JP4842863B2 - Screening equipment - Google Patents

Description

  The present invention relates to a screening device having a function of recording a log relating to content management and screening, and more particularly to a screening device capable of checking falsification and omission of screening log information.

  In a screening device used in a digital cinema or the like, it is required to record the management of the content provided by the content owner and the screening history in a log, and to disclose it to the content owner. The Digital Cinema System Specification defined by the US Digital Cinema Initiative describes the recording and management of screening logs, and the conditions for the required log functions and formats (see Non-Patent Document 1).

  Since the content management log and the screening log provide evidence that the content has been properly managed and screened, it is necessary to prevent tampering and to ensure that no log omission has occurred. As one of methods for realizing such a function, there is a method of performing anti-tampering processing by electronic signature on a log. By using the electronic signature, it is possible to detect falsification of the log and to ensure that the log is recorded by the correct screening device by the signature. As a method of detecting falsification and missing log, the new log record is recorded by recording the hash value of the previous log record as a part of the message, thereby forming the hash chain. A method of guaranteeing continuity, a method of calculating a hash value of the entire log file, a method of assigning a sequence number to a log, and the like are used.

  On the other hand, in a screening device in a theater, contents with different owners are screened, but the contents management and screening log contents are authorized only to be viewed by the owners of the respective contents. One method for extracting only information that can be browsed from the log is to create a log summary by extracting log records for each content from the log records. Creating a log summary makes it possible to make relevant log records available only to content owners.

However, since the log editing work is performed at the stage of creating the log summary, there is a problem that the continuity and validity of the log cannot be guaranteed on the log summary. There are many products that use encryption in order to prevent illegal browsing of log files (see, for example, Non-Patent Document 2). However, the encryption processing in the conventional product is for ensuring security when the collected logs are stored, and cannot be used for the purpose of restricting viewing of the screening log and detecting falsification.
Digital Cinema Initiative “Digital Cobnema System Spec V1.0”, Internet <http://www.dcimovies.com/specification/index.tt2> Hitachi High-Tech, News Release “Com Square launches security tool to optimize log management, making log collection and storage easy, safe and convenient!” May 8, 2006

  The first object of the present invention is to perform content management in a screening device, to detect falsification and log record continuity for a log in which a screening history is recorded, and to record the log in a valid screening device. Is to guarantee that. The second problem is to make it possible to selectively view log records for each content only for those having authority. The third problem is to ensure that the owner of the viewing authority is the content owner who has issued a screening license.

  The first feature of the present invention is that, when a log is recorded, a hash value of a log record is calculated, and falsification is detected by performing an electronic signature on the hash value. By evaluating the hash value of the log record, it is possible to check whether the log information is falsified or missing. In addition, since the log is digitally signed, it is possible to confirm whether the log was recorded by the correct screening device.

  The second feature of the present invention is that the log record is encrypted using a different encryption key for each content. According to this, since the log record is encrypted using a different encryption key for each content, the contents of each log record can be referred to only by the content owner having the encryption key for decryption. .

  A third feature of the present invention is that the encryption uses a public key of a content owner attached as signature information of a content screening license. As a result, the public key used for the signature information of the content screening license is used as the log encryption key. Therefore, it is possible to guarantee that the content owner who created the license message owns the encryption key for decryption, and it is necessary to use another communication means for delivery and storage of the encryption key for encrypting the log. There is no.

Specifically, the present invention has a log recording device that records logs relating to content data management and screening, and transmits a set of recorded log records as a log report to each log viewer who has viewing authority. And a license receiving means for receiving a screening license for each content , and encrypting a log content portion in a log record for each content using a public key of a content holder attached to the received screening license. Log content encrypting means, and a hash value of the log record encrypted by the log content encrypting means is calculated, and an electronic signature is performed by using the public key encryption private key of the screening device. And means for adding to a log report to be sent to each log viewer
Alternatively, the present invention includes a log recording device that records a log relating to content data management and screening, and includes means for transmitting a set of recorded log records as a log report to each log viewer having the viewing authority. In the screening device, a license receiving unit that receives a screening license for each content, a log content encryption unit that encrypts a log content part of a log record related to each content with a different encryption key for each content, and the log The hash value of the log record encrypted by the content encryption means is calculated, and the electronic signature is made by using the private key of the public key cryptography of the screening device. The log report is sent to each log viewer. And receiving the encryption key used to encrypt the log content portion of the log record. It is encrypted using the public key of the content holder attached screenings license, characterized in that it comprises a means for adding the encrypted key information to the log report.

