WO2014030283A1 - 署名検証情報の伝送方法、情報処理装置、情報処理方法および放送送出装置 - Google Patents
署名検証情報の伝送方法、情報処理装置、情報処理方法および放送送出装置 Download PDFInfo
- Publication number
- WO2014030283A1 WO2014030283A1 PCT/JP2013/003894 JP2013003894W WO2014030283A1 WO 2014030283 A1 WO2014030283 A1 WO 2014030283A1 JP 2013003894 W JP2013003894 W JP 2013003894W WO 2014030283 A1 WO2014030283 A1 WO 2014030283A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- application
- broadcast
- information
- information processing
- data
- Prior art date
Links
- 230000010365 information processing Effects 0.000 title claims abstract description 99
- 238000000034 method Methods 0.000 title claims abstract description 61
- 230000005540 biological transmission Effects 0.000 title claims description 20
- 238000010200 validation analysis Methods 0.000 title abstract description 5
- 238000003672 processing method Methods 0.000 title description 4
- 238000012545 processing Methods 0.000 claims abstract description 26
- 238000012795 verification Methods 0.000 claims description 53
- 238000010586 diagram Methods 0.000 description 19
- 238000005516 engineering process Methods 0.000 description 10
- 230000008569 process Effects 0.000 description 9
- 238000004891 communication Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 8
- 238000012544 monitoring process Methods 0.000 description 8
- 238000004422 calculation algorithm Methods 0.000 description 7
- 238000009877 rendering Methods 0.000 description 6
- 238000013515 script Methods 0.000 description 5
- 230000008859 change Effects 0.000 description 4
- 230000005236 sound signal Effects 0.000 description 4
- 230000007704 transition Effects 0.000 description 4
- 230000004913 activation Effects 0.000 description 3
- 239000000284 extract Substances 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 238000010606 normalization Methods 0.000 description 3
- 230000007257 malfunction Effects 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3265—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/23—Processing of content or additional data; Elementary server operations; Server middleware
- H04N21/236—Assembling of a multiplex stream, e.g. transport stream, by combining a video stream with other content or additional data, e.g. inserting a URL [Uniform Resource Locator] into a video stream, multiplexing software data into a video stream; Remultiplexing of multiplex streams; Insertion of stuffing bits into the multiplex stream, e.g. to obtain a constant bit-rate; Assembling of a packetised elementary stream
- H04N21/23614—Multiplexing of additional data and video streams
- H04N21/23617—Multiplexing of additional data and video streams by inserting additional data into a data carousel, e.g. inserting software modules into a DVB carousel
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/254—Management at additional data server, e.g. shopping server, rights management server
- H04N21/2541—Rights Management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2115—Third party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
Definitions
- the present technology relates to a method for transmitting signature verification information, an information processing apparatus, an information processing method, and a broadcast transmission apparatus.
- Hybrid Broadcast Broadband TV Hybrid Broadcast Broadband TV
- ETSI TS 102 796 ETSI TS 102 796
- the life cycle from the start to the end of the application is based on a data structure called an AIT section (Application Information Table) superimposed on the broadcast content.
- AIT section Application Information Table
- the information terminal that has acquired the AIT section controls the application based on the application control code included in the AIT section.
- XML-AIT described in the XML format as an optimal format for providing information related to the application to the receiver using a communication network such as the Internet, which has information equivalent to the broadcast AIT section.
- ETSI European Telecommunications Standards Institute
- ETSI TS 102-796 V1.1.1 (2010-06) http://www.etsi.org/deliver/etsi_ts/102700_102799/102796/01.01.01_60/ts_102796v010101p.pdf (2011) (October 21) Japan Radio Industry Association “Application Execution Environment for Digital Broadcasting Standard ARIBARISTD-B23 1.2 Edition” http://www.arib.or.jp/english/html/overview/doc/2-STD-B23v1_2.pdf (October 21, 2011)
- An object of the present technology is to provide a signature verification information transmission method, information processing apparatus, and information that can improve the quality of service using an application that can process broadcast data and an application information table that manages the operation of the application. It is to provide a processing method and a broadcast transmission apparatus.
- the signature verification information transmission method manages an application capable of processing the first data to be transmitted and broadcast to the information processing apparatus through the network and the operation of the application.
- the verification information for verifying the electronic signature attached to one of the application information tables is transmitted by the data carousel method.
- the verification information may be transmitted in a root certificate descriptor.
- a value indicating transmission of the verification information may be stored as a value of root_certificate_type in the root certificate descriptor.
- the verification information is stored in a predetermined storage area among the storage areas in which the public key certificate for data broadcasting can be transmitted in the root certificate descriptor, and the root certificate description Flag information indicating that the verification information is transmitted may be arranged in the child.
- An information processing device includes an acquisition unit that acquires an application that can process first broadcast data and an application information table that manages the operation of the application, and the acquired information
- a controller used for verifying an electronic signature attached to one of the application and the application information table and acquiring verification data transmitted in a data carousel and verifying the electronic signature.
- the acquisition unit acquires the application that can process the first data to be broadcast and the application information table that manages the operation of the application through the network. It is used for verification of an electronic signature attached to one of the acquired application and the application information table, and verification data transmitted in a data carousel is acquired to verify the electronic signature.
- a broadcast transmission apparatus is either an application capable of processing first data transmitted and broadcast to an information processing apparatus through a network, or an application information table for managing the operation of the application.
- a transmission unit that transmits verification information for verifying the electronic signature attached to the data in a data carousel method.
- FIG. 5 is a diagram illustrating a specific example of an application identification descriptor created using the XML schema of FIGS. 3 and 4. It is a figure which shows the definition of the application control code stored in XML-AIT. It is a block diagram which shows the structure of the information processing apparatus in the system of FIG. FIG.
- FIG. 2 is a sequence diagram showing a flow of exchange among a broadcasting station, an application server, an XML-AIT server, and an information processing apparatus in the system of FIG. It is a flowchart which shows the process sequence of the information processing apparatus in the system of FIG. It is a flowchart which shows operation
- FIG. 10 is a sequence diagram illustrating a flow of exchange among a broadcasting station, an application server, an XML-AIT server, and an information processing apparatus in the information processing system according to the second embodiment. It is a flowchart which shows the process sequence of the information processing apparatus of 2nd Embodiment. It is a figure for demonstrating the production
- FIG. 1 is a diagram illustrating an overview of an information processing system according to the present embodiment.
- the information processing system 1 includes a broadcasting station 100, a first network 200 such as the Internet, an application server 300, an XML-AIT server 400, an edge router 500, and a LAN (Local Area Network). It has a second network 600 and an information processing apparatus 700 as a broadcast receiver.
- the broadcasting station 100 transmits a digital broadcast signal via a communication medium such as a terrestrial wave, a satellite wave, and an IP (Internet Protocol) network.
- the broadcast station 100 transmits a so-called broadcast stream in which an AV stream in which transport streams such as video, audio, and subtitles are multiplexed and data associated with the AV stream are superimposed.
- Data accompanying the AV stream includes markup languages such as HTML and BML.
- the application server 300 is connectable to the first network 200, and provides the information processing apparatus 700 through the first network 200 with a broadcast-unlinked application that is not directly related to broadcasting.
- Broadcast non-linked applications are applications created by a person other than the creator of the broadcast resource, such as acquiring and presenting various types of broadcast resources such as video, audio, subtitles, SI information, and data broadcasts from the broadcast. Although the process can be performed, it is desirable to require a certain authentication as to whether or not the broadcast resource may actually be accessed.
- the XML-AIT server 400 is connectable to the first network 200, and the XML-AIT (for managing broadcast-unlinked applications provided from the application server 300 to the information processing apparatus 700 through the first network 200.
- Extensible (Markup) (Language-Application (Information) Table).
- the application server 300 and the XML-AIT server 400 may be a single server.
- Each of the application server 300 and the XML-AIT server 400 includes a CPU, a main memory, a data storage device, a user interface, and the like, and has a configuration as a typical computer.
- the edge router 500 is a router for connecting the first network 200 and the second network 600.
- the second network 600 may be wired or wireless.
- the information processing apparatus 700 is, for example, a personal computer, a mobile phone, a smartphone, a television device, a game machine, a tablet terminal, an audio / video playback device, or the like, but the product form is not specifically limited.
- the information processing apparatus 700 receives a digital broadcast signal from the broadcast station 100 and demodulates it to obtain a transport stream.
- the information processing apparatus 700 separates a broadcast stream from the transport stream, decodes and decodes the stream and connects to the information processing apparatus 700, a speaker unit (not shown), and a recording device (not shown). Output).
- Each of the display unit, the speaker unit, and the recording device may be integrated with the information processing device 700, or may be connected to the information processing device 700 directly or via the second network 600 as an independent device. Also good. Alternatively, a device (not shown) having a display unit and a speaker unit may be connected to the information processing apparatus 700 directly or via the second network 600.
