WO2004002059A1 - データ通信システム、情報処理装置および方法、記録媒体、並びにプログラム - Google Patents
データ通信システム、情報処理装置および方法、記録媒体、並びにプログラム Download PDFInfo
- Publication number
- WO2004002059A1 WO2004002059A1 PCT/JP2003/006506 JP0306506W WO2004002059A1 WO 2004002059 A1 WO2004002059 A1 WO 2004002059A1 JP 0306506 W JP0306506 W JP 0306506W WO 2004002059 A1 WO2004002059 A1 WO 2004002059A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- client terminal
- network
- data
- random number
- decoding
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 71
- 230000010365 information processing Effects 0.000 title claims abstract description 38
- 230000004044 response Effects 0.000 claims abstract description 26
- 230000005540 biological transmission Effects 0.000 claims description 42
- 238000003672 processing method Methods 0.000 claims description 14
- 102100024342 Contactin-2 Human genes 0.000 abstract description 2
- 101000690440 Solanum lycopersicum Floral homeotic protein AGAMOUS Proteins 0.000 abstract description 2
- 101100133558 Drosophila melanogaster Non1 gene Proteins 0.000 abstract 3
- 101100333596 Petunia hybrida EOBII gene Proteins 0.000 abstract 3
- 230000006870 function Effects 0.000 description 141
- 230000003993 interaction Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 239000004065 semiconductor Substances 0.000 description 2
- 238000004590 computer program Methods 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 230000007257 malfunction Effects 0.000 description 1
- 230000009131 signaling function Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/12—Payment architectures specially adapted for electronic shopping systems
- G06Q20/123—Shopping for digital content
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/12—Payment architectures specially adapted for electronic shopping systems
- G06Q20/123—Shopping for digital content
- G06Q20/1235—Shopping for digital content with control of digital rights management [DRM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
Definitions
- the present invention relates to a data communication system, an information processing apparatus and method, a recording medium, and a program, and is preferably used, for example, when communicating rights data indispensable for using content data or content data via a network.
- the present invention relates to a data communication system, an information processing apparatus and method, a recording medium, and a program. Background art
- an encrypted digital content is transmitted from a server on the seller side to a terminal device on the client (purchaser) side (hereinafter referred to as a client terminal) via the Internet.
- a client terminal a terminal device on the client (purchaser) side
- the server charges the client for the purchase price. Is set.
- the server transmits necessary rights data to the client terminal via the Internet to the client terminal, which is indispensable for using the encrypted digital content.
- charging for the client is set in the server.
- a malicious user analyzes the timing of charging at a timing server at which digital content data can be used, and intentionally performs digital processing at a client terminal. After the content has been made available, and For example, if the connection between the server and the client terminal is forcibly disconnected before the setting is made, there is a problem that digital content may be obtained without paying the purchase price. Disclosure of the invention
- the present invention has been made in view of such a situation, and by randomly communicating dummy data between a server and a client terminal, a timing for charging digital content data to a usable state is set.
- the purpose is to prevent malicious clients from grasping the timing and the timing of operations.
- the client terminal stores a process after encrypting the first signal and the first random number and transmitting the encrypted signal to the server via the network a random number of times.
- the content data is set from the invalid state to the valid state
- the second signal and the second random number are encrypted and transmitted to the server via the network
- the server transmits data from the client terminal via the network.
- Decodes the sequence returns the first random number to the client terminal via the network if the decoding result includes the first signal, and returns the first random number if the decoding result includes the second signal. Is characterized in that a second random number is returned to the client terminal via the network after performing a charging process for the user of the client terminal.
- a first information processing apparatus includes: a random number generation unit that generates a random number; a generation unit that generates first and second signals; an encryption unit that encrypts a data string; and an encryption unit. Transmitting means for transmitting the encrypted data string to the server via the network, setting means for setting the stored content data from an invalid state to an effective state, random number generating means, generation Means, encryption means, transmission means, and control means for controlling the setting means, wherein the control means encrypts the first signal and the first random number and transmits the encrypted signal to the server via the network. After repeating a random number of times, the content data is changed from an invalid state to a valid state, The signal and the second random number are encrypted and transmitted to a server via a network.
- a first information processing method includes a random number generation step of generating a random number, a generation step of generating first and second signals, an encryption step of encrypting a data string, and an encryption step A transmitting step of transmitting the data sequence encrypted in the processing of (a) to the server via the network, a setting step of setting the stored content data from an invalid state to a valid state, a random number generating step, A control step of controlling the generation step, the encryption step, the transmission step, and the setting step, wherein the control step causes the server to transmit the first signal and the first random number through the network by encrypting the first signal and the first random number.
