JP5592584B1 - Content transmission / reception system, content transmission device, content reception device, and program - Google Patents

Abstract

An object of the present invention is to safely provide and manage a decryption key for decrypting encrypted content in the same file as the content.
A content server 300 of a content transmission / reception system 100 embeds a decryption key for decrypting an encrypted first content as a digital watermark in the second content, and embeds the encrypted first content and the digital watermark. One file including the second content is created and this file is transmitted. The user terminal 400 of the content transmission / reception system 100 receives a file from the content server 300 via the network 500, detects a digital watermark embedded in the second content included in the file, acquires a decryption key, and obtains a decryption key. Is used to decrypt the first content contained in the file and reproduce the decrypted first content.
[Selection] Figure 1

Description

  The present invention relates to a content transmission / reception system, a content transmission device, a content reception device, and a program.

  Conventionally, there is a system that provides encrypted content in order to protect the content (see, for example, Patent Document 1).

JP 2003-198831 A

  In a conventional system, a key for decrypting encrypted content is provided separately from the content.

For example, in a certain system, a server that distributes content operates as follows.
(1) Encrypt the content.
(2) Prepare a decryption key.
(3) Upon receiving a content request from the user terminal, the encrypted content is transmitted.
(4) Send the decryption key.

The user terminal (client) operates as follows.
(1) Receive encrypted content.
(2) Receive the decryption key.
(3) The player decrypts the encrypted content using the decryption key.
(4) The content is reproduced by the player.

  The user contracts with the content distributor and acquires a login ID (identifier) and a password. The user inputs a login ID and a password from the user terminal to the server of the distributor. Thereby, the user can search, download, and view content. Since the content is encrypted, the user needs to use a player having a function of decrypting the content with a decryption key distributed separately from the server. By using this player, the user can view the encrypted content without being aware of the decryption key.

  The decryption key is often stored at a specific location in the user terminal. However, the user may accidentally delete the decryption key. In that case, there is a problem that the content downloaded by the user cannot be reproduced.

  An object of the present invention is to provide and manage a decryption key (decryption key) for decrypting encrypted content safely in the same file as the content, for example.

A content transmission / reception system according to an aspect of the present invention includes:
A decryption key for decrypting the encrypted first content is embedded in the second content as a digital watermark, and one file including the encrypted first content and the second content embedded with the digital watermark is created. And a content transmission device for transmitting the file;
Receiving the file from the content transmission device via a network, detecting a digital watermark embedded in the second content included in the file, obtaining the decryption key, and using the decryption key to the file A content receiving apparatus that decrypts the first content included and reproduces the decrypted first content.

  In the present invention, a single file including encrypted content and content in which a decryption key is embedded as a digital watermark is provided. Therefore, according to the present invention, it becomes possible to safely provide and manage the decryption key in the same file as the encrypted content. If the user does not delete the content itself, the decryption key is deleted by mistake, and the content cannot be reproduced.

FIG. 3 is a block diagram showing a configuration of a content transmission / reception system according to Embodiments 1 and 2. FIG. 3 is a block diagram illustrating a configuration of a container file according to the first embodiment. FIG. 3 is a block diagram showing a configuration of a content server according to Embodiments 1 and 2. 7 is a flowchart showing the operation of the content server according to Embodiments 1 and 2. FIG. 3 is a block diagram showing a configuration of a user terminal according to Embodiments 1 and 2. 5 is a flowchart showing an operation of a user terminal according to Embodiments 1 and 2. FIG. 6 is a block diagram showing a configuration of a container file according to Embodiment 2. The figure which shows an example of the hardware constitutions of the content server and user terminal which concern on embodiment of this invention.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

Embodiment 1 FIG.
FIG. 1 is a block diagram showing a configuration of content transmission / reception system 100 according to the present embodiment.

  In FIG. 1, the content transmission / reception system 100 includes at least one authentication server 200, at least one content server 300, and at least one user terminal 400. The authentication server 200, the content server 300, and the user terminal 400 are connected to each other via the network 500. The network 500 is, for example, a LAN (Local Area Network), a WAN (Wide Area Network), the Internet, or a combination thereof.