  In the present invention, a serial number is assigned to each of the log records, and in calculating the hash value of the log record, the continuity of the log record is calculated by calculating the hash value for all the log records included in the log report. It is characterized by guaranteeing.

In addition, the adding means calculates a hash value for the previous log record by repeatedly calculating a hash value for the previous log record, and repeatedly embedding the value in the next log record, so that the hash of the last log record is obtained. An electronic signature may be applied to the value .

  As a result, it is possible to detect log falsification, guarantee the continuity of the log, and guarantee that the log has been recorded by the designated screening device.

  In the screening device according to the present invention, the content management and screening logs are encrypted with different encryption keys for each content, so that the log contents can be selectively disclosed only to those who have the viewing authority. In addition, it is possible to detect log falsification, prevent log falsification and omission by electronic signature, and check the screening device that recorded the log. In addition, by using a public key certificate signed with a license message as an encryption key for log encryption, it can be guaranteed that only the license issuer can view the log.

  FIG. 1 shows an example of the overall configuration of a screening apparatus according to an embodiment of the present invention.

  The screening device 1 includes a content storage unit 10 that stores video content to be screened, a content reception unit 11 that manages reception and deletion of content to the content storage unit 10, a license reception unit 12 that manages reception and deletion of license messages, An encryption / decryption unit 13 that decrypts the encrypted content, a video playback unit 14 that converts the decrypted video data into a video signal, a screening management unit 15 that controls the content, a content management and license reception unit in the content reception unit 11 12 license management, log content encryption unit 16 for encrypting the log content of the screening history in the screening management unit 15, log recording unit 17 for recording the log with the encrypted content, and licensing the recorded log as a log report It is comprised by the log transmission part 18 which returns to a provider.

  The screening device 1 includes a CPU and a memory for realizing each unit shown in FIG. 1 using a software program, and an external unit for storing content and logs in the content storage unit 10 and the log recording unit 17. A storage device and a network communication device for sending and receiving a screening license, screening content, and log report to and from the content owner's device via the network are provided, but this device uses these hardware resources. Since it is clear that this is realized, in the following description of the embodiments, detailed descriptions of the use of memory and other hardware resources are omitted. The function and operation of each part will be described below.

  Content data sent from the content owner is received by the content receiving unit 11 and stored in the content storage unit 10. The content receiver 11 also deletes content that has passed the screening period. The history of content reception and deletion is recorded in the log recording unit 17 as a log record.

  The license message sent from the content owner is received by the license receiving unit 12. The license message includes a content encryption key and content expiration date information. The history of receiving and deleting a license message is recorded in the log recording unit 17 as a log record.

  When reproducing the content, the screening management unit 15 notifies the license receiving unit 12 of a request for loading the encryption key. In response to this request, the license receiving unit 12 checks the license conditions. When the screening satisfies the license condition, the content encryption key is loaded into the encryption / decryption unit 13. The encryption / decryption unit 13 reads the encrypted content data from the content storage unit 10, decrypts the encryption, and supplies the video data to the video reproduction unit 14. This screening record is recorded in the log recording unit 17.

  The log transmission unit 18 transmits the history information of content management, license management, and screening management accumulated in the log recording unit 17 to the outside as a log report. The content owner can check whether the content has been correctly displayed by referring to the contents of the log report.

  FIG. 2 shows an example of a log report format and an example of log record encryption. The log record 20 includes a serial number, content ID information, and log content fields that are sequentially assigned to each log record, and the log content portion is to be encrypted.

  The encryption key used by the log content encryption unit 16 for encryption is selected by the content ID from the encryption key table 21 in which the encryption key is registered for each content. Since the owner of the content owns the decryption key corresponding to the encryption key used for encrypting the content, only the person who owns the decryption key outputs the log report 22 output from the log transmission unit 18. Can read the content part of the log record.

  FIG. 3 shows a first example of a log report falsification detection method and electronic signature in the embodiment of the present invention. In the embodiment of FIG. 3, a hash value is calculated for all of the plurality of log records to be output, and the result obtained by encrypting the value with the private key 30 of the public key encryption of the screening device 1 is used as the electronic signature. 22 is added to the log file 31. Further, the information of the public key certificate 33 of the screening apparatus 1 is added to the log file 31. As a result, the recipient of the log file 31 can check the falsification of the log and confirm the screening device 1 that has recorded the log. Further, the recipient of the log file 31 can verify whether or not a log omission has occurred between a plurality of log reports by verifying the continuity of the log record serial numbers.