- the content data is set from an invalid state to a valid state, and the second signal and the second random number are encoded. It is characterized in that it is transmitted to a server via a network.
- the program of the first recording medium of the present invention comprises: a random number generation step for generating a random number; a generation step for generating first and second signals; an encryption step for encrypting a data sequence; and an encryption step.
- a first program includes: a random number generating step of generating a random number; a generating step of generating first and second signals; an encrypting step of encrypting a data sequence; and a process of the encrypting step.
- the control step controls the encryption step, the transmission step, and the setting step.
- the control step includes a process of encrypting the first signal and the first random number and transmitting the encrypted signal to the server via the network. After repeating a random number of times, the content data is changed from invalid to valid, and the second signal and the second random number are encrypted and transmitted to the server via the network.
- a second information processing apparatus includes: a decoding unit that receives and decodes a data sequence from a client terminal via a network; and a data sequence included in a decoding result of the decoding unit to the client terminal via the network. It is characterized by including a reply means for replying, and a billing means for executing a billing process for the user of the client terminal in accordance with the decryption result of the decryption means.
- a decoding step of receiving and decoding a data sequence from a client terminal via a network, and a data sequence included in a decoding result in the processing of the decoding step are performed via a network. It is characterized by including a response step of returning to the client terminal, and a charging step of executing a charging process for the user of the client terminal in accordance with a decryption result in the processing of the decrypting step.
- a program of a second recording medium according to the present invention includes: a decoding step of receiving and decoding a data sequence from a client terminal via a network; and a data sequence included in a decoding result in the processing of the decoding step, via a network. It is characterized by including a replying step of returning to the client terminal, and a billing step of executing a billing process for the user of the client terminal in accordance with a decryption result in the decrypting step.
- a second program includes: a decoding step of receiving and decoding a data sequence from a client terminal via a network; and a data sequence included in a decoding result in the processing of the decoding step to the client terminal via the network.
- the client terminal In response to the replying step and the decryption result in the decrypting step, the client terminal And a charging step for performing charging processing for the user.
- the client terminal decodes and stores a data string from a server via a network, and transmits the decoded result together with a transmission request for right data corresponding to the stored content data.
- the encrypted data is transmitted to the server via the network, and the server encrypts the dummy data and transmits the encrypted data to the client terminal via the network in response to the transmission request from the client terminal via the network.
- the right data corresponding to the content data stored in the client terminal is encrypted and transmitted to the client terminal via the network
- the reply from the client terminal contains the rights data After confirming that, characterized by executing the billing process for a user of the client terminal.
- a third information processing apparatus of the present invention includes: storage means for storing content data; generating means for generating a transmission request for right data corresponding to content data; and decoding of a data string from a server via a network. It is characterized by including decryption means for storing, and transmission means for encrypting the transmission request including the decryption result of the decryption means and transmitting the encrypted data to the server via the network.
- a third information processing method includes a storage step of storing content data, a generation step of generating a transmission request of right data corresponding to content data, and a step of decoding a data sequence from a server via a network. It is characterized by including a decryption step for storing, and a transmission step for encrypting the transmission request including the decryption result of the decryption step processing and transmitting the encrypted data to the server via the network.
- the program of the third recording medium includes: a storage step for storing content data; a generation step for generating a transmission request for right data corresponding to the content data; and a data sequence from a server via a network. Decryption And transmitting the transmission request to the server via the network by encrypting the transmission request including the decryption result of the decryption step.
- a third program according to the present invention includes: a storage step of storing content data; a generation step of generating a transmission request for right data corresponding to the content data; and a decryption of decrypting and storing a data sequence from a server via a network. And a transmitting step of encrypting the transmission request including the decryption result in the decryption step and transmitting the encrypted data to the server via the network.
- a fourth information processing apparatus includes: a random number generation unit that generates a random number; an encryption unit that encrypts a data sequence; and a client terminal that transmits the data sequence encrypted by the encryption unit via a network. Transmitting means for transmitting to the client terminal, a decoding means for receiving and decoding a data sequence from the client terminal via the network, and a charging means for executing a charging process for the user of the client terminal in accordance with the decoding result of the decoding means.
- control means for controlling a random number generation means, an encryption means, a transmission means, a decryption means, and a billing means, wherein the control means encrypts dummy data composed of random numbers and transmits the data to a client terminal via a network. After repeating the process of confirming that dummy data is included in the response from the client terminal a random number of times, It is characterized in that the right data is encrypted and transmitted to the client terminal via the network, and after confirming that the right data is included in the reply from the client terminal, the charging process for the user of the client terminal is executed.
