WO2024122602A1 - 画像処理装置および方法 - Google Patents

画像処理装置および方法 Download PDF

Info

Publication number
WO2024122602A1
WO2024122602A1 PCT/JP2023/043768 JP2023043768W WO2024122602A1 WO 2024122602 A1 WO2024122602 A1 WO 2024122602A1 JP 2023043768 W JP2023043768 W JP 2023043768W WO 2024122602 A1 WO2024122602 A1 WO 2024122602A1
Authority
WO
WIPO (PCT)
Prior art keywords
image
url
verification
web page
unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2023/043768
Other languages
English (en)
French (fr)
Japanese (ja)
Inventor
陽介 平塚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sony Group Corp
Original Assignee
Sony Group Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sony Group Corp filed Critical Sony Group Corp
Priority to EP23900714.9A priority Critical patent/EP4632613A4/en
Priority to JP2024562984A priority patent/JPWO2024122602A1/ja
Publication of WO2024122602A1 publication Critical patent/WO2024122602A1/ja
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
    • H04N1/32101Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N1/32144Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title embedded in the image data, i.e. enclosed or integrated in the image, e.g. watermark, super-imposed logo or stamp
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
    • H04N1/32101Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N1/32144Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title embedded in the image data, i.e. enclosed or integrated in the image, e.g. watermark, super-imposed logo or stamp
    • H04N1/32149Methods relating to embedding, encoding, decoding, detection or retrieval operations
    • H04N1/32267Methods relating to embedding, encoding, decoding, detection or retrieval operations combined with processing of the image
    • H04N1/32283Hashing

