201207663 六、發明說明: 【發明所屬之技術領域】 [0001] 本發明涉及數位版權保護技術領域,特別涉及數位檔在 傳播過程中啟用的服務提供裝置、用戶終端及版權保護 方法。 【先前技術】 [0002] 現在的多數資料都未採用版權保護技術,因此可以將數 位檔隨意地從電腦或者一個便攜終端拷貝到其他電腦或 便攜終端中,導致非法複製。非法的複製行為往往嚴重 侵害數字檔提供者和有關權利人的利益,為了應對這種 情況’實現數位檔的保護,防·止内容的非法流通,數位 版權管理技術相應而生,這類技術將需要進行版權保護 的數位檔進行加密編碼後送到用戶終端,用戶通過獲得 的密鑰來對數位檔進行解密後使用。上述通過密鑰來對 數盖檔進行保護的方法,密鑰可同時提供給多個用戶在 終端上使用’同樣存在非法複製數位檔的可能。 【發明内容】 :::; [0003] 鑒於此,有必要提供一種防止用戶終端非法複製數位稽 的服務提供裝置,一種不能非法複製數位檔的用戶終端 及一種防止數位檔被用戶終端非法複製的數位版權保護 方法。 [0004] —種應用於數位版權保護中的服務提供裝置,所述服務 提供裝置用於發佈經加密的數位檔及該數位檔對應的授 權檔,所述授權檔根據用戶終端的硬體資訊生成。 [0005] 099127197 一種用戶終端’所述用戶終端内安裝有數位版權管理器 表單编號A0101 第4頁/共13頁 0992047781-0 201207663 ’數位版權管理器用於解密從一服務提供裝置提供的授 權槽,所述授權檔對應一已加密的數位檔,所述數位版 權管理器還用於獲取所述授權檔中的硬體資訊,判斷授 權檔中的硬體資訊與該用戶終端的硬體資訊是否一致, 並在一致時’允許用戶終端取得與該授權檔對應的數位 檔的授權。 [0006] Ο [0007] Ο [0008] [0009] [0010] 一種數位版權保護方法,包括如下步驟:用戶終端向一 服務提供裝置發送下載已加密數位檔的請求;從所述服 務提供裝置下載已加密數位檔以及與所述數位檔對應的 授權檔,所述授權檔中嵌入有所述用戶終端的硬體資訊 ;判斷授權檔中的硬體資訊與所述用戶終端的硬體資訊 是否一致;及在授權檔的硬體資訊與用戶終端的硬體資 訊一致時’允許該用戶終端獲得數位檔的授權。 上述服務提供裝置、甩戶終端及數位版權保護方法,藉 由將用戶終端的硬體資訊融合到授權檔中,只有硬體資 訊與授權檔中的硬艘資訊一致的用戶終端才能使用相應 的數位樓’能夠防止對數位槽的非法複製。 【實施方式】 請參閱圖1,為數位版權保護系統10的示意圖,包括版權 所有者100、服務提供裝置200及用戶終端3〇(^ 版權所有者100用於提供數位檔給服務提供裝置200。 服務提供裝置200負責數位檔的發佈,服務提供裝置2〇〇 對數位稽進行加密處理後通過網路發佈該數位權。服務 提供裝置200還用於獲取用戶終端3〇〇的硬體資訊(如用戶 099127197 表單編號Α0101 第5 1/共13頁 0992047781-0 201207663 終端3 0 0主板的序列號、硬碟的序列號等),並根據該硬 體資訊生成授權檔,該授權檔用於數位檔的解密,並與 數位播唯一對應。 [0011] [0012] 099127197 用戶终端300通過網路申請下載服務提供裝置2〇〇上已加 密的數位播A時,服務提供裝置200獲取用戶終端3〇〇的硬 體資訊,並根據該硬體資訊生成一授權檔,其中,所述 硬體資訊嵌入所述授權檔中,該授權檔與該數位檔八唯一 對應。該服務提供裝置2 0 0回應用戶的申請將該數位播a 及其對應的授權檔發送至用戶終端300。用戶終端3〇〇内 安裝有數位版權管理器(圖未示)。其中,服務提供裝 置200根據該硬體資訊生成該授權檔後,還利用一加密演 算法對該授權檔進行加密。數位版權管理器内存儲有授 權檔解密演算法’在本實施方式中,對應同一用戶終端 300,當該用戶終端300通過網路申請下載服務提供裝置 200上多個已加密的數位檔時,對應該多個數字檔的授權 檔均為根據用戶終端300的硬體資訊通過同一加密演算法 進行加S ’該_密演算法與該加密演算法對應。該數 位版權管理H利㈣授權輯密演算法解㈣權槽並 判斷授權檔中的硬體資訊射請下載數位檔的用戶終端 3〇(m硬體資訊是否H兩硬體f訊—料,數位版 權管理器允許用戶終端300獲得數位檔八的授權利用授 權樓對數位槽A進行解密以供用戶終端糊使用。當兩= =資訊不-致時,數位版權管理器拒絕用戶終端:獲得 數位檔A的授權,用戶終端_不能使用數位射。 這樣’即使其他用戶將該數位構A拷貝到其他電腦中由 表單編號A0101 第6頁/共13頁 0992047781-0 201207663 於授權檔中的硬體資訊與該電腦中的硬體資訊不一致, 因此無法取得該數位檔A的授權。 [0013] 請參閱圖2,為下載數位檔的流程圖,包括以下步驟: [0014] 用戶終端300通過網路申請下載服務提供裝置2〇〇上的數 位檔A (S601 )。 [〇〇15]服務提供裝置200回應用戶終端下載數位檔A的請求,獲 取用戶終端300的硬體資訊(S603 )。 〇 [0016]服務提供裝置200根據獲取的硬體資訊生成經加密的授權 檔,所述硬體資訊嵌入所述授權檔中(S605 )。 [_用戶終端3GO下載數位檔A時,該服務提供裝置2_該數 位檔A及其對應的授權檔發送至該用戶終端3〇〇。(S6〇7 )° [0018]請參閱圖3,為對數位檔A進行解密時的流程圖,包括以 下步驟: ❹ [0_ 獲取數位稽A對應的择權檔(§8〇1 )。 [〇〇2〇]存儲有授權檔解密演算法的數位版權管理器解密授權文 件(S803)。 [0021] 數位版權管理器獲取授權檔中的硬體資訊(S8〇5 )。 [0022] 數位版權管理器判斷授權檔中的硬體資訊與用戶終端3〇〇 的硬體資訊是否一致(S807 )。 [0023] 如果資訊一致,數位版權營理器允許用戶終端3〇〇獲得數 位檔的授權,利用授權檔解密數位檔以供用戶終端3〇〇使 099127197 表單編號A0101 第7頁/共13買 0992047781-0 201207663 用(S809 ),流程結束。 [0024] 如果兩硬體資訊不一致,則無法對該數位檔A進行解密, 流程結束。 [0025] 上述對數位檔進行保護的系統及方法,通過將用戶終端 300的硬體資訊融合到授權檔中,只有硬體資訊與授權檔 中的硬體資訊一致的用戶終端300才能使用相應的數位檔 ,能夠防止對數位檔的非法複製。 【圖式簡單說明】 [0026] 圖1為一實施方式中數位版權保護系統的示意圖。 [0027] 圖2為下載數位檔的流程圖。 [0028] 圖3為對數位檔進行解密時的流程圖。 【主要元件符號說明】 [0029] 版權所有者:100 [0030] 服務提供裝置:200 [0031] 用戶終端:300 [0032] 下載數位檔的步驟:S601-S607 [0033] 對數位檔進行解密的步驟:S8(U-S809 099127197 表單編號A0101 第8頁/共13頁 0992047781-0201207663 VI. Description of the Invention: [Technical Field] The present invention relates to the field of digital copyright protection technology, and more particularly to a service providing apparatus, a user terminal, and a copyright protection method in which a digital file is enabled during propagation. [Prior Art] [0002] Most of the current materials do not use copyright protection technology, so digital files can be freely copied from a computer or a portable terminal to other computers or portable terminals, resulting in illegal copying. Illegal copying behavior often seriously infringes on the interests of digital file providers and related rights holders. In order to cope with this situation, 'the realization of digital file protection, prevention of illegal circulation of content, digital copyright management technology, and such technology will The digital file that needs copyright protection is encrypted and encoded and sent to the user terminal, and the user decrypts the digital file by using the obtained key. In the above method of protecting the log file by the key, the key can be provided to multiple users at the same time. The same illegal copy number is also available. SUMMARY OF THE INVENTION :: [0003] In view of this, it is necessary to provide a service providing device for preventing