  As described above, the conventional system has a problem that the decryption key (decryption key) for decrypting the encrypted content is accidentally erased by the user and the content cannot be reproduced. In this embodiment, in order to cope with such a problem, the encrypted content and the decryption key are combined into one file. However, if the decryption key is simply included in the same file as the content, anyone can decrypt the content. Therefore, a decryption key concealment means is required.

  In the present embodiment, a digital watermark is used as a decryption key concealing means. As a result, the decryption key can be securely sent to the user terminal 400.

  The content transmission / reception system 100 operates as follows.

  STEP 1: The user terminal 400 transmits the login ID and password of the user to the authentication server 200. The authentication server 200 verifies the login ID and password, and notifies the user terminal 400 of success or failure of the user login. After successfully logging in, the user terminal 400 transmits a content request to the content server 300.

  STEP 2: The content server 300 prepares encrypted content and a decryption key based on the content request. For example, high-value content such as a main part of a program or a movie is encrypted.

  STEP 3: The content server 300 inserts a decryption key as a digital watermark into content different from the encrypted content. For example, a digital watermark is inserted into unencrypted content, which is not related to the main part like the promotion of other programs or movies. The content server 300 may also insert information regarding a reproduction permission condition, a reproduction permission destination (for example, a login ID or information on the user terminal 400), and the like as a digital watermark. The content server 300 combines the encrypted content and the content with the decryption key concealed using the digital watermark into one file.

  STEP 4: The user terminal 400 downloads a file containing content from the content server 300.

  STEP 5: The user terminal 400 separates the content with the decryption key concealed from the downloaded file. The user terminal 400 detects a digital watermark from the content. Thereby, the user terminal 400 obtains a decryption key.

  STEP 6: The user terminal 400 decrypts the encrypted content using the decryption key.

  STEP 7: The user terminal 400 plays back the decrypted content. For example, if the encrypted content is a main part of a program or a movie, the user can view the main part.

  For example, at least the processing of STEP 5 to STEP 7 is executed by a dedicated player installed in the user terminal 400.

  Desirably, the processing of STEP4 to STEP6 is all executed on the memory. That is, the content separated from the file, the decryption key, and the decrypted content are not stored in a nonvolatile memory such as a hard disk, and disappear when the power is turned off. This improves security.

  By introducing the above-described mechanism, it becomes possible to collectively handle encrypted content and a decryption key for DRM (Digital / Rights / Management). This eliminates accidents such as accidental key deletion. Since a series of viewing operations is completed with only one file, convenience is enhanced. Furthermore, the flexibility of content operation is improved.

  FIG. 2 is a block diagram showing the configuration of the container file 110 according to this embodiment.

  In FIG. 2, a container file 110 corresponds to a file created by the above-described STEP3 process. The container file 110 is a file that can store various types of data such as video and audio together.

  Here, an important content such as a main part of a program is defined as the first content, and a content that is not subject to protection such as advertisement of another program is defined as the second content.

  In the present embodiment, the first content is encrypted for the security of the first content. A key for decryption is embedded in the second content as a digital watermark. Two types of content, the first content and the second content, are multiplexed together with other necessary data (for example, other content) and distributed as one container file 110. As a result, the problem of managing the decryption key can be solved while maintaining the security of the first content.

  The content server 300 (that is, the content providing side) encrypts the first content and generates the first elementary stream (ES1). Note that the encryption of the first content may be performed by a device different from the content server 300. The content server 300 generates the second elementary stream (ES2) by embedding the decryption key in the second content as an electronic watermark. The content server 300 multiplexes the first elementary stream (ES1), the second elementary stream (ES2), and other elementary streams to create one container file 110. The content server 300 sends this container file 110 to the user terminal 400.

  The user terminal 400 (that is, the client side) demultiplexes the sent container file 110 and takes out the second elementary stream (ES2). The user terminal 400 detects the digital watermark by analyzing the video of the second elementary stream (ES2). Thereby, the user terminal 400 takes out the decryption key. The user terminal 400 decrypts the first elementary stream (ES1) using the extracted decryption key. Thereby, the user terminal 400 acquires the first content. The user terminal 400 reproduces the first content with a player.