- the information processing apparatus 700 can acquire an XML-AIT file from the XML-AIT server 400, interpret it, obtain a broadcast-unlinked application from the application server 300, and perform control such as activation.
- Non-broadcasting application a supplementary explanation of the broadcast-unlinked application will be given.
- the broadcast-unlinked application is provided from the application server 300 to the information processing apparatus 700.
- Non-broadcasting applications consist of, for example, HTML (Hyper Text Markup Language) documents, BML documents (Broadcast Markup Language), MHEG documents (Multimedia and Hypermedia information coding), Java (registered trademark) scripts, still image files, video files, etc. Is done.
- An electronic signature for detecting tampering is attached to a broadcast-unlinked application.
- an XML signature is used as the electronic signature.
- the format of the XML signature includes an detached signature independent of the entity of the broadcast non-linked application, an enveloping signature having a format including the entity of the broadcast non-linked application, and an envelope signature of the format included in the entity of the broadcast non-linked application. It doesn't matter which one.
- the application controller 708 of the information processing apparatus 700 verifies the XML signature in accordance with a core validation procedure including reference validation and signature validation.
- Reference verification is a method in which a digest value (DigestValue) of a reference (Reference) is verified by applying a normalization transformation process (Transform) and a digest calculation algorithm (DigestMethod) to a resource (application entity). The result obtained by the reference verification is compared with the registered digest value (DigestValue). If they do not match, the verification fails.
- SignatureInfo signature information
- CanonicalizationMethod XML normalization algorithm
- KeyInfo key information
- SignatureMethod a signature algorithm
- the application creator requests the broadcasting station 100 to authenticate the pair of the broadcast non-linkage application and the XML-AIT in order to attach the electronic signature to the broadcast non-linkage application.
- the broadcast station 100 scrutinizes the contents of the broadcast-unlinked application and XML-AIT pair, and if there is no problem, responds to the application creator with the broadcast-unlinked application with an electronic signature attached.
- the broadcasting station 100 transmits a broadcasting station public key certificate including a public key necessary for verification of an electronic signature through a broadcast channel accessed by the broadcast-unlinked application or a data carousel corresponding to an event (program). .
- FIG. 2 is a diagram showing the data structure of the XML-AIT according to this embodiment.
- XML-AIT includes an application name, an application identifier, an application descriptor, an application type, an application control code 21, a visibility of an application, a flag indicating whether it is valid only in the current service, an application priority, Application version, version according to platform profile, icon, performance of storage function, transport protocol descriptor, application location descriptor, application boundary descriptor, application specific descriptor, application usage descriptor, application mode descriptor, The application identification descriptor 23 and the like are stored.
- 3 and 4 are diagrams showing examples of XML schemas that define the logical structure of the application identification descriptor 23 (ApplicationIdDescriptor).
- an ApplicationIdDescriptor element is declared as a complexType element.
- a grant_aplication_access_flag element is declared as an affiliate element, a terrestrial_broadcaster element, a broadcaster element, and an event element.
- the ApplicationIdDescriptor element is an element that stores the consent application access flag.
- the acceptance application access flag takes one of the values “0” and “1”.
- the acceptance application access flag is “0”
- the content described in the application identification descriptor 23 is interpreted as a condition (black list) in which simultaneous presentation with the application is prohibited.
- the acceptance application access flag is “1”
- the content described in the application identification descriptor 23 is interpreted as a condition (white list) permitting simultaneous presentation with the application.
- affiliation element there are elements that declare the name and type of the affiliation_name element that stores the name of the broadcast affiliate, elements that declare the name and type of the attribute that stores the identifier (id) of the broadcast affiliate, It has an element indicating another element that defines the structure of the resource permission information (resouce_permission) of the broadcasting affiliated station as a reference destination.
- the terrestrial_broadcaster element is an element that declares the name and type of the terrestrial_broadcaster_name element that stores the name of the terrestrial digital broadcasting station and the attribute name and type that stores the identifier (id) of the terrestrial digital broadcasting station. And another element that defines the structure of the resource permission information (resouce_permission) of the terrestrial digital broadcasting station as a reference destination.
- the name of the broadcaster_name element that stores the name of the BS / CS broadcast station and the element that declares the type, and the name and type of the attribute that stores the identifier (id) of the BS / CS broadcast station are included. It has an element to declare and another element that defines the structure of the resource permission information (resouce_permission) of the BS / CS broadcast station as a reference destination.
- the event element has an element indicating the reference destination of another element (attributeGroup_name element) defining the structure of information for designating an event under the event element.
- the attributeGroup_name element includes an event_name element name for storing the name of the event and an element for declaring its type, a network_id attribute name for storing the network ID and an element for defining the type, and a transport stream ID.
- the network_id attribute, the transport_stream_id attribute, and the service_id attribute are information for identifying a channel.
- a resource_permission element is declared as an element of another complexType.
- the resouce_permission element includes an element that defines the name and type of the access_permission element that stores access permission information, an element that defines the name and type of the rendering_permission element that stores rendering permission information, and resource permission information ( resouce_permission) has an element that declares the name and type of the attribute that stores the identifier (id).
- FIG. 5 is a diagram showing a specific example of the application identification descriptor 23 created using the XML schema of FIGS. 3 and 4.
- the specific example of the application identification descriptor 23 shows a case where the resource permission information is designated as a white list for the broadcast station series and the broadcast unit of the BS / CS broadcast station.
- “1” is specified as the acceptance application access flag
- the identifier is “00000001”
- the name is “affiliation_A”
- the identifier is “01”
- the access permission information (access_permission) value is “10”.
- “, Resource permission information (resouce_permission) having a rendering permission information (rendering_permission) value of“ 20 ” is designated.
- the access permission information (access_permission) value is “30”, and the rendering permission information (rendering_permission) value.
- Resource permission information (resouce_permission) with "40" is specified.
- the meaning assigned to the value of the access permission information (access_permission) and the value of the rendering permission information (rendering_permission) is arbitrarily determined in the service.
- the life cycle of the application is dynamically controlled by the information processing apparatus 700 based on the application control code 21 stored in the XML-AIT.
- FIG. 6 is a diagram showing the definition of the application control code 21 stored in the XML-AIT. As shown in the figure, “AUTOSTART”, “PRESENT”, “DESTROY”, “KILL”, “PREFETCH”, “REMOTE”, “DISABLED”, “PLAYBACK_AUTOSTART” exist in the standard as application control codes. . The definitions of these application control codes are as follows.
- AUTOSTART is a code for instructing to automatically start an application in accordance with selection of a service. This is not the case if the application is already running.
- PRESENT is a code for instructing that the application be executable while the service is selected. However, the target application is not automatically activated in accordance with the selection of the service, but is activated in response to an activation instruction from the user.
- DESTROY is a code for instructing permission to end the application.
- KILL is a code for instructing the forced termination of the application.
- PREFETCH is a code for instructing application caching.
- REMOTE is a code indicating that the application cannot be acquired with the current transport stream. The application can be acquired from another transport stream or cache and used.
- DISABLED is a code indicating that the activation of the application is prohibited.
- PLAYBACK_AUTOSTART is a code for starting an application along with reproduction of broadcast content recorded in the storage (recording device).
- FIG. 7 is a block diagram showing the configuration of the information processing apparatus 700 of this embodiment.
- the information processing apparatus 700 includes a broadcast interface 701, a demultiplexer 702, an output processing unit 703, a video decoder 704, an audio decoder 705, a caption decoder 706, a communication interface 707 (acquisition unit), and an application controller 708 (controller).
- the broadcast interface 701 includes an antenna and a tuner, and receives a digital broadcast signal selected by the user using these.
- the broadcast interface 701 outputs a transport stream obtained by performing demodulation processing or the like on the received digital broadcast signal to the demultiplexer 702.
- the demultiplexer 702 separates the broadcast content stream packet, application packet, and AIT section packet from the transport stream.
- the demultiplexer 702 separates the video ES (Elementary Stream), the audio ES, and the caption ES from the stream packet of the broadcast content.
- the demultiplexer 702 includes PSI / SI (Program Specific Information / Service Information) including video ES to the video decoder 704, audio ES to the audio decoder 705, subtitle ES to the subtitle decoder 706, and application packet and AIT section. Are distributed to the application controller 708 respectively.
- PSI / SI Program Specific Information / Service Information
- the video decoder 704 decodes the video ES to generate a video signal, and outputs the generated video signal to the output processing unit 703.
- the audio decoder 705 decodes the audio ES to generate an audio signal, and outputs the generated audio signal to the output processing unit 703.
- the caption decoder 706 decodes the caption ES to generate a caption signal, and outputs the generated caption signal to the output processing unit 703.
