WO2003081499A1 - Procede et dispositif de gestion de licence - Google Patents

Procede et dispositif de gestion de licence Download PDF

Info

Publication number
WO2003081499A1
WO2003081499A1 PCT/JP2003/003160 JP0303160W WO03081499A1 WO 2003081499 A1 WO2003081499 A1 WO 2003081499A1 JP 0303160 W JP0303160 W JP 0303160W WO 03081499 A1 WO03081499 A1 WO 03081499A1
Authority
WO
WIPO (PCT)
Prior art keywords
license
content
home
terminal device
management device
Prior art date
Application number
PCT/JP2003/003160
Other languages
English (en)
Japanese (ja)
Inventor
Harumi Morino
Masataka Okayama
Original Assignee
Hitachi, Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hitachi, Ltd. filed Critical Hitachi, Ltd.
Priority to JP2003579146A priority Critical patent/JPWO2003081499A1/ja
Publication of WO2003081499A1 publication Critical patent/WO2003081499A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/101Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management

Definitions

  • the present invention relates to a technology for protecting the copyright of content using a license.
  • CAS Consumer Access System
  • BS Broadcast Sate 11 ite digital broadcasting
  • the outline of the CAS system in BS (Broadcast Sate 11 ite) digital broadcasting, whose service has been started in Japan, is as follows.
  • the content sending device distributes the work key and the contract information, which are encrypted with the master key shared by the sending device and the receiving terminal, to the receiving terminal, and the receiving terminal that receives it distributes the work key and the contract information.
  • the distributed work key and contract information are retained.
  • This contract information is contract information for each channel or program, and the work key can be said to be charged.
  • Non-Patent Document 1 BS Digital Broadcasting Limited Reception System
  • ARIB STD-B25 1.1 edition, published by The Radio Industry Association of Japan, March 2012 (p. 13 II-ll), hereinafter referred to as Non-Patent Document 1.
  • Patent Document 1 when distributing content using a communication network such as the Internet, it is as follows: The content is encrypted with the content key, and the content and its usage conditions are encapsulated and distributed. When the receiving terminal reproduces the content that has been encapsulated and distributed, the receiving terminal obtains a ticket including the above content key from the ticket server device using cryptographic communication. Then, the content is decrypted by using the content key (see Patent No. 3216667 (Page 911, FIG. 1), hereinafter referred to as Patent Document 1).
  • the user when the content is decrypted with the content key and distributed, and the receiving terminal reproduces the encrypted content, the user owns the content.
  • a license ticket that includes part of the authority to use the content and a license ticket that includes the content key is obtained from the server using cryptographic communication, and is included in the obtained license ticket. Decrypts the above content using the content key to be decrypted (see Japanese Patent Application Laid-Open No. 2002-3248518 (pages 7-8, FIG. 2)). Patent Document 2).
  • the license key is centrally managed in the key storage device, and the license key is stored in the key storage device in response to a content playback instruction from the user. Then, the content is transmitted to the content reproducing apparatus (see Japanese Patent Application Laid-Open No. 2002-51037 (page 8, FIG. 15), hereinafter referred to as Patent Document 3).
  • the copyright is encrypted by using the encrypted content data, a decryption key (content key) for decrypting the data, and its use conditions (hereinafter referred to as license).
  • a content distribution service provided by a method that protects content
  • the license can be used only by the terminal. Absent. Therefore, the other end When playing back the content at the end, obtain another license for the content from the server or obtain the same license as the above license It will be.
  • the license is charged and the license must be re-licensed in order to obtain another license. It is necessary to purchase this, and the user's convenience is lost.
  • the other terminal acquires the same license, all terminals will acquire the same license, so that detailed usage condition management for content can be performed.
  • licenses are managed collectively by a server, and a license ticket containing information indicating a part of content usage conditions is issued in response to a request from a terminal. In this way, efficient management of usage conditions is realized, but if the operator operating the server stops the service, the terminal acquires a license to play back the content. May not be able to do so.
  • Patent Document 2 discloses a method in which a license can be stored in an external medium and attached to another terminal so that the content can be used in another terminal.
  • a license can be stored in an external medium and attached to another terminal so that the content can be used in another terminal.
  • Non-Patent Document 1 when a terminal not only uses content distributed over a communication network such as the Internet but also uses digital broadcasting content, the terminal discloses the above Patent Documents 1 and 2. It is necessary to implement the CAS disclosed in Non-Patent Document 1 in addition to the method to be implemented, which increases the cost of the terminal.
  • the purpose is to provide a license management method that enables licenses to be shared.
  • Another object of the present invention is to use a distributed content between a plurality of terminals connected to a home network in a content distribution service.
  • a license management device that collectively manages licenses, a terminal device that obtains a license for reproducing content from the license management device, and a license management device that collects licenses from the license management device.
  • a license server that sends licenses to the sense management device and the above terminal devices Equipment and equipment.
  • Another object of the present invention is to provide content distributed using other copyright protection methods such as digital broadcast CAS and DVD CSS (Content Scrambling System).
  • digital broadcast CAS and DVD CSS Content Scrambling System
  • An object of the present invention is to provide a license management device that can treat contents and package media contents equally.
  • the present invention relates to a license management apparatus, comprising: A communication means for transmitting and receiving data via a dedicated communication network or a home network, and a license obtained from the above license server is physically and electrically attacked.
  • the function that authenticates the communication partner and encrypts the communication with the other party so that the communication with other than the legitimate device that has been licensed to use the license is securely stored.
  • a license control means having a function to perform the operation.
  • the license control means may execute any license held by the license management device.
  • a new license (home license) is generated with a decryption key (content key) and new usage conditions that do not exceed the usage conditions of the license.
  • the in-home license is transmitted to the terminal device using communication means.
  • the license management device if the license required from the above terminal device does not exist, the license is obtained from the above license server, and the license is obtained. In-house licenses are generated from these and transmitted to the terminal device.
  • the license server includes communication means for transmitting and receiving data via a public network such as an optical line, a CATV network, and a telephone line, or a dedicated communication network, and a user purchasing the license server. License information holding means for holding the obtained license, and licenses stored in the license information holding means in accordance with a request from the license management device. License for sending to the above license management device Issuance means and are provided.
  • the license management device includes a broadcast receiving unit for receiving analog or digital TV broadcast or radio broadcast such as terrestrial broadcast or satellite broadcast, and License generating means for encrypting a broadcast program (content) received by the broadcast receiving means and generating a license from a decryption key for decrypting the content;
  • the license generated by the license generation means is stored by the license control means.
  • the terminal device is transmitted from the license management unit to a communication unit for transmitting and receiving data via the home network to and from the license management unit.
  • a home license processing means for receiving a home license and controlling use of a decryption key included in the home license according to a usage condition included in the home license; and
  • a decryption key is obtained from the in-house license processing means, and a decryption means for decrypting and reproducing the content is provided.
  • the in-home license processing means updates the usage conditions for the amount consumed by the playback means in accordance with the usage conditions included in the in-home license. It was decided.
  • the above-mentioned in-home license processing means may also be used when the usage condition of the in-home license transmitted from the above license management device is not met.
  • the in-house license is transmitted to the license management device, and the in-house license is physically transmitted from the terminal device. It is configured to be deleted at
  • the above-mentioned in-house license processing means may be in a condition which matches the use condition of the in-house license transmitted from the above-mentioned license management device. Transmitting the in-home license to the license management device in response to a user instruction such as stopping content reproduction, and physically deleting the in-house license from the terminal device.
  • a first communication means for connecting to a mobile communication network and a second communication means for making peer-to-peer connection with the terminal device. Acquiring the license from the license server via the first communication means, generating a home license from the license, and transmitting the license via the second communication means. Then, the in-house license is transmitted to the terminal device.
  • FIG. 1 is a diagram showing an example of the configuration of the content distribution system according to the present embodiment.
  • FIG. 2 is a diagram showing an example of a content distribution system configuration of the present embodiment.
  • FIG. 3 is a hardware configuration diagram of the license management device of the present embodiment.
  • FIG. 4 is a hardware configuration diagram of the license control device of the present embodiment.
  • FIG. 5 is a hardware configuration diagram of the terminal device of the present embodiment.
  • FIG. 6 is a flowchart showing the operation procedure of the present embodiment.
  • FIG. 7 is a sequence diagram showing an example of transmitting the in-home license of the present embodiment from the license management device to the terminal device using encrypted communication.
  • FIG. 8 is a diagram showing an example of the structure of the license and the in-house license of the present embodiment.
  • FIG. 9 is a diagram showing an example of the structure of the license and the in-house license of the present embodiment.
  • FIG. 10 is a configuration diagram of the license generation device and the broadcast receiving device of the present embodiment.
  • FIG. 11 is a sequence diagram showing an example of transmitting the content key of the present embodiment from the license processing device to the playback device using symbol communication.
  • FIG. 12 is a diagram showing an example when the license and the in-house license of the present embodiment are restricted.
  • FIG. 13 is a hardware configuration diagram of the playback device of the present embodiment.
  • FIG. 14 is a configuration diagram of the broadcast receiving device of the present embodiment.
  • FIG. 15 is a diagram illustrating an example of the structure of the license and the in-house license of the present embodiment.
  • FIG. 16 is a diagram showing an example of a home license search result display screen of the present embodiment.
  • FIG. 17 is a flowchart illustrating a procedure for searching for a home license according to the present embodiment.
  • FIG. 18 is a functional block diagram of the license server of the present embodiment.
  • FIG. 19 is a flowchart showing a procedure for acquiring a home license according to the present embodiment.
  • FIG. 20 is a diagram illustrating an example of a content reproduction screen according to the present embodiment.
  • FIG. 21 is a flowchart showing a content reproduction procedure according to the present embodiment.
  • FIG. 22 is a sequence diagram showing an example when the license of the present embodiment is transmitted from the license server to the license management device using encrypted communication.
  • FIG. 23 is a flowchart showing a procedure for acquiring a home license according to the present embodiment.
  • FIG. 24 is a flowchart showing a procedure for acquiring a home license according to the present embodiment.
  • FIG. 25 is a diagram illustrating a configuration example of a content distribution system according to another embodiment.
  • FIG. 26 is a hardware configuration diagram of a license management device according to another embodiment.
  • FIG. 27 is a hardware configuration diagram of a terminal device according to another embodiment. BEST MODE FOR CARRYING OUT THE INVENTION
  • FIG. 1 is a diagram showing an example of a system configuration of a content distribution system (copyright management system) to which the license management method of the embodiment is applied.
  • 10 is a license management device
  • 20a, 20b and 20c are terminal devices
  • 31 is a license server
  • 32 is a content distribution server
  • 33 is a porter.
  • Rsabar 40 is a router
  • 50 is a wired or wireless home network
  • 60 is a wired or wireless public or private communication network It is.
  • a home network is taken as an example.
  • the present invention is not limited to the home network, but may be any network to which a terminal device is connected. Applicable to
  • the license server '31, manages licenses for content that is encrypted and distributed to the license management device 10 and the terminal devices 20a to 20c. In response to a request from the license management device 10 It has a function to send a license.
