JP5054552B2 - Secondary content right management method and system, program, and computer-readable recording medium - Google Patents

Description

  The present invention relates to a secondary content right management method and system, a program, and a computer-readable recording medium, and in particular, content generated by deformation by electronic processing, editing, and the like (hereinafter referred to as secondary content). 2) a secondary content right management method and system for proving that it is a secondary content that has undergone regular rights processing, and a computer-readable recording medium.

  In the conventional rights management system, there are the following methods for rights processing and rights inheritance for content produced with duplication or modification.

  (1) As a first method, the rights holder or the like delegates the rights management system server operated by a person (right management company, etc.) delegated by the rights holder in advance. There is a technique in which right processing is performed based on this condition and a license for secondary content is generated (see, for example, Non-Patent Document 1).

  (2) As a second method, conditions for determining the license of the secondary content are described in advance together with the usage permission conditions, and the user sets the license of the secondary content according to the conditions, or the user There is a technology that automatically generates the data using a device on the side (for example, see Non-Patent Document 1).

  20 and 21 show a conventional system configuration. In the conventional method, the right inheritance processing function is configured in the right management device on the right holder side as shown in FIG. 20 or in the usage management device on the user side as shown in FIG. In the case of the system shown in FIG. 20, the rights management device on the right holder side and the usage management device on the user side are in a relationship between the server and the client, and processing is performed in the unified DRM control.

In the case of FIG. 21, the rights management device and the usage management device are configured as a server-client relationship, or the usage management device on the user side is configured as a system independent of the rights holder side. In the latter case, there is no function for the rights management device to monitor the processing performed on the user side.
"Automating Rights Succession in Content Circulation", Information Journal, Vol.48, No.n5. Pp-1952-1964 (May 2007)

  The above prior art has the following problems.

<Problem 1>
In the above conventional method (1), when secondary contents are produced using a plurality of materials, and the rights holders of the contents as the materials belong to different systems, the conditions of each rights holder are changed. Every time it is necessary to contact the system of other rights holders, which is inefficient. Therefore, as in the above method (2), the client-side system first extracts those satisfying the common conditions from the conditions presented by the right holders of each material content, and the results of each right holder It is better to get approval.

  In the method (2), when the produced secondary content is transmitted, the original right holder or the secondary content distributor is correctly executed by the device provided with the right inheritance process by a third party. I can't confirm. In the inheritance of secondary content rights, the conditions claimed by each right holder are not necessarily inherited as they are, and restrictions may be imposed on some rights and conditions. Therefore, in order to guarantee the evidence of execution of rights inheritance processing and contents of rights inheritance in future rights negotiations, etc., each right holder needs a function that can verify whether the contents of the generated license are consistent. . Also, the user needs a function that can verify the inconsistency of the generated result and the presence or absence of falsification by the Service-to-Self. Furthermore, a mechanism is required that allows a third party to confirm that the content being distributed has undergone regular rights inheritance processing.

  The method (2) is a processing method that automatically inherits the right of secondary content in which a plurality of right holders exist, and does not specify a right processing system. In addition, no function is provided to guarantee the execution and contents of the processing.

  In the right permission processing method in the server / use management system format of (1) above, the same method is adopted between the server and the client. Here, a system that is trusted by the right holder and the user issues a license, so that the contents can be trusted. However, it is conceivable that secondary content is used in combination with content having different rights management methods and license contents. For this reason, it is difficult to perform the right inheritance process by a unified method, and it is conceivable that the right inheritance process is performed by a device provided by a third party who does not know the right holder corresponding to each method.

  When the right inheritance process as described in (2) above is executed by an apparatus provided by a third party, there is no means for the right holder to grasp the implementation of the right inheritance process. In addition, the contents of the license generated as a result of the rights inheritance process performed may be contrary to the intention of the rights holder due to a defect in the system itself that executed the process or a security vulnerability in the network etc. Sex exists. When content is operated with such a license trusted, the licensee may be sued for rights infringement by the right holder despite the rights inheritance process. However, the existing technology cannot prove the validity of the licensee.

<Problem 2>
In the above method (1), if each right holder adopts a specific DRM (Digital Right Management) method, a reliable DRM server or DRM application that adopts the same DRM method is designated. Rights inheritance processing can be performed. In this case, since the system that executed the right inheritance process is trusted by the right holder, it is proved that the contents have not been tampered with and that the right inheritance process has been executed by applying an electronic signature to the processing result. can do.

  However, in the secondary content right inheritance process when each right holder adopts a different DRM method, the right inheritance process is not necessarily performed by the DRM server recommended by each right holder, and the user selects it. It may be executed by an arbitrary DRM server or the like. At this time, even if the rights inheritance process is executed in a low-reliability DRM system that is not grasped by the right holder, in addition to the proof of the execution of the process and the presence / absence of the falsification of the contents, the contents of the license itself are the licensee It must be proved that there is no contradiction with the intention and the license obtained by the licensee.

  In other words, when the rights inheritance process is performed in a third party system whose reliability is unknown, the mediating rights holder impersonates the licensee and the licensee, and sends different licenses to the licensee and the licensee. Approval can be obtained.

  Although the licensor intends to approve the right inheritance processing for the contents of B, there is a possibility that the licensee actually operates with the license of A. In addition, the licensee intends to obtain the approval of the license for the content of A from the licensee, but there is a possibility that a contradiction arises that the licensee does not actually permit the content of A.

  The present invention has been made in view of the above points. For the above problem 1, the right holder who is the licensor can check whether the content of the issued license is contrary to the intention. The licensee can confirm that the content of the license obtained is consistent with the content of the rights inheritance process, and the issued license has execution of the rights inheritance process and evidence of the content, It is an object of the present invention to provide a secondary content rights management method and system and program capable of preventing impersonation by a third party system, and a computer-readable recording medium.

  Also, a secondary content rights management method capable of generating a license while confirming a result approved by each other without directly negotiating between the licensee and the licensee for the above problem 2 and It is an object to provide a system, a program, and a computer-readable recording medium.

  FIG. 1 is a diagram for explaining the principle of the present invention.

The present invention (Claim 1) is a system comprising a user usage management device, at least one rights management device of a licensee designated as content used as secondary content material, and a right inheritance processing device. A secondary content rights management method for managing rights when distributing secondary content produced by a usage management device,
The usage management device transmits a right inheritance processing request for certifying that the created secondary content is legitimate secondary content to the right inheritance processing device (step 1).
Upon receipt of the right inheritance processing request, the right inheritance processing device generates a license to be inherited to the secondary content including the electronic signature that specifies the DRM method (step 2), assigns the signature A, and assigns the temporary license A, The temporary license B is set, the temporary license A is transmitted to the usage management apparatus (step 3), the temporary license B is transmitted to the right management apparatus (step 4),
When the usage management apparatus receives the temporary license A and confirms that there is no contradiction in the contents of the temporary license A, the usage management apparatus stores the temporary license A in the first storage means and assigns the signature B to the temporary license A. (Step 5), and returns it to the right inheritance processing apparatus as a license A-1 with signature B (Step 6).
When the rights management apparatus receives the temporary license B and confirms that there is no contradiction in the contents of the temporary license B, the right management apparatus stores the temporary license B in the second storage means and assigns the signature C to the temporary license B. (Step 7), and returns it to the right inheritance processing apparatus as a license B-1 with signature C (Step 8).
Inherited rights processing apparatus, and to obtain a license A-1 with a signature B from utilization management device, verifies the signature (step 9), if it is legitimate, sent to the right management device as a signature B with license A-2 (Step 10)
When the license C-1 with signature C is acquired from the right management apparatus, the signature is verified, and if it is valid, it is transmitted to the usage management apparatus as a license B-2 with signature C (step 11).
When the usage management apparatus obtains the signature C-added license B-2 from the right inheritance processing apparatus, it verifies that there is no contradiction compared with the license stored in the first storage means, and confirms if it is valid. (Step 12), the license D-2 with signature D is transmitted to the right inheritance processing device (step 13),
When the right management apparatus acquires the license A-2 with signature B from the right inheritance processing apparatus, the right management apparatus verifies that there is no contradiction compared with the license stored in the second storage means, and confirms if it is valid. Is sent to the right inheritance processing apparatus as a license E-2 with a signature E (step 15).
The right inheritance processing device verifies the signatures of the license D-2 with the signature D to which the signature D for confirmation of the use management device and the signature A with the signature E to which the signature E of the confirmation of the right management device is attached are signed. If both the signatures are valid, the signature D, the signature E, and the signature F signifying establishment are added to the generated license (step 16), and the usage management device and the right management device As a valid license (steps 17 and 18).

The present invention (Claim 2) is a rights inheritance processing apparatus,
If there are multiple licensees and there are different rights management devices for each licensee,
A temporary license is transmitted to each right management device.

Further, the present invention (Claim 3) is a second system for managing rights when distributing secondary content produced by a usage management apparatus in a system comprising a user management apparatus and a right inheritance processing apparatus. The following content rights management method,
A rights management module is provided in the rights inheritance processing device.
The usage management device sends a right inheritance processing request for proving that the created secondary content is legitimate secondary content to the right inheritance processing device,
Upon receipt of the right inheritance processing request, the right inheritance processing device generates a license to be inherited to the secondary content including the electronic signature that specifies the DRM method, assigns the signature A, and transmits this to the rights management module as a temporary license. And
The rights management module returns a license with signature B to which the signature B indicating that the temporary license has been approved is returned to the right inheritance processing apparatus,
When the right inheritance processing device acquires the license with signature B from the right management module, it verifies the signature, and if valid, sends the license with signature B to the usage management device,
When the usage management apparatus acquires the license with signature B from the right inheritance processing apparatus, it verifies that there is no contradiction in the contents of the license with signature B and verifies the signature. The attached license to the right inheritance processing device,
The right inheritance processing device verifies the signature of the license with the signature C to which the signature C for confirmation of the usage management device is attached, and if it is valid, the signature C and the signature F signifying that the license has been established. by applying a transmits a valid license for the utilized Licensee-determined rights management device designated in the content as a material of said gain for the management device and the secondary content.