  FIG. 3 is a block diagram illustrating a configuration of the content server 300. FIG. 4 is a flowchart showing the operation of the content server 300 (the content transmission method according to the present embodiment and the processing procedure of the program according to the present embodiment).

  In FIG. 3, the content server 300 is an example of a content transmission apparatus, and includes a reception unit 301, a selection unit 302, an encryption unit 303, an embedding unit 304, a creation unit 305, and a transmission unit 306. .

  In S <b> 11 of FIG. 4, the reception unit 301 receives input of a plurality of contents and information indicating whether each of the plurality of contents is important. For example, when the data of the video M1 and the data of the video M2 are input as content, the information that the video M1 is the main program (that is, important) and the video M2 is the program advertisement (that is, not important). Are input at the same time. Hereinafter, this example is referred to as Example 1.

  In S12 of FIG. 4, the selection unit 302 selects important content as the first content from a plurality of contents input to the reception unit 301 based on information input to the reception unit 301, and selects unimportant content as the first content. 2 Select as content. In Example 1, the data of the video M1 that is the main program is selected as the first content, and the data of the video M2 that is the program advertisement is selected as the second content.

  In S <b> 13 of FIG. 4, the encryption unit 303 encrypts the first content selected by the selection unit 302. In Example 1, the data of the video M1, which is the main program, is encrypted.

  4, the embedding unit 304 embeds a decryption key for decrypting the first content encrypted by the encryption unit 303 in the second content as a digital watermark. In Example 1, a digital watermark is embedded in the data of video M2, which is a program advertisement.

  In S15 of FIG. 4, the creation unit 305 creates one container file 110 that includes the first content encrypted by the encryption unit 303 and the second content embedded with the digital watermark by the embedding unit 304. In Example 1, the encrypted video M1 data and the video M2 data embedded with the digital watermark are multiplexed as separate elementary streams (ES1 and ES2). Thereby, the container file 110 is created.

  In S <b> 16 of FIG. 4, the transmission unit 306 transmits the container file 110 created by the creation unit 305 to the user terminal 400 via the network 500.

  FIG. 5 is a block diagram illustrating a configuration of the user terminal 400. FIG. 6 is a flowchart showing the operation of the user terminal 400 (the content reception method according to the present embodiment, the processing procedure of the program according to the present embodiment).

  In FIG. 5, a user terminal 400 is an example of a content receiving device, and includes a receiving unit 401, an acquiring unit 402, a decrypting unit 403, and a reproducing unit 404. The user terminal 400 is, for example, a PC (Personal Computer) or a mobile terminal.

  In S <b> 21 of FIG. 6, the reception unit 401 receives the container file 110 transmitted from the content server 300 via the network 500.

  In S <b> 22 of FIG. 6, the acquisition unit 402 detects a digital watermark embedded in the second content included in the container file 110 received by the reception unit 401 and acquires a decryption key. In Example 1, a decryption key is acquired from data of video M2, which is a program advertisement.

  In S23 of FIG. 6, the decryption unit 403 decrypts the first content included in the container file 110 received by the reception unit 401 using the decryption key acquired by the acquisition unit 402. In Example 1, the data of the video M1, which is the main program, is decoded.

  In S24 of FIG. 6, the reproducing unit 404 reproduces the first content decrypted by the decrypting unit 403. In Example 1, data of the video M1, which is the main program, is reproduced.

  Desirably, the reproduction unit 404 reproduces the second content during the execution of the processes of S22 and S23. Thereby, when a certain amount of time is required for the detection of the digital watermark and the decoding of the first content, the time can be effectively utilized. In Example 1, while the user is viewing the program advertisement, the digital watermark detection process and the first content decoding process can be executed. When the decoding of the first content is completed, the playback unit 404 ends the playback of the second content even during the second content, and plays back the first content. Thereby, in Example 1, the user can immediately watch the video M1 of the main program. Note that the playback unit 404 may play back the first content after playing back the second content to the end even if the decoding of the first content is completed. In this case, the user can be forced to view the video M2 of the program advertisement.