Definitions

  • the present disclosure relates to an image processing device and method, and in particular to an image processing device and method that can suppress a decrease in reliability in guaranteeing the authenticity of an image.
  • Patent Document 1 there was a method that made it possible to detect tampering by adding a digital signature to an image when it was taken (see, for example, Patent Document 1). There was also a method that left a history with a digital signature when an image was created or edited, making the history traceable (see, for example, Non-Patent Document 1).
  • An image processing device is an image processing device that includes a certification URL generation unit that generates a certification URL, which is address information for publishing a certification web page that certifies the authenticity of an image, and a certification URL storage unit that stores the certification URL in a file that stores a first image, which is the unprocessed image generated from analog information.
  • An image processing method is an image processing method that generates a certification URL, which is address information for publishing a certification web page that certifies the authenticity of an image, and stores the generated certification URL in a file that stores an initial image, which is an unprocessed image generated from analog information.
  • An image processing device is an image processing device that includes a file acquisition unit that acquires a file that stores an image, a certification web page generation unit that generates a certification web page that certifies the authenticity of the image, and a certification web page publishing unit that publishes the certification web page at a certification URL.
  • Another aspect of the image processing method of the present technology is an image processing method that acquires a file that stores an image, generates a verification web page that certifies the authenticity of the image, and publishes the verification web page at a verification URL.
  • a certification URL is generated, which is address information for publishing a certification web page that certifies the authenticity of the image, and the generated certification URL is stored in a file that stores the initial image, which is an unprocessed image generated from analog information.
  • a file storing an image is obtained, a verification web page that certifies the authenticity of the image is generated, and the verification web page is made public at a verification URL.
  • FIG. 13 is a diagram showing an example of a method for generating an image file and a method for publishing proof of the authenticity of the image.
  • FIG. 2 is a diagram showing an example of the main configuration of an image file.
  • FIG. 2 is a diagram showing an example of the main configuration of an image file.
  • FIG. 13 is a diagram illustrating an example of a hash structure.
  • FIG. 13 is a diagram illustrating an example of a storage location of a certification URL.
  • FIG. 1 is a diagram illustrating an example of a social networking site.
  • FIG. 13 illustrates an example of a certification Web page.
  • FIG. 13 illustrates an example of a certification Web page.
  • FIG. 1 is a diagram illustrating an example of a main configuration of an image processing system.
  • FIG. 1 is a block diagram showing an example of a main configuration of an imaging apparatus
  • FIG. 2 is a block diagram showing an example of a main configuration of a server.
  • 1 is a block diagram showing an example of a main configuration of an editing device
  • 1 is a block diagram showing an example of a main configuration of a display device
  • 11 is a flowchart illustrating an example of the flow of an imaging process.
  • 13 is a flowchart illustrating an example of the flow of an image management process.
  • 13 is a flowchart illustrating an example of the flow of a verification process.
  • 13 is a flowchart illustrating an example of the flow of an editing process.
  • 11 is a flowchart illustrating an example of the flow of a display process.
  • FIG. 2 is a block diagram showing an example of a main configuration of a computer.
  • Patent Document 1 (mentioned above)
  • Non-Patent Document 1 (mentioned above)
  • Patent Literature 1 there has been a method of adding a digital signature (also simply called a signature) to an image at the time of shooting, thereby making it possible to detect tampering with the image using the digital signature. Also, as disclosed in Non-Patent Literature 1, there has been a method of leaving a history with a digital signature when an image is generated or edited, making it possible to trace the history.
  • a digital signature also simply called a signature
  • the software or server in charge of editing checks the past history of the image with a public key in the image, and then takes over the digital signature of the past tool and part of the data targeted by the digital signature as metadata for the new image, and in addition signs it with a private key and adds the corresponding public key.
  • Web refers to a standard system for publishing and viewing documents on the Internet
  • a Web page refers to a collection of data that is displayed at one time as a single page on a Web browser or the like.
  • a Web page can be composed of a combination of various elements such as text, images, charts, audio, video, and computer programs.
  • a certification Web page is a Web page that contains information for proving the authenticity of an image or digital signature.
  • a certification URL refers to the URL where this certification Web page is published.
  • published refers to a state in which it can be provided to a client. In other words, for example, by a client accessing the certification URL, the certification Web page (or its contents) can be provided to the client.
  • the initial image refers to an unprocessed and unedited image (digital image data) generated from analog information. Therefore, the initial image is also referred to as an unprocessed image or an unedited image.
  • the initial image generating device that generates the initial image is an imaging device
  • the initial image may be a captured image generated by capturing an image of a subject.
  • the captured image may be in any format.
  • the captured image may be a RAW image, a YUV image converted from the RAW image, or an encoded image (such as a JPEG (Joint Photographic Experts Group) image) in which the YUV image is encoded.
  • JPEG Joint Photographic Experts Group
  • the initial image generating device that generates the initial image is a scanner
  • the initial image may be a scanned image generated by scanning paper.
  • the scanned image may be in any format.
  • the scanned image may be a BMP (Bitmap) image, a JPEG image, or a PDF (Portable Document Format) image.
  • the first image processing device may include a certification URL generation unit that generates a certification URL, which is address information for publishing a certification web page that certifies the authenticity of an image, and a certification URL storage unit that stores the certification URL in a file that stores the first image, which is an unprocessed image generated from analog information.
  • a certification URL generation unit that generates a certification URL, which is address information for publishing a certification web page that certifies the authenticity of an image
  • a certification URL storage unit that stores the certification URL in a file that stores the first image, which is an unprocessed image generated from analog information.
  • a certification URL which is address information for publishing a certification web page that certifies the authenticity of the image, may be generated, and the generated certification URL may be stored in a file that stores the first image, which is an unprocessed image generated from analog information.
  • this verification web page can notify that the authenticity of the image cannot be guaranteed (for example, detection of fraudulent activity such as image tampering). Therefore, detection of fraudulent activity such as tampering can be made known to the entire system earlier than when only verifying each image individually (when reporting of detected fraudulent activity is left to user communication, etc.). This can be expected to result in earlier action being taken against fraudulent activity. Therefore, a decrease in reliability of the guarantee of image authenticity can be suppressed.
  • the first image may be a captured image. That is, the first image processing device (e.g., an imaging device) may further include an imaging unit that captures an image of a subject and generates the captured image as the first image. Then, the certification URL storage unit may store the certification URL in a file that stores the captured image.
  • the first image processing device e.g., an imaging device
  • the certification URL storage unit may store the certification URL in a file that stores the captured image.
  • the imaging device can store the verification URL in the file that stores the generated captured image. This makes it possible to suppress a decrease in reliability in guaranteeing the authenticity of the captured image or an edited image of the captured image.
  • Image file contents Any information may be stored in the image file, including the image (also called the main image), metadata such as thumbnails, verification URLs, their hashes, and their signatures.
  • the main image is the first image or the latest image.
  • the latest image is the most recently edited image that corresponds to the first image. In other words, if the first image has been edited N times, the latest image indicates the image that has been edited the Nth time.
  • metadata is data associated with the main image and includes information about the main image.
  • the reduced image is an image that has been reduced in size from the main image. This reduced image may be of any size as long as it is smaller than the main image. For example, it may be an image known as a thumbnail, or an image known as a screennail.
  • the verification URL is address information for publishing the verification web page corresponding to the main image (i.e., the verification web page that contains information to prove the authenticity of the main image and its digital signature). Therefore, the verification URL can also be considered the metadata of the main image.
  • the hash is generated using the main image, metadata, and verification URL, etc.
  • the signature is an electronic signature generated using that hash and a private key. In other words, the signature corresponds to the main image, metadata, and verification URL, etc.
  • the first image processing device may further include a first image generation unit that generates a first image, a metadata generation unit that generates metadata for the first image, a hash generation unit that generates a hash using the first image, its metadata, and a certification URL, and a signature generation unit that uses the hash to generate a signature for the first image, metadata, and certification URL.
  • the certification URL storage unit may generate a file (image file) that stores the first image, metadata, certification URL, hash, and signature.
  • FIG. 2 is a diagram showing an example of the main configuration of an image file.
  • the image file 10 shown in Figure 2 has an image area 11, a metadata area 12, a hash area 13, and a signature area 14.
  • the image area 11 stores the main image (image, Exif (Exchangeable Image File Format)), etc.
  • the metadata area 12 stores metadata of the main image, such as the image/Exif hash, reduced image (thumbnail, screennail, etc.), photographer, etc.
  • This metadata may be, for example, metadata defined by the C2PA standard (C2PA meta).
  • the hash area 13 stores, for example, a link to metadata and a hash, etc.
  • the signature area 14 stores, for example, an electronic signature, a certificate, etc.
  • the first image may be stored in image area 11 as the main image.
  • Metadata for the first image may be stored in metadata area 12.
  • a verification URL corresponding to the main image may be stored in metadata area 12.
  • a hash generated using these may be stored in hash area 13.
  • a signature of the first image, metadata, and verification URL generated using the hash and a private key may be stored in signature area 14.
  • image type certification may be stored in the image file.
  • image type certification is information that certifies what type of image the initial image is (the type of image).
  • image type certification may indicate that "the initial image is a captured image” or "the initial image is an image generated by AI (Artificial Intelligence)", etc. This image type certification may be generated in any way.
  • this image type certificate may be generated and stored in an image file.
  • the first image processing device may further include an image type certificate generation unit that generates an image type certificate that certifies the type of the initial image.
  • the certification URL storage unit may store the image type certificate in a file.
  • the first image processing device may further include an first image generation unit that generates the first image, an embedding unit that embeds information that identifies the device or the creator into the first image, and a signature generation unit that generates a signature of the first image with the embedded information.
  • the signature can prevent tampering with the information.
  • the image file may be in any format.
  • the image file may be in a format that stores information such as metadata for each processing so that the processing history of the main image can be traced (hereinafter, also referred to as a history storage format).
  • information on the initial image and information on the image after each processing are stored in the image file. That is, for example, when the initial image is processed, information on the image after processing is added to the image file while leaving the information before processing (information on the initial image). Then, when the processed image is processed a second time, information on the image after the second processing is added to the image file while leaving the information on the initial image and the information on the image after the first processing. Since a signature is generated for each information, the processing history of the main image can be traced.
  • an image file in the history storage format may include, for example, the latest image, latest metadata, verification URL, latest hash, latest signature, and information for each processing.
  • the latest image is the main image after the latest processing.
  • the latest metadata is metadata corresponding to the latest image.
  • the latest hash is a hash generated using the latest image, latest metadata, and verification URL.
  • the latest signature is a signature of the latest image, latest metadata, and verification URL generated using the latest hash and a private key.
  • the information for each processing includes this information about the image before processing or after each processing.
  • Figure 3 shows an example of the main structure of an image file in history storage format.
  • the image file 20 shown in Figure 3 shows an example of the structure of the initial image stored in the image file 10 in Figure 2 after two processing steps have been applied.
  • the image file 20 has an image area 21, a metadata area 22-1, a hash area 23-1, a signature area 24-1, a metadata area 22-2, a hash area 23-2, a signature area 24-2, a metadata area 22-3, a hash area 23-3, and a signature area 24-3.
  • the metadata areas 22-1, 22-2, and 22-3 are not distinguished from one another, they are also referred to as the metadata area 22.
  • the hash areas 23-1, 23-2, and 23-3 are not distinguished from one another, they are also referred to as the hash area 23.
  • the signature areas 24-1, 24-2, and 24-3 are not distinguished from one another, they are also referred to as the signature area 24.
  • the image area 21 is an area for storing the main image, similar to the image area 11 ( Figure 2). The latest image is stored in the image area 21. In other words, the image area 21 stores a secondary edited image (image, Exif, etc.) that has been edited twice from a captured image.
  • the metadata area 22 is an area for storing metadata of the main image, etc., similar to the metadata area 12 ( Figure 2).
  • the hash area 23 is an area for storing links to metadata and hashes, etc., similar to the hash area 13 ( Figure 2).
  • the signature area 24 is an area for storing electronic signatures, certificates, etc., similar to the signature area 14 ( Figure 2).
  • Information about the first image is stored in the metadata area 22-3, hash area 23-3, and signature area 24-3. That is, metadata of the first image (e.g., image/Exif hash, thumbnail image, photographer, etc.) is stored in the metadata area 22-3. A certification URL is also stored in this metadata area 22-3. A link and hash to the metadata stored in the metadata area 22-3 are stored in the hash area 23-3.
  • the signature area 24-3 stores the information in the hash area 23-3 (hashes of the image and metadata, etc.) and a signature (signature corresponding to the first image) and certificate (public key corresponding to the private key used to generate the signature, etc.) generated using the private key.
  • the metadata area 22-2 stores metadata of the primary edited image (e.g., image/Exif hash, reduced image, information related to the primary edit, etc.).
