CN100593205C

CN100593205C - Information processing device and method, information recording medium, manufacturing device, method and computer program of theinformation recording medium

Info

Publication number: CN100593205C
Application number: CN200610154227A
Authority: CN
Inventors: 高岛芳和
Original assignee: Sony Corp
Current assignee: Sony Corp
Priority date: 2005-09-16
Filing date: 2006-09-15
Publication date: 2010-03-03
Anticipated expiration: 2026-09-15
Also published as: JP2007080458A; CN1932999A; JP4140624B2

Abstract

An information processing device for executing reproduction processing of content recorded in an information recording medium, includes: a data processing unit for acquiring content codes including aprogram or application information to be applied to the recording content of the information recording medium, and executing data processing in accordance with the acquired content codes; wherein thedata processing unit is configured so as to execute the verification processing of a digital signature which allows tampering verification of the entire content codes included in a content code file storing the content codes, and as the verification result, execute data processing in accordance with the content codes on the condition that validity of the content code file has been confirmed.

Description

Messaging device and method, information recording carrier, its manufacturing equipment and method, and computer program

Cross reference to related application

The application requires the rights and interests of the U.S. Provisional Patent Application 60/724,802 of application on October 11st, 2005.

The present invention comprises the theme of on September 16th, 2005 at the Japanese patent application JP 2005-270484 of Jap.P. office application, and its whole literature kit is contained in this, and is incorporated by reference.

Technical field

The present invention relates to messaging device and method, information recording medium manufacturing apparatus and method, information recording carrier and computer program.More particularly, the present invention relates to realize and to use control program to be recorded in messaging device and method, information recording medium manufacturing apparatus and method, information recording carrier and the computer program of the strict control scheme of the content sign indicating number in the information recording carrier as content with content.

Background technology

Various software datas, can be used as numerical data such as voice data (music etc.), view data (film etc.), games, various application programs or the like (below be called " content ") and be stored in the recording medium, such as the Blu-ray Disc (registered trademark) or DVD (digital universal optic disk), MD (Mini Disk) and the CD (read-only optical disc) that adopt blue laser.Especially, adopting the Blu-ray Disc (registered trademark) of blue laser is to realize the CD of high density recording, and can be recorded as the picture material of magnanimity etc. the data of high image quality.

Digital content is stored in so various information recording carriers (recording medium), so that offer the user.The user is at the reproducer that the user had, such as reproducing on PC (personal computer), the CD player and using described content.

In general, many contents, the creator or the seller by content holds such as distribution rights of music data, view data etc. etc.Therefore, when issued content, realize formulating the scheme that some uses restriction usually, that is, only allow authorized user to use content, prevent unwarranted reproduction etc.

With regard to digital recording equipment and recording medium, can write down repeatedly and reproduce, and can failure pattern picture or audio frequency, variety of issue is appearring, the for example distribution of the content of bootlegging on the Internet, copy to the distribution of so-called private plate-making (bootleg edition) CD of the content on the CD-R etc., use that is kept at the reproducting content on the hard disk of PC or the like increases rapidly.

The huge storage capacity recording medium, such as DVD, Kai Fa recording medium that utilizes blue laser etc. can be lot of data in recent years, and for example one one to several films are recorded on the CD with the form of numerical information.Make with the ability of the form recording image information of numerical information etc. to prevent unauthorized copying, thereby the protection copyright owner becomes prior problem.In order to prevent the unauthorized copying of numerical data, realized various technology recently, be used for preventing unauthorized copying to digital recording equipment and recording medium.

Summary of the invention

Prevent that the unauthorized copying of content and a kind of technology of protection copyright owner from being the encryption of content.But, even for encrypted content, if still exist secret key to be revealed the problem that the content of so unauthorized deciphering can be revealed.A kind of correlation technique is the scheme of describing in WO2005/008385, wherein discloses a kind of scheme that addresses this is that.WO2005/008385 discloses a kind of scheme, wherein by rewrite the content of a part with dummy data, prevents the unauthorized reproduction of content.

When reproduction processes wherein partial content replaced by dummy data content the time, the processing of replacing dummy data with the original contents data is essential.Under the situation that original contents does not leak, must carry out this data conversion and handle, in addition, preferably avoid process information, such as the position of dummy data and the leakage of transform method.

Thereby, when reproducing content, must carry out the decoding processing or the data conversion of content handles, in addition in some cases, must carry out validation processing etc., such as using about attempting whether the messaging device of content or reproduction (player) program are equipment or the programs that has obtained legal licence.Use control program to be recorded in content sign indicating number in the information recording carrier by carrying out, realize such data processing with content as content.Attention has illustrated an example of the content use processing that utilizes the content sign indicating number in WO2005/008385.

The content sign indicating number is configured to and the irrelevant file of content, and is recorded in the information recording carrier.Therefore can carry out the content sign indicating number is transferred to separately the processing of another information recording carrier, perhaps the processing of reproducting content sign indicating number separately.When the leakage that the content sign indicating number takes place, propagate without permission and when carrying out unauthorized use, exist many contents to be caused serious loss by the possibility of unauthorized reproduction and use.

Made the present invention in light of this situation, and having thought preferably provides a kind of messaging device, information recording carrier and method and computer program, is used for realizing disposing with the strict control that content is recorded in the content sign indicating number of information recording carrier as the control program that content is used.In addition, even think the content sign indicating number of creating with regard to for specific reproducer, perhaps just be recorded in the identical content sign indicating number in the medium that wherein writes down a plurality of different contents, the preferably recycling of the content sign indicating number that can in a plurality of contents, use by facility, the burden when alleviating the authority record medium.

According to one embodiment of present invention, the messaging device that the reproduction of content of executive logging in information recording carrier handled comprises: data processing unit, be used to obtain to comprise and be applied to the program of recorded content of information recording carrier or the content sign indicating number of application information, and carry out data processing according to the content sign indicating number that obtains; Wherein said data processing unit is configured to the checking of combine digital signature to be handled, described digital signature makes can verify altering of the whole contents sign indicating number that is included in the content sign indicating number file of preserving the content sign indicating number, and has confirmed as the checking result to carry out data processing according to the content sign indicating number under the situation of validity of content sign indicating number file.

In addition, described data processing unit can be configured to carry out the checking processing of the digital signature that is provided by control center, checking as digital signature is handled, and in addition, carries out and uses the exclusive secret key signature of player manufacturer and the checking of so provided digital signature to handle.

In addition, described data processing unit can be configured to according to the digital signature that is provided with in each file, carry out with a plurality of content sign indicating number files from be recorded in information recording carrier in the relevant signature verification process of each content sign indicating number file selected with use.

In addition, data processing unit can be configured to according to the digital signature that is provided with in a content sign indicating number file, the signature verification process of selecting in a plurality of content sign indicating number files of execution from be recorded in information recording carrier with the content sign indicating number file that uses, and carry out the checking processing that is different from digital signature authentication of relevant other content sign indicating number file that will use.

In addition, data processing unit can be configured to carry out according to hashed value the checking processing of relevant other content sign indicating number file that will use.

In addition, data processing unit can be configured to carry out in company with the replacement of some content-datas that its application are included in finishing (fix-up) table in the content sign indicating number and handles the data processing that becomes essential.

In addition, data processing unit can be configured to calculate the parameter that the finishing strips purpose that will be applied to be included in the finishing table is recovered, concerning each fragment of the sectional area that is set to be recorded in the content in the information recording carrier, and described parameter difference.

In addition, according to another embodiment of the present invention, information recording medium manufacturing apparatus comprises: the content file generating apparatus is used for producing the content file that preservation will be recorded in the content-data of information recording carrier; Content sign indicating number file creating apparatus, be used to preserve comprise will be applied to the program used of content or the content sign indicating number of application information, also produce and comprise the content sign indicating number file that is used to verify the data of altering; And pen recorder, be used for the content sign indicating number file logging of the content file of described content file generating apparatus generation and the generation of content sign indicating number file creating apparatus in information recording carrier.

In addition, be used for verifying that the data of altering can be the digital signature based on the data that comprise the content sign indicating number that is included in content sign indicating number file.

In addition, be used for verifying that the data of altering can be the hashed values based on the data that comprise the content sign indicating number that is included in content sign indicating number file.

In addition, content sign indicating number file creating apparatus can be configured to carry out the processing that is used to produce a plurality of content sign indicating number files, described a plurality of content sign indicating number file is preserved and is divided into a plurality of different classes of content sign indicating numbers, and pen recorder is configured to carry out a plurality of different classes of processing of content sign indicating number file logging in information recording carrier that have being produced by content sign indicating number file creating apparatus.

In addition, content sign indicating number file creating apparatus can be configured to produce preserves a plurality of content sign indicating number files that are divided into a plurality of different classes of content sign indicating numbers, and carries out and only produce a file as the processing that comprises the content sign indicating number file of digital signature data in the file that generates.

In addition, content sign indicating number file creating apparatus can be configured to produce preserves a plurality of content sign indicating number files that are divided into a plurality of different classes of content sign indicating numbers, and with the form of the file of the digital signature that comprises the wright that is contained in the content in each file or performance entity, the processing that produces each content sign indicating number file.

In addition, according to another embodiment of the present invention, the information recording carrier that comprises following storage data comprises: the content file of preserving content-data; With the content sign indicating number file of preserving the content sign indicating number, the content sign indicating number comprises being applied to program or the application information that content is used, also comprises being used to verify the data of altering.

In addition, content sign indicating number file can be wherein to have utilized the exclusive code of the player of secret key signature of the player manufacturer file of Be Controlled center signature more.

In addition, be used for verifying that the data of altering can be the digital signature based on the data that comprise the content sign indicating number that is contained in content sign indicating number file.

In addition, be used for verifying that the data of altering can be the hashed values based on the data that comprise the content sign indicating number that is contained in content sign indicating number file.

In addition, content sign indicating number file can comprise and preserves a plurality of content sign indicating number files be divided into a plurality of different classes of content sign indicating numbers.

In addition, content sign indicating number file can comprise preserves a plurality of content sign indicating number files be divided into a plurality of different classes of content sign indicating numbers, and in these files, having only a file is the content sign indicating number file that comprises digital signature data.

In addition, content sign indicating number file can comprise preserves a plurality of content sign indicating number files be divided into a plurality of different classes of content sign indicating numbers, and each content sign indicating number file is configured to comprise the wright of the content sign indicating number that is contained in each file or the digital signature of performance entity.

In addition, with regard to another embodiment of the present invention, the information processing method that the reproduction of content of executive logging in information recording carrier handled comprises the steps: the checking processing, serve as the verification step that comprises the digital signature that will be applied to be provided with in the content sign indicating number file of content sign indicating number of the program used of the recorded content of information recording carrier or application information in preservation, the checking that is used for carrying out the digital signature of altering checking of the whole contents sign indicating number that can realize being included in content sign indicating number file is handled; Carry out with code, be used for carrying out data processing according to the content sign indicating number under the situation of validity that checking result as the content sign indicating number confirmed content sign indicating number file.

In addition, it can be digital signature according to being provided with in each file that checking is handled, and carries out the step of the signature verification process relevant with each the content sign indicating number file with use selected in a plurality of content sign indicating number files from be recorded in information recording carrier.

In addition, it can be the digital signature that basis is provided with in a content sign indicating number file that checking is handled, the signature verification process of selecting in a plurality of content sign indicating number files of execution from be recorded in information recording carrier with the content sign indicating number file that uses, and carry out the step of the checking processing that is different from digital signature authentication of relevant other content sign indicating number file that will use.

In addition, the checking processing can be a step of carrying out the checking processing of relevant other content sign indicating number file that will use according to hashed value.

In addition, the code execution can be to carry out the step of handling the data processing that becomes essential in company with the replacement of some content-datas that its application are included in the finishing table in the content sign indicating number.

In addition, it can be the step of carrying out the processing that is used for calculating the parameter that the finishing strips purpose that will be applied to be included in the finishing table recovers that code is carried out, concerning each fragment of the sectional area that is set to be recorded in the content in the information recording carrier, described parameter difference.

In addition, according to another embodiment of the present invention, information recording medium manufacturing method comprises the steps: that content file generates step, is used for producing the content file that preservation will be recorded in the content-data of information recording carrier; Content sign indicating number file generates step, is used to preserve comprise and will be applied to the program of content use or the content sign indicating number of application information, and also generation comprises the content sign indicating number file that is used to verify the data of altering; And recording step, be used for generating content file that step produces at content file and generating the content sign indicating number file logging that produces in the step in information recording carrier at content sign indicating number file.

In addition, content sign indicating number file generates step can carry out the processing that is used to produce a plurality of content sign indicating number files, described a plurality of content sign indicating number file is preserved and is divided into a plurality of different classes of content sign indicating numbers, and recording step is carried out generate a plurality of different classes of processing of content sign indicating number file logging in information recording carrier that have that produce in the step at content sign indicating number file.

In addition, content sign indicating number file generates step and can produce and preserve a plurality of content sign indicating number files that are divided into a plurality of different classes of content sign indicating numbers, and in the file that generates, only produces a file as the content sign indicating number file that comprises digital signature data.

In addition, content sign indicating number file generates step and can produce and preserve a plurality of content sign indicating number files that are divided into a plurality of different classes of content sign indicating numbers, and, produce each content sign indicating number file with the form of the file of the digital signature of the wright that comprises the content sign indicating number that is contained in each file or performance entity.

In addition, according to another embodiment of the present invention, make messaging device comprise following step to the computer program that is recorded in the content execution reproduction processes in the information recording carrier: checking is handled, serve as the verification step that comprises the digital signature that will be applied to be provided with in the content sign indicating number file of content sign indicating number of the program used of the recorded content of information recording carrier or application information in preservation, the checking that is used for carrying out the digital signature of altering checking of the whole contents sign indicating number that can realize being included in content sign indicating number file is handled; Carry out with code, be used for carrying out data processing according to the content sign indicating number under the situation of validity that checking result as the content sign indicating number confirmed content sign indicating number file.