According to the present invention (claim 4), there is provided a usage management device for a user, at least one rights management device for a licensee designated as a content used as a secondary content material, a rights inheritance device, and functions of the rights management device. A secondary content rights management method for performing rights management when distributing secondary content produced by the usage management device in a system comprising a rights inheritance processing device having a rights management module comprising:
The rights inheritance processing device sends a license for the licensee to the usage management device, obtains a signed license from the usage management device, and requires a license to be confirmed on the rights management device specified by the licensee If there is a licensee, send the licensee's license to the licensee's rights management device, obtain the signed license from the licensee's rights management device, check whether the contents have been tampered with, and manage the rights If there is a licensee who has delegated the content confirmation in the module, sign it in the rights management module,
The rights inheritance processing device transmits the license for the licensee to which the licensor's signature is attached to the usage management device, and if the license content needs to be confirmed on the rights management device specified by the licensor, the user The license for the licensee with the signature of is sent to the rights management device of the licensee,
The rights inheritance processing device acquires the signed licenses from the rights management device and usage management device of the licensor, confirms that the contents have not been tampered with, and gives a signature signifying establishment, and manages the rights management of the licensor. A valid license is transmitted to the device and the usage management device .

Further, the present invention (Claim 5), when verifying the validity of the license between the right inheritance processing device and the right management device A,
The usage management device, the rights management device, and the rights inheritance processing device each have a DRM storage unit that holds a DRM reliability list relating to a communication partner device,
In the case where the reliability list of a certain right inheritance processing device is not registered in the DRM storage means of the right management device A and the reliability of the right inheritance processing device cannot be confirmed and authentication is not established, another rights management device If the trust list of the right inheritance processing device is registered in the DRM storage means of B, authentication is established between the right management device B and the right inheritance processing device, and the right management device A If the reliability list of the right management device B is registered in the DRM storage means, it is determined that authentication for the right inheritance processing device is established,
Further, when the trust list of the rights management apparatus A is not registered on the DRM storage means of the rights inheritance processing apparatus, the signature of the authentication performed by the rights management apparatus A when establishing a session with the rights inheritance processing apparatus, When the right inheritance processing device can verify with the public key of the licensor's signature indicated in the license referenced during the right inheritance processing, the right inheritance processing device authenticates the right management device A,
Further, when the rights management apparatus approves the license with the signature of the usage management apparatus via the right inheritance processing apparatus, the trust list of the usage management apparatus is stored on the DRM storage unit of the right management apparatus. If it is not registered, the reliability of the usage management apparatus cannot be confirmed, and the authentication is not established, the trust list of the usage management apparatus is stored in the DRM storage means of the right inheritance processing apparatus for which the authentication is established Is registered, and the right inheritance processing apparatus authenticates the use management apparatus when the signed license received from the use management apparatus is authenticated.

The present invention (Claim 6) is a rights management apparatus comprising:
If there are rights management delegates from multiple rights holders,
In addition to the signature of the license licensor, the identification information of each right holder and the signature of the right management device are added and transmitted to the right inheritance processing device.

  FIG. 2 is a principle configuration diagram of the present invention.

The present invention (Claim 7) comprises a user usage management device 200, at least one rights management device 100 of a licensee designated as content used as a secondary content material, and a right inheritance processing device 300. A secondary content rights management system for managing rights when distributing secondary content produced by the usage management device 200,
The usage management device 200
First storage means 226 for storing received license information;
A right inheritance process request transmission means 222 for transmitting a right inheritance process request for proving that the created secondary content is a legitimate secondary content to the right inheritance processing apparatus 300;
When the temporary license A generated by the right inheritance processing apparatus 300 is received and it is confirmed that there is no contradiction in the contents of the temporary license A, the temporary license A is stored in the first storage means 226, and the signature B is added to the signature. A license A-1 verification means 224 that returns a license A-1 with B to the right inheritance processing apparatus 300;
When the license B-2 with signature C to which the signature C of the right management apparatus 100 is attached is acquired from the right inheritance processing apparatus 300, it is verified whether there is a contradiction with the license stored in the first storage unit 226. If there is a license B-2 verification means 223 for giving a signature D for confirmation and transmitting the license D-2 with the signature D to the right inheritance processing apparatus 300,
The rights management device 100
A second storage means 146 for storing the received license information;
When the temporary license B generated by the right inheritance processing apparatus 300 is received and it is confirmed that there is no contradiction in the contents of the temporary license B, the temporary license B is stored in the second storage means, and the license B is signed. A license B-1 verification unit 143 that assigns C and returns a signature C-added license B-1 to the right inheritance processing apparatus 300;
When the license B-added license A-2 with the signature B of the usage management apparatus 200 is acquired from the right inheritance processing apparatus 300, it is verified whether there is a contradiction with the license stored in the second storage unit 146. If there is a license A-2 verification means 142 for giving a signature E for confirmation indicating approval and transmitting the license with the signature E to the right inheritance processing device 300,
The right inheritance processing device 300
Upon receiving a right inheritance processing request from the usage management apparatus 200, a license generating unit 302 that generates a license to be inherited to secondary content including an electronic signature that identifies the DRM method;
The license signature A is granted temporary license A, a temporary license B, transmits a provisional license A to the use management unit 200, with respect to the rights management unit 100, the temporary license transmitting means for transmitting a provisional license B 332 When,
Upon obtaining the use management apparatus signing B with license A-1 200, verifies the signature, if valid, the first license transfer unit 333 to be transmitted to the rights management unit as signature B with license A-2 ,
When the license B-1 with signature C is acquired from the right management apparatus 100, the signature is verified, and if it is valid, the second license transfer means 334 that transmits to the usage management apparatus 200 as the license B-2 with signature C; ,
Use management apparatus 200 whether et signed license B-2 and Signed D signature D is assigned the check against with license B-2 C, the signature of the confirmation for the right management apparatus 100 whether et signature B with license B-2 The signature of the license A-2 with the signature E to which E is attached is verified, and if both of the signatures are valid, the signature D, the signature E, and the signature F meaning establishment are added to the generated license. And a valid license transmitting unit 335 that transmits the usage management apparatus 200 and the right management apparatus 100 as a valid license.

The present invention (Claim 8) comprises a user usage management device, at least one rights management device and rights inheritance processing device of a licensee designated as content used as secondary content material, and the usage management A secondary content rights management program to be executed by a computer used as the usage management device of a secondary content rights management system for performing rights management when distributing secondary content produced by the device,
A right inheritance processing request transmission step for transmitting a right inheritance processing request for proving that the created secondary content is legitimate secondary content to the right inheritance processing device;
The temporary license A generated by the right inheritance processing apparatus is received, it is confirmed that there is no contradiction in the contents of the temporary license A, it is stored in the storage means, the signature B is added, and the license A-1 with signature B is added. A license A-1 verification step to return to the right inheritance processing device as
When the license C-added license B-2 with the signature C of the rights management apparatus is acquired from the right inheritance processing apparatus, it is verified whether there is a contradiction with the license stored in the storage means. A license B-2 verification step of assigning the signature D and transmitting the license D-2 with the signature D to the right inheritance processing apparatus is executed.

The present invention (claim 9) comprises a user management device, at least one rights management device and right inheritance processing device of a licensee designated as content used as a secondary content material, and the usage management A secondary content rights management program to be executed by a computer used as the rights management device of a secondary content rights management system for performing rights management when distributing secondary content produced by the device,
The temporary license B generated by the right inheritance processing device is received, it is confirmed that there is no contradiction in the contents of the temporary license B, it is stored in the storage means, and a signature C is added to obtain a license C-1 with signature C. A license B-1 verification step to be sent back to the right inheritance processing apparatus;
When the signature B-added license A-2 with the signature B of the usage management device is acquired from the right inheritance processing device, it is verified whether there is a conflict with the license stored in the storage means, and if it is valid, it is approved. And a license A-2 verification step of transmitting a license with a signature E to the right inheritance processing apparatus.

The present invention (Claim 10) comprises a user usage management device, at least one rights management device and right inheritance processing device of a licensee designated as content used as a material of secondary content, and the usage management A secondary content rights management program to be executed by a computer used as the rights inheritance processing device of a secondary content rights management system for performing rights management when distributing secondary content produced by the device. ,
When use management device or et secondary content receives the rights inheritance processing request to prove secondary content of normal, generating a license that inherits the secondary content that contains a digital signature that identifies a DRM scheme A license generation step;
The license signature A is granted temporary license A, a temporary license B, it transmits a provisional license A to the use management apparatus for right management apparatus, a temporary license transmission step of transmitting the provisional license B,
When the check was signed B to get the signature B with license A-1 granted that there is no contradiction from the utilization management device to the contents of the temporary license A, it verifies the signature, if it is legitimate, signed with B A first license transfer step for transmitting to the rights management device as a license A-2;
When the check was signed C to obtain a license B-1 signed with C granted that there is no contradiction from the rights management system to the contents of the temporary license B, verifies the signature, if it is legitimate, license Signed C A second license transfer step to transmit to the usage management device as B-2;
Use management device verification of the signature D license B-2 and Signed D has been granted for the signature C with license B-2 from, confirmation of signature E for the signature B with license B-2 is applied from the rights management unit If the signature of the license A-2 with the signature E is verified and both of the signatures are valid, the signature D, the signature E, and the signature F meaning establishment are added to the license generated in the license generation step. Then, an effective license transmission step of transmitting as a valid license to the usage management apparatus and the rights management apparatus is executed.