  • the hash area 23-2 stores a link and hash to the metadata stored in the metadata area 22-2.
  • the signature area 24-2 stores the information in the hash area 23-2 (hashes of the image and metadata, etc.) and a signature (signature corresponding to the primary edited image) and certificate (public key corresponding to the private key used to generate the signature, etc.) generated using the private key.
  • the metadata area 22-1 stores metadata of the secondary edited image (e.g., image/Exif hash, reduced image, information related to the secondary edit, etc.).
  • the hash area 23-1 stores a link and hash to the metadata stored in the metadata area 22-1.
  • the signature area 24-1 stores the information in the hash area 23-1 (hashes of the image and metadata, etc.) and a signature (signature corresponding to the secondary edited image) and a certificate (public key corresponding to the private key used to generate the signature, etc.) generated using the private key.
  • the main image in the image area 21 is updated to the latest image, and the metadata area 22, hash area 23, and signature area 24 corresponding to that latest image are added to the image file 20.
  • Information on the original image is referenced from the information in the hash area 23.
  • information for each edit is stored as a history in the image file 20.
  • a signature for each edit is also stored. Therefore, a user can check the history of image edits by performing signature-based verification on an image file 20 configured in this way.
  • an image file may be generated in such a history preservation format by the initial image generation device when the image file is generated.
  • another device other than the initial image generation device e.g., a server that manages images
  • This image file format conversion may be performed at any time as long as the format conversion is possible.
  • the image file format may be converted into the history preservation format before the first editing is performed.
  • the image file format may be converted into the history preservation format when the verification URL is stored in the image file before the first editing is performed.
  • the hash stored in the image file may have any structure.
  • the hash corresponding to the signature may have a multi-stage structure. That is, the hash corresponding to the signature may be generated by generating multiple hashes for information such as the image and metadata.
  • the hash corresponding to the signature may have a three-stage structure by generating a first hash using information such as the image and metadata, generating a second hash using the first hash, generating a third hash using the second hash, and generating a signature using the third hash.
  • the lower layer hash of such a multi-stage hash structure may be a multi-hash.
  • a multi-hash is composed of multiple hashes that are independent of each other.
  • a single upper layer hash may be generated using multiple lower layer hashes.
  • the image type certificate described above is stored in an image file, when generating such a multi-hash, a single hash may be generated using the certificate URL and the image type certificate. By configuring the hash in this way, it is possible to ensure that the authenticity of the image type certificate cannot be guaranteed if the certificate URL is deleted or tampered with.
  • the hash generation unit may generate multiple partial hashes including one partial hash corresponding to the verification URL and the image type verification, and use the multiple partial hashes to generate one hash corresponding to the initial image, metadata, and verification URL.
  • Figure 4 shows an example of the hash structure in this case.
  • information such as the verification URL, image type verification, other metadata, and the image is stored in the image file.
  • hash A is generated using the verification URL and image type verification.
  • Hashes B and C are generated using the other metadata.
  • Hash D is generated using the image.
  • Hash E is then generated using hash A, hash B, hash C, and hash D.
  • a signature is then generated using hash E.
  • the hash can be made into a multi-stage structure (a stage for hash E and stages for hash A through hash D).
  • the lower-level hashes can be made into a multi-hash (hashes A through hash D).
  • the verification URL and image type verification can be associated with one hash A.
  • the verification URL may be stored in the image file at any timing. For example, it may be stored before the generation of the verification web page.
  • the image generating device may generate and store the verification URL when first generating the image file.
  • the verification URL for the ungenerated verification web page (the verification web page that does not exist) is stored in the image file.
  • the verification URL corresponding to this ungenerated verification web page is also referred to as a reserved URL.
  • the reserved URL may be stored in the image file as the verification URL (method 1-1), as shown in the second row from the top of the table in FIG. 1.
  • the verification URL generation unit may generate a reserved URL that is a verification URL for an ungenerated verification web page. Then, the verification URL storage unit may store the reserved URL in a file as a verification URL. In this way, an image file including the verification URL can be generated before the verification web page is generated.
  • This reserved URL does not need to exist at this point. In other words, it is sufficient that this reserved URL is set on the server by the time the verification web page is published. If the reserved URL exists when the verification web page is published, the server can publish the verification web page at that reserved URL. In other words, a non-existent address may be stored in the image file as the verification URL (reserved URL).
  • the initial image generation device may generate a reserved URL using a known domain where the verification web page will be published, a serial number assigned to the initial image generation device, and a specified sequential number, etc., and store it in the image file.
  • the verification URL may be stored in the image file after the verification web page is generated.
  • a server that manages images or a server that publishes the verification web page may generate a verification web page corresponding to the image file, set a verification URL corresponding to the verification web page, and store the verification URL in the image file.
  • the verification URL for the actually existing verification web page is stored in the image file.
  • the verification URL corresponding to this actually existing verification web page is also referred to as a real URL.
  • the real URL may be stored in the image file as the verification URL, as shown in the third row from the top of the table in FIG. 1 (method 1-2).
  • the verification URL may be stored in any area of the image file.
  • the verification URL may be stored in an area of the image file to which the verification URL is propagated even after the image is edited.
  • the verification URL storage unit may store the verification URL in an area of the file to which the verification URL is propagated even after the image is edited.
  • the verification URL may be stored in a metadata area. In this way, even after the image is edited, information that proves the authenticity of the image can be made public on the verification web page.
  • This "area that continues to be propagated even after an image is edited” may be any area, but may be, for example, a vendor extension area (Vendor Extension) that can be extended by a vendor within the metadata area that stores metadata.
  • the image file 70 shown in FIG. 5 has an image area (Main image) 71, a metadata (C2PA meta) area 72, and a vendor extension area (Vendor Extension) 73 formed therein.
  • an APP81 which is a segment in which application data is stored, is formed.
  • a certification URL may be stored in this APP81.
  • a dedicated area may be created in the image file to store the verification URL so that it can be propagated in the history.
  • the verification web page may be generated in any manner.
  • a server that publishes the verification web page may obtain an image file, generate a verification web page corresponding to the image file, and publish the verification web page at the verification URL.
  • the server may also manage the image file and provide it to clients.
  • the second image processing device may include a file acquisition unit that acquires a file that stores an image, a certification web page generation unit that generates a certification web page that certifies the authenticity of the image, and a certification web page publishing unit that publishes the certification web page at a certification URL.
  • a file acquisition unit that acquires a file that stores an image
  • a certification web page generation unit that generates a certification web page that certifies the authenticity of the image
  • a certification web page publishing unit that publishes the certification web page at a certification URL.
  • a second image processing device may obtain a file that stores the image, generate a certification web page that certifies the authenticity of the image, and publish the certification web page at a certification URL.
  • this verification web page can notify that the authenticity of the image cannot be guaranteed (for example, detection of fraudulent activity such as image tampering). Therefore, detection of fraudulent activity such as tampering can be made known to the entire system earlier than when only verifying each image individually (when reporting of detected fraudulent activity is left to user communication, etc.). This can be expected to result in earlier action being taken against fraudulent activity. Therefore, a decrease in reliability of the guarantee of image authenticity can be suppressed.
  • the certification web page may be published at the reserved URL stored in the image file.
  • the reserved URL stored in the image file may be replaced with a short URL.
  • a reserved URL generated for an ungenerated certification web page may be stored in a file as a certification URL.
  • the certification web page publishing unit may set the reserved URL and publish the certification web page at the reserved URL.
  • the second image processing device may have a certification URL storage unit that generates a short URL indicating the reserved URL stored in the image file and stores the generated short URL in the image file as the certification URL instead of the reserved URL.
  • the certification URL storage unit may replace the reserved URL stored in the image file with a short URL indicating the reserved URL.
  • the server can publish a verification web page that corresponds to the image file.
  • the server can also store a short URL for the image file that is shorter than the reserved URL.
  • the server may generate and set a real URL, publish a certification web page at the real URL, and store the real URL in an image file.
  • the server may also store a short URL in place of the real URL in an image file.
  • the certification web page publishing unit may generate a certification URL for the certification web page, set the generated certification URL, and publish the certification web page at the set certification URL.
  • the second image processing device may further include a certification URL storage unit that stores the certification URL in a file.
  • the second image processing device may also include a certification URL storage unit that generates a short URL indicating an alternative address for the address at which the certification web page is published, and stores the generated short URL in an image file as a certification URL.
  • the server can associate the image file with a verification web page by storing the verification URL in the image file.
  • the server can publish a verification web page that corresponds to the image file.
  • the server can also store a short URL, which is shorter than the actual URL, in the image file.
  • the information on this certification Web page may be updated as necessary. For example, it may be updated every time image editing is performed. Any method of updating may be used.
  • the server may dynamically generate and replace a certification Web page every time image editing is performed. In other words, in this method, the entire certification Web page to be made public is updated. In this way, the complexity of the update process can be reduced.
  • the server may first generate a static proof web page for the image, and then after editing the image, update the existing proof web page to reflect the results of the edits.
  • this method only the parts of the proof web page that need to be updated are updated. This makes it possible to prevent an increase in the amount of information to be updated, and to prevent an increase in the load on the server related to the update process.
  • the provision (and display) of the verification web page may be performed in any manner, for example, the client (display device) may access the verification URL, the server may provide the verification web page in response to the request (access to the verification URL), and the client (display device) may display the provided verification web page.
  • the client when requesting the certification web page, the client (display device) may, for example, refer to the certification URL stored in the image file and access the certification URL.
  • the client may, for example, first communicate with an image generating device (e.g., an imaging device) and obtain the image file from the first image generating device.
  • the client may also communicate with a server that manages the image file and obtain the image file from the server.
  • the client may also obtain the image file via a recording medium.
  • the client may also access a verification URL posted on a service such as a social network site (SNS).
  • a service such as a social network site (SNS).
  • the owner of an image file e.g., the creator of the initial image
  • the client refers to the image and the verification URL via the SNS and accesses the verification URL.
  • the client obtains and displays a page 91 of the SNS on which an image is posted, as shown in FIG. 6. This page 91 displays an image 91A.
  • a link to the verification URL is associated with this image 91A.
  • the client accesses the verification URL and obtains and displays a verification web page such as the examples shown in FIG. 7 and FIG. 8.
  • the client can more easily access the verification URL.
  • the certification Web page may include a target image, metadata of the image, and information regarding the authenticity of the image.
  • the certification Web page generation unit may generate a certification Web page including an image, metadata of the image, and information regarding the authenticity of the image.
  • FIG 7 is a diagram showing an example of the main configuration of an attestation web page.
  • the attestation web page 92 shown in Figure 7 shows a photo authenticity report.
  • the attestation web page 92 shows an example of a case where the authenticity of a photo is guaranteed.
  • the left side of the attestation web page 92 shows the target image (photo) and its verification result.
  • it displays "The Photo is genuine,” and the photo displayed below it is guaranteed to be authentic.
  • It also displays "XXXX assure this photo is genuine as its capture device manufacture," and XXXX assures that this photo is authentic as it is the manufacturer of the capture device.
  • the verification result of the cryptographic signature is valid.
  • Metadata for the target image is displayed. For example, information such as the date and time obtained from a time server, location information from the GPS (Global Positioning System), shutter speed, model, serial number, photo resolution, file size, etc. are displayed.
  • GPS Global Positioning System
  • the authentication web page 93 shown in FIG. 8 shows a Photo Authenticity Report, similar to authentication web page 92.
  • Authentication web page 93 shows an example of a case where a photo is suspected to be fake.
  • the left side of authentication web page 93 shows the target image (photo) and its verification results. For example, it may say "The Photo is suspected as fake photo,” indicating that the photo displayed below is suspected to be a fake photo.
  • the data format of the published certification web page may be in any format.
  • the data may be human-readable information.
  • the data may be image information or information that can be displayed as text data such as HTML (HyperText Markup Language).
  • the information may be software-readable.
  • the client software may interpret the contents of the certification web page, perform calculations, etc., and generate and present information for display.
  • the second image processing device may further include an authenticity determination unit that uses a signature of the image to determine the authenticity of the image. Then, the verification web page generation unit may generate a verification web page that includes the result of the determination.
  • the second image processing device may further include a verification unit that verifies the authenticity of the image using metadata. Then, the verification web page generation unit may generate a verification web page that includes the results of the verification.
  • Image verification Any method may be used to verify the image, etc.
