WO2015133829A1 - Appareil de protection de contenus de cinéma numériques et procédé associé - Google Patents

Appareil de protection de contenus de cinéma numériques et procédé associé Download PDF

Info

Publication number
WO2015133829A1
WO2015133829A1 PCT/KR2015/002113 KR2015002113W WO2015133829A1 WO 2015133829 A1 WO2015133829 A1 WO 2015133829A1 KR 2015002113 W KR2015002113 W KR 2015002113W WO 2015133829 A1 WO2015133829 A1 WO 2015133829A1
Authority
WO
WIPO (PCT)
Prior art keywords
screening
certificate
information
digital cinema
screening system
Prior art date
Application number
PCT/KR2015/002113
Other languages
English (en)
Korean (ko)
Inventor
서원석
Original Assignee
주식회사 스마트구루
씨제이파워캐스트(주)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 스마트구루, 씨제이파워캐스트(주) filed Critical 주식회사 스마트구루
Publication of WO2015133829A1 publication Critical patent/WO2015133829A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/83Generation or processing of protective or descriptive data associated with content; Content structuring
    • H04N21/835Generation of protective data, e.g. certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/633Control signals issued by server directed to the network components or client
    • H04N21/6332Control signals issued by server directed to the network components or client directed to client
    • H04N21/6334Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/414Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance
    • H04N21/41415Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance involving a public display, viewable by several users in a public space outside their home, e.g. movie theatre, information kiosk
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4627Rights management associated to the content