The present invention (invention 11) is a computer-readable recording medium storing the secondary content right management program according to claim 9 or 10 .

  As described above, according to the present invention, a license generated by rights inheritance processing by a system (right inheritance processing apparatus) provided by a third party that is not related to the licensee is transferred to the licensee (right management apparatus), Evidence that the license is granted with the consent of each person can be given by the signatures of the licensee (use management device) and the intermediary (right inheritance processing device).

  In the present invention, when distributing secondary content generated by electronic processing and editing of content by a user, the rights inheritance processing device and the license management device of the licensor are covered. In the licensee's usage management device, two electronic signatures are added to the license for approval, the reliability between the licensee and the licensee can be confirmed, and the license can be approved without directly negotiating. .

  In addition, since the right inheritance processing device is provided, it is not necessary to perform the right inheritance processing in the right management device in which the right holder has registered the right, so the load due to the right inheritance processing is distributed and paralleled without being concentrated on one server. Since it is processed, the processing efficiency can be improved and the processing time can be shortened.

  By obtaining the approval of the licensor and the licensee through the processing of the right inheritance processing device, it is possible to confirm that the license is consistent, and to detect any incorrect license conversion by the right inheritance processing device. be able to. Even if tampering or the like occurs in the course of processing, it is possible to prevent an incorrect license from being issued by storing the license in the storage unit in each device.

  Also, even if there are multiple contents used for one secondary content, the rights inheritance processing device copies the license for the licensor (right management device), transmits it to the rights management device, and is acquired from the rights management device The signatures attached to the licenses can be integrated to obtain an integrated license.

  In addition, a module having a function of a rights management apparatus is provided inside the right inheritance processing apparatus, and by performing license approval processing within the right inheritance processing apparatus, rapid processing becomes possible and a plurality of other rights When there is a management device, the number of accesses can be reduced according to the number of modular rights management functions.

  In addition, even if there is no trust list for performing DRM authentication in all of the right management device, right inheritance processing device, and usage management device, the result of the license verification if authentication is possible between the two devices Can be trusted.

  By interposing the rights inheritance processing device between the licensor and the licensee, by giving the electronic signature to the license without directly exchanging information between the licensor and the licensee, Since a series of processing can be performed anonymously, not only the conventional right holder but also the general user sends the contents as the right holder, and the secondary user does not identify himself / herself It is possible to license the use of content, manage the rights, and protect the anonymity of the right holder.

  In addition, by giving the licenses, licensees, and rights inheritance processing apparatus signatures to the license, it is possible to prevent denial of the contents posted in the license.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

  First, the outline of the present invention will be described.

  FIG. 3 shows a general system of the present invention, and FIG. 4 shows a configuration of each apparatus of the present invention. FIG. 5 also shows the relationships between devices and their respective trust (DRM) lists in the system of the present invention.

  In the system shown in FIG. 3, at least one right management device 100, usage management device 200, right inheritance processing device 300, and content distribution device 400 are connected to a network 10.

  Hereinafter, each device configuration of the system shown in FIG. 3 will be described with reference to FIGS.

<Rights management device>
The rights management apparatus 100 is an apparatus operated by a licensee such as a rights management company or a rights management business entrusted by the rights holder, and includes a license issuing unit 101, a rights licensing processing unit 102, a DRM authentication unit 130, and a result approval process. Unit 140, license storage unit 150, DRM storage unit 170, and communication interface 180. Among these, the license issuing unit 101 and the right permission processing unit 102 are the same as the license issuing unit and the right permission processing unit of the conventional rights management apparatus shown in FIGS.

  The license storage unit 150 stores content licenses registered from the content distribution device 400 and valid licenses acquired from the right inheritance processing device 300.

  In the DRM storage unit 170, DRM system or DRM system identification information that is determined by the right holder to be reliable through individual tests or the like is registered as a trust list. The trust list is referred to by the DRM authentication unit 130. For example, a trust (DRM) list as shown in FIG. 5 is stored in the DRM storage unit 170 of each right management apparatus 100.

  The DRM authentication unit 130 refers to the trust list in the DRM storage unit 170 to confirm the reliability. If the DRM method corresponding to the received license is not registered in the trust list of the DRM storage unit 170, processing according to a fifth embodiment to be described later can be performed.

  When the license issuing unit 101 transmits a license to the usage management apparatus 200 in response to a user request, the license issuing unit 101 refers to the license storage unit 150 and transmits a license corresponding to the content.

  The right permission processing unit 102 is a function used in an existing DRM system. When a request for acquiring a content protection key is received from a user, the condition described in the license stored in the license storage unit 150 is used. In accordance with the billing process, the key and usage conditions for releasing the content protection are transmitted to the usage management apparatus 200 after completion.

  The result approval processing unit 140 has a function of determining whether the content of the generated license is consistent with the original license of the content stored in the license storage unit 150, and has a memory 146 inside, and inherits rights A hash value is calculated for the license part received from the processing device 300 for the first time, temporarily stored in the memory 146, and compared with the hash value calculated for the license part received for the second time. If so, approve the license, give it a signature, and return it. In the following example, the result approval processing unit 140 is described as having the memory 146, but the present invention is not limited to this example, and a storage unit may be provided in the right management apparatus 100.

<Usage management device>
The usage management device 200 is a device corresponding to a user's terminal, and includes a right permission management unit 201, a result approval processing unit 220, a history storage unit 230, a DRM storage unit 240, a license storage unit 250, a communication interface 260, and DRM authentication. Part 270.

  The right permission management unit 201 is a function used in the existing DRM system, and controls the number of times the content is reproduced, the number of times of copying, the editing method, and the like according to the usage conditions sent from the right management apparatus 100. Further, the content protection is removed by using the charging process or the acquired key to make the content usable. In response to a content use request from a user, the license storage unit 250 is referred to, the use of the content is controlled based on the license granted, and the history is recorded in the history storage unit 230.

  The result approval processing unit 220 has a memory 226 inside, and when acquiring the first license from the right inheritance processing device 300, confirms that there is no contradiction in the contents of the license and calculates a hash value for the license part. Then, it is temporarily stored in the memory 226 in the result approval processing unit 220, and when the second license is received, the hash value is calculated and compared with the hash value stored in the memory 226. If so, approve it, give it a signature and return it. In the following description, the result approval processing unit 220 is described as having a memory 226. However, the present invention is not limited to this example, and a storage unit may be provided in the usage management apparatus 200.

  The license storage unit 250 stores a license permitted by the right permission process of the right permission management unit 201 and a valid license acquired from the right inheritance processing device 300.

  The DRM storage unit 240 includes a trust list registered at the time of manufacture by a device manufacturer and a trust list added by a user who uses each device. For example, a trust list as shown in FIG. 5 is stored.

  The DRM authenticating unit 270 verifies the reliability of the server that is to execute the right processing by referring to the trust list of the DRM system and DRM module that are stored in the DRM storage unit 240. If the DRM method corresponding to the received license is not registered in the trust list of the DRM storage unit 170, processing according to a fifth embodiment to be described later can be performed.

<Right inheritance processing device>
The right inheritance processing device 300 is a device that acts as an intermediary between the right management device 100 and the usage management device 200, and is a device corresponding to a content provider or the like. The right inheritance processing unit 301, the license generation unit 302, the DRM authentication unit 320, The result approval processing unit 330, the DRM storage unit 350, and the communication interface 360 are configured.

  The right inheritance processing unit 301 performs right inheritance processing by the technique described in Non-Patent Document 1, stores a license for content necessary for right inheritance processing in an internal memory, and stores the history from the usage management apparatus 200. Information is received and rights inheritance processing is performed in accordance with the rights inheritance processing conditions described in the license of the content used as the information and material.

  The license generation unit 302 generates a license based on the information acquired from the right inheritance processing unit 301.

  The result approval processing unit 330 verifies the signature, and if the verification is successful, the license acquired from the right management apparatus 100 is transmitted to the usage management apparatus 200, and the license acquired from the usage management apparatus 200 is the right management. Send to device 100 to get each approval. If both are approved, the license is transmitted to the right management apparatus 100 and the usage management apparatus 200 as a valid license.

  The DRM storage unit 350 determines the safety of the DRM used in the client environment by an operator such as a service provider, and registers it as a trust list. For example, if DRM technology that guarantees a certain level of safety is defined in Japan, it shall be registered at a minimum. For example, a trust list as shown in FIG. 5 is stored in the trust list.

  The DRM authenticating unit 320 includes a system that adopts another DRM method by referring to the trusted DRM system stored in the DRM storage unit 250 and a DRM module trust list, and the system on the licensee side and the licensee side. Verify the reliability of the DRM function. If the DRM method corresponding to the received license is not registered in the trust list of the DRM storage unit 170, processing according to a fifth embodiment to be described later can be performed.

<Content distribution device>
The content distribution apparatus 400 includes a content registration management unit 410, a registered content determination unit 420, a content DB 430, and a communication interface 440.