  • the content distribution server 32 has a function of distributing the decrypted content to the license management device 10 or the terminal device 20.
  • the content key of the content distributed from the distribution server 32 is managed by the license server 31.
  • the portal server 33 is configured as a so-called web server, in which a user purchases (a license for) content, and the terminal device 20 displays a list of user-purchased content. It has a function for
  • the router 40 includes a modem function and the like as necessary, and has a function of connecting to the communication network 60 from the license management device 10 or the terminal devices 20a to 20c. . In addition, the router 40 performs an overnight routing so that data can be exchanged between the license management device 10 and the terminal devices 20a to 20c. Function to transmit specific data exchanged by the home network 50 to the communication network 60, a filtering function to control whether or not to transmit the data, and a communication network to the contrary. It also has a filtering function for controlling whether or not to transmit specific data exchanged at 60 to the home network 50.
  • a home network 50 a network using Ethernet, wireless LAN, IEEE 1394, or the like, that is, between devices connected to the home network 50. Data can be exchanged according to a predetermined procedure.
  • the communication network 60 is a network composed of an optical line network, a CATV network, a telephone line network, etc., and is connected between devices (including the router 40) connected to the communication network 60. It is possible to exchange data according to a predetermined procedure.
  • a service center system 30 is composed of at least the license server 31, the content distribution server 32, and the portal server 33.
  • the license server 31, the content distribution server, the server 32, and the portal server 33 are connected to the communication network 60 via a router (not shown).
  • Normal service center system 30 is installed for each business operator that provides content distribution services, and when multiple service center systems 30 are connected to communication network 60 There is also (not shown).
  • the content is encrypted and distributed from the content distribution server 32.
  • the user Access the portal server 33 from the terminal device 20a, 20b, or 20c in advance and purchase a license for the content that you want to use (view).
  • the purchased license is stored in the license server 31 for each purchased user.
  • the license management device 10 does not store the license, the license server 31 is used.
  • the license management device 10 generates an in-house license that can be used by the terminal device 20a, and transmits the generated license to the terminal device 20a.
  • the terminal device 20a decrypts and reproduces the content using a decryption key (content key) included in the transmitted in-home license. As a result, the user can use the contents. Details of the operation will be described later.
  • the license management device 10 can be realized as, for example, a home server, and can be connected to a home gateway (residence gateway) including the functions of the server 40. It can also be realized.
  • Figure 2 shows a system configuration diagram when the system is implemented as a home gateway.
  • FIG. 3 is a hardware configuration diagram of a license management device 10 to which the present embodiment is applied.
  • the license management device 10 includes a CPU 11, a main memory 12, a communication control device 13, a storage device 14, and a license control device. It comprises a device 15, a license generation device 16, a broadcast receiving device 17, and an input device 19.
  • the components of the license management device 10 are connected by a bus 18 so that necessary information can be transmitted between the components.
  • the CPU 11 performs a predetermined operation according to a program stored in the main memory 12 or the storage device 14 in advance.
  • the main memory 12 functions as a work area and is a means for storing necessary programs.
  • RAM is used for the former, and ROM is used for the latter. Etc.
  • the communication control device 13 communicates information (data) with devices connected to the home network 50 or the communication network 60 via the home network 50 or the communication network 60.
  • Means for transmitting and receiving for example, a modem, a network adapter, a wireless transmitting / receiving device, and the like.
  • the storage device 14 stores a program for controlling the operation of the license management device 10, and stores the program via the home network 50 and the communication network 60. This is a means for accumulating the content distributed and the content received by the broadcast receiver 17, for example, by using a hard disk (HDD), an optical disk, or the like. realizable.
  • HDD hard disk
  • the license control device 15 stores the license safely in response to a physical or electrical attack, and responds to the content reproduction request from the terminal device, and the license control device 15 executes the license control. Generates an in-house license that can be used, and transmits the in-house license only when communicating with a legitimate device that has been qualified to use the in-house license. This is a means for authenticating the communication partner and encrypting and transmitting data such as in-house licenses. To strengthen security, it is resistant to external attacks.
  • the license generating device 16 encrypts the broadcast program (content) received by the broadcast receiving device 17 and stores it in the storage device 14, and obtains the decryption key and the decryption key of the content. This is a means for generating a license from the usage conditions specified in advance.
  • the generated license is sent to and stored in the license controller 15 according to the procedure described later. If the content received by the broadcast receiving device 17 is scrambled such as CAS, the license is generated after the scramble is canceled.
  • the broadcast receiving device 17 is a means for receiving an analog or digital satellite broadcast, an analog or digital terrestrial broadcast, or an analog or digital CATV broadcast.
  • Analog satellite broadcasting is analog BS broadcasting already implemented in Japan
  • digital satellite broadcasting is digital CS broadcasting and digital broadcasting already implemented in Japan.
  • analog terrestrial TV broadcasting such as NTSC, PAL and SECAM, which has already been implemented around the world, and CATV broadcasting using dedicated cables
  • As digital terrestrial broadcasting there is ATSC digital terrestrial broadcasting that is already being implemented in the United States.
  • the broadcast receiving device 15 is a receiving device for analog terrestrial broadcasting. I will explain.
  • the present invention is not limited to analog terrestrial broadcasting, and the broadcasting receiver 17 may be configured to receive a plurality of broadcasting formats. No.
  • the input device 19 is required by the user for the license management device 10. It is a means for inputting necessary commands and information.For example, it can be realized by a remote control used in a TV receiver, a keyboard, a mouse, etc. used in a PC. .
  • the broadcast receiving device 17 and the license generation device 16 may be removed from the configuration in FIG. I'm sorry.
  • the license control device 15 can be realized by software or an eighteenth door.
  • the software program that performs the function realized by the license control device 15 is a main memory 12. Alternatively, it is stored in the storage device 14 and executed by the CPU 11.
  • the license is encrypted using, for example, a unique ID (device ID) pre-installed on the license management device 10 and the storage device 14. Stored in
  • the license control device 15 When the license control device 15 is realized by an eighty-one door, for example, it can be realized as one LSI or an aggregate of a plurality of LSIs.
  • Fig. 4 shows a configuration example of the LSI.
  • the CPU 71 controls each part of the license control device 15 in an integrated manner. Further, the CPU 71 has an authentication function and a decryption function according to a program stored in the memory 72.
  • U 72 is composed of R ⁇ R and R A.
  • the ROM includes a program for the CPU 71 to control each part of the license control device 15 in an integrated manner, and a program for realizing the pi * ai, function and the decryption function. Is stored.
  • the RAM functions as a unique query of CPU 71.
  • a license is stored in the non-volatile memory 73.
  • the I / I circuit 74 is an interface through which each part in the license control device 15 performs evening communication with an external device via the bus 18.
  • the license control device 15 is realized by an IC card mounted with the LSI shown in FIG. 4 or a memory card which can be attached to and detached from the license management device 10. This is also possible.
  • FIG. 10 is a diagram showing a configuration example of the license generation device 16 and the broadcast reception device 17.
  • the broadcast receiving device 17 includes a 10 circuit 96, a resolution conversion / compression unit 97, an AZD conversion unit 98, and a tuner unit 99.
  • the tuner section 99 demodulates analog TV broadcast (video and audio) data that has been modulated.
  • the A / D conversion section 98 digitizes the analog data demodulated by the tuner section 99.
  • the resolution conversion / compression unit 97 changes the resolution of the data digitized by the AZD conversion unit 98 to a predetermined size: Compress with a predetermined compression format.
  • the IO circuit 96 communicates with the external device via the bus 18 via the data compressed by the resolution conversion compression section 97, the resolution conversion compression section 97, the AZD conversion section 98, and the tuner. It is an interface for communicating control data of section 99.
  • the tuner section 9 9 ′ demodulates the modulated digital TV broadcast (video and audio) data.
  • the descrambling unit 90 cancels the scrambling when the data received by the tuner unit 99 'is scrambled such as CAS.
  • the I / O circuit 96 ′ is connected to an external device via the bus 18 to output data of the descrambling section 90, the descrambling section 90 and the tuner section 9 ′. Interface for communication of control data
  • the license generation device 16 includes an IZO circuit 91, a license generation unit 92, a content key generation unit 93, and an encryption circuit 94.
  • the encryption circuit 94 encrypts data using the key generated by the content key generation unit 93.
  • the content key generation unit 93 generates a content key used in the encryption circuit 94.
  • the license generation unit 92 includes an IZ ⁇ circuit 91 that generates a license from the content key generated by the content key generation unit 93 and usage conditions determined in advance. Is used to communicate the license generated by the license generation unit 92 and the data decrypted by the encryption circuit 94 to and from an external device via the bus 18. It is an interface.
  • the I / O circuit 91, the license generation unit 92, the content key generation unit 93, and the encryption circuit 94 include, for example, one LSI or a set of multiple LSIs. It can also be realized as a body.
  • the data (content) received by the broadcast receiving device 17 is sent to the license generation device 16 via the node 18, but the node 1 receives the data.
  • the license generation device 16 and the broadcast reception device 17 are directly connected with the connection line 95, and the connection line 95 is connected. Content can also be sent to the license generator via In this case, there is no need to pass unencrypted content to the bus 18, thereby improving the security of the content.
  • the license generation device 16 and the broadcast receiving device 17 may be realized as one device.
  • FIG. 5 is a hardware configuration diagram of the terminal device 20 to which the embodiment is applied.
  • the terminal device 20 includes a CPU 21, a main memory 22, a communication control device 23, a storage device 24, and a home license processing device 25. , A playback device 26, a display device 27, and an input device 28.
  • the components of the terminal device 20 are connected by a bus 29 so that required information can be transmitted between the components.
  • the CPU 21 performs a predetermined operation in accordance with a program stored in the main memory 22 or the storage device 24 in advance.
  • the main memory 22 functions as a work area and is a means for storing necessary programs, such as RAM for the former and RAM for the latter. This can be realized by ROM or the like.
  • the communication control device 23 is means for transmitting / receiving information (data) to / from a device connected to the home network 50 via the home network 50 as well. This is realized by a modem, a network adapter, a wireless transmission / reception device, and the like.
  • the storage device 24 stores a program for controlling the operation of the terminal device 20, and stores content distributed via the home network 50 and the communication network 60.
  • This is a means for accumulating contents, and can be realized by, for example, a hard disk (HDD), an optical disk, or the like.
  • the in-home license processing device 25 receives the in-house license transmitted from the license management device 10 and manages the in-home license according to the usage conditions included in the in-home license.
  • the content key included in the home license is transmitted to the playback device 26. For example, if the usage condition included in a certain home license is “can be played three times”, the playback device 26 responds using the content key included in the home license. If the content to be reproduced is reproduced three times, or if the in-home license processing device 25 transmits the content key to the reproducing device 26 three times, the in-home license is The in-home license processing device 25 sends the in-home license to the license management device 10 and recognizes the in-home license as an in-home license. Physically erased from license processor 25. Also, if necessary, keep in-house licenses secure against physical and electrical attacks.
  • the playback device 26 receives the content key for decrypting the encrypted content included in the home license from the home license processing device 25 and stores the content key in the storage device.
  • the encrypted content stored in the device 24 is decrypted, and if the decrypted content is compressed, it is decoded (decompressed) and decoded.