Definitions

  • the present invention relates to the protection of digital cinema content, and more particularly, to prevent digital cinema content leakage between playback devices through HDCP (High Definition Contents Protection) technology and certificate issuance, and to display screening system and projection period contents.
  • the present invention relates to a digital cinema content protection device and a method for controlling transmission.
  • Digital cinema content refers to content that provides a high-definition digital image service to viewers by processing a film taken by a film or a digital camera in the form of a digital file and distributing it through wired / wireless communication or through a storage medium.
  • the standard specification for digital cinema content uses the Digital Cinema Initiative (DCI).
  • DCI Digital Cinema Initiative
  • DCP Digital Cinema Package
  • KDM Key Delivery Message
  • DCI the standard for digital cinema content
  • Link Encryption technology is an AES-based encryption / decryption module that encrypts data to prevent image duplication in the links between digital cinema systems and projectors (such as BNC cables).
  • AES Advanced Encryption Standard
  • NIST National Institute of Standards and Technology
  • the prior art disclosed in ⁇ Patent Document 1> includes a content analysis unit for extracting encryption key and content data of received cinema content, media information to be converted, and information about cinema content, and a decryption unit for decrypting content data based on the encryption key. And a media generator for converting the decrypted content data based on the media information to be converted to generate distributable media content, and a rights information processor for generating package media content by combining the rights information and the distributable media content. Process digital cinema content so that it can be redistributed to your home.
  • the related art has a disadvantage in that digital cinema content is not reproduced in an unregistered display device or an image content may not be prevented from leaking through an image distributor.
  • An object of the present invention has been proposed to solve all the problems occurring in the general link encryption technology and the prior art as described above, to prevent digital cinema content leakage between playback devices by issuing a certificate, the screening system and projection content transmission To provide a digital cinema content protection device and a method for controlling the content.
  • Another object of the present invention is to provide a digital cinema content protection device and method for preventing transmission of a digital content image on a display other than a projector and a monitoring display device associated with an initial screening system.
  • HDCP High Definition Contents Protection
  • the digital cinema content protection device obtains the screening system information to generate a screening certificate, and transmits the screening certificate to the authentication management system to request the screening certificate issuance, issuing A digital cinema screening system that controls playback of digital cinema content by verifying the screening certificate, thereby protecting content between display links; Connected to the digital cinema screening system through a network, register screening system information in a database according to the screening certificate issuance request, issue a screening certificate to the digital cinema screening system, and request screening approval of the digital cinema screening system.
  • it comprises an authentication management server for controlling the screening approval.
  • the digital cinema screening system includes a certificate issuing agent for obtaining screening system information, generating a screening certificate, and transmitting the generated screening certificate to the authentication management server to issue a screening certificate.
  • Stores the screening certificate transmitted from the certificate issuing agent protects the content through HDCP based on the verification of the stored screening certificate, provides screening system information to the authentication management server, requests screening approval, screening approval It is characterized in that it comprises a screening system for performing the screening of digital cinema content only at the time.
  • the certificate issuing agent may include: a system information extraction module configured to extract screening system information in association with the screening system; A certificate generation module for generating a screening certificate based on the screening system information extracted through the system information extraction module; An encryption management module for encrypting the screening certificate generated by the certificate generation module based on the public key to the authentication management server, encrypting the screening certificate received from the authentication management server based on the public key to the screening system. It is characterized by including.
  • the screening system in the screening certificate storage module for storing a screening certificate transmitted from the certificate issuing agent;
  • a screening certificate verification and screening module for verifying a screening certificate stored in the screening certificate storage module and limiting screening based on the screening certificate verification result;
  • a DCI standard content reproducing module for reproducing DCI standard content according to the control of the screening certificate verification and screening restriction module;
  • a display control module for controlling the screening display through content protection through HDCP according to the playback control of the DCI standard content playback module.
  • the authentication management server is a screening certificate issuing module for registering the screening system information included in the screening certificate transmitted from the digital cinema screening system in the database, and issuing a screening certificate;
  • a certificate management module for managing a certificate;
  • An encryption management module for performing screening certificate encryption and digital cinema content encryption;
  • a system registration / deletion module for registering the screening system information in the database and deleting the registered screening system information;
  • a system control and control module for controlling the screening by comparing the screening system information transmitted from the screening system with the screening system information previously registered in the database and determining the screening permission / rejection according to the result.
  • the screening certificate issuing module may issue a screening certificate including information encrypted with a public key and digital signature of the issuing authentication system, a public key of the screening system, a secret key of the screening system, and public key information of the screening system. do.