- a fourth information processing method includes a random number generating step of generating a random number, an encryption step of encrypting a data sequence, and a client transmitting the data sequence encrypted in the processing of the encryption step via a network.
- a transmitting step for transmitting to the terminal, a decoding step for receiving and decoding a data sequence from the client terminal via the network, and a charging process for the user of the client terminal corresponding to a decoding result in the processing of the decoding step.
- the process of encrypting dummy data composed of random numbers and transmitting the encrypted data to the client terminal via the network, and confirming that the response from the client terminal includes the dummy data is performed a random number of times.
- the rights data is encrypted and transmitted to the client terminal via the network.
- the client terminal user is charged. It is characterized by making it.
- the program of the fourth recording medium comprises: a random number generating step of generating a random number; an encryption step of encrypting a data string; and a client transmitting the data string encrypted in the processing of the encryption step via a network.
- the method includes a charging step, a random number generation step, an encryption step, a transmission step, a decryption step, and a control step for controlling the charging step.
- the control step encrypts dummy data composed of random numbers and transmits the data to the client terminal via a network. And reply to the response from the client terminal. -After repeating the process of confirming that data is included a random number of times, encrypt the rights data and send it to the client terminal via the network, and confirm that the reply from the client terminal includes the rights data After that, a billing process for the user of the client terminal is executed.
- a random number generating step of generating a random number, an encryption step of encrypting a data string, and a data string encrypted in the processing of the encryption step are transmitted to a client terminal via a network.
- the client terminal sends the data via the network, and repeats the process of confirming that the reply from the client terminal contains the dummy data a random number of times. It is characterized by having the terminal transmit via a network, confirming that the right data is included in the reply from the client terminal, and then executing the accounting process for the user of the client terminal.
- the client terminal repeats a process of encrypting the first signal and the first random number and transmitting the encrypted signal to the server via the network a random number of times, and then stores the encrypted data. From the invalid state to the valid state, encrypts the second signal and the second random number and sends them to the server via the network.
- the first signal is included in the decoding result
- the first random number is returned to the client terminal via the network
- the second signal is included in the decoding result.
- the second random number is returned to the client terminal via the network.
- the first information processing apparatus, method, and program according to the present invention after a process of encrypting a first signal and a first random number and transmitting the first signal and the first random number to a server via a network is repeated a random number of times, The data is changed from an invalid state to a valid state, and the second signal and the second random number are encrypted and transmitted to the server via the network.
- a data sequence from a client terminal via a network is received and decoded, and a data sequence included in the decoded result is transmitted to the client terminal via the network.
- the client terminal user is billed in accordance with the decryption result.
- the client terminal decodes and stores a data string from the server via the network, and stores the decoding result.
- content data is stored, and a transmission request for right data corresponding to the content data is generated. Also, the data string from the server via the network is decrypted and stored, and the transmission request includes the decryption result and is encrypted and transmitted to the server via the network.
- the process of encrypting dummy data consisting of random numbers and transmitting the encrypted dummy data to the client terminal via the network, and confirming that the reply from the client terminal includes the dummy data is random.
- the rights data is decoded and transmitted to the client terminal via the network, and it is confirmed that the rights data is included in the reply from the client terminal.
- a billing process is executed.
- FIG. 1 is a block diagram showing a configuration example of a digital content sales system to which the present invention is applied.
- FIG. 2 is a block diagram illustrating a configuration example of the content sales server 1.
- FIG. 3 is a diagram illustrating a first configuration example of a function block configuring each of the content sales server 1 and the client terminal 3. 06506
- FIG. 4 is a flowchart illustrating a first mutual operation according to the first configuration example of FIG.
- FIG. 5 is a diagram showing a second configuration example of the function blocks constituting each of the content sales server 1 and the client terminal 3.
- FIG. 6 is a flowchart illustrating a second mutual operation according to the second configuration example of FIG. BEST MODE FOR CARRYING OUT THE INVENTION
- FIG. 1 shows a configuration example of a digital content sales system to which the present invention is applied.
- This digital content sales system is operated by a digital content seller, is operated by a content sales server 1 that sells digital content via the Internet 2, and is operated by a client that purchases digital content, and is operated via the Internet 2.
- the client terminal 3 is connected to the content sales server 1 to obtain digital contents.
- FIG. 2 shows a configuration example of the content sales server 1.