  • the transmitted content is transmitted to the display device 27.
  • the content that the playback device 26 decodes and decodes is not only the content stored in the storage device 24 but also the content of the license management device 10.
  • the content stored in the storage device 14 may be received via the home network 50 or transmitted from another device connected to the communication network 60.
  • the content to be provided may be received via the home network 50 and the communication network 60.
  • the display device 27 is a means for displaying the content decoded by the playback device 26 and information for responding to the user's operation.
  • the display device 27 includes a brown tube, a CRT, and a liquid crystal display. It can be realized by play, PDP, projector, speaker, headphone, etc.
  • the input device 28 is a means for a user to input necessary commands and information to the terminal device 20.
  • the input device 28 is used for a remote control used in a TV receiver or used in a PC. This can be achieved by using a keyboard, mouse, or the like.
  • the device can be removed from the configuration in Fig. 5. You.
  • the in-house license processing device 25 can be realized by software or hardware.
  • the software program that performs the function realized by the in-home license processing device 25 is: It is stored in the main memory 22 or the storage device 24, and is executed by the CPU 21.
  • the license is, for example, pre-installed on the terminal device 20. It is encrypted using the unique ID (device ID) and the like stored in the storage device 24.
  • the in-home license processing device 25 When the in-home license processing device 25 is realized by hardware, for example, it can be realized as one LSI or an aggregate of a plurality of LSIs.
  • the LSI can be realized by the configuration shown in FIG.
  • the in-home license processing device 25 can be realized by an IC card mounted with the LSI shown in FIG. 4 or a memory card that can be attached to and detached from the terminal device 20. It is possible.
  • the playback device 26 can also be realized by software or hardware.
  • the software program that performs the functions implemented by the playback device 26 is stored in the main memory 22 or the software. It is stored in the storage device 24 and executed by the CPU 21.
  • the playback device 26 When the playback device 26 is realized by hardware, for example, it can be realized as one LSI or an aggregate of a plurality of LSIs.
  • Fig. 13 shows a configuration example of the LSI.
  • the CPU 81 controls the components in the playback device 26 in a comprehensive manner.
  • the CPU 81 has an authentication function and a decryption function according to a program stored in the memory 82.
  • the memory 82 is composed of ROM and RAM.
  • the ROM stores a program for the CPU 81 to control each part of the playback device 26 as a whole, and a program for realizing an authentication function and a decryption function.
  • the RAM functions as a work area of CPU81.
  • the non-volatile memory 83 stores a content key.
  • the I / O circuit 84 is an interface through which each unit in the playback device 26 performs data communication with an external device via the bus 29.
  • the decryption unit 85 uses the content key stored in the non-volatile memory 83 or the content key obtained from the home license processing device 25, This is a means for decrypting the encrypted content received via the I / O circuit 84.
  • the decoding unit 86 is a means for decoding the content decrypted by the decoding unit 85 if the content is compressed.
  • the license management device 10 shown in FIG. 3 may include a home license processing device 25, a playback device 26, and a display device 27 constituting the terminal device 20. No. In this case, the license management device 10 also has a function as a terminal device.
  • the license server 31 shown in FIG. 1 or FIG. 2 can be constructed by a general PC.
  • Figure 18 shows a functional block diagram of the license server 31.
  • the license server 31 includes a communication control unit 201 as a software module executed by a CPU included in the license server 31. It comprises an authentication unit 202, a license issuing unit 203, and an API unit 204. Further, the license server 31 stores the authentication information 205 and the license information 206 in a storage device such as a hard disk.
  • the authentication unit 202 In the communication control unit 201, the authentication unit 202, the license issuing unit 203, and the API unit 204 communicate with other devices (such as the license management device 10 and the portal server 33). It has the function of generating and interpreting communication protocols and messages as much as possible.
  • the authentication unit 202 has a function of performing user authentication or device authentication using the authentication information 205 in communication with the license management apparatus 10. Further, as disclosed in FIG. 3 of Patent Document 2, by associating a user ID with a device ID, a user ID is derived from the device ID by device authentication. You can do that too.
  • the license issuing unit 203 matches the request from the license management device 10 out of the license information 206 and is authenticated. It has a function of transmitting to the license management device 10 the license purchased by the user who has been authenticated in the section 202 or the usage conditions contained in the license.
  • the API section 204 provides an API for updating the contents of the authentication information 205 and the license information 206 from outside the license server 31. For example, processing such as adding, deleting, updating, and searching for user information for authentication information 205 and adding, deleting, updating, and searching for a user purchase license for license information 206 is performed. Implement the API to be realized.
  • the authentication information 205 stores, for each user, a user ID, user information such as a name and an address, a device ID associated with the user ID, and the like.
  • the license information 206 stores the license purchased by each user for each user.
  • Figure 15 shows an example of the structure of a license and a home license.
  • the license 100 shown in Fig. 15 (a) is a content ID that holds information (content ID of the content) indicating which content the license corresponds to. 101, a content key 102 for holding a decryption key of the encrypted content specified by the content ID held by the content ID 101, and a content ID 1 It consists of usage conditions 105 that hold the usage conditions of the encoded content specified by the content ID held by 01. Further, the usage condition 105 includes an area 106 for holding the viewing expiration date indicating the time limit for viewing the content, and an area for holding the number of viewing times indicating the number of times the content can be viewed. It consists of 107 and an area 108 that holds the maximum number of in-house licenses that can be generated simultaneously from the license (the maximum number of simultaneous licenses).
  • the in-home license 110 shown in FIG. 15 (b) is a content that holds information (content ID of the content) indicating to which content the in-home license corresponds.
  • the usage condition 1 15 holds an area 1 16 for holding the viewing period indicating the period for viewing the content, and a viewing count indicating the number of times the viewer can view the content.
  • an area 118 that holds the maximum number of in-house licenses (maximum number of simultaneous issuances) that can be generated simultaneously from the license.
  • the terms of use of the license and the in-home license shown in Fig. 15 are, for example, the viewing expiration date, the number of times of viewing, and the maximum number of simultaneous issuances. For example, if you set the viewing expiration date, The time may be divided into time and viewing end date, or the total viewing time may be used. In addition, there may be no use conditions for the number of times of viewing, and no use conditions for the viewing expiration date and the maximum number of simultaneous publications.
  • the license 100 existing on the license management device 10 is stored in a nonvolatile memory 73 of the license control device 15 or is stored in a non-volatile memory. It is stored encrypted in the storage device 14 and managed so that it cannot be accessed from outside.
  • the home license 110 existing on the ifi terminal device 20 is stored in the non-volatile memory 73 of the home license processing device 25, or may be stored in the non-volatile memory 73. It is encrypted and stored in the storage device 24 and managed so that it cannot be accessed from outside.
  • FIG. 6 is a flowchart showing the procedure in the terminal device 20 when viewing the content purchased by the user.
  • the user selects the content (encrypted) desired by the user (step S100).
  • the terminal device 20 is connected to the storage device 24 and the storage device 14 of the license management device 10.
  • a list of stored 3 contents or a list of contents provided by the portal server 33 is displayed on the display device 27.
  • Each content stored in the storage devices 14 and 24 and each content provided by the port server 33 include a content ID and a content for identifying the content.
  • Information indicating the titles and contents of the contents (meta-settings) is attached, and the terminal device 20 is connected to each content.
  • the user can use the input device 28 to select and indicate the content to be viewed.
  • the content specified by the user can be specified by the content ID of the content.
  • the display device 27 displays Figure 16 shows an example of the displayed screen.
  • the content title 301 the content of the content (such as a bite digest) 302, and the content Terms and conditions included in the license Information 304 as to whether or not you purchased a license is displayed.
  • the title 301 and the content 302 information included in the metadata of the content is displayed.
  • the usage conditions 303 and the purchase information 304 are displayed based on the result of the terminal device 20 communicating with the license management device 10.
  • the user selects the content to be viewed using the input device 28 (for example, the information of the selected content is displayed in reverse video).
  • the reproduction of the content is started by instructing the button 305.
  • the cancel button 306 is instructed, the content is not played back and returns to the initial state.
  • Figure 17 shows the processing flowchart for acquiring the information (usage conditions and purchase information) for displaying the screen shown in Fig. 16.
  • the terminal device 20 acquires the content ID included in the meta data (step S101), and the home license for the content indicated by the content ID is changed to the terminal device 20.
  • a search is made as to whether or not it exists (step S102). In other words, the value indicated by the content ID 111 of the in-house license managed by the in-house license processing device '25 5 is compared with the content ID, and the matched in-house license is matched. If there is a sense, it means that it exists.
  • the usage conditions are extracted from the in-house license (step S103).
  • the license management device 10 is sent to the license management device 10 via the home network 50. Sends information to instruct license search.
  • the information transmitted to the license management apparatus 10 includes, in addition to the content ID, a user ID (or a user ID and password) required for user authentication. This includes authentication data such as information (device ID) unique to the terminal device 20 required for device authentication and the URL of the license server included in the metadata of the content as necessary. And can be.
  • the address of the license management device 10 required for the terminal device 20 to transmit information can be derived, for example, as follows. If the home network 50 is configured as an IP (Internet Protocol 1) network, the terminal device 20 is connected to a device connected to the home network 50. On the other hand, a broadcast message for finding the license management device 10 Send Upon receiving this, the license management device 10 returns a response to the terminal device 20 of the transmission source, so that the terminal device 20 knows the IP address of the license management device 10. Can be done. Further, the address of the license management device 10 may be held in the terminal device 20 in advance.
  • IP Internet Protocol 1
  • the license control device 15 performs an authentication process using the information transmitted from the terminal device 20 (step S104). If the authentication data transmitted from the terminal device 20 is the user ID, the user authentication is performed, and if the authentication data is the device ID, the device authentication is performed.
  • the authentication processing includes information previously stored in the nonvolatile memory 73 of the storage device 14 or the license control device 15 and the terminal device. This is done by comparing the authentication data transmitted from 20 with the authentication data.
  • the user ID or device ID transmitted from the terminal device 20 is stored in the nonvolatile memory 73 of the storage device 14 or the license control device 15. If so, the user ID or device ID transmitted from the terminal device 20 or the storage device 14 or the license control device 15 is transmitted. If the exclusion user ID list or the exclusion device ID list stored in the non-volatile memory 73 in the above does not exist, the authentication has succeeded.
  • the excluded user ID list is a list of user IDs of users whose services have been suspended, and the excluded device list is a communication partner. This is a list of device IDs held by inappropriate devices.
  • the license control device 15 transmits a license to the content indicated by the content ID included in the information transmitted from the terminal device 20. It is searched whether the license exists in the license controller 15 (step S105). That is, the value indicated by the content ID 101 of all licenses managed by the license controller 15 is compared with the content ID, and if there is a matched license. If they exist.
  • the usage conditions are extracted from the license (step S106).
  • the license server transmitted from the terminal device 20.
  • the license server 31 having the address described in the URL is licensed via the communication network 60 to the license server 31. Sends information to instruct a search for a connection.
  • the information transmitted to the license server 31 includes, in addition to the content ID described above, a user ID (or a user ID and a pass. Mode) required for user authentication.
