JP2002271772A - Information processing system and method, recording medium, and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an information processing system that can transmit and receive information to/from a particular information processing unit by each user without leaking the information to other information processing units on a network when users use one prescribed terminal. SOLUTION: A microcomputer 11 generates order data to which a personal ID and a terminal ID are attached. An encryption section 17 encrypts the personal ID, the terminal ID, and the order data. A communication control section 22 transmits the encrypted order data to a communication control section 33 of a BS(broadcasting satellite) digital broadcasting STB 2. A microcomputer 31 attaches an IC-ID to the received and encrypted order data and transmits the resulting data to a BS digital broadcasting station server 3. The BS digital broadcasting station server 3 transmits the received order data to a moving image distribution company server 4. The moving image distribution company server 4 controls a decoding section 74 to decode the received order data and stores the resulting order data to which the personal ID and the terminal ID are attached to a storage section 76.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an information processing system and method, a recording medium, and a program. Information processing system and method, recording medium, and program enabling transmission / reception to / from a specific information processing device without leaking information to another information processing device on a network for each user when using the processing device About.

[0002]

2. Description of the Related Art In transmitting and receiving information to and from a management server via a network by using a single television receiver by a plurality of users, a technique of identifying each user and transmitting / receiving the information is becoming popular. .

As this technique, for example, Japanese Patent Laid-Open No. 9-1
In the interactive television receiver system disclosed in JP-A-63346 (hereinafter, also referred to as an interactive television system), the data to be transmitted by the television receiver includes an ID (Identifier: authentication information) of the television receiver itself. ) And the ID of the individual registered in the television receiver is added, and transmitted to the management server via the communication network. The management server specifies the user who transmitted the data by using the two IDs added to the received data.

In the interactive television system disclosed in, for example, Japanese Patent Application Laid-Open No. 9-298724, a service providing server specifies a destination user by identifying the ID of a television receiver used by the user or the ID thereof. The information is specified by the ID of the individual registered in the television receiver, and information addressed to the individual is transmitted via the television receiver.

[0005]

However, in the above-described configuration, the user is authenticated using the ID of the television receiver capable of bidirectional communication and the ID of the individual. There was a problem that the user could not be authenticated without the system.

[0006] Further, the user must use a television receiver having a registered ID without fail.
Even if multiple television receivers are owned, operation must be performed from a television receiver whose ID is registered for authentication, and the number of television receivers that can be operated is limited to one. There was a problem that would.

[0007] Furthermore, since only the service providing server manages personal information, if another management company attempts to provide other services associated with the interactive television system, the personal information is encrypted. Even if it is possible, even the ID of an individual using another service cannot be encrypted, so that there is a problem that information as to which user has used the other service is leaked.

[0008] The service provided in the interactive television system is provided according to the contents requested by the user by operating the television receiver having the ID registered by the user. Cannot provide a service spontaneously, and the service providing server cannot provide a service only when a user is accessing the service.

The present invention has been made in view of such a situation, and when a plurality of users use one predetermined information processing apparatus on a network including a plurality of information processing apparatuses, It is possible to transmit / receive information to / from a specific information processing apparatus without leaking information to another information processing apparatus on a network for each individual user.

[0010]

According to a first information processing system of the present invention, the first information processing apparatus transmits first identification information for identifying information on the first information processing apparatus to the first information processing apparatus. A first identification information adding unit that adds the first identification information to the fourth identification information by the first identification information adding unit.
Encrypting means for encrypting by a method which can be decrypted by the information processing device, and first transmitting means for transmitting the encrypted information to which the first identification information is added to the second information processing device. A first receiving unit for receiving the encrypted information added with the first identification information transmitted from the first information processing device, the second information processing device comprising: A second identification information adding unit that adds second identification information identifying itself to the encrypted information to which the first identification information has been added and received by the first receiving unit; And a second transmitting unit for transmitting the information to which the second identification information is added and the encrypted information to the third information processing apparatus. , Second
A second receiving means for receiving the information transmitted from the information processing apparatus of the first aspect, to which the first identification information is added, encrypted, and further to which the second identification information is added; Adding the first identification information received by the means,
A first authentication unit that authenticates the second information processing apparatus with the second identification information that is encrypted and further added to the information to which the second identification information is added; and a first authentication unit. The first identification information is added according to the authentication result of
A third transmitting unit that transmits the encrypted information to which the second identification information has been added to the fourth information processing apparatus, wherein the fourth information processing apparatus is A third receiving unit for receiving the transmitted information with the first identification information added thereto, encrypted, and further with the second identification information added thereto, is received by the third receiving unit. , The first identification information is added and encrypted, and among the information to which the second identification information is added, the decryption unit decrypts the encrypted information, and the decryption unit decrypts the encrypted information. And a second authentication unit for authenticating the information to which the first identification information is added based on the first identification information and the second identification information.

The first identification information may include a personal ID for identifying the user or a terminal ID for identifying the first information processing device used by the user.

The first information processing apparatus includes a first unique identification information storage unit for storing first unique identification information for identifying itself, and a second unique identification information for identifying a second information processing apparatus. A second unique identification information storage unit for storing information; and a combination of the first unique identification information and the second unique identification information.
Communication determination means for determining whether communication between the first information processing apparatus and the second information processing apparatus is possible may be further provided, and the first transmission means may include communication determination means. According to the determination result, the first identification information is added, and the encrypted information can be transmitted to the second information processing apparatus.

[0013] A table which records a combination of the first unique identification information and the second unique identification information, which is capable of communication between the first information processing apparatus and the second information processing apparatus, is further provided. And the communication determining means includes the first
And the combination of the second unique identification information and
Whether or not communication is possible can be determined based on whether or not the combination is recorded in the table.

According to a first information processing method of the present invention, the information processing method of the first information processing device adds first identification information for identifying information on the first information processing device to the information. The first identification information adding step, and the information to which the first identification information has been added in the processing of the first identification information adding step.
An encryption step of encrypting the information with a method that can be decrypted by the fourth information processing apparatus, and a first transmission of transmitting the encrypted information to the second information processing apparatus with the first identification information added. The information processing method of the second information processing apparatus comprises the steps of: receiving the encrypted information transmitted from the first information processing apparatus with the first identification information added thereto; And the second identification information added with the first identification information received in the processing of the first reception step, and the second identification information for identifying itself is added to the encrypted information. An identification information adding step, and a second transmitting step of transmitting the information to which the first identification information is added and encrypted and further to which the second identification information is added to the third information processing apparatus. The information processing method of the third information processing apparatus is A second receiving step of receiving the information transmitted from the device with the first identification information added thereto, encrypted, and further with the second identification information added thereto, and a process of the second receiving step The second information processing apparatus uses the second identification information added to the information to which the first identification information is added and encrypted, and further added to the information to which the second identification information is added. The first identification information is added and encrypted in accordance with the authentication result in the processing of the first authentication step and the first authentication step, and further the second identification information is added. Transmitting the received information to the fourth information processing apparatus, and the information processing method of the fourth information processing apparatus includes the first identification information transmitted from the third information processing apparatus. Is added and encrypted, and the second identification information is added. A third receiving step of receiving the encrypted information, the first identification information received in the processing of the third receiving step is added and encrypted, and further the second identification information is added. Among the information, a decryption step of decrypting the encrypted information, and information to which the first identification information is added, which is decrypted in the processing of the decryption step, is referred to as first identification information, And a second authentication step of performing authentication based on the identification information.