- the content sales server 1 includes a CPU (Central Processing Unit) 11.
- An input / output interface 15 is connected to the CPU 11 via a bus 14.
- the bus 14 is connected to a ROM (Read Only Memory) 12 and a RAM (Random Access Memory) 13.
- the input / output interface 15 has an operation input section 16 consisting of input devices such as a keyboard and a mouse for the operator to input various operations, a CRT (Cathode Ray Tube) or LCD (Liquid Crystal Display) for displaying operation screens, etc. ), A storage unit 18 such as a hard disk drive that stores various data such as programs and digital contents, a communication unit 19 that performs communication processing with the client terminal 3 via the Internet 2, A drive 20 for reading and writing data from and to a recording medium such as the magnetic disk 21 to the semiconductor memory 24 is connected. 06506
- the CPU 11 reads the program stored in the R0M 12 or the magnetic disk 21 to the semiconductor memory 24, stores the program in the storage unit 18, and loads the program from the storage unit 18 to the RAM I3. By executing the program, a series of processing described later is realized.
- the RAM I3 also stores data necessary for the CPU 11 to execute various processes, etc., as appropriate.
- the client terminal 3 Since the client terminal 3 is configured in the same manner as the content server 1 shown in FIG. 2, its illustration and description are omitted.
- FIG. 3 shows a first configuration example of a function block constituting each of the content sales server 1 and the client terminal 3.
- the communication function unit 31 of the content sales server 1 communicates various data with the client terminal 3 via the Internet 2 based on control from the management function unit 32.
- the management function unit 32 executes a process corresponding to various data from the client terminal 3 input via the communication function unit 31.
- the billing function unit 33 executes a billing process for the client based on the control from the management function unit 32.
- the encryption function unit 34 encrypts and decrypts various data using a secret key shared with the client terminal 3 based on control from the management function unit 32.
- the communication function unit 41 of the client terminal 3 communicates various data with the content sales server 1 via the Internet 2 under the control of the management function unit 42.
- the management function unit 42 executes processing corresponding to various data from the content sales server 1 input via the communication function unit 41.
- the random number generation function unit 43 generates a random number under the control of the management function unit 42.
- the encryption function unit 44 performs encryption and decryption of various data using a secret key shared with the content sales server 1 based on the control from the management function unit 42.
- the storage function unit 45 stores various data based on control from the management function unit 42.
- the signal processing function unit 46 generates a predetermined signal based on the control from the management function unit 32.
- the encryption function unit 34 constituting the content sales server 1 and the management function unit 42 to the storage function unit 45 constituting the client terminal 3 are composed of a malicious client. It does not output any information it holds (eg, encryption keys, generated random numbers, stored values, etc.) in response to any operation from the client.
- the storage function unit 45 of the client terminal 3 has already been downloaded from the content sales server 1 via the Internet 2 and is not in a usable state. Is stored. It is assumed that the encryption function unit 34 of the content sales server 1 and the encryption function unit 44 of the client terminal 3 have a common secret key (used for encryption and decryption). However, instead of having a common secret key, a public key may be assigned to both parties, and AKE may be performed to share the secret key. It is also assumed that the charging function unit 33 of the content sales server 1 has already been supplied with information (for example, a credit card number or the like) regarding the charging of the client.
- step S1 the management function unit 42 of the client terminal 3 controls the random number generation function unit 43 to generate a positive integer random number in order to determine the number of repetitions REP.
- step S2 the management function part 42 generates a random number N0N1 in the random number generation function part 43 and stores it in the storage function part 45. Further, the management function unit 42 generates a signal TAG 1 to the signal processing function unit 46. It is assumed that the generated signal TAG 1 can be recognized by the management function unit 32 of the content sales server 1.
- step S3 the management function unit 4 2 controls the encryption function unit 4 4 to encrypt the signal TAG 1 and the random number N0N 1 (for example, by adding both), and the communication function unit 4 1 Then, an encrypted data string is transmitted to the content sales server 1 via the Internet 2.
- step S11 the communication function unit 31 of the content sales server 1 receives the encrypted data string and outputs it to the management function unit 32.
- the logical function unit 32 causes the cryptographic function unit 34 to decrypt the encrypted data string.
- the management function unit 32 controls the communication function unit 31 in step S 12 without performing the billing process and includes the signal TAG 1 in the decoding result.
- the client terminal 3 is sent a random number N0N 1 that has been set.
- step S4 the communication function unit 41 of the client terminal 3 receives the reply from the content sales server 1 and outputs it to the management function unit 42.