- the broadcast interface 701, the demultiplexer 702, the output processing unit 703, the video decoder 704, the audio decoder 705, and the caption decoder 706 are broadcast processing units that receive and process broadcast content.
- the communication interface 707 is an interface for communicating with an external device through the second network 600 such as a LAN.
- the communication interface 707 may be wireless communication or wired communication.
- Application controller 708 is a controller that performs processing related to application control.
- the output processing unit 703 combines the video signal from the video decoder 704, the audio signal from the audio decoder 705, the subtitle signal from the subtitle decoder 706, the video signal and audio signal from the application controller 708, and the like into the information processing apparatus 700.
- the data is output to a connected recording device (not shown), a display unit, and a speaker unit (not shown).
- Part or all of the configuration including at least the application controller 708 of the information processing apparatus 700 includes a computer having a CPU (Central Processing Unit) and a memory, and a program that causes the computer to function as a broadcast processing unit, an application controller 708, and the like. Can be provided.
- a computer having a CPU (Central Processing Unit) and a memory, and a program that causes the computer to function as a broadcast processing unit, an application controller 708, and the like. Can be provided.
- FIG. 8 is a sequence diagram showing a flow of exchange among the broadcasting station 100 (broadcast transmission apparatus), the application server 300, the XML-AIT server 400, and the information processing apparatus 700.
- FIG. 9 is a flowchart showing a processing procedure of the information processing apparatus 700.
- the information processing apparatus 700 displays the application launcher selected by the user using, for example, a remote controller (step S101).
- the application launcher is realized by, for example, a so-called resident application installed in the information processing apparatus 700, HTML5 (Hyper Text Markup Language 5), BML (Broadcast Markup Language) presented by an HTML browser, or the like.
- HTML5 Hyper Text Markup Language 5
- BML Broadcast Markup Language
- a menu of non-broadcasting application is displayed.
- the user can select a broadcast-unlinked application that he / she wants to start using, for example, a remote control.
- a script for causing the information processing apparatus 700 to acquire XML-AIT for the broadcast non-linked application is incorporated.
- step S102 When an arbitrary broadcast-unlinked application is selected by a user operation using the remote control on the menu of the broadcast-unlinked application displayed on the application launcher (step S102), a script corresponding to the broadcast-unlinked application is displayed. As a result, the application controller 708 of the information processing apparatus 700 acquires the XML-AIT for the broadcast-unlinked application from the XML-AIT server 400 (step S103).
- the application controller 708 of the information processing device 700 acquires a broadcast-unlinked application with an electronic signature attached from the application server 300 based on the location information of the application described in the acquired XML-AIT (step S104). Then, the acquired broadcast non-linked application is activated (step S105).
- the application controller 708 monitors a broadcast resource access request from a broadcast-unlinked application (step S106).
- the application controller 708 detects a broadcast resource access request from a broadcast-unlinked application (Y in step S107)
- the broadcast station public key certificate corresponding to this broadcast resource is stored in the memory in the information processing apparatus 700. It is checked whether it is present (step S107).
- the application controller 708 of the information processing apparatus 700 transmits the target broadcast station public key certificate in the data carousel. Wait for.
- the application controller 708 stores it in the memory (step S108).
- the application controller 708 verifies the electronic signature attached to the broadcast non-linked application being executed using the broadcast station public key certificate stored in the memory (step S110). When the digital signature fails (N in step S111), the application controller 708 sets to prohibit access to all broadcast resources by the broadcast non-linked application (step S112).
- the application controller 708 After the setting of the access prohibition or when the digital signature is successful (Y in step S111), the application controller 708 refers to the access permission information (access_permission) described in the XML-AIT, and the broadcast non-display Broadcast resources are accessed within the permitted range for the linked application (step S113). At this time, access to all broadcast resources may not be permitted. In this case, the broadcast resource is not accessed, and only the broadcast-unlinked application is displayed.
- access_permission access permission information described in the XML-AIT
- the application identification descriptor 23 shown in FIG. 5 is acquired, and the value “10” of the access permission information (access_permission) means “permit use of all broadcast resources”.
- “all broadcast resources” refers to media information of all types (video, audio, SI information, caption, data broadcast, etc.) to be broadcast.
- the broadcast resource requested to be accessed by the executed broadcast-unlinked application is a broadcast resource from a broadcast station belonging to the broadcast affiliate “affiliation_A”, the broadcast resource is accessed by the broadcast-unlinked application. Is determined to be possible.
- the broadcast resource requested to be accessed by the executed broadcast-unlinked application is a broadcast resource from a broadcast station that does not belong to the broadcast affiliate station “affiliation_A”, and broadcast other than the BS / CS broadcast station “broadcaster_B”. If it is a broadcast resource of a station, it is determined that the broadcast resource cannot be accessed by the broadcast-unlinked application.
- Step S115 the application controller 708 of the information processing apparatus 700 terminates the broadcast-unlinked application.
- the application controller 708 of the information processing apparatus 700 has a case where application control codes other than “AUTOSTART”, “DESTROY”, and “KILL” are described in the XML-AIT newly acquired during execution of the broadcast-unlinked application. After performing processing such as changing the state of the broadcast-unlinked application in accordance with the application control code (step S116), the next XML-AIT is waited for.
- an operation in which a broadcast channel is switched by a user's manual operation or the like may be performed.
- FIG. 10 is a flowchart showing an operation when a direct channel selection operation occurs.
- the application controller 708 of the information processing apparatus 700 stores a broadcast station public key certificate corresponding to the directly selected broadcast channel in a memory in the information processing apparatus 700. It is checked whether it has been done (step S202).
- the application controller 708 of the information processing apparatus 700 displays the data carousel of the broadcast channel to which the target broadcast station public key certificate is switched.
- the target broadcast station public key certificate transmitted by the data carousel is received, it is stored in the memory (step S203).
- the application controller 708 verifies the electronic signature attached to the broadcast non-linked application being executed using the broadcast station public key certificate stored in the memory (step S205). If the digital signature fails (N in step S206), the application controller 708 ends the broadcast non-linked application (step S210).
- the application controller 708 refers to the access permission information (access_permission) described in the XML-AIT, and the permitted range for the broadcast-unlinked application.
- access_permission the access permission information described in the XML-AIT
- the permitted range for the broadcast-unlinked application is accessed (step S207).
- access to all broadcast resources may not be permitted.
- the broadcast resource is not accessed, and only the broadcast-unlinked application is displayed.
- Subsequent operations are the same as the operations in FIG. 8 (operations from step S114 to step S115).
- FIG. 12 is a block diagram for explaining a mechanism for generating and verifying an electronic signature.
- the XML-AIT server 400 and the application server 300 may be one server owned by the application creator or may be separate servers.
- the XML-AIT server 400 and the application server 300 are collectively referred to as “servers”.
- the server is a device having a typical computer configuration. Therefore, it is configured by a storage device such as a CPU, a main memory, and an HDD, an input device such as a mouse and a keyboard, and a display unit such as a liquid crystal display.
- the main memory and storage device include an OS (Operating System), software such as an application program for a server, a broadcast non-linked application provided to the information processing apparatus 700, an XML-AIT file for each application, a signature generation key, and the like. Stored.
- OS Operating System
- the server has a signed application generation unit 350.
- the signed application generation unit 350 is realized by a program loaded in the main memory and a CPU that executes the program.
- the application creator requests the broadcasting station 100 to authenticate the application 351 and the XML-AIT355.
- the broadcasting station 100 examines the contents of the application 351 and the XML-AIT 355 that are subject to authentication requested by the application creator, and if there is no problem, the secret issued from the root CA 800 Of the pair of key and broadcasting station public key certificate, the secret key is set in the signature generator 356 as the signature generation key 357.
- the signature generator 356 generates a digest for the application 351 by using a signature hash function, encrypts the digest with a signature generation key (secret key) 357, and generates an XML signature 358.
- the broadcasting station 100 returns the generated XML signature 358 to the server.
- the signed application generation unit 350 adds the XML signature 358 returned from the broadcast station 100 to the application 351 to generate an application 360 with an electronic signature, and distributes the application 360 to the information processing apparatus 700.
- the application controller 708 of the information processing apparatus 700 extracts an XML signature from the application 360 with an electronic signature acquired from the server by the signature generator 753 and uses the signature verification key extracted from the broadcast station public key certificate. Verification is performed using a certain public key 754 to obtain a signature verification result 755.
- a method for transmitting a broadcast station public key certificate from the broadcast station 100 to the information processing apparatus 700 will be described.
- a method for transmitting a broadcasting station public key certificate from the broadcasting station 100 to the information processing apparatus 700 there are a dedicated module method, a data broadcasting extension method (part 1), a data broadcasting extension method (part 2), and the like.
- FIG. 13 is a conceptual diagram of a dedicated module system.
- a dedicated module for example, module_id
- component_tag 0x40
- DII Download Info Indication
- FIG. 14 is a diagram showing a configuration of a broadcast station public key certificate descriptor.
