WO2017022386A1

WO2017022386A1 - Information processing device, information storage device, information processing method, and program

Info

Publication number: WO2017022386A1
Application number: PCT/JP2016/069751
Authority: WO
Inventors: 義行小林
Original assignee: ソニー株式会社
Priority date: 2015-08-04
Filing date: 2016-07-04
Publication date: 2017-02-09

Abstract

The present invention implements a configuration where the same content usage control in a source medium for content to be copied can be performed at the destination for the copied content. A data processing unit that copies the record data recorded on a first medium onto a second medium uses a dedicated protocol to record a first medium identifier (volume ID, PMSN) readable from within the recorded data on the first medium into a protective region in the storage unit of the second medium to which access is restricted, and records BDMV format data such as encrypted content and AACS control data into a general purpose region in the storage unit of the second medium to which access is not restricted. Each data is associated using a directory, or an index (i) provided for the record data.

Description

Information processing apparatus, information storage apparatus, information processing method, and program

The present disclosure relates to an information processing device, an information storage device, an information processing method, and a program. More specifically, when the recorded content of the first medium (information recording medium) such as a disc is copied to the second medium, the content usage control in the copy source medium is inherited in the copy destination medium and the same usage control is performed. The present invention relates to an information processing device, an information storage device, an information processing method, and a program.

Various information recording media such as DVD (Digital Versatile Disc), BD (Blu-ray (registered trademark) Disc), and flash memory are used as information recording media (media) for various contents such as movies and music. Yes. Many contents such as music data and image data recorded on these information recording media have copyrights and distribution rights by their creators and distributors. Therefore, even a user who has purchased a disc has certain restrictions on the use of disc recorded content. For example, it is not allowed to copy the disc recording content to other media without limitation.

As a copy management configuration for such media storage content, a copy permissible configuration is known on condition that the copy management information is received from the management server. Specifically, for example, processing is performed in the following sequence.

A user attaches a first medium serving as a copy source, such as a content storage disk, to a user device such as a PC or a recording / playback device, and the user device connects to the management server via a network. Thereafter, the user device transmits predetermined information such as a disc identifier (ID) of the first medium to the server.
After confirming the validity of the received information, the server transmits copy management information in which copy permission data is recorded to the user device. The user device can confirm the copy permission data recorded in the copy management information from the server, read the copy permission data from the first medium, and copy to the second medium as the copy destination. .

Such a copy management configuration is called managed copy (MC), and details thereof are described in, for example, Patent Document 1 (Japanese Patent Laid-Open No. 2008-98765).

Copy contents stored in media such as BD (Blu-ray (registered trademark) Disc) that stores movies, etc., subject to copyright management in the user device to other media such as flash memory or other discs. When performing, it is necessary to perform processing according to the above-mentioned managed copy (MC). That is, copying is allowed on condition that copy management information is received from the management server.

Most content such as movies recorded on a general content-recorded disc, such as a BD (Blu-ray (registered trademark) Disc), is recorded encrypted to prevent unauthorized use such as unauthorized copying. .

Encrypted content conforming to the AACS (Advanced Access Content System) standard, which is a standard related to content copyright protection technology, is classified into units and recorded as encrypted data to which different encryption keys are applied for each unit. By using the unit-by-unit encryption configuration, it is possible to perform unit-based usage control, and strict and diverse content usage control is realized.

However, the current AACS standard is mainly a standard for use control for recorded contents of BD (Blu-ray (registered trademark) Disc), and is sufficient for use control of contents recorded in a flash memory such as a memory card. There is a problem that is not considered.
In recent years, the recording capacity of flash memory has increased dramatically, and there is a tendency for users to copy and use disc recorded content to flash memory. Such flash memory stored content is also similar to BD recorded content. Strict usage control is required.

JP 2008-98765 A

The present disclosure has been made in view of, for example, the above-described problems. An information processing device, an information storage device, and an information processing method that realize strict use control similar to that of a BD recording content for flash memory storage content, The purpose is to provide a program.

The first aspect of the present disclosure is:
A data processing unit for executing a copy process for recording the recording data of the first medium on the second medium;
The data processing unit
In the recording data of the first medium, a first medium identifier that can be read from the first medium by applying a dedicated protocol is recorded in a protected area in which access restriction of the storage unit of the second medium is set,
In the information processing apparatus, the encrypted content is recorded in a general-purpose area in which the access restriction of the storage unit of the second medium is not set.

Furthermore, the second aspect of the present disclosure is:
A protected area in which access restrictions are set, and a storage unit having a general-purpose area in which access restrictions are not set,
A data processing unit,
The general-purpose area of the storage unit records the encrypted content copied from the copy source medium,
The protected area of the storage unit is configured to record a first media identifier that can be read from the first medium by applying a dedicated protocol in the recording data of the copy source medium,
The data processing unit
It is determined whether the information processing apparatus that has output the read request for the first media identifier has an access right to the protection area,
When it is confirmed that the user has an access right, the information storage device obtains the first media identifier recorded in the protection area and outputs the first media identifier to the information processing device.

Furthermore, the third aspect of the present disclosure is:
An information processing method executed in an information processing apparatus,
The information processing apparatus includes:
A data processing unit for executing a copy process for recording the recording data of the first medium on the second medium;
The data processing unit is
In the recording data of the first medium, a first medium identifier that can be read from the first medium by applying a dedicated protocol is recorded in a protected area in which access restriction of the storage unit of the second medium is set,
In the information processing method, the encrypted content is recorded in a general-purpose area in which the access restriction of the storage unit of the second medium is not set.

Furthermore, the fourth aspect of the present disclosure is:
An information processing method executed in an information storage device,
The information storage device includes:
A protected area in which access restrictions are set, and a storage unit having a general-purpose area in which access restrictions are not set,
A data processing unit,
The general-purpose area of the storage unit records the encrypted content copied from the copy source medium,
The protected area of the storage unit is configured to record a first media identifier that can be read from the first medium by applying a dedicated protocol in the recording data of the copy source medium,
The data processing unit is
It is determined whether the information processing apparatus that has output the read request for the first media identifier has an access right to the protection area,
In the information processing method of acquiring the first media identifier recorded in the protection area and outputting the first media identifier to the information processing apparatus when it is confirmed that the user has an access right.

Furthermore, the fifth aspect of the present disclosure is:
A program for executing information processing in an information processing apparatus;
The information processing apparatus includes:
A data processing unit for executing a copy process for recording the recording data of the first medium on the second medium;
The program is stored in the data processing unit.
A process of recording a first media identifier that can be read from the first medium by applying a dedicated protocol in recorded data of the first medium in a protected area in which access restriction of a storage unit of the second medium is set; ,
A program for executing a process of recording the encrypted content in a general-purpose area in which the access restriction of the storage unit of the second medium is not set.

Furthermore, the sixth aspect of the present disclosure is:
A program for causing an information storage device to execute information processing;
The information storage device includes:
A protected area in which access restrictions are set, and a storage unit having a general-purpose area in which access restrictions are not set,
A data processing unit,
The general-purpose area of the storage unit records the encrypted content copied from the copy source medium,
The protected area of the storage unit is configured to record a first media identifier that can be read from the first medium by applying a dedicated protocol in the recording data of the copy source medium,
The program is stored in the data processing unit.
A process for determining whether the information processing apparatus that has output the read request for the first media identifier has an access right to the protection area;
When it is confirmed that the user has an access right, the program is for executing a process of acquiring the first media identifier recorded in the protection area and outputting the first media identifier to the information processing apparatus.

Note that the program of the present disclosure is a program that can be provided by, for example, a storage medium or a communication medium provided in a computer-readable format to an information processing apparatus or a computer system that can execute various program codes. By providing such a program in a computer-readable format, processing corresponding to the program is realized on the information processing apparatus or the computer system.

Further objects, features, and advantages of the present disclosure will become apparent from a more detailed description based on embodiments of the present disclosure described below and the accompanying drawings. In this specification, the system is a logical set configuration of a plurality of devices, and is not limited to one in which the devices of each configuration are in the same casing.

According to the configuration of an embodiment of the present disclosure, a configuration that enables the same control as the content use control in the copy source medium is realized even at the content copy destination.
Specifically, the data processing unit that executes a copy process for recording the recording data of the first medium onto the second medium can read from the first medium by applying a dedicated protocol in the recording data of the first medium. The first media identifier (volume ID, PMSN) is recorded in the protection area where the access restriction of the storage unit of the second medium is set, and the BDMV format data such as the encrypted content and the AACS management data are stored in the second medium. Recorded in a general-purpose area where no access restrictions are set. Each data is associated with an index (i) set in the directory or recording data.

Further, the protected area recording data is also recorded with the MAC value to realize a configuration in which tampering is prevented.
Further, the media binding is realized by recording the value to which the media ID is applied in the protection area.
Each of these configurations realizes a configuration that enables the same control as the content use control in the copy source medium even at the content copy destination.
Note that the effects described in the present specification are merely examples and are not limited, and may have additional effects.

It is a figure explaining the outline | summary of a managed copy (MC: Managed Copy) system. It is a figure explaining the structure of a content management unit (CPS unit), and a unit key management table. It is a figure explaining the recording data of the 1st medium which is a copy origin medium. It is a figure explaining the example of a directory structure of a medium, and the data stored in a data part. It is a figure explaining the AACS management data recorded on a medium. It is a figure explaining the structure data of the copy control management file (MCMF: Managed Copy Manifest File) which is the recording information of the 1st medium. It is a figure explaining the sequence of the volume ID read protocol (Protocol for Transfer Volume_ID) according to AACS regulation. It is a figure explaining the sequence of the PMSN read protocol (Protocol for Transferring, Pre-recorded Media Serial Number) according to the AACS standard. It is a figure explaining the data reproduction sequence from a medium. It is a figure explaining the outline | summary of the data copy process of this indication. It is a figure explaining the structural example of the memory card which is a copy destination medium. It is a figure explaining the copy processing sequence between media. It is a figure which shows an example of the data contained in a copy execution request. It is a figure explaining the basic information contained in server response information (Offer List) 131. FIG. 6 is a diagram illustrating an example of copy data and a copy destination in the data copy processing of the present disclosure. FIG. It is a figure explaining an example of the sequence of the data copy process of this indication. It is a figure explaining the structural example of a host certificate. It is a figure explaining the example of the access restriction | limiting of the division area unit of a protection area. It is a figure explaining an example of the data recorded on a protection area in the data copy process of this indication. It is a figure explaining an example of the data recorded on a protection area in the data copy process of this indication. It is a figure explaining an example of the data recorded on a protection area in the data copy process of this indication. It is a figure which shows the flowchart explaining an example of the process sequence performed in the data copy process of this indication. It is a figure which shows the flowchart explaining an example of the process sequence performed in the movement process of the copy data of this indication. And FIG. 11 is a diagram for describing a configuration example of an information processing apparatus that executes data copy processing and the like. It is a figure explaining the hardware structural example of the information storage device (memory card | curd) which performs a data copy process etc.

The details of the information processing apparatus, information storage apparatus, information processing method, and program of the present disclosure will be described below with reference to the drawings. The description will be made according to the following items.
1. 1. Overview of content copy control processing based on server management 2. Outline of usage control configuration in accordance with AACS (Advanced Access Content System) regulations 3. Data reproduction sequence in information processing apparatus 4. Data copy processing for the second medium having a protected area with restricted access 5. Example of recording copy data to memory card 6. Configuration for Realizing Control on Copy Destination Media Same as Content Usage Control on Copy Source Media Processing order in content copy processing and content movement processing 7-1. Execution sequence of content copy processing 7-2. 7. Execution sequence of copy content movement processing 8. Hardware configuration example of each device Summary of composition of this disclosure

[1. Overview of content copy control processing based on server management]
First, an overview of content copy control processing based on server management will be described with reference to FIG.
For example, many contents such as movies recorded on a BD (Blu-ray (registered trademark) Disc) are allowed to be used under predetermined copyright management. Therefore, even a user who has purchased a disc has certain restrictions on the use of disc recorded content. For example, unlimited copying of disc recorded content to other discs or media such as flash memory is not allowed.

As a copy management configuration for such media storage content, a copy permission processing configuration is known on condition that the copy permission information is received from the management server. FIG. 1 is a diagram for explaining an outline of a managed copy (MC) system as an example.

The information processing apparatus 20 is a user's PC, recorder (recording / playback apparatus), and the like, and can play back the first medium 10 on which a movie or the like, which is a copyright management target content, is recorded.
The information processing apparatus 20 can perform processing for copying the content recorded on the first medium 10 to the second medium 30 which is another medium. The second medium 30 is a medium that can be recorded in the information processing apparatus 20, and is a medium such as a hard disk (HDD), a flash memory, or a data recordable disk (BD, DVD, etc.).