  FIG. 4 shows a second example of the log report falsification detection method and electronic signature in the embodiment of the present invention. Unlike the embodiment of FIG. 3, in the embodiment of FIG. 4, a hash value field of the previous record is provided in the log report 23 instead of the serial number of the log record. When a log record is recorded in the log recording unit 17 or when a log report is transmitted from the log transmission unit 18, a hash value for the previous log record is calculated, and the value is embedded in the next log record. By calculating hash values in a chained manner in the form shown in the example of FIG. 4 and embedding them in the log report 23, the receiver of the log file 41 can detect log falsification and log omission. The electronic signature 42 is calculated for the hash value of the final record using the secret key 40 of the screening apparatus 1. Further, as in the example of FIG. 3, information of the public key certificate 43 of the screening device 1 is added to the log file 41.

  FIG. 5 shows an embodiment of a log encryption method based on a license message. In FIG. 5, the license message 50 stores content validity period information and an encryption key for decrypting the content, to which the electronic signature of the license issuer and the public key certificate of the license issuer are attached. In the log encryption processing by the log content encryption unit 16, each log record is encrypted based on the public key certified by the public key certificate of the license issuer attached to the license message 50. For this reason, the log record for each content can be read only by the license issuer of the content having the secret key. Logs can be encrypted by encrypting the log itself based on the public key encryption method, or encrypting the encryption key such as the common key encryption method that encrypts the log using the public key encryption method. There is a method to send by adding to the log report.

  Since the contents of the processing performed by the screening apparatus 1 are clear from the description of the above embodiment, the description using the processing flowchart is omitted, but these processes can also be realized by a computer and a software program. The program can be provided by being recorded on a computer-readable recording medium or via a network.

It is a figure which shows the structural example of the whole screening apparatus which concerns on embodiment of this invention. It is a figure which shows the example of a log report format, and the Example of log encryption. It is a figure explaining the falsification detection method of a log report, and the 1st example of an electronic signature. It is a figure explaining the 2nd example of the alteration detection method of a log report, and an electronic signature. It is a figure explaining the example of the log encryption system based on a license message.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Screening apparatus 10 Content storage part 11 Content receiving part 12 License receiving part 13 Encryption / decryption part 14 Video reproduction part 15 Screening management part 16 Log content encryption part 17 Log recording part 18 Log transmission part 20 Log record 21 Encryption key table 22, 23 Log report 30, 40 Screening device private key 31, 41 Log file 32, 42 Electronic signature 33, 43 Screening device public key certificate

Claims (4)

In a screening device having a log recording device for recording a log relating to content data management and screening, and having means for transmitting a set of recorded log records as a log report to each log viewer having viewing authority.
A license receiving means for receiving a screening license for each content;
Log content encryption means for encrypting a log content portion in a log record for each content using a public key of a content holder attached to the received screening license ;
A log to be sent to each log viewer by calculating a hash value of the log record encrypted by the log content encryption means, using the public key encryption private key of the screening device, and applying an electronic signature to the hash value And a means for adding to a report. In a screening device having a log recording device for recording a log relating to content data management and screening, and having means for transmitting a set of recorded log records as a log report to each log viewer having viewing authority.
A license receiving means for receiving a screening license for each content;
Log content encryption means for encrypting the log content portion of the log record for each content with a different encryption key for each content;
A log to be sent to each log viewer by calculating a hash value of the log record encrypted by the log content encryption means, using the public key encryption private key of the screening device, and applying an electronic signature to the hash value Attached to the report, the encryption key used for encrypting the log content portion of the log record is encrypted using the public key of the content holder attached to the received screening license, and the encrypted key Means for adding information to the log report
A screening device characterized by that. A serial number is assigned to each of the log records, and the calculation of the hash value of the log record guarantees the continuity of the log record by calculating the hash value for all log records included in the log report. The screening device according to claim 1 or 2 . The adding means calculates a hash value for the previous log record, calculates a hash value by repeating the process of embedding the value in the next log record, and sets the hash value of the last log record. screening device according to claim 1 or claim 2, wherein the performing an electronic signature for.

Images