key certificate acquired this time, and determines whether or not a version upgrade of the broadcasting station public key certificate has occurred (step). S408).

When it is determined that the version upgrade of the broadcasting station public key certificate has not occurred (N in step S408), the application controller 708 returns to the monitoring state of the module information of DII.

When it is determined that the version upgrade of the broadcasting station public key certificate has occurred (N in step S408), the application controller 708 acquires the broadcasting station public key certificate transmitted by the data carousel and stores it in the memory (step). S409). After that, it returns to the monitoring state of the module information of DII.

As described above, the information processing apparatus 700 can acquire the latest version of the broadcasting station public key certificate of one or more types having different IDs and store it in the memory.

(Data broadcasting expansion method (2))
In the data broadcasting extension method (No. 2), one fixed storage area is allocated for a new service among the storage areas that can transmit the public key certificate for data broadcasting in the root certificate descriptor, and the data broadcasting is broadcast there. The ID (broadcaster_certificate_id) that identifies the station public key certificate and the version (broadcaster_certificate_version) of the broadcast station public key certificate are described. Further, for example, as shown in FIG. 22, a new flag (broadcaster_certificate_flag) is placed in the root certificate descriptor. For example, when the value of this flag is "1", it indicates that the broadcasting station public key certificate is transmitted, and when the value of the flag is "0", it indicates that the broadcasting station public key certificate is not transmitted. Shown.

FIG. 23 is a flowchart relating to the acquisition and renewal of the broadcasting station public key certificate by the data broadcasting extension method (No. 2).
First, the application controller 708 of the information processing apparatus 700 monitors the root certificate descriptor of DII transmitted by the data carousel (step S601). When the application controller 708 of the information processing apparatus 700 detects the root certificate descriptor of DII (Y in step S502), it analyzes the root certificate descriptor and confirms the value of the flag (broadcaster_certificate_flag). When the value of the flag is "0", the application controller 708 processes the data broadcasting (step S504), and then returns to the monitoring state of the root certificate descriptor of DII.

When the value of the flag is "0", the application controller 708 selects the broadcasting station from a predetermined storage area among a plurality of storage areas capable of transmitting the public key certificate for data broadcasting in the root certificate descriptor. The ID and version of the public key certificate are extracted (step S605). Since the subsequent operations from step S606 to step S611 are the same as steps S404 to S409 of the dedicated module system, the description thereof will be omitted.

As described above, the information processing apparatus 700 can acquire the latest version of the broadcasting station public key certificate of one or more types having different IDs and store it in the memory.

[Effects of the first embodiment, etc.]
In this embodiment, the following effects can be obtained.
1. 1. The application controller 708 controls the range of use of broadcast resources by the non-broadcast managed application based on the external application control descriptor of section AIT. As a result, a mechanism has been realized in which the broadcasting station side can dynamically change the range of license information set in XML-AIT created by a third party such as a provider of non-broadcasting managed applications using section AIT. To.

Thereby, for example, in a broadcast program having a fluid time schedule such as a sports broadcast, it is possible to change the control of the operation of the non-broadcast managed application according to a change such as a change in the progress or organization of the program.

In addition, it is possible to specify for each broadcasting station the control of the operation of the non-broadcasting managed application assuming that the broadcasting resources of a plurality of channels (broadcasting stations) are used.

2. 2. The application controller 708 holds a permission bitmap, which is binary data of the service license information of XML-AIT, in the memory. The application controller 708 can obtain the difference by comparing the permission bitmap held in the memory with the permission bitmap in the section AIT acquired after starting the non-broadcast managed application by a binary operation. As a result, the load on the application controller 708 of the information processing device 700 can be reduced and the speed can be increased.

3. 3. The application controller 708 controls the display position of the non-broadcast managed application on the display screen based on the external application control descriptor of the section AIT. As a result, a mechanism has been realized in which the broadcasting station side can dynamically change the range of license information set in XML-AIT created by a third party such as a provider of non-broadcasting managed applications using section AIT. To.