However, if the user freely performs copy processing, a large amount of content duplication occurs, resulting in illegal use and distribution. In order to prevent such a situation, when the information processing apparatus 20 which is a user apparatus executes content copying, the information processing apparatus 20 is connected to the management server 50 and receives copy permission information from the management server 50. In order to receive this copy permission information, for example, procedures such as confirmation of the validity of the first medium possessed by the user and payment of a predetermined fee are required.

The information processing apparatus 20, which is a user apparatus, can receive the copy permission information from the management server 50 and perform content copying on condition that the copy permission information is received by performing this predetermined procedure. This is an outline of managed copy (MC).

[2. Overview of Usage Control Configuration According to AACS (Advanced Access Content System) Rules]
Next, a configuration example of data recorded on a medium (first medium 10 in FIG. 1) on which a copyright-managed content targeted for the above-mentioned managed copy (MC) is recorded will be described.

Encrypted content that complies with the AACS (Advanced Access Content System) standard, which is a standard related to content copyright protection technology, is divided into units as described above, and is recorded as encrypted data using a different encryption key for each unit. Is done. By using the unit-by-unit encryption configuration, it is possible to perform unit-based usage control, and strict and diverse content usage control is realized.

A unit that is a content division unit is called a content management unit or a CPS unit, and an encryption key corresponding to each CPS unit is called a CPS unit key, a unit key, or a title key. An example of the correspondence between the unit classification of the content recorded on the disc and the encryption key (unit key) is shown in FIG.

FIG. 2 is an example of a unit key management table showing a correspondence relationship between a unit (CPS unit) constituting content recorded on a certain medium, for example, one disc, and a CPS unit key which is an encryption key. This unit key management table is recorded on the medium (BD etc.) together with the encrypted content.

As shown in FIG. 2, CPS units, which are content configuration data, are divided into CPS units 1 to n. Each CPS unit 1 to n is associated with a CPS unit key which is a unique encryption key.

For example, when playing back CPS unit 1 (CPS1), decryption is performed using CPS unit key 1 (Ku1). When reproducing the CPS unit 2 (CPS2), it is necessary to perform decryption by applying the CPS unit key 2 (Ku2). As an index corresponding to each CPS unit and CPS unit key, for example, “title” is used. “Title” is an index set corresponding to each CPS unit, and the CPS unit and the CPS unit key can be specified by specifying the title.

FIG. 3 is a diagram illustrating an example of recorded data of the first medium 10 when the first medium 10 is a ROM-type Blu-ray (registered trademark) Disc.
The following data is recorded on the first medium.
(A) Volume ID 11
(B) Media ID [PMSN (Prerecorded Media Serial Number)] 12
(C) KCD (key conversion data) 13
(D) AACS management data 14
(E) BDMV (Blu-ray (registered trademark) disc movie) format data 15

(A) Volume ID (Volume ID) 11 is an identifier recorded on a disc storing content of the same title, for example.
(B) Media ID [PMSN (Prerecorded Media Serial Number)] 12 is, for example, an identification number of a medium recorded on a medium (disk) by a physical recording process that is difficult to rewrite.

Note that (A) Volume ID (Volume ID) 11 and (B) Media ID [PMSN (Prerecorded Media Serial Number)] 12 are different from other normal recording data in that they perform reading processing using a specific dedicated protocol. Data that can be read only when it is executed.
For example, these data can be read only when a dedicated read processing program stored only in an information processing apparatus defined by AACS is executed.

(C) KCD (Key Conversion Data) 13 is data applied to generation (conversion) of an encryption key at the time of content reproduction.
The KCD may not be stored depending on the media.

(D) The AACS management data 14 is composed of various management data such as key data applied to decryption of encrypted content and a content certificate 16 that verifies the validity of the content.
(E) The BDMV format data 15 is composed of encrypted content that is reproduction target data, a reproduction control program, a playlist, and the like, control information applied to reproduction target data and reproduction processing, a control program, and the like.

Details of the AACS management data 14 and the BDMV format data 15 will be described with reference to FIGS.

FIG. 4 shows a directory structure in the case where the first medium 10 is a ROM type Blu-ray (registered trademark) Disc, and shows a directory structure corresponding to recording data of the BD (Blu-ray (registered trademark) Disc). Yes.

As shown in FIG. 4, the directory is separated into a management information setting unit 51 (AACS directory) and a data unit 52 (BDMV directory).
The management information setting unit 51 (AACS directory) is a directory in which the AACS management data 14 shown in FIG. 3 is recorded, and the data unit 52 is a directory in which the BDMV format data 15 shown in FIG. 3 is recorded.

First, details of the recording data in the data section 52 will be described with reference to FIG.
Details of the management information recorded in the management information setting unit 51 (AACS directory) will be described later with reference to FIG.

In the data part 52, under the BDMV directory,
Index files,
Playlist files,
Clip information file,
Clip AV stream file,
BDJO file,
For example, these files are recorded.

The index file stores title information as index information to be applied to playback processing. This title is the same as the title registered in the unit key management table described above with reference to FIG. 2, and is data associated with the CPS unit.
The playlist file is a file that defines the playback order of content in accordance with the program information of the playback program specified by the title, and has playback position information and teacher information for clip information.
The clip information file is a file specified by the playlist file, and has reproduction position information of the clip AV stream file and the like.
The clip AV stream file is a file storing AV stream data to be reproduced.
The BDJO file is a file that stores execution control information of a file that stores JAVA (registered trademark) programs, commands, and the like.

The sequence in which the information processing apparatus reproduces the content recorded on the information recording medium is as follows.
First, a specific title is specified from the index file by the playback application.
A playback program associated with the specified title is selected.
A playlist that defines the playback order of the contents is selected according to the program information of the selected playback program.
The AV stream or the command as the actual content data is read out by the clip information defined in the selected playlist, and the AV stream is reproduced and the command is executed.

In this content reproduction process, the unit and unit key described above with reference to FIG. 2 can be discriminated according to the selected title, and the unit key corresponding to the unit to be reproduced is obtained to obtain the unit unit. The decoding process is performed. When the copy process described with reference to FIG. 1 is executed, the copy process is executed by specifying the copy target data with reference to the information received from the management server 50.

Next, details of the management information recorded in the management information setting unit 51 (AACS directory) will be described with reference to FIG.
In the management information setting unit 51 (AACS directory), various management data such as key information and usage control information applied to decryption of the encrypted content recorded in the data unit 52 are recorded. Specifically, for example, the following data is recorded.

(A) Media key block (MKB)
MKB_RO. inf etc. (b) Sequence key block (SKB)
SKB1. inf etc. (c) Unified Media Key Block (Unified MKB)
uMKB1. inf, etc. (d) Segment key Segment_Key. inf etc.

(E) Copy control management file [Managed Copy Manifest File (MCMF)]
mcmf. xml
(F) Usage control information (Usage Rule)
UsageRule. inf
(G) Content Revocation List (CRL: Content Revocation List)
ContentRevocation. lst

(H) Content Certificate
Content000. (i) Content hash table (Content Hash Table)
ContentHash000. tbl, etc. (j) CPS Unit Key (CPS Unit Key)
CPSUnit0000x. cci etc.

These data are management data specified by, for example, AACS (Advanced Access Content System), which is a standard management system for copyright protection technology of content.

In the above AACS management data, the following data is key data applied to decryption of encrypted content.
(A) Media key block (MKB)
(B) Sequence key block (SKB)
(C) Unified media key block (Unified MKB)
(D) Segment key (j) CPS unit key (CPS Unit Key)

MKB (Media Key Block) will be briefly described. The MKB is an encryption key block generated based on a tree-structured key distribution method known as one aspect of the broadcast encryption method. The MKB can acquire the media key [Km], which is a key necessary for decrypting the content, only by processing (decryption) based on the device key [Kd] stored in the information processing apparatus of the user having a valid license. This is a key information block. This is an application of an information distribution method according to a so-called hierarchical tree structure, and only when the user device (information processing apparatus) has a valid license, the media key [Km] can be acquired and invalidated. In the revoked user device, the media key [Km] cannot be acquired. A device key [Kd] is stored in the memory of the information processing apparatus that executes content reproduction.

(E) Copy control management file [Managed Copy Manifest File (MCMF)]
This is a file applied when executing a copy process of content recorded on a medium, and is, for example, XML description data including data shown in FIG.

The data structure of the copy control management file (MCMF: Managed Copy Manifest File) 111 will be described with reference to FIG.
The copy control management file (MCMF) includes the following data, for example.
(1) Management server URL: Access information of a management server that provides copy permission information.
(2) Copy data information (dealManifest)
(2-1) Playlist file name: The file name of the playlist to be copied.
(2-2) CPS unit key information: CPS unit key identification information applied to the decryption process of the content to be copied.
(2-3) Copy unit identifier: Unit identification information of a copy unit (MC unit) indicating a copy unit of management copy (MC).
(3) Content ID: an identifier of the content to be copied. For example, an ISAN (International Standard Audio Number) number is used as content code information.

* Many contents such as music data and image data recorded on an information recording medium are copyrighted and distributed by their creators and distributors. Therefore, even a user who has purchased a disc has certain restrictions on the use of disc recorded content. For example, it is not allowed to copy the disc recording content to other media without limitation.

As a copy management configuration of such media storage content, there is a copy permissible configuration on condition that copy management information is received from the management server, that is, managed copy (MC).
Specifically, for example, processing is performed in the following sequence.

(E) Copy control management file [Managed Copy Manifest File (MCMF: Managed Copy Manifest File) contains management server access information, copy-permitted data information, etc. required for this managed copy (MC: Managed Copy) processing. It is a recorded file.

(F) Usage control information (Usage Rule)
This is a file in which information such as content usage permission information, such as reproduction permission information and copy permission information, is recorded.
A file issued by a predetermined content manager and prevented from being falsified with the signature of the content manager.
The playback device can use the content within the allowable range recorded in the usage control information.

(G) Content Revocation List (CRL: Content Revocation List)
This is a list of illegal contents that are not permitted to be used for reproduction, such as illegal copy contents.
A list issued by a predetermined content manager and prevented from being tampered with the signature of the content manager.
The playback device performs playback processing on the condition that it is confirmed by the revocation list that the content scheduled to be played is not illegal content.

(H) Content Certificate
This is a certificate that proves the validity of the content, and is a certificate that is prevented from being tampered with the content manager signature issued by a predetermined content manager.
The playback device performs playback processing on the condition that the content to be played back is confirmed to be valid content by the content certificate.

(I) Content Hash Table (Content Hash Table)
This is a table storing the hash value of the content. It has a configuration in which tampering with a content manager signature issued by a predetermined content manager is prevented.
The playback device compares the hash value recorded in the content hash table with the hash value generated from the content scheduled to be played back, and confirms that the content is legitimate content that has not been tampered with. Playback processing is performed as a condition.

[3. Volume ID (Volume ID) and PMSN read processing]
As described above with reference to FIG. 3, in FIG. 3, the volume ID (Volume ID) 11 shown as the recording data of the first medium 10 and (B) the media ID [PMSN (Prerecorded Media Serial Number)] 12 Unlike other normal recording data, is data that can be read only when a reading process using a specific dedicated protocol is executed.
For example, these data can be read only when a dedicated read processing program stored only in an information processing apparatus defined by AACS is executed.

Specifically, the volume ID can be read by applying a volume ID reading protocol (Protocol for Transfer Volume Identifier) in accordance with AACS regulations.
The PMSN is data that can be read by applying a PMSN read protocol (Protocol for Transferring Pre-recorded Media Serial Number) according to the AACS standard.

With reference to FIG. 7, a sequence of a volume ID read protocol (Protocol for Transfer Volume Identifier) in accordance with the AACS standard will be described.

In FIG.
On the left side, a drive device that executes data read processing from a BD-ROM disc that is the first medium 10;
On the right side, a host device that outputs a data read request from the disk to the drive device and receives read data from the drive device is shown.
These are all components of the information processing apparatus 20 in FIG. 1, for example.

The process of each step shown in FIG. 7 will be described.
(Step S11)
First, in step S11, authentication processing and session key (BK (also called bus key)) sharing processing are executed between the host and the drive device.
The authentication process is executed as an authentication process according to, for example, a public key cryptosystem.
When the authentication process is established and the reliability of both is confirmed, the process after step S12 is executed.
If the authentication is not established, the processing after step S12 is stopped.

(Step S12)
When the authentication process in step S11 is established, in step S12, the host outputs a volume ID read request to the drive device.

(Step S13)
When the volume ID read request is input from the host, the drive apparatus reads the volume ID from the disk in step S13, and further, after message authentication code (MAC) (Dm) as a verification value based on the read volume ID. calculate. For example, the MAC value (Dm) according to the following formula is calculated.
Dm = CMAC (BK, Volume_ID)

(Step S14)
In step S14, the drive device outputs the volume ID read from the disk, the verification value based on the volume ID, and the calculated MAC value (Dm) to the host.