[0015] The program of the first recording medium of the present invention comprises:
A first identification information addition control step of controlling a program of the first information processing device to add the first identification information for identifying the information on the fourth information processing device to the information;
An encryption control step of controlling encryption of the information to which the first identification information has been added in the processing of the first identification information control addition step in a manner decodable by the fourth information processing apparatus; A first transmission control step of controlling transmission of the encrypted information to the second information processing device to which the identification information has been added, wherein the program of the second information processing device comprises:
The first reception control step of controlling reception of the encrypted information to which the first identification information has been added and transmitted from the first information processing apparatus, and the processing of the first reception control step A second identification information addition control step of controlling the addition of the second identification information identifying itself to the encrypted information to which the first identification information has been added; A second transmission control step of controlling transmission of the information to which the identification information has been added and encrypted and to which the second identification information has been added to the third information processing apparatus; A second program for controlling the reception of the information transmitted from the second information processing apparatus, the program of the processing apparatus being added with the first identification information, encrypted, and further added with the second identification information. Of the second reception control step and the reception control step A second information processing apparatus based on the second identification information added with the first identification information, encrypted, and further added with the second identification information received in A first authentication control step of controlling the authentication of the first authentication control step, and the first identification information is added and encrypted in accordance with the authentication result in the processing of the first authentication control step, and further the second identification information is encrypted. The fourth of the information to which the information was added
A third transmission control step of controlling transmission to the information processing device of the third information processing device, wherein the program of the fourth information processing device is added with the first identification information transmitted from the third information processing device. A third reception control step of controlling reception of the encrypted information further having the second identification information added thereto; and a first identification information received in the processing of the third reception control step. Added, encrypted, and
Out of the information to which the identification information is added, the decryption control step of controlling the decryption of the encrypted information, and the information of the information to which the first identification information is added, which is decrypted in the processing of the decryption control step. , First identification information, and a second authentication control step of controlling authentication based on the second identification information.

According to a first program of the present invention, a computer for controlling a first information processing apparatus adds, to the information, first identification information for identifying information on the first information processing apparatus. A first identification information addition control step of controlling;
An encryption control step of controlling encryption of the information to which the first identification information has been added in the processing of the first identification information control addition step in a manner decodable by the fourth information processing apparatus; A first transmission control step of controlling transmission of the encrypted information to the second information processing device to which the identification information has been added, and causing a computer controlling the second information processing device to execute A first reception control step for controlling the reception of the encrypted information to which the first identification information has been added and transmitted from the first information processing apparatus; A second identification information addition control step of controlling the addition of the second identification information identifying itself to the encrypted information to which the first identification information has been added, and a first identification The information is added, encrypted, and A second transmission control step of controlling transmission of the information to which the identification information is added to the third information processing apparatus, and causing the computer that controls the third information processing apparatus to execute the second information processing apparatus. A second reception control step of controlling the reception of the information transmitted with the first identification information added thereto, encrypted, and further added with the second identification information; and The second identification information according to the second identification information, which is received in the processing of the step, is added with the first identification information, is encrypted, and is further added to the information to which the second identification information is added. A first authentication control step of controlling authentication of the information processing apparatus;
The first identification information is added and encrypted in accordance with the authentication result in the processing of the authentication control step of
And a third transmission control step of controlling transmission of the information to which the identification information is added to the fourth information processing apparatus.
The information transmitted from the third information processing apparatus to which the first identification information is added, encrypted, and further added with the second identification information, to the computer controlling the fourth information processing apparatus. A third reception control step for controlling the reception of the first reception control step, and the first reception control step
And a decryption control step for controlling decryption of the encrypted information among the information to which the identification information is added and encrypted and further the second identification information is added. Executing a first authentication information of the decrypted information to which the first identification information is added, and a second authentication control step of controlling authentication based on the second identification information. I do.

A second information processing system according to the present invention comprises a first information processing system.
A first identification information adding unit for adding first identification information for identifying the information on the fourth information processing device to the information;
Encryption means for encrypting the information to which the identification information is added by a method which can be decrypted by the fourth information processing apparatus; and a third means for adding the first identification information to the encrypted information. Second identification information adding means for adding second identification information for identifying the information processing apparatus, and information to which the first identification information is added and encrypted, and further to which the second identification information is added To the second information processing apparatus, and the second information processing apparatus transmits the first identification information transmitted from the first information processing apparatus to the second information processing apparatus. First receiving means for receiving the information to which the second identification information is added, and the first identification information received by the first receiving means being added, encrypted, Further, the second identification information is separated from the information to which the second identification information is added. Separating means, first authenticating means for authenticating the third information processing device based on the second identification information separated by the separating means, and separating means corresponding to the authentication result of the first authenticating means. And a second transmitting unit for transmitting the encrypted information to the third information processing apparatus, to which the second identification information is separated and the first identification information is added. A second receiving unit that receives the encrypted information to which the first identification information has been added and that has been transmitted from the second information processing device; A third transmitting unit that transmits the encrypted information to the fourth information processing device to which the first identification information is added, wherein the fourth information processing device transmits the encrypted information from the third information processing device. The third method of receiving the encrypted information to which the first identification information has been added Receiving means, decoding means for receiving the first identification information added by the third receiving means and decoding the encrypted information, and first identification information decoded by the decoding means And storage means for storing information to which information is added.

The first identification information may include a personal ID for identifying a user or a terminal ID for identifying a fourth information processing apparatus used by the user.

The third information processing device has first unique identification information storage means for storing first unique identification information for identifying itself, and a second unique identification information for identifying a fourth information processing device. A second unique identification information storage unit for storing information; and a combination of the first unique identification information and the second unique identification information.
Communication determination means for determining whether communication between the third information processing apparatus and the fourth information processing apparatus is possible may be further provided, and the third transmission means may include communication determination means. The first identification information is added in accordance with the result of the determination, and the encrypted information can be transmitted to the fourth information processing apparatus.

[0020] A table which records a combination of the first unique identification information and the second unique identification information, which can communicate with the third information processing apparatus and the fourth information processing apparatus, is further provided. And the communication determining means includes the first
And the combination of the second unique identification information and
Whether or not communication is possible can be determined based on whether or not the combination is recorded in the table.

In the fourth information processing apparatus, only the user who possesses the first identification information can be permitted to access the information stored by the storage means.

[0022] The first identification information may include a personal ID for identifying the user or a terminal ID for identifying a fourth information processing apparatus used by the user. The information processing device has a personal ID or terminal ID
It is possible to allow only the user who owns the access to the information stored in the storage means.

[0023] The first identification information may further include identification information priority information that prioritizes either the personal ID or the terminal ID. , Personal ID,
Alternatively, it is possible to allow only a user who possesses one of the terminal IDs with priority to access the information stored by the storage means.