In addition, according to another embodiment of the present invention, information recording medium manufacturing apparatus comprises: the content file generation unit is used for producing the content file that preservation will be recorded in the content-data of information recording carrier; Content sign indicating number file generating unit, be used to preserve comprise will be applied to the program used of content or the content sign indicating number of application information, also produce and comprise the content sign indicating number file that is used to verify the data of altering; And record cell, be used for the content sign indicating number file logging of the content file of content file generation unit generation and the generation of content sign indicating number file generating unit in information recording carrier.

Attention for example is by computer-readable storage medium or communication media according to computer program of the present invention, the recording medium such as CD, FD, MO for example, the perhaps communication media such as network can provide the computer program of the computer system that can carry out various program codes.Provide this program on computer system, to realize and the processing of program correspondence with computer-reader form.

By embodiments of the invention and the accompanying drawing that describes below, other purpose of the present invention, feature and advantage will become obvious.Notice that the term " system " that uses in this instructions refers to the logical collection of a plurality of equipment, is not limited to all schemes in same frame of all component equipment.

Configuration according to an example of the present invention, realize wherein when reproducing the content that is recorded in the information recording carrier, acquisition comprises and will be applied to the program of content use or the content sign indicating number of application information, and before carrying out data processing according to the content sign indicating number that obtains, the checking of the digital signature that execution is provided with in the content sign indicating number file of preserving the content sign indicating number is handled, and result as checking, under the condition of the validity of having confirmed content sign indicating number file, carry out the scheme of data processing according to the content sign indicating number, thereby can prevent the unauthorized execution of content sign indicating number, can prevent the unauthorized reproduction and the use of the content that the unauthorized use by the content sign indicating number causes in addition.

In addition, configuration according to an example of the present invention, even realize wherein setting be recorded in the information recording carrier and the situation of a plurality of content sign indicating number files of in messaging device, using under, the scheme of digital signature (using the content sign indicating number under the condition that described digital signature allows utilizing digital signature to realize checking) is set at least one file, thereby realizes the strictness control that the content sign indicating number uses.

Description of drawings

The preservation data in Fig. 1 descriptor recording medium and the configuration and the processing of driving arrangement and messaging device;

Fig. 2 describes of the content management units that is provided with about the preservation data in the information recording carrier example is set;

Fig. 3 describes the content management units that is provided with about the preservation data in the information recording carrier and the correlativity between the unit key;

Fig. 4 graphic extension will be recorded in the bibliographic structure such as content, management data in the information recording carrier;

Fig. 5 graphic extension will be recorded in the bibliographic structure of the content sign indicating number in the information recording carrier;

Fig. 6 describes the content that is recorded in the information recording carrier and reproduces the required data conversion of content and handle;

Fig. 7 graphic extension is kept at the content in the information recording carrier and the details of finishing table;

Fig. 8 graphic extension is included in the finishing strips destination data structure in the finishing table;

Fig. 9 is described in the interior finishing strips destination data conversion process of using of TS grouping of constitution content;

Figure 10 describes and uses the finishing strips destination data conversion process that is included in the finishing table;

Figure 11 is described in the processing sequence of carrying out between reproduction (broadcast) application program and the secret VM;

Figure 12 is described in the processing of carrying out in the title initialization process in the processing sequence between reproduction (broadcast) application program and the secret VM of duplicating the finishing table;

Figure 13 describes the processing example that content playback is handled;

Figure 14 describes the data conversion of carrying out and handles when reproducing content;

Figure 15 describes the details that is recorded in the content sign indicating number in the information recording carrier;

Figure 16 describes the details that produces and be recorded in the processing of the content sign indicating number that writes down in the information recording carrier;

Figure 17 describes the data structure example that will be recorded in the content sign indicating number file in the information recording carrier;

Figure 18 describes the data structure example that will be recorded in the content sign indicating number file in the information recording carrier;

Figure 19 describes the data structure example that will be recorded in the content sign indicating number file in the information recording carrier;

Figure 20 describes the data structure example that will be recorded in the content sign indicating number file in the information recording carrier;

The process flow diagram of the use sequence that is recorded in the content sign indicating number in the information recording carrier is described in Figure 21 graphic extension;

The process flow diagram of the use sequence that is recorded in the content sign indicating number in the information recording carrier is described in Figure 22 graphic extension;

Figure 23 describes a use example of content sign indicating number;

The hardware configuration example of Figure 24 descriptor treatment facility;

Figure 25 is the block scheme of the configuration of descriptor record-keeping system manufacturing apparatus.

Embodiment

Describe in detail according to messaging device of the present invention and method, information recording medium manufacturing apparatus and method, information recording carrier and computer program below with reference to accompanying drawing.Attention will describe according to following project.

1. the general introduction of preservation data in the information recording carrier and the processing on driver and the main frame

2. related content administrative unit (CPS unit)

3. the preservation data management of information recording carrier configuration

4. comprise the data structure of the content of revising data and the general introduction that data conversion is handled

5. reproduce the processing of (player) application program and secret VM

6. content playback is handled

7. content sign indicating number administration configuration

8. the configuration of messaging device

9. information recording medium manufacturing apparatus and information recording carrier

At first, the general introduction of preservation data in the descriptive information recording medium and the processing on driver and the main frame.The configuration of information recording carrier 100, equipment 120 and the main frame 140 of content is wherein preserved in Fig. 1 graphic extension.Main frame 140 is to carry out on the messaging device such as PC, finishes data reproduction (or record) application program of processing according to the hardware of the predetermined messaging device of data processing sequence utilization such as PC.

Information recording carrier 100 is the information recording carriers such as Blu-ray Disc (registered trademark), DVD, be under the permission of the so-called content rights owner with proper content rights or distribution rights, the information recording carrier (ROM dish etc.) of the preservation authorized content of making at disc manufacturing plant, information recording carrier (RE dish etc.) that perhaps can record data.Attention is with regard to following embodiment, and the disc medium will be used to illustrate information recording carrier, and the present invention can be applied to using the configuration of various information recording carriers.

As shown in fig. 1, information recording carrier 100 is preserved the encrypted content 101 that has experienced encryption and section data replacement, MKB (media key block) 102 (it is the encryption key block that produces according to tree structure distribute keys method (a kind of broadcast encryption method)), title key file 103 by the encrypted data of the title key that wherein will be applied to contents decryption processing formations such as (encrypting the CPS unit key), the service regeulations 104 that comprise CCI (copy control information) of serving as the duplicating of content/reproduction control information etc., with comprise when utilizing encrypted content 101 the content sign indicating number 105 of the data processor that will carry out.

Content sign indicating number 105 comprises finishing table 106, in the finishing table 106 registered have with content in the corresponding transform data of replacement data of presumptive area.The messaging device of carrying out reproduction of content extracts the transform data that is recorded in the finishing table 106 that is included in the content sign indicating number 105 according to the data conversion handling procedure that is included in the content sign indicating number 105, and carries out the replacement processing of the configuration data of content.

The content sign indicating number comprises and is used to carry out various processing, such as the information that starts processings, security inspection processing etc. or program and to the conversion process program of its application transform data.One joint of back is with the details of detailed description sign indicating number.The information recording carrier of noting the data example shown in preservation Fig. 1 is an example, and according to the type of CD, the data of preservation are more or less different.In the information of these types each roughly is described below.

(1) encrypted content 101

Various contents are stored in the information recording carrier 100.The example of content comprises that dynamic image content is (such as HD (high resolving power) movie contents, it is a kind of high resolving power motion image data) AV (audiovisual) stream, according to the games of the form of certain criteria agreement, image file, voice data, text data etc.These contents are the data according to specific AV format specification, and preserve according to described specific AV data layout.Specifically, for example be saved normal data into Blu-ray Disc (registered trademark) ROM according to Blu-ray Disc (registered trademark) ROM standard format.

In addition, exist wherein for example games, image file, voice data, text data etc. to be stored in situation in the service data.Existing wherein, these contents are saved the data conditions of not following specific AV data layout for data layout.

The type of content comprises: the various contents such as music data, moving image, rest image, similar view data and games, web content, various forms of information are included in these contents, the content information that uses such as data that can only origin self-information recording medium 100 is by the data and data information available of from the server that with network be connected providing or the like of combination from information recording carrier 100.Utilization is suitable for the different keys (CPS unit key or unit key (perhaps also can be described as title key)) of every section content, is kept at the encrypted preservation of content in the information recording carrier, so that every section content is realized different use control.Each unit that unit key is suitable for is called as content management units (CPS unit).In addition, the configuration data of content is configured to broken data, wherein use the data different to replace the partial content data with correct content-data, thereby decryption processing can not be reproduced correct content alone, and the processing of using the data that are recorded in the finishing table to replace broken data is that execution is reproduced necessary.This processing will describe in detail in the back.

(2)MKB

MKB (media key block) the 102nd is according to the encryption key block of tree structure distribute keys method (a kind of broadcast encryption method) generation.MKB 102 is a kind of key information pieces that can obtain media key (Km), media key (Km) is that decryption content is necessary, can only obtain by the processing (deciphering) based on the Device keys on the messaging device that is kept at the user with valid license [Kd].This is a kind of application, thereby only have under the situation of valid license at subscriber equipment (messaging device), the information dispensing method of following so-called classification tree structure just makes obtaining of media key [Km] become possibility, and the subscriber equipment that is disabled (cancellation is handled) can not obtain media key [Km].

Be used for Device keys by change to the key information deciphering that is kept at MKB, the administrative center of serving as license entity can produce that have can not be with the MKB of the structure that is kept at the Device keys deciphering in certain user's equipment, that is, wherein can not obtain the necessary media key of contents decryption.Therefore, can make unwarranted equipment invalid in any timing, thus the encrypted content that provides the equipment that only has valid license to decipher.Contents decryption is handled and be will be explained below.

(3) title key file

As mentioned above, in each perhaps every group of a plurality of contents experience the encryption of the independent encryption key of each content application (title key (CPS unit key)) so that the use of organize content, and is stored in the information recording carrier 100.Promptly, the AV of constitution content (audiovisual) stream, music data, moving image, rest image, class view data, games, web content etc. need be segmented into the administrative unit that a plurality of contents are used, for each segmenting unit produces a different title key, thereby be decrypted processing.The information that produces these title key is the title key data, for example by using the title key deciphering of key to encrypting by generations such as media keys, obtains title key.Utilize the title key data, produce sequence according to predetermined encryption key and produce the title key corresponding, and carry out the deciphering of content with each unit.

(4) service regeulations

Service regeulations for example comprise duplicates/reproduction control information (CCI).This be be kept at information recording carrier 100 in the copy limit information and the reproducing limit information of the corresponding use control aspect of encrypted content 101.Exist to duplicate/the various settings of reproduction control information (CCI), for example the information setting of each CPS unit becomes the situation of content management units, situation about being provided with corresponding to a plurality of CPS unit or the like.

(5) content sign indicating number

Content sign indicating number 105 is to comprise when using encrypted content 101 data of the data processor that will carry out.The main frame of carrying out content playback is provided for carrying out the virtual machine (VM) of data conversion process, carrying out the data conversion that conforms to the content sign indicating number of reading from information recording carrier 100 at virtual machine (VM) handles, use the registration entries in the finishing table 106, and carry out the data conversion processing of the part configuration data of content.

The encrypted content 101 that is kept in the information recording carrier 100 has experienced predetermined the encryption, and in addition, a part of content configuration data are made of the broken data that are different from correct data.In order to reproduce content, it is essential that data rewrite is handled, and wherein replaces broken data with transform data, and described transform data is correct content-data.The table of registration transform data is a finishing table 106.A large amount of broken data being set being dispersed in the content, when reproducing content, is essential with the processing that is registered in transform data replacement (rewriting) many broken data in the finishing table.Even use this transform data mean since encryption key leak, carry out under the situation of unwarranted contents decryption, because the existence of replacement data, contents decryption also can not be reproduced correct content alone, thereby can prevent unwarranted content use.

Except normal transform data, finishing table 106 comprises making to analyze and is used to discern content reproducing device or content reduction application's data identifying information configuration bit becomes possible transform data.Specifically, this comprises player ID, and player ID is the recognition data of player (carrying out the equipment of host application program), perhaps wherein writes down " transform data that comprises distinguishing mark " of " identifying information " that produce according to player ID.The transform data that comprises distinguishing mark is wherein on the degree that does not influence reproduction of content, the data that the place value of correct content-data has slightly been changed.

Noticing that content sign indicating number 105 comprises is used to carry out various processing, such as the information or the program that start processings, security inspection processing etc., and it is used the data conversion handling procedure of top finishing table 106.One joint of back is with the details of detailed description sign indicating number.

Below, with reference to figure 1 explanation main frame 140 and the configuration of driver 120 and the general introduction of processing.

When data are transmitted to main frame 140 by driver 120, carry out the reproduction of content that is kept in the information recording carrier 100 and handle.

Main frame 140 has reproduction (player) application program 150 and secret VM 160 set.Reproducing (player) application program 150 is content reproduction unit, carries out various processing, such as carrying out content playback when handling and checking processing of carrying out of driver, content-encrypt, decoding processing or the like.Secret VM 160 plays parameter generating unit, parameter generating unit provides the parameter that the data conversion that is applied to carry out in being handled by the content playback that reproduces (player) application program 150 (it is the content playback processing unit) execution is handled, and secret VM 160 is set to the virtual machine in the main frame 140.Virtual machine (VM) is directly to explain and carry out intermediate language, from information recording carrier 100 read, explain and the intermediate language of execution and platform independence the virtual machine of command code information.