(Step S15)
When the host receives the volume ID and the MAC value (Dm), which is a verification value based on the volume ID, from the drive device, in step S15, the host executes a process for confirming the validity of the received volume ID.
First, a new MAC value (Hm) based on the received volume ID is calculated according to the following formula.
Hm = CMAC (BK, Volume_ID)

Next, it is confirmed whether or not the calculated MAC (Hm) matches the MAC value (Dm) received from the drive device.
Verify Dm = Hm
If the calculated MAC (Hm) and the received MAC (Dm) match,
It is determined that the received volume ID is valid data.
If they do not match, it is determined that the received volume ID is not valid.

Only when it is determined that the received volume ID is valid data, the host executes the following process, for example, a process of copying read data from the first medium 10 to a memory card as the second medium.

The PMSN is data that can be read by applying a PMSN read protocol (Protocol for Transferring Pre-recorded Media Serial Number) according to the AACS standard.

Next, a sequence of the PMSN read protocol (Protocol for Transferring Pre-recorded Media Serial Number) according to the AACS standard will be described with reference to FIG.

The process of each step shown in FIG. 8 will be described.
(Step S16)
First, in step S16, authentication processing and session key (BK (also called bus key)) sharing processing are executed between the host and the drive device.
The authentication process is executed as an authentication process according to, for example, a public key cryptosystem.
If the authentication process is established and the reliability of both is confirmed, the process from step S17 is executed.
If the authentication is not established, the processes after step S17 are stopped.

(Step S17)
When the authentication process in step S16 is established, in step S17, the host outputs a PMSN read request to the drive device.

(Step S18)
When the PMSN read request is input from the host, in step S18, the drive device reads the PMSN from the disk, and further calculates a message authentication code (MAC) after (Dm) as a verification value based on the read PMSN. For example, the MAC value (Dm) according to the following formula is calculated.
Dm = CMAC (BK, PMSN)

(Step S19)
In step S19, the drive device outputs the PMSN read from the disk, the verification value based on the PMSN, and the calculated MAC value (Dm) to the host.

(Step S20)
When receiving the PMSN and the MAC value (Dm), which is a verification value based on the PMSN, from the drive device, the host executes a process for confirming the validity of the received PMSN in step S20.
First, a new MAC value (Hm) based on the received PMSN is calculated according to the following equation.
Hm = CMAC (BK, PMSN)

Next, it is confirmed whether or not the calculated MAC (Hm) matches the MAC value (Dm) received from the drive device.
Verify Dm = Hm
If the calculated MAC (Hm) and the received MAC (Dm) match,
It is determined that the received PMSN is valid data.
If they do not match, it is determined that the received PMSN is not valid.

Only when it is determined that the received PMSN is valid data, the host executes the following process, for example, a process of copying read data from the first medium 10 to a memory card as the second medium.

[3. Data reproduction sequence in information processing apparatus]
Next, an example of a reproduction processing sequence of content such as a movie whose usage is controlled will be described with reference to FIG.

Note that the reproduction processing example shown in FIG. 9 is one reproduction processing example. The data applied to the reproduction process varies depending on the reproduction processing mode.
The reproduction processing example shown in FIG. 9 is a diagram illustrating a reproduction processing example to which the following data recorded on the first medium 10 is applied.
MKB71,
KCD72,
Volume ID 73,
CPS unit key file 74,
Usage control information 75,
Encrypted content 76,
A reproduction processing example to which these data are applied will be described.

The first medium 10 is attached to the information processing apparatus 20 as a user device, and content generation is performed by executing key generation and content decryption processing according to a predetermined sequence. Processing of the information processing apparatus 20 will be described.

The information processing apparatus 20 is an AACS compatible apparatus and stores a device key [Kd] 81 in a memory. First, the information processing apparatus 20 reads the MKB 71 and KCD 72 stored in the first medium 10, and in steps S21 and S22, the MKB process and the encryption process (AES) using the device key 81 stored in the memory of the own apparatus are applied. Execute G) to obtain the media key [Km].
As described above, the KCD may not be stored depending on the media. In this case, the process using KCD is omitted.

Further, in step S23, the volume ID 73 stored in the first medium 10 is read, and encryption processing (AES-G) using the media key [Km] is executed to generate a volume unique key [KVu].

Further, in step S24, the CPS unit key file 74 stored in the first medium 10 is read, and a CPS unit key (title key) [Kt] is generated by decryption processing using the volume unique key [KVu].

Further, in step S25, the usage control information 75 stored in the first medium 10 is read, and a verification process (such as signature verification) of the usage control information 75 is executed by applying the AACS public key held in the memory by the playback device. Then, it is determined whether the usage control information is valid. The content is allowed to be used according to the description of the usage control information determined to be valid.

Thereafter, in step S26, the encrypted content 76 stored in the medium 10 is decrypted by applying the CPS unit key (title key) [Kt], and the content 83 is reproduced.

As described above, according to the AACS rules, the information processing apparatus 20 needs to execute key generation and content decryption according to the AACS rules when using the media storage content. The structure is prevented.

[4. Data copy processing for second media having protected areas with restricted access]
Next, a process for copying the recording data of the first medium 10 described with reference to FIGS. 3 to 5 to the second medium will be described.
In the following, processing when the second medium 30 as the copy destination medium is a memory card having a flash memory type storage unit having a protected area with access restriction will be described.
A specific configuration example of the memory card will be described later.

As shown in FIG. 10, the information processing apparatus 100 that executes the copy process reads out the recording data of the first medium 10 described with reference to FIGS. 3 to 5 and is a copy destination medium (second medium). A process of copying to an information storage device having a flash memory, that is, the memory card 200 is performed.
The copy target data includes the following data.
(A) BDMV format data 111,
(B) AACS management data 112,
(C) Data (volume ID, PMSN, etc.) 113 readable by a dedicated protocol,
(D) KCD (key conversion data) 114,

The BDMV format data 111 includes encrypted content that is usage control content.
This is the recording data of the BDMV directory described above with reference to FIG.

As described above with reference to FIG. 2, the encrypted content has a usage management configuration in units of content management units (CPS units), and a different unit key (CPS unit key) is applied in units of CPS units. Encrypted content that has been encrypted. That is, in order to realize different usage control for each unit of division data, encryption is performed with a different key (called a CPS unit key, unit key, or title key) for each unit.

The AACS management data 112 includes a copy control management file (MCMF or the like). This is the recording data of the AACS directory described above with reference to FIG.

Data (volume ID, PMSN, etc.) 113 that can be read by a dedicated protocol is data that can be read only by a read process using a specific dedicated protocol.
For example, these data can be read by executing a dedicated read processing program stored in an information processing apparatus defined by AACS.

KCD (key conversion data) 114 is data applied to generation (conversion) of an encryption key at the time of content reproduction.
The KCD may not be stored depending on the medium, and in this case, the KCD copy process is omitted.

A configuration example of a memory card 200 that is an information storage device having a flash memory that is a copy destination medium will be described with reference to FIG.
The memory card 200 is mounted on the information processing apparatus (host) 20, accessed from the information processing apparatus 100, and read / write data.

As shown in FIG. 11, the memory card 200 as an information storage device
A controller (data processing unit) 210, a storage unit 220, a communication IF 240, and a media ID storage unit 250 are included.
For example, communication with an information processing apparatus (host) or the like is performed via the communication IF 240.

The controller (data processing unit) 210 includes a CPU 211 having a program execution function, a RAM 212, and the like. The RAM 212 is used as a recording area for data processing programs executed by the CPU, various parameters, controller-specific ID information, key information, and the like.
The storage unit 220 is divided into a protected area (secure area (Protected Area)) 221 where free access is not allowed and a general-purpose area (user data area (General Purpose Area)) 222 where free access is allowed.

The protected area 221 can be accessed only by an information processing apparatus (host) that is determined to have access rights in the memory card 200.
As shown in FIG. 11, the protection area (Protected Area) 221 has a plurality of division areas (Protected Areas # 0 to # 3), and the access right can be set for each division area.
In addition, as an access right to each division area,
Access rights that allow both data recording and data reading,
Permission to only read data,
These various types of access rights can be set.
These access rights are recorded in a host certificate held by the information processing apparatus (host).

The media ID storage unit 250 is an area in which the identifier of the memory card 200 is recorded. For example,
Gamma media ID 251,
EMID (Enhanced Media ID) 252
These IDs are recorded.
The plurality of IDs are IDs generated individually corresponding to, for example, components of the memory card 200, for example, a storage unit or a data processing unit.
Either can be used as an identifier unique to the flash memory or an identifier of a specific lot.

The memory card 200 refers to the record information of the host certificate received from the information processing apparatus (host) and determines whether or not the information processing apparatus (host) has an access right.
Details of the host certificate and details of the access determination process will be described later.

Next, an example of a copy processing sequence from the first medium 10 to the memory card 200 will be described with reference to FIG.
Next, a content copy processing sequence based on server management will be described with reference to FIG. FIG. 12 is a diagram illustrating a managed copy (MC) sequence, which is an example of content copy processing based on server management.

In FIG. 12, from the left
A first medium 10 such as a ROM disk on which content such as a movie is recorded;
An information processing apparatus 100 as a user apparatus that reads data such as content from the first medium 10 and performs a copy process;
A second medium (flash memory 200), which is a medium to which content is copied,
further,
A management server (MC server) 300 that executes processing for providing content copy permission information and the like;
These are shown.

The information processing apparatus 100 is configured by, for example, a PC, a recording / playback apparatus, and the like, and inputs data read from the first medium 10 and records data on a second medium (memory card 200) as a copy destination medium, that is, Execute content copy processing.

The first medium 10 is, for example, a ROM type Blu-ray (registered trademark) Disc, a DVD disk, or the like. The second medium (memory card 200) has a flash memory in which data can be written. As described with reference to FIG. 11, the second medium (memory card 200) has a protection area that is a data recording area in which access restrictions are set. Media.

For example, in the first medium 10 constituted by a ROM disk or the like, as shown in the figure,
(A) BDMV format data 111,
(B) AACS management data 112,
(C) Data (volume ID, PMSN, etc.) 113 readable by a dedicated protocol,
These data are recorded.

The BDMV format data 111 includes encrypted content that is usage control content.
As described above with reference to FIG. 2, the encrypted content has a usage management configuration in units of content management units (CPS units), and a different unit key (CPS unit key) is applied in units of CPS units. Encrypted content that has been encrypted. That is, in order to realize different usage control for each unit of division data, encryption is performed with a different key (called a CPS unit key, unit key, or title key) for each unit.

The AACS management data 112 includes a copy control management file (MCMF or the like) 115.
Unlike other data, data (volume ID, PMSN, etc.) 113 that can be read by a dedicated protocol is data that can be read only when a read process using a specific dedicated protocol is executed.
For example, these data can be read only by executing a dedicated read processing program stored only in the information processing apparatus defined by AACS.

First, in step S51, the information processing apparatus 100 applies server information (such as a URI) recorded in the copy control management file (MCMF) 113 recorded in the first medium 10 and executes a copy to the management server 300. Send a request (Offer Request).
At this time, a content ID corresponding to the content to be copied is transmitted to the management server 300.

An example of data included in the copy execution request is shown in FIG. As shown in FIG. 13, the copy execution request includes, for example, the following data.
(A) Content ID: identifier of content stored in the first medium (b) Content certificate ID: certificate for confirming the validity of the content (c) Media identifier: the first medium that is the copy source Identifier (d) Random number: Data validity confirmation data (e) Language code: Code information of the language used by the information processing apparatus.
Each piece of information (a) to (c) is read from the first medium 10. (D) The random number is generated in the information processing apparatus 100. (E) As the language code, a language code recorded in advance in the memory of the information processing apparatus 100 is acquired and transmitted.
The language code is used to determine the language of the offer detail information included in the response provided by the management server 300.

Returning to FIG. 12, the description of the content copy processing sequence according to the server management will be continued. In step S52, the management server 300 executes verification processing of the validity of the received information such as the content ID received from the information processing apparatus 100, and if it is confirmed that there is no problem, the server response information (Offer List) 131 is generated and transmitted to the information processing apparatus 100.

Basic information included in the server response information (Offer List) 131 provided by the management server 300 to the information processing apparatus 100 will be described with reference to FIG.

The basic information of the server response information (Offer List) 131 includes the following information.
(1) Offer detailed information (1a) Title / abstract / description (title / abstract / description): Information on title, summary, and description corresponding to copy-permitted content.
(1b) Copy unit identifier (MCU): An identifier for identifying a copy unit as a copy unit.
(1c) Price information (price): Copy price information.
(1d) Price auxiliary information (priceInfo): Price auxiliary information.
(1e) Payment server URL (final HTML URL): Access information of a server that performs copy fee payment processing.
(1f) Copy destination information (mcotInfo): Information indicating the type of media allowed as a copy destination device. For example, media types such as HDD / flash memory are recorded.