According to a second information processing method of the present invention, the information processing method of the first information processing apparatus adds the first identification information for identifying the information on the fourth information processing apparatus to the information. The first identification information adding step, and the information to which the first identification information has been added in the processing of the first identification information adding step.
An encryption step of encrypting the information by a method which can be decrypted by the fourth information processing apparatus; and a second identification for adding the first identification information to the encrypted information to identify the third information processing apparatus. A second identification information adding step of adding information;
And transmitting the information to which the second identification information is added to the second information processing apparatus, wherein the first information processing apparatus further comprises: The information processing method of the first aspect, the first identification information transmitted from the first information processing apparatus is added and encrypted,
Furthermore, a first receiving step of receiving the information to which the second identification information is added, and the first identification information received in the processing of the first receiving step are added and encrypted, and further encrypted. , A separation step of separating the second identification information from the information to which the second identification information is added, and a second identification information separated by the processing of the separation step.
A first authentication step of authenticating a third information processing device;
In response to the authentication result in the processing of the first authentication step, the second identification information is separated in the processing of the separation step.
Transmitting the encrypted information to the third information processing device with the identification information added to the third information processing device. The first identification information transmitted from
A second receiving step of receiving the encrypted information, and the first information added in the processing of the second receiving step, and the encrypted information is added to the fourth information processing apparatus. And a third transmitting step of transmitting. The information processing method of the fourth information processing apparatus, wherein the encrypted information transmitted from the third information processing apparatus with the first identification information added thereto is added. Receiving the first identification information, a decryption step of decrypting the encrypted information added with the first identification information received in the processing of the third reception step, and a process of the decryption step Storing the information to which the first identification information has been added, which has been decoded in the step (a).

The program of the second recording medium of the present invention comprises:
A first identification information addition control step of controlling a program of the first information processing device to add the first identification information for identifying the information on the fourth information processing device to the information;
An encryption control step of controlling encryption of the information to which the first identification information has been added in the processing of the first identification information addition control step in a manner decodable by the fourth information processing apparatus; A second identification information addition control step in which the identification information is added and the addition of the second identification information for identifying the third information processing apparatus from the encrypted information is added, and the first identification information is added. A first transmission control step of controlling the transmission of the encrypted information to which the second identification information is added to the second information processing apparatus. A first program for controlling reception of information transmitted from the first information processing apparatus, the first identification information being added and encrypted, and further the second identification information being added. Processing of the reception control step and the first reception control step A separation control step of controlling the separation of the second identification information from the information to which the first identification information has been added and encrypted and further the second identification information has been added, A first authentication control step for controlling authentication of the third information processing apparatus based on the second identification information separated in the processing of the separation control step, and an authentication result in the processing of the first authentication control step. Correspondingly, the first identification information is separated in the processing of the separation control step.
And a second transmission control step of controlling transmission of the encrypted information to the third information processing device, wherein the identification information of the third information processing device is added to the third information processing device. A second reception control step for controlling reception of the encrypted information to which the first identification information is added, which is transmitted from the processing device, and a second reception control step for receiving the encrypted information. And a third transmission control step of controlling transmission of the encrypted information to the fourth information processing device to which the first identification information is added. The first sent from the information processing device
A third reception control step for controlling the reception of the encrypted information to which the identification information is added, and the first identification information received in the processing of the third reception control step to which the first A decoding control step for controlling the decoding of the encoded information, and a first decoding step performed by the decoding control step.
And a storage control step of controlling the storage of the information to which the identification information is added.

According to a second program of the present invention, a computer for controlling the first information processing apparatus adds the first identification information for identifying the information on the fourth information processing apparatus to the information. A first identification information addition control step of controlling;
An encryption control step of controlling encryption of the information to which the first identification information has been added in the processing of the first identification information addition control step in a manner decodable by the fourth information processing apparatus; A second identification information addition control step in which the identification information is added and the addition of the second identification information for identifying the third information processing apparatus from the encrypted information is added, and the first identification information is added. And a first transmission control step of controlling transmission of the encrypted information to which the second identification information is added to the second information processing apparatus. Controls the reception of the information transmitted from the first information processing apparatus, added with the first identification information, encrypted, and further added with the second identification information to the computer controlling the computer. A first reception control step, and a first reception control step. Is received in step, first
Separation control step for controlling the separation of the second identification information from the information to which the second identification information is added and encrypted and further to which the second identification information is added; Based on the obtained second identification information,
A first authentication control step of controlling the authentication of the information processing device of the second type, and the second identification information is separated in the processing of the separation control step in accordance with the authentication result in the processing of the first authentication control step. A second transmission control step of controlling the transmission of the encrypted information to the third information processing device with the first identification information added thereto, and causing the computer controlling the third information processing device to execute the second transmission control step. A second reception control step of controlling reception of the encrypted information added with the first identification information transmitted from the second information processing apparatus; and
And a third transmission control step of controlling transmission of the encrypted information to the fourth information processing apparatus, to which the first identification information received in the processing of the reception control step is added. A computer that controls the fourth information processing apparatus;
A third reception control step of controlling reception of the encrypted information to which the first identification information has been added and transmitted from the third information processing apparatus; The first identification information thus added is added, and a decryption control step for controlling decryption of the encrypted information, and the first identification information decrypted in the processing of the decryption control step are added. And a storage control step of controlling storage of information.

In the first information processing system, method, and program according to the present invention, first identification information for identifying information on the first information processing device by the first information processing device is the same as the information. , And the information to which the first identification information is added is encrypted by a method that can be decrypted by the fourth information processing apparatus, and the first identification information is added to encrypt the encrypted information. Transmitted to the second information processing device,
The first information processing apparatus receives the encrypted information transmitted from the first information processing apparatus, and receives the encrypted first information. Then, the second identification information identifying itself is added to the encrypted information, the first identification information is added thereto, the encrypted information is encrypted, and the information added with the second identification information is added to the encrypted information. Transmitted to the third information processing device, and transmitted from the second information processing device by the third information processing device,
The first identification information is added and encrypted, and the information to which the second identification information is added is received. The received first identification information is added and encrypted. The second information processing apparatus is authenticated by the second identification information added to the information to which the second identification information is added, and the first identification information is added in accordance with the authentication result. The information that is encrypted and further added with the second identification information is transmitted to the fourth information processing device, and is transmitted from the third information processing device by the fourth information processing device.
The first identification information is added and encrypted, and the information to which the second identification information is added is received. The received first identification information is added and encrypted. Among the information to which the second identification information is added, the encrypted information is decrypted, and the decrypted information to which the first identification information is added is the first identification information and the second identification information. You are authenticated based on the information.

In the second information processing system, method, and program according to the present invention, the first identification information for identifying information on the fourth information processing apparatus by the first information processing apparatus is the same as the information. And the information to which the first identification information is added is encrypted by a method which can be decrypted by the fourth information processing device, and the first identification information is added to the encrypted information to obtain the first information. Third information for identifying the third information processing apparatus is added, the first identification information is added and encrypted, and the information to which the second identification information is added is added to the second information processing apparatus. The first identification information transmitted from the first information processing device and transmitted to the device and transmitted from the first information processing device is added and encrypted.
The information to which the identification information is added is received, the received first identification information is added and encrypted, and the second information is added to the second identification information. The information is separated, the third information processing device is authenticated based on the separated second identification information, and the second identification information is separated according to the authentication result. The added and encrypted information is transmitted to the third information processing device, and the first identification information transmitted from the second information processing device is added by the third information processing device, The encrypted information is received, and the received first identification information is added thereto, and the encrypted information is transmitted to the fourth information processing device.
The first identification information is transmitted from the information processing device of the first and the encrypted information is received, and the received first identification information is added and the encrypted information is decrypted. Then, the decoded information to which the first identification information is added is stored.

[0029]

FIG. 1 is a diagram showing the configuration of an embodiment of a broadcasting system according to the present invention.

This broadcasting system has a BS (Broadcasting S)
atellite) This is a transmission / reception system for digital broadcasting, which is roughly divided into two parts. One is a client side owned by the user, and the other is a service providing / managing side that provides and manages services to the client side of each user.