  • the authentication data such as information (device ID) unique to the license management device 10 required for device authentication and the device ID of the terminal device 20 can be included as necessary.
  • the authentication unit 202 performs an authentication process using the information transmitted from the license management device 10 (step S 107).
  • Authentication data sent from the license management device 10 If the evening is a user ID, user authentication is performed; if it is a device ID, device authentication is performed.
  • the authentication processing is performed by comparing information previously held by the license server 31 with authentication data transmitted from the license management apparatus 10. Done. That is, if the user ID or device ID transmitted from the license management device 10 is held by the license server 31, or if the license is If the user ID or device ID transmitted from the management device 15 is not in the excluded user ID list or excluded device ID list held by the license server 31, authentication is successful. It is done. Also, in the case of only device authentication, the user ID can be derived from the device ID as described above.
  • step S107 the license for the content indicated by the content ID included in the information transmitted from the license management device 10 is obtained.
  • the license issuance unit 203 is stored in the license information 206 of the license server 31 and determines whether the license is present in the purchase license of the user indicated by the user ID. Search (step S108). In other words, of the licenses held in the license information 206, the value indicated by the content ID 101 of all licenses purchased by the user indicated by the user ID above Is compared with the content ID, and if there is a matched license, it is determined that the license exists.
  • the license issuing unit 203 extracts the use conditions from the license (step S109), and The use condition is transmitted to the license management device 10 that is the request source (step S110). At this time, if the authentication fails in step S107, the processing in steps S108 and S108 is not performed and the authentication fails. Send information to the effect. In addition, If a matching license does not exist in step S108, information to that effect is transmitted.
  • the license management device 10 checks the use conditions obtained in step S105 or the information transmitted from the license server 31 (use of the licenses). A condition or authentication failure information or information that a license does not exist) is transmitted to the requesting terminal device 20 (step S111). At this time, if the authentication fails in step S104, the processing in steps S105 and S106 is not performed and the authentication fails. Information to the effect. Then, the terminal device 20 generates data to be displayed on the display device 27 based on the information of the content indicated by the content ID (step S112). Here, when there is no license for the content indicated by the above content ID (the information transmitted from the license management device 10 indicates that the license does not exist).
  • the information transmitted from the license management device 10 is information indicating that the authentication has failed, the information is displayed on the display screen 27 and the processing is stopped.
  • step S 101 to step S 112 is stored in the storage device 24 of the storage device 24 and the license management device 10. (Step S113), and finally, a screen as shown in FIG. 16 is displayed on the display device 27 (Step S114). End the processing.
  • step S110 the use condition extracted from the license is transmitted, but the license itself may be transmitted.
  • the license management device 10 stores the received license in the non-volatile memory 73 of the license control device 15 or stores it in the storage device 14. Store it encrypted.
  • step S111 the use condition is extracted from the license, and the use condition is transmitted to the terminal device 20.
  • FIG. 6 next, when the user selects the content desired to be viewed from the screen shown in FIG. 16, a home license for the content is acquired (step S200).
  • Figure 19 shows a processing flowchart for acquiring a home license.
  • the terminal device 20 transmits the metadata of the content selected by the user. — Acquire the content ID included in the evening (step S201), and check whether the terminal device 20 has a home license for the content indicated by the content ID. Search for an option (step S202). In other words, the value designated by the content ID 111 of the in-house license managed by the in-house license processing device 25 is compared with the content ID, and the matched in-house license is compared. If there is a sense, it means that it exists.
  • the license management device 10 is sent to the license management device 10 via the home network 50. Sends information to instruct the customer to obtain a home license.
  • the information transmitted to the license management device 10 includes, in addition to the content ID described above, the required usage conditions, a user ID required for user authentication (or a user ID required for user authentication).
  • Authentication data such as information unique to the terminal device (device ID) necessary for device authentication (device ID) and the URL of the license server included in the metadata of the content are required as necessary.
  • the required usage conditions are the values set in the usage conditions 15 5 (viewing period 1556, number of views 1557, etc.) included in the in-home license to be acquired.
  • the required use condition can be specified by the user using the input device 28 each time, or can be determined in advance.
  • the license control device 15 performs an authentication process using the information transmitted from the terminal device 20 (step S203). If the authentication data transmitted from the terminal device 20 is a user ID, user authentication is performed, and if the authentication data is a device ID, device authentication is performed.
  • the authentication processing means the information previously stored in the non-volatile memory 73 of the storage device 14 or the license control device 15 and the terminal. This is performed by comparing the authentication data transmitted from the device 20 with the authentication data. That is, the user ID or device ID transmitted from the terminal device 20 is stored in the nonvolatile memory 73 of the storage device 14 or the license control device 15.
  • the user ID or device ID transmitted from the terminal device 20 or the storage device 14 or the license is transmitted. If the exclusion user ID list stored in the non-volatile memory 73 of the controller 15 or the exclusion unit ID list does not exist, the authentication is performed. The testimony is successful.
  • the license control device 15 checks the content indicated by the content ID included in the information transmitted from the terminal device 20. It is searched whether or not the license exists in the license control device 15 (step S204). In other words, the value indicated by the content ID 101 of all licenses managed by the license controller 15 is compared with the content ID, and the license that matches If there is, it means that it exists.
  • the license for the content indicated by the above content ID does not exist in the license management device 10, it is described in the URL of the license server transmitted from the terminal device 20. It sends information to the license server 31 having an address to instruct the license acquisition via the communication network 60. At this time, the information sent to the license server 31 includes, in addition to the above-mentioned content ID, a user ID (or user ID and password) required for user authentication and device authentication. Authentication data such as necessary information (device ID) unique to the license management device 10 and the device ID of the terminal device 20 can be included as necessary.
  • the authentication unit 202 performs an authentication process using information transmitted from the license management device 10 (step S 205). If the authentication data transmitted from the license management device 10 is the user ID, the user authentication is performed, and if the authentication ID is the device ID, the device authentication is performed.
  • the authentication processing is to compare the information held by the license server 31 in advance with the authentication data transmitted from the license management device 10. It is performed by. In other words, if the user ID or device ID transmitted from the license management device 10 is held by the license server 31, or if the license management If the user ID or device ID transmitted from the device 15 is not in the excluded user ID list or the excluded device ID list held by the license server 31, authentication is successful. That's it. Also, in the case of only device authentication, the user ID can be derived from the device ID as described above.
  • step S205 the license for the content indicated by the content ID included in the information transmitted from the license management device 10 is displayed.
  • the license is held in the license information 206 of the license server 31 and is indicated by the above user ID.
  • the license issuing unit 203 searches whether or not the license exists in the user's purchase license (step S206). In other words, of the licenses stored in the license information 206, the value indicated by the content ID 101 of all licenses purchased by the user indicated by the user ID above Is compared with the content ID. If there is a matched license, it is determined that the license exists.
  • the license issuing unit 203 sends the license to the license management apparatus 10 that has issued the request (step Step S207). At this time, the transmitted license is deleted from the license information 206. Also, if the authentication fails in step S205, the processing in step S206 is not performed, and information indicating that the authentication has failed is transmitted. If there is no matching license in step S206, information to that effect is transmitted.
  • the license management device 10 uses the license control device 15 to execute the license. Is stored in the nonvolatile memory 73 (step S208).
  • the in-house license that meets the above-mentioned required use conditions is obtained from the license stored in step S208.
  • An in-house license is generated (step S209), and the in-home license is transmitted to the terminal device 20 that has issued the request (step S210).
  • the authentication fails in step S203, the processing in steps S2-4 and S208 is not performed and the authentication fails. Submit information.
  • the information is transmitted.
  • step S210 If the information transmitted in step S210 is a home license, the terminal device 20 stores the non-volatile memory 73 in the home license processing device 25. (Step S211), and the processing ends.
  • the license when the user views the content for the first time after purchasing the license, the license is transmitted from the license server 31 to the license management device 10 and is transmitted to the home license. Issue an Sense. After that (for the second time or later), simply issue a home license from the license management device 10, and licenses are centralized by the license management device 10. It becomes possible to manage it. Also, usually The service center system 30 is set up for each service provider that provides content distribution services, and a plurality of service center systems 30 (license servers, '31) are installed on the communication network 60. May be connected. In this case, licenses purchased from a plurality of license servers can be collectively managed by the license management device 10, so that license management is facilitated.
  • the license is transmitted to the license management device 10 when the content is first viewed, but the license management device 10 immediately transmits the license to the license management device 10 after purchasing the license. You may send a license.
  • step S209 a home license is generated from the license. Next, generation of the home license will be described with reference to FIGS.
  • (a) is the license when the user purchases
  • (b) is the license after the in-home license shown in (c)
  • (c) is the license shown in (a). This shows an example of each of the in-house licenses generated from these.
  • the license 100 shown in Fig. 8 (a) is the usage condition 105, the viewing expiration date 106 is 'unlimited', the viewing count 107 is 'unlimited', and the maximum number of simultaneous issuances 1 0 8 is an example of '2'.
  • step S209 in FIG. 19 a method of generating a home license 110 from the license 100 shown in FIG. 8A will be described using an example.
  • the in-house license is generated by the license control device 15 of the license management device 10. As a request use condition transmitted from the terminal device 20, if the viewing expiration date is set to 12:00 on January 4, 2001, and the number of viewing times is 3 times, the license is 10.
  • 0 means that the viewing expiration date 106 is 'unlimited', the viewing count 1 107 is 'unlimited', and the maximum number of simultaneous issuances is '2'.
  • the home license 1 110 shown in Fig. 8 (c) is generated.
  • the maximum number of simultaneous issuances 1 18 is '0', and it is not possible to generate another in-house license from this in-house license 110. No. By setting the maximum number of concurrently issued home licenses to '0' in this way, it is possible to prevent the in-home license from being generated indefinitely.
  • the license 100 becomes as shown in Fig. 8 (b), and the viewing expiration date 106 of the usage conditions 105 and the viewing expiration date are displayed. 1107 does not change, but the maximum number of simultaneous issuances 1108 changes from "2" to "1". This is a license from the license This means that a license can be generated, which means that the in-home license can be generated for the value held by the maximum number of simultaneous issuances 108, and that multiple terminal devices can be generated. Can be used to view the same content.
  • the viewing expiration date is requested as a request use condition from the terminal device 20.However, if the license control device 15 exceeds the reproduction time of the content, for example, If the time required to play the content from the beginning to the end is two hours, the license control unit 15 sets the time two hours after the current time to the home license 110 The viewing expiration date can be set to 1 16.