a user terminal from illegally copying a digital address, a user terminal that cannot illegally copy a digital file, and a digital terminal that prevents the digital file from being illegally copied by the user terminal. Digital copyright protection method. [0004] A service providing apparatus for digital copyright protection, wherein the service providing apparatus is configured to issue an encrypted digit file and an authorization file corresponding to the digit file, and the authorization file is generated according to hardware information of the user terminal. . [0005] 099127197 A user terminal 'The user terminal is installed with a digital rights manager form number A0101 Page 4 / 13 pages 0992047781-0 201207663 'The digital rights manager is used to decrypt the authorization slot provided from a service providing device The authorization file corresponds to an encrypted digit file, and the digital rights manager is further configured to obtain hardware information in the authorization file, and determine whether the hardware information in the authorization file and the hardware information of the user terminal are Consistent, and when consistent, 'allows the user terminal to obtain authorization for the digital file corresponding to the authorization file. [0006] [0009] [0009] [0010] A digital copyright protection method, comprising the steps of: a user terminal transmitting a request to download a encrypted digital file to a service providing device; downloading from the service providing device An encrypted digit file and an authorization file corresponding to the digit file, wherein the authorization file has embedded hardware information of the user terminal; determining whether the hardware information in the authorization file is consistent with the hardware information of the user terminal And allow the user terminal to obtain the authorization of the digital file when the hardware information of the authorized file is consistent with the hardware information of the user terminal. The service providing device, the tenant terminal and the digital copyright protection method can integrate the hardware information of the user terminal into the authorization file, and only the user terminal whose hardware information is consistent with the hard ship information in the authorization file can use the corresponding digit. The floor 'can prevent illegal copying of the digital slot. [Embodiment] Please refer to FIG. 1, which is a schematic diagram of a digital copyright protection system 10, including a copyright holder 100, a service providing apparatus 200, and a user terminal 3 (the copyright holder 100 is used to provide a digital file to the service providing apparatus 200. The service providing device 200 is responsible for the issuance of the digital file, and the service providing device 2 performs the encryption process on the digital device to issue the digital right through the network. The service providing device 200 is further configured to acquire the hardware information of the user terminal (eg, User 099127197 Form No. Α0101 5th/13th page 0992047781-0 201207663 Terminal 3 0 0 motherboard serial number, hard disk serial number, etc.), and generate an authorization file based on the hardware information, the authorization file is used for the digital file Decryption, and uniquely corresponding to digital broadcasting. [0012] When the user terminal 300 requests to download the encrypted digital broadcasting A from the service providing device 2 via the network, the service providing device 200 acquires the user terminal 3〇〇. The hardware information is generated, and an authorization file is generated according to the hardware information, wherein the hardware information is embedded in the authorization file, and the authorization file and the digital file are only eight Correspondingly, the service providing device 200 sends the digital broadcast a and its corresponding authorization file to the user terminal 300 in response to the user's application. The user terminal 3 has a digital rights manager (not shown) installed therein. After the service providing device 200 generates the authorization file according to the hardware information, the authorization file is further encrypted by using an