- the management function unit 42 checks whether the random number N0N1 included in the reply is the same as the one stored in the storage function unit 45, and only if it can confirm that the random number N0N1 is the same, Continue processing. On the other hand, if it cannot be confirmed that they are the same, there is a possibility that some malicious operation has been performed by a malicious client or the like, and the subsequent processing is interrupted.
- the management function part 42 repeats the processing of steps S 3 and S 4 described above (the processing enclosed by the broken line in the figure) by the number of repetitions REP, and then stores the result in the storage function part 45 in step S 5 Digital content that is not in a usable state is set to a usable state. That is, the digital content stored in the storage function unit 45 is validated. More specifically, for example, it decodes a symbol applied to digital content, initializes the number of use restrictions set to 0 to a predetermined value, or sets a predetermined flag.
- step S6 the management function unit 42 of the client terminal 3 generates a random number N0N2 in the random number generation function unit 43 and stores it in the storage function unit 45. Further, the management function unit 42 generates a signal TAG 2 to the signal processing function unit 46.
- the generated signal TAG 2 can be recognized by the management function unit 32 of the content sales server 1. That is, the management function unit 32 of the content sales server 1 needs to be able to distinguish at least the signals TAG1 and TAG2.
- step S7 the management function unit 42 controls the signal function unit 44 to encrypt the signal TAG 2 and the random number N0N 2 (for example, by adding both), and The part 41 transmits the encrypted data string to the content sales server 1 via the Internet 2.
- step S13 the communication function unit 31 of the content sales server 1 receives the encrypted data string and outputs it to the management function unit 32.
- the management function unit 32 causes the encryption function unit 34 to decrypt the encrypted data string.
- the accounting function section 33 is controlled to set the accounting for the client. Further, in step S 15, the communication function section 3 1 Is controlled, and the random number N0N2 included in the decryption result is returned to the client terminal 3.
- step S8 the communication function unit 41 of the client terminal 3 receives the reply from the content sales server 1 and outputs it to the management function unit 42.
- the management function unit 42 checks whether the random number N0N2 included in the reply is the same as the one stored in the storage function unit 45, and if it can confirm that it is the same, the processing up to this point It is determined that the operation has been completed normally, and this interoperation ends. Conversely, if it cannot be confirmed that they are the same, there is a possibility that some kind of unauthorized operation has been performed. For example, a malicious client may invalidate the digital content that was enabled in step S5. Make digital content unavailable.
- the number of times REP at which the processing of steps S3 and S4 is repeated is determined by a random number, so that the timing at which the processing of step S5 is performed, that is, The timing at which content is activated can be prevented from being grasped by a malicious client.
- FIG. 5 shows a second configuration example of the function blocks configuring each of the content sales server 1 and the client terminal 3.
- the communication function unit 51 of the content sales server 1 communicates various data with the client terminal 3 via the Internet 2 based on control from the management function unit 52.
- the management function unit 52 executes a process corresponding to various data from the client terminal 3 input via the communication function unit 51.
- the storage function unit 53 stores various data based on the control from the management function unit 52.
- the random number generation function unit 54 generates a random number under the control of the management function unit 52.
- the encryption function unit 55 encrypts and decrypts various data using a secret key shared with the client terminal 3 based on the control from the management function unit 52.
- the charging function unit 56 executes a charging process for the client based on the control from the management function unit 52.
- the communication function unit 61 of the client terminal 3 communicates various data with the content sales server 1 via the Internet 2 under the control of the management function unit 62.
- the management function unit 62 executes processing corresponding to various data from the content sales server 1 input via the communication function unit 61.
- the encryption function unit 63 encrypts and decrypts various data using a secret key shared with the content sales server 1 based on the control from the management function unit 62.
- the storage function unit 64 stores various data based on control from the management function unit 62.
- the signal processing function unit 65 executes a predetermined process based on the control from the management function unit 62.
- management function unit 52 to the billing function unit 56 constituting the content sales server 1 and the management function unit 62 to the storage function unit 64 constituting the client terminal 3 perform any operation from a malicious client or the like. It does not output any information that it holds (for example, encryption keys, generated random numbers, stored values, etc.).
- the storage function unit 64 of the client terminal 3 has already been downloaded from the content sales server 1 via the Internet 2. It is assumed that downloaded digital contents to which rights data is not added (digital contents that are not usable) are stored. It is also assumed that the encryption function unit 55 of the content sales server 1 and the encryption function unit 63 of the client terminal 3 have a common secret key used for encryption processing and decryption processing. However, instead of having a common secret key, a public key may be assigned to both parties, and AKE may be performed to share the secret key. It is also assumed that the charging function unit 56 of the content sales server 1 has already been supplied with information relating to client charging (for example, a credit card number).
