JPWO2006064565A1 - Content management system and identification medium - Google Patents

Abstract

The identification medium 200 includes a domain ID for identifying a plurality of devices as one group, and an internal calculation unit 202 that reads or writes the domain ID. When the device 100 has a card interface unit 104 for communication connection of the identification medium 200, and the domain ID of the communication-connected identification medium 200 is a predetermined domain ID that permits content, Allow use of content.

Description

  The present invention relates to a content management system for sharing a right to use copyright-protected digital content among a plurality of users (for example, users in a group (domain) in a specific network) and an identification used in the content management system. It relates to a medium for use.

  Normally, in copyright management of digital content, the right to use a certain content is given to the individual who purchased or acquired the content usage right, or to an individual device, and the content for which the right to use was purchased only by that individual or device Can be used. However, for example, when there are multiple devices in the home, the usage rights purchased for use in one device in the home can be used in other devices connected to the home network. Flexible copyright management operation is desired. On the other hand, even in such a case, it is possible to use the content on the device in the home, but it is necessary to have a usage right management method that controls the content so that it cannot be used outside the home device. .

  Conventionally, for example, there has been a method as described in Patent Document 1 for such a problem. This is to manage a user and a group including the user on the server side that manages the usage right, and to give the right to use the content in units of groups.

JP 2003-132232 A

  However, in the above conventional method, since the group (domain) including the user is managed on the server side that manages the usage right, for example, when a device in the home is newly added to the group in the home, the server side There is a problem that a general user cannot easily add a home device to a group, for example, registration work on the device is required.

  The present invention has been made to solve the above-described problems, and a content management system capable of easily setting a domain for a user of a device and preventing unauthorized use of the content. An object is to obtain an identification medium to be used.

  The content management system according to the present invention includes an identification medium having a domain ID for identifying a plurality of devices as one group, an internal arithmetic unit for reading and writing the domain ID, and an arbitrary identification When the medium is communicatively connected and the domain ID of the identification medium is a domain ID permitting content, the apparatus includes a device permitting use of the content.

  This makes it possible to easily set a domain for the user of the device and to prevent unauthorized use of content.

It is a block diagram which shows the content management system by Embodiment 1 of this invention. It is explanatory drawing which shows the whole structure of the content management system by Embodiment 1 of this invention. It is explanatory drawing which shows the information in the license of the content management system by Embodiment 1 of this invention.

Hereinafter, in order to describe the present invention in more detail, the best mode for carrying out the present invention will be described with reference to the accompanying drawings.
Embodiment 1 FIG.
FIG. 1 is a block diagram showing a content management system according to Embodiment 1 of the present invention.
FIG. 2 is an explanatory diagram showing the overall configuration of the content management system according to the first embodiment of the present invention.

  As shown in FIGS. 1 and 2, the content management system according to the present embodiment includes a plurality (four in the illustrated example) of devices 100 (100a to 100d) and an identification medium 200 (200a to 200d). Since the basic functions of the devices 100a to 100d and the identification media 200a to 200d are the same, the common functions will be described as the device 100 and the identification medium 200 hereinafter.

The device 100 is a device that reproduces and stores digital content, and is, for example, a device that receives and stores digital broadcasts installed in a home. Moreover, although these apparatuses 100a-100d are network-connected, this network connection is not essential.
The device 100 includes a content processing unit 101, a license holding unit 102, a license processing unit 103, and a card interface unit 104. Further, the identification medium 200 is composed of, for example, an IC card having a calculation function, and is configured to be insertable / removable with respect to the device 100. The identification medium 200 includes a storage unit 201, an internal calculation unit 202, and an external interface unit 203.

  The content processing unit 101 in the device 100 is a functional unit that processes content when the license permission by the license processing unit 103 is authorized. The license holding unit 102 is a storage unit that holds license data for permitting use of content. The license data is configured as follows, for example.

FIG. 3 is an explanatory diagram of license data.
Usually, in order to use a copyright-managed content, it is obtained by purchasing license data (content usage right, data necessary for use). Then, such license data is held in the device 100 or the identification medium 200, and the content is used by referring to the license data when the content is used. That is, generally, copyright-managed content is encrypted, and is decrypted using the information in the license data. If the user does not have a valid usage right, the content encryption key is decrypted from the license data. Can not get. For example, the encryption key of the content in the license data is encrypted with the encryption / decryption key that only that device has individually.