Secret VM 160 serves as and obtains content sign indicating number 105, carries out the content sign indicating numbers according to the content sign indicating number that obtains 105, and the data processing unit of execution data processing, content sign indicating number 105 comprises when the encrypted content 101 of service recorder in information recording carrier 100, the program that use or application information.

The transmission of reproducing the information between (player) application program 150 and the secret VM 160 or handling request is by from reproducing (player) application program 150 interruptions to secret VM 160 (INTRP) and handling the sequence realization from secret VM 160 to the response (Call) of reproducing (player) application program 150.Providing of the parameter that interruption from application program 150 to secret VM 160 (ITRP) and the data conversion of handling sequence execution parameter computation requests and be applied to carry out in content playback being handled from secret VM 160 to the response (Call) of reproducing (player) application program 150 are handled.These are handled sequence and will describe in detail in the back.

The following describes the main processing that main frame 140 is carried out.Before the use of content, between driver 120 and main frame 140, carry out mutual authentication processing, utilize this checking to handle the validity of confirming both sides subsequently, encrypted content sends main frame to from driver, carrying out contents decryption at host computer side handles, in addition, carry out above-described data conversion and handle, thereby realize content playback according to the finishing table.

For the mutual checking of between main frame 140 and driver 120, carrying out, determine that by (invalid) tabulation of cancelling that reference administrative center sends whether each equipment or application program are registered as unwarranted equipment or application program, carry out the processing of determining validity.

Driver 120 has the storer 122 of preserving host C RL (certificate revocation list), and host C RL preserves (invalid) information of cancelling of host credentials (public key certificate).On the other hand, main frame 140 has the storer 152 of preserving driver CRL (certificate revocation list), and driver CRL preserves (invalid) information of cancelling of driver certificate (public key certificate).Storer is nonvolatile memory (NVRAM), at the CRL that reads from information recording carrier 100 for example is under the situation of more recent version, their

data processing units

121 and 151 are separately carried out to upgrade and are handled, so that the host C RL of redaction or driver CRL are kept in

storer

122 and 152.

Administrative center brings in constant renewal in CRL, such as host C RL or driver CRL.That is, under the situation of the unwarranted equipment of new discovery, send the CRL of renewal, wherein increase the certificate ID issue this unwarranted equipment or device id etc. as new clauses and subclauses.Each CRL has version number, and has wherein new and old configuration.For example, CRL that the information recording carrier on being placed in driver is read than the CRL news the storer 122 that is kept in the driver under, driver is carried out CRL and is upgraded and handle.Main frame 140 is also carried out driver CRL according to identical mode and is upgraded.

Except this CRL upgraded processing, the data processing unit 121 of driver 120 was carried out checking processing that carry out and main frame when using content, also carries out from the information recording carrier sense data, and data is sent to the processing of main frame.

The reproduction of main frame 140 (player) application program 150 is data reproduction (or record) application programs of carrying out on the messaging device such as PC, and, utilize the hardware of the messaging device such as PC to carry out processing according to predetermined data processing sequence.

Main frame 140 has and is used for carrying out mutual authentication processing with driver 120, the data processing unit 151 of data transmission control etc., carry out the decryption processing unit 153 of the decryption processing of encrypted content, carry out the codec processing unit 155 of the data conversion processing unit 154 of data conversion processing and (for example mpeg decode) processing of decoding according to the registration data in the above-mentioned finishing table 105.

The checking that data processing unit 151 is carried out between main frame and the driver is handled, in checking is handled, with reference to the driver CRL that is kept among the storer a 152 (nonvolatile memory (NVRAM)), to confirm whether driver is the driver that is revoked.Main frame is also carried out to upgrade and is handled, thereby the driver CRL of redaction is kept among the storer a 152.

Decryption processing unit 153 utilizes the data that are kept at the various information among the storer b 156 and read from information recording carrier 100, and generation will be applied to the key of contents decryption, and carries out the decryption processing of encrypted content 101.Data conversion processing unit 154 is used the transform data that is registered in from the finishing table that information recording carrier 100 obtains by according to the data conversion handling procedure that obtains from information recording carrier 100, carries out the replacement of content configuration data and handles (rewriting).Codec processing unit 155 is carried out decoding (for example mpeg decode) and is handled.

The storer b 156 of messaging device 150 preserves Device keys: Kd, will be applied to the key information of mutual authentication processing, with key information of being applied to decipher or the like.The details that contents decryption is handled will be explained below.Device keys: Kd will be applied to the key that above-mentioned MKB handles.MKB makes the acquisition of media key [Km] become possible key information piece, media key [Km] is to decipher the necessary key of content, can only obtain by processing (deciphering) based on the Device keys in the messaging device that is kept at user [Kd] with valid license, when encrypted content was deciphered, messaging device 150 was used the Device keys that is kept among the storer b 156: Kd and is carried out the MKB processing.The details that contents decryption is handled will be explained below.

2. about content management units (CPS unit)

As mentioned above, be kept at the content experience decryption processing in the information recording carrier, and be saved together, so that different use control is realized in each unit with the different keys that are suitable for each unit.That is, content is segmented into content management units (CPS unit), carries out independent decryption processing, realizes independent use and management.

When using content, at first need to obtain to be suitable for the CPS unit key (being also referred to as title key) of each unit, in addition, by carrying out data processing according to predetermined decryption processing sequence, use other essential key, key generation information etc., carry out and reproduce.Setting below with reference to Fig. 2 description administrative unit (CPS unit).

As shown in Figure 2, content has the hierarchy of (A) index 210, (B) movie objects 220, (C) playlist 230 and (D) montage segment 240.Assigned indexes for example such as will can specifying the playback of programs that interrelates with this title by the title that reproduces application access, and according to the programme information of the playback of programs of appointment, selects agreement to reproduce the playlist of the order of this content.

Playitems playitem is included in the playlist as the information of data to be reproduced.Foundation is read AV stream (that is, the real data of content) or order selectively by the clip information of the reproduction segmentation that is included in the playitems playitem regulation in the playlist, and carries out the reproduction of AV stream and the execution processing of order.Note having a large amount of playlists and playitems playitem, and each playlist and playitems playitem have corresponding playlist ID and playitems playitem ID as identifying information.

Two CPS unit of Fig. 2 graphic extension.They constitute a part that is kept at the content in the information recording carrier.In CPS unit 1271, the CPS unit 2272 each all is the CPS unit of unit that has been set to comprise title, the movie objects as the playback of programs file, the playlist that serves as index and has comprised the montage segment of AV stream file (it be actual content-data).

Content management units (CPS unit) 1271 comprises title 1211 and title 2212, playback of

programs

221 and 222,

playlist

232 and 232 and

montage

241 and 242, be the object data of encrypting at least as the AV stream data file 261 and 262 that is included in the real data of the content in two

montages

241 and 242, thereby be set to use title key (Kt1) ciphered data, title key (Kt1) is the encryption key (being also referred to as the CPS unit key) that generally is provided with corresponding to content management units (CPS unit) 1271.

Content management units (CPS unit) 2272 comprises application program 1213, playback of programs 224, playlist 233 and the montage 243 as index, by using title key (Kt2), AV stream data file 263 as the real data that is included in the content in the montage 243 is encrypted, and title key (Kt2) is the encryption key that is provided with corresponding to content management units (CPS unit) 2272.

For example, the user handles in order to carry out with content management units 1271 corresponding application program files or content playback, need acquisition to be configured to the title key that serves as encryption key that interrelates with content management units (CPS unit) 1271: Kt1, and it is decrypted processing.The user handles in order to carry out with content management units 2272 corresponding application program files or content playback, need acquisition to be configured to the title key that serves as encryption key that interrelates with content management units (CPS unit) 2272: Kt2, and it is decrypted processing.

Fig. 3 represents that the CPS unit is provided with the example of the title key of configuration and correspondence.Fig. 3 represents that the CPS unit is provided with unit (it is the unit of use that management is kept at the encrypted content in the information recording carrier) and is applicable to correlativity between the title key (CPS unit key) of each CPS unit.The CPS unit and the title key of the data that arrive after a while can be preserved and be provided with to attention in advance.For example, data cell 281 is clauses and subclauses of the data that arrive after a while.

The CPS unit is provided with the unit and occurs with various forms, and for example content title, application program, data set or the like are provided with the CPS unit ID that serves as with each CPS unit corresponding identifier in each CPS Single Component Management table.

Among Fig. 3, for example, title 1 is CPS unit 1, when the encrypted content that belongs to CPS unit 1 is deciphered, needs to produce title key Kt1 and is decrypted processing according to the title key Kt1 that produces.

Like this, the content that is kept in the information recording carrier 100 is saved with the form of using the different encryption keys that are suitable for each unit to carry out encryption, so that different use control is realized in each unit.With respect to each content management units (CPS unit), the UR (service regeulations) of each content management units (CPS unit) is set for independent use and management.Service regeulations are the information that comprises the duplicating of content for example/reproduction control information (CCI), as mentioned above, and are included in the copy limit information or the reproducing limit information of the encrypted content in each content management units (CPS unit).

The data processing that application is kept at the various information in the information recording carrier is that the generation title key is necessary.The back will describe the object lesson of this processing in detail.

3. the preservation Data Control of information recording carrier configuration

The following describes the preservation Data Control configuration of information recording carrier.Be kept under the situation in the information recording carrier having content with reference to the hierarchy of figure 2 explanation, various data or program are registered as independent file such as content sign indicating number etc.Below with reference to Fig. 4 explanation and the corresponding bibliographic structure of each data that will be stored in the information recording carrier.

(A) index among Fig. 2 210 is the index.bdmv files in the catalogue shown in Fig. 4.

(B) movie objects among Fig. 2 220 is the MovieObject.bdmv files in the catalogue shown in Fig. 4.

(C) playlist among Fig. 2 230 is the files under the catalogue PLAYLIST (playlist) in catalogue shown in Fig. 4.

(D) file under the montage among Fig. 2 240 and a pair of catalogue CLIPINF in catalogue shown in Fig. 4 and the file with same file number under catalogue STREAM are corresponding.

(E) other such as the AUXDATA file of preserving speech data or character font data, preserves the META file of metadata, and the BDOJ file of preservation BD-J object etc. is stored in the information recording carrier.

As mentioned above, the content that is stored in the information recording carrier is configured to broken data, wherein use the data different to replace the part configuration data of content with correct content-data, so that decryption processing can not be reproduced correct content alone, in order to reproduce, must replace broken data with the data (transform data) that are registered in the finishing table.The content sign indicating number 105 that is kept in the information recording carrier is applied to described replacement processing, utilizes the data that are registered in the finishing table 106 to carry out the data conversion process.

The content sign indicating number that comprises the finishing table also is stored in the information recording carrier as individual files.Represented wherein to be provided with the bibliographic structure of content sign indicating number among Fig. 5.For example, Fig. 5 is with the bibliographic structure about the content sign indicating number of AV content creating with the bibliographic structure among Fig. 4.

The content sign indicating number comprises aforesaid finishing table, also comprises being used to carry out various processing, and such as the information or the program that start processing, security inspection processing etc., and the data conversion handling procedure of using the finishing table.These content sign indicating numbers are divided into following classification roughly,

(a) the public content sign indicating number of all the elements and all players (equipment or reproduction application program)

(b) the exclusive content sign indicating number of content

(c) the exclusive content sign indicating number of player (equipment or reproduction application program)

(d) the exclusive content sign indicating number of content and player (equipment or reproduction application program)

The generation entity of each content sign indicating number is different with the performance entity.Therefore, for example, have these different classes of content sign indicating numbers and preferably be configured to independent file from the viewpoints such as utilization again of file.

Content sign indicating number file [00000.svm]～[00003.svm] indication shown in Fig. 5 has the different classes of independent content sign indicating number file that is produced by these different entities.Note the object lesson of back one joint with detailed description sign indicating number file.

As shown in Figure 5, the content sign indicating number is arranged in the BDSVM catalogue with the form of a plurality of unique files, and the Backup Data that serves as copy data is set in the BACKUP catalogue in addition.

Below, the data structure of content of the data that comprise modification and the general introduction that data conversion is handled are described.As mentioned above, the encrypted content 101 that is included in the information recording carrier 100 is configured to broken data, wherein use the data different to replace the configuration data of part with correct content-data, so that when reproducing, decryption processing can not realize content playback alone, and the processing of using the transform data that is registered in the finishing table to replace broken data is essential.

Be kept at the structure of the content in the information recording carrier and the general survey of reproduction processes below with reference to Fig. 6 explanation.For example, the AV such as film (audiovisual) content is stored in the information recording carrier 100.These contents are encrypted, and after the decryption processing of using the encryption key that can only be obtained by the reproducer with licence, content playback is possible.The back will illustrate concrete content playback processing.The content that is kept in the information recording carrier 100 is not only encrypted, and has the content configuration data with revising the structure that data are replaced.

Fig. 6 graphic extension is kept at the configuration example of the recorded content 291 in the information recording carrier 100.Recorded content 291 is made of normal content data 292 that are not modified and broken data 293, and broken data 293 are ruined contents by modification.Broken data 293 are data of destroying through the original contents of data processing by.Therefore, utilization comprises that the content 291 of broken data can not realize correct content playback.

In order to carry out content playback, must replace broken data 293 in the content 291 that be included in record with correct content-data, reproduce content 296 thereby produce.Obtain the data (change) that transform data obtains to be used for conversion by the finishing clauses and subclauses the finishing table (FUT) 186 (referring to Fig. 1) in being registered in content sign indicating number 105 295 according to data, described content sign indicating number 105 is recorded in the information recording carrier 108, described transform data is to change the corresponding normal content data in district with each broken number, carry out the processing of the data of replacing broken data field, thereby produce and reproduction content 216.