  The registered content determination unit 420 determines whether or not the content to be registered from the usage management apparatus 200 is content that is permitted to be posted by a regular permission process, and if permitted, the content is registered via the content registration management unit 410. Are registered in the content DB 430.

  The license has a configuration shown in FIG. As shown in the figure, the license includes use permission conditions, right inheritance conditions, recommended system information, and issuance information. The use permission condition includes a right permission process condition and a use permission condition. The right inheritance condition includes a condition of right inheritance processing and a permission condition thereof. The recommended system information includes information of a DRM method recommended at the time of rights grant processing and right inheritance processing. The issuance information is information for certifying the issuance of the license. Processing date / time, processed DRM signature, licenser information (signing date / licenseer's signature), issuer information (signing date / licensed person's signature), Issuing system information (established date / time / established signature).

  The license exchanged among the rights management apparatus 100, the rights inheritance processing apparatus 300, and the usage management apparatus 200 includes the processing result (B) including the inheritance contents (A), the processing date and time, and the signature of the processed DRM shown in FIG. The digital signature information including the signature date / licensed person's signature (C), the signature date / licenseer's signature (D), and the establishment date / time / establishment signature (E) is given.

  The result approval processing units 140 and 220 of the right management apparatus 100 and the usage management apparatus 200 prove that a license that is consistent with the intentions of the right holder and the user has been issued by fair rights inheritance processing. An electronic signature is added to the license as information. By confirming the presence / absence of the signature and the completeness of the content by the registered content determination unit 420, the content distribution device 400 confirms that the content registered in the content DB 430 has undergone regular permission processing. Can do. By extending this function to the content distribution apparatus 400, it is possible to operate a content distribution service in which only fair content can be registered and distributed.

  The present invention can be applied to the rights holder's device and the user's device in an independent relationship, and even in the rights inheritance processing performed in a system provided by a third party not related to the rights holder. The purpose is to inherit a license that is consistent with the intention. Therefore, in the result approval processing units 140, 220, and 330 in the right management device 100, the usage management device 200, and the right inheritance processing device 300, these three devices cooperate to execute the right inheritance processing executed by the right inheritance processing device 300. It is determined whether it is reliable, and whether it is consistent with the contents of the licensee processed by the licensee. Specifically, an electronic signature that certifies that a license that is consistent with the intentions of the right holder and the user has been issued by fair rights inheritance processing is inserted into the license.

  Next, the basic processing flow of each device in the above configuration will be described.

  First, processing of the right inheritance processing apparatus 300 will be described. In the following description, it is assumed that communication between devices is performed via a communication interface.

  FIG. 8 is a flowchart of processing of the right inheritance processing apparatus of the present invention.

  Step 101) The right inheritance processing apparatus 300 receives a right inheritance processing request from the usage management apparatus 200.

  Step 102) The communication interface 260 establishes a session with the usage management apparatus 200 by the PKI (Public Key Infrastructure) method. At this time, the DRM authentication unit 320 determines the signature transmitted from the usage management apparatus 200, and refers to the DRM storage unit 350 to determine whether the DRM scheme adopted by the usage management apparatus 200 is reliable. To do. If it is not reliable, it refuses to continue processing. Here, “DRM method is reliable” means that the DRM method of the usage management apparatus 200 exists in the trust (DRM) list on the DRM storage unit 350.

  Step 103) When the reliability of the usage management apparatus 200 is confirmed, the right inheritance processing unit 301 executes the right inheritance process, and passes the license stored in the memory of the right inheritance process internal 301 to the license generation unit 302.

  Step 104) When the right inheritance process is completed, the license generation unit 302 generates a license based on the license acquired in Step 103, and assigns a signature indicating the processing date and time and the execution system to the license. 200 and the rights management apparatus 100. When a license with a signature is obtained from the usage management apparatus 200 and the rights management apparatus 100, the presence of an approved signature and the presence / absence of tampering are confirmed from the entire signature, and transmitted to the usage management apparatus 200 and the rights management apparatus 100 again. If there is any contradiction in the content, process to request approval. In the usage management apparatus 200 and the rights management apparatus 100, if the contents can be approved, the license with the signature is returned.

  Step 105) If the result approval processing unit 330 confirms that all necessary signatures have been obtained, the result approval processing unit 330 determines that the approval has been obtained, and proceeds to Step 106. If not, the result approval processing unit 330 proceeds to Step 108.

  Step 106) The signature generated in step 104 is assigned with the signatures of the rights management device 100 and the user management device 200 and the signature indicating that the license is valid.

  Step 107) A valid license is transmitted to the rights management apparatus 100 which is a licensee.

  Step 108) If the license is approved in Step 105, a valid license is transmitted to the use management apparatus 200 of the licensee. If the license is not approved, the fact is notified.

  Step 109) When all processing is completed, the session is released.

  Next, processing of the usage management apparatus 200 will be described.

  FIG. 9 is a flowchart of processing of the usage management apparatus of the present invention.

  Step 201) First, the usage management apparatus 200 sets the right inheritance processing apparatus 300 recommended in the content license used for the production of the secondary content as the first candidate. Next, it is determined whether the candidate right inheritance processing apparatus is registered in the trust list of the DRM storage unit 240 of the usage management apparatus 200. If registered, the right inheritance processing apparatus 300 has a right to the right inheritance processing apparatus 300. Send a request for inheritance processing. On the other hand, if none of the right inheritance processing devices listed as candidates is registered in the trust list, a request for right inheritance processing is transmitted to the right inheritance processing device registered in the usage management device 200.

  Step 202) Check whether the right inheritance device 300 is the same as the DRM device described in the trust list managed by the DRM storage unit in the usage management device 200, and if they match, the right inheritance is made via the communication interface 360. Authentication and a session are established with the processing apparatus 300. When the right inheritance processing device 300 is denied to execute the processing, the same processing request is made to another right inheritance processing device (details will be described in detail in the fifth embodiment).

  Step 203) When the session is established, right processing relating to right inheritance is performed with the right inheritance processing apparatus 300 via the communication interface 360. At this time, the result of the right processing is stored in the memory 226 of the result approval processing unit 220.

  Step 204) When the processing of Step 203 is completed, a temporary license is transmitted from the right inheritance processing device 300. Details will be described below with reference to FIG.

  First, when the first temporary license is received from the right inheritance processing apparatus 300 (step 2031), the result approval processing unit 220 determines whether the right processing result stored in the memory 226 matches the content of the temporary license. Then, the hash value of the license is obtained and stored in the memory 226 of the result approval processing unit 220. When the second temporary license is received, the hash value of the license is obtained, compared with the hash value stored in the memory 226, and if they match (steps 2032, 2033, Yes), a signature indicating approval is obtained. Is assigned to the temporary license (step 2034) and returned to the right inheritance processing apparatus 300 (step 2035). If the content cannot be approved (step 2033, No), the fact is notified.

  Step 205) Upon receiving a valid license issued from the right inheritance processing apparatus 300, the valid license content is stored in the license storage unit 250, the session is released, and the process is terminated.

  Note that the processing of the usage management apparatus 200 is executed for the license transmitted from the right inheritance processing apparatus 300 in step 407 and step 418 in a sequence chart in FIG.

  Next, processing of the rights management apparatus 100 will be described.

  FIG. 11 is a flowchart of processing of the rights management apparatus of the present invention. FIG. 3A shows an outline of processing, and FIG. 2B shows a flowchart of license approval processing.

  Step 301) Based on the request from the right inheritance processing device 300, a session is established with the right inheritance processing device 300 through the communication interface 180. At this time, mutual authentication is performed with the right inheritance processing device 300 by PKI.

  Step 302) The DRM authentication unit 130 refers to the DRM storage unit 170 to determine whether the DRM method adopted by the right inheritance processing device 300 is reliable based on the signature information. If not reliable, the process proceeds to step 306.

  Step 303) When the result approval processing unit 140 receives the first temporary license from the right inheritance processing device 300, the result approval processing unit 140 determines the signature of the license (Step 301-1), and whether the temporary license content is consistent. (Step 303-2), the hash value of the license is obtained, stored in the memory 146, the received license is approved, the signature is inserted into the temporary license (step 303-3), and the signature is inserted. The temporary license is transmitted to the right inheritance processing device 300 (step 303-4). If they do not match as a result of the comparison, this is notified to the right inheritance processing device 300.

  Step 304) When the result approval processing unit 140 receives the second temporary license from the right inheritance processing device 300, the result approval processing unit 140 determines the signature of the license (Step 304-1), and whether the temporary license content is consistent. (Step 304-2), the hash value of the license is obtained and compared with the previous hash value stored in the memory 146 (step 304-2). If they match as a result of the comparison, the received license is approved, a signature is inserted into the temporary license (step 304-3), and the temporary license with the signature inserted is transmitted to the right inheritance processing apparatus 300 (step 304-). 4). If they do not match as a result of the comparison, this is notified to the right inheritance processing device 300.

  Step 306) When a valid license is received from the right inheritance processing apparatus 300, it is stored in the license storage unit 146 and the session is released.

  Note that the above-described processing of the right management apparatus 100 is executed for the license transmitted from the right inheritance processing apparatus 300 in step 413 and step 417 in a sequence chart in FIG.

  Hereinafter, processing for secondary content will be described as an embodiment of the present invention.

[First Embodiment]
In the present embodiment, processing from the start to the completion of right inheritance for secondary content created by the usage management apparatus 200 will be described. The system configuration is the same as that shown in FIG.