  • the license 100 shown in Fig. 9 (a) is a license that operates only the number of viewings 107 as the usage condition 105.
  • (a) is the license at the time of purchase by the user
  • (b) is the license after the in-home license shown in (c)
  • (c) is the license shown in (a). This is an example of a home license generated from a license.
  • the license 100 0 shown in FIG. 9 (a) is an example in which the use condition 105 is set and the number of views 1 107 is set to “10”.
  • step S209 in FIG. 19 the method for generating the in-house license 110 from the license 100 shown in FIG. 9 (a) will be described using an example. explain. If the number of viewings is set to '8' as a request use condition transmitted from the terminal device 20, the number of viewings of the license 100 does not exceed '10' held by the number of viewings 107 of the license 100. Then, a home license 110 as shown in FIG. 9 (c) is generated. After the home license 110 is generated, the license 100 becomes as shown in Fig.
  • the required usage condition is the number of views '20'
  • the number of views of the license 100 exceeds the value of '10' held by the number of views 107, it is not possible to generate a home license 110 of the number of views of '20'.
  • a home license 110 with a viewing count of '10' is generated or a home license cannot be generated. This is called an error.
  • the content is reproduced using the acquired in-house license (step S300).
  • the in-house license processing unit 25 holds the necessary in-house license.
  • the terminal device 20 displays a screen as shown in FIG. 20 on the display device 27.
  • Reference numeral 410 denotes a content display screen on which the reproduced content is displayed.
  • Reference numeral 402 denotes a content reproduction start button, and reference numeral 4003 denotes a content reproduction end button.
  • Figure 21 shows a processing flowchart for playing back content.
  • the user gives an instruction for content reproduction (step S301).
  • the content reproduction start button 402 in FIG. 20 is designated by the input device 28.
  • the playback device 26 obtains the content ID of the content selected in step S200 (step S302), and the home.
  • Information is transmitted to the license processing device 25 via the bus 29 to instruct the content indicated by the content ID to acquire the content included in the in-home license for the content indicated by the content ID.
  • the information transmitted to the in-home license processing device 25 includes, in addition to the content ID, information unique to the playback device 26 (device ID) required for device authentication. Authentication data can be included as needed.
  • the in-home license processing device 25 performs a device authentication process using the information transmitted from the playback device 26 (step S303).
  • the device authentication processing is information stored in advance in the non-volatile memory 73 of the storage device 24 or the in-home license processing device 25. This is performed by comparing authentication data transmitted from the playback device 26 with the authentication data. That is, the device ID transmitted from the playback device 26 is stored in the non-volatile memory 73 of the storage device 24 or the home license processing device 25. If it is, the device ID transmitted from the playback device 26 or the non-volatile memory in the storage device 24 or the home license processing device 25 is used. If it is not in the excluded device ID list stored in 73, it means that the authentication was successful.
  • step S303 the condition for the ij included in the in-home license for the content indicated by the content ID is checked, and the in-house license is checked. It is determined whether or not is available (step S304). For example, if the in-house license is the in-house license 110 shown in Fig. 8 (c), the current time is from 12:00 on February 4, 2001 Previously, the content could be viewed up to three times, so the in-house license is judged to be usable.
  • Step S305 the processing ends.
  • step S304 If it is determined in step S304 that the in-house license is available, the content held in the content key 112 from the in-house license is determined. The key is extracted and transmitted to the playback device 26 (step S305).
  • the reproducing device 26 sets the content key transmitted from the in-home license processing device 25 in the decrypting portion 85 (step S307), and Start playback (step S308).
  • the encrypted content is decrypted by the decryption unit 85 and reproduced by the decryption unit 86. It is displayed on the content playback screen indicated by 0.
  • the encrypted content is transferred from the storage device 24 of the terminal device 20 to the playback device 26 via the node 29.
  • the decoded content may be stored on a portable medium such as a DVD.
  • the terminal device 20 is provided with a portable medium reading device. Then, the data is transferred from the reading device to the reproducing device 26 via the bus 29.
  • the encrypted content is stored in the storage device 14 of the content distribution device, the license management device 10 or the license management device 10.
  • the data is transferred to the playback device 26 via the communication network 60 and the home network 50, the communication control device 23, and the bus 29.
  • the encrypted content is temporarily buffered in the main memory 22 or the storage device 24. In some cases, this is done.
  • the user designates the content playback end button shown in FIG. 20 with the input device 28, the content playback is terminated, and information indicating that the content playback has been completed is transmitted to the home.
  • the license is sent to the license processing device 25 (step S309).
  • the in-home license processing device 25 updates the use condition of the in-home license having the content key transmitted to the playback device 26 (step S310). For example, if the in-house license is the in-house license 110 shown in Fig. 8 (c), since the reproduction has been completed once, the value held by the number of views 1 17 It is reduced to '2' (updated) and stored in the non-volatile memory 73 of the in-home license processing device 25. Then, information indicating that the use condition updating is completed is transmitted to the playback device 26 (step S311), and the playback device 26 deletes the screen shown in FIG. The process is performed, and the process ends.
  • step S400 post-processing of the in-home license that has become unnecessary after the content reproduction is completed is performed (step S400).
  • the terminal device 20 (the in-home license processing device 25) transmits the in-house license to the license management device 10 that is the source of the in-house license.
  • the license is sent (returned), and the license management device 10 (license control device 15) updates the usage conditions of the license that generated the home license. For example, by returning the in-house license 110 shown in FIG. 8C to the license management device 10, the license 100 0 shown in FIG. 8B can be returned. Can be returned to the state of license 100 shown in FIG. 8 (a).
  • the in-home license here means that if the usage conditions 1 15 of the in-house license 110 become unavailable, the in-house license 110 is not required.
  • the in-home license on the terminal device 20 is transmitted to the license management device 10 and the in-home license is physically erased from the terminal device 20. You.
  • the terminal device 20 returns the home license 110, the user may instruct the return using the input device 28, or the terminal device 20 may return the content. It is also possible to detect that the reproduction of the music has ended and return it automatically. It may be returned automatically when the viewing expiration date 1 16 has passed or when the viewing count 1 17 has reached '0'.
  • the transmission or physical erasure of the in-house license is performed by the program stored in the memory 72 or the non-volatile memory 73 in the in-house license processing device 25 of the terminal device 20. This is realized by the CPU 71 executing the program. If the terminal device 20 is always connected to the home network 50, it is possible to automatically return the home license 110 as described above. For example, when the terminal device 20 is a portable device, communication with the license management device 10 may not be performed when the reproduction of the content ends. In such a case, the license management device 10 manages the contents of the use condition 1 15 of the issued in-house license 110 and issues the in-house license from another terminal device.
  • the home license 110 shown in FIG. 9 (c) for example, after the terminal device 20 reproduces the content twice using the home license, the home license is reproduced.
  • the number of views 1 17 of sense 110 is '6'.
  • the in-home license is returned in step S400, the number of viewing times of the license after the in-home license generation shown in FIG.
  • the number of views 1 of the license 100 in the license management device 10 is added to the number of views 8 of the license management device 10.
  • step S400 it is not necessary to return the in-home license that is no longer needed. If not returned, the in-house license is retained on the terminal device 20. Therefore, if the same content is to be reproduced again thereafter, the in-home license is transmitted from the license management device 10 to the in-house license. There is no need to obtain a sense. However, if the conditions of use of the in-house license are not sufficient for use, the license will be acquired again from the license management device 10.
  • a license 100 is a license management device that can use the license in contrast to the license 100 in FIG. 8.
  • a new license management device ID 109 shown below will be provided.
  • the license management device ID held by the license management device ID 109 is a unique ID for each license management device, and is assigned to the device ID of the license management device 10 described above. Equivalent to.
  • the in-home license 110 is different from the in-home license 110 in FIG. 8 in that a terminal device ID 119 indicating a terminal device that can use the in-home license is used. Newly provided.
  • the terminal device ID held by the terminal device ID 119 is a unique ID for each terminal device, and corresponds to the device ID of the terminal device 20 described above. .
  • FIG. 12 (a) shows a license.
  • the license server 31 sets the ID of the license management apparatus that has requested transmission to the license management apparatus ID 109.
  • the license management device 10 sends the ID held by the license management device ID 10 9 of the corresponding license.
  • the license management device 10 determines whether or not the license management device 10 has its own ID, and if not, does not generate a home license (step S in FIG. 19). 209 processing).
  • This processing is performed by the CPU 71 executing a program stored in the memory 2 or the nonvolatile memory 73 in the license controller 15. Is realized.
  • the above ID is stored in a nonvolatile memory 73 in the license control device 15 in advance so that the ID cannot be accessed from outside.
  • the license management device that manages the license can be specified, and the license can be more securely protected.
  • FIG. 12 (b) shows a home license.
  • the license management device 10 sets the ID of the terminal device requesting the home license to the terminal device ID 119.
  • the terminal device 20 when the content is actually reproduced, that is, the reproduction device 26 is transmitted from the home license processing device 25 to the content included in the home license.
  • the key is obtained, it is determined whether the ID held by the terminal device ID 119 is the ID of the terminal device 20 itself, and if not, the content key is reproduced by the device 26. (Step S304 in Fig. 21).
  • This process is performed by the CPU 71 executing a program stored in the memory 72 or the nonvolatile memory 73 in the home license processing device 25. Is realized.
  • the above-mentioned ID is stored in a nonvolatile memory 73 in the in-home license processing device 25 in advance so that it cannot be accessed from outside.
  • the in-home license is transmitted from the license management device 10 to the terminal device 20 via the home network 50. Is done. Since the in-home license includes a content key for decrypting the encrypted content, the handling must be strict. In general, since the home network 50 is composed of Ethernet, etc., it is necessary to transmit a home license using cryptographic communication or the like.
  • FIG. 7 is a diagram showing an example of a procedure for transmitting a home license from the license management device 10 to the terminal device 20 using encrypted communication.
  • K o is the key used to encrypt data with the public key public key
  • ⁇ ⁇ is the data used to decrypt data encrypted with the public key private key. Is the key to be used.
  • Ko and ⁇ are held in the non-volatile memory 73 of the in-home license processing device 25 so that the in-home license processing device 25 cannot be accessed from outside.
  • the in-home license is generated by the license control device 15 of the license management device 10 and transmitted to the in-home license processing device 25 of the terminal device 20.
  • the in-home license processing device 25 is a public key pair that has a private key ⁇ ⁇ ⁇ and its own authentication data, which it holds in advance so that it cannot be accessed from outside.
  • Key K o content ID that specifies the license to generate the in-house license to be obtained, and required usage conditions
  • the license control device 15 authenticates the in-home license processing device 25 using the above authentication process (step TO02).
  • Step TOO2 corresponds to the processing of step S203 in FIG.
  • the license control device 15 generates a first session key K s1 by using a random number or the like (step TO 03).
  • the first session key Ks1 is encrypted using the public key Ko and transmitted to the in-home license processing device 25 (step # 004).
  • the in-home license processing device 25 decrypts the above K s 1 using the above-mentioned secret key ⁇ ⁇ which is held in advance so that it cannot be accessed from outside. Then, a second session key Ks2 is generated by using a random number or the like (step T006). Then, the second session key Ks2 is encrypted using the first session key Ksl and transmitted to the license controller 15 ( Step T007).
  • the license controller 15 uses the first session key Ks1 to decrypt the second session key Ks2 (step S1). T 0 08). Then, the license control device 15 transmits the use condition of the license having the above content ID transmitted in step T001 and the license control device 25 in the home. The above-mentioned required use conditions are compared, and if the license does not exceed the range of use conditions, a home license is generated (step T099).