  • the digital cinema content protection method comprises the steps of: (a) obtaining the system information of the screening system in the certificate issuing agent to generate a screening certificate, and transmitting it to the authentication management server; (b) verifying the screening certificate in the authentication management server, issuing a screening certificate and transmitting the screening certificate to the certificate issuing agent; (c) storing the screening certificate issued by the certificate issuing agent in the screening system; (d) verifying the screening certificate in the screening system, and if the screening certificate is normal, requesting the screening approval from the authentication management server; (e) verifying a screening system that has requested screening approval in the authentication management server, encrypting screening system information in the case of a normal system, and transmitting encrypted system information and screening permission information to the screening system; (f) verifying the system information in the screening system, and controlling the screening based on the verified system information.
  • step (a) (a1) receiving a public certificate from the authentication management server; (a2) validating the received public certificate; (a3) collecting information of the screening system; (a4) generating a secret key and a public key for encrypting the collected screening system information; (a5) generating a screening certificate by encrypting the information of the screening system and the public key of the screening system with a public certificate of a certificate management server; (a6) storing the generated screening certificate in a storage device of the screening system and transmitting the generated screening certificate to the authentication management server.
  • step (b) transmitting a public certificate of an authentication management server to the screening system; (b2) extracting the information of the screening system by decrypting the received screening certificate with the public key of the public certificate; (b3) extracting the public key of the screening system encrypted using the public key of the public certificate; (b4) obtaining a manager's approval; (b5) registering the extracted screening system information in a database and issuing an ID; (b6) generating a screening certificate and transmitting the generated screening certificate to the screening system.
  • Step (e) may include (e1) extracting screening system information when a screening approval is requested from the screening system; (e2) checking whether the extracted screening system information is registered in a database; (e3) transmitting non-screening information to the screening system when the screening system information is not registered in the database, and encrypting the system information using the screening system public key when the screening system information is registered in the database; (e4) transmitting the encrypted system information and the screening permission information to the screening system.
  • step (f) comprises: searching for an installed display device when screening (f1) starts; (f2) checking whether the searched display device is a registered display device; (f3) stopping the screening and generating an alarm when the searched display device is not a registered display device as a result of the confirmation; (f4) requesting system authentication from the authentication management server when the searched display device is a registered display device; (f5) receiving a system authentication result from the authentication management server, and if the received system authentication result is not approved, stopping the screening and generating an alarm; and (f6) displaying the digital cinema content through the display device when the received system authentication result is the approval permission.
  • the present invention by replacing the display link encryption technology of the DCI standard, which is one of the expensive digital cinema content security technology, it is possible to implement a low-cost or low-cost digital cinema equipment such as a general projector, thereby reducing the cost of equipment implementation There is an advantage.
  • FIG. 1 is a network configuration diagram of a digital cinema content protection device according to an embodiment of the present invention.
  • FIG. 2 is a block diagram of a digital cinema content protection device according to an embodiment of the present invention.
  • FIG. 3 is a configuration diagram of an embodiment of the screening system of FIG.
  • FIG. 4 is a configuration diagram of an embodiment of a certificate issuing agent of FIG. 2;
  • FIG. 5 is a configuration diagram of an embodiment of the authentication management server of FIG.
  • FIG. 6 is a block diagram of a screening certificate of the present invention.
  • FIG. 8 is a flowchart illustrating a system registration and projective certificate issuing process in FIG. 7;
  • FIG. 9 is a flow chart of the screening authentication process in FIG.
  • FIG. 10 is a flow chart of the screening control process in FIG.
  • FIG. 1 is a network configuration diagram of a digital cinema content protection device according to a preferred embodiment of the present invention
  • Figure 2 is a configuration diagram of a digital cinema content protection device.
  • the digital cinema content protection device includes a digital cinema screening system 100, a network 200 such as the Internet, an authentication management system 300, and a database 400.
  • the digital cinema screening system 100 obtains screening system information to generate a screening certificate, and transmits the screening certificate to the authentication management system 300 to request issuance of a screening certificate, and digitally through verification of the screening certificate issued. It controls the playback of cinema content to protect content between display links.
  • the digital cinema screening system 100 may generate a screening certificate by acquiring screening system information, and transmit a generated screening certificate to the authentication management server 320 to issue a screening certificate, and issue a screening certificate 110.
  • the certificate issuing agent 110 as shown in Figure 4, the system information extraction module 111 for extracting the screening system information in conjunction with the screening system 120; A certificate generation module 112 for generating a screening certificate based on the screening system information extracted through the system information extraction module 111;
  • the screening certificate generated by the certificate generation module 112 is encrypted based on the public key and transmitted to the authentication management server 320, and the screening certificate received from the authentication management server 320 is encrypted based on the public key. It is preferable to include the encryption management module 113 to transmit to the screening system (120).