Now, when producing reproduction content 296, except replacing the processing of broken data 293 with transform data 297 (normal content-data), carry out the processing of subregion of replacing the content 291 of record with the transform data 298 that identifier is set, the described transform data 298 that identifier is set comprises the data (such as player ID) of the analysis of the configuration bit that can realize making content reproducing device or the discernible identifying information of content playback application program.For example, under the situation that the content of unauthorized copying is leaked, analyze the source of leaks that the transform data that identifier is set 298 that leaks in the content can be determined unauthorized content.

Attention can realize wherein the scheme of redundant ground of the finishing clauses and subclauses of serving as the configuration data in the finishing table that comprises transform data dispersed record in some groupings of the configuration data of content.That is, transform data is stored in the revision table 146 shown in Fig. 1, is also disperseed and is recorded in the encrypted content 101, so that be recorded into two parts.The transform data that the messaging device of execution content playback or acquisition are kept in the finishing table 146 is replaced to carry out data, and the finishing clauses and subclauses that perhaps obtain to be recorded in dispersedly in the content are carried out the data replacement.

Be kept at the encrypted content 300 in the information recording carrier 100 and comprise data conversion processing execution program and the configuration example of the content sign indicating number 302 of finishing table below with reference to Fig. 7 explanation.Be recorded in the information recording carrier 100 content sign indicating number 302-0～302-n with for example corresponding in each perhaps the form of the unique file data of each montage segment be recorded in the information recording carrier.Example shown in Fig. 7 illustrates the group of n+1 wherein content sign indicating number 302-0～302-n and is recorded in example in the information recording carrier 100.

Content sign indicating number 302-0～302-n comprises finishing table 303-0～303-n respectively.The transform data of actual replacement data as content and finishing clauses and subclauses 304-0～304-n that the record position information of transform data all is set are recorded in each of finishing table 303-0～303-n.Though notice that the example shown in Fig. 7 is by using variable numbering [n], all are illustrated as encrypted content 300-0～300-n, content sign indicating number 302-0～302-n and finishing table 303-0～303-n, but the numbering that is provided with of encrypted content 300 and content sign indicating number 302 does not need identical.For example, can realize that wherein all finishing tables corresponding to encrypted content 0～n all are recorded in the scheme in the content sign indicating number 302～0.Thereby encrypted content and content sign indicating number are not necessarily corresponding one by one.

Each finishing clauses and subclauses comprises and will be used as the transform data of replacement data and the record position information of transform data.Below with reference to Fig. 8, explanation will be recorded in the finishing strips destination data structure in the finishing table.

Fig. 8 graphic extension is included in the data structure example of the finishing clauses and subclauses (FixUpEntry) in the finishing table block.As shown in Figure 8, finishing clauses and subclauses (FixUpEntry) comprise following data.

Type_indicator: type identifier [00: do not have conversion, 01b: with the processing of transform data, 10b, 11b: with the processing of the transform data that comprises distinguishing mark]

FM_ID_bit_position: the discrimination bit position of the player ID corresponding with the transform data that identifier is set

Relative_SPN: the position (from the number of the grouping of PMT grouping) that will be employed the grouping of transform data

Byte_position: transform data is recorded in the position in the grouping

Overwrite_value: transform data (also comprising the transform data that identifier is set)

Relative_SPN_2: the position (from the number of the grouping of PMT grouping) of using the grouping of second transform data

Byte_position_2: transform data is recorded in the position (corresponding to second transform data) in the grouping

Overwrite_value_2: second transform data (also comprising the transform data that identifier is set)

Data structure is made of described data.

The finishing clauses and subclauses are configured to write down the transform data that is used to replace a part of content-data, with the data that positional information is set about the transform data of content, these finishing clauses and subclauses are read from the finishing table, serve as the content sign indicating number of the conversion process program that comprises the order of content configuration data replacement processing execution with execution, thereby realize data conversion.

The information [type_indieator] in finishing clauses and subclauses (FixUpEntry) information shown in Fig. 8 of being included in is that the register information that is used to discern the finishing table is (a) as described below or type identifier (b), that is:

(a) with the relevant register information of transform data that broken data conversion is become correct content-data, perhaps

(b) with the relevant register information of the transform data that identifier is set of the identifying information that embeds reproducer or content playback application program.

Register information [FM_ID_bit_position] is in order to determine processing mode, the bit position information that will consult from the reproducer that is made of a plurality of positions or the identifying information that reproduces application program.For processing mode is determined in data conversion, for example make under the place value of will be from the reproducer that is made of a plurality of position or reproducing institute's rheme that the identifying information used consults is 1 situation, with the replacement that is registered in the transform data execution content configuration data that identifier is set in the finishing table, be under 0 the situation, not carry out replacement in the place value of the institute's rheme that will consult.

Attention can realize wherein carrying out conversion described being referenced as under 0 the situation, does not carry out the scheme of conversion under it is 1 situation.Perhaps, can realize being 0 at described reference bit wherein, and transform data indicates that it is under 1 the situation, transform data is set as independently transform data, selects and be provided with the configuration of transform data rightly according to the place value of reference bit.

As shown in Figure 7, finishing clauses and subclauses 301-0～301-n is also disperseed and is recorded among each encrypted content 300-0～300-n.Encrypted content 300 is set as the TS stream of packets, and the finishing clauses and subclauses is set by the grouping of distributed and saved in its part, that is, and and finishing clauses and subclauses stores packets 307a～307d.

The transform data of each finishing clauses and subclauses stores packets is recorded in each finishing clauses and subclauses of being arranged to such dispersed record data thus.The finishing clauses and subclauses of dispersed record in encrypted content 300 are identical with finishing clauses and subclauses in being included in finishing table 303, carry out the messaging device of content playback or obtain transform data from the finishing clauses and subclauses 301 of dispersed record in content, and replacement data, perhaps the finishing clauses and subclauses from finishing table 303 304 obtain transform data, and replacement data, this depends on the standard of reproduction (player) application program.

As shown in Figure 7, content is segmented into the predetermined unit of data (SP fragment) of a plurality of fragments.The finishing clauses and subclauses experience that comprises each transform data is used parameters different concerning the content of each scheduled unit (segment unit) (SP: calculating secret parameter) or encryption, and be stored in the finishing table 303.By carrying out each fragment is used different parameters (SP: the finishing clauses and subclauses in calculating secret parameter) or encryption, the recorded and stored TS grouping in content according to identical mode.

The messaging device of carrying out data conversion process (it is that the data of carrying out are replaced processing) when reproducing content obtains secret parameter (SP1 in proper order, SP2, SP3, ...), calculating or encryption that execution is used the parameter (SPn) that obtains to the finishing clauses and subclauses corresponding with each fragment position, thus the processing that obtains transform data carried out.

An object lesson of replacing based on the data of transform data is described below with reference to Fig. 9 and 10.At first, carried out processing example that data replace by obtaining to comprise by the finishing table block configuration data of the transform data of dispersed record in content with reference to figure 9 explanation.

In Fig. 9, (a) graphic extension is recorded in the structure of the content in the information recording carrier 100.The finishing clauses and subclauses that comprise transform data and record position information by dispersed record in the grouping of the TS shown in Fig. 9 307a～d.

Below with reference to (b) among Fig. 9 data replacement processing sequence is described.Processing shown in (b) among Fig. 9 is the processing of carrying out reproduction (player) application program of main frame.In (b) graphic extension content configuration data among Fig. 9, belong to fragment ID=N, a part of TS stream of packets of the content of N+1.

For example, comprise the finishing clauses and subclauses 315 after nonequivalence operations are preserved in the finishing strips purpose grouping 311 that is recorded among the fragment ID=N, it is the distance result calculated data with secret parameter (SPx).The execution data are replaced main frame reproduction (player) application program execution secret parameter (SPx) 316 of processing and the XOR of the finishing clauses and subclauses 315 after the distance calculates, thereby obtain finishing clauses and subclauses 317, and from finishing clauses and subclauses 317 acquisition transform data and record position informations, thereby the grouping 312a and the b execution replacement of replacing the position in data are handled.

The parameters calculated (SPx) that is applied to obtain to repair clauses and subclauses 317 is supplied with from secret VM 320.For example, reproduce (player) application program and obtain to serve as the secret parameter ID (SP_ID) of the secret parameter appointed information corresponding with each fragment, and the secret parameter computation requests of the notice that comprises secret parameter ID exported to secret VM with the form of interrupting (INTRP) request, so that obtain the necessary secret parameter of each fragment (SPn) of content.(SP_ID) corresponding secret parameter (SPx) is calculated and be somebody's turn to do to secret VM response from the secret parameter computation requests of reproducing (player) application program, and it is offered reproduction (player) application program with the form that responds (Call).

As shown in Figure 9, obtain finishing strips purpose parameters calculated (SPx) for being applied to, different fragments has different parameters.For example, each fragment is set up the content playback time into about 10 seconds, reproduces per 10 seconds of (player) application program and receives parameters different concerning each fragment from secret VM, recovers the finishing clauses and subclauses, obtain transform data from the finishing clauses and subclauses of recovering, and carry out data and replace processing.

Below, with reference to Figure 10 explanation be not to disperse and be recorded in finishing clauses and subclauses in the content by using, but use finishing clauses and subclauses 304 in the finishing table 303 be kept at the content sign indicating number 302 in the information recording carrier, the general survey of the processing under the situation of carrying out replacing about the data of content.

As shown in (a) among Figure 10, as the explanation with reference to figure 9, content is segmented into the predetermined unit of data of a plurality of fragments.Finishing clauses and subclauses 304 experience that comprise the transform data that is recorded in the finishing table 303 are used parameter (SP: calculating secret parameter) or encryption different concerning the content of each scheduled unit (segment unit).

The messaging device of carrying out data conversion process (it is that the data of carrying out are replaced processing) when reproducing content obtains secret parameter (SP1 in proper order, SP2, SP3, ...), calculating or encryption that execution is used the parameter (SPn) that obtains to the finishing clauses and subclauses that comprise the transform data corresponding with each fragment position, thus the processing that obtains transform data carried out.

Below with reference to (b) among Figure 10 data replacement sequence is described.Processing shown in (b) in Figure 10 is to reproduce the processing that (player) application program is carried out at main frame.In (b) graphic extension content configuration data among Figure 10, belong to fragment ID=N, a part of content TS stream of packets of N+1.

For example, carrying out about fragment ID=N under the situation of data replacement, obtaining finishing clauses and subclauses 304, subsequently the selection finishing clauses and subclauses corresponding from the finishing clauses and subclauses 304 that obtain with fragment ID=N from finishing table 303.But finishing clauses and subclauses x 315 is recorded in finishing table 303 by calculate the finishing clauses and subclauses 315 of the distance that nonequivalence operation obtains about the exclusive secret parameter (SPx) of fragment that interrelates with fragment N.

The execution data of main frame are replaced reproduction (player) application program handled and are calculated by the distance that the finishing clauses and subclauses 315 after the secret parameter (SPx) 316 that provides from secret VM 320 and the distance are provided, obtain finishing clauses and subclauses 317, and from finishing clauses and subclauses 317 acquisition transform data and record position informations, thereby carry out the replacement processing of replacing the grouping 312a and the b of position about data.

According to the identical mode of above-described processing example, the parameters calculated (SPx) that is applied to obtain to repair clauses and subclauses 317 is supplied with from secret VM 320.For example, reproduce (player) application program and obtain secret parameter ID (SP_ID) (it is the secret parameter appointed information corresponding with each fragment), and the secret parameter computation requests of the notice that comprises secret parameter ID exported to secret VM with the form of interrupting (INTRP) request, so that obtain the necessary secret parameter of each fragment (SPn) of content.Note, obtain secret parameter ID (SP_ID) information necessary and for example be kept in the finishing table 303.

Secret VM response is calculated the secret parameter (SPx) corresponding with this SP_ID from the secret parameter computation requests of reproducing (player) application program, and its form with response (Call) is offered reproduction (player) application program.

As shown in Figure 10, obtain finishing strips purpose parameters calculated (SPx) for being applied to, different fragments has different parameters.For example, each fragment is set up the content playback time into about 10 seconds, reproduces per 10 seconds of (player) application program and receives parameters different concerning each fragment from secret VM, recovers the finishing clauses and subclauses, obtain transform data from the finishing clauses and subclauses of recovering, and carry out data and replace processing.

Thereby reproduction (player) application program of carrying out content playback receives secret parameter from secret VM, and is unit with each fragment, carry out and calculate, carry out the finishing strips purpose and recover, the finishing clauses and subclauses are configuration datas of finishing table block, obtain the finishing clauses and subclauses of recovery, the line data of going forward side by side is replaced.For example understand the situation of the calculating of using nonequivalence operation (XOR) conduct application secret parameter though note above-described processing example, but also can use other computing.In addition, can realize wherein the scheme that performs encryption processing etc. by using secret parameter.

5. reproduce the processing of (player) application program and secret VM

Under the situation of carrying out above-mentioned processing, when carrying out content playback, reproduction (player) application program obtains the different secret parameter (SP1 in some segment units successively, SP2, SP3...), mean concerning secret VM, must obtain secret parameter, and when reproducing the fragment conversion at every turn, carry out data and replace.

Under the situation of obtaining processing of carrying out this secret parameter (SP), reproduction (player) application program is notified to secret VM to secret parameter ID (SP_ID) with the form of secret parameter appointed information, thereby determines essential SP.The information that obtains this secret parameter ID (SP_ID) for example is recorded in the finishing table, reproduces (player) application program according to the information that is recorded in the finishing table, obtains the secret parameter ID (SP_ID) corresponding with fragment.

Obtaining in processing or the like of this secret parameter (SP), reproduce transmission of (player) application program and reception data processing request and response about secret VM.Below with reference to a series of processing sequence of Figure 11 explanation by reproduction application program and secret VM execution.

As described in reference to Figure 1, the transmission of information between reproduction (player) application program 150 and the secret VM 160 or processing request is by a series of sequence realization from reproduction (player) application program 150 interruptions to secret VM 160 (INTRP) and the response (Call) from secret VM 160 to reproduction (player) application program 150.

