DIGITAL RECORDING MEDIUM WITH DIGITAL CONTENTS ENCRYPTED BY UNIQUE SYSTEM INFORMAΗON OF A USER SYSTEM, METHOD OF DISTRIBUTING THEREOF AND SYSTEM FOR MANUFACTURING THEREFOR
TECHNICAL FIELD
The present invention relates to a digital recording medium with encrypted digital contents and a manufacture system thereof. More particularly, the present invention relates to a digital recording medium enabling registered user systems to read through using user system information the digital recording medium in which digital contents- included information is recorded, a distribution method thereof, and a manufacture system therefor.
BACKGROUND ART Offering information is performed online or off-line. In the online cases, a drawback exits in transfer difficulties when an amount of information to be transferred through telecommunications becomes big, together with problems of user authentications or security to information to be distributed. In the off-line cases, information recorded in a recording medium becomes transferred to recipients, the recording medium can be unlimitedly duplicated when considering the characteristics of the digital information, to thereby causing a problem bringing information piracy and devaluation.
In order to prevent pirated duplications, methods have been used which require inputs by using a specific key or a separate code book upon using digital information, but, even in these cases, lots of problems are involved on the side of information security. Further, as a measure against the duplication preventions upon distributing digital information, a method using a hardware technique for preventing a digital information-
recorded recording medium from being duplicated has been proposed, but, in order to use such method, problems such as extra costs required occur.
In particular, government departments such as the Department of Defense, corporations, or the like, which makes tons of efforts on information security, have not a few security problems due to the problems mentioned above in offering or transferring important information internally or from internal to external.
DETAILED DESCRIPTION OF THE PRESENT INVENTION
Accordingly, in order to solve the above problems, it is an object of the present invention to prevent recorded information from being easily leaked by encrypting, storing in a recording medium, and transferring to recipients information in consideration of user system characteristics.
It is another object of the present invention to provide a digital recording medium storing digital contents encrypted by a unique key of a user system which is generated by a unique system information of the user system. It is yet another object of the present invention to provide to users a digital recording medium in which encrypted digital contents are recorded in use of a unique system information of a user system and to provide a method for distributing the digital recording medium, which can retrieve the medium in use of information obtained from a user system.
In order to achieve the above object, a digital recording medium provided according to the present invention stores digital contents encrypted with a unique key of a user system which is generated by a unique system information of the user system.
Further, a digital recording medium according to another embodiment of the present invention includes encrypted digital contents; and an encrypted decryption key
capable of decrypting the encrypted digital contents, wherein the decryption key is encrypted by a unique key of a user(hereinafter, referred to a user unique key) generated from a unique system information indicating characteristics of a system the user uses, the encrypted contents decryption key is decrypted by the user unique key generated from the unique system information of a system by which the digital recording medium is retrieved, and the encrypted digital contents is decrypted by the decryption key.
Furthermore, a method distributing a digital recording medium according to the present invention provides to a user the digital recording medium in which digital contents encrypted by a first user unique key formed by using a unique system information of a user system requesting to provide digital contents are recorded, the digital recording medium provided to the user decrypting the digital contents by determining whether a information based on a unique key of the user system is coincident with information of the user system.
Hereinafter, descriptions are made in more detail on a digital recording medium including encrypted digital contents and a method distributing the same, and a digital recording medium manufacture system using the same, according to the present invention. BRIEF DESCRIPTION OF THE DRAWINGS Fig. 1 is a view for schematically showing an entire system structure by which a digital recording medium including digital contents encrypted by a unique system information of a user system according to an embodiment of the present invention is manufactured;
Fig. 2 is a flow chart for showing a user registration process; Fig. 3 is a block diagram for showing a process for manufacturing a digital recording medium according to an embodiment of the present invention; and
Fig. 4 is a flow chart for explaining the manufacture process of Fig. 3; and Fig. 5 is a block diagram for showing a process for reading and look through information from a manufactured digital recording medium.
EMBODIMENT Fig. 1 is a view for schematically showing an entire system structure by which a digital recording medium including digital contents encrypted by a unique system information of a user system according to an embodiment of the present invention is manufactured.