  • the image, etc. may be verified by detecting unnaturalness of the image in the image file, by comparing the image with metadata, or by comparing metadata (including debug information that indicates the characteristics of the image).
  • any device may verify the image, etc.
  • a device such as a server
  • an image generating device such as an imaging device
  • the display of "no problem” regarding authenticity may be switched to "suspicious" or the like on the certification web page of not only the image in which tampering has been detected, but also other images related to the same device or photographer.
  • the certification web page generation unit detects an inconsistency in its verification, the verification result may also be reflected in the certification web pages of other images corresponding to that image.
  • the source of the verification process may be notified by a verification result screen of the image in which fraud was detected or by the return value of an API (Application Program Interface).
  • the proof web page generation unit may notify the source of the verification process of the result of the verification.
  • the image and other images related to that image may be notified to registered parties via email, API, etc.
  • the proof web page generation unit may notify a specified user of the verification result.
  • the detection result may be notified immediately after detection, or the detection result may be notified at a specified timing (for example, after waiting for a specified period of time).
  • ⁇ Combination> Each method described above in ⁇ 3. Publication of the Verification Web Page> may be applied in combination with any other method as long as no contradiction occurs. Three or more methods may be applied in combination. For example, any two or more of Method 1-1 to Method 1-4 may be applied in combination. In addition, the methods that can be combined may include not only those shown in the table of FIG. 1 as "Method" but also all of the elements described above in ⁇ 3. Publication of the Verification Web Page>. In addition, each of the methods described above may be applied in combination with other methods other than those described above.
  • FIG. 9 is a system diagram showing an example of the configuration of an image processing system to which the present technology is applied.
  • the image processing system 100 shown in Fig. 9 is a system that processes captured images.
  • FIG. 9 shows the main device configurations and data flows, etc., but does not necessarily include everything.
  • image processing system 100 may include devices not shown in FIG. 9, and processes and data flows not shown as arrows, etc. in FIG. 9 may exist.
  • the image processing system 100 has an imaging device 111, a server 112, an editing device 113, and a display device 114 that are communicatively connected to each other via a network 110.
  • FIG. 9 shows one imaging device 111, one server 112, one editing device 113, and one display device 114, there may be any number of each. In other words, there may be two or more imaging devices 111, two or more servers 112, two or more editing devices 113, and two or more display devices 114. Furthermore, the number of imaging devices 111, two or more servers 112, two or more editing devices 113, and two or more display devices 114 do not have to be the same. Furthermore, FIG. 9 shows one network as the network 110, but the image processing system 100 may have multiple networks.
  • the network 110 is a communication network that serves as a communication medium between the devices.
  • the network 110 may be a wired communication network, a wireless communication network, or may include both.
  • the network 110 may be a wired LAN (Local Area Network), a wireless LAN, a public telephone line network, a wide area communication network for wireless mobile devices such as a so-called 4G line or 5G line, or the Internet, or a combination of these.
  • the network 110 may be a single communication network or multiple communication networks.
  • the network 110 may be partially or entirely composed of a communication cable of a specified standard, such as a USB (Universal Serial Bus) (registered trademark) cable or an HDMI (High-Definition Multimedia Interface) (registered trademark) cable.
  • USB Universal Serial Bus
  • HDMI High-Definition Multimedia Interface
  • the imaging device 111 performs processing related to capturing an image of a subject, i.e., generating a captured image (image file). For example, the imaging device 111 may capture an image of a subject and generate a captured image. The imaging device 111 may generate an image file that stores the captured image, etc. The imaging device 111 may generate a verification URL (reservation URL) and store it in the image file. The imaging device 111 may supply the image file via the network 110 or a recording medium.
  • the server 112 performs processing related to the verification web page.
  • the server 112 may manage and provide image files.
  • the server 112 may generate a verification web page.
  • the server 112 may set a verification URL and publish the verification web page at the verification URL.
  • the server 112 may generate a verification URL (real URL) and store it in an image file.
  • the server 112 may determine the authenticity of the image.
  • the server 112 may publish the results of the authenticity determination on the verification web page.
  • the server 112 may verify images, etc.
  • the server 112 may publish the results of the verification on the verification web page.
  • Editing device 113 performs processing related to image editing. For example, editing device 113 may acquire an image file. Editing device 113 may process an image stored in the image file. Editing device 113 may update information stored in the image file in accordance with the image editing while preserving the history of the image editing. Editing device 113 may supply the edited image file via network 110 or a recording medium.
  • the display device 114 performs processing related to the display of images. For example, the display device 114 may display an image stored in an image file. The display device 114 may obtain and display a verification web page corresponding to the image.
  • the imaging device 111, server 112, editing device 113, and display device 114 may also communicate via the network 110 to exchange information.
  • the imaging device 111 may provide (upload) an image file to the server 112.
  • the server 112 may also provide (download) an image file or a certification web page to the display device 114, as indicated by the dotted double-headed arrow 122.
  • the imaging device 111 is configured by an information processing terminal device having an imaging function, such as a digital camera, a smartphone, a tablet terminal, or a notebook personal computer.
  • the imaging device 111 may be configured by one device (electronic device), or may be configured by multiple devices (electronic devices).
  • the imaging device 111 may be configured by a digital camera and a smartphone. In that case, for example, the digital camera may generate captured images, and the smartphone may generate signatures for the captured images and provide them to the server 112, etc.
  • the imaging device 111 will be described as being configured by one device (electronic device).
  • FIG. 10 is a block diagram showing an example of the configuration of an imaging device 111, which is one aspect of an image processing device to which this technology is applied.
  • FIG. 10 shows the main processing units, data flows, etc., and is not necessarily all that is shown in FIG. 10.
  • processing units that are not shown as blocks in FIG. 10
  • processing or data flows that are not shown as arrows, etc. in FIG. 10.
  • the imaging device 111 has a control unit 201, an imaging processing unit 202, an input unit 203, and an output unit 204.
  • the control unit 201 controls each processing unit in the imaging processing unit 202.
  • the imaging processing unit 202 is controlled by the control unit 201 to perform processing related to imaging.
  • the input unit 203 has an input device such as a button or a switch.
  • the input unit 203 accepts instructions input from a user or the like via the input device.
  • the input unit 203 supplies the accepted instructions to the control unit 201.
  • the control unit 201 may control the imaging processing unit 202 based on the accepted instructions.
  • the output unit 204 has an output device such as a monitor or a speaker.
  • the output unit 204 outputs information supplied from the control unit 201 via the output device as, for example, an image or sound.
  • the control unit 201 may supply any information, such as a control result, to the output unit 204 to output it.
  • the imaging processing unit 202 has a proof URL generation unit 211, an image type proof generation unit 212, an optical system 221, a sensor unit 222, a RAW processing unit 223, a YUV processing unit 224, a reduced image generation unit 225, an image information addition unit 226, a 3D information processing unit 227, a hash processing unit 228, a signature control unit 229, a signature generation unit 230, an image file generation unit 231, an image file recording unit 232, and an image file supply unit 233.
  • the proof URL generation unit 211 executes processing related to the generation of a proof URL. For example, the proof URL generation unit 211 may generate a reservation URL as a proof URL before a proof web page is generated. The proof URL generation unit 211 may supply the generated proof URL (reservation URL) to the image information addition unit 226.
  • the image type certification generation unit 212 executes processing related to the generation of image type certification. For example, the image type certification generation unit 212 may generate an image type certification indicating whether the initial image is a captured image, a scanned image, or an image generated by AI. The image type certification generation unit 212 may supply the generated image type certification to the image information addition unit 226.
  • the optical system 221 is composed of optical elements such as lenses, mirrors, filters, and apertures, and exerts a predetermined influence on the light beam from the subject, directing the light beam to the sensor unit 222. In other words, the light beam from the subject enters the sensor unit 222 via the optical system 221.
  • the sensor unit 222 performs processing related to photoelectric conversion.
  • the sensor unit 222 has an image sensor 241 and a 3D information sensor 242.
  • the sensor unit 222 may generate a captured image and 3D information using light rays from a subject that are incident via the optical system 221.
  • the image sensor 241 performs processing related to the generation of captured images.
  • the image sensor 241 has a pixel array in which pixels having photoelectric conversion elements are arranged in a matrix.
  • the image sensor 241 may receive light rays from a subject incident via the optical system 221 in its pixel array and perform photoelectric conversion to generate a captured image (a RAW image or a JPEG (Joint Photographic Experts Group) image generated from the RAW image).
  • a captured image a RAW image or a JPEG (Joint Photographic Experts Group) image generated from the RAW image.
  • the image sensor 241 captures an image of a subject and generates a captured image of the subject, and therefore can also be called an imaging section or a captured image generation section.
  • the image sensor 241 since the captured image is also an initial image, the image sensor 241 can also be called an initial image generation section.
  • the image sensor 241 may supply the generated captured image to the RAW processing section 223.
  • the 3D information sensor 242 detects distance-related information for multiple locations within the captured image obtained by the image sensor 241 on the same optical axis as the captured image, and generates 3D information.
  • the 3D information sensor 242 can also be considered a 3D information generation unit.
  • the 3D information sensor 242 has a specified sensor device that detects distance-related information.
  • the 3D information sensor 242 receives light rays from the subject that are incident via the optical system 221 in the sensor device, detects distance-related information, and generates 3D information.
  • the same optical axis means that the light rays from the subject that enter the 3D information sensor 242 pass through the optical system 221 through which the light rays from the subject that enter the image sensor 241 pass. In other words, it means that the paths at least from the subject to the sensor unit 222 of the light rays that enter the image sensor 241 and the light rays that enter the 3D information sensor 242 are the same. In this way, the captured image and distance-related information are detected on the same optical axis, making it difficult to perform trick photography, such as capturing a face photo and detecting the distance to a person other than the subject in the face photo. In other words, there is a high possibility that the subject of the captured image and the subject of the 3D information are the same.
  • the “distance-related information” may be information indicating the distance from the imaging device 111 (3D information sensor 242) to the subject, or may be information for deriving that distance.
  • the distance-related information may include a depth map, phase difference data, ToF (Time of Flight) data, or a collection of parallax images.
  • the 3D information sensor 242 supplies the generated 3D information to the 3D information processing unit 227.
  • the image sensor 241 and the 3D information sensor 242 are configured as separate bodies, but the image sensor 241 and the 3D information sensor 242 may be integrated, or the image sensor 241 may also serve as the 3D information sensor 242.
  • the 3D information sensor 242 may be configured as a ToF sensor that measures distance using a ToF method, separate from the image sensor 241.
  • the 3D information sensor 242 may be configured as an image plane phase difference detection pixel formed in the effective pixel area of the pixel array of the image sensor 241.
  • the image plane phase difference detection pixel is a pixel used for a focusing (autofocus) function of the phase difference method, and can detect phase difference data.
  • the image sensor 241 and the 3D information sensor 242 are formed as a single body.
  • the 3D information sensor 242 may be configured as a phase difference sensor that detects phase difference data, separate from the image sensor 241.
  • the image sensor 241 also serves as the 3D information sensor 242. In other words, in this case, the image sensor 241 generates the captured images and 3D information, and the 3D information sensor 242 can be omitted.
  • the following description will be given taking as an example a case where the 3D information sensor 242 is configured with image surface phase difference detection pixels. In other words, the description will be given taking as an example a case where the 3D information sensor 242 detects phase difference data as distance-related information.
  • the RAW processing unit 223 performs processing related to the RAW image.
  • the RAW processing unit 223 may acquire a captured image (RAW image) supplied from the image sensor 241.
  • the RAW processing unit 223 may perform a predetermined processing on the RAW image.
  • the content of this processing is arbitrary. For example, it may be correction of white balance or the like.
  • the RAW processing unit 223 may supply the processed RAW image to the YUV processing unit 224.
  • the YUV processing unit 224 performs processing related to the generation of a YUV image.
  • the YUV processing unit 224 may acquire a RAW image supplied from the RAW processing unit 223.
  • the YUV processing unit 224 may convert the RAW image into a YUV image.
  • the YUV processing unit 224 may encode the YUV image and convert it into a JPEG image.
  • the YUV processing unit 224 may supply the generated JPEG image to the reduced image generation unit 225. Note that when the image sensor 241 outputs a JPEG image as the captured image, the RAW processing unit 223 and the YUV processing unit 224 may be omitted, and the image sensor 241 may supply the JPEG image to the reduced image generation unit 225.
  • the reduced image generating unit 225 performs processing related to the generation of a reduced image corresponding to the main image.
  • the reduced image generating unit 225 may obtain a JPEG image (main image) supplied from the YUV processing unit 224.
  • the reduced image generating unit 225 may generate a reduced image of the JPEG image (main image).
  • the method of generating this reduced image is arbitrary.
  • the reduced image generating unit 225 may generate a reduced image by thinning out some pixel values of the main image.
  • the reduced image generating unit 225 may generate a reduced image by combining pixel values for each predetermined partial area of the main image to reduce the number of pixels.
  • the reduced image generating unit 225 may create a reduced image by looking at all the pixels of the main image.
  • the reduced image generating unit 225 may repeat reduction by a factor that has a sufficient number of taps multiple times to generate a reduced image with a desired reduction factor.
  • the reduced image generating unit 225 may associate the generated reduced image with the main image (JPEG image) as metadata.
  • the reduced image generating unit 225 may supply the main image and metadata to the image information adding unit 226.