The client side includes a television receiver (hereinafter, also referred to as a TV) 1 and an STB (Set) for BS digital broadcasting.
Top Box) (hereinafter also referred to as BS-STB) 2 and is generally installed in each home. TV1 is
A BS broadcast program received by the BS-STB 2 and transmitted from a satellite (not shown) is displayed. TV1 is a BS-STB
2, telephone line network 5, and BS digital broadcasting station server 3
, And receives the distribution of the moving image data from the moving image distribution company server 4, and reproduces and displays the distributed moving image data.

Further, the BS-STB 2 receives the BS broadcast program and displays it on the TV 1, and also, for example, transmits the viewing data of the pay broadcast of the BS broadcast to the BS digital broadcast station server 3 via the telephone network 5. Send.

In FIG. 1, the client side is a TV
1 and one set of BS-STB2 are displayed, but these are owned by a plurality of users.
TV1 and BS-STB2 exist. TV1 and BS-STB2 are
Although they are arranged at positions close to each other in the configuration of the drawing, they are arranged at different positions, that is, in a different room if in a general home, and are configured so that each is connected by a dedicated cable. Is also good.

The service providing / managing side comprises a BS digital broadcasting station server 3 and a moving picture distribution company server 4. A BS digital broadcasting station server (hereinafter, also referred to as a BS server) 3 is a server managed and operated by the BS digital broadcasting station. And receives the pay-view data sent from the company and manages the billing data.

A moving image distribution company server (hereinafter, also referred to as a distribution server) 4 transmits a moving image such as a movie for each user of the TV 1 via the BS server 3, the telephone network 5, and the BS-STB 2. It is a server operated by a moving image distribution company that distributes. With the above-described broadcasting system, a moving image distribution company that manages and operates the distribution server 4 requests the BS digital broadcasting station to broadcast a moving image advertisement program or the like distributed by the BS digital broadcasting station (for a fee), and receives the broadcast. Then, the BS digital broadcasting station broadcasts a moving image advertising program. BS-STB2 receives this broadcast and causes TV1 to display it. When the user watches the advertisement program and wants to purchase a predetermined moving image (for example, a movie), the user operates the TV 1 to control the BS-STB 2, the telephone network 5, and the BS server 3. Via the distribution server 4, a predetermined moving image is ordered. The distribution server 4 that has received the order reads the corresponding moving image data,
The moving image data is distributed via the telephone network 5 and the BS-STB 2. Although the BS server 3 and the distribution server 4 are arranged close to each other in the drawing, each is connected by a dedicated communication line and provided at a remote position.

Next, the configuration of the TV 1 will be described.

The microcomputer 11 of the TV 1 has a CPU
(Central Processing Unit), ROM (Read Only Memor)
y) and a random access memory (RAM), which controls the overall operation of the TV 1 and develops and executes various programs in the RAM as appropriate. Further, the microcomputer 11 reads various programs and data recorded on the magnetic disk 211, the optical disk 212, the magneto-optical disk 213 or the semiconductor memory 214 mounted on the drive 201 into the RAM as appropriate, and executes various processes.

The authentication unit 12 includes a microcomputer 11
The personal authentication information input device 1 is controlled by the user.
5 based on the personal authentication information input from the
Personal ID corresponding to personal authentication information registered in advance in a
In addition to executing the authentication processing, the terminal ID for identifying the TV 1 is stored, and the authentication processing of the distribution server 4 is executed together with the personal ID. The personal authentication information is, for example, biometric information such as a fingerprint, a retinal pattern, or a voiceprint of each user. Depending on the information to be obtained, the personal authentication information input device 15 outputs the information to an image reading device or a microphone. The form changes.

The operation unit 13 is composed of a tablet button and the like.
When a process such as a stop is performed, the operation is performed by a user.

The storage unit 14 stores a so-called HDD (Hard Disc D).
rive), and is controlled by the microcomputer 11 via the bus 23. Storage unit 14
Records moving image data distributed from the distribution server 4 and stores programs or data necessary for various other processes.

The display unit 16 is a CRT (Cathode Ray Tube)
And LCD (Liquid Crystal Display), etc.
The video signal selected by the selector 21 among the video signals input from the moving image compression / decompression unit 19, the tuner 20, or the BS digital tuner 32 is displayed.

The moving image compression / decompression unit 19 decompresses the moving image data read from the storage unit 14 and compressed by a predetermined compression method distributed in advance by the distribution server 4 and outputs the data to the selector 21. Also, if necessary, the tuner 20,
Alternatively, the video signal supplied from the BS digital tuner 32 is compressed by a predetermined compression method and output to the storage unit 14.

The tuner 20 is composed of an antenna, a demodulator and the like (not shown), receives a broadcast program of a terrestrial channel specified by the operation unit 13, and outputs it to the selector 21. The selector 21 includes a moving image compression / decompression unit 1
9, among the video signals input from the tuner 20 or the BS digital tuner 32, the video signal specified by the operation unit 13 is output to the display unit 16 for display.
The video signal input from the tuner 20 or the BS digital tuner 32 is output to the moving image compression / expansion unit 19.

The encryption unit 17 encrypts various data to be transmitted to the distribution server 4 by using an encryption method that can be decrypted by the decryption unit 74 of the distribution server 4. The decryption unit 18 decrypts various types of information encrypted by the encryption unit 75 of the server 4 using a predetermined encryption method.

The communication control unit 22 performs a communication process with the communication control unit 33 of the BS-STB 2. The communication control unit 22 is a BS-S
When communicating with the communication control unit 33 of TB2, a TV that identifies itself
-A table showing the combination of the ID and the ID of the device with which communication is possible is stored in the memory 22a. At the time of communication, the ID of the device at the communication destination is inquired and the device can communicate with its own TV-ID When it is a combination, data is transmitted and received. That is, in this case, the communication control unit 22 transmits the TV-ID and the BS-STB2
When the STB-ID, which is the ID of the
It transmits and receives data to and from the communication control unit 33 of the BS-STB2. this
The TV-ID or STB-ID is, for example, a GUID (Global Uniq
ue Identifier: I to specify the manufacturer, model, model, etc.
D) etc. and is the only ID in the world. The processing of the communication control unit 22 will be described later in detail.

Next, STB for BS digital broadcasting (BS-STB) 2
Will be described.

The microcomputer 31 includes a CPU, a ROM,
The BS-STB 2 controls the entire operation of the BS-STB 2, and various programs are appropriately loaded on the RAM and executed.

The BS digital tuner 32 includes an antenna (not shown), a demodulator, a descrambler, and the like, receives a broadcast signal of a BS digital broadcast broadcasted from a satellite (not shown), and is designated by the operation unit 37. The video signal of the selected channel is output to the selector 21 of the TV 1. Also BS
When receiving a scrambled video signal such as a digital broadcast pay broadcast, the BS digital tuner 32 descrambles the received broadcast program video signal, outputs the received broadcast program video signal to the selector 21, and confirms that the pay broadcast has been viewed. The stored viewing data is stored in the storage unit 35.

The communication control unit 33 is a communication control unit 22 of the TV 1.
Executes communication processing with. When communicating with the communication control unit 22 of the TV 1, the communication control unit 33 includes an STB-ID for identifying itself,
The memory 33a stores a table indicating a combination with the ID of a device that can communicate, and in the case of communication, inquires the ID of the device at the communication destination, and when the combination can communicate with its own TV-ID. Send and receive data.