  • the screening system 120 as shown in Figure 3, the screening certificate storage module 121 for storing a screening certificate transmitted from the certificate issuing agent 110; A screening certificate verification and screening limiting module 122 for verifying a screening certificate stored in the screening certificate storage module and limiting screening based on the screening certificate verification result; A DCI standard content reproducing module 123 for reproducing DCI standard content according to the control of the screening certificate verification and screening restriction module 122; In accordance with the playback control of the DCI standard content playback module 123 preferably includes a display control module 124 for controlling the screen display 500 through the content protection through HDCP.
  • the screening display 500 refers to equipment such as a projector and a projector.
  • the certification management system 300 is connected to the digital cinema screening system 100 and the network 200, registers the screening system information in a database according to the screening certificate issuance request, and issues a screening certificate to screen the digital cinema.
  • An authentication management server 320 for transmitting to the system 100 and controlling the screening approval according to the screening approval request of the digital cinema screening system 100;
  • a web server 310 for transmitting and receiving data on the web with the digital cinema screening system 100 via the network 200.
  • the authentication management server 320 registers the screening system information included in the screening certificate transmitted from the digital cinema screening system 100 in the database 400 and issues a screening certificate.
  • a certificate management module 324 for managing a certificate of authentication management server;
  • An encryption management module 322 for performing screening certificate encryption and encryption of digital cinema content;
  • a system registration / deletion module 325 for registering screening system information in the database 400 and deleting registered screening system information;
  • the system control and control module 323 for controlling screening by comparing screening system information transmitted from the screening system 120 with screening system information previously registered in the database 400 and determining screening permission / rejection according to the result. );
  • the screening certificate preferably includes information encrypted with the public key and digital signature of the authentication system, the public key of the screening system, the secret key of the screening system, and the public key information of the screening system.
  • the present invention applies HDCP technology to prevent leakage of digital cinema content primarily, and to prevent content copying using a display device (HDCP distributor or router) using a screening certificate. To this end, issuance of a screening certificate is required.
  • the certificate issuing agent 110 of the digital cinema screening system 100 obtains screening system information connected to the screening system 120 in connection with the screening system 120 to generate a screening certificate.
  • the screening certificate is transmitted to the authentication management server 320 to request a screening certificate.
  • the certificate issuing agent 110 extracts the screening system information from the system information extraction module 111 in association with the screening system 120 and the system information is generated from the certificate generation module 112.
  • the screening certificate is generated based on the screening system information extracted through the extraction module 111.
  • the encryption management module 113 encrypts the screening certificate generated by the certificate generation module 112 based on the public key of the public certificate received from the authentication management server 320 and transmits the encrypted certificate to the authentication management server 320.
  • the screening system information includes system information such as a projector, screening display equipment such as a projector, and monitoring display equipment.
  • the authentication management server 320 issues a screening certificate based on the screening system information included in the bonus certificate transmitted from the certificate issuing agent 110 and transmits the screening certificate to the certificate issuing agent 110.
  • the certificate management module 324 of the authentication management server 320 transmits the certificate of the certificate management server 320 to the certificate issuing agent 110
  • the system registration / deletion module 325 is the digital cinema
  • the screening system information included in the screening certificate transmitted from the certificate issuing agent 110 of the screening system 100 is extracted and registered in the database 400.
  • the public certificate is a certificate issued from an accredited certification authority, and using a certificate different from the certificate used in encrypted HTTP network communication can provide a more secure security effect.
  • the screening certificate issuing module 321 issues a screening certificate based on the screening system information
  • the encryption management module 322 encrypts the screening certificate based on the public key and transmits the screening certificate to the certificate issuing agent 110. . As shown in FIG.
  • the screening certificate issued here includes a digitally authorized certificate of an authentication system including a public key and a digital signature of the authentication system, information encrypted with the public key of the screening system, a secret key and a screening system of the screening system. Contains public key information.
  • the secret key and the public key of the screening system are a set of data for using the asymmetric encryption algorithm of the screening system (an encryption algorithm having a different key used for decryption and a key used for public key-based encryption).
  • the certificate issuing agent 110 transmits the screening certificate issued from the authentication management server 320 to the screening system 120.
  • the screening system 120 stores the screening certificate transmitted from the certificate issuing agent 110, protects the content through the HDCP based on the verification of the stored screening certificate, and screened on the authentication management server 320 It will provide system information, request screening approval, and perform screening of digital cinema content only upon screening approval.
  • the screening certificate storage module 121 of the screening system 120 stores the screening certificate transmitted from the certificate issuing agent 110.
  • the screening certificate verification and screening limiting module 122 verifies the screening certificate stored in the screening certificate storage module 121 and restricts the screening based on the screening certificate verification result.
  • the screening approval history is transmitted to the authentication management server 320, and the screening is controlled according to the certificate verification history received from the authentication management server 320.
  • a system search is performed to obtain system information, and the acquired system information is transmitted to the authentication management server 320 to request screening approval.