  Alternatively, the license data (license information) is managed by the server, and each time the content is used, information necessary for using the content by inquiring the server whether the content can be used or performing the purchase process (to decrypt the content) Obtain and use the encryption key. Although the present invention can be applied to any of these cases, the present embodiment will be described with a system in which license data is held and used in the license holding unit 102 in the device 100.

  As illustrated in FIG. 3, the license data includes, for example, content information, condition information on users who can use the content, content use conditions, and other information. The license processing unit 103 has a function of determining whether or not the content can be used based on this information when using copyright-managed content.

  Thus, in this embodiment, it is assumed that the device 100 purchases and acquires a license and holds it in the license holding unit 102 (the license acquisition method is various methods such as acquisition from a license server on the network). There is no question how to do it here).

  In FIG. 1, a card interface unit 104 is a communication unit for performing communication with the identification medium 200, and issues a card access interface command to the identification medium 200, so that the domain ID is transmitted from the identification medium 200. And a function of generating / setting a domain ID to the identification medium 200. The card interface unit 104 has a function of decrypting the encrypted domain ID acquired from the identification medium 200.

  Further, as shown in FIG. 2, the device 100 includes a card slot (identification medium connecting means) 105 for connecting the identification medium 200. Here, two cards slots 105a and 105b are provided in one device (in this embodiment, device 100a), and two identification media 200 can be connected simultaneously.

  The storage unit 201 in the identification medium 200 includes a rewritable memory such as an EEPROM, and stores a card ID and a domain ID. The card ID is a unique ID for uniquely identifying each identification medium 200 and is fixed (non-rewritable) data. The domain ID is identification information for identifying a plurality of devices as one group, and is provided as rewritable data. The domain ID storage area is configured such that only one domain ID can be set at a time.

  The internal calculation unit 202 is an internal calculation function including, for example, a CPU and a RAM, and has a function of receiving a command from the device 100 and reading a domain ID from the storage unit 201 or rewriting the domain ID. ing. This internal calculation function is a function that is concealed within the identification medium 200 (not commonly disclosed, but commonly held as the identification medium 200). The external interface unit 203 is an interface for performing communication with the device 100.

Next, an operation in the content management system configured as described above will be described.
First, it is assumed that the same domain ID is already set in each of the identification media 200a to 200d. When such identification media 200a to 200d are connected to the devices 100a to 100d as shown in FIG. 2, in each device 100, the card interface unit 104 assigns a domain ID to the connected identification medium 200. Is issued (card access interface command).

  In the identification medium 200, when the external interface unit 203 receives such a command, the internal calculation unit 202 reads the domain ID from the storage unit 201, and sends this to the device 100 as response data of a read request. Here, if the domain ID returned as a response from the identification medium 200 is the data as it is, there is a risk that the data is illegally read and used. For this reason, the internal calculation unit 202 is not generally disclosed, but each identification medium 200 has a data encryption / decryption function that is commonly held. When returning a domain ID, the internal calculation unit 202 uses this encryption function. It is encrypted and returned as an encrypted domain ID.

  On the device 100 side, the encrypted domain ID received by the card interface unit 104 is decrypted and sent to the license processing unit 103. The license processing unit 103 collates the domain ID of the identification medium 200 with the domain ID that can use the content in the license holding unit 102, and determines that the device is permitted if they match. As a result, the content processing unit 101 uses predetermined content. By such an operation, all the devices 100 connected to the identification medium 200 having the same domain ID can use the content.

Next, the domain ID initial setting operation will be described.
First, a domain ID generation method will be described. The domain ID is generated inside the identification medium 200. For example, the identification medium 200a is inserted into the card slot 105a of the device 100a, and a card access interface command indicating generation / setting of a domain ID is transmitted from the device 100a. Thereby, in the identification medium 200a, the internal calculation unit 202 automatically generates a domain ID. As this generation method, for example, the domain ID is obtained by reversing the byte sequence of the card ID. Such an operation is performed for each identification medium 200, and a domain ID corresponding to each card ID is set. Here, since each card ID differs for each identification medium 200, a different domain ID is set. The initial domain ID may not be automatically generated in the identification medium 200 but may be acquired from a server (not shown).