  As described above, in the present embodiment, one file including encrypted content and content in which a decryption key is embedded as a digital watermark is provided. For this reason, according to the present embodiment, it becomes possible to safely provide and manage the decryption key in the same file as the encrypted content.

Embodiment 2. FIG.
In the present embodiment, differences from the first embodiment will be mainly described.

  The configuration of content transmission / reception system 100 according to the present embodiment is the same as that of the first embodiment (see FIG. 1).

  FIG. 7 is a block diagram showing the configuration of the container file 120 according to the present embodiment.

  In FIG. 7, the container file 120 corresponds to a file created by the above-described STEP3 process, similarly to the container file 110 shown in FIG.

  Here, the important content such as the main part of the program is set as the first content, and the content that is not subject to protection such as the opening or the title of the same program is set as the second content.

  In the present embodiment, as in the first embodiment, the first content is encrypted for the security of the first content. A key for decryption is embedded in the second content as a digital watermark. Unlike Embodiment 1, each of the first content and the second content is a part of one type of content. For example, the second content is a head portion of one type of content, and the first content is a portion that follows the second content. The second content is not encrypted. In other words, in this embodiment, only a part of one type of content is encrypted, and a digital watermark is embedded in at least another part. This one type of content is multiplexed together with other necessary data (for example, other content) and distributed as one container file 120. As a result, the problem of managing the decryption key can be solved while maintaining the security of the first content.

  The content server 300 (that is, the content provider side) encrypts the first content. Note that the encryption of the first content may be performed by a device different from the content server 300. The content server 300 embeds the decryption key in the second content as a digital watermark. In the second content, not only the decryption key but also information regarding the attribute of the first content (for example, the length or the position in the entire content) may be embedded as a digital watermark. The content server 300 generates an elementary stream (ES) including the encrypted first content as the first part (PT1) and the second content embedded with the digital watermark as the second part (PT2). The content server 300 multiplexes the generated elementary stream (ES) and other elementary streams to create one container file 120. The content server 300 sends the container file 120 to the user terminal 400.

  The user terminal 400 (that is, the client side) demultiplexes the sent container file 120 and takes out an elementary stream (ES) including the first part (PT1) and the second part (PT2). The user terminal 400 detects the digital watermark by analyzing the video of the second part (PT2) of the elementary stream (ES). Thereby, the user terminal 400 takes out the decryption key. The user terminal 400 decrypts the first part (PT1) of the elementary stream (ES) using the extracted decryption key. Thereby, the user terminal 400 acquires the first content. The user terminal 400 reproduces the first content with a player.

  The configuration of the content server 300 is the same as that of the first embodiment (see FIG. 3).

  Hereinafter, the operation of the content server 300 according to the present embodiment (the content transmission method according to the present embodiment and the processing procedure of the program according to the present embodiment) will be described with reference to FIG.

  In S <b> 11 of FIG. 4, the reception unit 301 receives input of video data and information indicating whether or not data of a plurality of time periods included in the video data are important. For example, when data of video M is input as content, the top part of video M is a program opening (that is, not important), and the remaining part of video M is a main program (that is, important). Information is entered simultaneously. Hereinafter, this example is referred to as Example 2.

  In S <b> 12 of FIG. 4, the selection unit 302 selects the important time zone data as the first content from the video data input to the reception unit 301 based on the information input to the reception unit 301, and is not important. The time zone data is selected as the second content. In Example 2, data at the beginning of the video M that is the program opening is selected as the second content, and data other than the top portion of the video M that is the main program is selected as the first content.

  In S <b> 13 of FIG. 4, the encryption unit 303 encrypts the first content selected by the selection unit 302. In Example 2, data other than the head portion of the video M, which is the main program, is encrypted.

  4, the embedding unit 304 embeds a decryption key for decrypting the first content encrypted by the encryption unit 303 in the second content as a digital watermark. In Example 2, a digital watermark is embedded in the data at the beginning of the video M that is the program opening.