- the broadcast station public key certificate descriptor (broadcast certificate_descriptor) includes an ID (broadcaster_certificate_id) for identifying the broadcast station public key certificate and a version (broadcaster_certificate_version) of the broadcast station public key certificate.
- FIG. 15 is a flowchart relating to acquisition and update of a broadcasting station public key certificate by a dedicated module method.
- the controller 708 of the information processing apparatus 700 monitors DII module information transmitted in the data carousel (step S401).
- the controller 708 of the information processing apparatus 700 detects that the broadcast station public key certificate descriptor is included in the module information of DII (Y in step S402)
- the controller 708 analyzes the broadcast station public key certificate descriptor.
- the ID and version are extracted from the broadcast station public key certificate descriptor (step S403).
- the application controller 708 compares the ID of the broadcasting station public key certificate already stored in the memory with the ID acquired this time, and checks whether the broadcasting station public key certificate with the matching ID is stored in the memory. (Step S404). If the corresponding broadcast station public key certificate is not stored (N in step S405), the application controller 708 acquires the broadcast station public key certificate transmitted in the data carousel and stores it in the memory (step S406). . Thereafter, the monitor returns to the DII module information monitoring state.
- the application controller 708 checks the version of the broadcast station public key certificate stored in the memory (step S407).
- the application controller 708 compares the confirmed version of the broadcast station public key certificate with the version of the broadcast station public key certificate acquired this time, and determines whether or not a version upgrade of the broadcast station public key certificate has occurred (step). S408).
- the application controller 708 If it is determined that the broadcast station public key certificate has not been upgraded (N in step S408), the application controller 708 returns to the DII module information monitoring state.
- the application controller 708 acquires the broadcast station public key certificate transmitted in the data carousel and stores it in the memory (step S408). S409). Thereafter, the monitor returns to the DII module information monitoring state.
- the information processing apparatus 700 can acquire one or more types of the latest version of the broadcast station public key certificate having different IDs and store them in the memory.
- FIG. 16 is a diagram showing a configuration of a root certificate descriptor according to the data broadcasting extension method (part 1).
- the data broadcasting extension method (part 1) an extension for transmitting a public key certificate of a new service is applied to the root_certificate_type of the root certificate descriptor, and an ID (broadcaster_certificate_id) for identifying the broadcasting station public key certificate is provided there.
- the broadcast station public key certificate version (broadcaster_certificate_version) is described.
- FIG. 17 is a flowchart relating to acquisition and update of a broadcasting station public key certificate by the data broadcasting extension method (part 1).
- the application controller 708 of the information processing apparatus 700 monitors the DII root certificate descriptor transmitted in the data carousel (step S501).
- the controller 708 of the information processing apparatus 700 detects the DII root certificate descriptor (Y in step S502)
- the application controller 708 compares the ID of the broadcasting station public key certificate already stored in the memory with the ID acquired this time, and checks whether the broadcasting station public key certificate with the matching ID is stored in the memory. (Step S404). If the corresponding broadcast station public key certificate is not stored (N in step S405), the application controller 708 acquires the broadcast station public key certificate transmitted in the data carousel and stores it in the memory (step S406). . Thereafter, the monitoring state of the DII root certificate descriptor is restored.
- the application controller 708 checks the version of the broadcast station public key certificate stored in the memory (step S407).
- the application controller 708 compares the confirmed version of the broadcast station public key certificate with the version of the broadcast station public key certificate acquired this time, and determines whether or not a version upgrade of the broadcast station public key certificate has occurred (step). S408).
- the application controller 708 If it is determined that the broadcast station public key certificate has not been upgraded (N in step S408), the application controller 708 returns to the DII module information monitoring state.
- the application controller 708 acquires the broadcast station public key certificate transmitted in the data carousel and stores it in the memory (step S408). S409). Thereafter, the monitor returns to the DII module information monitoring state.
- the information processing apparatus 700 can acquire one or more types of the latest version of the broadcast station public key certificate having different IDs and store them in the memory.
- FIG. 19 is a flowchart relating to acquisition and update of a broadcasting station public key certificate by the data broadcasting extension method (part 2).
- the application controller 708 of the information processing apparatus 700 monitors the DII root certificate descriptor transmitted in the data carousel (step S601).
- the controller 708 of the information processing apparatus 700 detects the DII root certificate descriptor (Y in step S502)
- the controller 708 analyzes the root certificate descriptor and checks the value of the flag (broadcaster_certificate_flag).
- the application controller 708 performs data broadcasting processing (step S504), and then returns to the monitoring state of the DII root certificate descriptor.
- Step S605 When the value of the flag is “0”, the application controller 708 transmits the broadcast station from a predetermined storage area among a plurality of storage areas that can transmit the public key certificate for data broadcasting in the root certificate descriptor.
- the public key certificate ID and version are extracted (step S605).
- Step S606 to Step S611 Subsequent operations from Step S606 to Step S611 are the same as Steps S404 to S409 of the dedicated module system, and thus description thereof is omitted.
- the information processing apparatus 700 can acquire one or more types of the latest version of the broadcast station public key certificate having different IDs and store them in the memory.
- the electronic signature is attached to the application.
- the electronic signature may be attached to the XML-AIT.
- this method for example, as shown in FIG. 20, when a plurality of broadcast stations (broadcast station A and broadcast station B) permit the use of broadcast resources for one application, XML-AIT is used.
- FIG. 21 is a sequence diagram showing a flow of exchange among the broadcasting station 100A, the application server 300A, the XML-AIT server 400A, and the information processing apparatus 700A in the information processing system of the second embodiment.
- FIG. 22 is a flowchart showing a processing procedure of the information processing apparatus 700A.
- the difference between the information processing system of the second embodiment and the information processing system 1 of the first embodiment will be mainly described.
- the broadcast-unlinked application is supported.
- the application controller 708AA of the information processing apparatus 700A acquires the XML-AIT with an electronic signature for the broadcast-unlinked application from the XML-AIT server 400A (step S703).
- the application controller 708AA of the information processing apparatus 700 acquires a broadcast non-linked application with an electronic signature from the application server 300A based on the application location information described in the acquired XML-AIT (step S704). Start (step S705).
- Application controller 708A monitors a broadcast resource access request from a broadcast-unlinked application (step S706).
- the application controller 708A detects a broadcast resource access request from a broadcast-unlinked application (Y in step S707), the broadcast station public key certificate corresponding to the broadcast resource is stored in the memory in the information processing apparatus 700. Whether it is present is checked (step S707).
- the application controller 708A of the information processing apparatus 700A transmits the target broadcast station public key certificate in the data carousel. Wait for.
- the data carousel transmission of the broadcast station public key certificate is realized by a dedicated module method, a data broadcast extension method (part 1), a data broadcast extension method (part 2), or the like.
- the application controller 708A When the application controller 708A receives the target broadcast station public key certificate transmitted by the data carousel, the application controller 708A stores it in the memory (step S708).
- the application controller 708A verifies the electronic signature attached to the acquired XML-AIT using the broadcast station public key certificate stored in the memory (step S710). Subsequent operations are the same as those in the first embodiment, and a description thereof will be omitted. [Effects of Second Embodiment, etc.] In the present embodiment, the following effects are obtained. 1. According to the present embodiment, the XML-AIT with the electronic signature is transmitted from the server 400 to the information processing apparatus 700, so that the XML-AIT can be prevented from being falsified. 2. Data carousel transmission can be used to transmit a broadcasting station public key certificate used for XML-AIT signature verification in an existing digital broadcast.
- the XML-AIT can be prevented from being falsified with a minimum change to the existing digital broadcasting. 3.
- the already started digital broadcasting it is possible to provide a new service that can be authenticated by an application while avoiding a so-called legacy problem such as a malfunction of a digital broadcasting receiver already sold.
- FIG. 23 is a diagram for explaining a mechanism for generating an electronic signature and a hash value and verifying them.
- the server includes a signed AIT generation unit 350A.
- the signed AIT generating unit 350A is realized by a program loaded in the main memory that generates an electronic signature and a hash value, and a CPU that executes the program.
- the signed AIT generation unit 350A calculates a hash value 353A from the entity (binary code) of the application 351A using a predetermined hash calculator 352A.
- hash algorithms include SHA-1 and SHA-2, which are standardized by FIPS PUB-1,180-1,180-2.
- the signed AIT generating unit 350A generates an XML-AIT 355A with a hash value by combining the hash value 353A with the XML-AIT 362A of the application 351A.
- the application creator requests the broadcasting station 100A to authenticate the application 351A and the XML-AIT 355A.
- the broadcast station 100 scrutinizes the contents of the application 351A and XML-AIT 355A that are subject to authentication requested by the application producer, and if there is no problem, the secret key issued from the root CA 800 (see FIG. 1) and the broadcast station
- the private key of the public key certificate pair is set in the signature generator 356A as the signature generation key 357A.