  FIG. 12 is a flowchart of license issuance / content evidence assurance processing according to the first embodiment of this invention.

  In the rights management apparatus 100, permission conditions from the right holder are registered in the license storage unit 150 in advance (step 401).

  The usage management apparatus 200 accesses the right inheritance processing apparatus 300 when producing and transmitting secondary content (step 402). At this time, the usage management apparatus 200 is a candidate for accessing the right inheritance processing apparatus 300 recommended in the license of the content used for the production of the secondary content. Next, it is determined whether the right inheritance processing device 300 as a candidate is registered in the trust list of the DRM storage unit 240 in the usage management device 300. Send a request for rights inheritance processing. If none of the right inheritance processing devices listed as candidates is registered in the trust list, a request for right inheritance processing is transmitted to the right inheritance processing device registered in the usage management device 200.

  Next, mutual authentication is performed in the DRM authentication units 270 and 320 based on the trust lists in the DRM storage units 240 and 350 of the devices 200 and 300 (step 403). At this time, if the right inheritance processing device 300 cannot confirm the reliability of the usage management device 200, the right inheritance processing device 300 can also refuse to continue the processing. If the reliability can be confirmed, a session key is generated (step 404). In the subsequent processing, information is transmitted and received in a form protected by the session key generated here.

  Next, right inheritance processing is executed between the right permission management unit 210 of the usage management device 200 and the right inheritance processing unit 301 of the right inheritance processing device 300 (step 405). Thereafter, in the right inheritance processing device 300, a series of permission processing ends in the right inheritance processing unit 301, and a license generation unit 302 generates a license. An electronic book name as a license issuer certificate is assigned to the license succession contents (FIG. 7A), duplicate data is generated, and one of them is designated as a license α (for licensee) (step 406). ). The generated license α (for the licensee) is transmitted to the licensee's usage management apparatus 200 (step 407).

  Further, the right inheritance processing device 300 accesses the rights management device 100 designated in the license by the right holder of the material content as the licensor in the result approval processing unit 330 (step 410), and the DRM authentication unit 320 performs the DRM storage unit. When mutual authentication is performed based on the trust list 350 (step 411), the license β (for the licensee) copied in step 406 is transmitted (step 413). At this time, the DRM authentication unit 130 of the rights management device 100 on the right holder side refers to the trust list in the DRM storage unit 170 to determine whether the right inheritance processing device 300 is a legitimate system, and is unknown or illegal. If it is a simple device, the continuation of the processing can be refused (step 411). As verification performed here, confirmation of impersonation of the other party (right inheritance processing device 300), check of whether or not the license has been tampered with, check for differences in licenses, and the like are performed.

  In step 407, the usage management apparatus 200 that has received the license α (for the licensee) from the right inheritance processing apparatus 300 has no conflict in the contents of the license part (FIG. 7B) in the result approval processing unit 220. After confirming this, an electronic signature (FIG. 7C) indicating the approval of the contents using biometric information for identifying an individual such as a fingerprint in the license storage unit 250 is used as the license part (for the licensee) ( 7B) (step 408), and returns to the right inheritance processing apparatus 300 (step 409). At this time, the result approval processing unit 220 calculates a hash value for the license part of the received license α (for the licensee) and temporarily stores it in the memory 226.

  On the other hand, when the right β right management apparatus 100 receives the license β (for the licensee) in step 413, the result approval processing unit 140 compares the original licenses in the license storage unit 150, and the signature of the issuer is obtained. It is confirmed that there is no tampering, and it is determined whether the content described in the license is consistent with the original intention of the right holder. (Step 414). When it is confirmed that there is no contradiction, a signature (FIG. 7D) indicating approval of the content (FIG. 7B) is given to the license and returned to the right inheritance processing apparatus 300 (step 415). Note that the key used for the signature is the one registered in advance in the license storage unit 150 together with the license by the right holder. At this time, the result approval processing unit 140 calculates a hash value for the license part of the received license β (for the licensee) and temporarily stores it in the memory 146.

  When the right inheritance processing device 300 receives the license α with confirmation signature (for the licensee) from the usage management device 200 (step 409), the result approval processing unit 330 checks whether the signature has been tampered with, and the contents Is confirmed (step 416), and the license α with confirmation signature (for the licensor) is transmitted to the rights management apparatus 100 of the right holder (step 417).

  On the other hand, when the license β with confirmation signature (for the licensee) is received from the right management apparatus 100 (step 415), the result approval processing unit 330 verifies the signature (step 416), and the license β with confirmation signature (subject (For the licensee) is transferred to the usage management apparatus 200 (step 418).

  When the rights management apparatus 100 receives the signed license with confirmation processing α (for the licensee) of the usage management apparatus transmitted from the right inheritance processing apparatus 300 (step 417), the result approval processing unit 140 receives the license α. The hash value is obtained and compared with the hash stored in the memory 146, and it is confirmed that the contents (FIGS. 7B and 7C) have not been altered or checked against the license contents. Then, a signature (FIG. 7D) indicating the approval of the contents is attached to the whole (FIGS. 7B and 7C) (step 419) and returned to the right inheritance processing apparatus 300 (step 420). .

  When the usage management apparatus 200 receives the license β with confirmation signature (for the licensee) transmitted from the right inheritance processing apparatus 300 (step 418), the result approval processing unit 220 uses the license β. The hash value is obtained and compared with the hash value stored in the memory 226, and the contents ((B) and (D) in FIG. 7) are not falsified or the same as the contents of the license. (Step 421), a signature (FIG. 7C) indicating the approval of the contents is attached to the whole (FIGS. 7B and 7D) and returned to the right inheritance processing apparatus 300 (Step S421). 422).

  When the right inheritance processing device 300 receives the license α with confirmation signature (for the licensor) from the rights management device 100 of the right holder (step 420), the result approval processing unit 330 displays the contents of the signature ((B) in FIG. 7). C) Check (D)) for tampering and confirm that the content has been approved by the right holder.

  When the license β with confirmation signature (for the licensee) is received from the usage management apparatus 200 (step 422), the result approval processing unit 330 receives the signature of each user and the license contents (FIGS. 7B and 7C). (D)) is checked for tampering. When it is confirmed that everything is correct, the result approval processing unit 330 assigns a signature (FIG. 7E) indicating the establishment of the right inheritance process (step 423). When it is confirmed that everything is correct, the signatures of the usage management apparatus 200 and the rights management apparatus 100 and the signature indicating the establishment of the right inheritance process (FIG. 7E) are added to the license generated in step 406. . As a result, two types of licenses such as a licensee license and a licensee storage license as shown in FIG. 13 are generated, and the data (β in FIG. ) Is transmitted as a valid license (for the licensee) (step 425), and the license in which the data (α) is described in the usage management device 200 of the user who is the licensee is valid. As a licensed person) (step 424). As a result, the usage management apparatus 200 stores the license (for the licensee) in the license storage unit 250, and the right management apparatus 100 stores the license (for the licensee) in the license storage unit 150.

  As described above, the license generated by the right inheritance processing device 300 is repeatedly licensed by repeating the approval process twice from the licensee (right management device 100) and the licensee (use management device 200). In the license distribution from the right inheritance processing device 300 for the first time, the user can confirm that the right inheritance processing performed by himself / herself is correctly reflected in the temporary license. Furthermore, by storing this content (the hash value of the license) in memory, the second license distribution confirms that the content of the temporary license with the licensor's approval signature matches the content approved earlier. I can confirm. From this, it can be confirmed that there is no contradiction between the information of the two temporary licenses.

  Similarly, the licensee can confirm that the inherited contents are consistent with his / her intention by the temporary license received for the first time from the right inheritance processing apparatus 300. Furthermore, by saving the contents of the first temporary license in the memory and confirming that the contents match in the approval process of the license distributed for the second time, the contents of the rights inheritance process performed by the licensee It can be confirmed that it is reflected correctly and that there is no impersonation or tampering in the process.

  By these processes, it is possible to prevent impersonation during the process. In addition, in the right inheritance processing device, the right inheritance processing that is consistent with the intentions of the licensee and the licensee is performed because the two licenses have the approval signature of the licensee and the signature of the licensee. Evidence can be achieved, and non-repudiation and content integrity can be achieved.

[Second Embodiment]
In the present embodiment, a case will be described in which there are two or more contents used for production of secondary contents. The system configuration in the present embodiment is the same as the configuration in FIG. 4, but it is assumed that there are a plurality of right management apparatuses 100.

In step 410 and subsequent steps in FIG. 12, if the user uses N pieces of content (N ≧ 2) for producing one secondary content, the right inheritance processing device 300 transmits data to the right management device 100. At this time, the license data to be confirmed is duplicated by the number of right holders (N) and transmitted to the right management apparatuses 100 _{1 to} 100 _N of the individual right holders. As a result, when the signed license data is received from the right management apparatuses 100 _{1 to} 100 _N of the respective right holders, the license generation unit 302 generates a license in which the signature portions of the respective licensees are integrated. As a result, the signatures (D) of the licensee in FIG. Note that by using the digital signature technology XML-Signature for the license text in the XML format, a signature can be given to a specific part of “inherited content” (FIG. 7A). Further, since only the signature part is extracted and the signature is pasted on the XML document in which the same “inherited content” is described, the signature is not falsified, and thus such integration processing is possible.

  Since the processes other than those described above are the same as those in the first embodiment, description thereof is omitted.

[Third Embodiment]
FIG. 14 shows a system configuration according to the third embodiment of the present invention.