Next, a process for setting a common domain ID for the identification medium 200 in which such different domain IDs are set will be described.
For example, a case where a new identification medium 200b used in the device 100b is registered as the same domain (participates in the domain) will be described as an example.
First, the identification medium 200a in which the domain ID is already set is inserted into one of the two card slots 105a and 105b of the device 100a. Then, an identification medium 200b for rewriting the domain ID is inserted into the other card slot 105b.

Next, the card interface unit 104 reads the domain ID from the above-described identification medium 200 with respect to the identification medium 200a inserted into the one card slot 105a to obtain the encrypted domain ID, This is temporarily held in a storage unit (not shown). Then, a card access interface command for setting a domain ID is issued to the identification medium 200b inserted into the other card slot 105b, and an encrypted domain ID is sent together with this card access interface command.
Thereby, in the identification medium 200b, the internal calculation unit 202 decrypts the encrypted domain ID and sets it as the domain ID in the storage unit 201.

  In addition, such a domain ID copy process is performed only when two identification media 200 are simultaneously inserted into the device 100a. In this way, a safer domain ID setting can be realized.

  By performing the domain ID copy process as described above, the domain ID can be easily set even with the new identification medium 200.

In the above example, the case where the device 100a to which the domain ID is copied has the two card slots 105a and 105b has been described. However, there is a device having only one card slot 105. Therefore, a method capable of performing copy processing corresponding to such a device will be described next.
First, the identification medium 200 in which the domain ID is already set is inserted into the card slot 105, and the card interface unit 104 reads the domain ID from the identification medium 200 by a card access interface command for reading the domain ID, and temporarily Specifically, the domain ID is stored in the device 100.

  Next, the identification medium 200 in which the domain ID has already been set is removed from the card slot 105, and the identification medium 200 in which the domain ID is newly set is inserted into the card slot 105. Then, the card interface unit 104 sends the card access interface command for setting the identification medium 200 and the domain ID temporarily stored in the device 100 to the inserted identification medium 200. The subsequent internal operation in the identification medium 200 is the same as the domain ID setting operation described above.

  In such a case, the domain ID is read from the identification medium 200 for which the domain ID has already been set, and is temporarily read in the device 100 until the setting of the domain ID for another identification medium 200 is completed. Remember your domain ID. For this reason, when the domain ID is read from the identification medium 200 for which the domain ID has already been set and another card is not inserted, the temporarily read domain ID remains in the device 100. Therefore, the possibility that the domain ID is illegally used increases.

  Therefore, the card interface unit 104 of the device 100 reads the domain ID from the identification medium 200 for which the domain ID has already been set, and then the identification medium 200 for which a new domain ID is desired to be set even after a certain period of time. Is not inserted or the card access interface command for setting the domain ID is not issued, the read domain ID is erased, and the domain ID setting process is controlled to be interrupted. That is, if a predetermined time or more elapses after the domain ID is acquired from the identification medium 200 in which the domain ID is set and the identification medium 200 in which the domain ID is newly set is connected, the domain ID Disable the setting process. By performing such processing, it is possible to prevent the use of an illegal domain ID.

  As the domain ID setting operation, the identification medium 200 for which the domain ID has already been set is rewritten. However, the common domain ID is used by using the identification medium 200 for which the domain ID has not been set. May be set.

In the first embodiment, the card interface unit 104 decrypts the encrypted domain ID. However, other function units may decrypt the encrypted domain ID in the device 100.
Further, in the first embodiment, in the domain ID copy process in the two identification media 200, encryption is performed when the domain ID is read. However, in the copy process, the copy process is performed without encryption. You may do it. Alternatively, only when the above-described two identification media 200 are simultaneously inserted into the device 100a, the copy process may be performed without encryption.

  In the first embodiment, the case where an IC card is used as the identification medium 200 has been described. However, a medium that has a data storage area, an internal arithmetic unit, and an external interface function and can be inserted into and removed from the device 100. Anything is applicable.