- the signature generator 356A generates a digest for the XML-AIT 355A using a signature hash function, and encrypts the digest with a signature generation key (secret key) 357A to generate an XML signature 358A.
- the broadcasting station 100A responds the generated XML signature 358A to the server.
- the server-signed AIT generation unit 350A adds the XML signature 358A responded from the broadcast station 100A to the XML-AIT 355A with a hash value to generate an XML-AIT 360A with a digital signature, and distributes it to the information processing apparatus 700A. .
- the application controller 708A of the information processing apparatus 700 calculates a hash value 752A using a predetermined hash calculator 751A (hash function) from the entity (binary code) of the application 351A acquired from the server.
- the hash function used here needs to be the same as that of the hash calculator 352A of the server-signed AIT generation unit 350A. Therefore, the application controller 708A checks the hash algorithm described in the XML-AIT 360A with the electronic signature obtained from the server, and determines whether or not the hash algorithm of the hash calculator 751A (hash function) is consistent. . If a hash algorithm mismatch is determined, the application controller 708A switches the hash calculator 751A (hash function) to match that of the hash calculator 352A of the server-signed AIT generation unit 350A.
- the application controller 708A compares the hash value 353A and the hash value 752A extracted from the XML-AIT 360A with the electronic signature obtained from the server using the hash comparator 756A, and obtains a match / mismatch result 757A.
- the application controller 708A extracts the XML signature from the XML-AIT 360A with the electronic signature obtained from the server by the signature generator 753A, verifies the XML signature using the signature verification key (public key) 754A, and verifies the signature. Result 755A is obtained.
- the hash value is added to the application and provided to the information processing apparatus 700. Therefore, the information processing apparatus 700 transmits the hash value calculated for the application acquired from the application server 300 and the XML-AIT. The validity of the application can be determined by comparing the obtained hash value.
Abstract
Description
<第1の実施形態>
[情報処理システム]
図1は、本実施形態の情報処理システムの概要を示す図である。
本実施形態の情報処理システム1は、放送局100と、インターネットなどの第1のネットワーク200と、アプリケーションサーバ300と、XML-AITサーバ400と、エッジルータ500と、LAN(Local Area Network)などの第2のネットワーク600と、放送用の受信機としての情報処理装置700とを有する。
ここで、放送非連動アプリケーションについて説明を補足する。放送非連動アプリケーションはアプリケーションサーバ300から情報処理装置700に提供される。放送非連動アプリケーションは、例えばHTML(Hyper Text Markup Language)文書、BML文書(Broadcast Markup Language)、MHEG文書(Multimedia and Hypermedia information coding)、Java(登録商標)スクリプト、静止画ファイル、動画ファイルなどで構成される。
リファレンス検証とは、リソース(アプリケーションの実体)に正規化変換プロセス(Transform)及びダイジェスト計算アルゴリズム(DigestMethod)を適用することにより、リファレンス(Reference)のダイジェスト値(DigestValue)を検証する方式である。リファレンス検証により得られた結果と、登録されたダイジェスト値(DigestValue)とが比較され、これらが一致しない場合、検証失敗となる。
署名検証とは、署名情報(SignatureInfo)要素をXML正規化アルゴリズム(CanonicalizationMethod)で指定された正規化方式でシリアル化し、鍵情報(KeyInfo)等を用いて鍵データを取得し、署名アルゴリズム(SignatureMethod)で指定された方式を用いて署名を検証する方式である。
次に、XML-AITのデータ構造について説明する。
図2は、本実施形態のXML-AITのデータ構造を示す図である。
XML-AITには、アプリケーション毎の、アプリケーション名、アプリケーション識別子、アプリケーション記述子、アプリケーションタイプ、アプリケーション制御コード21、アプリケーションの可視性、現在のサービス内でのみ有効かを示すフラグ、アプリケーションの優先度、アプリケーションのバージョン、プラットフォームプロファイルにあわせたバージョン、アイコン、ストレージ機能の性能、トランスポートプロトコル記述子、アプリケーションロケーション記述子、アプリケーションバウンダリ記述子、アプリケーションスペシフィック記述子、アプリケーションユーセジ記述子、アプリケーションモード記述子、アプリケーション識別記述子23などが格納される。
次に、アプリケーション識別記述子23の詳細を説明する。
アプリケーション識別記述子23としては、
1.放送非連動アプリケーションがアクセス可能な放送局系列、放送局、チャンネルおよびイベント(番組)などの放送の単位を定義する情報(第3の定義情報)、
2.放送非連動アプリケーションが利用可能な放送リソースを構成するメディア情報の種類(映像、音声、SI情報、字幕、データ放送など)を定義する情報(以下「アクセス許可情報」と呼ぶ。)(第1の定義情報)、
3.放送リソースを利用した放送非連動アプリケーションの動作を制約する情報(以下「レンダリング許可情報」と呼ぶ。)(第2の定義情報)
等が含まれる。
アクセス許可情報とレンダリング許可情報を「リソース許可情報」と総称する。
このApplicationIdDescriptor要素の子要素であるsequence要素の配下には、grant_aplication_access_flag要素、affiliation要素、terrestrial_broadcaster要素、broadcaster要素、event要素がそれぞれ宣言されている。
ここで、network_id属性、transport_stream_id属性、service_id属性はチャンネルを識別するための情報である。
また、event_id属性の名前とその型を定義する属性の値の記載は必須ではない。この記載がない場合にはチャンネルのみが指定されたことになる。
このアプリケーション識別記述子23の具体例は、放送局系列とBS/CS放送局の放送単位に対してリソース許可情報がホワイトリストとして指定された場合を示すものである。
アクセス許可情報(access_permission)の値、レンダリング許可情報(rendering_permission)の値に対して割り当てられる意味はサービスにおいて任意に決められる。
アプリケーションのライフサイクルは、XML-AITに格納されるアプリケーション制御コード21をもとに、情報処理装置700によって動的に制御される。
同図に示すように、アプリケーション制御コードとしては、"AUTOSTART"、"PRESENT"、"DESTROY"、"KILL"、"PREFETCH"、"REMOTE"、"DISABLED"、"PLAYBACK_AUTOSTART"が標準規格上存在する。これらアプリケーション制御コードの定義は以下のとおりである。
"PRESENT"は、サービスが選択されている間、アプリケーションを実行可能な状態とすることを指示するコードである。但し、対象のアプリケーションは、サービスの選択に伴って自動的にアプリケーションは起動されず、ユーザからの起動の指示を受けて起動される。
"DESTROY"は、アプリケーションの終了の許可を指示するコードである。
"KILL"は、アプリケーションの強制的な終了を指示するコードである。
"PREFETCH"は、アプリケーションのキャッシュを指示するコードである。
"REMOTE"は、現在のトランスポートストリームでは取得できないアプリケーションであることを示すコードである。そのアプリケーションは、別のトランスポートストリームあるいはキャッシュから取得して利用可能となる。
"DISABLED"は、アプリケーションの起動を禁止することを示すコードである。
"PLAYBACK_AUTOSTART"は、ストレージ(記録装置)に録画された放送コンテンツの再生に伴いアプリケーションを起動させるためのコードである。
図7は本実施形態の情報処理装置700の構成を示すブロック図である。
情報処理装置700は、放送インタフェース701、デマルチプレクサ702、出力処理部703、映像デコーダ704、音声デコーダ705、字幕デコーダ706、通信インタフェース707(取得部)、アプリケーションコントローラ708(コントローラ)を有する。
字幕デコーダ706は、字幕ESをデコードして字幕信号を生成し、生成した字幕信号を出力処理部703に出力する。
次に、本実施形態の情報処理システム1の動作を説明する。
図8は放送局100(放送送出装置)、アプリケーションサーバ300、XML-AITサーバ400、および情報処理装置700の間でのやりとりの流れを示すシーケンス図である。図9は情報処理装置700の処理手順を示すフローチャートである。
ダイレクト選局操作が発生したとき(ステップS201)、情報処理装置700のアプリケーションコントローラ708は、このダイレクト選局された放送チャンネルに対応する放送局公開鍵証明書が情報処理装置700内のメモリに保存されているかどうかを調べる(ステップS202)。
以降の動作(ステップS208からステップS210の動作)は、図8の動作(ステップS114からステップS115の動作)と同様である。
動作中の放送非連動アプリケーションに組み込まれたスクリプトの実行、あるいは、ユーザのマニュアル操作などによって、放送非連動アプリケーションの遷移の指示が発生(図12、ステップS301)した場合の動作は、上述したアプリケーションローンチャから放送非連動アプリケーションがユーザにより選択されたときの動作と同様である。
次に、電子署名の生成と検証について説明する。
図12は電子署名の生成と検証の仕組みについて説明するためのブロック図である。
図1にも示したように、放送局100は、アプリケーション制作者より依頼された認証の対象であるアプリケーション351とXML-AIT355の内容を精査し、問題がなければ、ルートCA800より発行された秘密鍵と放送局公開鍵証明書のペアのうち秘密鍵を署名生成鍵357として署名生成器356に設定する。署名生成器356はアプリケーション351について署名用のハッシュ関数を用いてダイジェストを生成し、このダイジェストを署名生成鍵(秘密鍵)357で暗号化してXML署名358を生成する。放送局100は、生成したXML署名358をサーバに応答する。署名付きアプリケーション生成部350は、放送局100より応答されたXML署名358をアプリケーション351に付加して電子署名付きのアプリケーション360を生成し、情報処理装置700に配信する。