  • the image information addition unit 226 performs processing related to the addition of image information. For example, the image information addition unit 226 may acquire a main image and a reduced image supplied from the reduced image generation unit 225. The image information addition unit 226 may generate image information that is information related to the acquired main image. The image information addition unit 226 may associate the generated image information with the main image as metadata. The image information addition unit 226 may also acquire a certification URL (reservation URL) supplied from the certification URL generation unit 211. The image information addition unit 226 may associate the certification URL (reservation URL) with the main image as metadata. The image information addition unit 226 may also acquire an image type certificate supplied from the image type certificate generation unit 212. The image information addition unit 226 may associate the image type certificate with the main image as metadata.
  • a certification URL supplied from the certification URL generation unit 211.
  • the image information addition unit 226 may associate the certification URL (reservation URL) with the main image as metadata.
  • the image information addition unit 226 may also acquire an image type certificate supplied from the image type
  • the image information addition unit 226 can also be said to be a metadata generation unit.
  • the image information addition unit 226 may also embed information that identifies the imaging device 111 or the creator in the main image (first image). Therefore, the image information adding unit 226 can also be considered an embedding unit.
  • the image information adding unit 226 may supply the main image and metadata to the hash processing unit 228.
  • the 3D information processing unit 227 performs processing on the 3D information.
  • the 3D information processing unit 227 may acquire 3D information supplied from the 3D information sensor 242.
  • the 3D information processing unit 227 may perform a predetermined processing on the acquired 3D information.
  • the 3D information processing unit 227 may supply the acquired 3D information to the hash processing unit 228.
  • the 3D information processing unit 227 may reduce the resolution of the acquired 3D information and supply the low-resolution 3D information to the hash processing unit 228.
  • the 3D information processing unit 227 may omit reducing the resolution of the 3D information and supply the acquired 3D information to the hash processing unit 228.
  • the 3D information processing unit 227 may also be called a 3D information resolution setting unit.
  • the 3D information processing unit 227 may determine whether or not the subject (distance measurement target) of the acquired 3D information is flat, and supply the determination result to the signature control unit 229.
  • the 3D information processing unit 227 can also be considered a plane determination unit.
  • the hash processing unit 228 performs processing related to hash generation.
  • the hash processing unit 228 may acquire the main image and metadata supplied from the image information addition unit 226.
  • the hash processing unit 228 may acquire 3D information supplied from the 3D information processing unit 227.
  • the hash processing unit 228 may generate a hash using the main image, metadata, and 3D information.
  • the hash processing unit 228 can also be called a hash generation unit.
  • the hash processing unit 228 may supply the generated hash to the signature generation unit 230 together with the main image, metadata, and 3D information.
  • the hash processing unit 228 may be driven under the control of the signature control unit 229. That is, when the signature control unit 229 instructs the hash processing unit 228 to generate a hash as described above, and when the signature control unit 229 does not instruct the hash generation, the hash processing unit 228 may omit the generation of the hash. When the hash generation is omitted, the hash processing unit 228 may supply the main image, metadata, and 3D information to the signature generation unit 230.
  • the signature control unit 229 performs processing related to signature control. For example, the signature control unit 229 may control whether or not to generate a signature based on an instruction from a user or an application input via the control unit 201. The signature control unit 229 may control whether or not to generate a signature based on a determination result of whether or not the subject (distance measurement target) of the 3D information is flat, which is supplied from the 3D information processing unit 227. For example, the signature control unit 229 may control to omit signature generation when it is determined that the subject (distance measurement target) of the 3D information is flat. The signature control unit 229 may control to generate a signature when it is determined that the subject (distance measurement target) of the 3D information is not flat.
  • the signature control unit 229 may control whether or not to generate a signature by controlling the hash processing unit 228 and the signature generation unit 230. For example, when controlling not to generate a signature, the signature control unit 229 may cause the hash processing unit 228 to omit hash generation and the signature generation unit 230 to omit signature generation. When controlling to generate a signature, the signature control unit 229 may cause the hash processing unit 228 to generate a hash and the signature generation unit 230 to generate a signature. The signature control unit 229 may supply control information indicating whether or not to generate a signature to the 3D information processing unit 227.
  • the signature generation unit 230 performs processing related to signature generation. For example, the signature generation unit 230 may acquire a hash supplied from the hash processing unit 228 and information used to generate the hash (e.g., the main image, metadata, and 3D information). The signature generation unit 230 may encrypt the acquired hash using a private key to generate a signature (digital signature). The signature generation unit 230 may supply the generated signature to the image file generation unit 231 together with information corresponding to the signature (e.g., the main image, metadata, hash, and 3D information).
  • information used to generate the hash e.g., the main image, metadata, and 3D information.
  • the signature generation unit 230 may supply the generated signature to the image file generation unit 231 together with information corresponding to the signature (e.g., the main image, metadata, hash, and 3D information).
  • the signature generation unit 230 may be driven under the control of the signature control unit 229. For example, when signature generation is instructed by the signature control unit 229, the signature generation unit 230 may generate a signature as described above. When signature generation is not instructed by the signature control unit 229, the signature generation unit 230 may omit the generation of the signature. When signature generation is omitted, the signature generation unit 230 may supply information supplied from the hash processing unit 228 (e.g., the main image, metadata, and 3D information) to the image file generation unit 231.
  • the hash processing unit 228 e.g., the main image, metadata, and 3D information
  • the image file generating unit 231 performs processing related to the generation of an image file.
  • the image file generating unit 231 may acquire information (e.g., main image, metadata, hash, 3D information, signature, etc.) supplied from the signature generating unit 230.
  • the image file generating unit 231 may generate an image file in a predetermined format and store the acquired information (e.g., main image, metadata, hash, 3D information, signature, etc.) in the image file. That is, the image file generating unit 231 may store a certification URL in the image file. Therefore, the image file generating unit 231 can also be called a certification URL storage unit.
  • the image file generating unit 231 may also store an image type certification in the image file.
  • the image file generating unit 231 can also be called an image type certification storage unit.
  • the image file generating unit 231 may supply the image file to the image file recording unit 232.
  • the image file generating unit 231 may also supply the image file to the image file supply unit 233.
  • the image file recording unit 232 performs processing related to recording of image files.
  • the image file recording unit 232 has a drive that drives a removable recording medium such as a magnetic disk, optical disk, magneto-optical disk, or semiconductor memory and performs writing and reading.
  • the image file recording unit 232 may acquire an image file supplied from the image file generation unit 231.
  • the image file recording unit 232 may record the acquired image file on the removable recording medium via the drive.
  • the image file supply unit 233 performs processing related to the supply of image files.
  • the image file supply unit 233 has a communication function for communicating with the server 112 and the like via the network 110.
  • the image file supply unit 233 may acquire an image file supplied from the image file generation unit 231.
  • the image file supply unit 233 may use the communication function to supply the acquired image file to the server 112.
  • the server 112 may be configured, for example, as a single information processing device or as multiple information processing devices.
  • the server 112 may also be implemented as cloud computing (i.e., a cloud server) in which multiple devices share and cooperate with each other to perform processing via a network.
  • FIG. 11 is a block diagram showing an example of the configuration of a server 112, which is one aspect of an image processing device to which this technology is applied.
  • FIG. 11 shows the main processing units, data flows, etc., and is not necessarily all that is shown in FIG. 11.
  • server 112 there may be processing units that are not shown as blocks in FIG. 11, and there may be processes or data flows that are not shown as arrows, etc. in FIG. 11.
  • the server 112 has an image file acquisition unit 311, an authenticity determination unit 312, a verification unit 313, a proof web page generation unit 314, an image file management unit 315, an image file provision unit 316, and a proof web page provision unit 317.
  • the image file acquisition unit 311 performs processing related to the acquisition of image files.
  • the image file acquisition unit 311 has a communication function for communicating with clients such as the imaging device 111 and the editing device 113 via the network 110.
  • the image file acquisition unit 311 may use the communication function to acquire an image file supplied from a client.
  • the image file acquisition unit 311 may supply the acquired image file to the authenticity determination unit 312.
  • the image file acquisition unit 311 may supply the image file to the verification unit 313.
  • the authenticity determination unit 312 executes processing related to determining the authenticity of an image. For example, the authenticity determination unit 312 may acquire an image file supplied from the image file acquisition unit 311. The authenticity determination unit 312 may determine the authenticity of the image using a signature and a public key stored in the image file. The authenticity determination unit 312 may supply the authenticity determination result together with the image file to the proof web page generation unit 314.
  • the verification unit 313 executes processing related to the verification of images, etc.
  • the verification unit 313 may acquire an image file supplied from the image file acquisition unit 311.
  • the verification unit 313 may execute verification of a main image, metadata, etc. stored in the image file.
  • the verification unit 313 may supply the verification result together with the image file to the proof web page generation unit 314.
  • the proof web page generation unit 314 executes processing related to the generation and update of the proof web page.
  • the proof web page generation unit 314 may acquire information (e.g., image file, authenticity judgment result, verification result, etc.) supplied from the authenticity judgment unit 312 or the verification unit 313.
  • the proof web page generation unit 314 may generate a proof web page corresponding to the image file using the acquired information. If a proof web page already exists, the proof web page generation unit 314 may update the proof web page. In generating or updating the proof web page, the proof web page generation unit 314 may reflect the authenticity judgment result, the verification result, etc. in the proof web page. In addition, if an inconsistency is detected in the verification process, the proof web page generation unit 314 may also reflect the verification result, etc.
  • the proof web page generation unit 314 may supply the image file to the image file management unit 315. Additionally, the proof web page generation unit 314 may provide the proof web page to the proof web page provision unit 317.
  • the image file management unit 315 executes processes related to the management of image files. For example, the image file management unit 315 may acquire an image file supplied from the verification web page generation unit 314. The image file management unit 315 may store and manage the image file. The image file management unit 315 may also acquire a real URL supplied from the verification web page provision unit 317. The image file management unit 315 may store the real URL in an image file that stores an image corresponding to the real URL. The image file management unit 315 may also supply the image file it manages to the image file provision unit 316.
  • the image file providing unit 316 executes processing related to the provision of image files.
  • the image file providing unit 316 has a communication function for communicating with clients such as the editing device 113 and the display device 114 via the network 110.
  • the image file providing unit 316 may use this communication function to obtain a request from a client.
  • the image file providing unit 316 may obtain the requested image file from the image file management unit 315.
  • the image file providing unit 316 may use the communication function to supply the image file to the client that made the request.
  • the proof web page providing unit 317 executes processing related to the provision of the proof web page.
  • the proof web page providing unit 317 may acquire and manage a proof web page provided from the proof web page generating unit 314.
  • the proof web page providing unit 317 has a communication function for communicating with a client such as the display device 114 via the network 110.
  • the proof web page providing unit 317 may use the communication function to publish a proof web page to the client.
  • the proof web page providing unit 317 may set a reserved URL stored in an image file and publish a proof web page at the reserved URL.
  • the proof web page providing unit 317 may also generate an actual URL, set the actual URL, and publish a proof web page at the actual URL.
  • the proof web page providing unit 317 can also be said to be a proof web page publishing unit.
  • the proof web page providing unit 317 may supply the actual URL to the image file management unit 315.
  • the proof web page providing unit 317 may provide the client with a proof web page requested by the client (a proof web page published at the URL accessed by the client).
  • the editing device 113 is configured by an information processing device having an image editing function, such as a smartphone, a tablet terminal, a notebook personal computer, a desktop personal computer, a dedicated computer, or a server.
  • the editing device 113 may be configured by one device (electronic device), or may be configured by multiple devices (electronic devices). In the following, the editing device 113 will be described as being configured by one device (electronic device).
  • FIG. 12 is a block diagram showing an example of the configuration of an editing device 113, which is one aspect of an image processing device to which this technology is applied.
  • FIG. 12 shows the main processing units, data flows, etc., and is not necessarily all that is shown in FIG. 12.
  • the editing device 113 there may be processing units that are not shown as blocks in FIG. 12, and there may be processes or data flows that are not shown as arrows, etc. in FIG. 12.
  • the editing device 113 has an image file acquisition unit 411, an image editing unit 412, an image file update unit 413, and an image file supply unit 414.
  • the image file acquisition unit 411 executes processing related to the acquisition of image files.
  • the image file acquisition unit 411 has a communication function for communicating with other devices such as the imaging device 111, the server 112, and the display device 114 via the network 110.
  • the image file acquisition unit 411 may use the communication function to acquire an image file in which an image to be edited is stored.
  • the image file acquisition unit 411 may supply the acquired image file to the image editing unit 412.
  • the image editing unit 412 executes processing related to image editing (processing). For example, the image editing unit 412 may acquire an image file supplied from the image file acquisition unit 411. The image editing unit 412 may process an image stored in the acquired image file. The image editing unit 412 may supply the processed image file to the image file update unit 413.