<Modification example 1>
In the first embodiment, the electronic signature is attached to the application, but the electronic signature may be attached to the XML-AIT. According to this method, when multiple broadcasting stations permit the use of broadcasting resources for one application, the electronic signatures of all the broadcasting stations permitting the use of broadcasting resources are attached to XML-AIT. To.

<Modification 2>
In the method of the first modification, the falsification of the application cannot be directly detected. Therefore, the hash value of the application is embedded in the XML-AIT, and the information processing apparatus 700 compares the hash value calculated from the actual application with the hash value embedded in the XML-AIT and notified to falsify the application. Can be detected indirectly. Hereinafter, this method will be described.

Next, the generation and verification of the digital signature and the hash value will be described.

FIG. 24 is a diagram for explaining a mechanism for generating electronic signatures and hash values and verifying them.
The server has a signed AIT generator 350A. Specifically, the signed AIT generation unit 350A is realized by a program loaded in the main memory that generates a digital signature and a hash value, and a CPU that executes this program.

The signed AIT generation unit 350A calculates a hash value 353A from the entity (binary code) of the non-broadcast managed application 351A using a predetermined hash calculator 352A. Hash algorithms include, for example, SHA-1 and SHA-2, which are standardized by FIPS PUB 180-1, 180-2.

The signed AIT generation unit 350A synthesizes the hash value 353A with the XML-AIT362A of the non-broadcast managed application 351A to generate the XML-AIT355A with the hash value.

The application creator requests the broadcasting station 100A to authenticate the non-broadcasting managed application 351A and XML-AIT355A.

The broadcasting station 100 carefully examines the contents of the non-broadcasting managed application 351A and XML-AIT355A, which are the targets of the authentication requested by the application creator, and if there is no problem, the private key issued by the root CA800 (see FIG. 1). And the private key of the pair of broadcasting station public key certificates is set in the signature generator 356A as the signature generation key 357A. The signature generator 356A generates a digest of XML-AIT355A using a hash function for signature, and encrypts this digest with a signature generation key (private key) 357A to generate an XML signature 358A. Broadcasting station 100A responds to the server with the generated XML signature 358A.

The signed AIT generation unit 350A of the server adds the XML signature 358A returned from the broadcasting station 100A to the XML-AIT355A with a hash value to generate the XML-AIT360A with an electronic signature, and distributes it to the information processing apparatus 700A. ..

The application controller 708A of the information processing apparatus 700 calculates a hash value 752A from the entity (binary code) of the non-broadcast managed application 351A acquired from the server by using a predetermined hash calculator 751A (hash function). The hash function used here needs to be the same as that of the hash calculator 352A of the server's signed AIT generator 350A. Therefore, the application controller 708A confirms the hash algorithm described in the XML-AIT360A with the electronic signature acquired from the server, and determines whether or not the hash algorithm of the hash calculator 751A (hash function) is consistent. .. If the inconsistency of the hash algorithm is determined, the application controller 708A switches the hash calculator 751A (hash function) to match that of the hash calculator 352A of the server's signed AIT generator 350A.

The application controller 708A compares the hash value 353A extracted from the electronically signed XML-AIT360A acquired from the server with the hash value 752A using the hash comparator 756A, and obtains a match / mismatch result of 757A.

The application controller 708A extracts the XML signature from the XML-AIT360A with the electronic signature acquired from the server by the signature generator 753A, verifies the XML signature using the signature verification key (public key) 754A, and verifies the signature. The result is 755A.

According to this modification, since the hash value is added to the application and provided to the information processing device 700, the information processing device 700 transmits the hash value calculated for the application acquired from the application server 300 and the XML-AIT. The validity of the application can be determined by comparing it with the hash value obtained.

Although the embodiments based on the HbbTV standard have been described above, the present technology is not necessarily limited to the premise of the HbbTV standard.