From the entire system structure shown in Fig. 1, included is an information requester 10 calling for providing information of a certain form through the internet, a web server 20 providing services of diverse forms to the information requester 10 on the web by using the internet, a unique key generator 30 searching a unique system information of a system the information requester 10 uses and generating a unique key enabling a corresponding user system to be specified, a unique key database 40 managing the unique key generated by the unique key generator 30 and data as to user information the information requester 10 provides, an information provider 70 providing information the information requester 10 requests, a digital contents database 60 storing and managing digital contents provided by the information provider 70, and a recording medium manufacturer 50 encrypting digital contents requested from the side of the information requester 10 by means of a unique key and manufacturing a recording medium 80 such as a compact disc, optical disc, and so on to store the encrypted digital contents.
The operations of the system having the above structure are largely divided into a process, as shown in Fig. 2, in which the information requester 10 hooks up to the web server 20, a unique key is generated in use of a unique system information of his own, the
unique key is stored in the unique key database 40, and information is accordingly requested, a process, as shown in Figs. 3 and 4, in which a recording medium storing digital contents according to the request of the information requester 10, and a process, as shown in Fig. 5, in which the information requester 10 retrieves the provided recording medium.
The manufacture of a digital recording medium provided according to the present invention is basically accomplished with a request for information the information requester 10 himself wants. For doing this, a following process must proceed. First, the information requester 10 connects to the web server 20 through the internet or the like(Step S10), and carries out a user registration procedure. The user registration procedure is accomplished by inputting his own information in a general user registration form(Steρ S20).
If the information requester 10 connects to the web server 20, inputs all the user information in the registration form, and does the user registration through a input completion button, an application such as ActiveX and the like is automatically downloaded to extract a user system information required to generate a unique key, and, by using the information, a unique key(unique id; UUID) is generated(Step S30). A description on the unique key generation process is made in more detail as follows.
There are a central processing unit(CPU), RAMs, a hard disc, and other various devices as components constructing a computer system. First, in the central processing unit, there exists a unique ID for every chip over Pentium III version. Further, a manufacturer information(IDE) for a hard disc can be found when searching the physical sector of the master sector of the disc. The manufacturer information includes a manufacturer name, serial number, kind, and so on. It is likely that, in the case of the
serial number, the same number can be used in manufacturer A, manufacturer B, and so on. Further, a network card ID, board card ID, or the like can be used. However, a RAM, a memory being a kind of storage device, does not have a unique ID. Such information indicating unique system characteristics out of the system components is extracted. A unique key is generated based on the system information so extracted. The unique key generation can be attained by using various methods in used of at least one or more of the extracted system information.
The generation, of course, of unique data from the system information as above is automatically accomplished, and the user does not know that a unique key of the system, or a system umque key, is generated. A unique key of the user, or a user unique key, so generated and the user information inputted for the user registration in advance are transferred to the web server 20 (Step S40). The web server 20 stores these information in the database 40 (Step S50). If the transfer of the user unique key and the user information is completed, the information requester 10 can request the information provider to provide necessary information through services offered in the web server 20 by searching digital contents database 60 in which information provided by the information provider 70 is stored(Step S60). The request for information offerings is accomplished through emails or other request forms.
As shown in Fig. 3 and Fig. 4, a process of manufacturing a digital recording medium of the present invention according to the information request by the information requester 10 as above is described step by step as follows.
The 'recording medium' to be mentioned through the above process refers to a medium to be used for recording information. The 'recording medium' referred to in the present invention means a storage device(medium) which can store various kinds of
digital information, which also means a medium readable through a mechanical device such as a computer. This is a concept including all the media of a magnetic medium such as a floppy disc or the like, an optical medium such as a CD-ROM, CD-RW, CD-I, video CD, photo CD, DND or the like, and so on. The present invention will be described with a CD-ROM, for example.
As shown in Fig. 3 and Fig. 4, the information requester 10 requests necessary digital contents through the web server 20(Step S100). The web server 20 transfers the information requested by the information requester 10 to the recording medium manufacturer 50(Step SllO). The recording medium manufacturer 50 requests the user unique key database 40 for such information according to the requested information, the user unique key database 40 keeping the user unique key and user information(Step S120), corresponding data is transferred to the recording medium manufacturer 50(Step S130). Further, the corresponding data is requested to the digital contents database 60 in which information as to digital contents are kept and managed and information searched from the database is transferred to the recording medium manufacturer 50(Step S140). An encrypter 52 of the recording medium manufacturer 50 encrypts the digital contents(Step S150). At this time, a user unique key based on the transferred user information is requested from the user unique key database 40 which sends, and used as an encryption key. That is, a unique key generated by using characteristics information of the system of a user requesting information is used to encrypt contents.