- step S31 the management function unit 62 of the client terminal 3 causes the signal processing function unit 65 to generate a request for right data corresponding to the digital content that has already been acquired, and causes the encryption function unit 63 to encrypt the request.
- the communication function unit 61 is controlled and transmitted to the content sales server 1.
- the management function unit 52 controls the random number generation function unit 54 to determine the number of repetitions REP and outputs a positive integer. Generate random numbers.
- the management function unit 52 generates a random number (hereinafter, described as dummy data) in the random number generation function unit 54 as a dummy of the right data, and stores it in the storage function unit 45.
- the management function unit 52 causes the encryption function unit 55 to decode the dummy data, and causes the communication function unit 51 to transmit the encrypted dummy data to the client terminal 3.
- step S32 the management function unit 62 causes the encryption function unit 62 to decrypt the encrypted dummy data, and the storage function unit 6 4 To memorize. At this stage, the client terminal 3 has not been able to determine whether the acquired data is dummy data or true right data.
- step S33 the management function unit 33 causes the signal processing function unit 65 to generate a request for the right data again, and causes the encryption function unit 63 to execute the decryption result. (Dummy data in this case) is encrypted, and the communication function unit 61 is controlled to be transmitted to the content sales server 1.
- step S44 the management function unit 52 determines that the data received with the request for the right data is the same as the dummy data stored in the storage function unit 53. Check if they are the same, and only if they are the same, continue the subsequent processing. Conversely, if it cannot be confirmed that they are the same, there is a possibility that some malicious operation has been performed by a malicious client or the like, and the subsequent processing is interrupted.
- the management function unit 52 repeats the processing of steps S42 to S44 described above (the processing surrounded by a broken line in the figure) by the number of repetitions REP, and then in step S45, the storage function unit The true right data stored in 53 is read out, and the encrypted right data is transmitted to the client terminal 3 by the encryption function unit 55 and decrypted by the communication function unit 51.
- step S34 the management function unit 62 causes the encryption function unit 62 to decrypt the encrypted rights data, and stores it in the storage function unit 64.
- the management function unit 62 controls the communication function unit 61 to transmit the request for the right data together with the decryption result (right data in this case) to the content sales server 1 again. .
- step S46 the management function unit 52 determines that the data received with the request for the rights data is the same as the rights data stored in the storage function unit 53. And confirm that they are the same. Only after that, the subsequent processing is continued. Conversely, if it cannot be confirmed that they are the same, there is a possibility that some malicious operation has been performed by a malicious client or the like, and the subsequent processing is interrupted.
- step S47 the management function unit 52 controls the charging function unit 56 to set charging for the client.
- step S48 the management function unit 52 controls the communication function unit 61 to notify the client terminal 3 that a series of processing on the content sales server 1 is completed.
- step S36 the management function unit 62 of the client terminal 3 confirms completion of a series of processes on the content sales server 1 side, and ends the process on the client terminal 3 side.
- the number of times REP at which the processes of steps S42 to S44 are repeated is determined by a random number, so that the timing at which the process of step S45 is performed, It is possible to prevent the timing at which the true rights data is transmitted from being grasped by a malicious client. Further, since the communication between the client terminal 3 and the content sales server 1 is encrypted, it is possible to prevent a malicious client from switching data strings on the Internet 2.