  • Step T099 corresponds to the processing of step S209 in FIG.
  • the in-home license is encrypted with the second session key K s2 and transmitted to the in-home license processing device 25 (step T 010). .
  • Step TO10 corresponds to the processing of step S210 in FIG.
  • the in-home license processing device 25 decrypts the in-house license using the second session key Ks2 (step T 011), and the in-house license
  • the in-house license is stored in the non-volatile memory 73 in the processing device 25 (step TO12).
  • Step TO12 corresponds to the processing of step S211 in FIG.
  • the in-home license is securely transmitted to the in-home license processing device 25.
  • the above processing is executed by the program stored in the memory 72 or the non-volatile memory 73 for each of the license control device 15 and the terminal device 20 by the CPU 7. 1 is achieved by doing.
  • the in-home license is transmitted in an encrypted form, and the session key used for this encryption is different each time using a random number.
  • the session key is generated, and only the license control device 15 and the in-home license processing device 25 are known, and it is difficult to eavesdrop on the in-home license from outside. is there . Therefore, it is also possible to transmit the home license from the license management device 10 to the terminal device 20 connected to the communication network 60. In this case, the user authentication described above is performed by the license management device 10.
  • the license management device 10 includes the function of the router 40 as shown in FIG. 2, the license management device 10 sends a request for a home license to the
  • the terminal device connected to the communication network 60 can be easily determined whether the terminal device is connected to the network 60 or the terminal device connected to the home network 50.
  • the in-house license is controlled. It can easily be restricted to use at least one terminal device connected to the home network 50. By doing so, it is possible to prevent in-house licensing to an unspecified number of people and to limit the use of in-house licensing to only authorized purchasers.
  • the communication network 60 is connected to the Internet.
  • a general-purpose network such as a remote network
  • encrypted communication is required.
  • the procedure shown in Fig. 7 is also applicable to this encrypted communication.
  • Figure 22 shows the processing procedure in this case.
  • FIG. 22 is a diagram showing an example of a procedure for transmitting a license from a license server, '31, to the license management apparatus 10 using cryptographic communication.
  • K o is the key used to encrypt data with the public key public key
  • ⁇ ⁇ is the key used to decrypt data encrypted with the public key private key. It is a key.
  • ⁇ and ⁇ in FIG. 22 are held in the non-volatile memory 73 of the license control device 15 so that the license control device 15 cannot be accessed from outside.
  • the license control device 15 has its own authentication data, which it holds in advance so that it cannot be accessed from outside, and a public key ⁇ paired with the secret key Kp. ⁇ and a content ID for specifying the license to be acquired are transmitted to the license server 31 (step T101).
  • the license server 31 authenticates the license control device 15 using the authentication data (step T102).
  • Step T102 corresponds to the processing of step S205 in FIG.
  • the license server 31 generates a first session key Ks1 by using a random number or the like (step T103).
  • the first session key Ks1 is encrypted using the public key Ko and transmitted to the license control device 15 (step # 104).
  • the license control device 15 decrypts the s1 using the secret key ⁇ which is held in advance so that it cannot be accessed from the outside (
  • a second session key Ks2 is generated using a random number or the like (step # 105) (step T106). Then, the second session key Ks2 is encrypted using the first session key Ks1 and transmitted to the license server 31 (step Step T107).
  • the license server 31 decrypts the second session key Ks2 using the first session key Ks1 (step T108). Then, the license server 31 sends the license having the above-mentioned content ID transmitted in step T101 from the licenses held in the license information 206. The sense is extracted (step T109). Step T109 corresponds to the processing of step S206 in FIG. Then, the license is encrypted with the second session key Ks2 and transmitted to the license controller 15 (step T110). Step T110 corresponds to the processing of step S207 in FIG.
  • Step Tl 11 the license controller 15 decrypts the license using the second session key Ks2 (step Tl 11), and the license controller 15
  • the in-house license is stored in nonvolatile memory 73 in 15 (step Tl 12).
  • Step Tl12 corresponds to the processing of step S208 in FIG. As a result, The sense is safely transmitted to the license controller 15.
  • the above processing is executed by the CPU 71 executing the program stored in the memory 72 or the nonvolatile memory 73 for the license control device 15. This is achieved.
  • K o is a key used to encrypt data with a public key public key
  • K p is used to decrypt data encrypted with a public key private key. Is the key to be used.
  • ⁇ and Kp in FIG. 11 are held in the non-volatile memory 83 of the playback device 26 so that the playback device 26 cannot be accessed from outside.
  • the playback device 26 has its own authentication data, which has been held in advance so that it cannot be accessed from the outside, the public key K o, and the content including the content ID.
  • a request for reproducing the contents is transmitted to the in-home license processing device 25 (step # 201).
  • in-house license processing device 25 performs authentication for authenticating playback device 26 using the above authentication process (step # 202).
  • Step # 202 corresponds to the processing of step S303 in FIG.
  • the in-home license processing device 25 generates a first session key Ks1 using a random number or the like (step T203).
  • the first session key Ks1 is encrypted using the public Ko and transmitted to the playback device 26 (step T204).
  • the playback device 26 decrypts the above s1 using the above secret key Kp which is previously held so that it cannot be accessed from the outside (step A second session key Ks2 is generated using random numbers or the like (step T205) (step T205). Then, the second session key Ks2 is encrypted using the first session key Ks1 and transmitted to the in-home license processing device 25. (Step T207).
  • the in-house license processing device 25 decrypts the second session key Ks2 using the first session key Ks1. (Step T208) and the home corresponding to the above content ID Check the license usage conditions (step T209). Step T209 corresponds to the processing of step 304 in FIG. If the in-house license is available, the content key is extracted from the in-house license (step T210). Step T210 corresponds to the processing of step 306 in FIG. Then, using the second session key Ks2, the content key is decoded and transmitted to the playback device 26 (step T211).
  • the playback device 26 decrypts the content key using the second session key Ks2 (step T212), and decrypts the content key. Set to section 85 (step T213).
  • Step T213 corresponds to the processing of step S307 in FIG.
  • the above processing is performed by the CPU 71 executing the program stored in the memory 72 or the non-volatile memory 73 in the home license processing device 25.
  • the memory 8 In the playback device 26, the memory 8
  • the procedure in Fig. 7 and Fig. 11 and Fig. 22 are methods in which the in-home license, the content key, and the source of the license authenticate the respective destinations. By adding a step in which the destination authenticates the source at the beginning, even stronger security can be realized.
  • the license is managed collectively by the license management device, and the in-home license is generated and securely transmitted in response to a request from the terminal.
  • the license management device By transmitting (returning) the in-home license, which is no longer required by the terminal device, to the license management device, the user can send the distributed encrypted content to the home network. It can be used between multiple terminals connected to networks (and external communication networks).
  • the license management device 10 connected to the home network 50 generates the in-house license.
  • the function of the license management device 10 is The configuration provided in the SECEX server 31 may be used.
  • the license issuing unit 203 shown in FIG. 18 has the function of the license control device 15.
  • the license issuing unit 203 of the license server 31 generates a home license from the license held in the license information 206. That is.
  • FIG. 23 shows a processing flowchart when the terminal device 20 obtains the in-house license.
  • the terminal device 20 acquires the content ID of the content selected by the user—the content ID included in the evening (step S501), and the content ID indicated by the content ID.
  • a search is performed to determine whether a home license for the content exists in the terminal device 20 (step S502).
  • the value designated by the content ID 111 of the in-house license managed by the in-house license processing device 25 is compared with the content ID, and the matched in-house license is determined. If there is a sense, it means that it exists.
  • the URL described in the URL of the license server included in the metadata of the content.
  • the information transmitted to the license server 31 includes, in addition to the content ID described above, a request use condition, a user ID required for user authentication (or a user ID and a password).
  • the authentication data L which is information (device ID) unique to the terminal device 20 required for device authentication, can be included as necessary.
  • step S503 the license control device 15 uses information transmitted from the terminal device 20 in the same manner as in step S203 in FIG. Authentication processing is performed (step S503). If the authentication is successful in step S503, the license for the content indicated by the content ID included in the information transmitted from the terminal device 20 is changed to a license license. , '31 is searched for whether it is stored in the license information 206 and exists in the purchase license of the user indicated by the user ID (step S50). Four ).
  • the value indicated by the content ID 101 of all licenses purchased by the user indicated by the user ID above Is compared with the content ID, and if there is a matched license, it is determined that the license exists.
  • step S505 If there is a matched license, the license Then, an in-house license that meets the above-mentioned required use condition is generated (step S505), and the in-house license is transmitted to the terminal device 20 that is the request source (step S505). S506). At this time, if the corresponding license is not found in step S505, information to that effect is transmitted.
  • step S506 if the information transmitted in step S506 is a home license, the terminal device 20 stores the non-volatile memory in the home license processing device 25. Is stored in the memory 73 (step S507), and the processing ends.
  • the procedure shown in FIG. 7 can be applied to the cryptographic communication between the terminal device 20 (in-house license processing device 25) and the license server 31 (license control device 15). .
  • the license server 31 transmits a license to the license management device 10 and transmits a home license to the terminal device 20. It is also possible.
  • the license issuing unit 203 of the license server 31 sends a license to the license management device 10 if the license usage conditions are the usage conditions shown in FIG. 8A.
  • the license is transmitted, and if the license usage condition is the usage condition shown in FIG. 9 (a), a home license is generated and the home license is transmitted to the terminal device 20.
  • the license may be sent to the license management device 10 or an attribute may be added to the license 100 (this attribute may be added to the license 100). An attribute that prohibits transmission to the sense management device 10 may be used.)
  • a license may be transmitted for communication with the license management device 10 and a home license may be transmitted for communication with the terminal device 20.
  • the viewing expiration date 106 is “unlimited”, and the viewing frequency 107 is “unlimited”.
  • a license for example, is equivalent to what a user would buy an audio CD, so the license connected to the home network 50 It is convenient to be able to manage with the sense management device 10. Even if the operator who operates the service center system 30 stops the service, the rights purchased by the user will not be lost.
  • FIG. 24 shows a processing flowchart of the procedure for acquiring the in-house license in the device 20.
  • the terminal device 20 acquires the content ID of the content selected by the user—the content ID included in the evening (step S601), and the content ID is obtained.
  • a search is performed to determine whether or not a home license for the content indicated by exists in the terminal device 20 (step S602).
  • the value designated by the content ID 11 of the entire in-house license managed by the in-house license processing device 25 is compared with the content ID, and the matched in-house license is compared. If there is a sense, it means that it exists.
  • the license management device 10 is communicated to the license management device 10 via the home network 50. And send information to instruct to obtain a home license.
  • the information transmitted to the license management device 10 includes, in addition to the content ID described above, the required usage conditions, a user ID required for user authentication (or a user ID and a password).
  • Authentication data such as (1) the information unique to the terminal device 20 (device ID) required for device authentication and device authentication can be included as necessary.
  • the license control device 15 uses the information transmitted from the terminal device 20 in the same manner as in step S203 in FIG. 19. The authentication process is performed (step S603).
  • the license control device 15 issues a license to the content indicated by the content ID included in the information transmitted from the terminal device 20.