Further, in addition to a method directly encrypting digital contents as a unique key, digital contents are encrypted by a separate encryption method, and a decryption key which can decrypt the encrypted digital contents is encrypted by using the user system characteristics information and the generated unique key. That is, encrypted digital
contents and a decryption key which can decrypt the encrypted digital contents can be bound, encrypted by a unique key, and then provided to a user.
Encrypted contents are transferred to a recording medium mastering part 55(Step S160). For example, in case of using a CD as a recording medium, a CD mastering part performs the mastering of the transferred encrypted contents into a CD. A mastering- completed CD is transferred to a user. At this time, the recording medium mastering part 55 carries out the mastering of a medium by using the encrypted digital contents according to a general method(Step S170). If the manufacture of a recording medium containing the encrypted digital contents as above is completed, the recording medium is transferred to the information requester, as shown in Fig. 5, a process reading and looking through information from the recording medium is performed.
The information requester 10 can retrieve digital contents or read information, recorded in a received recording medium, through a following process from a recording medium reader 100 of a user system. First, the recording medium reader 100 provides a dedicated viewer as a dedicated program which can use digital contents in a user system. Such recording medium reader 100 includes a contents decrypter 110 for decrypting digital contents provided in an encrypted state, the contents reader 130 for reading and retrieving the decrypted digital contents in a format of the contents, and a unique key searcher 120 for searching a unique key(UUID) for system information of a user system. For example, in order to read information from a compact disc(CD), a recording medium in which information is recorded, a CD is firstly inserted in a drive. At this time, a computer reads the CD and, simultaneously, the recording medium reader 100 may automatically operate or be manually operated by a user.
The unique key generator 120 of the recording medium reader 100 in operation
extracts system information from a user system and generates a unique key. If the unique key is generated, the contents decrypter 110 uses the unique key to decrypt digital contents encrypted by the unique key.
Further, in case that digital contents are provided in an encrypted state by a unique key through binding encrypted digital contents and a decryption key which can decrypt the encrypted digital contents, first, the digital contents encrypted by a unique key and the encrypted information including a decryption key are decrypted by using as a decryption key a unique key generated by extracting system information. At this time, if the generated unique key is coincident with a key encrypting the encrypted information, the encrypted information is decrypted, and, if not, the decryption is in failure.
If the encrypted information is decrypted, the encrypted digital contents and the decryption key can be obtained, and retrievable digital contents are obtained by carrying out the decryption in use of the decryption key.
The decrypted digital contents are retrieved in an appropriate form according to a format by the contents reader 130. That is, in case of a text file, it is simply displayed on a screen, and, in case of multimedia data such as music or movies, it is retrieved in a certain format.
At this time, in case that a unique key that encrypted digital contents is not coincident with a unique key obtained by search from a user system, the digital contents are not decrypted, and an error message is outputted notifying that there is no authorization to use corresponding digital contents.
INDUSTRIAL APPLICABILITY
Effect and utility obtainable by a recording medium in which information is safely recorded, a method manufacturing, transferring, and distributing the same, and a system
using the same, of the present invention described above, are as follows.
First, information is encrypted, recorded in a recording medium, transferred to recipients, so information security becomes possible. In particular, encryption is carried out by using a unique key generated from unique system information of an information recipient, and decryption becomes available only in a system in which the unique key is generated, to thereby prevent the information stored in the recording medium from being leaked.
Due to the above characteristics, the present invention enables security-required information such as military-related information, government-related information, corporation-secret information, and the like to be safely distributed, and enables the information to be read only by an authorized user in authenticated reader and system, to thereby enable safe distributions and reading of important information.
So far, a preferred embodiment as to a recording medium in which information is safely recorded, a method and apparatus for transferring and reading the same is disclosed and described, but it will be understood by those skilled in the art that the present invention should not be limited to the described preferred embodiment, but various changes, modifications, substitutes can be made within the spirit and scope of the present invention as defined by the appended claims.