The communication control unit 34 is a communication unit 5 of the BS server 3.
4 and a telephone network 5. Communication control unit 34
When communicating with the communication unit 54 of the BS server 3, the transmission data is transmitted with the IC-ID stored in advance in the IC card 38 distributed to the subscriber of the BS digital broadcast. In this case, for example, when transmitting the viewing data of the pay broadcast of the BS digital broadcast, as shown in FIG.
The server address is recorded, then the IC-ID is attached, and finally, the viewing data is attached and transmitted.

The storage unit 35 is composed of a so-called HDD or the like.
1 is controlled. The storage unit 35 stores the viewing data for the pay broadcast received by the BS digital tuner 32 as described above.

When transferring data transmitted from the distribution server 4 to the TV 1 via the BS server 3 and the telephone line network 5, the data storage unit 36
Until the communication connection with the communication control unit 22 of the TV 1 is completed, the temporarily transferred data is stored. Communication control unit 33
If the communication connection with the communication control unit 22 is not completed within a predetermined time, the data storage unit 36 can make settings such as deleting stored data.

Next, the configuration of the BS digital broadcasting station server (BS server) 3 will be described.

The microcomputer 51 includes a CPU, a ROM,
And a RAM, which controls the overall operation of the BS server 3 and stores various programs as needed in the RAM.
And execute it.

The storage unit 52 is composed of a so-called HDD, and is controlled by the microcomputer 51 via the bus 56. The storage unit 52 stores the charging information based on the viewing data of each user registered in advance as shown in FIG. The billing information includes the IC-ID, contractor name, address, payment method, viewing data, additional service,
And the fee is stored. In this case, “00000001” and “00000004” are shown from the top in the IC-ID, and “Yamada” is displayed from the top as the name of the contractor who owns the IC card 38 corresponding to each IC-ID. ",and,
It is stored as "Takahashi". Further, the addresses of the subscribers of “Yamada” and “Takahashi” are stored as “1-1-1 Kita-ku” and “2-2-2 Nakano-ku”, respectively. Further, as a method of paying the viewing fee of each subscriber of “Yamada” and “Takahashi”, “Credit card VISO 2223817” and “Bank transfer Tokyo 3039483” are stored, respectively. ID00000001
The contractor who owns the IC card 38 and calls it "Yamada"
It is indicated that the viewing fee will be paid using a credit card called VISO with a card number of 2223817,
It is indicated that a contractor who owns the IC card 38 of IC-ID00000004 and calls "Takahashi" pays the viewing fee by bank transfer from the bank account number 3039483 of the city bank.
In addition, viewing information is stored in the billing information,
In this case, “Movie A” and “Movie B” are stored for each subscriber, and the BS owned by each user
FIG. 2 transmitted from the STB 2 via the telephone network 5
Is recorded based on the viewing data shown in FIG. In the additional service column of the charging information, when a service other than the fee of the pay broadcast is charged, the fee is recorded. In the charge information column, a charge to be collected for each user is recorded. In this case, a contractor called "Yamada" is charged 1500 yen, and "Takahashi" It is shown that the contractor who is called is charged 2,000 yen, and based on this information, the billing process is executed for each user.

The authentication unit 53, as shown in FIG.
Search for the IC-ID included in the data transmitted from BS-STB2, and determine whether or not it is a pre-registered IC-ID,
Execute the authentication process. The communication control unit 55 communicates with the communication control unit 72 of the moving image distribution company server 4 to transmit and receive information.

Next, the configuration of the moving image distribution company server (distribution server 4) will be described.

The microcomputer 71 includes a CPU, a ROM,
And a RAM, which controls the overall operation of the distribution server 4 and executes various programs as appropriate.
Expand to M and execute. The microcomputer 7
1 denotes a magnetic disk 31 mounted on the drive 301
1. The program or data recorded in the optical disk 312, the magneto-optical disk 313, or the semiconductor memory 314 is read into the RAM as appropriate, and various processes are executed.

The communication control unit 72 is a communication unit 5 of the BS server 3.
5 to transmit and receive data. Authentication unit 73
Stores the personal authentication information of the user who owns the TV 1, particularly, the user who ordered the moving image data. The personal ID and the terminal ID included in the transmitted order data and the BS-ID connected to the TV 1 are stored. The user (orderer) of the moving image data is authenticated from the information of the IC-ID of the STB2.

The decryption unit 74 decrypts the data encrypted by the encryption unit 17 of the TV 1. Also, the encryption unit 75
Is an encryption method that can be decrypted by the decryption unit 18 of the TV 1,
1 to encrypt the moving image data to be transmitted.

The storage unit 76 is constituted by a so-called HDD or the like, and
1 is controlled. The storage unit 76 records the distributable moving image data, and stores a program or data necessary for various other processes.

Next, referring to the flowchart of FIG.
A process when the TV 1 places an order for the moving image data to the distribution server 4 will be described.

In step S1, the selector 21
As shown in FIG. 5, a screen for selecting moving image data that can be purchased from the BS digital tuner 32 of the BS-STB 2 and that can be purchased for a program that the moving image distribution company has requested the BS broadcasting station to broadcast is displayed. This presupposes that the user has operated the operation unit 37 of the BS-STB 2 to select a channel on which the advertisement program is being broadcast.

In step S2, the microcomputer 11 determines whether a moving image to be purchased has been selected. For example, as shown in FIG.
The cursor is moved up (in the drawing, the cursor indicated by a bold line is
), And "Ye" displayed under "Purchase"
When “s” is selected, the microcomputer 11
It is determined that a moving image has been selected, and the processing is performed in step S
Proceed to 3.

In step S 3, the personal authentication information input device 15 displays a display screen for requesting the input of personal authentication information on the display unit 16, acquires the user's authentication information, and outputs it to the authentication unit 12. In step S4, the authentication unit 1
2 determines whether the acquired personal authentication information is information registered in advance. That is, as shown in FIG. 6, personal authentication information corresponding to the personal ID of each user is stored in the memory 12a of the authentication unit 12 as binary data. In this case, the personal ID is “0012”. In this case, the corresponding personal authentication information is registered as “001011110111011”, and information such as a fingerprint, a retinal pattern, or a voiceprint is subjected to a predetermined process to obtain binary data “00
1011110111011 ”is registered as the personal ID“ 0012 ”. Similarly, personal ID
The user of “0023” has personal authentication information of “11110110111000
The user having the personal ID “0031” is registered with the personal authentication information as “101101101110100”.

For example, assuming that the acquired personal authentication information is “111101101110000” in the process of step S3, this personal authentication information belongs to the user registered as the personal ID “0023”. Is determined, and the process proceeds to step S5.

In step S5, the microcomputer 11 generates order data as shown in FIG.
That is, the order data includes, from the left in the figure, a distribution server address as an address of the distribution server 4 indicating the order destination, a personal ID, a terminal ID, and a moving image B indicating the moving image to be ordered
Is recorded.

In step S6, the encryption unit 17
A method in which information other than the distribution server address indicating the transmission destination (order destination) in the order data can be decoded by the decoding unit 75 of the distribution server 4 as shown in FIG. Then, the encrypted order data is temporarily stored in the RAM of the microcomputer 11. The hatched portion in FIG. 8 indicates that the data is encrypted. The same applies to the following.

In step S7, the communication control unit 22
Reads out the TV-ID of the TV 1 stored in the memory 22a and transmits it to the communication control unit 33 of the BS-STB2.

Here, the process in which the BS-STB 2 receives order data from the TV 1 and transfers it to the BS server 3 will be described with reference to the flowchart in FIG.