(2) Random number (mcmNonce): A random number for data validity confirmation.
(3) Copy data information (File name to be copied) (= dealManifest)
(3a) Playlist file name (PlayList file name): The file name of the playlist to be copied. Note that the clip information file and the clip AV stream file can be specified by specifying the playlist.
(3b) CPS unit key information (Index to identify the CPS Unit Key): identification information of a key (CPS unit key) for decrypting copy content.
(3c) Copy unit identifier (MCUi): Identification information of a copy unit (MCU) indicating a copy unit.
(4) Server public key certificate (MCScert): A certificate storing a server public key used for encrypted communication, signature confirmation, and the like.
(5) Signature (signature): Signature data for tampering confirmation of the entire data.

These pieces of information are basic information included in server response information (Offer List) 131 provided by the management server 300 to the information processing apparatus 100. These pieces of information are set for each copy unit (MCU) as a copy processing unit.
For example, even for the same content A, the copy unit is set according to the copy destination medium. That is,
Copy unit 0001 of content A for hard disk
Copy unit 0002 of content A for flash memory
This is the setting.

In the server response information (Offer List) 131 shown in FIG. 14, the same information as the recording information of the copy control management file (MCMF) recorded on the first medium 10 described above with reference to FIG. included. For example, (3) Copy data information (File name to be copied) (= dealManifest). These pieces of information are copied with priority given to the information received from the management server 300. This is because the reception information from the management server 300 may be updated sequentially.

The information processing apparatus 100 that has received the server response information (Offer List) 131 applies the response information (Offer List) 131 received from the management server 300 to process the copy-permitted content list (copy-permitted list 131). The information is displayed on the display unit of the device 100. In this list, for example, a price (price) when copying for each content is set.

In step S53, the user executes content selection for designating content to be copied from the copy allowable content list. In step S <b> 54, the information processing apparatus 100 executes a settlement process associated with the copy process with the management server 300. Specifically, a transfer process for the settlement data 132 is performed between the information processing apparatus 100 and the management server 300. The server that executes the payment process may be a payment server different from the management server. Further, in the case of executing copying of content for which copy processing is set to free, the payment processing is omitted.

After completion of the settlement process executed as necessary, the information processing apparatus 100 transmits a request for copy permission information to the management server 300 in step S55. In step S <b> 56, the management server 300 confirms that payment has been made in response to a request for copy permission information from the information processing apparatus 100, generates copy permission information 122, and transmits it to the information processing apparatus 100.

The information processing apparatus 100 executes an authentication process with the second medium (memory card 200) as a copy destination and a copy process in step S57 on condition that the copy permission information 122 is received from the management server 300.

The memory card 200 receives a host certificate from the information processing apparatus (host) 100 in the authentication process, and the information processing apparatus (host) 100 has an access right to the protection area (an access right that allows the data recording process). Make sure to keep.
The copy process is started on the condition that the access right is confirmed.

As shown in the figure, the first medium 10 has
(A) BDMV format data 111,
(B) AACS management data 112,
(C) Data (volume ID, PMSN, etc.) 113 readable by a dedicated protocol,
(D) KCD114
These data are recorded.

A recording example when these data are copied and recorded in the memory card 200 will be described with reference to FIG.
As shown in FIG. 15, the memory card 200 as a copy destination medium
(A) Protected Area (Protected Area) 221,
(B) General Purpose Area 222,
Have

(A) A protected area 221 is an access-restricted data recording area, and the memory card 200 has access rights to the information processing apparatus based on the host certificate received from the information processing apparatus (host) 100. Access (data recording) by the information processing apparatus 100 is allowed only when the information is confirmed.

(B) A general purpose area 222 is a data recording area that can be accessed without performing such access right confirmation processing.

As shown in FIG.
(A) BDMV format data 111,
(B) AACS management data 112,
Each of these data is recorded in a general purpose area (General Purpose Area) 222.

Also,
(C) Data (volume ID, PMSN, etc.) 113 readable by a dedicated protocol,
(D) KCD (key conversion data) 114,
These are recorded in a protected area 221.

The information processing apparatus 100 first performs mutual authentication processing with the memory card 200 in the authentication processing & copy processing in step S57 of FIG.
Thereafter, the copy process is started when mutual authentication is established and when the memory card 200 confirms the access right to the protected area 221 of the information processing apparatus (host) 100.

In addition,
(A) BDMV format data 111,
(B) AACS management data 112,
For the encrypted data included in each of these data, the data recorded on the first medium 10 is recorded as it is in the general-purpose area 222 of the memory card 200 without performing decryption processing or re-encryption processing.
As described above, by executing the copy recording process without performing the decoding process, the possibility of data leakage can be significantly reduced.

(C) Data (volume ID, PMSN, etc.) 113 readable by a dedicated protocol,
(D) KCD (key conversion data) 114,
Is recorded in the protected area 221.

As explained earlier,
(C) Data (volume ID, PMSN, etc.) 113 readable by a dedicated protocol is
Although it is data recorded on the first medium 10, unlike normal recording data recorded on the first medium 10, the data can be read only by a data reading process according to a specific protocol.
Data that can be read only by data reading processing according to this specific protocol is recorded in the protection area 221 instead of the general-purpose area 222.
When data reading from the protection area 221 is performed, access right confirmation processing by the memory card 200 is also executed.
That is, only the information processing apparatus having an access right that is permitted to read data from the protection area 221 can read the volume ID and PMSN.

Moreover, it is preferable to record highly confidential data such as KCD (key conversion data) in the protection area.
The KCD may not be stored depending on the medium. In this case, this copy recording process is omitted.

By this data recording process for the protected area, the same usage control as that for the data reproduction process from the first medium 10 can be performed in the data reproduction from the memory card 200 as the copy destination medium.
That is, like the data reproduction process from the first medium 10, only the information processing apparatus having a specific access right can execute the content reproduction process from the memory card 200.

Next, the detailed processing sequence of the authentication processing & copy processing executed in step S57 in the copy processing sequence described with reference to FIG. 12 will be described with reference to the sequence diagram shown in FIG.

FIG. 16 is a sequence diagram illustrating a sequence of processing executed between the information processing apparatus (host) 100 and the memory card 200 that is a copy destination medium (second medium).
Hereinafter, processing of each step will be described.

(Step S81)
First, in step S81, authentication processing and session key (BK (also referred to as bus key)) sharing processing are executed between the information processing apparatus (host) 100 and the memory card 200 as the copy destination medium (second medium). Is done.
The authentication process is executed as an authentication process according to, for example, a public key cryptosystem.
In this authentication process, the information processing apparatus (host) 100 and the memory card 200 provide the other apparatus with public key certificates stored in the own apparatus.

An example of a host certificate (host public key certificate) provided to the memory card 200 by the information processing apparatus (host) 100 is shown in FIG.
The host certificate is a public key certificate that stores a public key provided to the information processing apparatus (host) 100 by the certificate authority.
The host certificate is configured as data in which a signature is set by a CA private key and is prevented from being falsified.

The host certificate includes the following data as shown in FIG.
(1) Type information (2) Host ID (Host ID)
(3) Host public key (Public Key)
(4) Read / write restriction information (PAD Read / PAD Write) in block units in the protected area of the media (memory card)
(5) Other information (6) Signature (Signature)

Hereinafter, the data (1) to (6) will be described.
(1) Type information Type information is information indicating the type of certificate. For example, data indicating that the certificate is a host certificate, host type, for example, a reproduction-only device, reproduction and recording, and the like. Information indicating the type of device such as a device performing the recording is recorded.

(2) Host ID
The host ID is an area for recording a host ID as a host identifier.
(3) Host public key (Public Key)
The host public key is a public key of the host. A key pair according to the public key cryptosystem is configured together with a secret key provided to each device.

(4) Read / write restriction information (PAD Read / PAD Write) in block units in the protected area of the media (memory card)
The read / write restriction information (PAD Read / PAD Write) with respect to the medium is a block unit in a protected area (Protected Area) 221 set in the storage unit of the medium for recording the content, for example, the memory card 200 shown in FIG. Is recorded.

That is, information about a block in which data reading (Read) or writing (Write) is allowed is recorded. The blocks in the protected area 221 are also called PAD blocks.

The memory card 200 having the flash memory type storage unit refers to this recording field of the host certificate shown in FIG. 17 received at the stage of the authentication process with the information processing apparatus (host) 100, for example, for example, in FIG. Write / read permission determination processing is performed in units of blocks in the protection area (Protected Area) 221 shown, and only execution of processing permitted in the permitted section area is permitted.

As shown in FIG. 17, in the host certificate, in addition to the above-mentioned data, [(5) Other information] is recorded, and the secret of the certificate authority for each data of (1) to (5) is recorded. (6) Signature (Signature) generated by the key is recorded. This signature realizes a tamper-proof configuration.
When using a host certificate, signature verification is executed to confirm the validity of the host certificate. Signature verification is executed using the public key of the certificate authority.

The information processing apparatus (host) that makes an access request to the protected area of the memory card 200 holds a host certificate that records read / write restriction information (PAD Read / PAD Write) for the medium shown in FIG. The host certificate is presented to the memory card 200 and the access right confirmation determination is received.

The memory card 200 verifies the signature of the certificate presented by the access requesting device, confirms the validity of the certificate, and then records the read / write restriction information (PAD Read / PAD Write) in the certificate. Referring to FIG. 11, write / read permission judgment processing is performed in block units that are partitioned areas in the protected area 221 shown in FIG. 11, and only the processing permitted in the permitted block area is allowed to be executed. .

As described above, the read / write restriction information (PAD Read / PAD Write) for the memory card 200 is set, for example, in units of devices to be accessed, for example, information processing devices (hosts). These pieces of information are recorded in a host certificate (Host Cert) corresponding to each device.

The memory card 200 verifies the recorded data of the host certificate (Host Cert) in accordance with a prescribed program stored in advance in the memory card 200, and performs a process of permitting access only to an area for which access is permitted.

FIG. 18 shows a PC 151 and a CE (Consumer Electronics) device 152 such as a recorder or a player as host devices that execute recording of data to the memory card 200 and reading of data recorded on the memory card 200.

Further, the protected area (Protected Area) 221 of the memory card 200 shown in FIG. 18 has the following divided areas.
Partition area # 1 (Protected Area # 1) 231,
Partition area # 2 (Protected Area # 2) 232,
With these partitioned areas.

As shown in the figure, the host certificate (Host Cert) held by the PC 151 shown in FIG.
Type: PC
Read allowable area: # 1
Write (write) allowable area: # 1
This is a certificate with these settings.

As shown in the figure, the host certificate (Host Cert) held by the CE device 152 is
Type: CE
Read allowable area: # 1, 2
Write (Write) allowable area: # 1, 2
This is a certificate with these settings.

That is, the PC 151 is only allowed to write data and write data to the partitioned area # 1 (Protected Area # 1) 231.
The PC 151 is not permitted to write (Write) and read (Read) data in the partitioned area # 2 (Protected Area # 2) 232.

The CE device 152 is only allowed to write data (Write) and read data (Read) with respect to the segmented area # 1 (Protected Area # 1) 231. In addition, data writing (Write) and reading (Read) to the partitioned area # 2 (Protected Area # 2) 232 are permitted.

Thus, even a host device can set access control information according to the type of the device.
Note that. The type information of the host certificate includes information for identifying whether it is a PC or a CE device, and the data processing unit of the memory card 200 stores access control information recorded in the device certificate, that is,
Readable area information (PAD Read),
Write allowable area information (PAD Write),
Based on these pieces of information, it may be determined whether or not access (read / write) of the nuclear division area is possible, but based on the type information (Type), it is possible to determine whether to allow access for each division area of the protection area. Also good.

Returning to the sequence diagram shown in FIG. 16, the sequence of processing executed between the information processing apparatus (host) 100 and the memory card 200 as the copy destination medium (second medium) will be described.

(Step S82)
In step S81 described above, an authentication process and a session key (BK) sharing process are executed between the information processing apparatus (host) 100 and the memory card 200 as the copy destination medium (second medium).
The authentication process is executed as an authentication process according to, for example, a public key cryptosystem.
In this authentication process, the information processing apparatus (host) 100 and the memory card 200 provide the other apparatus with public key certificates stored in the own apparatus.

The memory card 200 receives the host certificate described with reference to FIG. 17 from the information processing apparatus (host) 100.
In step S82, the memory card 200 is recorded in the host certificate.
(4) Read / write restriction information (PAD Read / PAD Write) in block units in the protected area of the media (memory card)
With reference to this data, the access right (right of data write (Write) processing) of the protected area (Protected Area) 221 set in the storage unit of the memory card 200 is confirmed.

In the memory card 200, mutual authentication in step S81 is established, and in step S82, the information processing apparatus (host) 100 grants the right to access the protected area 221 (data write (write) processing right). If it is confirmed that it has, the processing from the next step S83 is executed.