放送局100から情報処理装置700に放送局公開鍵証明書を伝送する方法には、専用モジュール方式、データ放送拡張方式(その1)、データ放送拡張方式(その2)などがある。
図13は専用モジュール方式の概念図である。
専用モジュール方式では、データ放送番組がユーザにより選択された時最初に起動させるべきスタート文書を含むモジュールであるcomponent_tag=0x40に、放送局公開鍵証明書41を伝送するための専用のモジュール(例えばmodule_id=0xFFFEなど)42が新たな配置される。
また、上記の専用モジュールで配布する放送局公開鍵証明書の更新を情報処理装置700に知らせるために、放送局公開鍵証明書記述子がDII(Download Info Indication)が配置される。
放送局公開鍵証明書記述子(broadcast certificate_descriptor)は放送局公開鍵証明書を識別するID(broadcaster_certificate_id)および放送局公開鍵証明書のバージョン(broadcaster_certificate_version)を含む。
図16はデータ放送拡張方式(その1)によるルート証明書記述子の構成を示す図である。
データ放送拡張方式(その1)は、ルート証明書記述子のroot_certificate_typeに新しいサービスの公開鍵証明書を伝送するための拡張を施し、そこに放送局公開鍵証明書を識別するID(broadcaster_certificate_id)および放送局公開鍵証明書のバージョン(broadcaster_certificate_version)を記述するようにしたものである。
データ放送拡張方式(その2)は、ルート証明書記述子の中でデータ放送向け公開鍵証明書を伝送できる格納領域のうち、固定の1つの格納領域が新しいサービス向けに割り当てられ、そこに放送局公開鍵証明書を識別するID(broadcaster_certificate_id)および放送局公開鍵証明書のバージョン(broadcaster_certificate_version)が記述される。また、例えば図18に示すように、ルート証明書記述子に新たなフラグ(broadcaster_certificate_flag)が配置される。例えば、このフラグの値が"1"であるとき、放送局公開鍵証明書が伝送されることを示し、フラグの値が"0"であるとき、放送局公開鍵証明書が伝送されないことを示す。
まず、情報処理装置700のアプリケーションコントローラ708は、データカルーセルで伝送されるDIIのルート証明書記述子を監視する(ステップS601)。情報処理装置700のコントローラ708は、DIIのルート証明書記述子を検出すると(ステップS502のY)、このルート証明書記述子を解析し、フラグ(broadcaster_certificate_flag)の値を確認する。フラグの値が"0"である場合、アプリケーションコントローラ708はデータ放送の処理を行い(ステップS504)、その後、DIIのルート証明書記述子の監視状態に戻る。
本実施形態では、次のような効果が得られる。
1.本実施形態によれば、電子署名を付けたアプリケーションがアプリケーションサーバ300から情報処理装置700に伝送されるので、アプリケーションの改ざんを防止することができる。
2.アプリケーションの署名検証に用いられる放送局公開鍵証明書を、既存のデジタル放送で伝送するためにデータカルーセル伝送を用いることができる。このため既存のデジタル放送に対する最小限の変更点で、アプリケーションをセキュアに情報処理装置700に伝送することができる。
3.データカルーセル伝送で放送局公開鍵証明書を伝送するために、既存のデジタル放送のルート証明書を伝送する資産を利用できる点も、変更点を最小限に抑えるために有益である。
4.既に開始されているデジタル放送において、既に販売済みのデジタル放送受信機への誤動作など、いわゆるレガシー問題を回避しながらアプリケーションが認証可能な新しいサービスを行うことができる。
第1の実施形態では、アプリケーションに電子署名が添付されることとしたが、XML-AITに電子署名を添付してもよい。この方式によると、例えば、図20に示すように、1つのアプリケーションに対して、複数の放送局(放送局A、放送局B)が放送リソースの利用を許可する場合には、XML-AITには放送リソースの利用を許可するすべての放送局(放送局A、放送局B)の電子署名61、62が添付される。
以降、第2の実施形態の情報処理システムにおいて第1の実施形態の情報処理システム1と相違する点を中心に説明する。
[第2の実施形態の効果等]
本実施形態では、次のような効果が得られる。
1.本実施形態によれば、電子署名を付けたXML-AITがサーバ400から情報処理装置700に伝送されるので、XML-AITの改ざんを防止することができる。
2.XML-AITの署名検証に用いられる放送局公開鍵証明書を、既存のデジタル放送で伝送するためにデータカルーセル伝送を用いることができる。このため既存のデジタル放送に対する最小限の変更点で、XML-AITの改ざんを防止できる。
3.データカルーセル伝送で放送局公開鍵証明書を伝送するために、既存のデジタル放送のルート証明書を伝送する資産を利用できる点も、変更点を最小限に抑えるために有益である。
4.既に開始されているデジタル放送において、既に販売済みのデジタル放送受信機への誤動作など、いわゆるレガシー問題を回避しながらアプリケーションが認証可能な新しいサービスを行うことができる。
ところで、第2の実施形態の方式では、アプリケーションの改ざんを直接に検出することができない。そこでアプリケーションのハッシュ値をXML-AITに埋め込み、情報処理装置において、アプリケーションの実体から計算されるハッシュ値とXML-AITに埋め込まれて通知されるハッシュ値とを比較することで、アプリケーションの改ざんを間接的に検出することが可能である。以下、この方式について説明する。
サーバは、署名付きAIT生成部350Aを有する。署名付きAIT生成部350Aは、具体的にはメインメモリにロードされた、電子署名およびハッシュ値の生成を行うプログラムと、このプログラムを実行するCPUとで実現される。
100…放送局
200…第1のネットワーク
300…アプリケーションサーバ
400…XML-AITサーバ
700…情報処理装置
701…放送インタフェース
702…デマルチプレクサ
703…出力処理部
704…映像デコーダ
705…音声デコーダ
706…字幕デコーダ
707…通信インタフェース
708…アプリケーションコントローラ
800…放送局CA
Claims (8)
- それぞれネットワークを通じて情報処理装置に伝送され、放送される第1のデータを処理可能なアプリケーションと当該アプリケーションの動作を管理するアプリケーション情報テーブルのいずれか一方に添付された電子署名を検証するための検証情報を、データカルーセル方式で伝送する
署名検証情報の伝送方法。 - 請求項1に記載の署名検証情報の伝送方法であって、
前記検証情報をcomponent_tag=0x40にモジュールとして配置し、
伝送される前記検証情報の更新を前記情報処理装置に検知させるための情報をDIIに配置する
署名検証情報の伝送方法。 - 請求項1に記載の署名検証情報の伝送方法であって、
前記検証情報をルート証明書記述子内に格納して伝送する
署名検証情報の伝送方法。 - 請求項3に記載の署名検証情報の伝送方法であって、
前記ルート証明書記述子内のroot_certificate_typeの値として、前記検証情報の伝送を示す値が格納される
署名検証情報の伝送方法。 - 請求項3に記載の署名検証情報の伝送方法であって、
前記ルート証明書記述子の中でデータ放送向け公開鍵証明書を伝送できる格納領域のうち、所定の格納領域に前記検証情報か格納され、前記ルート証明書記述子に前記検証情報が伝送されることを示すフラグ情報が配置される
署名検証情報の伝送方法。 - 放送される第1のデータを処理可能なアプリケーションと当該アプリケーションの動作を管理するアプリケーション情報テーブルをネットワークを通じて取得する取得部と、
それぞれ取得された前記アプリケーションと前記アプリケーション情報テーブルのいずれか一方に添付された電子署名の検証に用いられ、データカルーセル伝送された検証データを取得して前記電子署名を検証するコントローラと
を具備する情報処理装置。 - 取得部が、放送される第1のデータを処理可能なアプリケーションと当該アプリケーションの動作を管理するアプリケーション情報テーブルをネットワークを通じて取得し、
コントローラが、それぞれ取得された前記アプリケーションと前記アプリケーション情報テーブルのいずれか一方に添付された電子署名の検証に用いられ、データカルーセル伝送された検証データを取得して前記電子署名を検証する
情報処理方法。 - それぞれネットワークを通じて情報処理装置に伝送され、放送される第1のデータを処理可能なアプリケーションと当該アプリケーションの動作を管理するアプリケーション情報テーブルのいずれか一方に添付された電子署名を検証するための検証情報を、データカルーセル方式で伝送する伝送部を
具備する放送送出装置。
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201380043033.8A CN104584029A (zh) | 2012-08-21 | 2013-06-21 | 签名验证信息传输方法、信息处理设备、信息处理方法和广播递送设备 |
JP2014531484A JPWO2014030283A1 (ja) | 2012-08-21 | 2013-06-21 | 署名検証情報の伝送方法、情報処理装置、情報処理方法および放送送出装置 |
BR112015002976A BR112015002976A2 (pt) | 2012-08-21 | 2013-06-21 | método de transmissão de informação de validação de assinatura, aparelho e método de processamento de informação, e, aparelho de fornecimento de difusão |
US14/414,189 US20150188929A1 (en) | 2012-08-21 | 2013-06-21 | Signature validation information transmission method, information processing apparatus, information processing method, and broadcast delivery apparatus |
EP13830554.5A EP2890045A4 (en) | 2012-08-21 | 2013-06-21 | METHOD FOR TRANSMITTING SIGNATURE VALIDATION INFORMATION, INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD AND RADIO TRANSMISSION DEVICE |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2012-182689 | 2012-08-21 | ||
JP2012182689 | 2012-08-21 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2014030283A1 true WO2014030283A1 (ja) | 2014-02-27 |
Family
ID=50149615
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2013/003894 WO2014030283A1 (ja) | 2012-08-21 | 2013-06-21 | 署名検証情報の伝送方法、情報処理装置、情報処理方法および放送送出装置 |
Country Status (6)
Country | Link |
---|---|
US (1) | US20150188929A1 (ja) |
EP (1) | EP2890045A4 (ja) |
JP (1) | JPWO2014030283A1 (ja) |
CN (1) | CN104584029A (ja) |
BR (1) | BR112015002976A2 (ja) |
WO (1) | WO2014030283A1 (ja) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9288672B2 (en) * | 2013-09-23 | 2016-03-15 | Qualcomm Incorporated | Method for configuring a remote station with a certificate from a local root certificate authority for securing a wireless network |
CN108885674A (zh) * | 2016-03-24 | 2018-11-23 | 瑞典爱立信有限公司 | 网络域之间的数据对象传输 |
US10756898B2 (en) | 2017-06-12 | 2020-08-25 | Rebel AI LLC | Content delivery verification |