  The system shown in the figure has a configuration in which the rights management apparatus 100 and the rights inheritance processing apparatus 300 shown in FIG. In the first embodiment or the second embodiment, when the right holder recognizes the right management apparatus 300, the system uses the function of the right management apparatus 100 as the right management module 570. This is provided in the device 500. When the right inheritance processing device 500 includes the same function as the right management device 100 as the right management module 570 with the function of the right management device 100 designated by the right holder as the license, the right inheritance processing device 500 copies the license. Processing for inquiring the rights management apparatus 100 can be omitted. That is, the processing of the dotted line portion shown in FIG. 15 (steps 410, 411, 412, 413, 414, 417, 420 in FIG. 12) can be omitted. The electronic signature for the license received from the usage management apparatus 200 is added via the right management module 570 instead of the signature given by the right management apparatus 100. Of the generated license, the management of the licensee is registered in the rights management apparatus 100 designated by each rights holder after the rights inheritance process is completed.

  The operation of the present embodiment will be described with reference to FIG.

  Steps 501 to 506) are the same as steps 401 to 406 in FIG.

  Step 507) The right inheritance processing apparatus 500 transmits a license to the right management module 570.

  Step 508) The rights management module 570 gives a signature to the transmitted license in the same manner as in Step 414 in FIG.

  Step 509) The right management module 570 transmits the license with the confirmation signature to the result approval processing unit 530 of the right inheritance processing apparatus 500.

  Step 510) The right inheritance processing apparatus 500 performs the same processing as the step 418 in FIG.

  Step 511) The usage management apparatus 200 performs the same processing as Step 408 in FIG.

  Step 512) The result approval processing unit 220 of the usage management apparatus 200 performs the same processing as in Step 422 of FIG.

  Step 513) The right inheritance processing apparatus 500 performs the same processing as Step 423 in FIG.

  Step 514) The right inheritance processing apparatus 500 performs the same processing as Step 424 in FIG.

  Step 515) The right inheritance processing apparatus 500 transmits the valid license from the result approval processing unit 530 to the right management apparatus 100 designated by the right holder.

  As described above, a confirmation signature can be assigned to the license from the right inheritance processing apparatus 500 via the right management module 570 provided therein, and the management component of the licensee to which the confirmation signature is assigned. Can be transmitted to the designated rights management apparatus 100.

[Fourth Embodiment]
In the present embodiment, when there are a plurality of right holders, the right holder that designates the right management module 570 of the right management / inheritance apparatus 500 in the third embodiment and the right management apparatus 100 that is managed by the right holder itself. This indicates the case where there are mixed rights holders that specify.

  FIG. 16 shows a system configuration in the fourth embodiment of the present invention. The internal configuration of each device in the figure is the same as the configuration in FIGS. 4 and 14.

  Among the plurality of right holders, as the right management apparatus 100, the right holder specifying the right management module 570 provided in the right inheritance processing apparatus 500 in the third embodiment and the right management apparatus 100 managed by the right holder itself are specified. When the right holders who are present exist together, a series of right inheritance processing can be executed by combining the first embodiment or the second embodiment and the third embodiment.

  FIG. 17 is a sequence chart according to the fourth embodiment of the present invention.

  The right inheritance processing apparatus 300 in the first and second embodiments or the right inheritance processing apparatus 500 shown in the third embodiment transmits a license for the licensee to the usage management apparatus 200 (step 607). The contents are confirmed and a signature is received (step 613). When it is necessary to confirm the license contents in the rights management device 100 designated by the licensee, the license for the licensee is sent to the rights management device 100 of each licensee as in the second embodiment. The signature is received (steps 611 and 612).

  Next, upon receiving the signed licenses from the usage management device 200 and the rights management device 100, the right inheritance processing device 500 confirms whether or not tampering has occurred (step 614), and then the licenser who delegated the content confirmation processing. Instead, the rights management module 570 signs (step 616).

  After that, the right inheritance processing apparatus 500 transmits the license for the licensee to which the licensor's confirmation signature is given to the usage management apparatus 200 (step 618). In addition, to the licensee who needs to be confirmed by the designated rights management apparatus 100, the license for the licensee to which the licensee's confirmation signature is given is transmitted to the rights management apparatus 100 (step 620).

  The rights inheritance processing device 500 receives the signed license from the rights management device 100 and the usage management device 200 (steps 619 and 621), and confirms that the content has not been tampered with, and gives a signature signifying establishment ( In step 622), the license is transmitted to the rights management device 100 of each licensee and the usage management device 200 of the licensee (steps 623 and 624).

[Fifth Embodiment]
In the present embodiment, the trust list of the DRM storage unit of any of the rights management apparatus 100, usage management apparatus 300, and right inheritance processing apparatus 200 of FIG. This is an example of enabling authentication of a partner device even when the information for this is not listed.

  Since the system configuration in the present embodiment is the same as that in FIG. 4 described above, description thereof is omitted.

  FIG. 18 is a sequence chart according to the fifth embodiment of the present invention, and corresponds to the processing of steps 410 to 415 in FIG. 12 in the first embodiment.

  The example in the figure shows the establishment of the reliability of the right management apparatus 100 and the right inheritance processing apparatus 300. In this example, there are a plurality of rights management devices operated by different licensees, and the DRM storage unit of one rights management device 100A does not store information necessary to trust the rights inheritance processing device 300. .

  When the rights management apparatus 100A is called to perform an approval process request from the right inheritance processing apparatus 300D (step 701) and a response is received from the right management apparatus 100A (step 702), the DRM storage unit is set in the DRM authentication unit of both apparatuses With reference to this, mutual authentication of devices is performed by the PKI method (step 703), and an attempt is made to establish a session. The trust list of the right inheritance processing device 300D is registered in the DRM storage unit 170 of the right management device 100A. Since there is no trust, the right management apparatus 100A transmits a middle processing notification to the right inheritance processing apparatus 300D as unconfirmed (step 704).

  Next, the rights inheritance processing device 300D calls the rights management device 100B (step 705), and when there is a response from the rights management device 100B (step 706), the DRM authentication unit of both devices refers to the DRM storage unit. Then, mutual authentication of the devices is performed by the PIK method (step 707). As a result, authentication is established and a session is established (step 708).

  The rights inheritance processing apparatus 300D transmits the license (for the licensee) to the rights management apparatus 100B (step 709). As a result, the rights management apparatus 100B checks whether the license has been tampered with or verifies the contents of the license in the same manner as in step 413, determines whether there is a contradiction, and if it is valid, the signature b for confirmation is used. The license is given to the license (step 710), and the license with the confirmation signature b (for the licensee) is returned to the right inheritance processing device 300D (step 711).

  Thereby, the right inheritance processing device 300D verifies the received signature of the license with the confirmation signature b (for the licensee) (step 712), and if valid, calls the right management device 100A again (step 713). When there is a response from the rights management apparatus 100A (step 714), the PKI method mutual authentication is performed between the rights inheritance processing apparatus 300D and the rights management apparatus 100A, and at the same time, the rights management apparatus 100B confirms and a signature is given. The license with the confirmation signature b is transmitted to the right management apparatus 100A (step 715).

  The rights management device 100A authenticates the right inheritance processing device 300D that is the transmission source of the license with the confirmation signature b, and the DRM authentication unit 130 refers to the DRM storage unit 170 to perform device authentication related to the signature b in the license. The approval processing unit 140 checks whether there is a contradiction in the license contents, and if it is valid, the confirmation signature a is given to the received license (step 716), and the license with the confirmation signatures a and b (for the licensee) ) Is transmitted to the right inheritance processing apparatus 300D (step 717). Here, the authentication of the license with the confirmation signature b is successful in the right management apparatus 100A because the trust list of the right management apparatus 100B is registered in the DRM storage unit 170 of the right management apparatus 100A.

  The subsequent processing is the same as the processing after Step 416 in FIG.

  As described above, even when the trust list of the right inheritance processing device 300 is not registered in the DRM storage unit 150 of the right management device 100A, the licensor and the licensee should confirm each other's signature and mutual trust. Thus, the execution of the right inheritance process and the correctness of the contents can be confirmed, and the evidence (signature) of the generated license can be given.

  That is, the rights management apparatus 100 determines the signature of the licensee and the signature of the rights management apparatus operated by another rights holder using the usage management apparatus 200, and determines that any system can be trusted. can do.

  Even in the usage management apparatus 200, when the signature of the licensee is determined and it is confirmed that the license is performed by a reliable apparatus, the processing result can be trusted.

  Even when the usage management device 200 is not registered in the trust list of the DRM storage unit 170 of the licensor (right management device), it is registered in the trust list of the DRM storage unit 350 on the right inheritance processing device 300, and the usage management is performed. When the reliability of the device 200 is guaranteed, the right management device can trust the processing result under the trust of the right inheritance processing device 300.

  When there are a plurality of rights management devices 100, if one or more of the rights management devices are not on the trust list, the processing result cannot be trusted, and a valid license cannot be generated. However, when the signature of the corresponding right management apparatus can be authenticated with the public key indicated by the original content license, the processing result can be trusted, so that the subsequent processing can be executed.

  FIG. 19 is a diagram for explaining a fifth embodiment of the present invention.

  (1) in the figure shows a case where there is no trust relationship between the right management apparatus C and the right inheritance processing apparatus D. Among rights management devices A, B, and C, even if C does not have a trust relationship with the rights inheritance processing device D, that is, even when the rights inheritance processing device D is not registered in the trust list of the DRM storage unit of the rights management device C. If there is a trust relationship between the rights management device C and the rights management device B (if the rights management device B is registered in the trust list of the DRM storage unit of the rights management device C), the second license transmission In the establishment of trust at the time, the right management apparatus B can indirectly trust the right inheritance processing apparatus D and the right management apparatus B can approve the contents to be trusted and authenticated.