If mutual authentication is not established, or if it is not confirmed that the information processing apparatus (host) 100 has the access right for the protected area (Protected Area) 221 (data write (write) processing right), step S83 is performed. The following processing is not executed.

(Steps S83 to S84)
In steps S83 to S84, the information processing apparatus (host) 100 reads the BDMV format data 111 from the first medium 10 that is the copy source medium, and outputs it to the memory card 200 that is the copy destination medium (second medium). The format data 111 is recorded in the general purpose area (General Purpose Area) of the memory card 200.

The BDMV format data 111 is data under the BDMV directory described with reference to FIG. 4, that is, data in the data section 52 shown in FIG.
Index files,
Playlist files,
Clip information file,
Clip AV stream file,
BDJO file,
For example, these files.
The encrypted content is stored in a clip AV stream file.

The information processing apparatus (host) 100 outputs each data constituting the BDMV format data 111 to the memory card 200 as it is, that is, without executing the decryption process or the re-encryption process. Recorded in the general purpose area of the memory card 200.
As described above, by executing the copy recording process without performing the decoding process, the possibility of data leakage can be significantly reduced.

(Steps S85 to S86)
Next, in steps S85 to S86, the information processing apparatus (host) 100 reads the AACS management data 112 from the first medium 10 that is the copy source medium and outputs it to the memory card 200 that is the copy destination medium (second medium). Then, the AACS management data 112 is recorded in the general purpose area (General Purpose Area) of the memory card 200.

The AACS management data 112 is data below the AACS directory described with reference to FIG. 5, that is, data recorded in the management information setting unit 51 (AACS directory) shown in FIG.

The information processing apparatus (host) 100 outputs the AACS management data 112 to the memory card 200 as it is, that is, without executing decryption processing or re-encryption processing, and the BDMV format data 111 is stored in the general-purpose memory card 200. Record in the area (General Purpose Area).
As described above, by executing the copy recording process without performing the decoding process, the possibility of data leakage can be significantly reduced.

(Steps S87 to S88)
Next, in steps S87 to S88, the information processing apparatus (host) 100 receives data such as a volume ID (Volume ID) and a media ID [PMSN (Precoded Media Serial Number)] from the first medium 10 that is a copy source medium. That is, the readable data 113 and the KCD 114 are read by a dedicated protocol, and these data are recorded in a protected area (Protected Area) of the memory card 200.
The KCD may not be stored depending on the medium. In this case, the copy recording process of the KCD is omitted.

As explained earlier,
(A) Volume ID (Volume ID) 11 is an identifier recorded on a disc storing content of the same title, for example.
(B) Media ID [PMSN (Prerecorded Media Serial Number)] 12 is, for example, an identification number of a medium recorded on a medium (disk) by a physical recording process that is difficult to rewrite.
These (A) Volume ID (Volume ID) 11 and (B) Media ID [PMSN (Prerecorded Media Serial Number)] 12 are different from other normal recording data in that they perform a reading process using a specific dedicated protocol. Data that can be read only when it is executed.
For example, these data can be read only by executing a dedicated read processing program stored only in the information processing apparatus defined by AACS.

Data that can be read only by this specific protocol is recorded in the protected area of the memory card 200.
When reading data from the protected area, the access right confirmation process by the memory card 200 is also executed.
That is, only the information processing apparatus having an access right that is allowed to read data from the protected area can read the volume ID and PMSN.

[5. Example of recording copy data to memory card]
In the embodiment described with reference to FIG. 16, the recording data for the protection area of the memory card 200 has been described as the volume ID, data that can be read only by a dedicated protocol such as PMSN, and KCD. Also, other data with high confidentiality may be recorded in the protection area.
A specific example of recording copy data to a memory card having a flash memory will be described with reference to FIG.

When the first medium 10 as the copy source medium is a BD-ROM having a BDMV directory, in many cases, one movie title is recorded for each disc.
It is expected that contents of various different titles are copied from various disks and recorded on the memory card 200 as a copy destination medium.
Therefore, a naming rule for a directory for storing copy data in the memory card 200 is determined in order to clearly distinguish the plurality of copy contents.

In the copy destination memory card 200, a plurality of directories can coexist.
For that purpose, for example,
BDMV00,
BDMV01,
...
BDMV99
Set up multiple directories as described above.

Record copy data of encrypted contents corresponding to different titles in each directory of BDMVnn (n is a numerical value between 0 and 9).

next,
BDMV00,
BDMV01,
...
A configuration for realizing the use control and protection function of the encrypted content recorded in each of these BDMV directories will be described.

As described above with reference to FIGS. 4 to 5, the BDMV directory and the AACS directory exist under the root directory of the first medium 10 (BD-ROM) that is the copy source medium.
Under the BDMV directory, encrypted content, a playlist and clip information file as reproduction control information applied to the reproduction, a movie object file as a reproduction program, an index file as index data, and the like are stored.
On the other hand, AACS management data including information and key data necessary for content protection and usage control is recorded under the AACS directory.

In the memory card 200 as the second medium as the copy destination medium,
When a BDMVnn directory including encrypted content is recorded, an AACSnn directory in which data necessary for content protection and usage control such as key data corresponding to the encrypted content is created and recorded.

For example,
When BDMV33 is set as a BDMV directory in which a certain encrypted content A is recorded,
The AACS management data corresponding to the encrypted content A is recorded in the directory AACS33 and below.
When BDMV 67 is set as the BDMV directory in which the encrypted content B is recorded,
AACS management data corresponding to the encrypted content B is recorded in the directory AACS 67 and below.

Thus, the AACS management data corresponding to the BDMV directory nn in which the encrypted content is recorded is recorded under the AACS directory (AACSnn) having the same identification number (nn).

In the AACSnn directory of the memory card 200 as the copy destination medium, the AACS management data related file recorded in the AACS directory of the first medium 10 as the copy source medium is copied and recorded as it is.

As described above with reference to FIG. 11, a plurality of divided areas can be set in the protected area (Protected Area) set in the storage unit of the memory card 200 that is the copy destination medium. For example, protected areas # 1 to # 3 (Protected Areas # 1 to # 3) shown in FIG.
In such a plurality of partitioned areas, one or a plurality of protected areas that can be accessed exclusively for recording copy data may be set. For example, the protection area # 1 is secured as a copy data recording area.

With reference to FIG. 19, an example of recorded data for a protected area (Protected Area) of the memory card 200 will be described.
An example of recorded data in the protected area (Protected Area) shown in FIG. 19 includes BDMV00 to BDMV99 as BDMV directories in which a plurality of different encrypted contents are recorded in the general purpose area (General Purpose Area) of the flash memory type storage unit of the memory card 200. It is an example of recorded data when it is assumed that each directory is set.

In the general purpose area of the flash memory type storage unit of the memory card 200,
When each directory of BDMV00 to BDMV99 is set,
AACS management data corresponding to each encrypted content stored in each of the BDMV00 to 99 is recorded also in the protected area (Protected Area) of the flash memory type storage unit of the memory card 200.
AACS00 to AACS99
Each of these directories is set.

Data recorded in the protected area (Protected Area) of the flash memory type storage unit of the memory card 200 will be described. Note that the

characters

0, 1, 2,..., F at the upper and left ends shown in FIG. 19 represent byte positions in hexadecimal notation.

The following data is recorded at the head of the protected area (Protected Area) of the flash memory type storage unit of the memory card 200.
[Header: header]
In the header area, text information and version information indicating that it is a copy data recording area are recorded.
The header area is set to 48 bytes, for example.

After the header, AACS management data set in the AACS directory (AACS00 to 99) corresponding to the BDMV directory (BDMV00 to 99) recorded in the general-purpose area is repeatedly recorded.
An example of specific recording data will be described.
The i-th (i = 0 to 99) AACS management data set recorded in the protection area is as follows.

[Effectiveness presentation flag: Validity [i]]
[Session Key: Session Key [i]]
[Media ID MAC: Media ID MAC [i]]
[Verification key: Verification Key [i]]
[Volume ID: Volume ID [i]]
[Volume ID MAC: Volume ID MAC [i]]
[KCD [i]]
[PMSN [i]]
[PMSN MAC [i]]

Note that i represents an index and is an integer from 0 to 99.
To access the data element of index [i], the size of the header section is 48 bytes, so from the beginning of the protected area,
It is only necessary to seek for 48+ (16 × 9 × i) bytes.
This seek destination is an AACS directory (in which AACS management data corresponding to the encrypted content recorded in the BDMV directory (BDVi) set in the general-purpose area (General Purpose Area) of the flash memory type storage unit of the memory card 200 is recorded) This corresponds to the head position of the recording data (AACSi).

For example, when playing back the content recorded under the BDMV12 directory, the index is set to 12 (i = 12) from the beginning of the protected area,
Data should be read from 48+ (12 × 9 × 16) = 17776 bytes.
Also, since i is an integer from 0 to 99, a capacity of 48 + 16 × 9 × 100 = 14,448 bytes must be allocated to the protection area at a minimum for recording secret data.

The structure of one data set recorded in the protection area is shown in FIG. The set of AACS management data is as follows, as shown in FIG.
(1) [Effectiveness presentation flag: Validity [i]]
(2) [Session Key: Session Key [i]]
(3) [Media ID MAC: Media ID MAC [i]]
(4) [Verification key: Verification Key [i]]
(5) [Volume ID: Volume ID [i]]
(6) [Volume ID MAC: Volume ID MAC [i]]
(7) [KCD [i]]
(8) [PMSN [i]]
(9) [PMSN MAC [i]]

Hereinafter, the individual data elements will be described with reference to FIG.
(1) [Effectiveness presentation flag: Validity [i]]
In the validity presentation flag: Validity [i], a flag indicating the validity of the following eight data elements is recorded.
The following 8 data elements are specifically:
(2) [Session Key: Session Key [i]]
(3) [Media ID MAC: Media ID MAC [i]]
(4) [Verification key: Verification Key [i]]
(5) [Volume ID: Volume ID [i]]
(6) [Volume ID MAC: Volume ID MAC [i]]
(7) [KCD [i]]
(8) [PMSN [i]]
(9) [PMSN MAC [i]]
These are eight.

For example, one of the following values (flags) is recorded in the validity presentation flag: Validity [i] as a flag indicating the validity of these eight data elements.
0: Invalid 1: Valid

(2) [Session Key: Session Key [i]]
Session key: Session Key [i] A 128-bit session key value is recorded in the recording area.
The session key may be generated by a pseudo-random number generator or the like, or during the authentication process executed between the host and the drive in the volume ID or PMSN read process described above with reference to FIGS. You may record using the produced | generated session key (BK: bus key).
Alternatively, recording may be performed using the session key (BK: bus key) generated in the authentication process in step S81 executed between the host and the second medium (memory card) described with reference to FIG.

The session key (BK) is applied to encryption of content recorded in a general purpose area (General Purpose Area) of the storage unit of the memory card 200.
That is, the content encrypted with the CPS unit key defined in AACS is further encrypted with the session key. The encryption method is equivalent to AACS.

The Content (C) recorded on the first medium 10 as the copy source medium is a content (Ce) encrypted according to the AACS Content Encryption method as described below by using a title key (CPS unit key) defined in AACS. ) Is recorded.
Ce = AES-128CBCE (Kt, C)

During the copy process, the data processing unit of the information processing apparatus 100 re-encrypts the encrypted content (Ce) by using the session key (Ks) according to the AACS Bus Encryption method as follows.
Cee = AES-128CBCE (Ks, Ce)

The data processing unit of the information processing apparatus 100 records the double encrypted content (Cee) under the BDMV directory in the general purpose area (General Purpose Area) of the storage unit.
This re-encryption process is optional, and the encrypted content (Ce) recorded in the second medium 10 without performing the re-encryption process is used as it is, and the BDMV directory in the general-purpose area (General Purpose Area) of the storage unit It is good also as a structure recorded below.
In this case, 0 (zero) is recorded in the [session key: Session Key [i]] field of the protection area.

It should be noted that some AACS management data such as key data such as MKB used for content decryption processing is recorded under the AACS directory set in the general-purpose area (General Purpose Area) of the memory card 200.

(3) [Media ID MAC: Media ID MAC [i]]
Media ID MAC: In the Media ID MAC [i] recording area, a message authentication code (MAC) of a session key and a media identifier (Media ID) is recorded.

That is,
Dm = CMAC (Session Key, Media ID)
The MAC value (Dm) calculated by the above formula is recorded in this field.

However, the media ID (media identifier) is the ID of the copy destination medium, that is, the memory card 200, and is preferably set to have a length of 64 bits or more.
As described above with reference to FIG. 11, the media ID storage unit 250 of the memory card 200 includes, for example,
Gamma media ID 251,
EMID (Enhanced Media ID) 252
These IDs are recorded.
The plurality of IDs are IDs generated individually corresponding to, for example, components of the memory card 200, for example, a storage unit or a data processing unit.
Either can be used as an identifier unique to a memory card or an identifier of a specific lot.