  As described above, according to the content management system of the first embodiment, the internal for performing at least one of the domain ID for identifying a plurality of devices as one group and the reading or writing of the domain ID. An identification medium having a calculation unit and a communication means for the identification medium, and any identification medium is connected for communication, and the domain ID of the identification medium is a predetermined domain ID that permits content In such a case, since a device that permits the use of the content is provided, it is possible to easily set a domain for the user of the device and to prevent unauthorized use of the content.

  Further, according to the identification medium of the first embodiment, it has an interface with an arbitrary device, a domain ID for identifying a plurality of devices as one group, and an internal calculation unit. Since the domain ID is read and the domain ID is given based on the interface command from the outside, the domain ID can be read and written by the interface command from the outside.

  Further, according to the identification medium of the first embodiment, when the domain ID is assigned, the internal arithmetic unit generates the domain ID using information for uniquely identifying the identification medium. It is possible to set a highly secure domain ID with a simple configuration.

  Further, according to the identification medium of the first embodiment, the internal arithmetic unit has the encryption / decryption means, and when outputting the domain ID to the outside, the encryption means is generated using the encryption means. When the encrypted domain ID is received from the outside, the domain ID is decrypted using the decryption means, and the domain ID is assigned. There is an effect that the setting process can be performed more safely.

  Further, according to the identification medium of the first embodiment, since only one domain ID is held, it is possible to prevent unauthorized domain setting and to obtain a highly reliable identification medium. There is.

  In addition, the content management system according to the first embodiment has an interface with an arbitrary device, a domain ID for identifying a plurality of devices as one group, and an internal calculation unit. Based on the interface command from the outside, the domain ID is read and the identification medium configured to give the domain ID, the identification medium set with the domain ID, and the identification for newly setting the domain ID Identification medium for making a domain ID read request to the identification medium for which the domain ID is set and setting the domain ID for the domain ID obtained by the read request And an identification medium for newly setting a domain ID from an identification medium in which the domain ID is set. Since the domain ID is set for the device medium, connect the identification medium to the device, and select the menu such as “Set new domain” or “Add new function to domain” from the device function menu. Since the domain can be set only by executing, there is no need to set various parameters, and there is an effect that the domain can be easily set for the user of the device. In addition, since domain identification media must be used for domain settings, unauthorized domain settings can be prevented. As a result, secure rights sharing within the domain is possible, and secure copyright management and It is possible to provide convenience.

  Further, according to the content management system of the first embodiment, only when a device is connected simultaneously with an identification medium for which a domain ID is set and an identification medium for which a new domain ID is set. Since a new domain ID is set, there is an effect that a safer domain ID can be set.

  In addition, the content management system according to the first embodiment has an interface with an arbitrary device, a domain ID for identifying a plurality of devices as one group, and an internal calculation unit. The identification medium is configured to read the domain ID based on an external interface command and to assign the domain ID, and a single identification medium connection unit. The domain ID is connected to the identification medium connection unit. Is connected to an identification medium for acquiring a domain ID from the identification medium and holding it, and then connecting the identification medium for setting a new domain ID to the identification medium connection means. The identification medium having the domain ID is provided with a device that sends the retained domain ID to the identification medium for setting the domain ID. Since the domain ID is set for the identification medium for newly setting the domain ID, a simple and safe domain ID can be used even in a system having only a single identification medium connection means. There is an effect that can be set.

  Further, according to the content management system of the first embodiment, after the device acquires the domain ID from the identification medium for which the domain ID is set, the identification medium for newly setting the domain ID is connected to the device. Until a predetermined time has passed, the domain ID setting process is invalidated, so even a system having only a single identification medium connection means can set a safer domain ID. There is an effect that can be performed.

  Further, according to the content management system of the first embodiment, since the identification medium is an IC card, it is possible to construct a content management system using a widely used IC card. Copyright management and convenience of various contents can be realized.