  • the DCI standard content playback module 123 is controlled to be screened playback.
  • the DCI standard content playback module 123 plays the DCI standard content, and the display control module 124 is screened through the content protection through HDCP according to the playback control of the DCI standard content playback module 123.
  • the system control and control module 323 of the authentication management server 320 compares the screening system information transmitted from the screening system 120 and the screening system information previously registered in the database 400, and matches. If the screening approval, and the screening system information transmitted and the screening system information registered in the database 400 is different from each other, screening approval is not allowed.
  • the user management module 326 of the authentication management server 320 performs the authentication restriction by expiring the screening certificate issued to the system at the administrator's discretion.
  • the screening system is inspected to see if it is being screened on an authorized display, and continuously monitors whether a situation in which digital cinema contents are leaked by using an illegal display device that is not registered.
  • the screening is immediately stopped or an alarm is generated through a control system so that emergency measures can be promptly taken.
  • the reason for the continuous process of approval of the certification system during the screening is to provide a way to counter piracy by taking emergency measures in the control system.
  • the digital cinema content protection device primarily uses HDCP technology to perform video security between the digital cinema system and the projector, and to screen the HDCP content security through a screening certificate.
  • the video cannot be reproduced, thereby preventing the leakage of digital cinema contents.
  • FIG. 7 is a flowchart illustrating a method for protecting digital cinema content according to the present invention, where S represents a step.
  • the method for protecting digital cinema content comprises the steps of: (a) obtaining system information of the screening system 120 from the certificate issuing agent 110, generating a screening certificate, and transmitting the screening certificate to the authentication management server (S11 to S13). ; (b) verifying the screening certificate in the authentication management server 320, and transmitting the screening certificate to the certificate issuing agent 110 (S14 to S16); (c) storing the screening certificate issued by the certificate issuing agent 110 in the screening system 120 (S17); (d) verifying the screening certificate in the screening system 120 and requesting the screening approval from the authentication management server 320 when the screening certificate is normal (S18 to S19); (e) verifying the screening system 120 requesting the screening approval from the authentication management server 320, encrypting the screening system information in the case of a normal system, and displaying the encrypted system information and the screening permission information in the screening system 120. Transmitting to (S20 to S24); (f) verifying the system information in the screening system 120, and controlling the screening based on the verified
  • the step (a) is shown in Figure 8, (a1) receiving a public certificate from the authentication management server 320 (S121); (a2) checking the validity of the received public certificate (S122); (a3) collecting information of the screening system 120 (S123); (a4) generating a secret key and a public key for encrypting the collected screening system information (S124); (a5) generating a screening certificate by encrypting the information of the screening system 120 and the public key of the screening system 120 with a public certificate of a certificate management server 320 (S125); (a6) storing the generated screening certificate in a storage device of the screening system 120 and transmitting it to the authentication management server 320 (S126 to S127); It is preferable to include a step (S128) for storing the screening certificate issued through the authentication management server (320).
  • step (b) (b1) transmitting the authorized certificate of the authentication management server 320 to the screening system (120) (S321); (b2) extracting the information of the screening system 120 by decrypting the received screening certificate with the public key of the public certificate (S322); (b3) extracting the public key of the screening system 120 encrypted using the public key of the public certificate (S323); (b4) obtaining a manager's approval (S324); (b5) registering the extracted screening system information in a database and issuing an ID (S325); (b6) generating a screening certificate and transmitting the generated screening certificate to the screening system 120 (S326); (b7)
  • the registration of the screening system and the completion of the issuance of the screening certificate are preferably included.
  • the step (e) may include (e1) extracting screening system information when a screening approval is requested from the screening system 120 (S331); (e2) checking whether the extracted screening system information is registered in a database (S332); (e3) transmitting non-screening information to the screening system when the screening system information is not registered in the database, and encrypting system information using the screening system public key when the screening system information is registered in the database (S333); (e4) It is preferable to include the step (S334) of transmitting the encrypted system information and the screening permission information to the screening system.
  • the step (f) may include searching for the installed display device (S141 to S142) when screening is started (f1); (f2) checking whether the searched display device is a registered display device (S143); (f3) stopping the screening and generating an alarm when the searched display device is not a registered display device as a result of the confirmation (S144); (f4) requesting system authentication to the authentication management server 320 when the searched display device is a registered display device (S145); (f5) receiving a system authentication result from the authentication management server 320 and generating a stop screening and an alarm when the received system authentication result is not approved (S146, S149); (f6) If the received system authentication result is the approval permission, it is preferable to include the step (S147 ⁇ S148) to display the digital cinema content through the display device.
  • step S11 the certificate issuing agent 110 obtains system information of the screening system 120, generates a screening certificate in step S12, and transmits the screening certificate generated in step S13 to the authentication management server.