  In S15 of FIG. 4, the creation unit 305 creates one container file 120 including the first content encrypted by the encryption unit 303 and the second content embedded with a digital watermark by the embedding unit 304. In Example 2, the data of the video M in which a digital watermark is embedded in the head portion and the remaining portion is encrypted is multiplexed as one elementary stream (ES) with other elementary streams. Thereby, the container file 120 is created.

  In S <b> 16 of FIG. 4, the transmission unit 306 transmits the container file 110 created by the creation unit 305 to the user terminal 400 via the network 500.

  The configuration of the user terminal 400 is the same as that of the first embodiment (see FIG. 5).

  Hereinafter, the operation of the user terminal 400 according to the present embodiment (the content receiving method according to the present embodiment and the processing procedure of the program according to the present embodiment) will be described with reference to FIG.

  In S <b> 21 of FIG. 6, the reception unit 401 receives the container file 110 transmitted from the content server 300 via the network 500.

  In S <b> 22 of FIG. 6, the acquisition unit 402 detects a digital watermark embedded in the second content included in the container file 110 received by the reception unit 401 and acquires a decryption key. In Example 2, the decryption key is acquired from the data at the beginning of the video M that is the program opening.

  In S23 of FIG. 6, the decryption unit 403 decrypts the first content included in the container file 110 received by the reception unit 401 using the decryption key acquired by the acquisition unit 402. In Example 2, data other than the head portion of video M, which is the main program, is decoded.

  In S24 of FIG. 6, the reproducing unit 404 reproduces the first content decrypted by the decrypting unit 403. In Example 2, data other than the head portion of the video M which is the main program is reproduced.

  Desirably, the reproduction unit 404 reproduces the second content during the execution of the processes of S22 and S23. Thereby, when a certain amount of time is required for the detection of the digital watermark and the decoding of the first content, the time can be effectively utilized. In Example 2, while the user is viewing the program opening, it is possible to execute processing for detecting a digital watermark and decoding the first content. Even if the decoding of the first content is completed, the playback unit 404 plays back the first content after playing back the second content to the end. Thereby, the user can view the video M of the entire program. If there is a request from the user when the decryption of the first content is completed, the reproduction unit 404 may end the reproduction of the second content even during the second content and reproduce the first content.

  As described above, also in this embodiment, a single file including encrypted content and content in which a decryption key is embedded as a digital watermark is provided. Therefore, according to the present embodiment, as in the first embodiment, the decryption key can be safely provided and managed with the same file as the encrypted content.

  FIG. 8 is a diagram showing an example of the hardware configuration of the content server 300 and the user terminal 400 according to the embodiment of the present invention.

  In FIG. 8, each of the content server 300 and the user terminal 400 is a computer, and includes hardware such as an output device 910, an input device 920, a storage device 930, and a processing device 940. The hardware is used by each unit of the content server 300 and the user terminal 400 (described as “unit” in the description of the embodiment of the present invention).

  The output device 910 is, for example, a display device such as an LCD (Liquid / Crystal / Display), a printer, or a communication module (communication circuit or the like). The output device 910 is used for outputting (transmitting) data, information, and signals by what is described as “unit” in the description of the embodiment of the present invention.

  The input device 920 is, for example, a keyboard, a mouse, a touch panel, or a communication module (communication circuit or the like). The input device 920 is used for inputting (receiving) data, information, and signals by what is described as a “unit” in the description of the embodiment of the present invention.

  The storage device 930 is, for example, a ROM (Read / Only / Memory), a RAM (Random / Access / Memory), a HDD (Hard / Disk / Drive), or an SSD (Solid / State / Drive). The storage device 930 stores a program 931 and a file 932. The program 931 includes a program for executing processing (function) described as “unit” in the description of the embodiment of the present invention. The file 932 includes data, information, signals (values), and the like that are calculated, processed, read, written, used, input, output, etc. by what is described as “parts” in the description of the embodiment of the present invention. It is.

  The processing device 940 is, for example, a CPU (Central Processing Unit). The processing device 940 is connected to other hardware devices via a bus or the like, and controls those hardware devices. The processing device 940 reads the program 931 from the storage device 930 and executes the program 931. The processing device 940 is used for performing calculation, processing, reading, writing, use, input, output, and the like by what is described as “unit” in the description of the embodiment of the present invention.