This gamma media ID 251,
EMID (Enhanced Media ID) 252
Any one of these IDs or a combination of both IDs is expressed by the following equation:
Dm = CMAC (Session Key, Media ID)
This is applied as (Media ID) of this formula.

(4) [Verification key: Verification Key [i]]
In the recording area of the verification key: Verification Key [i]
Volume ID MAC, and
PMSN MAC,
The 128-bit secret information (key) used for verification of these MAC values is recorded.

The value of the verification key may be generated by a pseudo random number generator or the like,
The volume ID and PMSN transfer protocol (Protocol for Transfer Volume Identifier, and Protocol for Transfer Pre-recorded Media Serial Number) used in the AACS specification may be recorded.

(5) [Volume ID: Volume ID [i]]
Volume ID: Volume ID [i] In the recording area, a volume ID read in accordance with a volume ID transfer protocol (Protocol for Transfer Volume Identifier) in accordance with AACS regulations is recorded.

(6) [Volume ID MAC: Volume ID MAC [i]]
Volume ID MAC: In the Volume ID MAC [i] recording area, a message authentication code (MAC) calculated from the verification key (Verification Key) and the volume ID (Volume ID) is recorded.

That is,
Dm = CMAC (Verification Key, Volume ID)
The MAC value (Dm) calculated according to the above formula is recorded in this field.

When the above key data BK is recorded in the field of the verification key (Verification Key), the volume ID MAC (Volume ID) acquired according to the volume ID transfer protocol (Protocol for Transfer Volume Identifier) according to the AACS standard. Record the value of MAC).

(7) [KCD [i]]
In the KCD [i] recording area, a value of KCD (Key Conversion Data (key conversion data)) recorded in the first medium 10 as a copy source medium is recorded.

(8) [PMSN [i]]
In the PMSN [i] recording area, a prerecorded media serial number (PMSN) read in accordance with the AACS protocol from the first medium 10 as a copy source medium is recorded.
As described above, the volume ID, PMSN, and the like recorded on the first medium 10 that is the copy source medium are data that can be read by a read process using a dedicated read protocol (AACS protocol).

Since not all recording media record PMSN, 0 (zero) is recorded when PMSN is not recorded on the copy source medium.

(9) PMSN MAC [i]]
In the PMSN MAC [i] recording area, a message authentication code (MAC) calculated from the above verification key (Verification Key) and PMSN is recorded.
That is,
Dm = CMAC (Verification Key, PMSN)
The MAC value (Dm) calculated by the above formula is recorded in this field.

In addition, when BK is recorded in the field of the verification key (Verification Key), the PMSN MAC acquired in accordance with the AACS PMSN transfer protocol (Protocol for Transfer Pre-recorded Media Serial Number) is recorded.
If no PMSN is recorded on the copy source medium, 0 (zero) is recorded.

[6. About the configuration to realize the same control as the content usage control on the copy source media on the copy destination media]
As mentioned above, as the copy destination media,
Protected area with access restrictions (Protected Area),
General purpose area without access restrictions (General Purpose Area),
The example using media having these two different types of storage areas (such as a memory card having a flash memory type storage unit) has been described.

A configuration for realizing control equivalent to content usage control in the copy source medium for copy content recorded in such a copy destination medium will be described below.
The following items will be described sequentially.
(1) Realization of a configuration for preventing falsification of volume ID in a copy destination medium (2) Realization of a content use control configuration equivalent to PMSN (Pre-recorded Media Serial Number) in a copy destination medium (3) Copy data in a copy destination medium Realization of Media Binding (4) Realization of AACS Online API Mapping Configuration (5) Realization of Content Leakage Prevention Configuration by Introducing Bulk Encryption in Copy Destination Media (6) Content Signature Verification Method in Copy Destination Media Each item will be described in order.

(1) Realization of a configuration for preventing falsification of volume ID in a copy destination medium When the copy source medium is a BD-ROM storing BDMV format data, the volume ID (Volume ID) is an AACS standard protocol (Protocol for Transfer Volume Identifier). The message authentication code (MAC) is assigned to the read volume ID, and the originality (that has not been tampered with) can be confirmed at the time of read processing according to this dedicated protocol. .

Therefore, it is essential to guarantee the originality of the data for the volume ID even in the copy destination medium.
In the processing of the present disclosure, as described with reference to FIGS. 19 to 21, the following data is recorded in a protected area (Protected Area) in the storage unit of the memory card 200 that is a copy destination medium.
(A) The value of the volume ID (Volume ID) read in accordance with the protocol (Protocol for Transfer Volume Identifier) stipulated by AACS
(B) Message authentication code (MAC) of volume ID (Volume ID)
(C) The value of the key (BK = session key) used for generating the message authentication code (MAC),
These data are recorded in a protected area (Protected Area) in the storage unit of the memory card 200 as a copy destination medium.
With this configuration, a configuration that can confirm the originality (no tampering) of the volume ID is realized.

(2) Realization of Content Usage Control Configuration Equivalent to Pre-recorded Media Serial Number (PMSN) in Copy Destination Media In some cases, an application using PMSN may be recorded in the content recorded on the copy source media.
Therefore, it is necessary to record the PMSN value on the copy destination medium while preventing falsification.

In the processing of the present disclosure, as described with reference to FIGS. 19 to 21, the following data is recorded in a protected area (Protected Area) in the storage unit of the memory card 200 that is a copy destination medium.
(A) PMSN
(B) PMSN MAC
These data are recorded on the copy destination medium only when the PMSN is recorded on the copy source medium.
With this configuration, a content use control configuration equivalent to PMSN (Pre-recorded Media Serial Number) in the copy destination medium is realized.

(3) Realization of media binding of copy data in the copy destination medium According to the AACS standard, the KCD and volume ID, which are difficult to be physically duplicated, are set as essential data in the process of deriving the CPS unit key. Binding is realized.
Even in the copy destination medium, it is necessary to have a configuration in which copy data is bound in association with one copy destination medium based on data that is difficult to be physically copied, that is, the copy data is associated with one copy destination medium.

In the configuration of the present disclosure, as described with reference to FIGS. 19 to 21, the following data is recorded in a protected area (Protected Area) in the storage unit of the memory card 200 that is a copy destination medium.
(A) MAC value based on session key and media ID, that is, [Media ID MAC: Media ID MAC [i]]
This data is recorded in a protected area (Protected Area) in the storage unit of the memory card 200 as a copy destination medium.
The session key is a key shared between the information processing apparatus 100 and the memory card 200 during the copy process.
The media ID (media identifier) is the ID of the copy destination medium, that is, the memory card 200.

As described above with reference to FIG. 11, the media ID storage unit 250 of the memory card 200 includes, for example,
Gamma media ID 251,
EMID (Enhanced Media ID) 252
These IDs are recorded.
Data including any one of these IDs or both is used as the media ID.
With this configuration, media binding of copy data in the copy destination medium is realized.

(4) Realization of AACS Online API Mapping Configuration Depending on the content recorded on the copy source medium, an application for executing the AACS online API is installed.
Even when copy content is recorded on the copy destination medium, it is necessary to emulate the AACS online API.

The data processing unit of the non-information processing apparatus 100 in which the memory card 200 is mounted executes AACS online API mapping.
Specifically, for example, the data processing unit executes the following processing.
"GetVolumeID () method"
As the return value of
A process of returning the value of the volume ID (Volume ID) element recorded in the protected area of the memory card 200 as it is is executed.
Also, if the MAC verification (the collation process between the MAC value calculated from the volume ID and the session key and the volume ID MAC) fails, a null value is returned.

Furthermore, the data processing unit of the information processing apparatus 100 with the memory card 200 attached is
"GetPMSN () method"
As the return value of
A process of returning the value of the PMSN element recorded in the protection area as it is is executed.
If the MAC verification (verification between the PM value calculated from the PMSN and the session key and the PMSN MAC) fails, a null value is returned.

The data processing unit of the information processing apparatus 100 with the memory card 200 is configured to execute the above processing.
With this configuration, even when the copy content is recorded on the copy destination medium, processing using the AACS online API is possible.

That is, in the configuration of the present disclosure, the media ID (volume ID, PMSN) of the first medium 10 that is the copy source medium and the media ID of the memory card 200 that is the copy destination medium are not mapped, but the copy source medium. The media ID (volume ID, PMSN) of the first media is recorded in the protected area with a tamper-proof configuration (MAC value is set).
When the API for obtaining the media ID (volume ID, PMSN) of the first medium 10 as the copy source is executed, the media ID (volume ID, PMSN) recorded in the protection area of the memory card 200 that is the copy destination medium. ) Is executed.

(5) Realization of Content Leakage Prevention Configuration by Introducing Bulk Encryption in Copy Destination Media The AACS rules stipulate that communication data on the transmission path between the PC host and the PC drive is protected by bus encryption.
That is, between the transmission paths, the first encryption applied on the disk driven by the drive and the double encryption of the bus encryption are performed. This is in order to avoid that an encrypted file (single-encrypted state) on the disk can be viewed from the PC application.

Even in the copy destination medium, for example, the encrypted file in the copy destination medium should not be browsed from an execution application such as a PC.
In view of the purpose of double encryption (AACS encryption + AACS bus encryption), there is no transmission of the AACS encryption between the optical disk drive and the host device.

Therefore, if the data to be recorded on the copy destination medium is recorded as encrypted data to which only AACS encryption is applied, the end user can view the state of only AACS encryption, which is not preferable. Therefore, data is recorded on the copy destination medium in a double-encrypted state (AACS encryption + AACS bus encryption).

This is an encryption process using the session key described above with reference to FIGS.
As described with reference to FIGS. 19 to 21, the session key is recorded in the protected area (Protected Area) of the storage unit of the memory card 200.
As the session key, data generated by a pseudo-random number generator or the like, or a session key (BK: bus key) generated in the authentication process of step S81 described above with reference to FIG.

During the copy processing, the data processing unit of the information processing apparatus 100 with the memory card 200 re-encrypts the encrypted content (Ce) according to the AACS Bus Encryption method using the session key (Ks) as follows. To do.
Cee = AES-128CBCE (Ks, Ce)

The data processing unit of the information processing apparatus 100 to which the memory card 200 is attached records the double encrypted content (Cee) under the BDMV directory in the general purpose area (General Purpose Area) of the storage unit.
By recording data on the copy destination medium in a double-encrypted state, individualization for each end user can also be performed.

(6) Content Signature Verification Method for Copy Destination Media Content signature verification is also performed for copy destination media, and the AACS encrypted content has been altered from the state recorded on the copy source media disk. Should be verified.
In particular, if the copy destination medium is a rewritable medium such as a memory card with a flash memory storage unit, data can be replaced, so it is important to be able to perform this verification process. Become.
Another rationality for not re-encrypting the content is that the AACS content signature verification scheme must be inherited.

In the configuration of the present disclosure, as described above, the copy destination medium is configured to perform double encryption on the content and record it in the general-purpose area.
When the data processing unit of the information processing apparatus 100 in which the memory card 200 is mounted reads double-encrypted content from the copy destination medium, and decrypts the second encryption (AACS bus encryption (Bus Encryption)). Then, the content hash is calculated and the presence / absence of falsification by hash verification is determined.

This hash verification process is executed on the encrypted content (Ce) obtained by decrypting the second encryption of the double encrypted content (Cee).
The memory card 200 provides the encrypted content (Ce) to a playback device such as a PC on the condition that it is confirmed that the encrypted content (Ce) has not been tampered with by this verification process.
With this configuration, the verification scheme based on the content certificate recorded on the copy source medium can be used without changing.

[7. Processing order in content copy processing and content movement processing]
In addition to the above technical specifications, the processing order of data copy processing and migration processing is determined.

The AACS management data identified by the index [i] is recorded in the protected area (Protected Area) of the storage unit of the memory card 200 as the copy destination medium as described above with reference to FIGS. The Since the data element with the index nn is associated with the content recorded under the BDMVnn directory, the following four cases can theoretically occur.

(Case 1) A case where a data element whose index is nn in the protected area is valid and valid content is recorded under the corresponding BDMVnn directory. (Case 2) A data element whose index is nn in the protected area. Is valid, but no valid content is recorded under the corresponding BDMVnn directory. (Case 3) The data element with the index nn in the protected area is invalid, but valid under the corresponding BDMVnn directory. Case where content is recorded (Case 4) Case where data element with index nn in the protected area is invalid and invalid content is recorded under the corresponding BDMVnn directory

Case 1 and Case 4 are so-called normal systems. For the convenience of the end user, the copying apparatus is expected to process all the contents on the recording medium so as to maintain either the case 1 or the case 4.

On the other hand, Case 2 and Case 3 are abnormal, so that content reproduction is not performed correctly, and the copy apparatus is expected to avoid all the contents on the recording medium.