- steps for describing a program recorded on a recording medium are not limited to processing performed in chronological order according to the order described, but are not necessarily performed in chronological order. It also includes the processing executed in Also, in this specification, a system refers to an entire device including a plurality of devices.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Business, Economics & Management (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Finance (AREA)
- Technology Law (AREA)
- Multimedia (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Abstract
Description
Claims
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/484,583 US20040172556A1 (en) | 2002-06-20 | 2003-05-26 | Data communication system, information processing device and method, recording medium and program |
KR10-2004-7002055A KR20050010745A (ko) | 2002-06-20 | 2003-05-26 | 데이터통신시스템, 정보처리장치와 방법, 기록매체, 및프로그램 |
EP03760864A EP1515476A4 (en) | 2002-06-20 | 2003-05-26 | DATA COMMUNICATION SYSTEM, INFORMATION PROCESSING DEVICE AND METHOD, RECORDING MEDIUM, AND PROGRAM THEREOF |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2002180126A JP3862074B2 (ja) | 2002-06-20 | 2002-06-20 | データ通信システム、情報処理装置および方法、並びにプログラム |
JP2002/180126 | 2002-06-20 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2004002059A1 true WO2004002059A1 (ja) | 2003-12-31 |
Family
ID=29996594
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2003/006506 WO2004002059A1 (ja) | 2002-06-20 | 2003-05-26 | データ通信システム、情報処理装置および方法、記録媒体、並びにプログラム |
Country Status (6)
Country | Link |
---|---|
US (1) | US20040172556A1 (ja) |
EP (1) | EP1515476A4 (ja) |
JP (1) | JP3862074B2 (ja) |
KR (1) | KR20050010745A (ja) |
CN (1) | CN100349401C (ja) |
WO (1) | WO2004002059A1 (ja) |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101147182B (zh) * | 2005-03-31 | 2010-09-01 | 松下电器产业株式会社 | 数据加密装置及数据加密方法 |
JP4760101B2 (ja) * | 2005-04-07 | 2011-08-31 | ソニー株式会社 | コンテンツ提供システム,コンテンツ再生装置,プログラム,およびコンテンツ再生方法 |
KR100753829B1 (ko) | 2005-12-08 | 2007-08-31 | 한국전자통신연구원 | 콘텐츠 보호 기능을 갖는 모바일 리더 및 콘텐츠 서버와 그방법 |
JP4663525B2 (ja) * | 2006-01-06 | 2011-04-06 | 株式会社日立製作所 | 情報処理方法、情報処理装置、及びプログラム |
US20080046731A1 (en) * | 2006-08-11 | 2008-02-21 | Chung-Ping Wu | Content protection system |
US20090157747A1 (en) * | 2007-12-13 | 2009-06-18 | International Business Machines Corporation | Administering A Digital Media File Having One Or More Potentially Offensive Portions |
EP2817917B1 (en) * | 2012-02-20 | 2018-04-11 | KL Data Security Pty Ltd | Cryptographic method and system |
KR102324356B1 (ko) | 2015-10-05 | 2021-11-11 | 한국전자통신연구원 | 메시지를 전송하는 장치 및 그 방법 |
JP6971127B2 (ja) * | 2017-11-13 | 2021-11-24 | 株式会社日立製作所 | 端末およびブロックチェーンシステム |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPS62118471A (ja) * | 1985-11-19 | 1987-05-29 | Nec Corp | 課金装置 |
JPH0818552A (ja) * | 1994-04-28 | 1996-01-19 | Nippon Telegr & Teleph Corp <Ntt> | 暗号鍵配送システムおよび方法 |
JPH08263437A (ja) * | 1995-02-13 | 1996-10-11 | Shiyuuki Koreeda | 承認システム及び承認方法 |
Family Cites Families (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5365225A (en) * | 1989-05-18 | 1994-11-15 | Siemens Aktiengesellschaft | Transmitter-receiver system with (re-)initialization |
ZA931077B (en) * | 1992-03-05 | 1994-01-04 | Qualcomm Inc | Apparatus and method for reducing message collision between mobile stations simultaneously accessing a base station in a cdma cellular communications system |
JPH0761072B2 (ja) * | 1993-02-26 | 1995-06-28 | 日本電気株式会社 | 衛星通信システム |
US5651066A (en) * | 1994-04-28 | 1997-07-22 | Nippon Telegraph And Telephone Corporation | Cipher key distribution system effectively preventing illegitimate use and charging of enciphered information |
WO1997045817A1 (en) * | 1996-05-24 | 1997-12-04 | Eduard Karel De Jong | System with and method of cryptographically protecting communications |
CN1224909C (zh) * | 1998-10-16 | 2005-10-26 | 松下电器产业株式会社 | 数字作品保护系统 |
JP2001016195A (ja) * | 1999-04-27 | 2001-01-19 | Matsushita Electric Ind Co Ltd | 情報利用制御装置 |