  • a search is performed to determine whether a license exists in the license control device 15 (step S604). In other words, the value indicated by the content ID 101 of all licenses managed by the license controller 15 is compared with the content ID, and if there is a matched license, That is, it exists.
  • step S605 If there is a matched license, the licensing power is used to generate a home license that meets the required use conditions (step S605), and the license is generated.
  • the in-home license is transmitted to the requesting terminal device 20 (step S606). At this time, if the corresponding license is not found in step S605, information to that effect is transmitted.
  • the terminal device 20 checks the received information (step S607), and informs that the license corresponding to the information was not found. If it is the information, the home network is sent to the license server 31 having the address described in the URL of the license server included in the content data of the content. Information to instruct to obtain a home license is transmitted via 50 and the communication network 60 (step S680). At this time, the information sent to the license server 31 includes, in addition to the content ID described above, a request use condition, a user ID required for user authentication (or a user ID and a user ID). Authentication data such as a password (password) and information unique to the terminal device 20 (device ID) required for device authentication can be included as necessary.
  • the license control device 15 uses the information transmitted from the terminal device 20 to perform the same authentication as in step S 205 in FIG. Processing is performed (step S609). If the authentication is successful in step S609, the license for the content indicated by the content ID included in the information transmitted from the terminal device 20 is changed to the license license. , '31 is searched for whether it is stored in the license information 206 and exists in the purchase license of the user indicated by the user ID (step S6). Ten ). In other words, of the licenses held by the license information 206, the value indicated by the content ID 101 of all licenses purchased by the user indicated by the user ID above Is compared with the content ID, and if there is a matched license, it is determined that the license exists.
  • step S611 If there is a matched license, the licensing force generates a home license that meets the required use conditions (step S611), and The in-home license is transmitted to the requesting terminal device 20 (step S612). At this time, if the relevant license is not found in step S610, information to that effect is transmitted.
  • the terminal device 20 receives the in-home license transmitted from the license management device 10 or the in-house license transmitted from the license server 31 and uses the in-home license.
  • the result is stored in the non-volatile memory 73 of the processing device 25 (step S613), and the processing is terminated.
  • the processing flow chart of FIG. 24 makes an inquiry to the license management device 10 first if the desired in-home license does not exist in the in-home license processing device 25. For example, you may ask the licenser, '31, first.
  • the terminal device 20 receives the home license acquired in the process of FIG.
  • the in-house license obtained from the license management device 10 is transferred to the license management device 10 and the in-house license obtained from the license server 31 is used. They are returned (transmitted) to the license server 31 respectively.
  • the license server 31 when the license server 31 is configured to have the function of the license control device 15, the license connected to the home network 50 is provided.
  • the management device 10 may have a home license processing device 25.
  • the license management device 10 obtains an in-house license from the license server 31 and the license management device 10 sends the content key included in the in-house license to the terminal. This is transmitted to the playback device 26 of the device 20.
  • the license management apparatus 10 receives a TV broadcast program (content) and obtains a license conforming to the present embodiment. The operation to be generated will be described.
  • control information such as a program recording instruction instructed by the user using the input device 19, or control of a program recording instruction or the like obtained from the terminal device 20 or the like via the communication control device 13.
  • the CPU 11 of the license management apparatus 10 is instructed to record the content (program recording on the storage apparatus 14 or the like).
  • the control information includes information such as the channel of the content (program) to be recorded, the recording time, and the recording mode (resolution and compression method).
  • the CPU 11 transmits the tuner section 99 of the broadcast receiving apparatus 17 via the node 18 and the IZO circuit 96 so as to be able to receive the channel included in the control information.
  • the resolution and the compression method such as MPEG2 are set according to the recording mode specified in advance by the resolution conversion / compression unit 97.
  • the CPU 11 instructs the content key generation unit 93 of the license generation device 16 via the I / O circuit 18 and the IZO circuit 96 to generate random numbers and the like.
  • the content key is further generated, the content key is set in the encryption circuit 94, and the use condition specified in advance is set in the license generation unit 92.
  • the license generation unit 92 generates a license from the content key and the usage conditions, and the CPU 11 generates the license from the nonvolatile memory in the license control device 15. Stored in 7.3.
  • the content received by the tuner section 99 is converted by A / D conversion.
  • the data is converted into digital data by the unit 98, and is scaled to the resolution specified by the resolution conversion / compression unit 97, and is further specified by the compression method And input to the encryption circuit 94 via the connection line 95.
  • the descrambling unit 90 cancels the scrambling such as CAS. Since the digital broadcast content is already compressed and transmitted, the resolution conversion / compression unit 97 is not required.
  • the encryption circuit 94 decrypts the content using the content key generated by the content key generation unit 93.
  • the encrypted content is recorded (stored) in the storage device 14 via the IZO circuit 91 and the bus 18.
  • the above usage conditions set in the license generation unit 92 can be specified as follows. That is, in the digital broadcasting, information on copy control is transmitted in addition to the video and audio data to be distributed, and the use conditions can be designated based on the copy-control information. For example, information on copy control includes "copy prohibited", “copy only once", “copy free”, and the like. If the copy control information of the content to be recorded is "copy once only-permitted", the maximum number of simultaneous issuances 108 in license 100 is "1". If the copy control information is “copy free”, the viewing expiration date 106 of the license 100 can be set to “unlimited”.
  • the license server 31 is configured to have the function of the license control device 15, and the license management device 10 connected to the home network 50 is used by the home license process.
  • the license generation unit 92 generates at least one or more in-house licenses from the content key and the use conditions,
  • the CPU 11 stores the in-home license in the nonvolatile memory 73 in the in-home license processing device 25.
  • the present invention is not limited to TV broadcast content.
  • a sense can be created in the same way.
  • DVDs use CSS to prevent unauthorized copying. It is encrypted using the encryption standard called.
  • the tuner section 99 ′ may be replaced with a DVD reader, and the descrambling section 90 may perform CSS descrambling.
  • the licenses are collectively managed by the license management device 10 connected to the home network 50.
  • the license management device 10 Obtains a license (or a home license) through a communication network different from the communication network 60, and obtains a license through a communication network different from the home network 50.
  • the license (or the content key) may be transmitted to the terminal device 20.
  • Figure 25 shows an example of a system configuration of a content distribution system (copyright management system) using each device with this configuration.
  • reference numeral 61 denotes a mobile communication network
  • 10 ′ denotes a mobile phone (portable terminal) equipped with the license management device of the present embodiment
  • 20 ′ denotes a mobile phone from the mobile phone 10 ′ to the home network.
  • This is a terminal device that obtains the license (or content key).
  • the license server 31 is connected to the mobile communication network 61 and has a configuration capable of transmitting a license (or a home license) to the mobile phone 10 '.
  • Figure 26 shows a hardware configuration diagram of the portable terminal 10 '.
  • the portable terminal 10 ′ includes a CPU 1, a main memory 2, a first communication control device 3, a second communication control device 4, and a license control device 5. , An input device 6 and an output device 17. Each component of the portable terminal 10 ′ is connected by a bus 8 so that necessary information can be transmitted between the components.
  • the CPU 1, the main memory 2, and the license controller 5 are equivalent to the CPU 11, the main memory 12, and the license controller 15 in FIG. 3, respectively.
  • the first communication control device 3 is means for transmitting and receiving information (data) to and from a device connected to the mobile communication network 60 similarly via the mobile communication network 61.
  • the second communication control device 4 is means for performing peer-to-peer communication with the terminal device 20 ', and can be realized by a low-power wireless transmission / reception device, an infrared transmission / reception device, or the like.
  • the input device 6 is a means for the user to input necessary commands and information to the mobile phone 10 'and a voice input means for making a voice call.
  • the former is a numeric keypad or the like. Buttons and styles The latter can be realized by microphones and the like.
  • the output device 7 is a means for displaying information for responding to a user's operation and a sound output means for making a voice call.
  • the former is a liquid crystal display, and the latter is a display. It can be realized by a peaker or the like.
  • Figure 27 shows the hardware configuration of the terminal device 20 '.
  • the terminal device 20 ′ includes a CPU 21, a main memory 22, a first communication control device 23, a second communication control device 23 ′, and a It has a storage device 24, a home license processing device 25, a playback device 26, a display device 27, and an input device 28.
  • the components of the terminal device 20 ′ are connected by a bus 29, so that necessary information can be transmitted between the components.
  • the components other than the second communication control device 23 ' are the same as those in FIG.
  • the second communication control device 23 ′ is a means for performing peer-to-peer communication with the portable terminal 10 ′, and can be realized by a low-power wireless transmission / reception device or an infrared transmission / reception device. You.
  • the license transmitted from the license server 31 is transmitted via the mobile communication network 61 and the first communication control device 3. Received and held by the Sense Controller 5.
  • the home license acquisition request from the terminal device 20 ' is transmitted to the portable terminal 10' via the second communication control device 23 ', and the portable terminal 10' Received by the license control device 5 via the communication control device 4.
  • the mobile terminal 10 ′ transmits the generated home license to the terminal device 20 ′ via the second communication control device 4, and the terminal device 20 ′ transmits the second license to the terminal device 20 ′.
  • the in-home license processing device 25 receives and stores it via the device 23 '.
  • the encrypted content is transmitted from the content distribution server 32 to the terminal device 20 ′ via the communication network 60 and the home network 50, or Alternatively, it is taken into the terminal device 20 'by portable media.
  • the communication between the license server 31 and the license controller 5 and the communication between the license controller 5 and the in-home license processor 25 are shown in FIG. 22 and FIG.
  • the signal communication shown in Fig. 7 can be applied.
  • the license server 31 may have the function of the license control device 5 and the portable terminal 10 ′ may have the in-home license processing device 25.
  • license server 3 1 The license transmitted from the home is received and held by the license control device 5 via the mobile communication network 61 and the first communication control device 3.
  • the portable terminal 10 ′ extracts the content key included in the content, transmits the extracted content key to the terminal device 20 ′ via the second communication control device 4, and outputs the content key to the terminal device 20 ′.
  • the reproduction device 26 receives via the second communication control device 23 ′ and sets it in the decoding unit 85.
  • the encryption communication shown in FIG. 11 is applicable to the communication between the home license processing device 25 of the portable terminal 10 ′ and the reproduction device 26 of the terminal device 20 ′. It is capable.
  • a license is shared among a plurality of terminals in order to use distributed content among a plurality of terminals connected to a home network.
  • a license management method that enables this can be provided.
  • a license management device for collectively managing licenses, and the license management device described above.
  • the user can use the same content on a plurality of terminal devices.
  • the content can be used between multiple terminals connected to the home network.
  • a license management device for generating a license for the license can be provided.
  • the user can reproduce the communication content and the broadcast content or the package media content on the same terminal device without being aware of the content.
  • the present invention relates to a technology for protecting the copyright of content using a license, and relates to a technology for using the content between a plurality of terminals connected to a network. Applicable to equipment and systems that manage licenses.