Embodiment 2. FIG.
The second embodiment relates to control when each device 100 is connected to the network in the configuration of the first embodiment, and data is transmitted / received between these devices 100. Since the configuration on the drawing is the same as that of the first embodiment, these drawings will be used for explanation.
Each device 100 has a network communication control unit (not shown), and negotiates with each other when transmitting and receiving data. Here, the communication control unit acquires the domain ID of the identification medium 200 via the card interface unit 104, and establishes communication only when the domain IDs match each other.
The data transmission / reception control based on the domain ID is not limited to such communication control, and other control methods may be used.

  As described above, according to the content management system of the second embodiment, data transmission / reception is performed only between devices set with the same domain ID among a plurality of devices connected via a network. Data transmission / reception control of each device connected to the network can be performed with a simple configuration and high security.

  In addition, according to the content management system of the second embodiment, the domain ID is confirmed before data transmission / reception between the communicating devices, and if the domain ID is the same, the data transmission / reception is performed. Since it is executed, a specific method for data transmission / reception control of each device connected to the network can be provided, and data transmission / reception control can be performed while maintaining higher security.

  As described above, the content management system according to the present invention performs domain management of a plurality of devices using an identification medium, and is used for a digital information recording / reproducing apparatus having a function for realizing copyright protection. Suitable for

Claims (12)

An identification medium having a domain ID for identifying a plurality of devices as one group, and an internal processing unit that performs at least one of reading or writing of the domain ID;
If there is a means for communicating with the identification medium, any identification medium is communicatively connected, and the domain ID of the identification medium is a predetermined domain ID that permits the content, the content is used. Content management system with devices to allow.   It has an interface with an arbitrary device, a domain ID for identifying a plurality of devices as one group, and an internal calculation unit. An identification medium configured to read and to assign the domain ID.   3. The identification medium according to claim 2, wherein, when the domain ID is assigned, the internal calculation unit generates the domain ID using information for uniquely identifying the identification medium. The internal arithmetic unit has encryption / decryption means, and when outputting the domain ID to the outside, generates and outputs the encryption domain ID using the encryption means,
3. The identification medium according to claim 2, wherein when an encrypted domain ID is received from the outside, the domain ID is decrypted using the decryption means, and the domain ID is assigned.   The identification medium according to claim 2, wherein only one domain ID is held. It has an interface with an arbitrary device, a domain ID for identifying a plurality of devices as one group, and an internal calculation unit, and the internal calculation unit uses the internal calculation unit to set a domain ID based on an interface command from the outside. An identification medium configured to read and to assign the domain ID;
When an identification medium for which a domain ID is set and an identification medium for newly setting a domain ID are connected, a domain ID read request is issued to the identification medium for which the domain ID is set. And a device for sending the domain ID obtained by the read request to an identification medium for setting the domain ID,
The content management system according to claim 1, wherein a domain ID is set for an identification medium for newly setting a domain ID from the identification medium for which the domain ID is set.   The new domain ID is set only when an identification medium in which a domain ID is set and a new identification medium for setting a domain ID are connected to a device at the same time. 6. The content management system according to 6. It has an interface with an arbitrary device, a domain ID for identifying a plurality of devices as one group, and an internal calculation unit, and the internal calculation unit uses the internal calculation unit to set a domain ID based on an interface command from the outside. An identification medium configured to read and to assign the domain ID;
When an identification medium having a single identification medium connection means and a domain ID set to the identification medium connection means is connected, the domain ID is acquired from the identification medium and held. After that, when an identification medium for newly setting a domain ID is connected to the identification medium connection means, a device is provided that sends the held domain ID to the identification medium for setting the domain ID. ,
The content management system according to claim 1, wherein a domain ID is set for an identification medium for newly setting a domain ID from the identification medium for which the domain ID is set.   If the device has acquired a domain ID from an identification medium for which a domain ID is set and a new identification ID setting medium has been connected, the device will return the domain ID 9. The content management system according to claim 8, wherein the setting process is invalidated.   2. The content management system according to claim 1, wherein the identification medium is an IC card.   2. The content management system according to claim 1, wherein data transmission / reception is performed only between devices set with the same domain ID among a plurality of devices connected via a network.   12. The domain ID is confirmed before data transmission / reception between devices performing communication, and the data transmission / reception is executed when the domain ID is the same. Content management system.

Images