  • the image file update unit 413 executes processing related to updating the image file.
  • the image file update unit 413 may acquire an image file supplied from the image editing unit 412.
  • the image file update unit 413 may update information (metadata, etc.) stored in the image file in accordance with the editing (processing) performed in the image editing unit 412.
  • the image file update unit 413 may generate a hash or a signature to preserve the history.
  • the image file update unit 413 may supply the updated image file to the image file supply unit 414.
  • the image file supply unit 414 executes processing related to the supply of image files.
  • the image file acquisition unit 411 has a communication function for communicating with other devices such as the server 112 via the network 110.
  • the image file supply unit 414 may use the communication function to supply an updated image file (edited image file) to the server 112.
  • the display device 114 is configured by an information processing device having an image display function, such as a smartphone, a tablet terminal, a notebook personal computer, a desktop personal computer, a dedicated computer, or a server.
  • the display device 114 may be configured by one device (electronic device), or may be configured by multiple devices (electronic devices). In the following, the display device 114 will be described as being configured by one device (electronic device).
  • FIG. 13 is a block diagram showing an example of the configuration of a display device 114, which is one aspect of an image processing device to which this technology is applied.
  • FIG. 13 shows the main processing units, data flows, etc., and is not necessarily all that is shown in FIG. 13.
  • processing units that are not shown as blocks in FIG. 13, and there may be processes or data flows that are not shown as arrows, etc. in FIG. 13.
  • the display device 114 has an image acquisition unit 511, a display processing unit 512, a display unit 513, and a certification web page acquisition unit 514.
  • the image acquisition unit 511 performs processing related to image acquisition.
  • the image acquisition unit 511 has a communication function for communicating with other devices such as the server 112 via the network 110.
  • the image acquisition unit 511 may use the communication function to acquire an image file from another device.
  • the image acquisition unit 511 may also use the communication function to acquire an SNS page that displays an image, etc.
  • the image acquisition unit 511 may supply the acquired information (image file, SNS page, etc.) to the display processing unit 512.
  • the display processing unit 512 executes processing related to display.
  • the display processing unit 512 may acquire information (such as an image file or an SNS page) supplied from the image acquisition unit 511.
  • the display processing unit 512 may generate image information for displaying the acquired image (a main image stored in an image file or an SNS page), supply it to the display unit 513, and cause it to be displayed.
  • the display processing unit 512 may also request a certification web page corresponding to the displayed image from the certification web page acquisition unit 514 based on a user operation, an application instruction, or the like.
  • the display processing unit 512 may acquire a certification web page supplied from the certification web page acquisition unit 514.
  • the display processing unit 512 may generate image information for displaying the acquired certification web page, and supply it to the display unit 513 for display.
  • the display unit 513 performs processing related to the display of image information.
  • the display unit 513 has an image display device such as an LCD monitor. This image display device may be any device capable of displaying an image.
  • the display unit 513 may acquire image information supplied from the display processing unit 512.
  • the display unit 513 may use the image display device to display an image corresponding to the acquired image information.
  • the display unit 513 may display an image supplied from the display processing unit 512 (such as a main image stored in an image file or an SNS page).
  • the display unit 513 may also display a verification web page supplied from the display processing unit 512.
  • the certification web page acquisition unit 514 executes processing related to acquiring the certification web page. It has a communication function for communicating with other devices such as the server 112 via the network 110. For example, the certification web page acquisition unit 514 may use the communication function to acquire the certification web page published by the server 112. For example, the certification web page acquisition unit 514 may access a certification URL stored in an image file or an SNS page, and acquire the certification web page published at that certification URL. The certification web page acquisition unit 514 may supply the acquired certification web page to the display processing unit 512.
  • the certification URL generation unit 211 may generate a certification URL, which is address information for publishing a certification web page that certifies the authenticity of the image.
  • the image file generation unit 231 may store the certification URL in a file that stores the initial image, which is an unprocessed image generated from analog information.
  • the image sensor 241 may capture an image of the subject and generate the captured image as the first image. Then, the image file generation unit 231 may store the verification URL in the file that stores the captured image.
  • the image sensor 241 may generate an initial image.
  • the image information addition unit 226 may generate metadata for the initial image.
  • the hash processing unit 228 may generate a hash using the initial image, its metadata, and the certification URL.
  • the signature generation unit 230 may use the hash to generate a signature for the initial image, metadata, and certification URL.
  • the image file generation unit 231 may generate a file (image file) that stores the initial image, metadata, certification URL, hash, and signature.
  • the image type certification generating unit 212 may generate an image type certification that certifies the type of the initial image. Then, the image file generating unit 231 may store the image type certification in a file.
  • the image sensor 241 may generate an initial image.
  • the image information adding unit 226 may embed information identifying the device or the creator in the initial image.
  • the signature generating unit 230 may generate a signature for the initial image in which the information is embedded.
  • the hash processing unit 228 may also generate multiple partial hashes, including one partial hash corresponding to the verification URL and the image type verification, and use the multiple partial hashes to generate one hash corresponding to the initial image, metadata, and verification URL.
  • the proof URL generation unit 211 may also generate a reservation URL that is a proof URL for an ungenerated proof web page. Then, the image file generation unit 231 may store the reservation URL in a file as a proof URL.
  • the image file generation unit 231 may also store the verification URL in an area of the file that is propagated even after the image is edited.
  • This "area that continues to be propagated even after an image is edited" may be, for example, a vendor extension area within the metadata area that stores metadata, which can be extended by the vendor.
  • a verification web page corresponding to the image file may be generated, and the verification web page may be made public at the verification URL.
  • the image file acquisition unit 311 may acquire a file that stores an image.
  • the verification web page generation unit 314 may generate a verification web page that certifies the authenticity of the image.
  • the verification web page provision unit 317 may make the verification web page public at the verification URL.
  • the file may also store a reservation URL generated for an ungenerated certification web page as a certification URL.
  • the certification web page providing unit 317 may then set the reservation URL and publish the certification web page at the reservation URL.
  • the image file management unit 315 may also generate a short URL indicating the reservation URL and store the short URL in the file as a certification URL instead of the reservation URL.
  • the verification web page providing unit 317 may also generate a verification URL for the verification web page, set the generated verification URL, and publish the verification web page at the set verification URL.
  • the image file management unit 315 may then store the verification URL in a file.
  • the image file management unit 315 may also generate a short URL indicating an alternative address for the address at which the verification web page is published, and store the short URL in a file as the verification URL.
  • the verification web page generator 314 may also generate a verification web page that includes the image, metadata for the image, and information regarding the authenticity of the image.
  • the authenticity determination unit 312 may determine the authenticity of the image using the image signature. Then, the verification web page generation unit 314 may generate a verification web page that includes the result of the determination.
  • the verification unit 313 may also verify the authenticity of the image using the metadata. Then, the verification web page generation unit 314 may generate a verification web page that includes the results of the verification.
  • the proof web page generation unit 314 detects an inconsistency during the verification, the verification result may also be reflected in the proof web pages of other images that correspond to that image.
  • the proof web page generation unit 314 may also notify the source of the verification request of the results of the verification.
  • the proof web page generation unit 314 may also notify a specific user of the result of the verification. At that time, for example, the detection result may be notified immediately after detection, or the detection result may be notified at a specific timing (for example, after waiting for a specific period of time).
  • each device By configuring each device in this manner, it is possible to publish information that proves the authenticity of the image on the verification web page. In other words, it is possible to notify on this verification web page that the authenticity of the image cannot be guaranteed (for example, detection of fraudulent activity such as image tampering). Therefore, detection of fraudulent activity such as tampering can be made known to the entire system earlier than when only verifying each image individually (when reporting of detected fraudulent activity is left to user communication, etc.). This is expected to enable measures to be taken against fraudulent activity to be implemented earlier. Therefore, it is possible to prevent a decrease in reliability of the guarantee of the authenticity of the image.
  • step S101 the control unit 201 turns on the power of the imaging processing unit 202 and starts a preview.
  • step S102 the control unit 201 turns on the electronic signature mode as the operation mode of the image capture processing unit 202.
  • the control unit 201 sets the operation mode of the image capture processing unit 202 to a mode in which an electronic signature is stored in an image file.
  • step S103 the sensor unit 222 (image sensor 241 and 3D information sensor 242) captures an image of the subject and obtains a RAW image and 3D information on the same optical axis.
  • the RAW processing unit 223 performs correction processing on the RAW image, such as adjusting the white balance.
  • the YUV processing unit 224 converts the corrected RAW image into a YUV image.
  • the YUV processing unit 224 also encodes the YUV image to generate a JPEG image.
  • the reduced image generating unit 225 generates a reduced image by reducing the JPEG image (main image). This reduced image generating method is arbitrary.
  • the reduced image may have any size.
  • the reduced image may be a so-called thumbnail or a so-called screennail.
  • the image information adding unit 226 generates image information related to the main image and reduced image as metadata.
  • the 3D information processing unit 227 performs predetermined processing on the 3D information, such as reducing the resolution of the 3D information.
  • step S105 the certification URL generation unit 211 generates a reservation URL as a certification URL.
  • the image information addition unit 226 associates the reservation URL with the main image as metadata.
  • step S106 the image type certification generating unit 212 generates an image type certification for the main image (captured image).
  • the image information adding unit 226 associates the image type certification with the main image as metadata.
  • step S107 the hash processing unit 228 generates a hash using the main image (captured image), metadata, etc.
  • step S108 the signature generation unit 230 uses a private key to encrypt the generated hash, thereby generating a signature for the main image (captured image) and metadata.
  • step S109 the image file generation unit 231 generates an image file that stores the main image (captured image) and metadata (including the certification URL and image type certification).
  • step S110 the image file recording unit 232 records the image file.
  • step S111 the image file supply unit 233 supplies the image file to the server 112.
  • step S111 the imaging process ends.
  • the image file acquisition unit 311 acquires an image file in step S201.
  • This image file stores the main image (the first image or the latest image), metadata for that main image, a hash, a signature, etc.
  • step S202 the authenticity determination unit 312 performs an authenticity determination of the main image using the signature stored in the image file, and in step S203, it determines whether or not tampering with the main image has been detected. If it is determined that tampering has been detected, error processing such as notification of the detection of tampering is performed, and the image management processing ends. Also, if it is determined in step S203 that tampering has not been detected, the processing proceeds to step S204.
  • step S204 the proof web page generation unit 314 generates a proof web page for the main image.
  • step S205 the proof web page providing unit 317 determines whether or not a proof URL is stored in the image file. If it is determined that a reservation URL is stored in the image file, the process proceeds to step S206.
  • step S206 the verification web page providing unit 317 sets the reservation URL stored in the image file and publishes the verification web page at the reservation URL (publishes the verification web page in association with the reservation URL).
  • step S206 ends, the processing proceeds to step S209.
  • step S205 determines whether the verification URL is stored in the image file. If it is determined in step S205 that the verification URL is not stored in the image file, processing proceeds to step S207.
  • step S207 the verification web page providing unit 317 generates an actual URL, sets the actual URL, and publishes the verification web page at the actual URL (generates an actual URL, associates it with the verification web page, and publishes it).
  • step S208 the image file management unit 315 stores the real URL in the image file as a verified URL.
  • the process proceeds to step S209.
  • step S209 the verification unit 313 executes the verification process.
  • step S210 the image file management unit 315 manages the image files.
  • step S210 When the processing of step S210 is completed, the image management process ends.
  • the verification unit 313 verifies the images stored in the image file in step S231, and determines whether an inconsistency has been detected in step S232. If it is determined that an inconsistency has been detected, the process proceeds to step S233.
  • step S233 the proof web page generation unit 314 performs a process to revoke the guarantee of correctness.
  • the proof web page generation unit 314 may reflect the verification result in the proof web page.
  • the proof web page generation unit 314 may also notify the verification result.
  • step S233 ends, the verification processing ends and the processing returns to FIG. 15. Also, if it is determined in step S232 that no inconsistency has been detected, the verification processing ends and the processing returns to FIG. 15.
  • the image file acquisition unit 411 of the editing device 113 acquires an image file in step S301.
  • step S302 the image editing unit 412 processes the main image stored in the image file.
  • step S303 the image file update unit 413 updates the metadata so as to leave a history.
  • step S304 the image file update unit 413 generates a signature so as to leave a history.
  • step S304 the image file supply unit 414 supplies the edited image file.
  • step S304 When the processing of step S304 is completed, the editing process ends.
  • the display processing unit 512 of the display device 114 displays an image in step S401.
  • the display processing unit 512 causes the display unit 513 to display an image stored in the acquired image file.