WO2001031461A1 (fr) * | 1999-10-25 | 2001-05-03 | Sony Corporation | Systeme fournisseur de contenu |
US6981262B1 (en) * | 2000-06-27 | 2005-12-27 | Microsoft Corporation | System and method for client interaction in a multi-level rights-management architecture |
AU2002254548A1 (en) * | 2001-04-07 | 2002-10-21 | Telehublink Coporation | Methods and systems for securing information communicated between communication devices |
US6917974B1 (en) * | 2002-01-03 | 2005-07-12 | The United States Of America As Represented By The Secretary Of The Air Force | Method and apparatus for preventing network traffic analysis |
KR100464370B1 (ko) * | 2002-02-22 | 2005-01-03 | 삼성전자주식회사 | 라인 인터페이스 장치에서 전송 모드 자동 설정 방법 |
-
2002
- 2002-06-20 JP JP2002180126A patent/JP3862074B2/ja not_active Expired - Fee Related
-
2003
- 2003-05-26 EP EP03760864A patent/EP1515476A4/en not_active Withdrawn
- 2003-05-26 WO PCT/JP2003/006506 patent/WO2004002059A1/ja active Application Filing
- 2003-05-26 CN CNB038008998A patent/CN100349401C/zh not_active Expired - Fee Related
- 2003-05-26 KR KR10-2004-7002055A patent/KR20050010745A/ko not_active Application Discontinuation
- 2003-05-26 US US10/484,583 patent/US20040172556A1/en not_active Abandoned
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPS62118471A (ja) * | 1985-11-19 | 1987-05-29 | Nec Corp | 課金装置 |
JPH0818552A (ja) * | 1994-04-28 | 1996-01-19 | Nippon Telegr & Teleph Corp <Ntt> | 暗号鍵配送システムおよび方法 |
JPH08263437A (ja) * | 1995-02-13 | 1996-10-11 | Shiyuuki Koreeda | 承認システム及び承認方法 |
Also Published As
Publication number | Publication date |
---|---|
US20040172556A1 (en) | 2004-09-02 |
JP2004023751A (ja) | 2004-01-22 |
CN100349401C (zh) | 2007-11-14 |
KR20050010745A (ko) | 2005-01-28 |
JP3862074B2 (ja) | 2006-12-27 |
EP1515476A1 (en) | 2005-03-16 |
CN1547825A (zh) | 2004-11-17 |
EP1515476A4 (en) | 2009-01-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2267628B1 (en) | Token passing technique for media playback devices | |
US8181266B2 (en) | Method for moving a rights object between devices and a method and device for using a content object based on the moving method and device | |
US20100153273A1 (en) | Systems for performing transactions at a point-of-sale terminal using mutating identifiers | |
TW486902B (en) | Method capable of preventing electronic documents from being illegally copied and its system | |
CN110502887A (zh) | 电子支付方法和装置 | |
KR20100016579A (ko) | 크리덴셜 배포를 위한 시스템 및 방법 | |
TW200903297A (en) | Updating cryptographic key data | |
KR20010052796A (ko) | 정보 처리 장치 및 방법, 및 제공 매체 | |
CN109474420A (zh) | 一种私钥备份方法和相关设备 | |
CN108199847A (zh) | 数字安全处理方法、计算机设备及存储介质 | |
WO2004002059A1 (ja) | データ通信システム、情報処理装置および方法、記録媒体、並びにプログラム | |
KR101728163B1 (ko) | 무선 통신 네트워크를 통한 카드 결제 서비스 시스템 및 그방법과 카드 결제 서비스 기능을 갖춘 이동통신 단말기 | |
JPH1023548A (ja) | 携帯型通信装置及び携帯型記憶装置 | |
JPWO2008132968A1 (ja) | データ保管方法、クライアント装置、記憶装置及びプログラム | |
KR100737173B1 (ko) | 일회용 암호 발생기 및 일회용 암호 발생기를 이용한 인증장치 | |
JP2002149061A (ja) | レンタルコンテンツ流通システムおよびその方法 | |
JP2001069133A (ja) | 情報処理方法及びその装置 | |
CN114285632B (zh) | 一种区块链数据传输方法、装置和设备及可读存储介质 | |
JP4813278B2 (ja) | 端末装置及び履歴サービス利用方法及び履歴サービス利用プログラム及びサーバ装置及び履歴サービス提供システム | |
JP2003309552A (ja) | 携帯端末による電子証明書の管理システム | |
JP2006260589A (ja) | データ通信システム、情報処理装置および方法、並びにプログラム | |
EP1394654B1 (en) | A method and apparatus for securely accessing data or functionality of a device | |
CN112202553B (zh) | 数据传输方法、系统、电子设备和存储介质 | |
JP2008306685A (ja) | セキュリティ情報設定システム、そのマスタ端末、一般端末、プログラム | |
TW202410662A (zh) | 加密傳輸系統及加密傳輸方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): CN KR US |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR |
|
WWE | Wipo information: entry into national phase |
Ref document number: 10484583 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1020047002055 Country of ref document: KR |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2003760864 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 20038008998 Country of ref document: CN |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWP | Wipo information: published in national office |
Ref document number: 2003760864 Country of ref document: EP |