US11729612B2 (en) * | 2018-03-08 | 2023-08-15 | Cypress Semiconductor Corporation | Secure BLE just works pairing method against man-in-the-middle attack |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2003209542A (ja) * | 2002-01-10 | 2003-07-25 | Toshiba Corp | デジタル放送装置及びデジタル放送方法、デジタル放送受信装置及びデジタル放送受信方法、デジタル放送受信システム |
JP2008507154A (ja) * | 2004-07-14 | 2008-03-06 | 松下電器産業株式会社 | 認証プログラム実行方法 |
JP2009147808A (ja) * | 2007-12-17 | 2009-07-02 | Nippon Hoso Kyokai <Nhk> | 送信装置およびそのプログラム、ならびに、受信装置およびapi実行プログラム |
WO2011033730A1 (ja) * | 2009-09-15 | 2011-03-24 | ソニー株式会社 | 情報処理装置、データ管理方法、およびプログラム |
JP2012023547A (ja) * | 2010-07-14 | 2012-02-02 | Nippon Hoso Kyokai <Nhk> | デジタル放送送信装置およびデジタル放送受信装置 |
JP2012151632A (ja) * | 2011-01-19 | 2012-08-09 | Nippon Hoso Kyokai <Nhk> | 鍵管理装置、署名鍵更新用部分鍵生成装置、署名鍵発行装置、アプリケーションサーバおよび受信端末、ならびに、それらの制御プログラム |
Family Cites Families (60)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5625693A (en) * | 1995-07-07 | 1997-04-29 | Thomson Consumer Electronics, Inc. | Apparatus and method for authenticating transmitting applications in an interactive TV system |
US5903651A (en) * | 1996-05-14 | 1999-05-11 | Valicert, Inc. | Apparatus and method for demonstrating and confirming the status of a digital certificates and other data |
US6253374B1 (en) * | 1998-07-02 | 2001-06-26 | Microsoft Corporation | Method for validating a signed program prior to execution time or an unsigned program at execution time |
US6357006B1 (en) * | 1998-07-29 | 2002-03-12 | Unisys Corporation | Digital signaturing method and system for re-creating specialized native files from single wrapped files imported from an open network or residing on a CD-ROM |
EP0989743A1 (en) * | 1998-09-25 | 2000-03-29 | CANAL+ Société Anonyme | Application data table for a multiservice digital transmission system |
US6223291B1 (en) * | 1999-03-26 | 2001-04-24 | Motorola, Inc. | Secure wireless electronic-commerce system with digital product certificates and digital license certificates |
US6393420B1 (en) * | 1999-06-03 | 2002-05-21 | International Business Machines Corporation | Securing Web server source documents and executables |
US6792536B1 (en) * | 1999-10-20 | 2004-09-14 | Timecertain Llc | Smart card system and methods for proving dates in digital files |
US6898707B1 (en) * | 1999-11-30 | 2005-05-24 | Accela, Inc. | Integrating a digital signature service into a database |
US7069443B2 (en) * | 2000-06-06 | 2006-06-27 | Ingeo Systems, Inc. | Creating and verifying electronic documents |
US6968456B1 (en) * | 2000-08-08 | 2005-11-22 | Novell, Inc. | Method and system for providing a tamper-proof storage of an audit trail in a database |
WO2002080116A1 (en) * | 2001-03-28 | 2002-10-10 | Ron Shimon Estrin | Authentication methods, apparatus, media and signals |
US7761606B2 (en) * | 2001-08-02 | 2010-07-20 | Ipass Inc. | Method and system to secure a connection application for distribution to multiple end-users |
US7496757B2 (en) * | 2002-01-14 | 2009-02-24 | International Business Machines Corporation | Software verification system, method and computer program element |
US7395503B1 (en) * | 2002-02-06 | 2008-07-01 | Adobe Systems Incorporated | Dynamic preview of electronic signature appearance |
US20030221105A1 (en) * | 2002-05-20 | 2003-11-27 | Autodesk, Inc. | Extensible mechanism for attaching digital signatures to different file types |
CN1628447B (zh) * | 2002-05-22 | 2010-04-28 | 汤姆森许可贸易公司 | 签名和认证设备及方法和相应的产品 |
US7877607B2 (en) * | 2002-08-30 | 2011-01-25 | Hewlett-Packard Development Company, L.P. | Tamper-evident data management |
CN1252598C (zh) * | 2002-09-03 | 2006-04-19 | 国际商业机器公司 | 提供身份相关的信息和防止中间人的攻击的方法和系统 |
US7865931B1 (en) * | 2002-11-25 | 2011-01-04 | Accenture Global Services Limited | Universal authorization and access control security measure for applications |
JP4628648B2 (ja) * | 2003-02-03 | 2011-02-09 | 富士通株式会社 | 電子データ保管システム及びその方法 |
US8468330B1 (en) * | 2003-06-30 | 2013-06-18 | Oracle International Corporation | Methods, systems, and data structures for loading and authenticating a module |
GB0318197D0 (en) * | 2003-08-02 | 2003-09-03 | Koninkl Philips Electronics Nv | Copy-protecting applications in a digital broadcasting system |
JP2005101883A (ja) * | 2003-09-25 | 2005-04-14 | Hitachi Ltd | 電子メール文書原本性保証装置 |
US8225304B2 (en) * | 2004-03-23 | 2012-07-17 | Kabushiki Kaisha Toshiba | System and method for remotely securing software updates of computer systems |
WO2005098566A1 (en) * | 2004-04-08 | 2005-10-20 | International Business Machines Corporation | Method and system for linking certificates to signed files |
JP4607489B2 (ja) * | 2004-04-21 | 2011-01-05 | 株式会社エヌ・ティ・ティ・ドコモ | データ処理装置およびデータ処理方法 |
US7392523B1 (en) * | 2004-06-01 | 2008-06-24 | Symantec Corporation | Systems and methods for distributing objects |
GB2435761B (en) * | 2004-09-21 | 2009-07-08 | Snapin Software Inc | Secure software such as for use with a cell phone or mobile device |
JP4728104B2 (ja) * | 2004-11-29 | 2011-07-20 | 株式会社日立製作所 | 電子画像の真正性保証方法および電子データ公開システム |
US8135954B2 (en) * | 2004-12-20 | 2012-03-13 | Motorola Mobility, Inc. | Distributed digital signature generation |
WO2006072047A2 (en) * | 2004-12-30 | 2006-07-06 | Topaz Systems, Inc. | Electronic signature security system |
US8356295B2 (en) * | 2005-02-17 | 2013-01-15 | Symantec Corporation | Post-signing modification of software |
JP2006303963A (ja) * | 2005-04-21 | 2006-11-02 | Internatl Business Mach Corp <Ibm> | 情報を管理するシステム、方法およびプログラム |
US7859170B2 (en) * | 2005-08-08 | 2010-12-28 | Koninklijke Philips Electronics N.V. | Wide-bandwidth matrix transducer with polyethylene third matching layer |
GB2432433B (en) * | 2005-10-29 | 2010-04-07 | Hewlett Packard Development Co | A method of providing a validatable data structure |
US20070168432A1 (en) * | 2006-01-17 | 2007-07-19 | Cibernet Corporation | Use of service identifiers to authenticate the originator of an electronic message |
EP1984866B1 (en) * | 2006-02-07 | 2011-11-02 | Nextenders (India) Private Limited | Document security management system |
CN101025802A (zh) * | 2006-02-17 | 2007-08-29 | 鸿富锦精密工业(深圳)有限公司 | 工作日志电子化系统及方法 |