Abstract

L'invention concerne un dispositif de gestion de licence permettant à une pluralité de terminaux connectés à un réseau domestique d'utiliser des contenus d'émission reçus tout en sécurisant les droits d'auteur desdits contenus. Le dispositif selon l'invention est composé d'éléments de réception d'émission, d'éléments de création de licence destinés à coder les contenus d'émission reçus et à créer une licence contenant les conditions d'utilisation et une clé de décodage destinée à décoder les contenus codés, et d'éléments de création de licence domestique destinés à créer, à partir de la licence, une pluralité de licences domestiques correspondant à la gamme des conditions d'utilisation, lesdites licences domestiques pouvant être transmises à une pluralité de terminaux connectés par l'intermédiaire d'un réseau domestique.
PCT/JP2003/003160 2002-03-22 2003-03-17 Procede et dispositif de gestion de licence WO2003081499A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2003579146A JPWO2003081499A1 (ja) 2002-03-22 2003-03-17 ライセンス管理方法およびライセンス管理装置

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2002-79929 2002-03-22
JP2002079929 2002-03-22

Publications (1)

Publication Number Publication Date
WO2003081499A1 true WO2003081499A1 (fr) 2003-10-02

Family

ID=28449079

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2003/003160 WO2003081499A1 (fr) 2002-03-22 2003-03-17 Procede et dispositif de gestion de licence

Country Status (2)

Country Link
JP (1) JPWO2003081499A1 (fr)
WO (1) WO2003081499A1 (fr)

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005250822A (ja) * 2004-03-04 2005-09-15 Sony Corp コンテンツ再生装置、コンテンツ記録装置、ネットワークシステム、およびコンテンツ記録・再生方法
JP2006129095A (ja) * 2004-10-28 2006-05-18 Excellead Technology:Kk コンテンツ配信システム
JP2006128963A (ja) * 2004-10-28 2006-05-18 Hitachi Ltd デジタル信号処理装置
WO2007007764A1 (fr) * 2005-07-14 2007-01-18 Matsushita Electric Industrial Co., Ltd. Dispositif et méthode de gestion de licence
JP2007279963A (ja) * 2006-04-05 2007-10-25 Faith Inc コンテンツ再生システム
WO2008026570A1 (fr) * 2006-08-31 2008-03-06 Daikin Industries, Ltd. Appareil pour activer la validité de fonctions dans une pluralité de dispositifs, système réseau, procédé et programme informatique
JP2008507220A (ja) * 2004-07-19 2008-03-06 ソニー ドイチュラント ゲゼルシャフト ミット ベシュレンクテル ハフツング オーディオ/ビデオコンテンツ保護方法
JP2009532929A (ja) * 2006-03-30 2009-09-10 韓國電子通信研究院 マルチメディアコンテンツに対する部分回避または同時アクセスを制御するためのライセンスデータ、並びにこれを用いるマルチメディアコンテンツの消費装置及び方法
US8527764B2 (en) 2007-05-07 2013-09-03 Lg Electronics Inc. Method and system for secure communication
JP2014229983A (ja) * 2013-05-20 2014-12-08 Necプラットフォームズ株式会社 コンテンツ配信システム、ホームゲートウェイ装置、受信装置、復号鍵送信方法及びプログラム
US8949926B2 (en) 2007-04-23 2015-02-03 Lg Electronics Inc. Method for protecting contents, method for sharing contents and device based on security level
WO2017085759A1 (fr) * 2015-11-16 2017-05-26 日立マクセル株式会社 Procédé de traitement d'informations et appareil d'affichage
JP2019088027A (ja) * 2019-03-06 2019-06-06 マクセル株式会社 表示装置
JP2019216484A (ja) * 2019-09-26 2019-12-19 マクセル株式会社 表示装置
JP2021002861A (ja) * 2019-09-26 2021-01-07 マクセル株式会社 表示装置
JP2021192540A (ja) * 2020-09-23 2021-12-16 マクセル株式会社 表示装置

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001331666A (ja) * 2000-03-14 2001-11-30 Sony Corp 情報処理装置および方法、情報提供装置および方法、プログラム格納媒体、並びにプログラム
JP2002073861A (ja) * 2000-08-24 2002-03-12 Matsushita Electric Ind Co Ltd 情報配信制御方法

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001331666A (ja) * 2000-03-14 2001-11-30 Sony Corp 情報処理装置および方法、情報提供装置および方法、プログラム格納媒体、並びにプログラム
JP2002073861A (ja) * 2000-08-24 2002-03-12 Matsushita Electric Ind Co Ltd 情報配信制御方法

Cited By (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4649850B2 (ja) * 2004-03-04 2011-03-16 ソニー株式会社 コンテンツ再生装置、コンテンツ記録装置、ネットワークシステム、およびコンテンツ記録・再生方法
US7970137B2 (en) 2004-03-04 2011-06-28 Sony Corporation Content reproduction apparatus, content recording apparatus, network system, and content recording/reproduction method
JP2005250822A (ja) * 2004-03-04 2005-09-15 Sony Corp コンテンツ再生装置、コンテンツ記録装置、ネットワークシステム、およびコンテンツ記録・再生方法
US8095468B2 (en) 2004-07-19 2012-01-10 Sony Deutschland Gmbh Method for providing protected audio/video content
US8392333B2 (en) 2004-07-19 2013-03-05 Sony Deutschland Gmbh Method for providing protected audio/video content
JP2008507220A (ja) * 2004-07-19 2008-03-06 ソニー ドイチュラント ゲゼルシャフト ミット ベシュレンクテル ハフツング オーディオ/ビデオコンテンツ保護方法
JP2006129095A (ja) * 2004-10-28 2006-05-18 Excellead Technology:Kk コンテンツ配信システム
JP2006128963A (ja) * 2004-10-28 2006-05-18 Hitachi Ltd デジタル信号処理装置
WO2007007764A1 (fr) * 2005-07-14 2007-01-18 Matsushita Electric Industrial Co., Ltd. Dispositif et méthode de gestion de licence
JP4889637B2 (ja) * 2005-07-14 2012-03-07 パナソニック株式会社 ライセンス管理装置及び方法
US7835993B2 (en) 2005-07-14 2010-11-16 Panasonic Corporation License management device and method
JP2009532929A (ja) * 2006-03-30 2009-09-10 韓國電子通信研究院 マルチメディアコンテンツに対する部分回避または同時アクセスを制御するためのライセンスデータ、並びにこれを用いるマルチメディアコンテンツの消費装置及び方法
JP2007279963A (ja) * 2006-04-05 2007-10-25 Faith Inc コンテンツ再生システム
JP2008059277A (ja) * 2006-08-31 2008-03-13 Daikin Ind Ltd 複数機器における機能有効化のための装置、ネットワークシステム、方法及びコンピュータプログラム
AU2007289780B2 (en) * 2006-08-31 2010-08-19 Daikin Industries, Ltd. Apparatus, network system, method and computer program for enabling functions of a plurality of devices
WO2008026570A1 (fr) * 2006-08-31 2008-03-06 Daikin Industries, Ltd. Appareil pour activer la validité de fonctions dans une pluralité de dispositifs, système réseau, procédé et programme informatique
US8949926B2 (en) 2007-04-23 2015-02-03 Lg Electronics Inc. Method for protecting contents, method for sharing contents and device based on security level
US8527764B2 (en) 2007-05-07 2013-09-03 Lg Electronics Inc. Method and system for secure communication
JP2014229983A (ja) * 2013-05-20 2014-12-08 Necプラットフォームズ株式会社 コンテンツ配信システム、ホームゲートウェイ装置、受信装置、復号鍵送信方法及びプログラム
US10425682B2 (en) 2015-11-16 2019-09-24 Maxell, Ltd. Information processing method, and display apparatus
JPWO2017085759A1 (ja) * 2015-11-16 2018-08-30 マクセル株式会社 情報処理方法、及び表示装置
WO2017085759A1 (fr) * 2015-11-16 2017-05-26 日立マクセル株式会社 Procédé de traitement d'informations et appareil d'affichage
US10911820B2 (en) 2015-11-16 2021-02-02 Maxell, Ltd. Information processing method, and display apparatus
US11425450B2 (en) 2015-11-16 2022-08-23 Maxell, Ltd. Information processing method, and display apparatus
JP2019088027A (ja) * 2019-03-06 2019-06-06 マクセル株式会社 表示装置
JP2019216484A (ja) * 2019-09-26 2019-12-19 マクセル株式会社 表示装置
JP2021002861A (ja) * 2019-09-26 2021-01-07 マクセル株式会社 表示装置
JP2021192540A (ja) * 2020-09-23 2021-12-16 マクセル株式会社 表示装置
JP7154356B2 (ja) 2020-09-23 2022-10-17 マクセル株式会社 表示装置
JP7371195B2 (ja) 2020-09-23 2023-10-30 マクセル株式会社 表示装置

Also Published As

Publication number Publication date
JPWO2003081499A1 (ja) 2005-07-28

Similar Documents

Publication Publication Date Title
JP2004303111A (ja) ライセンス管理機能付き携帯端末
EP1581849B1 (fr) Droits divisés en domaine autorisé
JP4477835B2 (ja) 認証システム、鍵登録装置及び方法
DK2408202T3 (en) Method and device for secure transfer and playback of multimedia content
CN101467156B (zh) 用于创建对象的方法、系统和设备
US20020159596A1 (en) Rendering of content
CA2977970C (fr) Chemin video securise pour ordinateur personnel
KR101406350B1 (ko) 클라이언트 도메인 내에서의 디지털 콘텐츠의 이용을관리하기 위한 방법 및 이 방법을 실행하는 디바이스
US20100208890A1 (en) Content distribution apparatus, content use apparatus, content distribution system, content distribution method and program
WO2006092840A1 (fr) Système de distribution de contenu
WO2003081499A1 (fr) Procede et dispositif de gestion de licence
WO2006022006A1 (fr) Programme, procédé et dispositif de gestion de contenu
JP2004362547A (ja) スマートカードを用いた装置認証によりホームドメインを構成する方法、及びホームドメインを構成するためのスマートカード
JP4156770B2 (ja) 通信装置およびその通信方法
WO2007099729A1 (fr) Systeme et procede de distribution de contenu, dispositif terminal et support d'enregistrement contenant le programme
US20030009667A1 (en) Data terminal device that can easily obtain content data again, a program executed in such terminal device, and recording medium recorded with such program
JP2004133654A (ja) 記憶装置、端末装置およびサーバ装置
JP2006508563A (ja) デジタルホームネットワーク用鍵の有効性の確認方法
JP2004318448A (ja) コンテンツ保護機能付き端末装置
JP2004303108A (ja) ライセンス移動機能付き端末装置
JP2004303107A (ja) コンテンツ保護システム及びコンテンツ再生端末
JPH10333769A (ja) マルチメディアデータ配信システム及びマルチメディアデータ再生端末
JP4201566B2 (ja) 記憶装置およびサーバ装置
JP2014220800A (ja) 限定受信装置および限定受信システム
JP2005039429A (ja) 契約認証サーバ及びコンテンツ再生認証方法

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): CN GB JP KR US

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2003579146

Country of ref document: JP