In step S31, the communication control unit 33
Is based on a command from the microcomputer 31
It is determined whether or not the TV-ID has been received from the communication control unit 22 of the TV 1 and the process is repeated until the TV-ID is received. For example, as shown in step S7 of the flowchart of FIG. The communication control unit 33 from the unit 22 to the TV-ID
Is transmitted, and when it is received, it is determined that the TV-ID has been received, and the process proceeds to step S32.

In step S32, the communication control unit 33
Reads out its own ID, that is, STB-ID, stored in the memory 33a and outputs it to the communication control unit 22 of the TV 1.

Here, the description returns to the flowchart of FIG.

In step S8, the communication control unit 22
Determines whether the STB-ID has been received from the communication control unit 33 of the BS-STB2. For example, when the STB-ID is received from the BS-STB2 by the process of step S32 in the flowchart of FIG. It is determined that the STB-ID has been received, and the process proceeds to step S9.

In step S9, the communication control unit 22
Matches the STB-ID with the TV-ID. That is, a table as shown in FIG. 10 is stored in the memory 22a of the communication control unit 22, and a combination of the TV-ID and the STB-ID is recorded. For example, when the TV-ID is “001”, it indicates that the communicable STB-ID is “102” or “203”. If the TV-ID is “005”,
It indicates that the STB-ID that can communicate is “102” or “203”. The setting of this table can be changed to various tables by setting.

In step S10, the communication control unit 22
Determines whether the collation result indicates that communication is possible. For example, if the TV-ID is “001” and the STB-ID is “102”, the combination at the top of the table shown in FIG. Therefore, it is determined that communication is possible, and the process proceeds to step S11.

In step S11, the communication control unit 22
Indicates that the TV-ID and the transmission destination S are included in the order data as shown in FIG.
It attaches the TB-ID and outputs it to the communication control unit 33 of the BS-STB2.

Here, the description returns to the flowchart of FIG.

In step S33, the communication control unit 33
Refers to the same table shown in FIG. 10 stored in the memory 33a and checks the combination of the STB-ID and the TV-ID, and determines whether or not the combination is a communicable combination in step S34. Is determined. In this case, since the TV-ID is "001" and the STB-ID is "102", it matches the top row of the table shown in FIG. The process proceeds to step S35.

In step S35, the communication control unit 33
Receives the order data as shown in FIG. 11 from the communication control unit 22 of the TV 1 in accordance with the processing of step S11 in the flowchart of FIG. 4 (the order data is transmitted because communication is possible), and the data is stored. It is stored in the unit 36.

In step S36, the microcomputer 31 adds the address of the BS server 3 as the next destination and the IC-ID stored in the IC card 38 to the received order data as shown in FIG. Attached.

In step S37, the communication control unit 37
Transmits order data to the BS server 3 via the telephone network 5 based on a command from the microcomputer 31.

Here, the transfer process of the order data of the BS server 3 will be described with reference to the flowchart of FIG.

In step S51, the microcomputer 51 controls the communication control unit 54 to determine whether or not the order data has been received, and repeats the processing until the order data is received. In step S51, for example, when the order data is transmitted by the process of step S37 in the flowchart of FIG. 9, the communication control unit 54 receives the order data, so it is determined that the order data has been received. Proceed to step S52.

In step S52, the authentication unit 53
It is checked whether the received IC-ID of the order data as shown in FIG. 12 is registered in advance. That is, the memory 5
Since the billing information for billing the pay program of the BS digital broadcast as shown in FIG. 3 is stored in 3a, the authentication unit 53 checks with the IC-ID registered in this billing information. .

In step S53, the authentication unit 53
It is determined whether the IC-ID of the received order data is registered or not, for example, the IC-ID of the received order data.
Is "00000001", the contractor name is "Yamada"
Is registered, it is determined that it is registered, and the process proceeds to step S54.

In step S54, the communication control unit 55
Transmits the received order data to the communication control unit 7 of the distribution server 4.
2 (transmit).

Here, the process in which the distribution server 4 receives the order data will be described with reference to the flowchart in FIG.

In step S71, the communication control unit 72
Determines whether or not order data has been received based on a command from the microcomputer 71, and repeats the processing until the order data is received. For example, when order data is transmitted from the communication control unit 55 in the process of step S54 in the flowchart of FIG. 13, the communication control unit 72 receives the order data, and thus determines that the order data has been received. , The process proceeds to step S72.

In step S72, the decoding unit 74
Is an encrypted individual in the received order data
ID, terminal ID, and order data (moving image
B) is decrypted to generate order data as shown in FIG.

In step S73, the authentication unit 73
The personal ID, the terminal ID, and the IC-ID are checked against a table as shown in FIG. 16 stored in the memory 73a. That is, the table of FIG. 16 shows the billing information for purchasing the moving image data for each subscriber, and the terminal I from the left in the figure.
D, personal ID, IC-ID, contractor name, address, payment method, purchase moving image, and fee are recorded. The terminal ID is an ID for identifying a device used by each user. In this case,
This is an ID for identifying TV1, and “111111” and “222222” are registered as terminal IDs. Individuals corresponding to the terminal ID
ID is registered, and as the personal ID, the terminal ID "11111
"0012" and "002"
3 is registered, and "0012" is registered as corresponding to the terminal ID "222222". These personal IDs are IDs assigned to one contractor. Therefore, for example, when a plurality of users use the TV 1, a plurality of personal IDs may be registered for one terminal ID as shown in FIG. Furthermore, two IC-IDs, "00000001" and "00000002", are assigned to a user whose personal ID is registered as "0012", and a user who has a contractor name of "Ichiro Yamada" , Two IC-IDs are registered.
In other words, the contractor who calls "Ichiro Yamada"
If two STBs 2 are owned, it means that both of them are registered. Individual ID `` 002
The subscriber named "Jiro Yamada" corresponding to "3" has the same IC-IC as the user named "Ichiro Yamada". For example, two BS-STB2 are owned by one household. This indicates that one of them is shared and registered. In addition, a user named “Hanako Takahashi” registered as the contractor name of the personal ID “0012” has the IC-ID
Since both “00000004” and “00000009” are registered, it is indicated that two BS-STBs 2 are registered in the same manner as the user named “Ichiro Yamada”. Individuals corresponding to "Ichiro Yamada" and "Hanako Takahashi"
The IDs are all the same as “0012”, but may be the same because the terminal IDs are different, that is, the personal IDs on another terminal (TV1).

Further, addresses corresponding to the respective contractor names are recorded, and the users named "Ichiro Yamada" and "Jiro Yamada" are registered as "1-1-1 Kita-ku". The user named "Hanako Takahashi" is registered as "2-2-2 Higashi-ku".

The payment method is recorded for each personal ID. In the column of the user named “Ichiro Yamada” of the personal ID “0012”, “Bank transfer Tokyo Bank 23456” is recorded. A user named "Ichiro Yamada" with ID "0012"
It is shown that the billing related to the purchase of the moving image data is paid by bank transfer from an account having a bank number of 23456 as a bank number as an account number.

In the column of the user named “Jiro Yamada” of the personal ID “0023”, “Credit card VISO 383” is displayed.
47474 "is recorded, and the user who calls" Jiro Yamada "of the personal ID" 0023 "has the VI with the card number of 38347474.
It is shown that a fee for moving image data is paid by an SO credit card. "Hanako Takahashi" with personal ID "0012"
Is recorded as “billing with IC-ID = 00000004”, which is an additional service shown in FIG.
After adding the purchase price of the moving image data, the BS server 3
This indicates that the fee is charged together with the viewing fee of the pay broadcast of the BS broadcast.