Processing sequence graphic extension shown in Figure 11 is preserved the information recording carrier of content to ejecting described information recording carrier, in the type of reproducing the processing of carrying out between (player) application program 150 and the secret VM160 from insertion.

For example, step S11 is that the medium initialization of carrying out when inserting information recording carrier (Disc (dish)) (Media Initialize) is handled, wherein reproduce (player) application program 150 and handle content sign indicating number file (Content Code File) its storer of packing into of necessary code information, and begin to carry out preserving initial reproducing.The manufacturer of the definite reproduction of content sign indicating number file (Content Code File) (player) application program, model etc.

For example, secret VM 160 determines whether the model that obtains is the model that safety problem had taken place in the past, in the model that obtains is to have taken place by carrying out content sign indicating number (Content Code) inspection whether similarly safety problem to have taken place under the situation of model of safety problem in the past.For example, some values among the RAM of fox message treatment facility or the operation of a certain equipment are observed them and whether are in correct state.Notice that the scrutiny program that is used for every kind of model may and be not included in the content sign indicating number file that initial loading is gone into, and in this case, visits another essential content sign indicating number file.When secret VM 160 finished this initialization process, response (Call) was circulated a notice of to reproducing application program 150, and flow process enters next step S12.

At step S12, carry out title initialization process (Title Initialize).Title is used as the appointed information of content to be reproduced, and specifies according to the user, selects and the title corresponding with a certain content to be reproduced, and request of title initialization process and heading message are exported to secret VM 160 from reproducing (player) application program 150 together.

By collecting and reproducing the essential corresponding transform data information of all montages of described title, secret VM 160 produces the finishing table on the storer of secret VM 160, and, can obtain the finishing table thereby reproduce (player) application program 150 position informing reproduction (player) application program 150 of preserving the finishing table in the storer.Be also noted that during the title initialization, can carry out with about the same security inspection of the initialized security inspection of the medium among the step S11.

Below with reference to Figure 12, illustrate and during the title initialization process, carry out, by collecting and reproducing the essential corresponding transform data information of all montages of title, on the storer of secret VM 160, produce the example of the processing that finishing shows.Figure 12 graphic extension secret VM 160 spendable memory blocks (for example 2MB).The content sign indicating number is stored in the described memory block, and described content sign indicating number is the code information of the data conversion handling procedure that comprises that secret VM 160 has obtained from information recording carrier.Notice that described content sign indicating number comprises the finishing table through the obfuscation such as encrypting.In addition, the data conversion handling procedure example is used to obtain the key (SP: secret parameter) that a finishing table through obfuscation changes over received text.In other words, obtain finishing table and use the program of its positional information (packet number relatively) and rewrite information (overwrite_value) can be by reproducer (reproduction application program) rather than information recording carrier preservation.

When from reproduction (player) application program 150 input header initialization requests, when needs, secret VM 160 is according to the content sign indicating number, carry out the decryption processing of the finishing table of collecting the corresponding transform data information of all montages essential with reproducing title, and with treated state, distance state for example described above (masked state) is kept at it in storer, and the memory storage location notice is reproduced (player) application program 150.So that the form from the response (Call) of the title initialization requests (INTRP) of reproducing (player) application program 150 is carried out this notifier processes.

When the response (Call) of receiving from secret VM 160 about title initialization requests (INTRP), reproduce the finishing table conservation zone of (player) application program 150 from the memory block that secret VM 160 uses and duplicate essential data division, and it is saved in the memory block that reproduction (player) application program 150 can use.For example, being used to of earlier in respect of figures 6-9 explanation obtains to determine that with the security parameter ID (SP_ID) of the secret parameter ID (SP_ID) of a fragment correspondence of content table is extracted, and is replicated and is saved in the memory block that reproduction (player) application program 150 can use.

In this replication processes, reproduce (player) application program 150 content conversion process and all essential information of reproduction processes, such as the configuration data of preserving finishing strips purpose finishing table, specify the information that is included in the secret parameter ID (SP_ID) corresponding in the finishing table etc. to be kept in the memory block that reproduction (player) application program 150 can use with fragment.

Return Figure 11, go on to say the processing sequence between reproduction (player) application program 150 and the secret VM160 below.Step S13 calculates (Compute_SP) corresponding processing with secret parameter (SP), wherein reproduce (player) application program 150 to secret VM 160 output SP computation requests (INTRP), secret VM 160 returns result of calculation (SP) with the form of response (Call) to reproducing (player) application program 150.Under the situation of secret VM 160 output SP computation requests (INTRP), reproduce the notice that (player) application program 150 is sent as the SP_ID of SP appointed information.

Processing among the step S14 is to handle from other request of operating about except that secret parameter is calculated of reproducing (player) application program 150 to secret VM 160.For example, the processing in step S14 is to carry out under the situation of the Request Processing of security inspection, and secret VM 160 execution are handled with this request is corresponding, and to respond the form of (Call), the result notice are reproduced (player) application program 150.Note to reproduce (player) application program 150 and secret VM 160 and can both write register with read operation to it and be used to this information and transmit, for example player status registers, register (PSR).

Processing among the step S15 is that the medium when ejecting information recording carrier (Disc) finishes (Media Finalize) processing, and content sign indicating number (content code) treatment state is recorded in the nonvolatile memory simultaneously.This processing makes when next CD is inserted into that the security inspection information in past can continue to use.

As previously mentioned, reproduce the information between (player) application program 150 and the secret VM 160, the transmission of handling request and response in other words realizes by handling to the response (Call) of reproducing (player) application program 150 from reproduction (player) application program 150 interruptions to secret VM 160 (INTRP) with from secret VM 160.

6. content playback is handled

Illustrate that below with reference to Figure 13 main frame is with the content playback processing of carrying out.From the left side, information recording carrier 330, information recording carrier 330 that encrypted content is preserved in Figure 13 graphic extension are placed into wherein so that carry out the driver 340 of data read and be connected with driver so that can realize the main frame 345 of data communication, main frame 345 obtains to be kept at content in the information recording carrier 330 by driver 340, and carry out and reproduce application program, described reproduction application program is carried out the reproduction of content of described acquisition and is handled.

Note, main frame 345 shown in Figure 13 is shown as reproduction (player) application blocks 350 that execution such as contents decryption, decoding, data conversion etc. handle by segmentation table and has 360 of the secret VM of the secret VM 360 of execution secret parameter (SP) computing etc.

The content sign indicating number 334 that comprises MKB (media key block) 331, title key file 332, encrypted content 333 and conversion process program is disperseed and is recorded in the information recording carrier 330, encrypted content 333 comprises finishing clauses and subclauses 335, and the content sign indicating number comprises and comprises identical finishing strips purpose finishing table.Main frame 345 is held and will be applied to the Device keys 351 that MKB handles.

The following describes the main frame 345 shown in Figure 13 is kept at the content in the information recording carrier 330 by driver 340 acquisitions and reproduction processing sequence.At first, before reading the content that is kept in the information recording carrier 330, main frame 345 and driver 340 are carried out checking mutually in step S101.Described mutual checking is to confirm that main frame and driver all are the processing of authorisation device or application software.Various processing can be applied to this mutual authentication processing sequence.As the mutual authentication processing result, the session key (Ks) that driver 340 and main frame 345 are shared as shared secret key.

In step S101, between main frame and driver, carry out checking mutually, and after session key (Ks) is shared, in step S102, the reproduction of main frame 345 (player) application program 350 obtains by the MKB 331 of drive records in information recording carrier 330, be kept at the processing that Device keys 351 in the storer is carried out MKB 331 by application, and obtain media key (Km) from MKB.

As mentioned above, MKB (media key block) the 331st is according to the encryption key block of tree structure cipher key distribution system (a kind of broadcast encryption method) generation, and be to make the acquisition of media key (Km) become possible key information piece, media key (Km) is the necessary key of contents decryption, can only be by obtaining based on the processing (deciphering) that is kept at the Device keys (Kd) in the equipment with valid license.

Subsequently, in step S103, be used to carry out the deciphering of the title key file 332 that reads from information recording carrier 330 from the media key (Km) that handle to obtain by the MKB the step S102, thereby obtain title key (Kt).The title key file 332 that is kept in the information recording carrier 330 is the files that comprise by the media key ciphered data, and the title key (Kt) that is used for the deciphering of content can be obtained by the processing of applicating medium key.Note decryption processing application examples among the step S103 such as AES cryptographic algorithm.

Subsequently, the reproduction of main frame 345 (player) application program 350 is read the encrypted content 333 that is kept in the information recording carrier 330 by driver 340, the content of reading is kept in the trace buffer (track buffer) 352, in S104, the content that is kept in the impact damper is carried out the decryption processing of using title key (Kt), and obtain the content of deciphering.

The content of deciphering is stored in the plaintext TS impact damper 353.The meaning of the plaintext transport stream of (Plain TS) expression deciphering.Now, the decryption content that is kept in the plaintext TS impact damper 353 is the content that comprises above-mentioned broken data, and it can not be reproduced same as before, so need to carry out predetermined data conversion (by the data replacement that rewrites).

Processing example shown in Figure 13 is wherein to obtain the finishing clauses and subclauses of dispersed record in some groupings of the configuration data of encrypted content, extracts transform data from it, the processing example that the line data of going forward side by side is replaced.That is, the data conversion that this equates earlier in respect of figures 9 explanations is handled.

Cutting apart and being recorded in finishing clauses and subclauses in the content is data that record is used for decryption content is replaced the record position of the transform data transform data of identifier (or be provided with) of processing and record coversion data.

Secret VM 361 reads the content sign indicating number 334 that comprises the data conversion handling procedure from information recording carrier 330, described data conversion handling procedure comprises command code information, and according to from the control of event handler 354 and the output of player information 355, during the content playback or before output is handled and during handling, produce to change the finishing that is recorded in the information recording carrier 330 off and on and show necessary secret parameter (SP1, SP2, SP3...), and with itself and content output to together in the plaintext finishing table.Carry out this processing off and on.

As mentioned above, (SP1, SP2 are the encryption CALCULATION OF PARAMETERS that changes for the fragment corresponding with predetermined content data unit SP3...) to secret parameter, specifically, are distance (XOR) computing parameters.Secret VM 361 is according to the request from reproduction (player) application program, carry out to produce off and on and export and recover to repair the necessary parameter (SP1 of clauses and subclauses, SP2, processing SP3...), described finishing clauses and subclauses are the configuration datas by the finishing table block of the computing modification of encryption.

Reproducing (player) application program 350, in step S104, execution comprises the deciphering of finishing strips purpose encrypted content 333, in step S105, the finishing clauses and subclauses are separated by the processing of demultiplexer, and described finishing clauses and subclauses are the configuration datas that are recorded in the finishing table in the content, in step S106, under the control of real-time event processor 356, execution list is recovered and data conversion is handled.Because the control of real-time event processor 356, reproduce (player) application program 350 to interrupt the form of (INTRP), the secret parameter computation requests corresponding with the transformation of fragment exported to secret VM 361, receive secret parameter (SP1 from secret VM 361, SP2, SP3...), carry out the deciphering of finishing table block or calculate obtaining expressly to repair table block, and obtain to be included in finishing clauses and subclauses in the finishing table block of acquisition.

Finishing strips program recording transform data, promptly, (a) transform data, (b) transform data of identifier is set, with the record position appointed information of above-mentioned transform data in content, in step S106, reproduce (player) application program 350 to export the form of handling parallel real-time processing with content playback processing or outside simultaneously, the data conversion processing of write operation is carried out in execution to assigned address.

For example, parameter (SP1, SP2 are that the recovery among the step S106 is handled as follows under the situation with the parameter of carrying out distance (XOR) computing corresponding to the finishing clauses and subclauses of the fragment of serving as predetermined content partial data unit SP3...):

[finishing clauses and subclauses 1] (XOR) [SP1]

[finishing clauses and subclauses 2] (XOR) [SP2]

[finishing clauses and subclauses 3] (XOR) [SP3]

Or the like.

Carry out its nonequivalence operation and handle, thereby obtain to be included in the finishing clauses and subclauses of repairing in the table block data.Notice in the superincumbent expression formula that [A] (XOR) [B] means the nonequivalence operation of A and B.

Thereby (the finishing clauses and subclauses that are included in the content 333 that is recorded in the information recording carrier are preserved in nonequivalence operation SP3...) for SP1, SP2 about secret parameter by calculating.Constantly obtain and export these secret parameter by secret VM 361.

During table recovery in step S106 and data conversion are handled, from using secret parameter (SP1 by utilizing, SP2, SP3...) calculating or encryption and the finishing clauses and subclauses that are restored obtain transform data, replace the broken data that are included in the content with transform data (being correct content configuration data), in addition, carry out wherein the data rewrite of replacing the transform data that identifier is set with a part of content-data and handle, thereby the data that are kept at after data in the plaintext TS impact damper 353 change over conversion.Below with reference to Figure 14 the general survey that this data conversion is handled is described.

The encrypted content 333 that is kept in the information recording carrier is kept at the trace buffer 352 that is arranged in host computer side temporarily.Described encrypted content is that data 401 are preserved in the trace buffer shown in Figure 14 (1).The deciphering of encrypted content (that is, data 401 are preserved in trace buffer) is carried out by the decryption processing of main frame side, and the decrypted result data are stored in the plaintext TS impact damper 353.Described decrypted result data are the decrypted result data 402 shown in Figure 14 (2).

Decrypted result data 402 comprise broken data 403, and broken data 403 are not correct content configuration data.The data conversion processing unit of main frame is carried out the processing of replacing broken data 403 with transform data 404 (correct content configuration data).For example with about writing the expressly data of TS impact damper 353, the form that rewrites a part of data is carried out this replacements processing.