[Another configuration of this technology]
The present technology can also adopt the following configurations.
(1) A broadcast receiver that can receive broadcasts and
The application controls the operation of the application by acquiring at least the first application information table in which at least the first license information indicating the license range of the resource by the application using the broadcast resource is stored by communication. Is being executed, the broadcast receiving unit is used to acquire a second application information table in which at least the second license information indicating the license range of the resource by the application is stored, and control the operation of the application. An information processing device comprising a controller configured to do so.

(2) The information processing device according to (1) above.
The controller is an information processing device configured to acquire the application based on the information in the first application information table and activate the acquired application.

(3) The information processing device according to (1) or (2) above.
When the controller compares the first license information with the second license information and detects a difference, the controller switches from the first license information to the second license information. An information processing device configured to control the range of use of the resource by the application.

(4) The information processing device according to any one of (1) to (3) above.
An information processing device in which the application is an application provided by a third party other than a broadcasting station.

(5) The information processing device according to any one of (1) to (4) above.
The first application information table and the second application information table store area information that defines an area on a display screen on which the application may be displayed.
The controller is an information processing device configured to set the area based on the area information and display the application in this area.

(6) A broadcasting device including a broadcasting unit that transmits a broadcasting signal including an application information table in which at least the license information indicating the licensed range of the broadcasting resource by an application that can use the broadcasting resource is stored.

(7) The broadcasting device according to (6) above.
The broadcasting unit is a broadcasting device configured to store and send area information defining an area on a display screen on which the application may be displayed in the application information table.

In addition, the present technology is not limited to the above-described embodiment, and it goes without saying that various modifications can be made without departing from the gist of the present invention.

10 ... Information processing system 21 ... License information descriptor 41 ... Common descriptor area 51 ... Permission bitmap 100 ... Broadcasting station 200 ... First network 300 ... Application server 400 ... AIT server 500 ... Edge router 600 ... Second Network 700 ... Information processing device 701 ... Broadcast interface 702 ... Demultiplexer 703 ... Output processing unit 704 ... Video decoder 705 ... Audio decoder 706 ... Subtitle decoder 707 ... Communication interface 708 ... Application controller

This technology, along with the presentation of broadcast content, a receiving apparatus and a receiving method capable of executing the application.

Claims (8)

A broadcast receiver that can receive broadcasts and
The application controls the operation of the application by acquiring at least the first application information table in which at least the first license information indicating the license range of the resource by the application using the broadcast resource is stored by communication. Is being executed, the broadcast receiving unit is used to acquire a second application information table in which at least the second license information indicating the license range of the resource by the application is stored, and control the operation of the application. An information processing device comprising a controller configured to do so. The information processing device according to claim 1.
The controller is an information processing device configured to acquire the application based on the information in the first application information table and activate the acquired application. The information processing device according to claim 2.
When the controller compares the first license information with the second license information and detects a difference, the controller switches from the first license information to the second license information. An information processing device configured to control the range of use of the resource by the application. The information processing device according to claim 3.
An information processing device in which the application is an application provided by a third party other than a broadcasting station. The information processing device according to claim 1.
The first application information table and the second application information table store area information that defines an area on a display screen on which the application may be displayed.
The controller is an information processing device configured to set the area based on the area information and display the application in this area. A broadcasting device including a broadcasting unit that transmits a broadcasting signal including an application information table in which at least the license information indicating the licensed range of the broadcasting resource by an application that can use the broadcasting resource is stored. The broadcasting device according to claim 6.
The broadcasting unit is a broadcasting device configured to store and send area information defining an area on a display screen on which the application may be displayed in the application information table. The controller controls the operation of the application by acquiring at least the first application information table in which at least the first license information indicating the license range of the resource by the application using the broadcast resource is stored by communication.
A receiving method for controlling the operation of the application by acquiring at least a second application information table in which at least the second license information indicating the license range of the resource by the application is stored during the execution of the application. ..

Images