  • the display processing unit 512 also causes the display unit 513 to display an SNS page including the image.
  • step S402 the certification web page acquisition unit 514 requests a certification web page from the server 112. For example, the certification web page acquisition unit 514 makes this request by accessing the certification URL.
  • step S403 the certification web page acquisition unit 514 acquires the certification web page provided in response to the request.
  • step S404 the display processing unit 512 displays the certification web page on the display unit 513.
  • step S404 When the processing of step S404 is completed, the display processing ends.
  • this verification web page can notify that the authenticity of the image cannot be guaranteed (for example, detection of fraudulent activity such as image tampering). Therefore, detection of fraudulent activity such as tampering can be made known to the entire system earlier than when only verifying each image individually (when reporting of detected fraudulent activity is left to user communication, etc.). This is expected to result in earlier action being taken against fraudulent activity. Therefore, a decrease in reliability of the guarantee of image authenticity can be suppressed.
  • the above-mentioned series of processes can be executed by hardware or software.
  • the programs constituting the software are installed in a computer.
  • the computer includes a computer built into dedicated hardware, and a general-purpose personal computer, etc., capable of executing various functions by installing various programs.
  • FIG. 19 is a block diagram showing an example of the hardware configuration of a computer that executes the above-mentioned series of processes using a program.
  • a CPU Central Processing Unit
  • ROM Read Only Memory
  • RAM Random Access Memory
  • An input/output interface 910 Also connected to the bus 904 is an input/output interface 910.
  • An input unit 911, an output unit 912, a memory unit 913, a communication unit 914, and a drive 915 are connected to the input/output interface 910.
  • the input unit 911 includes, for example, a keyboard, a mouse, a microphone, a touch panel, an input terminal, etc.
  • the output unit 912 includes, for example, a display, a speaker, an output terminal, etc.
  • the storage unit 913 includes, for example, a hard disk, a RAM disk, a non-volatile memory, etc.
  • the communication unit 914 includes, for example, a network interface.
  • the drive 915 drives removable media 921 such as a magnetic disk, an optical disk, a magneto-optical disk, or a semiconductor memory.
  • the CPU 901 loads a program stored in the storage unit 913, for example, into the RAM 903 via the input/output interface 910 and the bus 904, and executes the program, thereby carrying out the above-mentioned series of processes.
  • the RAM 903 also stores data necessary for the CPU 901 to execute various processes, as appropriate.
  • the program executed by the computer can be applied by recording it on removable media 921 such as package media, for example.
  • the program can be installed in the storage unit 913 via the input/output interface 910 by inserting the removable media 921 into the drive 915.
  • the program can also be provided via a wired or wireless transmission medium, such as a local area network, the Internet, or digital satellite broadcasting. In that case, the program can be received by the communication unit 914 and installed in the storage unit 913.
  • a wired or wireless transmission medium such as a local area network, the Internet, or digital satellite broadcasting.
  • the program can be received by the communication unit 914 and installed in the storage unit 913.
  • this program can also be pre-installed in the ROM 902 or memory unit 913.
  • This technology can be applied to any encoding/decoding method.
  • this technology can be applied to any configuration.
  • this technology can be applied to various electronic devices.
  • the present technology can be implemented as part of an apparatus, such as a processor (e.g., a video processor) as a system LSI (Large Scale Integration), a module using multiple processors (e.g., a video module), a unit using multiple modules (e.g., a video unit), or a set in which other functions are added to a unit (e.g., a video set).
  • a processor e.g., a video processor
  • system LSI Large Scale Integration
  • modules using multiple processors e.g., a video module
  • a unit using multiple modules e.g., a video unit
  • a set in which other functions are added to a unit e.g., a video set.
  • the present technology can also be applied to a network system consisting of multiple devices.
  • the present technology may be implemented as cloud computing in which multiple devices share and collaborate on processing via a network.
  • the present technology may be implemented in a cloud service that provides image (video) related services to any terminal, such as a computer, AV (Audio Visual) equipment, portable information processing terminal, IoT (Internet of Things) device, etc.
  • a system refers to a collection of multiple components (devices, modules (parts), etc.), regardless of whether all the components are in the same housing. Therefore, multiple devices housed in separate housings and connected via a network, and a single device in which multiple modules are housed in a single housing, are both systems.
  • Systems, devices, processing units, etc. to which the present technology is applied can be used in any field, such as transportation, medical care, crime prevention, agriculture, livestock farming, mining, beauty, factories, home appliances, weather, and nature monitoring.
  • the applications are also arbitrary.
  • this technology can be applied to systems and devices used to provide ornamental content, etc.
  • this technology can be applied to systems and devices used for transportation, such as monitoring traffic conditions and automatic driving control.
  • this technology can be applied to systems and devices used for security purposes.
  • this technology can be applied to systems and devices used for automatic control of machines, etc.
  • this technology can be applied to systems and devices used for agriculture and livestock farming.
  • this technology can be applied to systems and devices that monitor natural conditions such as volcanoes, forests, and oceans, and wildlife, etc.
  • this technology can be applied to systems and devices used for sports.
  • a "flag” refers to information for identifying multiple states, and includes not only information used to identify two states, true (1) or false (0), but also information capable of identifying three or more states.
  • the value that this "flag” can take may be, for example, two values, 1/0, or three or more values. That is, the number of bits constituting this "flag” is arbitrary, and may be one bit or multiple bits.
  • identification information including flags
  • identification information includes flags
  • “flag” and “identification information” include not only the information itself, but also difference information with respect to the reference information.
  • association means, for example, that one piece of data can be used (linked) when processing the other piece of data.
  • data that are associated with each other may be combined into one piece of data, or each piece of data may be individual data.
  • information associated with encoded data (image) may be transmitted on a transmission path different from that of the encoded data (image).
  • information associated with encoded data (image) may be recorded on a recording medium different from that of the encoded data (image) (or on a different recording area of the same recording medium).
  • this "association" may be a part of the data, not the entire data.
  • an image and information corresponding to that image may be associated with each other in any unit, such as multiple frames, one frame, or a part of a frame.
  • the configuration described above as one device (or processing unit) may be divided and configured as multiple devices (or processing units).
  • the configurations described above as multiple devices (or processing units) may be combined and configured as one device (or processing unit).
  • configurations other than those described above may be added to the configuration of each device (or processing unit).
  • part of the configuration of one device (or processing unit) may be included in the configuration of another device (or other processing unit).
  • the above-mentioned program may be executed in any device.
  • the device has the necessary functions (functional blocks, etc.) and is capable of obtaining the necessary information.
  • each step of a single flowchart may be executed by a single device, or may be shared among multiple devices.
  • the multiple processes may be executed by a single device, or may be shared among multiple devices.
  • multiple processes included in a single step may be executed as multiple step processes.
  • processes described as multiple steps may be executed collectively as a single step.
  • the processing of the steps describing a program executed by a computer may be executed chronologically in the order described in this specification, or may be executed in parallel, or individually at the required timing, such as when a call is made. In other words, as long as no contradiction arises, the processing of each step may be executed in an order different from the order described above. Furthermore, the processing of the steps describing this program may be executed in parallel with the processing of other programs, or may be executed in combination with the processing of other programs.
  • the multiple technologies related to the present technology can be implemented independently and individually, so long as no contradictions arise.
  • any multiple of the present technologies can also be implemented in combination.
  • part or all of the present technology described in any embodiment can be implemented in combination with part or all of the present technology described in another embodiment.
  • part or all of any of the present technologies described above can be implemented in combination with other technologies not described above.
  • the present technology can also be configured as follows. (1) a certification URL generating unit that generates a certification URL, which is address information for publishing a certification Web page that certifies the authenticity of an image; and a certification URL storage unit that stores the certification URL in a file that stores a first image, which is the unprocessed image generated from analog information. (2) further comprising an imaging unit that captures an image of a subject and generates a captured image as the first image; The image processing device according to any one of the preceding claims, wherein the certification URL storage unit is configured to store the certification URL in the file that stores the captured image.
  • the certification URL generation unit generates a reservation URL, which is the certification URL for the ungenerated certification Web page;
  • the certification URL storage unit is configured to store the certification URL in an area of the file to which the certification URL is propagated even after the image is edited.
  • the area is a vendor extension area within a metadata area that stores metadata.
  • an initial image generating unit that generates the initial image; a metadata generating unit for generating metadata of the first image; a hash generator that generates a hash using the first image, the metadata, and the verification URL; and a signature generator that uses the hash to generate a signature for the first image, the metadata, and the verification URL;
  • the image processing device according to any one of (1) to (5), wherein the certification URL storage unit is configured to generate the file that stores the first image, the metadata, the certification URL, the hash, and the signature.
  • the image processing device further comprising an image type certificate generating unit for generating an image type certificate for certifying the type of the first image,
  • the certification URL storage unit is configured to store the image type certification in the file.
  • the hash generation unit generating a plurality of partial hashes including a partial hash corresponding to the verification URL and the image type verification;
  • the image processing device according to any one of claims 1 to 7, further comprising: generating a single hash corresponding to the first image, the metadata, and the verification URL using the plurality of partial hashes.
  • an initial image generating unit for generating the initial image; an embedding unit that embeds information for identifying a device or a creator into the first image;
  • the image processing device according to any one of (1) to (8), further comprising: a signature generation unit configured to generate a signature for the first image in which the information is embedded.
  • generating a proof URL which is address information for publishing a proof Web page that proves the authenticity of the image;
  • the image processing method further comprises storing the generated verification URL in a file that stores an initial image, which is the unprocessed image generated from analog information.
  • (11) a file acquisition unit that acquires a file for storing an image; a verification web page generating unit for generating a verification web page for verifying the authenticity of the image; and a certification Web page publishing unit that publishes the certification Web page at a certification URL.
  • (12) The image processing device according to (11), wherein the verification Web page generation unit is configured to generate the verification Web page including the image, metadata of the image, and information regarding authenticity of the image.
  • the file stores, as the certification URL, a reserved URL generated for the ungenerated certification Web page,
  • the image processing device according to any one of (11) to (12), wherein the certification Web page publishing unit is configured to set the reservation URL and publish the certification Web page at the reservation URL.
  • the image processing device further comprising: a certified URL storage unit that generates a short URL indicating the reserved URL and stores the short URL in the file as the certified URL instead of the reserved URL.
  • the certification Web page publishing unit is configured to generate the certification URL for the certification Web page, set the generated certification URL, and publish the certification Web page at the set certification URL,
  • the image processing device according to any one of (11) to (14), further comprising a certified URL storage unit that stores the certified URL in the file.
  • the certification URL storage unit generates a short URL indicating an alternative address to an address at which the certification Web page is published, and stores the short URL in the file as the certification URL.
  • the image processing device further comprising an authenticity determination unit that determines authenticity of the image by using a signature of the image, The image processing device according to any one of (11) to (16), wherein the certification Web page generation unit is configured to generate the certification Web page including a result of the determination.
  • the method further comprises: a verification unit that verifies authenticity of the image using metadata; The image processing device according to any one of (11) to (17), wherein the certification Web page generation unit is configured to generate the certification Web page including a result of the verification.
  • the image processing device according to (18), wherein the verification Web page generation unit is further configured to, when an inconsistency is detected in the verification, reflect a result of the verification in the verification Web page of another image corresponding to the image.
  • the image processing device according to (18) or (19), wherein the certification Web page generating unit is configured to notify a source of the verification of a result of the verification.
  • the image processing device according to any one of (18) to (20), wherein the certification Web page generating unit is configured to notify a predetermined user of a result of the verification.
  • (22) obtaining a file storing an image; generating a verification web page verifying the authenticity of said image; publishing the verification web page at a verification URL.
  • Image processing system 110 Network, 111 Imaging device, 112 Server, 113 Editing device, 114 Display device, 201 Control unit, 202 Imaging processing unit, 211 Proof URL generation unit, 212 Image type proof generation unit, 221 Optical system, 222 Sensor unit, 223 RAW processing unit, 224 YUV processing unit, 225 Reduced image generation unit, 226 Image information addition unit, 227 3D information processing unit, 228 Hash processing unit, 229 Signature control unit, 230 Signature generation unit, 231 Image file generation unit, 232 Image file storage Recording unit, 233 Image file supply unit, 241 Image sensor, 242 3D information sensor, 311 Image file acquisition unit, 312 Authenticity determination unit, 313 Verification unit, 314 Proof web page generation unit, 315 Image file management unit, 316 Image file provision unit, 317 Proof web page provision unit, 411 Image file acquisition unit, 412 Image editing unit, 413 Image file update unit, 414 Image file supply unit, 511 Image acquisition unit, 512 Display processing unit, 513 Display unit, 514