In addition, the data conversion that main frame is carried out is handled and is not only the processing of replacing broken data with transform data (normal content-data), and be the processing of replacing a part of configuration data in the decrypted result data 402 with the transform data 405 that identifier is set, as shown in Figure 14.

As mentioned above, identifier is to make the configuration bit of identifying information can discern content reproducing device or content playback application's data.Object lesson is the configuration data of the identifying information (player ID) that serves as the messaging device of the player of carrying out host application program, the perhaps distinguishing mark that produces according to player ID.As previously mentioned, the transform data that identifier is set is wherein in the degree that does not influence reproduction of content, the data that the place value of correct content-data has slightly been changed.

A large amount of transform datas that identifier is set 405 are set in the content, and the transform data 405 that the many groups of Collection and analysis are provided with identifier for example can be determined player ID.The transform data 405 that identifier is set is wherein in can realizing the degree that normal content is reproduced, and the configuration bit of normal content data is changed, and wherein can realize position (distinguishing mark configuration bit) established data by the mpeg bit stream analysis.

Transform data 404 shown in a large amount of Figure 14 is registered in the finishing table that is stored in the information recording carrier with the transform data 405 that identifier is set, and in addition, registers the writing position information of these transform datas 404,405.According to repairing the information and executing data conversion processing that table is preserved, replace the data that are kept in the plaintext TS impact damper 353 with the data after the conversion shown in Figure 14 (3) 406.

Subsequently, by network etc., the TS after the conversion (transport stream) is output outwards, and externally reproducer is reproduced.Perhaps,, in step 107, carry out conversion from transport stream (TS) to basic stream (ES) by the processing of demultiplexer, in addition, in decoding processing (step S108) afterwards, reproduced by the display loudspeaker.

7. content sign indicating number administration configuration

As mentioned above, just be recorded in the reproduction of content in the information recording carrier, must use the finishing table that is included in the content sign indicating number, and use the conversion process program that is included in the content sign indicating number, handle by reading content from information recording carrier.The content sign indicating number also comprises will be applied to be used to carry out program or the information that starts processing, security inspection processing etc., and when the use content, obtains also to carry out the content sign indicating number.

The execution of content sign indicating number is handled mainly and is carried out by secret VM, and secret VM is by the messaging device setting of carrying out reproduction of content.Secret VM works to carry out the data processing unit of content sign indicating number, and it obtains to comprise the program of the use that is suitable for being recorded in the encrypted content in the information recording carrier or the content sign indicating number of application information, and carries out data processing according to the content sign indicating number that obtains.

The content sign indicating number is configured to and the irrelevant file of content, and is recorded in the information recording carrier.Therefore, can carry out the processing of separately the content sign indicating number being transferred to another information recording carrier, perhaps the processing of a reproducting content sign indicating number.When the leakage that the content sign indicating number takes place, propagating contents sign indicating number and when carrying out unwarranted use exists many contents to be caused the possibility of heavy losses by unauthorized reproduction and use without permission.Below, explanation is prevented the configuration of this unauthorized use of content sign indicating number.

The data type that is included in the content sign indicating number 500 that will be recorded in the information recording carrier is described below with reference to Figure 15.As mentioned above, program and the finishing table that the data conversion that is applied to content is handled is recorded in the content sign indicating number 500.For example, the finishing table is the data that comprise transform data, and described transform data plays the replacement data of the configuration data of each content, and the finishing table must be the exclusive data of content, but for example conversion process program etc. is the data that each content can be configured to common code information.

The content sign indicating number also comprises corresponding to carrying out the messaging device that content playback is handled, perhaps the reproduction that will carry out in messaging device (player) application program and the information or the program that are provided with.For example, at the messaging device of a plurality of different vendors or reproduce under the situation of using the content sign indicating number in the application program, a plurality of codes corresponding to each equipment or application program are recorded in the content sign indicating number, each player (equipment or reproduction application program) is handled by the corresponding code of player (equipment or reproduction application program) of selection in the exclusive code of the player from be included in the content sign indicating number (equipment or reproduction application program) with it.

Thereby various data are included in the content sign indicating number 500.Described data are divided into four kinds of classification roughly, as shown in Figure 15.That is,

(a) the total data 501 of all the elements and all players (equipment or reproduction application program)

(b) the exclusive data 502 of content

(c) the exclusive data 503 of player (equipment or reproduction application program)

(d) the exclusive data 504 of content and player (equipment or reproduction application program)

The concrete data content of each data will be described below.

The total data 501 of all the elements and all players (equipment or reproduce application program) are to comprise all messaging devices or reproduce information that application program can public use or the data division of program, specifically, for example it comprises following information and program.

(a1) with the relevant program of startup routine: for example, carry out, read the data of deficiency when loading first, confirm whether the content that is recorded in together in the information recording carrier (Disc) is the program of the processing of authorized content and so on such as checking the initialize memory state.

(a2) utility routine (to the visit of external record etc.) program: for example, by using the spendable program of nonvolatile memory access function.Under the situation that the information that the content sign indicating number of this program can use is recorded, data can be read and use.

(a3) player identification routine: a kind ofly obtain to carry out at present equipment that reproduces or the information of reproducing application program, and determine that whether this is the program of the target of extra security inspection.Under the situation of the extra inspection of needs, be written into content sign indicating number file as required, after this carry out extra inspection according to described content sign indicating number file.

(b) the exclusive data 502 of content

The exclusive data 502 of content are the data divisions that comprise information or program exclusive in each content, specifically, for example comprise following information and program.

(b1) finishing table (FixUpTable) information: the finishing table comprises the transform data of describing in the superincumbent processing example.It not only comprises transform data, and comprises that data conversion handles information necessary such as (such as secret (SP) calculation of parameter routine).

(b2) title initialize routine: before the processing that produces finishing table (FixUpTable), and before the reproduction of title,, comprise the routine relevant with the inspection of only depending on content with carrying out under the situation of security inspection.

(c) the exclusive data 503 of player (equipment or reproduction application program) are to comprise the messaging device that is used for playback of content or reproduce the exclusive information of application program or the data division of program, specifically, for example comprise following information and program:

(c1) RunNative operating part, NativeCode: be used to carry out and have only the equipment of carrying out reproduction of content or the processing that application program just has, and carry out information and the program of surveying or improving the function of safety issue.The processing of being carried out by the core schema in the operating system of the messaging device of carrying out reproduction processes has.In addition, when carrying out this and handle, utilize after the validity of signature verification examines, (for example utilize signature about the secret key (PrivateKey) of the PKI of distributing to player manufacturer by the exclusive validity of player being examined function in execution.In other words, in its NativeCode, player device (application program) has the PKI of answering with the secret key pair of distributing to manufacturer, the signature that utilizes this secret key is provided, and utilize the PKI be associated to carry out signature verification) be included among the NativeCode itself detection or the improvement of the safety issue that causes by the execution of these content sign indicating numbers in messaging device side's realization of reproducing content.

The exclusive data 504 of content and player (equipment or reproduce application program) comprise that content is exclusive, also are the messaging devices of playback of content or reproduce the exclusive information of application program or the data of program, specifically, for example comprise following information and program.

(d1) utilize the player validity check part of DiscoveryRAM: by checking the particular value on the storer (RAM) in the equipment that reproduces content, carry out whether check is the information and the program of authorized players (equipment or reproduce application program).Carry out the exclusive state of player by monitoring in the reproduction period specific memory of certain content, confirm correctness.In this case, auditing routine depends on content and player.

(d2) comparing data of DiscoveryRAM: preserve the player validity check that utilizes DiscoveryRAM be used in the above (d1), with the form of actual value (desired value) value relatively on the RAM.

Thereby the content sign indicating number is preserved various information and program, carries out the equipment of reproduction of content and selects to depend on the reproduction content or depend on equipment or the corresponding code information of application program from these content sign indicating numbers, and carry out various processing.

As above described with reference to Figure 15, the content sign indicating number can be divided into four following kinds:

(b) the exclusive data 502 of content

These each content sign indicating numbers are stored in the information recording carrier with the form of single file or accumulation file.The content sign indicating number of these each classifications is difference aspect the entity that produces code respectively.For example, corresponding with the exclusive data of (b) content content sign indicating number is provided with by the studio of serving as contents producer.In addition, (c) the exclusive data of player (equipment or reproduction application program) are usually served as the reproducer of player or the entity generation of reproduction application program by production.

Below with reference to the sequence of Figure 16 explanation when the content sign indicating number that is produced like this by different entities is recorded in the information recording carrier.The configuration data of the content sign indicating number that Figure 16 graphic extension is corresponding with above-mentioned four kinds.That is, these content sign indicating numbers are the content sign indicating numbers with one of following four kinds:

(DATA is all the elements and the total data 501 of all players (equipment or reproduction application program) a)

The exclusive data 502 of (DATA b) content

The exclusive data 503 of (DATA c) player (equipment or reproduction application program)

The exclusive data 504 of (DATA d) content and player (equipment or reproduction application program)

These content sign indicating numbers are produced by different entities, that is, and and the studio of generation and content of edit, authorized company, player (equipment or reproduction application program) manufacturer etc.

When these content sign indicating numbers are produced, in step S201 and S202, the signature of the wright of additional each content sign indicating number or performance entity.By using encryption key (secret key) the additional character signature that each entity has.Add digital signature and be in order to verify whether each content sign indicating number is altered and prevented described altering.Attention only illustrates two processing blocks of step S201 and S202 in Figure 16, but each entity that produces each content sign indicating number is looked the number of content sign indicating number to be produced and added its signature.

In step S203, control center (KIC) is attached to its digital signature on the content sign indicating number that will be recorded in the information recording carrier at last.Note working as at (the KIC: also can be called as cipher key distribution center of control center, but it is called as control center in this manual) in when digital signature is set, in the digital verification of finishing each entity, and confirmed under the condition that each content sign indicating number do not altered a new digital signature of control center (KIC) to be set preferably.

The content sign indicating number file that will add the digital signature of control center (KIC) is recorded in the information recording carrier.As for the pattern that is provided with of the signature corresponding, can utilize several different patterns that are provided with being recorded in content sign indicating number in the information recording carrier.The data structure and the signature that will be recorded in the content sign indicating number in the information recording carrier below with reference to Figure 17-20 explanation are provided with example.

Example shown in Figure 17 is that each the content sign indicating number file [xxxxx.svm] 521,522 and 523 that wherein is recorded in the information recording carrier has common file structure, and each file comprises header 531, content code block 532 and digital signature 533 (as shown in the content sign indicating number file 530 among Figure 17).

Header 531 comprises digital signature information, such as the unique ID that serves as the unique identifying information corresponding with the content sign indicating number, and the size of data of the content code block of the solid data of preservation content sign indicating number, the type of digital signature (such as ECDSA) etc.

Content code block 532 is recorded as above-mentioned various content sign indicating numbers the solid data of content sign indicating number.In this example, digital signature 533 is signatures of control center.With regard to this example, the signature of each entity of our supposition except that above-mentioned control center is not included in the content sign indicating number.

Thereby, just wherein all the elements sign indicating number file being provided with the scheme of the signature of control center, the data capacity of all the elements sign indicating number file [xxxxx.svm] is set as

2MB+ header+signature.

2MB is applied to the content code block.

Use the messaging device (subscriber equipment) of the content sign indicating number shown in Figure 17 to carry out the digital signature authentication that is included in the control center in the content sign indicating number, whether checking content sign indicating number is altered, uses described content sign indicating number afterwards.The back will illustrate a concrete processing sequence.

Figure 18 wherein only is provided with signature to being recorded in one of content sign indicating number file in the information recording carrier, other content sign indicating number file is not provided with the scheme example of signature.With regard to the example shown in Figure 18, only realize as the digital signature 533 of control center is set at the content sign indicating number file [00000.svm] as shown in the file 530 of the digital signature 533 that comprises header 531, content code block 532 and control center, and the file 540 of other content sign indicating number file [00001.svm] 522 grades not being provided with the scheme of the digital signature of control center, described other content sign indicating number file [00001.svm] 522 grades are configured to wherein only preserve the file 540 of header 541 and content code block 542.

Its content sign indicating number file that digital signature of control center is set is preferably preserved the file of the content sign indicating number that must carry out at messaging device, and for example wherein record is used to carry out the file of the content sign indicating number that starts routine.

With regard to this scheme example, only under the situation of using content sign indicating number file [00000.svm] 521, use the messaging device of content sign indicating number just to carry out signature verification.Under the situation of using other file, signature verification can be omitted.But, we suppose that realization wherein utilizes the method that is different from digital signature authentication, for example the straightforward procedure such as Hash verification is carried out the checking of altering of each content sign indicating number file that signature wherein is not set, and property that efficiency confirmed is used the scheme of the code of each file afterwards.In this case, for example realize wherein the contrast that is applied to verify with the hashed value record be retained in scheme in the content sign indicating number file.The back will illustrate these processing sequences.

Thereby,, its numerical capacity that content sign indicating number file of signature is set is set as with regard to wherein only one of content sign indicating number file being provided with the scheme of the signature of control center

2MB+ header+signature,

But, to its other content sign indicating number file that signature is not set attaching signature not, needn't consider the processing of signature verification, thereby also needn't work out the restriction of the big or small aspect of content code block, therefore, can be used as other content sign indicating number file to its file that content code block of any size is set.

Below with reference to Figure 19 and the 20 explanations signature at record controls center not only wherein, and write down the making of each content sign indicating number or performance entity signature content sign indicating number file example is set.

Example shown in Figure 19 is that wherein each has common file structure in the content sign indicating number file [xxxxx.svm] 521,522 and 523, and each file comprises header 551, content code block 552, digital signature 1553 and digital signature 2554 (as shown in the content sign indicating number file 550 among Figure 19).