  • the certificate issuing agent 110 receives the public certificate from the authentication management server 320 in step S121, and checks the validity of the received public certificate in step S122. That is, it checks whether the public certificate is a normal and usable certificate. If the authorized certificate is valid, the information of the screening system 120 is collected in step S123. That is, information of a display device such as a projector or a projector is collected. Thereafter, in step S124, a secret key and a public key for encrypting the collected screening system information are generated, and in step S125, the information of the screening system 120 and the public key of the screening system 120 are authenticated by the authentication management server 320. A screening certificate is generated by encrypting with a public certificate of.
  • step S126 the screening certificate generated in step S126 is stored in the storage device of the screening system 120, and the screening certificate generated in step S127 is transmitted to the authentication management server 320. Thereafter, in step S128, the screening certificate issued through the authentication management server 320 is stored in the screening system.
  • the authentication management server 320 verifies the screening certificate received in step S14, issues a screening certificate in step S15 and step S16 and transmits it to the certificate issuing agent 110.
  • the authentication management server transmits the public certificate of the authentication management server 320 to the certificate issuing agent in step S321, and decrypts the screening certificate received in step S322 with the public key of the public certificate. Extract the information of the screening system 120.
  • step S323 the public key of the encrypted screening system 120 is extracted using the public key of the public certificate, and in step S324, the manager's approval is obtained.
  • step S325 the extracted screening system information is registered in a database and an ID is issued.
  • the screening certificate is generated as shown in FIG. 6, and the generated screening certificate is transmitted to the certificate issuing agent.
  • step S327 the registration of the screening system and the issuance of the screening certificate are completed.
  • the certificate issuing agent 110 stores the issued screening certificate in the screening system 120.
  • the screening system 120 verifies the screening certificate and, in the case of the normal screening certificate, requests the screening approval from the authentication management server 320 in step S19.
  • the screening system 120 checks whether an authorized certificate included in the screening certificate is valid in step S131, and controls the screening to be disabled in step S133 when the public certificate is not valid. On the contrary, if the public certificate is valid, a screening approval is requested to the authentication management server in step S132. After that, when the response transmitted from the authentication management server is not allowed to be screened in step S134, the screen is controlled to be disabled. On the contrary, when the response transmitted from the authentication management server as shown in step S135 is a screening permission, the screening system information is extracted in step S136. In operation S137, the system information received from the authentication management server is decrypted to check whether the information matches the current system information. If the decrypted system information and the current system information do not match, the screening is prevented to prevent content leakage. On the other hand, if the decoded system information and the current system information coincide, the process moves to step S138 to start screening.
  • step S20 the authentication management server 320 verifies the screening system 120 that has requested the screening approval, checks whether the screening system is a registered system in step S21, and if it is not registered, in step S26 Sends no show response to the show system.
  • the screening system information is encrypted in step S22, and the encrypted system information and screening permission information are transmitted to the screening system 120 in step S23.
  • the authentication management server that receives a screening authentication request from the screening system extracts the screening system information when a screening approval is requested from the screening system 120 in step S331.
  • the extracted screening system information is checked to be registered in a database.
  • the screening system information is transmitted to the screening system.
  • the system information is encrypted using the screening system public key in step S333, and the encrypted system information and screening permission information are transmitted to the screening system in step S334.
  • the screening system 120 verifies the system information in step S24, and controls the screening based on the system information verified in step S25.
  • the screening system having received the screening permission information according to the screening request searches for the display device installed in step S142 when screening starts in step S141 as shown in FIG. 10.
  • the display device is checked whether the searched display device is a registered display device. If the searched display device is not a registered display device, the screening stop and alarm are generated in step S144. In contrast, when the searched display device is a registered display device, a system authentication is requested to the authentication management server 320 in step S145.
  • the authentication management server fetches the information of the screening system as in step S341 according to the system authentication request, and checks whether the information of the screening system is the screening system registered in the database in step S342. As a result of this check, if the screening system is not registered, system authentication is not allowed. In contrast, in the case of a registered screening system, the system information is encrypted with the public key in step S344, and the encrypted system information and the screening permission information are converted into the screening system. send.
  • step S146 the screening system receives a system authentication result from the authentication management server 320, and if the received system authentication result is not approved, the screening step is stopped, and the screening stops, and an alarm is generated using a control system. . In contrast, when the system authentication result is approved, the digital cinema content is displayed on the display device. In step S147, it is checked whether the screening is finished. If the screening is not finished, the screen proceeds to step S142, and when the screening is finished, the screen proceeds to step S148 to complete the screening.
  • the method for protecting digital cinema content primarily uses HDCP technology to perform video security between the digital cinema system and the projector, and the screening certificate for a method for bypassing HDCP content security.
  • the video cannot be reproduced, thereby preventing the leakage of digital cinema contents.
  • the present invention is applied to a technique for preventing digital cinema content from being played back on a display device that is not registered when the digital cinema content is displayed or leaking of image content through an image distributor.