  (2) of the figure shows a case where there is no trust relationship between the rights management devices A, B, C and the rights inheritance processing device D. Even when any of the rights management devices A, B, and C cannot directly trust the rights inheritance processing device D, a trust relationship exists between the rights management device A and the usage management device E (right management device A). The usage management device E is registered in the trust list of the DRM storage unit and the right management device A is registered in the trust list of the DRM storage unit of the usage management device E), the usage management device E and the right inheritance processing device D. When trust is established (right inheritance processing device D is registered in the trust list of the DRM storage unit of usage management device E, and usage management device E is registered in the trust list of the DRM storage unit of right inheritance processing device D) ), The right management apparatus A can indirectly trust the license transmitted from the right inheritance processing apparatus D.

  Further, the rights management device B having a trust relationship with the rights management device A and the rights management device C having an indirectly trust relationship can also trust the content approved by the rights management device A.

  Specifically, for example, the right inheritance processing device 300B made by company B and the right management device 100C made by company C are listed in the trust list on the DRM storage unit 170 of the rights management device 100X made by company X. To do. At this time, the rights inheritance processing device 300B manufactured by company B and the rights management device 100C manufactured by company C are determined to be “trusted devices” by the DRM authentication unit 130, but are stored in the DRM storage unit 170 of the rights management device 100X. The right inheritance processing device 300A manufactured by Company A that is not listed in the trust list is determined as an “untrusted device”. In such a situation, when the right management device 100X manufactured by company X confirms the fact that the trusted right management device 100C manufactured by company C trusts the right inheritance processing device 300A manufactured by company A, Based on this, the right inheritance processing device 300A manufactured by Company A is regarded as a reliable device and the processing is continued.

[Sixth Embodiment]
In the present embodiment, an example will be described in which the right management apparatus 100 performs a signature on the license transmitted from the right inheritance processing apparatus 300 using a unique key of the right management apparatus delegated by the right holder. To do.

  When the right management apparatus 100 shown in FIG. 11 has a plurality of rights holders (N persons) who delegate the right management to the right management apparatus 100 when signing the confirmation in step 413, 418 of the license. But one signature proves approval for N people.

  In this case, in addition to the signature for the content part of the license, information for identifying the licensee and the signature of the right management apparatus for the information are added to the licensee signature part (E) in FIG.

  For each of the above usage management device, right management device, and right inheritance processing device, the operation of those components is constructed as a program and installed on the computer used as the usage management device, right management device, and right inheritance processing device. And can be distributed through a network.

  Further, the constructed program can be stored in a portable storage medium such as a hard disk, a flexible disk, or a CD-ROM, and can be installed or distributed in a computer.

  The present invention is not limited to the above-described embodiment, and various modifications and applications can be made within the scope of the claims.

  The present invention is applicable to a technique for distributing secondary content in which content is electronically processed. For example, the present invention can be applied to content distribution in a broadcast service using IPTV (Internet Protocol TeleVision).

It is a figure for demonstrating the principle of this invention. It is a principle block diagram of this invention. It is a system configuration diagram of the present invention. It is a block diagram of each apparatus of this invention. It is a figure which shows the relationship between apparatuses in the system of this invention, and each authentication method. It is a figure which shows the license of this invention. It is a figure which shows the structure of the electronic signature with respect to the license of this invention. It is a flowchart of a process of the right inheritance processing apparatus of this invention. It is a flowchart of a process of the usage management apparatus of this invention. It is a flowchart of a process of the usage management apparatus of this invention. It is a flowchart of a process of the rights management apparatus of this invention. It is a sequence chart of the license issuance / content proof processing in the first embodiment of the present invention. It is an example of the effective license in the 1st Embodiment of this invention. It is a system block diagram in the 3rd Embodiment of this invention. It is a sequence chart in the 3rd Embodiment of this invention. It is a system block diagram in the 4th Embodiment of this invention. It is a sequence chart in the 4th Embodiment of this invention. It is a sequence chart in the 5th Embodiment of this invention. It is a figure for demonstrating the 5th Embodiment of this invention. It is the conventional system block diagram (the 1). It is the conventional system block diagram (the 2).

Explanation of symbols

100 Rights Management Device 101 License Issuing Unit 102 Rights Permission Processing Unit 130 DRM Authentication Unit 140 Result Approval Processing Unit 142 License A-2 Verification Unit 143 License B-1 Verification Unit 146 Second Storage Unit, Memory 150 License Storage Unit 170 DRM Storage unit 180 Communication interface 200 Usage management device 210 Rights permission management unit 220 Result approval processing unit 222 Rights inheritance processing request unit 223 License B-2 verification unit 224 License A-1 verification unit 226 Memory, first storage unit 230 History storage Unit 240 DRM storage unit 250 license storage unit 260 communication interface 300 right inheritance processing device 301 right inheritance processing unit 302 license generation means, license generation unit 320 DRM authentication unit 330 result approval processing unit 332 temporary license sender Stage 333 First license transfer unit 334 Second license transfer unit 335 Effective license transmission unit 350 DRM storage unit 360 Communication interface 400 Content distribution device 410 Content registration / management unit 420 Registered content determination unit 430 Content database (DB)
440 Communication interface 500 Rights inheritance processing device 501 Rights permission processing unit 502 License generation unit 520 DRM authentication unit 530 Result approval processing unit 540 License storage unit 550 DRM storage unit 560 Communication interface 570 Rights management module

Claims (11)