encryption algorithm. The digital rights management device stores an authorization file decryption algorithm. In the embodiment, the same The user terminal 300, when the user terminal 300 requests to download a plurality of encrypted digit files on the service providing apparatus 200 through the network, the authorization files corresponding to the plurality of digital files are all encrypted according to the hardware information of the user terminal 300. The algorithm performs S'. The _ secret algorithm corresponds to the encryption algorithm. The digital copyright management H (4) authorized secret algorithm solves (4) the right slot and determines the hardware information in the authorized file to download the user of the digital file. Terminal 3〇(m hardware information is H or two hardware information, the digital rights manager allows the user terminal 300 to obtain the authorization of the digital file eight to utilize the authorized building digital trough A decrypts for use by the user terminal. When the two == information is not true, the digital rights manager rejects the user terminal: obtains the authorization of the digital file A, and the user terminal _ cannot use the digital position. Thus 'even if other users will Digital ID A is copied to other computers by the form number A0101 Page 6 of 13 0992047781-0 201207663 The hardware information in the license file is inconsistent with the hardware information in the computer, so the authorization of the digital file A cannot be obtained. [0013] Please refer to FIG. 2, which is a flowchart of downloading a digital file, including the following steps: [0014] The user terminal 300 requests to download the digital file A on the service providing device 2 through the network (S601). [〇〇15] The service providing apparatus 200 obtains hardware information of the user terminal 300 in response to the request of the user terminal to download the digital file A (S603). [0016] The service providing device 200 generates an encrypted authorization file based on the acquired hardware information, and the hardware information is embedded in the authorization file (S605). [_ User terminal 3GO downloads the digital file A, the service providing device 2_ the digital file A and its corresponding authorized file are transmitted to the user terminal 3〇〇. (S6〇7)° [0018] Referring to FIG. 3, a flow chart for decrypting the digit file A includes the following steps: ❹ [0_ Obtain an optional file corresponding to the digit A (§8〇1). [〇〇2〇] The digital rights manager storing the authorization file decryption algorithm decrypts the authorization file (S803). [0021] The digital rights manager obtains the hardware information in the authorization file (S8〇5). [0022] The digital rights manager determines whether the hardware information in the authorization file matches the hardware information of the user terminal 3 (S807). [0023] If the information is consistent, the digital rights processor allows the user terminal 3 to obtain the authorization of the digital file, and decrypts the digital file with the authorization file for the user terminal 3 to make 099127197 form number A0101 page 7 / total 13 buy 0992047781 -0 201207663 With (S809), the process ends. [0024] If the two pieces of hardware information are inconsistent, the digit file A cannot be decrypted, and the process ends. [0025] The system and method for protecting the above-mentioned digital file, by integrating the hardware information of the user terminal 300 into the authorization file, only the user terminal 300 whose hardware information is consistent with the hardware information in the authorization file can use the corresponding The digital file can prevent illegal copying of the digital file. BRIEF DESCRIPTION OF THE DRAWINGS [0026] FIG. 1 is a schematic diagram of a digital copyright protection system in an embodiment. 2 is a flow chart of downloading a digital file. [0028] FIG. 3 is a flow chart when decrypting a digital file. [Main component symbol description] [0029] Copyright owner: 100 [0030] Service providing device: 200 [0031] User terminal: 300 [0032] Step of downloading a digital file: S601-S607 [0033] Decrypting a digital file Step: S8 (U-S809 099127197 Form No. A0101 Page 8 / Total 13 Page 0992047781-0