An abnormal system can occur in the following situation.
(A) For example, when a removable hard disk drive connected via USB is disconnected during content copying.
(B) The end user has moved under the “BDMVnn directory” to another directory on the same medium.
For example, when the name “BDMV34 directory” is changed to “BDMV01 directory”, data necessary for content decryption such as volume ID (Volume ID) is not recorded in the corresponding index 01 in the corresponding protection area. Collapses.

It is difficult to avoid these

cases

2 and 3 completely. However, by introducing the validity presentation flag: Validity and determining the procedure for the copy process and the move process as described below, it is possible to lead to a recovery process from the inconsistent state of the content in the copy destination medium.

It is also possible to deal with illegal copying of content by malicious users. Illegal duplication is, for example, content copying without consuming copy rights by intentionally interrupting the processing during content copying when the procedures for copying and moving are not compulsory. Can also be completed.

For example, if it is a copy apparatus that performs copy processing in the order of copying the encrypted content after first recording the volume ID (Volume ID) etc. in the corresponding index in the protected area, it is encrypted. Since the content is recorded in the general purpose area (General Purpose Area), the end user can copy it.

Hereinafter, the execution sequence of content copy processing and the copy content movement processing sequence will be described with reference to the flowcharts shown in FIGS.

[7-1. About the content copy process execution sequence]
First, the execution sequence of content copy processing will be described with reference to the flowchart shown in FIG.
Note that the processing according to the flow shown in FIG. 22 is executed by, for example, the data processing unit of the information processing apparatus 100 in which the memory card 200 is mounted.
The data processing unit has a program execution function such as a CPU, reads a processing program stored in the memory, and executes processing according to the flow shown in FIG.
Hereinafter, the process of each step shown in the flowchart of FIG. 22 will be sequentially described.

(Step S101)
First, in step S101, the data processing unit of the information processing apparatus 100 in which the memory card 200 is mounted sets 0 (invalid) to the index validity presentation flag (Validity) corresponding to the copy destination directory of the protection area.

(Step S102)
Next, in step S102, the data processing unit generates the copy destination media BDMVnn, AACSnn directory, and necessary lower directories below these directories.

(Step S103)
Next, in step S103, the data processing unit copies and records the files under the AACS directory on the copy source medium under the AACSnn directory generated at step S102.

(Step S104)
Next, in step S104, the data processing unit copies and records the content (including metadata) protected by AACS under the BDMVnn directory generated in step S102.
When performing the AACS bus encryption (Bus Encryption) during the copy recording process, the Bus Key (session key) is securely stored.

(Step S105)
Next, in step S105, the data processing unit confirms the completion of the copy process, and then writes the data element in the index corresponding to the copy destination directory in the protected area.
Specifically, the following data shown in FIG.
(2) [Session Key: Session Key [i]]
(3) [Media ID MAC: Media ID MAC [i]]
(4) [Verification key: Verification Key [i]]
(5) [Volume ID: Volume ID [i]]
(6) [Volume ID MAC: Volume ID MAC [i]]
(7) [KCD [i]]
(8) [PMSN [i]]
(9) [PMSN MAC [i]]
Record these data.

(Step S106)
Next, in step S106, after confirming the completion of writing, the data processing unit sets 1 (valid) to the validity presentation flag (Validity).

As described above, the data processing unit of the information processing apparatus 100 in which the memory card 200 is mounted executes a copy process for recording the recording data of the first medium on the memory card 200 as the second medium.
The data processor
In the recording data of the first medium, the first medium identifier that can be read from the first medium by applying a dedicated protocol, that is, the data such as the volume ID and PMSN is set with the access restriction of the storage unit of the memory card 200. The data such as encrypted content (BDMV format data, AACS management data) is recorded in the general-purpose area.

The data processing unit of the information processing apparatus 100 sets the index (i) when copying the BDMV format data recorded on the first medium and the AACS management data corresponding to the BDMV format data to the memory card 200. Execute the process.

That is, the BDMV format data to be recorded in the general-purpose area and the AACS management data are set to a directory having the same index (i), BDMV-i, and AACS-i, and a copy of the BDMV format data is set in each set directory. Data and copy data of AACS management data corresponding to the BDMV format data are recorded.
Further, a data set such as a first media identifier (volume ID, PMSN) recorded in the protected area, which is the same index (i) as the BDMV-i directory in which copy data of the BDMV format data is recorded, that is, FIG. Also set in the data set described with reference to FIG.

[7-2. About the copy content move processing execution sequence]
Next, the execution sequence of the copy content movement process will be described with reference to the flowchart shown in FIG.
Note that the processing according to the flow shown in FIG. 23 is executed by the data processing unit of the information processing apparatus 100 in which the memory card 200 is mounted.
The data processing unit has a program execution function such as a CPU, reads a processing program stored in the memory, and executes processing according to the flow shown in FIG.
Hereinafter, the process of each step shown in the flowchart of FIG. 23 will be sequentially described.

(Step S201)
First, in step S201, the data processing unit of the information processing apparatus 100 in which the memory card 200 is mounted acquires the index [aa] of the BDMV directory (BDMVaa) to be migrated, and the protection area that matches the index (aa). The validity presentation flag (Validity) of the data storage element set [aa] is set to 0 (invalid).

(Step S202)
Next, in step S202, the data processing unit copies and records the data elements of the migration source directory (BDMVaa, AACSaa) to an index corresponding to the migration destination directory (temporary directory name: BDMVxx, AACSxx).

(Step S203)
Next, in step S203, the data processing unit changes the name of the destination directory such as the content from the original directory name: BDMVxx to a new directory name: BDMVbb.

(Step S204)
Next, in step S204, the data processing unit changes the name of the destination directory of the management data from the original directory name: AACSxx to a new directory name: AACSbb.

(Step S205)
Next, in step S205, the data processing unit sets the validity presentation flag (Validity) of the data set (data set having the index bb) in the protection area corresponding to the data recorded in the destination directory to 1 (valid). Set.

(Step S206)
Next, in step S206, the data processing unit sets the validity presentation flag (Validity) of the data set (data set having the index aa) in the protection area corresponding to the data recorded in the migration source directory to 0 (invalid). ) And data (all 0 etc.) is overwritten in the data recording area other than the validity presentation flag (Validity) in the data set.

As described above, the data processing unit of the information processing apparatus 100 in which the memory card 200 is mounted executes the following processing, for example, when executing the copy content movement processing, for example, when executing the directory change processing regarding the copy content. To do.

An index consistency adjustment process is executed in which the index value set in the data set including the first media identifier (volume Nishi, PMSN) recorded in the protected area is set as the index value (i) of the directory after the copy content is changed. To do.

In addition, when starting the directory change process for the copy content, the data processing unit sets the value of the validity presentation flag (Validity) indicating the validity of the data set including the first media identifier recorded in the protected area to invalid. After completion of the directory change process and the index value change process set in the data set including the first media identifier, the value of the validity presentation flag (Validity) is set to a value indicating validity. To do.

[8. About hardware configuration example of each device]
Finally, with reference to FIG. 24 and FIG. 25, a hardware configuration example of each device that executes the above-described processing will be described.
FIG. 24 illustrates a hardware configuration example of an information processing apparatus that executes data copy processing.

CPU (Central Processing Unit) 701 functions as a data processing unit that executes various processes according to a program stored in ROM (Read Only Memory) 702 or storage unit 708. For example, the above-described data copy process is executed. A RAM (Random Access Memory) 703 stores programs executed by the CPU 701, data, and the like. The CPU 701, ROM 702, and RAM 703 are connected to each other via a bus 704.

The CPU 701 is connected to an input / output interface 705 via a bus 704. The input / output interface 705 is connected to an input unit 706 including various switches, a keyboard, a mouse, and a microphone, and an output unit 707 including a display and a speaker. Yes. The CPU 701 executes various processes in response to a command input from the input unit 706, and outputs a processing result to the output unit 707, for example.

The storage unit 708 connected to the input / output interface 705 includes, for example, a hard disk, and stores programs executed by the CPU 701 and various data. A communication unit 709 communicates with an external device via a network such as the Internet or a local area network.

A drive 710 connected to the input / output interface 705 drives a removable medium 711 such as a magnetic disk, an optical disk, a magneto-optical disk, or a semiconductor memory such as a memory card, and records various data such as recorded contents and key information. To get. For example, using the acquired content and key data, the content is decrypted and played back according to the playback program executed by the CPU.

FIG. 25 illustrates a hardware configuration example of a memory card that is an information storage device.
A CPU (Central Processing Unit) 801 functions as a data processing unit that executes various processes according to a program stored in a ROM (Read Only Memory) 802 or a storage unit 807. For example, the communication processing with the server or host device described in each of the above-described embodiments, the processing such as writing and reading of the data in the storage unit 807, the access permission determination processing for each divided area of the protection area 811 of the storage unit 807, and the like. Execute. A RAM (Random Access Memory) 803 appropriately stores programs executed by the CPU 801, data, and the like. These CPU 801, ROM 802, and RAM 803 are connected to each other by a bus 804.

The CPU 801 is connected to an input / output interface 805 via a bus 804, and a communication unit 806 and a storage unit 807 are connected to the input / output interface 805.

The communication unit 804 connected to the input / output interface 805 executes communication with, for example, a server or a host. The storage unit 807 is a data storage area, and includes a protection area 811 with access restrictions as described above and a general-purpose area 812 that allows free data recording and reading.

[9. Summary of composition of the present disclosure]
As described above, the embodiments of the present disclosure have been described in detail with reference to specific embodiments. However, it is obvious that those skilled in the art can make modifications and substitutions of the embodiments without departing from the gist of the present disclosure. In other words, the present invention has been disclosed in the form of exemplification, and should not be interpreted in a limited manner. In order to determine the gist of the present disclosure, the claims should be taken into consideration.

The technology disclosed in this specification can take the following configurations.
(1) having a data processing unit for executing a copy process for recording the recording data of the first medium on the second medium;
The data processing unit
In the recording data of the first medium, a first medium identifier that can be read from the first medium by applying a dedicated protocol is recorded in a protected area in which access restriction of the storage unit of the second medium is set,
An information processing apparatus for recording encrypted content in a general-purpose area in which access restriction of the storage unit of the second medium is not set.

(2) The first medium is
BDMV (Blu-ray (registered trademark) disc movie) format data having encrypted content and data including a playback control information file as constituent elements;
A medium in which AACS (Advanced Access Content System) management data including a key information file applied to decryption of the encrypted content and data including data for checking the validity of the encrypted content is recorded;
The data processing unit
The information processing apparatus according to (1), wherein the BDMV format data and the AACS management data are recorded in the general-purpose area.

(3) The data processing unit
When copying the BDMV format data recorded on the first medium and the AACS management data corresponding to the BDMV format data to the second medium,
A directory having the same index (i), BDMV-i, and AACS-i are set in the BDMV format data to be recorded in the general-purpose area and the AACS management data, and copy data of the BDMV format data is set in each set directory. And an information processing apparatus according to (2), wherein copy data of AACS management data corresponding to the BDMV format data is recorded.

(4) The data processing unit
The same index (i) as the BDMV-i directory in which copy data of the BDMV format data of the first medium is recorded,
The information processing apparatus according to (3), which is also set to a first media identifier recorded in the protection area.

(5) The data processing unit
In the protected area of the second media,
The information processing apparatus according to any one of (1) to (4), wherein a volume ID (Volume ID) recorded on the first medium and a pre-recorded serial number (PMSN) are recorded.

(6) The data processing unit
The information processing apparatus according to (5), wherein a message authentication code (MAC) for the volume ID is recorded in the protection area together with the volume ID.

(7) The data processing unit
The information processing apparatus according to (5), wherein a message authentication code (MAC) for the PMSN is recorded in the protection area together with the PMSN.

(8) The data processing unit
The information processing apparatus according to any one of (1) to (7), wherein a message authentication code (MAC) generated based on a media ID of the second medium and a session key generated during copy processing is recorded in the protection area.

(9) The data processing unit
The information processing apparatus according to any one of (1) to (8), wherein after the data recording to the protection area is completed, a value of a validity presentation flag (Validity) indicating validity of the recorded data is set to a value indicating validity.

(10) The data processing unit
As a response process to the execution of the API requesting the reading process of the first media identifier, the reading process of the first media identifier recorded in the protection area of the second medium is executed (1) to (9) The information processing apparatus described.

(11) The data processing unit
When executing a directory change process related to copy content recorded on the second medium,
An index consistency adjustment process is executed in which the index value set in the data set including the first media identifier recorded in the protected area is set as the index value (i) of the directory after the change of the copy content (1) ) To (10).

(12) The data processing unit
When starting the directory change process for the copy content, the value of the validity presentation flag (Validity) indicating the validity of the data set including the first media identifier recorded in the protected area is set to a value indicating invalidity. After completion of the directory change process and the change process of the index value set in the data set including the first media identifier, the value of the validity presentation flag (Validity) is set to a value indicating validity (11). The information processing apparatus described in 1.