Secondary created by the usage management device in a system comprising at least one rights management device and rights inheritance processing device of a licensee designated as content used as secondary content material A secondary content rights management method for rights management when distributing content,
The usage management device transmits a right inheritance processing request for proving that the created secondary content is legitimate secondary content to the right inheritance processing device,
Upon receipt of the right inheritance processing request, the right inheritance processing apparatus generates a license to be inherited to the secondary content including an electronic signature that specifies the DRM method, and assigns the signature A to the temporary license A, temporary license A license B, the temporary license A is transmitted to the usage management apparatus, the temporary license B is transmitted to the right management apparatus,
When the usage management apparatus receives the temporary license A and confirms that there is no contradiction in the contents of the temporary license A, the usage management apparatus stores the temporary license A in the first storage means and also stores the signature B in the temporary license A. A is given to A and returned to the right inheritance processing apparatus as a license A-1 with signature B,
When the right management apparatus receives the temporary license B and confirms that there is no contradiction in the contents of the temporary license B, the right management apparatus stores the temporary license B in the second storage unit and also stores the signature C in the temporary license B. B is sent to the right inheritance processing apparatus as a license C-1 with signature C,
The inherited rights processing apparatus is sent, and to obtain the signature B with license A-1 from the utilization management device, verifies the signature, if it is legitimate, in the right management device as a signature B with license A-2 And
When the license C-1 with signature C is acquired from the right management device, the signature is verified, and if it is valid, the license B-2 with signature C is transmitted to the usage management device.
When the usage management apparatus acquires the license B-2 with signature C from the right inheritance processing apparatus, the usage management apparatus verifies whether the contents are inconsistent with the license stored in the first storage unit. If it is valid, a confirmation signature D is given, and a license B-2 with signature D is transmitted to the right inheritance processing device,
When the right management apparatus acquires the license A-2 with signature B from the right inheritance processing apparatus, the right management apparatus verifies whether the contents are inconsistent with the license stored in the second storage means. If it is valid, a confirmation signature E is given and sent to the right inheritance processing apparatus as a license A-2 with signature E,
The right inheritance processing device includes the license D-2 with the signature D to which the signature D for confirmation of the usage management device is attached and the license A-2 with the signature E to which the signature E for confirmation of the rights management device is attached. If both signatures are valid, the signature D, the signature E, and the signature F indicating establishment are added to the generated license, and the usage management device and the right A secondary content right management method, comprising: transmitting a valid license to a management apparatus. The right inheritance processing device includes:
If there are multiple licensees and there are different rights management devices for each licensee,
The secondary content right management method according to claim 1, wherein the temporary license is transmitted to each of the right management apparatuses. A secondary content rights management method for managing rights when distributing secondary content produced by a usage management device in a system comprising a user usage management device and a right inheritance processing device,
A right management module is provided in the right inheritance processing apparatus,
The usage management device transmits a right inheritance processing request for proving that the created secondary content is legitimate secondary content to the right inheritance processing device,
When the right inheritance processing apparatus receives the right inheritance processing request, the right inheritance processing apparatus generates a license to be inherited to the secondary content including an electronic signature that specifies a DRM method, assigns a signature A, and uses the rights as a temporary license. To the management module,
The rights management module returns a license with a signature B to which the signature B indicating that the temporary license has been approved is returned to the right inheritance processing device,
When the right inheritance processing device acquires the license with signature B from the right management module, it verifies the signature, and if it is valid, transmits the license with signature B to the usage management device,
When the usage management apparatus acquires the license with signature B from the right inheritance processing apparatus, the usage management apparatus verifies that there is no contradiction in the contents of the license with signature B and verifies the signature. , Sending the license with signature C to the right inheritance processing device,
The right inheritance processing device verifies the signature of the license with the signature C to which the signature C for confirmation of the usage management device is attached. If the signature is valid, the right inheritance processing device adds the signature C and the establishment to the generated license. the signature F of meaning by applying, characterized in that to send a valid license to said gain for managing device and said secondary content of the utilized Licensee-determined rights management device designated in the content as a material Secondary content rights management method. User's usage management apparatus, rights inheritance having at least one rights management apparatus, rights inheritance apparatus, and rights management module having the functions of the rights management apparatus designated as content used as secondary content material A secondary content rights management method for managing rights when distributing secondary content produced by the usage management device in a system comprising processing devices,
The right inheritance processing device transmits a license for the licensor to the usage management device, obtains a signed license from the usage management device, and confirms the license content in the rights management device designated by the licensor. If there is a necessary licensee, the licensee's license is transmitted to the licensee's rights management device, the signed license is obtained from the licensee's rights management device, and whether the contents have been altered or not is checked. If there is a licensee who has confirmed and delegated the content confirmation in the rights management module, sign the rights management module,
The right inheritance processing device transmits a license for a licensee to which the licensor's signature is given to the usage management device, and it is necessary to check a license content in the right management device designated by the licensor. Transmits a license for the licensee to which the user's signature is given to the rights management device of the licensee,
The rights inheritance processing device obtains a signed license from each of the licensee's rights management device and the usage management device, confirms that the content has not been tampered with, and assigns a signature signifying establishment, and grants the permission A valid license to the right management device of the user and the usage management device
A secondary content rights management method characterized by the above . When verifying the validity of the license between the right inheritance processing device and the right management device A,
The usage management device, the rights management device, and the rights inheritance processing device each have a DRM storage means for holding a DRM (Digital Right Management) method reliability list related to a communication partner device,
In the case where the reliability list of a certain right inheritance processing device is not registered in the DRM storage means of the right management device A and the reliability of the right inheritance processing device cannot be confirmed and authentication is not established, other rights management When the trust list of the right inheritance processing device is registered in the DRM storage unit of the device B, authentication is established between the right management device B and the right inheritance processing device, and the right management device If the reliability list of the right management device B is registered in the DRM storage means of A, it is determined that authentication for the right inheritance processing device is established,
Further, when the trust list of the right management apparatus A is not registered on the DRM storage means of the right inheritance processing apparatus, the authentication performed by the right management apparatus A when establishing a session with the right inheritance processing apparatus Can be verified by the public key of the licensor's signature indicated in the license referenced by the right inheritance processing device during the right inheritance processing, the right inheritance processing device authenticates the right management device A,
In addition, when the right management apparatus approves the license with the signature of the usage management apparatus via the right inheritance processing apparatus, the right management apparatus stores the usage management apparatus on the DRM storage unit of the right management apparatus. If the trust list is not registered, the reliability of the usage management device cannot be confirmed, and the authentication is not established, the usage management device is stored on the DRM storage means of the right inheritance processing device for which the authentication has been established. 5. The use management apparatus is authenticated if the trust list is registered and the right inheritance processing apparatus authenticates the signed license received from the use management apparatus. Secondary content rights management method. In the right management apparatus,
If there are rights management delegates from multiple rights holders,
The secondary content rights management method according to any one of claims 1 to 5, wherein identification information of each right holder and a signature of the rights management device are added in addition to the signature of the license licensor and transmitted to the rights inheritance processing device. . The user's usage management device is composed of at least one right management device and right inheritance processing device of the licensee designated as the content used as the secondary content material, and the secondary content produced by the usage management device is A secondary content rights management system for managing rights when distributing,
The usage management device includes:
A right inheritance process request transmitting means for transmitting a right inheritance process request for proving that the created secondary content is a legitimate secondary content to the right inheritance processing apparatus;
When the temporary license A generated by the right inheritance processing apparatus is received and it is confirmed that there is no contradiction in the contents of the temporary license A, the temporary license A is stored in the first storage means, and the signature B is added. A license A-1 verification means for sending back to the right inheritance processing apparatus as an attached license A-1;
When acquiring the license C-added license B-2 with the signature C of the right management device from the right inheritance processing device, it is verified whether there is a conflict with the license stored in the first storage means. If there is a license B-2 verification means for giving a signature D for confirmation and transmitting the license D-2 with signature D to the right inheritance processing device,
The right management device includes:
Second storage means for storing received license information;
When the temporary license B generated by the right inheritance processing apparatus is received and it is confirmed that there is no contradiction in the contents of the temporary license B, the temporary license B is stored in the second storage means and a signature C is given. A license B-1 verification unit that returns the signature C-added license B-1 to the right inheritance processing apparatus;
When the signature B-added license A-2 with the signature B of the usage management apparatus is obtained from the right inheritance processing apparatus, it is verified whether there is a contradiction with the license stored in the second storage means. If there is a license A-2 verification means for giving a signature E for confirmation indicating approval and transmitting the license with the signature E to the right inheritance processing device,
The right inheritance processing device includes:
Upon receipt of the right inheritance processing request from the usage management device, a license generation means for generating a license to be inherited to the secondary content including an electronic signature that specifies a DRM method, and adding a signature A;
The signature A is granted the license temporary license A, and a temporary license B, transmits a provisional license A to the use management apparatus, to the right management device, the temporary license transmission for transmitting the provisional license B Means,
When acquiring the signature B with license A-1 from the use management apparatus, the signature verification performed, if valid, the first license transfer means for transmitting a signature B with license A-2 to the right management device When,
A second license transfer unit that verifies the signature when the license B-1 with signature C is acquired from the right management device, and transmits the license to the usage management device as a license B-2 with signature C if valid; ,
The use management apparatus signature license B-2 and with D signature D of confirmation for the previous SL-signed C with license B-2 has been granted from, confirmation from the right management device for the previous SL-signed B with license B-2 If the signature of the license A-2 with the signature E attached to the signature E is verified and both of the signatures are valid, the signature D, the signature E, and the signature D are added to the license generated by the license generation unit. A secondary content rights management system, comprising: a valid license transmission unit that assigns a signature F signifying establishment and transmits the usage management apparatus and the rights management apparatus as a valid license. The user's usage management device is composed of at least one right management device and right inheritance processing device of the licensee designated as the content used as the secondary content material, and the secondary content produced by the usage management device is A secondary content rights management program to be executed by a computer used as the usage management device of a secondary content rights management system for rights management when distributed,
A right inheritance process request transmission step of transmitting a right inheritance process request for proving that the created secondary content is a legitimate secondary content to the right inheritance processing apparatus;
Receiving the temporary license A generated in the inherited rights processing apparatus, to confirm that there is no conflict with the contents of the temporary license A, serial stores to憶means, license Signed by applying a signature B B A -1 as a license A-1 verification step that is sent back to the right inheritance processing apparatus as
When acquiring the license B-2 with signature C to which the signature C of the rights management device is attached from the right inheritance processing device, the verification is executed by executing a verification module to confirm that there is no contradiction with the license stored in the storage means. A license B-2 verification step of giving a signature D for confirmation if it is valid and transmitting the license D-2 with the signature D to the right inheritance processing device;
A secondary content rights management program, characterized in that The user's usage management device is composed of at least one right management device and right inheritance processing device of the licensee designated as the content used as the secondary content material, and the secondary content produced by the usage management device is A secondary content rights management program to be executed by a computer used as the rights management device of a secondary content rights management system for managing rights when distributed,
Receiving the temporary license B generated by the inherited rights processing apparatus, to confirm that there is no conflict with the contents of the temporary license B, and stores the memorize means, by applying a signature C, the license with the signature C A license B-1 verification step of returning to the right inheritance processing apparatus as B-1;
When the signature B-added license A-2 with the signature B of the usage management apparatus is acquired from the right inheritance processing apparatus, it is verified whether there is a contradiction with the license stored in the storage means. A license A-2 verification step of assigning a signature E for confirmation indicating approval and transmitting the license with the signature E to the right inheritance processing device;
A secondary content rights management program, characterized in that The user's usage management device is composed of at least one right management device and right inheritance processing device of the licensee designated as the content used as the secondary content material, and the secondary content produced by the usage management device is A secondary content right management program to be executed by a computer used as the right inheritance processing device of a secondary content right management system for performing rights management for distribution,
When the use management apparatus or et secondary content receives the rights inheritance processing request to prove secondary content legitimate, licensed to inherit to the secondary content including a digital signature that identifies a DRM scheme A license generation step to generate;
Signature A is granted the license temporary license A, and a temporary license B, transmits a provisional license A to the use management apparatus, to the right management device, the temporary license transmission for transmitting the provisional license B Steps,
When the check was signed B to get a signed license A-1 with B granted that there is no contradiction from the usage management device to the contents of the temporary license A, it verifies the signature, if it is legitimate, signed A first license transfer step for transmitting to the rights management apparatus as a B-attached license A-2;
When the check was signed C to obtain the grant has been signed C with license B-1 that there is no contradiction to the contents of the temporary license B from the right management device, verifies the signature, if it is valid, the signature C A second license transfer step for transmitting to the usage management apparatus as an attached license B-2;
The use management apparatus signature license B-2 and with D signature D of confirmation for the previous SL-signed C with license B-2 has been granted from, confirmation from the right management device for the previous SL-signed B with license B-2 When the signature of the license A-2 with the signature E attached to the signature E is verified and both of the signatures are valid, the signature D, the signature E and the signature E are added to the license generated in the license generation step. An effective license transmission step of assigning a signature F signifying establishment and transmitting as a valid license to the usage management device and the rights management device;
A secondary content rights management program, characterized in that Computer-readable recording medium characterized by storing a rights management program secondary content according to claim 9 or 10.

Images