Header 551 comprises digital signature information, such as the unique ID that serves as corresponding to the unique identifying information of content sign indicating number, and the size of data of the content code block of the solid data of preservation content sign indicating number, the type of digital signature (for example ECDSA) etc.Content code block 552 is recorded as above-mentioned various content sign indicating numbers the solid data of content sign indicating number.

Digital signature 1553 is to be kept at the wright of the content sign indicating number in each content sign indicating number file or the signature of performance entity.Digital signature 2554 is signatures of control center.With regard to this example, except the signature of control center, also regulation is preserved the signature of each entity.

Use the messaging device (subscriber equipment) of the content sign indicating number shown in Figure 19 only the digital signature that is included in the control center in the content sign indicating number to be verified, examine the content sign indicating number and whether altered, use described content sign indicating number afterwards.Replacedly, can realize wherein except the digital signature at access control center, also verifying the scheme of the digital signature of each entity.

Figure 20 wherein only is provided with signature to being recorded in one of content sign indicating number file in the information recording carrier, other content sign indicating number file is not provided with the scheme example of signature.With regard to the example shown in Figure 20, realize wherein only the content sign indicating number file [00000.svm] 521 as shown in the file 550 that comprises header 551, content code block 552, digital signature 1553 and digital signature 2554 being provided with wright or the digital signature 553 of performance entity and the digital signature 554 of control center of content sign indicating number, the file 560 of other content sign indicating number file [00001.svm] 522 grades is not provided with the scheme of digital signature, and described other content sign indicating number file [00001.svm] 522 grades are configured to wherein only preserve the file 560 of header 561 and content code block 562.

The same with the example of earlier in respect of figures 18 explanation, its content sign indicating number file that digital signature is set is preferably preserved the file of the content sign indicating number that must carry out at messaging device, for example wherein record is used to carry out the file of the content sign indicating number of startup routine.

With regard to this scheme example, only under the situation of using content sign indicating number file [00000.svm] 521, use the messaging device of content sign indicating number just to carry out signature verification.Under the situation of using other file, signature verification can be omitted.But, we suppose that realization wherein utilizes the method that is different from digital signature authentication, for example the straightforward procedure such as Hash verification is carried out the checking of altering of each content sign indicating number file that signature wherein is not set, and property that efficiency confirmed is used the scheme of the code of each file afterwards.In this case, we suppose realization wherein the contrast that is applied to verify with hashed value record be retained in scheme in the content sign indicating number file.

Below with reference to the process flow diagram shown in Figure 21 and 22, the processing sequence of the use of the content sign indicating number in the messaging device that utilizes the content sign indicating number to carry out data processing is described.

Figure 21 is the content sign indicating number file structure of graphic extension with regard to earlier in respect of figures 17 and 19 explanations, promptly, just wherein all the elements sign indicating number file all is provided with the process flow diagram of the processing sequence that the file of digital signature is provided with, Figure 22 is the content sign indicating number file structure of graphic extension with regard to earlier in respect of figures 18 and 20 explanations, that is, just wherein only a content sign indicating number file is provided with the process flow diagram of the processing sequence that the file of digital signature is provided with.

At first, just wherein all the elements sign indicating number file is provided with the processing sequence of use of content sign indicating number of the file setting of digital signature with reference to Figure 21 explanation.Notice that this processing sequence carried out by the secret VM that the messaging device that is used to reproduce content is provided with.Secret VM plays data processing unit, and described data processing unit obtains to comprise the program of the use that is suitable for being recorded in the encrypted content in the information recording carrier or the content sign indicating number of application information, and carries out data processing according to the content sign indicating number that obtains.

At first, in step S301, the data processing unit (secret VM) of the messaging device of use content sign indicating number is carried out the signature verification process of content sign indicating number file [00000.svm].Secret VM carries out the checking of the digital signature of the control center (KIC) that content sign indicating number file [00000.svm] is provided with.Specifically, secret VM for example carries out the digital signature authentication (for example ECDSA signature verification algorithm) of the PKI at application controls center (KIC).

In step S302, determine that in signature verification the use of content sign indicating number is ended under the content sign indicating number situation that file is invalid, finish with aftertreatment.

In step S302, determine under the effective situation of content sign indicating number file in signature verification, flow process enters step S303, at step S303, the content sign indicating number file of reading from information recording carrier [00000.svm] is loaded into the memory block of secret VM use, and in step S304, the content sign indicating number of executive logging in content sign indicating number file [00000.svm].The content sign indicating number that attention is recorded in the content sign indicating number file [00000.svm] for example is the actuating code of startup routine, and uses the messaging device that is kept at the content in the information recording carrier at first to carry out processing according to the checking processing of content sign indicating number file [00000.svm], the order of pack into processing and code execution processing.

Subsequently, in step S305, determine whether to use the content sign indicating number file in the adaptive memory that is not loaded into secret VM, under the situation of needs, flow process enters step S306, at step S306, new content sign indicating number file [xxxxx.svm] is installed to the reading order on the storer of secret VM to driver output.

Subsequently, at step S307, secret VM checking is to the digital signature of the control center (KIC) of content sign indicating number file [xxxxx.svm] setting.In step S308, determine that in signature verification the use of content sign indicating number is ended, and finishes with aftertreatment under this content sign indicating number situation that file is invalid.

In step S308, determine under the effective situation of content sign indicating number file in signature verification, flow process enters step S309, at step S309, secret VM packs the content sign indicating number file of reading from information recording carrier [xxxxx.svm] into the memory block that secret VM uses, and carries out this content sign indicating number file [xxxxx.svm].

In step S310, the content playback that carries out the user does not finish, and perhaps under the situation that title not have to stop, flow process returns whether definite among the step S305 needs to use and the processing of another content sign indicating number of packing into.In step S310, the content playback that carries out the user finishes, and perhaps under the situation that title stops, processing finishes.

Below with reference to the process flow diagram shown in Figure 22, explanation is provided with regard to the content sign indicating number file of earlier in respect of figures 18 and 20 explanations, promptly, just wherein only a content sign indicating number file is set digital signature, not the processing sequence of the use of the content sign indicating number concerning the file setting of other content sign indicating number file setting digital signature.Notice that this processing sequence carried out by the secret VM that the messaging device that is used to reproduce content is provided with.

At first, in step S401, use the signature verification process of the messaging device execution content sign indicating number file [00000.svm] of content sign indicating number.The messaging device checking is to the digital signature of the control center (KIC) of control code file [00000.svm] setting.Specifically, messaging device is for example carried out the digital signature authentication (for example, ECDSA signature verification algorithm) of the PKI at application controls center (KIC).

In step S402, determine that in signature verification the use of content sign indicating number is ended under the content sign indicating number situation that file is invalid, finish with aftertreatment.

In step S402, determine under the effective situation of content sign indicating number in signature verification, flow process enters step S403, the content sign indicating number file of reading from information recording carrier [00000.svm] is loaded into the memory block of secret VM use, and in step S404, the content sign indicating number of executive logging in content sign indicating number file [00000.svm].The content sign indicating number that attention is recorded in the content sign indicating number file [00000.svm] is the actuating code that for example starts routine, uses the messaging device that is kept at the content in the information recording carrier at first to carry out processing according to the checking processing of content sign indicating number file [00000.svm], the order of pack into processing and code execution processing.

Subsequently, in step S405, determine whether to use the content sign indicating number file in the adaptive memory that is not loaded into secret VM, under the situation of needs, flow process enters step S406, at step S406, new content sign indicating number file [xxxxx.svm] is installed to the reading order on the storer of secret VM to driver output.

Subsequently, at step S407, messaging device is packed the content sign indicating number file of reading from information recording carrier [xxxxx.svm] into the storer that secret VM uses.

Subsequently, in step S408, by calculating hashed value according to the content sign indicating number configuration data that is kept in the content sign indicating number file [xxxxx.svm], and carrying out control treatment with hashed value about the checking that is kept in advance in the content sign indicating number file [xxxxx.svm], messaging device is carried out the checking of content sign indicating number file.In step S409, determine that in checking the use of content sign indicating number is ended, and finishes with aftertreatment under the content sign indicating number situation that file is invalid.

In step S409, under the effective situation of demonstration validation content sign indicating number file, flow process enters step S410, and at step S410, messaging device is carried out the content sign indicating number that obtains from content sign indicating number file [xxxxx.svm].

In step S411, the content playback that carries out the user does not finish, and perhaps under the situation that title not have to stop, flow process returns whether definite among the step S405 needs to use and the processing of another content sign indicating number of packing into.In step S411, the content playback that carries out the user finishes, and perhaps under the situation that title stops, processing finishes.

Thereby messaging device is configured to when using the content sign indicating number, the digital signature that checking is provided with content sign indicating number file, perhaps carry out Hash verification to confirm the validity of content sign indicating number file, afterwards, carry out the processing of content sign indicating number, thereby prevent that unwarranted code is performed.

The content sign indicating number that each entity produces can be configured to independently data file, and such content sign indicating number file can be repeated to utilize.In other words, in some cases, can be about different interior perhaps different player (equipment or reproduction application program) such content sign indicating number file of public use.The recycling configuration of this content sign indicating number is described below with reference to Figure 23.

In Figure 23, content sign indicating number file 601-604 is by the content sign indicating number file that the content corresponding sign indicating number produces and the performance entity keeps, and representative respectively:

The content sign indicating number file [00000.svm] 601 that content and player are total,

The content sign indicating number file [00001.svm] 602 that content is exclusive,

The content sign indicating number file [00002.svm] 603 that player is exclusive and

The content sign indicating number file [00003.svm] 604 that content and player are exclusive.

The digital signature that each content sign indicating number produces entity or performance entity is attached on these content sign indicating number files 601-604 that is kept at respectively in each entity.

Under the situation of making the information recording carrier that wherein writes down fresh content, each entity can reuse these content sign indicating number files 601-604 that has been used in another content record information recording carrier.

As described in reference to Figure 16, these content sign indicating number files 601-604 is provided for control center, in control center these content sign indicating number files 601-604 is provided with digital signature, and these content sign indicating number files 601-604 is stored in the information recording carrier 610 subsequently.Unique ID that the digital signature of control center (KIC) and control center are provided with is attached on the content sign indicating number that will be recorded in the information recording carrier 610.The content sign indicating number 620 that is recorded in the information recording carrier 610 is comprised finishing table 621, as shown in Figure 23.Structure as the content sign indicating number that is wherein produced by each entity is provided with separately is provided with the particular category structure as shown in bibliographic structure 630.

Thereby, can reuse the content sign indicating number according to various contents, make up needs content sign indicating number of revising and the content sign indicating number that can reuse rightly according to every kind of content, so that be recorded in the information recording carrier.

8. the configuration of messaging device

Below with reference to Figure 24, the hardware configuration example of carrying out the messaging device that reproduces the above-mentioned processing among (player) application program and the secret VM is described.Messaging device 800 has the CPU 809 that all is connected with bus 801, storer 810, the I/O I/F 802 that is used for the I/O digital signal, has the A/D that is used for the I/O simulating signal, the I/O I/F 804 of D/A converter 805, carry out the MPEGCODEC 803 of the Code And Decode processing of mpeg data, carry out the TS-PS treating apparatus 806 that TS (transport stream)-PS (program flow) handles, carry out the cipher processing apparatus 807 of various encryptions (for example mutual checking decryption processing of encrypted content etc.), recording medium 812 such as hard disk drive, with activation record medium 812 and carry out the driver 811 of the I/O of data recording/reproducing signal, CPU 809 is according to from serving as program, the various programs of the ROM 808 of the memory block of parameter etc., comprise OS, content playback and records application program, and be used for the processing that content playback was handled and followed in mutually checking, the programs of handling such as above-mentioned data conversion etc. are carried out data processing.

By connecting bus such as ATAPI-BUS, messaging device (main frame) 800 is connected with driver.Finishing table, content etc. are by digital signal I/O I/F 802 I/O.For example by using aes algorithm etc., encryption and decryption processing are carried out by cipher processing apparatus 807.

The program of noting being used to carrying out content playback or recording processing is stored in the ROM 808, and in executive routine, as required, storer 810 is used to preserve the workspace of parameter and data.

ROM 808 or recording medium 812 are preserved the PKI of administrative center for example, the secret key of main frame, the public key certificate of main frame, and serve as driver CRL that cancels tabulation etc.

When reproduction or outside output content, the data conversion handling procedure that obtains from information recording carrier is employed, thereby carry out processing in handling example according to the various processing sequences that the front illustrates, the for example deciphering of encrypted content, the recovery of finishing table is based on writing of the transform data that is kept at the data in the finishing table etc.

The following describes information recording medium manufacturing apparatus and information recording carrier.That is, explanation is applied to the manufacturing equipment of the information recording carrier of foregoing reproduction processes, its method and information recording carrier.

Information recording medium manufacturing apparatus for example is an equipment of making the information recording carrier 100 of the record data of preserving earlier in respect of figures 1 explanation.As shown in Figure 25, information recording medium manufacturing apparatus comprises content file generating apparatus 901, be used for producing the content file that preservation will be recorded in the content-data of information recording carrier, content sign indicating number file creating apparatus 902, be used to preserve the program that comprises the use that is applied to content or the content sign indicating number of application information, also generate the content sign indicating number file comprise the data that are used to alter checking, with a content file that in content file generating apparatus 901, produces, and the pen recorder 903 of content sign indicating number file logging in information recording carrier that in content sign indicating number file creating apparatus 902, produces.

Content sign indicating number file creating apparatus 902 produces a file, described file is the digital signature based on the data that comprise content sign indicating number (described content sign indicating number is included in the content sign indicating number file), perhaps saves as based on the hashed value of the data that comprise content sign indicating number (described content sign indicating number is included in the content sign indicating number file) to be used to verify the data of altering with being stored in the content sign indicating number file.