  In the description of the embodiment of the present invention, what is described as “unit” may be replaced with “circuit”, “device”, and “apparatus”. Further, what is described as “part” in the description of the embodiment of the present invention may be “part” replaced with “process”, “procedure”, and “process”. That is, what is described as “unit” in the description of the embodiment of the present invention is realized by software alone, hardware alone, or a combination of software and hardware. The software is stored in the storage device 930 as the program 931. The program 931 causes the computer to function as what is described as “unit” in the description of the embodiment of the present invention. Alternatively, the program 931 causes the computer to execute the processing described as “unit” in the description of the embodiment of the present invention.

  As mentioned above, although embodiment of this invention was described, you may implement combining some of these embodiment. Alternatively, any one or some of these embodiments may be partially implemented. For example, only one of those described as “parts” in the description of these embodiments may be employed, or some arbitrary combinations may be employed. In addition, this invention is not limited to these embodiment, A various change is possible as needed.

  100 content transmission / reception system, 110 container file, 120 container file, 200 authentication server, 300 content server, 301 reception unit, 302 selection unit, 303 encryption unit, 304 embedding unit, 305 creation unit, 306 transmission unit, 400 user terminal , 401 reception unit, 402 acquisition unit, 403 decoding unit, 404 playback unit, 500 network, 910 output device, 920 input device, 930 storage device, 931 program, 932 file, 940 processing device.

Claims (6)

A content transmission / reception system for transmitting / receiving first content and second content, which are data of different time zones of the same video,
Embedding a decryption key for decrypting the first encrypted content as an electronic watermark in the second content, one elementary and the second content embedded with the encrypted first content and watermark A content transmission device that creates one file to be included as a stream and transmits the file;
Receiving the file from the content transmission device via a network, detecting a digital watermark embedded in the second content included in the file, obtaining the decryption key, and using the decryption key to the file A content transmission / reception system comprising: a content reception device that decodes the first content included and reproduces the decrypted first content. A content transmission device that transmits first content and second content, which are data of different time zones of the same video,
And the buried portion embedded as electronic watermark decryption key for decrypting the first encrypted content to the second content,
A creation unit that creates one file including the encrypted first content and the second content embedded with a digital watermark by the embedding unit as one elementary stream ;
A content transmission apparatus comprising: a transmission unit that transmits the file created by the creation unit. A receiving unit that receives input of the video data and information indicating whether data of a plurality of time periods included in the video data is important;
Based on the information input to the reception unit, the important time zone data is selected as the first content from the video data input to the reception unit, and the unimportant time zone data is selected from the second data. The content transmission apparatus according to claim 2 , further comprising a selection unit that selects the content. A content receiving device that receives first content and second content that are data of different time zones of the same video,
A receiving unit for decryption key for decrypting the first content and the encrypted first content to receive a single file containing the second content embedded as a digital watermark as a single elementary stream,
An acquisition unit that detects a digital watermark embedded in the second content included in the file received by the reception unit and acquires the decryption key;
A decryption unit that decrypts the first content included in the file received by the reception unit using the decryption key acquired by the acquisition unit;
A content receiving apparatus comprising: a reproduction unit that reproduces the first content decrypted by the decryption unit. A computer that transmits first content and second content that are data of different time zones of the same video ,
And the buried portion embedded as electronic watermark decryption key for decrypting the first encrypted content to the second content,
A creation unit that creates one file including the encrypted first content and the second content embedded with a digital watermark by the embedding unit as one elementary stream ;
The program for functioning as a transmission part which transmits the said file created by the said creation part. A computer that receives the first content and the second content that are data of different time zones of the same video ,
A receiving unit for decryption key for decrypting the first content and the encrypted first content to receive a single file containing the second content embedded as a digital watermark as a single elementary stream,
An acquisition unit that detects a digital watermark embedded in the second content included in the file received by the reception unit and acquires the decryption key;
A decryption unit that decrypts the first content included in the file received by the reception unit using the decryption key acquired by the acquisition unit;
The program for functioning as a reproducing part which reproduces the 1st contents decoded by the decoding part.

Images