(13) a protection area in which access restrictions are set; a storage unit having a general-purpose area in which access restrictions are not set;
A data processing unit,
The general-purpose area of the storage unit records the encrypted content copied from the copy source medium,
The protected area of the storage unit is configured to record a first media identifier that can be read from the first medium by applying a dedicated protocol in the recording data of the copy source medium,
The data processing unit
It is determined whether the information processing apparatus that has output the read request for the first media identifier has an access right to the protection area,
An information storage device that obtains the first media identifier recorded in the protection area and outputs the first media identifier to the information processing device when it is confirmed that the user has an access right.

(14) The copy source medium is:
BDMV (Blu-ray (registered trademark) disc movie) format data having encrypted content and data including a playback control information file as constituent elements;
A medium in which AACS (Advanced Access Content System) management data including a key information file applied to decryption of the encrypted content and data including data for checking the validity of the encrypted content is recorded;
The data processing unit
The information storage device according to (13), wherein the BDMV format data and copy data of the AACS management data are recorded in the general-purpose area.

(15) The general-purpose area of the storage unit is
The copy data of the BDMV format data and the copy data of the AACS management data corresponding to the BDMV format data are recorded in the directory having the same index (i), the BDMV-i, and the AACS-i ( 14) The information storage device described in 14).

(16) The protection area of the storage unit is:
(15) The information storage device according to (15), wherein a first media identifier in which the same index (i) as the BDMV-i directory in which copy data of the BDMV format data of the first medium is recorded is recorded.

(17) An information processing method executed in the information processing apparatus,
The information processing apparatus includes:
A data processing unit for executing a copy process for recording the recording data of the first medium on the second medium;
The data processing unit is
In the recording data of the first medium, a first medium identifier that can be read from the first medium by applying a dedicated protocol is recorded in a protected area in which access restriction of the storage unit of the second medium is set,
An information processing method for recording encrypted content in a general-purpose area in which access restriction of the storage unit of the second medium is not set.

(18) An information processing method executed in an information storage device,
The information storage device includes:
A protected area in which access restrictions are set, and a storage unit having a general-purpose area in which access restrictions are not set,
A data processing unit,
The general-purpose area of the storage unit records the encrypted content copied from the copy source medium,
The protected area of the storage unit is configured to record a first media identifier that can be read from the first medium by applying a dedicated protocol in the recording data of the copy source medium,
The data processing unit is
It is determined whether the information processing apparatus that has output the read request for the first media identifier has an access right to the protection area,
An information processing method for acquiring a first media identifier recorded in the protection area and outputting the first media identifier to the information processing apparatus when it is confirmed that the user has an access right.

(19) A program for executing information processing in an information processing device,
The information processing apparatus includes:
A data processing unit for executing a copy process for recording the recording data of the first medium on the second medium;
The program is stored in the data processing unit.
A process of recording a first media identifier that can be read from the first medium by applying a dedicated protocol in recorded data of the first medium in a protected area in which access restriction of a storage unit of the second medium is set; ,
A program for executing processing for recording an encrypted content in a general-purpose area in which access restriction of the storage unit of the second medium is not set.

(20) A program for causing an information storage device to execute information processing,
The information storage device includes:
A protected area in which access restrictions are set, and a storage unit having a general-purpose area in which access restrictions are not set,
A data processing unit,
The general-purpose area of the storage unit records the encrypted content copied from the copy source medium,
The protected area of the storage unit is configured to record a first media identifier that can be read from the first medium by applying a dedicated protocol in the recording data of the copy source medium,
The program is stored in the data processing unit.
A process for determining whether the information processing apparatus that has output the read request for the first media identifier has an access right to the protection area;
A program for executing a process of acquiring the first media identifier recorded in the protection area and outputting it to the information processing apparatus when it is confirmed that the user has an access right.

Further, the series of processes described in the specification can be executed by hardware, software, or a combined configuration of both. When executing processing by software, the program recording the processing sequence is installed in a memory in a computer incorporated in dedicated hardware and executed, or the program is executed on a general-purpose computer capable of executing various processing. It can be installed and run. For example, the program can be recorded in advance on a recording medium. In addition to being installed on a computer from a recording medium, the program can be received via a network such as a LAN (Local Area Network) or the Internet and installed on a recording medium such as a built-in hard disk.

In addition, the various processes described in the specification are not only executed in time series according to the description, but may be executed in parallel or individually according to the processing capability of the apparatus that executes the processes or as necessary. Further, in this specification, the system is a logical set configuration of a plurality of devices, and the devices of each configuration are not limited to being in the same casing.

As described above, according to the configuration of the embodiment of the present disclosure, a configuration that enables the same control as the content usage control in the copy source medium is realized at the content copy destination.
Specifically, the data processing unit that executes a copy process for recording the recording data of the first medium onto the second medium can read from the first medium by applying a dedicated protocol in the recording data of the first medium. The first media identifier (volume ID, PMSN) is recorded in the protection area where the access restriction of the storage unit of the second medium is set, and the BDMV format data such as the encrypted content and the AACS management data are stored in the second medium. Recorded in a general-purpose area where no access restrictions are set. Each data is associated with an index (i) set in the directory or recording data.

Further, the protected area recording data is also recorded with the MAC value to realize a configuration in which tampering is prevented.
Further, the media binding is realized by recording the value to which the media ID is applied in the protection area.
Each of these configurations realizes a configuration that enables the same control as the content use control in the copy source medium even at the content copy destination.

DESCRIPTION OF SYMBOLS 10 1st medium 20 Information processing apparatus 30 2nd medium 50 Management server 51 Management information setting part 52 Data part 100 Information processing apparatus 200 Memory card 210 Controller 211 CPU
212 RAM
220 Storage Unit 221 Protected Area 222 General-purpose Area 240 Communication Unit 250 Media ID Storage Unit 251 Gamma Media ID
252 EMID
701 CPU
702 ROM
703 RAM
704 Bus 705 Input / output interface 706 Input unit 707 Output unit 708 Storage unit 709 Communication unit 710 Drive 711 Removable media 801 CPU
802 ROM
803 RAM
804 Bus 805 I / O interface 806 Communication unit 807 Storage unit 811 Protection area 812 General-purpose area

Claims

A data processing unit for executing a copy process for recording the recording data of the first medium on the second medium;
The data processing unit
In the recording data of the first medium, a first medium identifier that can be read from the first medium by applying a dedicated protocol is recorded in a protected area in which access restriction of the storage unit of the second medium is set,
An information processing apparatus for recording encrypted content in a general-purpose area in which access restriction of the storage unit of the second medium is not set.
The first medium is
BDMV (Blu-ray (registered trademark) disc movie) format data having encrypted content and data including a playback control information file as constituent elements;
A medium in which AACS (Advanced Access Content System) management data including a key information file applied to decryption of the encrypted content and data including data for checking the validity of the encrypted content is recorded;
The data processing unit
The information processing apparatus according to claim 1, wherein the BDMV format data and the AACS management data are recorded in the general-purpose area.
The data processing unit
When copying the BDMV format data recorded on the first medium and the AACS management data corresponding to the BDMV format data to the second medium,
A directory having the same index (i), BDMV-i, and AACS-i are set in the BDMV format data to be recorded in the general-purpose area and the AACS management data, and copy data of the BDMV format data is set in each set directory. The information processing apparatus according to claim 2, wherein copy data of AACS management data corresponding to the BDMV format data is recorded.
The data processing unit
The same index (i) as the BDMV-i directory in which copy data of the BDMV format data of the first medium is recorded,
The information processing apparatus according to claim 3, wherein the information processing apparatus is also set to a first media identifier recorded in the protection area.
The data processing unit
In the protected area of the second media,
The information processing apparatus according to claim 1, wherein a volume ID (Volume ID) recorded on the first medium and a PMN (Pre-recorded Serial Number) are recorded.
The data processing unit
6. The information processing apparatus according to claim 5, wherein a message authentication code (MAC) for the volume ID is recorded in the protection area together with the volume ID.
The data processing unit
6. The information processing apparatus according to claim 5, wherein a message authentication code (MAC) for the PMSN is recorded in the protection area together with the PMSN.
The data processing unit
The information processing apparatus according to claim 1, wherein a message authentication code (MAC) generated based on a media ID of the second medium and a session key generated during copy processing is recorded in the protection area.
The data processing unit
The information processing apparatus according to claim 1, wherein after completion of data recording on the protection area, a value of a validity presentation flag (Validity) indicating the validity of recorded data is set to a value indicating validity.
The data processing unit
The information processing apparatus according to claim 1, wherein a read process of the first media identifier recorded in the protection area of the second medium is executed as a response process to the execution of an API requesting the read process of the first media identifier.
The data processing unit
When executing a directory change process related to copy content recorded on the second medium,
The index consistency adjustment process is executed, in which an index value set in a data set including the first media identifier recorded in the protected area is set as an index value (i) of the directory after the change of the copy content. The information processing apparatus according to 1.
The data processing unit
When starting the directory change process for the copy content, the value of the validity presentation flag (Validity) indicating the validity of the data set including the first media identifier recorded in the protected area is set to a value indicating invalidity. The value of the validity presentation flag (Validity) is set to a value indicating validity after completion of directory change processing and change processing of an index value set in the data set including the first media identifier. The information processing apparatus described in 1.
A protected area in which access restrictions are set, and a storage unit having a general-purpose area in which access restrictions are not set,
A data processing unit,
The general-purpose area of the storage unit records the encrypted content copied from the copy source medium,
The protected area of the storage unit is configured to record a first media identifier that can be read from the first medium by applying a dedicated protocol in the recording data of the copy source medium,
The data processing unit
It is determined whether the information processing apparatus that has output the read request for the first media identifier has an access right to the protection area,
An information storage device that obtains the first media identifier recorded in the protection area and outputs the first media identifier to the information processing device when it is confirmed that the user has an access right.
The copy source medium is
BDMV (Blu-ray (registered trademark) disc movie) format data having encrypted content and data including a playback control information file as constituent elements;
A medium in which AACS (Advanced Access Content System) management data including a key information file applied to decryption of the encrypted content and data including data for checking the validity of the encrypted content is recorded;
The data processing unit
The information storage device according to claim 13, wherein the BDMV format data and copy data of the AACS management data are recorded in the general-purpose area.
The general-purpose area of the storage unit is
The copy data of the BDMV format data and the copy data of AACS management data corresponding to the BDMV format data are recorded in a directory having the same index (i), BDMV-i, and AACS-i. Item 15. The information storage device according to Item 14.
The protection area of the storage unit is
16. The information storage device according to claim 15, wherein a first media identifier is set in which an index (i) identical to a BDMV-i directory in which copy data of BDMV format data of the first medium is recorded is recorded.
An information processing method executed in an information processing apparatus,
The information processing apparatus includes:
A data processing unit for executing a copy process for recording the recording data of the first medium on the second medium;
The data processing unit is
In the recording data of the first medium, a first medium identifier that can be read from the first medium by applying a dedicated protocol is recorded in a protected area in which access restriction of the storage unit of the second medium is set,
An information processing method for recording encrypted content in a general-purpose area in which access restriction of the storage unit of the second medium is not set.
An information processing method executed in an information storage device,
The information storage device includes:
A protected area in which access restrictions are set, and a storage unit having a general-purpose area in which access restrictions are not set,
A data processing unit,
The general-purpose area of the storage unit records the encrypted content copied from the copy source medium,
The protected area of the storage unit is configured to record a first media identifier that can be read from the first medium by applying a dedicated protocol in the recording data of the copy source medium,
The data processing unit is
It is determined whether the information processing apparatus that has output the read request for the first media identifier has an access right to the protection area,
An information processing method for acquiring a first media identifier recorded in the protection area and outputting the first media identifier to the information processing apparatus when it is confirmed that the user has an access right.
A program for executing information processing in an information processing apparatus;
The information processing apparatus includes:
A data processing unit for executing a copy process for recording the recording data of the first medium on the second medium;
The program is stored in the data processing unit.
A process of recording a first media identifier that can be read from the first medium by applying a dedicated protocol in recorded data of the first medium in a protected area in which access restriction of a storage unit of the second medium is set; ,
A program for executing processing for recording an encrypted content in a general-purpose area in which access restriction of the storage unit of the second medium is not set.
A program for causing an information storage device to execute information processing;
The information storage device includes:
A protected area in which access restrictions are set, and a storage unit having a general-purpose area in which access restrictions are not set,
A data processing unit,
The general-purpose area of the storage unit records the encrypted content copied from the copy source medium,
The protected area of the storage unit is configured to record a first media identifier that can be read from the first medium by applying a dedicated protocol in the recording data of the copy source medium,
The program is stored in the data processing unit.
A process for determining whether the information processing apparatus that has output the read request for the first media identifier has an access right to the protection area;
A program for executing a process of acquiring the first media identifier recorded in the protection area and outputting it to the information processing apparatus when it is confirmed that the user has an access right.