The purchased moving images are “moving image A” in the order of the subscribers “Ichiro Yamada”, “Jiro Yamada”, and “Hanako Takahashi”.
They are recorded as “moving image B” and “moving image C”, which are recorded based on order data.

[0096] The fee is the amount finally collected.
Contractors "Ichiro Yamada", "Jiro Yamada", and "Hanako Takahashi" in the order of "300 yen", "500 yen", and "(650
Yen), and the amount corresponding to the order data is recorded. Note that the parenthesis added to the user's fee display called "Hanako Takahashi" indicates that the collection itself is added to the charge of the BS server 3.

Here, the description returns to the flowchart of FIG.

In step S73, the public relations department 73
The personal ID, the terminal ID, and the IC-ID are compared with the table shown in FIG. 15 stored in the memory 73a, and it is determined in step S74 whether or not they are registered. I do. For example, the personal ID of the order data
Is "0023", the terminal ID is "111111", and the IC-ID is "000000".
If it is "1", it corresponds to the user registered with the contractor name "Jiro Yamada", so it is determined that the received order data is registered as that of the user named "Jiro Yamada", Proceeds to step S75.

In step S75, the microcomputer 71 stores the order data in the storage unit 76, and the authentication unit 73 updates the table in the memory 73a. More specifically, when the process of step S75 is completed, the authentication unit 73 records “moving image B” as the information of the purchased moving image in FIG. 15, and further sets the corresponding fee to “500 yen”. Record as It should be noted that this fee is stored in the storage unit 76 as data in which the amount of money corresponding to each moving image is recorded, and is appropriately read.

In step S74, the personal ID and the terminal I
If it is determined that D and the IC-ID are not registered, the process proceeds to step S76, and the microcomputer 71 controls the communication control unit 72 to confirm that the authentication is not permitted, Let the BS server 3 transmit.

Here, the description returns to the flowchart of FIG.

In step S55, the microcomputer 51 determines whether or not a notification that authentication is not approved within a predetermined time is received by the communication control unit 55. If the notification that authentication is not acknowledged is not received within the predetermined time, Then, it is determined that the transmitted order data has been correctly transferred, and the processing ends.

In step S53, the IC-ID ordered
If it is determined that the authentication is not registered, in step S56, the microcomputer 51 controls the communication control unit 54 to notify the BS-STB that the authentication is not permitted.
Let 2 know.

In step S55, if a notification that the authentication is not permitted is transmitted by the processing of step S76 in the flowchart of FIG. 14 within a predetermined time,
The process proceeds to step S56, and the subsequent processes are repeated.

Here, the description returns to the flowchart of FIG.

In step S38, the microcomputer 31 controls the communication control unit 34 to determine whether or not it is notified that the authentication is not permitted within a predetermined time, and the authentication is not permitted within the predetermined time. If this is not the case, it is determined that the transmitted order data has been correctly transferred, and the processing ends.

If it is determined in step S34 that the combination is not a communicable combination, in step S39, the communication control unit 33 determines that communication is not established, and ends the processing. That is, in this case, the determination that the communication is not established is made in the TV 1 in the same manner.

In step S38, within a predetermined time,
For example, when a notification that the authentication is not accepted is received by the process of step S56 in the flowchart of FIG.
The microcomputer 31 controls the communication control unit 33 to notify the TV 1 that the authentication has not been approved.

Here, the description returns to the flowchart of FIG.

In step S12, the microcomputer 11 determines whether or not the notification of the authentication failure has been received within a predetermined time. , And the process ends.

If the moving image to be purchased is not selected in step S2, that is, if the display shown in FIG. 5 remains, in step S13, the microcomputer 11 determines whether or not the order processing has been completed. If there is no input, it is determined that the order processing has not been completed, and the processing returns to step S2. That is, in the state of waiting for input, the processing of steps S2 and S3 is repeated. If it is determined in step S13 that the order processing has been completed, that is, for example, “No” on the display screen of FIG.
Is selected, the process ends.

If it is determined in step S4 that the acquired personal authentication information is not registered information, in step S14, the authentication unit 12 determines that the number of authentication failures is equal to or greater than the set number of authentication failures (for example, three or more). It is determined whether or not it is less than the set number of times.
Returning to step 3, if the number is equal to or greater than the set number, the process proceeds to step S15.

At step S15, the microcomputer 11 controls the display section 16 to display that the personal authentication information is incorrect.

If the STB-ID cannot be obtained in step S8, the display unit 16 displays in step S16 that communication is not possible.

If it is determined in step S10 that the combination is not a communicable combination, the process proceeds to step S16.

In step S12, within a predetermined time,
For example, step S39 in the flowchart of FIG.
If you receive a notification that your account is not approved for processing,
In step S17, the display unit displays that the authentication has failed on the transfer route and the order cannot be placed.

By the above processing, the user can operate the TV 1 to order desired moving image data from the distribution server 4.

Further, distribution of biometric information (fingerprint, retinal pattern, voiceprint, etc.) as personal authentication information that cannot be reset once decrypted involves a risk. But,
In the above order processing, the biometric information is managed in the TV 1 and does not flow out onto the network, so that the personal authentication information can be used safely.

Next, a process in which the distribution server 4 distributes moving image data in accordance with order data will be described with reference to the flowchart in FIG.

In step S81, the microcomputer 71 determines whether or not the order data is recorded in the storage unit 76, repeats the processing until the order data is recorded, and determines that the order data is recorded. ,
The process proceeds to step S82.

In step S82, the microcomputer 71 generates distribution data corresponding to the order data, as shown in FIG. The structure of the distribution data is shown in FIG.
In the order data shown in FIG. 5, the distribution server address is deleted, and the corresponding "moving image B data" is substituted for the "moving image B" indicating the order contents. The description is omitted because it is the same as the data.

In step S83, the encryption unit 75
Is the personal ID of the distribution data as shown in FIG.
The terminal ID and the moving image B data are transmitted to the decoder 1 of the TV 1
In step 8, encryption is performed using an encryption method that can be decrypted.

In step S84, the communication control unit 72
Transmits the encrypted distribution data to the communication control unit 55 of the BS server 3.

Here, the distribution data transfer processing of the BS server 3 will be described with reference to the flowchart of FIG.

In step S91, the microcomputer 51 controls the communication control unit 55 to determine whether or not distribution data has been received from the distribution server 4, and repeats the processing until the distribution data is received. If the communication control unit 72 of the distribution server 4 transmits the distribution data and the communication control unit 55 determines that the distribution data has been received by the process of step S84 in the flowchart, the process proceeds to step S92.

At step S92, the authentication section 53
It checks whether the IC-ID of the received distribution data is registered in advance. That is, since the memory 53a stores charging information for charging a pay program of BS digital broadcasting as shown in FIG. 3, the authentication unit 53 stores the IC-ID registered in the charging information. To match.

In step S93, the authentication unit 53
It is determined whether the IC-ID of the received order data is registered or not, for example, the IC-ID of the received order data.
Is "00000001", the contractor name is "Yamada"
Is registered, it is determined that it is registered, and the process proceeds to step S94.

At step S94, communication control unit 54
Deletes the information of the BS server address from the received distribution data as shown in FIG.
-Transmit (transfer) to STB2.

Here, the transfer processing of the distribution data of the BS-STB 2 will be described with reference to the flowchart of FIG.