Abstract

La présente invention concerne un appareil pour protéger des contenus de cinéma numériques et un procédé associé, qui permettent d'empêcher la fuite de contenus de cinéma numériques entre des appareils de reproduction grâce à une technologie de protection de contenus haute définition (HDCP) et à l'émission d'un certificat, et commander la transmission de contenus entre un système de projection et un projecteur. La présente invention est mise en œuvre par : un système de projection de cinéma numérique qui génère un certificat de projection en acquérant des informations de système de projection, demande la délivrance du certificat de projection en transmettant le certificat de projection à un système de gestion d'authentification, et protège les contenus entre des liaisons d'affichage en commandant la reproduction des contenus du cinéma numériques par la vérification du certificat de projection délivré ; et un serveur de gestion d'authentification qui est relié au système de projection de cinéma numérique par l'intermédiaire d'un réseau, enregistre les informations de système de projection dans une base de données en fonction de la demande de délivrance du certificat de projection, délivre et transmet le certificat de projection au système de projection de cinéma numérique, et commande une approbation de projection en fonction d'une demande d'approbation de projection du système de projection de cinéma numérique.
PCT/KR2015/002113 2014-03-07 2015-03-05 Appareil de protection de contenus de cinéma numériques et procédé associé WO2015133829A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2014-0026986 2014-03-07
KR1020140026986A KR20150104949A (ko) 2014-03-07 2014-03-07 디지털 시네마 콘텐츠 보호장치 및 그 방법

Publications (1)

Publication Number Publication Date
WO2015133829A1 true WO2015133829A1 (fr) 2015-09-11

Family

ID=54055567

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2015/002113 WO2015133829A1 (fr) 2014-03-07 2015-03-05 Appareil de protection de contenus de cinéma numériques et procédé associé

Country Status (2)

Country Link
KR (1) KR20150104949A (fr)
WO (1) WO2015133829A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111629226A (zh) * 2020-05-15 2020-09-04 上海幕革科技有限公司 一种基于中心存储的数据处理设备及其处理方法
CN113365123A (zh) * 2021-06-02 2021-09-07 深圳市环球数码科技有限公司 一种利用光源芯片操作影院放映服务器方法及系统
CN114726647A (zh) * 2022-05-12 2022-07-08 知安视娱(北京)科技有限公司 一种4k影片内容的安全发行方法、系统及安全放映系统

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102616967B1 (ko) * 2023-06-23 2023-12-27 쿠도커뮤니케이션 주식회사 보안 인증을 이용한 영상 표출제어가 가능한 전광판시스템 및 그 시스템의 영상 표출제어 방법

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20050119416A (ko) * 2004-06-16 2005-12-21 로무 가부시키가이샤 디바이스 키 보호 방법 및 그 방법을 이용 가능한 암호화장치와 복호 장치 및 영상 송신 장치와 영상 수신 장치
KR20070003518A (ko) * 2005-06-30 2007-01-05 김유식 디지털 극장의 영화 컨텐츠 송출 시스템 및 그 방법
KR20070099493A (ko) * 2006-07-21 2007-10-09 (주)잉카엔트웍스 Drm이 적용된 컨텐츠를 저장 및 사용하기 위한 포터블저장매체 그리고 이를 구현하기 위한 방법 및 시스템
KR100895462B1 (ko) * 2006-10-23 2009-05-06 한국전자통신연구원 디지털 저작권 관리 시스템에서의 콘텐츠 유통 관리 방법