US8190902B2 (en) * | 2006-02-27 | 2012-05-29 | Microsoft Corporation | Techniques for digital signature formation and verification |
US20080148054A1 (en) * | 2006-12-15 | 2008-06-19 | Microsoft Corporation | Secure Signatures |
EP1860587B1 (en) * | 2006-05-26 | 2008-07-16 | Sap Ag | Method and system for providing a secure message transfer within a network system |
US20070288989A1 (en) * | 2006-06-09 | 2007-12-13 | Nokia Corporation | Method, electronic device, apparatus, system and computer program product for updating an electronic device security policy |
JP2008027089A (ja) * | 2006-07-20 | 2008-02-07 | Hitachi Ltd | 電子データの開示方法およびシステム |
KR20090013881A (ko) * | 2007-08-03 | 2009-02-06 | 주식회사 동부하이텍 | 테스트 웨이퍼, 그 제조 방법 및 이를 이용한 플라즈마데미지 측정 방법 |
US9378373B2 (en) * | 2007-09-24 | 2016-06-28 | Symantec Corporation | Software publisher trust extension application |
US8219805B1 (en) * | 2007-12-11 | 2012-07-10 | Adobe Systems Incorporated | Application identification |
EP2083374A1 (en) * | 2008-01-23 | 2009-07-29 | Siemens Aktiengesellschaft | Method for electronically signing electronic documents and method for verifying an electronic signature |
AU2009222082A1 (en) * | 2008-03-04 | 2009-09-11 | Apple Inc. | Managing code entitlements for software developers in secure operating environments |
US8225390B2 (en) * | 2008-06-27 | 2012-07-17 | Microsoft Corporation | Licensing protected content to application sets |
US7877461B1 (en) * | 2008-06-30 | 2011-01-25 | Google Inc. | System and method for adding dynamic information to digitally signed mobile applications |
US20100031140A1 (en) * | 2008-08-01 | 2010-02-04 | Cummins Fred A | Verifying An Electronic Document |
CA2716982C (en) * | 2010-10-06 | 2016-07-19 | Ibm Canada Limited - Ibm Canada Limitee | Digital signatures on composite resource documents |
JP2012182779A (ja) * | 2011-01-31 | 2012-09-20 | Nippon Hoso Kyokai <Nhk> | 受信装置、放送システム及びプログラム |
US8745616B1 (en) * | 2011-09-23 | 2014-06-03 | Symantec Corporation | Systems and methods for providing digital certificates that certify the trustworthiness of digitally signed code |
US8881006B2 (en) * | 2011-10-17 | 2014-11-04 | International Business Machines Corporation | Managing digital signatures |
US9183393B2 (en) * | 2012-01-12 | 2015-11-10 | Facebook, Inc. | Multiple system images for over-the-air updates |
US9176822B2 (en) * | 2012-08-31 | 2015-11-03 | Cleversafe, Inc. | Adjusting dispersed storage error encoding parameters |
US8869284B1 (en) * | 2012-10-04 | 2014-10-21 | Symantec Corporation | Systems and methods for evaluating application trustworthiness |
US9294284B1 (en) * | 2013-09-06 | 2016-03-22 | Symantec Corporation | Systems and methods for validating application signatures |
-
2013
- 2013-06-21 EP EP13830554.5A patent/EP2890045A4/en not_active Withdrawn
- 2013-06-21 JP JP2014531484A patent/JPWO2014030283A1/ja active Pending
- 2013-06-21 WO PCT/JP2013/003894 patent/WO2014030283A1/ja active Application Filing
- 2013-06-21 US US14/414,189 patent/US20150188929A1/en not_active Abandoned
- 2013-06-21 CN CN201380043033.8A patent/CN104584029A/zh active Pending
- 2013-06-21 BR BR112015002976A patent/BR112015002976A2/pt not_active Application Discontinuation
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2003209542A (ja) * | 2002-01-10 | 2003-07-25 | Toshiba Corp | デジタル放送装置及びデジタル放送方法、デジタル放送受信装置及びデジタル放送受信方法、デジタル放送受信システム |
JP2008507154A (ja) * | 2004-07-14 | 2008-03-06 | 松下電器産業株式会社 | 認証プログラム実行方法 |
JP2009147808A (ja) * | 2007-12-17 | 2009-07-02 | Nippon Hoso Kyokai <Nhk> | 送信装置およびそのプログラム、ならびに、受信装置およびapi実行プログラム |
WO2011033730A1 (ja) * | 2009-09-15 | 2011-03-24 | ソニー株式会社 | 情報処理装置、データ管理方法、およびプログラム |
JP2012023547A (ja) * | 2010-07-14 | 2012-02-02 | Nippon Hoso Kyokai <Nhk> | デジタル放送送信装置およびデジタル放送受信装置 |
JP2012151632A (ja) * | 2011-01-19 | 2012-08-09 | Nippon Hoso Kyokai <Nhk> | 鍵管理装置、署名鍵更新用部分鍵生成装置、署名鍵発行装置、アプリケーションサーバおよび受信端末、ならびに、それらの制御プログラム |
Non-Patent Citations (4)
Title |
---|
"ETSI TS 102 796 V1.1.1", ETSI, June 2010 (2010-06-01), Retrieved from the Internet <URL:http://www.etsi.org/deliver/etsi ts/102700 102799/102796/01.01.01 60/ts 102796v010101p.pdf> |
APPLICATION EXECUTION ENVIRONMENT STANDARD ARIB STD-B23 1.2 IN DIGITAL BROADCAST, 21 October 2011 (2011-10-21), Retrieved from the Internet <URL:http://www.arib.or.jp/english/html/overview/doc/2-STD-B23v1_2.pdf> |
JIRO HIRONO, THE JOURNAL OF THE INSTITUTE OF IMAGE INFORMATION AND TELEVISION ENGINEERS, vol. 58, no. 5, 1 May 2004 (2004-05-01), pages 629 - 633, XP008176244 * |
ZHANG, R. ET AL.: "Security Strategy of Digital Television Middleware System", IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, vol. 53, no. 3, August 2007 (2007-08-01), pages 969 - 973, XP011193638 * |
Also Published As
Publication number | Publication date |
---|---|
JPWO2014030283A1 (ja) | 2016-07-28 |
EP2890045A1 (en) | 2015-07-01 |
EP2890045A4 (en) | 2016-03-30 |
BR112015002976A2 (pt) | 2017-07-04 |
US20150188929A1 (en) | 2015-07-02 |
CN104584029A (zh) | 2015-04-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP7460698B2 (ja) | 情報処理装置、情報処理方法およびプログラム | |
JP6213197B2 (ja) | 情報処理装置および受信方法 | |
JP7409448B2 (ja) | 受信装置及び受信方法 | |
EP3054701B1 (en) | Receiver device, broadcast device, server device and reception method | |
WO2014030283A1 (ja) | 署名検証情報の伝送方法、情報処理装置、情報処理方法および放送送出装置 | |
JP6627950B2 (ja) | 送信装置および送信方法 | |
JP7334772B2 (ja) | 情報処理装置及び受信方法 | |
JP6663892B2 (ja) | 送信システム及び送信方法 | |
JP6766918B2 (ja) | 受信装置および受信方法 | |
JP6984709B2 (ja) | 受信装置および受信方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 13830554 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2014531484 Country of ref document: JP Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 14414189 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2013830554 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
REG | Reference to national code |
Ref country code: BR Ref legal event code: B01A Ref document number: 112015002976 Country of ref document: BR |
|
ENP | Entry into the national phase |
Ref document number: 112015002976 Country of ref document: BR Kind code of ref document: A2 Effective date: 20150210 |