In addition, content sign indicating number file creating apparatus 902 produces and preserves a plurality of content sign indicating number files that are segmented into a plurality of different classes of content sign indicating numbers.For example, adopt four kinds of earlier in respect of figures 15 explanations.Pen recorder 903 these a plurality of different classes of content sign indicating number file loggings in information recording carrier.

Attention is under the situation of produce preserving a plurality of content sign indicating number files that will be segmented into a plurality of different classes of content sign indicating numbers, in file to be produced, content sign indicating number file creating apparatus 902 produces all preserves the All Files of a digital signature, perhaps only produces a file as the content sign indicating number file that comprises digital signature data.As for file structure, can adopt the file structure of earlier in respect of figures 17-20 explanation.

In addition, to be recorded in the digital signature that includes only control center (KIC) by the digital signature in the file of content sign indicating number file creating apparatus 902 generations, perhaps comprise the digital signature of control center and be included in the making of the content sign indicating number in each file or the digital signature of performance entity.

The various data that the information recording carrier 910 that is produced like this by information recording medium manufacturing apparatus writes down with reference to figure 1 and other description of drawings.Specifically, information recording carrier is preserved content file and content sign indicating number file of at least one memory contents sign indicating number, and described content sign indicating number file is preserved and comprised and be used to verify the data of altering with being applied to the program or the application information of the use of content, also comprising.

The data of altering that are used for verifying that are included in the content sign indicating number file are digital signature or the hashed values based on the data that comprise content sign indicating number (described content sign indicating number is included in content sign indicating number file).In addition, content sign indicating number file can comprise that preservation will be segmented into a plurality of content sign indicating number files of a plurality of different classes of content sign indicating numbers, and is such as described in reference to Figure 15.

In addition, can comprise and preserve a plurality of content sign indicating number files that are segmented into a plurality of different classes of content sign indicating numbers being recorded in content sign indicating number file in the information recording carrier, and realize wherein in a plurality of log files, the content sign indicating number file that has only a file to be set as to comprise digital signature data, perhaps All Files all comprises the scheme of digital signature, as preceding with reference to as described in Figure 18 and 20.

In addition, with reference to as described in Figure 19 and 20, can realize that content sign indicating number file wherein comprises the scheme of the digital signature of the making of the content sign indicating number that is included in each file or performance entity as preceding.

So far with reference to specific embodiment the present invention has been described.But obviously those skilled in the art can carry out various modifications and replacement to embodiment, and can not break away from essence of the present invention.That is, disclose the present invention with the form of illustration, but the present invention should not be limited to disclosed illustration form.Judge that essence of the present invention should be with reference to the claim part.

A series of processing that attention is described in instructions can be realized by the combination of hardware, software or hardware and software.Under the situation of utilizing software carry out to handle, the program of recording processing sequence can be installed in the storer in the computing machine with built-in specialized hardware and be performed, and perhaps described program can be installed in the multi-purpose computer that can carry out various processing.

For example, program can be recorded in the hard disk or ROM (ROM (read-only memory)) that serves as recording medium.Perhaps, program can be preserved (record) in removable media, in floppy disk, CD-ROM (compact disc read-only memory), MO (magneto-optic) dish, DVD (digital versatile disc), disk, semiconductor memory etc. temporarily or for good and all.Form that can so-called packaged software provides so detachable recording medium.

Attention is except being installed to program on the computing machine from aforesaid detachable recording medium, described program can wirelessly send computing machine to from the download website, perhaps pass through network, send computing machine to such as LAN (LAN (Local Area Network)) or the Internet, simultaneous computer receives the program that transmits in this manner, so that be installed in the built-in recording medium such as hard disk.

In addition, the various processing of describing in the instructions are not limited to carry out according to described sequential, can walk abreast on the contrary or execution independently, depend on the processing power of the equipment of carrying out described processing.Be also noted that the term " system " that uses in this instructions refers to the logical collection of a plurality of equipment, is not limited to the equipment of every kind of structure in single-rack.

Claims

1, the messaging device of the reproduction of content processing of a kind of executive logging in information recording carrier, described equipment comprises:

Data processing unit, be used for from the information recording carrier acquisition content sign indicating number file of the content sign indicating number file that records a plurality of preservation content sign indicating numbers, and according to the content sign indicating number execution data processing of preserving in the content sign indicating number file that obtains, wherein said content sign indicating number comprises program or the application information of carrying out when the recorded content in the use information recording carrier;

Wherein, has a digital signature that is endowed control center at least in described a plurality of content sign indicating number file;

Wherein, at least one file in described a plurality of content sign indicating number files comprises the exclusive program of player, and this content sign indicating number file that comprises the exclusive program of player is endowed the signature based on the exclusive secret key of player,

Wherein said data processing unit is configured to carry out the checking of the digital signature of described control center to be handled, this checking is handled and is allowed checking to be included in altering of whole contents sign indicating number in the described content sign indicating number file, and under the condition of the validity of having confirmed content sign indicating number file as the checking result, carry out data processing according to the program that comprises in this content sign indicating number file; And

Wherein said data processing unit also is configured to obtain to comprise the content sign indicating number file of the exclusive program of player from a plurality of content sign indicating number files that are recorded in described information recording carrier, and to carrying out the checking processing based on the signature of the exclusive secret key of player, and under the condition of having confirmed to be provided with as the checking result based on the validity of the content sign indicating number file of the signature of the exclusive secret key of player, carry out data processing according to the exclusive program of described player.

2, according to the described messaging device of claim 1, wherein said data processing unit is configured to carry out the checking processing of the digital signature that is provided by control center, checking as described digital signature is handled, in addition, carry out the exclusive also checking processing of so provided digital signature of secret key signature with player manufacturer.

3, according to the described messaging device of claim 1, wherein said data processing unit is configured to according to the digital signature that is provided with in each file, carry out with a plurality of content sign indicating number files from be recorded in information recording carrier in the relevant signature verification process of each content sign indicating number file selected with use.

4, according to the described messaging device of claim 1, wherein said data processing unit is configured to according to the digital signature that is provided with in a content sign indicating number file, the signature verification process of selecting in a plurality of content sign indicating number files of execution from be recorded in information recording carrier with the content sign indicating number file that uses, and carry out the checking processing that is different from digital signature authentication of relevant other content sign indicating number file that will use.

5, according to the described messaging device of claim 4, wherein said data processing unit is configured to carry out according to hashed value the checking processing of relevant described other content sign indicating number file that will use.

6, according to the described messaging device of claim 1, the data processing that becomes essential is together handled in the replacement that wherein said data processing unit is configured to carry out in company with some content-datas that its application are included in the finishing table in the described content sign indicating number.

7, according to the described messaging device of claim 6, wherein said data processing unit is configured to carry out the processing that is used for calculating the parameter that the finishing strips purpose that will be applied to be included in described finishing table recovers, concerning each fragment of the sectional area that is set to be recorded in the content in the information recording carrier, described parameter difference.

8, a kind of equipment that is used for recorded information on information recording carrier comprises:

The content file generating apparatus is used for generating the content file that preservation will be recorded in the content-data of information recording carrier;

Content sign indicating number file creating apparatus is used to generate content sign indicating number file, and this content sign indicating number file is preserved and comprised and will be applied to the content sign indicating number of program that content uses or application information and be used to verify the data of altering; With

Pen recorder is used for content sign indicating number file logging that content file that described content file generating apparatus is generated and described content sign indicating number file creating apparatus generate at described information recording carrier,

Wherein, described content sign indicating number file creating apparatus is configured to give described content sign indicating number file with the digital signature of control center, and

Wherein, described content sign indicating number file comprises the exclusive program of player, and described content sign indicating number file creating apparatus is configured to and will gives described content sign indicating number file based on the signature of the exclusive secret key of player.

9,, be used for wherein verifying that the described data of altering are the digital signature based on the data that comprise the content sign indicating number that is included in described content sign indicating number file according to the described equipment of claim 8.

10,, be used for wherein verifying that the described data of altering are the hashed values based on the data that comprise the content sign indicating number that is included in described content sign indicating number file according to the described equipment of claim 8.

11, according to the described equipment of claim 8, wherein said content sign indicating number file creating apparatus is configured to carry out the processing that is used to generate a plurality of content sign indicating number files, and described a plurality of content sign indicating number files are preserved and are segmented into a plurality of different classes of content sign indicating numbers;

And wherein said pen recorder is configured to carry out and is used for the processing of a plurality of different classes of content sign indicating number file loggings of having of being generated by described content sign indicating number file creating apparatus at information recording carrier.

12, according to the described equipment of claim 11, wherein said content sign indicating number file creating apparatus is configured to generate preserves a plurality of content sign indicating number files that are segmented into a plurality of different classes of content sign indicating numbers, and carries out and be used for only generating a file as the processing that comprises the content sign indicating number file of digital signature data at the file that generates.

13, according to the described equipment of claim 8, wherein said content sign indicating number file creating apparatus is configured to generate preserves a plurality of content sign indicating number files that are divided into a plurality of different classes of content sign indicating numbers;

And wherein said content sign indicating number file creating apparatus is configured to carry out the form with the file of the digital signature of the wright that comprises the content sign indicating number that is contained in each file or performance entity, generates the processing of each content sign indicating number file.

14, the information processing method of the reproduction of content processing of a kind of executive logging in information recording carrier, described method comprises the steps:

Checking is handled, serve as the verification step that comprises the digital signature that will be applied to be provided with at least one file in a plurality of content sign indicating number files of content sign indicating number of the program used of the recorded content of information recording carrier or application information in preservation, the checking that is used for carrying out the digital signature of altering checking of the whole contents sign indicating number that can realize being included in content sign indicating number file is handled; With

Code is carried out, is used for carrying out data processing according to the content sign indicating number under the condition of validity that checking result as described content sign indicating number confirmed content sign indicating number file,

Wherein, have a digital signature that is endowed control center at least in described a plurality of content sign indicating number files,

Wherein, at least one file in described a plurality of content sign indicating number files comprises the exclusive program of player, and is endowed the content sign indicating number file that comprises the exclusive program of player based on the signature of the exclusive secret key of player,

Wherein said checking treatment step comprises: obtains to comprise the content sign indicating number file of the exclusive program of described player in a plurality of content sign indicating number files that from described information recording carrier, write down, and carries out checking processing based on the signature of the exclusive secret key of player, and

Wherein said code execution in step comprises: under the condition of determining to be provided with based on the validity of the content sign indicating number file of the signature of the exclusive secret key of player, carry out data processing according to the exclusive program of described player.

15, according to the described information processing method of claim 14, it is digital signature according to being provided with in each file that wherein said checking is handled, and carries out the step of the signature verification process relevant with each the content sign indicating number file with use selected in a plurality of content sign indicating number files from be recorded in information recording carrier.

16, according to the described information processing method of claim 14, it is the digital signature that basis is provided with in a content sign indicating number file that wherein said checking is handled, the signature verification process of selecting in a plurality of content sign indicating number files of execution from be recorded in information recording carrier with the content sign indicating number file that uses, and carry out the step of the checking processing that is different from digital signature authentication of relevant other content sign indicating number file that will use.

17, according to the described information processing method of claim 16, it is the step of carrying out the checking processing of relevant described other content sign indicating number file that will use according to hashed value that wherein said checking is handled.

18, according to the described information processing method of claim 14, it is to carry out the step of handling the data processing that becomes essential together in company with the replacement of some content-datas that its application are included in the finishing table in the described content sign indicating number that wherein said code is carried out.

19, according to the described information processing method of claim 18, it is the step of carrying out the processing that is used for calculating the parameter that the finishing strips purpose that will be applied to be included in described finishing table recovers that wherein said code is carried out, concerning each fragment of the sectional area that is set to be recorded in the content in the information recording carrier, described parameter difference.

20, a kind of on information recording carrier method for recording information, comprise the steps:

Content file generates step, is used for generating the content file that preservation will be recorded in the content-data of information recording carrier;

Content sign indicating number file generates step, is used to generate content sign indicating number file, and this content sign indicating number file is preserved and comprised and will be applied to the content sign indicating number of program that content uses or application information and be used to verify the data of altering; With

Recording step is used for generating content file that step generates at described content file and generate the content sign indicating number file logging that generates in the step in described information recording carrier at described content sign indicating number file,

Wherein, described content sign indicating number file generates step and also comprises: give described content sign indicating number file with the digital signature of control center, and

Wherein, described content sign indicating number file comprises the exclusive program of player, and described content sign indicating number file generation step also comprises: will give described content sign indicating number file based on the signature of the exclusive secret key of player.

21, in accordance with the method for claim 20, wherein saidly be used for verifying that the data of altering are the digital signature based on the data that comprise the content sign indicating number that is included in described content sign indicating number file.

22, in accordance with the method for claim 20, wherein saidly be used for verifying that the data of altering are the hashed values based on the data that comprise the content sign indicating number that is included in described content sign indicating number file.

23, in accordance with the method for claim 20, wherein said content sign indicating number file generates step and carries out the processing that is used to generate a plurality of content sign indicating number files, and described a plurality of content sign indicating number files are preserved and are segmented into a plurality of different classes of content sign indicating numbers;

And wherein said recording step is carried out generate a plurality of different classes of processing of content sign indicating number file logging in information recording carrier that have that generate in the step at described content sign indicating number file.

24, in accordance with the method for claim 23, wherein said content sign indicating number file generates step and generates and preserve a plurality of content sign indicating number files that are segmented into a plurality of different classes of content sign indicating numbers, and carry out the file that is used for generating, only generate a file as the processing that comprises the content sign indicating number file of digital signature data.

25, in accordance with the method for claim 20, wherein said content sign indicating number file generates step and generates and preserve a plurality of content sign indicating number files that are segmented into a plurality of different classes of content sign indicating numbers;

And wherein said content sign indicating number file generates step and carries out form with the file of the digital signature of the wright that comprises the content sign indicating number that is contained in each file or performance entity, generates the processing of each content sign indicating number file.