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20050119416A (ko) * 2004-06-16 2005-12-21 로무 가부시키가이샤 디바이스 키 보호 방법 및 그 방법을 이용 가능한 암호화장치와 복호 장치 및 영상 송신 장치와 영상 수신 장치
KR20070003518A (ko) * 2005-06-30 2007-01-05 김유식 디지털 극장의 영화 컨텐츠 송출 시스템 및 그 방법
KR20070099493A (ko) * 2006-07-21 2007-10-09 (주)잉카엔트웍스 Drm이 적용된 컨텐츠를 저장 및 사용하기 위한 포터블저장매체 그리고 이를 구현하기 위한 방법 및 시스템
KR100895462B1 (ko) * 2006-10-23 2009-05-06 한국전자통신연구원 디지털 저작권 관리 시스템에서의 콘텐츠 유통 관리 방법

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111629226A (zh) * 2020-05-15 2020-09-04 上海幕革科技有限公司 一种基于中心存储的数据处理设备及其处理方法
CN113365123A (zh) * 2021-06-02 2021-09-07 深圳市环球数码科技有限公司 一种利用光源芯片操作影院放映服务器方法及系统
CN114726647A (zh) * 2022-05-12 2022-07-08 知安视娱(北京)科技有限公司 一种4k影片内容的安全发行方法、系统及安全放映系统
CN114726647B (zh) * 2022-05-12 2022-08-12 知安视娱(北京)科技有限公司 一种4k影片内容的安全发行方法、系统及安全放映系统

Also Published As

Publication number Publication date
KR20150104949A (ko) 2015-09-16

Similar Documents

Publication Publication Date Title
CA2948895C (fr) Fourniture de justificatifs d'identite de gdn sur un dispositif client au moyen d'un serveur de mise a jour
EP2270710B1 (fr) Procédé de restriction d'accès de données de média générées par une caméra
WO2012011726A2 (fr) Procédé et appareil de fourniture d'un service de gestion de droits numériques
WO2010008223A2 (fr) Appareil et procédé pour réaliser un service de sécurité dans une interface utilisateur
WO2012047064A2 (fr) Procédé et dispositif pour la fourniture d'un service drm
WO2010107279A2 (fr) Système et procédé permettant de protéger un contnu multimédia numérique
WO2015133829A1 (fr) Appareil de protection de contenus de cinéma numériques et procédé associé
US20060294594A1 (en) Method for managing consumption of digital contents within a client domain and devices implementing this method
US9369464B2 (en) Scalable authentication system
WO2011122912A2 (fr) Procédé et système de gestion d'une clé de chiffrement pour un service de diffusion
WO2014003516A1 (fr) Procédé et appareil de fourniture de partage de données
KR20090058736A (ko) 보안모듈 프로그램을 보호하기 위한 디지털 케이블 시스템및 그 방법
US20110145562A1 (en) System and method for securely transfering content from set-top box to personal media player
WO2014193058A1 (fr) Dispositif et procédé pour assurer la sécurité dans un environnement d'investigation numérique à distance
WO2019088688A1 (fr) Système et procédé de gestion de distribution de contenu à l'aide d'une technologie de chaîne de blocs
US11258601B1 (en) Systems and methods for distributed digital rights management with decentralized key management
WO2017128585A1 (fr) Procédé de protection de contenu de sortie sécurisé avancé et module de réception de condition
CN113365097B (zh) 直播信息流处理方法、装置、系统、电子设备及存储介质
JP2004303107A (ja) コンテンツ保護システム及びコンテンツ再生端末
WO2014123283A1 (fr) Procédé et dispositif de commande du téléchargement d'un module de sécurité destiné à un service de radiodiffusion
KR20090065399A (ko) 복제된 보안 모듈을 갖는 다운로더블 제한 수신 호스트를감지하는 방법 및 그 장치
WO2019124589A1 (fr) Serveur de kdm, serveur de matriçage et serveur de lecture pour fournir un contenu immersif, et leur procédé de fonctionnement
WO2020197283A1 (fr) Procédé d'authentification de dispositif électronique, et appareil correspondant
JP2008054308A (ja) 端末装置、サーバ装置及びコンテンツ配信システム
WO2016093380A1 (fr) Système et procédé pour protéger un livre électronique qui prend en charge une copie privée

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15758685

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 26/01/2017)

122 Ep: pct application non-entry in european phase

Ref document number: 15758685

Country of ref document: EP

Kind code of ref document: A1