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Multimedia (AREA)
  • Storage Device Security (AREA)
  • Editing Of Facsimile Originals (AREA)
PCT/JP2023/043768 2022-12-07 2023-12-07 画像処理装置および方法 Ceased WO2024122602A1 (ja)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP23900714.9A EP4632613A4 (en) 2022-12-07 2023-12-07 IMAGE PROCESSING DEVICE AND METHOD
JP2024562984A JPWO2024122602A1 (https=) 2022-12-07 2023-12-07

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US202263430831P 2022-12-07 2022-12-07
US63/430,831 2022-12-07

Publications (1)

Publication Number Publication Date
WO2024122602A1 true WO2024122602A1 (ja) 2024-06-13

Family

ID=91379046

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2023/043768 Ceased WO2024122602A1 (ja) 2022-12-07 2023-12-07 画像処理装置および方法

Country Status (3)

Country Link
EP (1) EP4632613A4 (https=)
JP (1) JPWO2024122602A1 (https=)
WO (1) WO2024122602A1 (https=)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH08101868A (ja) * 1994-08-03 1996-04-16 Nec Corp 電子署名検証装置
JP2000215379A (ja) * 1998-11-17 2000-08-04 Ricoh Co Ltd デジタル計測機器及び画像計測機器
JP2001051929A (ja) * 1999-08-12 2001-02-23 Nippon Denki Business Syst Kk 提供情報の参照識別方法
JP2003152712A (ja) * 2001-11-15 2003-05-23 Mitsubishi Electric Corp 撮影証明システム及び撮影装置及び証明装置及び撮影証明方法
JP2003256736A (ja) * 2002-03-04 2003-09-12 Nifty Corp 個人間決済支援方法
JP2005080186A (ja) * 2003-09-03 2005-03-24 Fuji Photo Film Co Ltd 画像記録媒体、及びデジタルカメラ、及び画像表示装置
JP2005208970A (ja) * 2004-01-23 2005-08-04 Web Port:Kk 会員情報管理システム
JP2017184198A (ja) * 2016-03-31 2017-10-05 ソニー株式会社 イメージセンサ、撮像装置、イメージセンサ特定方法、画像偽造防止方法および画像改変制限方法

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060036864A1 (en) * 1999-12-28 2006-02-16 Parulski Kenneth A Digital camera with image authentication
EP2352120B1 (en) * 2000-01-13 2016-03-30 Digimarc Corporation Network-based access to auxiliary data based on steganographic information
US7313696B2 (en) * 2002-07-22 2007-12-25 Xerox Corporation Method for authentication of JPEG image data
US9300678B1 (en) * 2015-08-03 2016-03-29 Truepic Llc Systems and methods for authenticating photographic image data
KR20230124611A (ko) 2020-12-21 2023-08-25 소니그룹주식회사 화상 처리 장치 및 방법

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH08101868A (ja) * 1994-08-03 1996-04-16 Nec Corp 電子署名検証装置
JP2000215379A (ja) * 1998-11-17 2000-08-04 Ricoh Co Ltd デジタル計測機器及び画像計測機器
JP2001051929A (ja) * 1999-08-12 2001-02-23 Nippon Denki Business Syst Kk 提供情報の参照識別方法
JP2003152712A (ja) * 2001-11-15 2003-05-23 Mitsubishi Electric Corp 撮影証明システム及び撮影装置及び証明装置及び撮影証明方法
JP2003256736A (ja) * 2002-03-04 2003-09-12 Nifty Corp 個人間決済支援方法
JP2005080186A (ja) * 2003-09-03 2005-03-24 Fuji Photo Film Co Ltd 画像記録媒体、及びデジタルカメラ、及び画像表示装置
JP2005208970A (ja) * 2004-01-23 2005-08-04 Web Port:Kk 会員情報管理システム
JP2017184198A (ja) * 2016-03-31 2017-10-05 ソニー株式会社 イメージセンサ、撮像装置、イメージセンサ特定方法、画像偽造防止方法および画像改変制限方法

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
MARTIN HARRAN, FARRELLY WILLIAM, CURRAN KEVIN: "A method for verifying integrity & authenticating digital media", APPLIED COMPUTING AND INFORMATICS, vol. 14, no. 2, 1 July 2018 (2018-07-01), pages 145 - 158, XP055762720, ISSN: 2210-8327, DOI: 10.1016/j.aci.2017.05.006 *
See also references of EP4632613A1 *

Also Published As

Publication number Publication date
JPWO2024122602A1 (https=) 2024-06-13
EP4632613A4 (en) 2026-01-07
EP4632613A1 (en) 2025-10-15

Similar Documents

Publication Publication Date Title
US11403746B2 (en) Methods for requesting and authenticating photographic image data
US8121342B2 (en) Associating metadata with media signals, and searching for media signals using metadata
US10361866B1 (en) Proof of image authentication on a blockchain
US20200097733A1 (en) Securely Authenticating a Recording File from Initial Collection Through Post-Production and Distribution
WO2021208952A1 (zh) 基于区块链的影像数据记录、获取、验证
US8429205B2 (en) Associating data with media signals in media signal systems through auxiliary data steganographically embedded in the media signals
US8312284B1 (en) Verifiable timestamping of data objects, and applications thereof
EP3130113A1 (en) Systems and methods for automated cloud-based analytics for security and/or surveillance
CN111291422B (zh) 一种基于区块链技术的可信影像平台
CN114270776B (zh) 成像设备、图像数据处理方法以及程序
US20130262992A1 (en) Methods and systems for electronic editing and/or signing
US12333054B2 (en) Tamper-evident storage and provisioning of media streams
US20120150881A1 (en) Cloud-hosted multi-media application server
JP7582300B2 (ja) 撮像装置、情報処理装置、情報処理方法、およびプログラム
CN111339203B (zh) 区块链数据采集方法、装置及系统
WO2024161895A1 (ja) 真正性検証システム、コンテンツ管理装置、コンテンツ生成装置、これらの制御方法およびこれらのプログラム
JP2022534456A (ja) 実際のイベントのデジタル表現をイベント発生の実時間と結び付ける方法
JP2019205140A (ja) 撮像装置、情報処理装置、生成方法、及び検証方法
US9633228B1 (en) Verifiable media system and method
KR20230173704A (ko) 블록체인에 정보를 등록하는 콘텐츠 생성장치, 콘텐츠 생성장치의 제어방법, 및 기억매체
US20250184152A1 (en) Content origin verifying system that also allows third party to accurately ascertain authenticity of digital signature, control method for content origin verifying system, and storage medium
WO2024122602A1 (ja) 画像処理装置および方法
WO2024122601A1 (ja) 画像処理装置および方法
US20240214206A1 (en) Method for issuing non-fungible token
WO2024122396A1 (ja) 画像処理装置および方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23900714

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2024562984

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 2023900714

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2023900714

Country of ref document: EP

Effective date: 20250707

WWP Wipo information: published in national office

Ref document number: 2023900714

Country of ref document: EP