In step S111, the microcomputer 31 controls the communication control section 34 to determine whether or not distribution data has been received from the BS server 3, and repeats the processing until it is determined that the distribution data has been received. , FIG.
When it is determined that the distribution data has been transmitted from the BS server 3 and received by the communication control unit 34 by the processing in step S94 of the flowchart in FIG.
Proceed to 2.

In step S112, the microcomputer 31 stores the received distribution data in the data storage unit 3.
6 is stored. In step S113, the communication control unit 33 determines its own STB-ID stored in the memory 33a.
Is read and transmitted to TV1.

Here, the receiving process of the distribution data of the TV 1 will be described with reference to the flowchart of FIG.

At step S131, the microcomputer 11 controls the communication control unit 22 to
It is determined whether or not the STB-ID has been received, and the process is repeated until the STB-ID is received. For example, the BS-STB2
The STB-ID is transmitted from the communication control unit 33 of the communication control unit 2
If it is determined that the data has been received in step 2, the process proceeds to step S132.

At step S132, the communication control unit 2
2 reads out the TV-ID stored in the memory 22a and transmits it to the communication control unit 33 of the BS-STB2.

Now, let us return to the description of the flowchart in FIG.

At step S114, the communication control unit 3
3 judges whether the TV-ID has been received from the TV 1 or not. For example, the communication control unit 22 of the TV 1 transmits the TV-ID by the process of step S132 in the flowchart of FIG. If it has been received, the process proceeds to step S1.
Proceed to 15.

At step S115, the communication control unit 3
3 compares the TV-ID and the STB-ID with the data in the table stored in the memory 33a, and in step S116,
It is determined whether the combination is communicable. For example, if the TV-ID is "001" and the STB-ID is "102", it is determined that the communication is possible because it matches the top row of the table shown in FIG. , Step S
Go to 117.

At step S117, the communication control unit 3
3 reads out the distribution data stored in the data storage unit 36, deletes the IC-ID data from the received distribution data, and transmits the data to the communication control unit 22 of the TV 1 as shown in FIG. I do.

Now, let us return to the description of the flowchart in FIG.

In step S133, the communication control unit 2
No. 2 determines whether the combination of the TV-ID and the STB-ID is a communicable combination, and in step S134, as described above, for example, the TV-ID is “001” and the STB-ID is “102”. "
If so, it is determined that communication is possible because it matches the top row of the table shown in FIG. 10, and the process proceeds to step S135.

At step S135, the communication control unit 2
2 corresponds to step S11 in the flowchart of FIG.
The distribution data is received in accordance with the process of step 7.

In step S136, the decoding unit 18
Is, as shown in FIG. 25, the TV data from the received distribution data.
-ID and STB-ID are deleted and the personal ID, terminal ID, and moving image B data of the encrypted distribution data are
The decoding is performed as shown in FIG.

In the step S137, the authentication section 12
Determines whether the personal ID and the terminal ID of the decrypted distribution data are registered. For example, when the personal ID and the terminal ID are registered, in step S138, The microcomputer 11 is shown in FIG.
As shown in FIG. 6, the received distribution data is stored in the storage unit 14.

At step S134, the TV-ID and the STB-I
If it is determined that D is not a communicable combination, the process ends. That is, since communication with the BS-STB 2 is not established, no further processing is performed.

If it is determined in step S137 that the personal ID and the terminal ID are not those registered on the TV 1, in step S139, the communication control unit 22
A notification that the authentication is not accepted is sent to BS-STB2.

Now, let us return to the description of the flowchart in FIG.

In step S118, the communication control unit 3
No. 3 determines whether or not a notification that a recognized place has not been recognized within a predetermined time has been received, and if not received, it is considered that the distribution data has been distributed to the TV 1 and the process ends.

If the TV-ID cannot be obtained in step S114, in step S118 the communication control unit 34 informs the BS server 3 that the authentication has not been approved.
Send to

In step S118, within a predetermined time, for example, step S13 in the flowchart of FIG.
In the case where the communication control unit 22 of the TV 1 receives a notification that the authentication has not been accepted from the communication control unit 22 of the TV 1 by the process of step 9, the process proceeds to step S118.

Here, the description returns to the flowchart of FIG.

In step S95, communication control unit 54
Determines whether or not a notification that the authentication has not been received has been received within a predetermined time, and if no notification that the authentication has not been received has not been received, it is considered that the distribution data has been transmitted to the TV1, The process ends.

In step S95, within a predetermined time,
For example, when a notification indicating that the authentication has not been received is received from the BS-STB 2 in the process of step S118 in the flowchart of FIG. 22, in step S96, the communication control unit 55 determines that the authentication has not been approved by the distribution server. 4
Notify.

Here, the description returns to the flowchart of FIG.

In step S85, the microcomputer 71 determines whether or not the communication control section 72 has received a notification that the authentication is not permitted within a predetermined time. If no notification has been received, the microcomputer 71 proceeds to step S86. At
Assuming that the distribution data has been distributed to the TV 1, the order data stored in the storage unit 76 is deleted, and the process ends.

In step S85, within a predetermined time,
For example, when a notification that the authentication has not been received is received from the BS server 3 by the process of step S96 in the flowchart of FIG. 20, it is determined in step S87 whether the process has been repeated a predetermined number of times or more. Are repeated until the number of times reaches. In step S87, if a notification that the authentication has not been approved more than the predetermined number of times is received, in step S88,
The distribution destination of the microcomputer 71 has not been confirmed,
Assuming that the distribution data cannot be distributed, the authentication unit 73 is controlled to return the accounting information recorded in the memory 73a to the original state (return to a state where the moving image B has not been purchased), The order data recorded in the section 76 is deleted.

Next, with reference to the flowchart of FIG. 27, a description will be given of a process in which after the moving image data is distributed to the storage unit 14 of the TV 1 by the above processing, the TV 1 reproduces the distributed moving image data. .

In step S151, the display section 16 displays a screen for requesting personal authentication information, and acquires personal authentication information input by the user to the personal authentication information input device 15.

At step S152, authentication unit 12
Determines whether the personal authentication information input from the personal authentication information input device 15 is registered in the memory 12a. For example, if the input personal authentication information is "111101"
101110000 ", and if it is determined that the user is registered as the personal ID" 0023 ", the process proceeds to step S153.

In step S153, the display unit 16
Displays a list of accessible moving image data corresponding to the personal authentication information. At this time, for example, moving image data
If A and moving image data B are recorded in the recording unit 14, and if the individual IDs are “0012” and “0023”, the accessible data is the data corresponding to the personal authentication information. Only, so in this case, the moving image
Only B data will be displayed.

In step S154, the microcomputer 11 determines whether or not any of the reproducible moving images displayed on the display unit 16 has been selected, and repeats the processing until it is selected. As shown in (1), when the moving image B data is selected, the process proceeds to step S155.

In step S155, the microcomputer 11 controls the moving picture compression / decompression section 19 to decompress the selected moving picture B data and output the data to the selector 21 as a video signal. In step S156, the selector 21 outputs the video signal output from the moving image compression / expansion unit 19 to the display unit 16 based on the instruction to the microcomputer 11, and causes the display unit 16 to display the video signal.

If it is determined in step S152 that the acquired personal authentication information is not registered, in step S157, the authentication unit 12 determines whether the number of authentication failures is equal to or greater than the set number of failed authentications. If the number is less than the set number, the process returns to step S151. If the number of authentication failures is equal to or more than the predetermined number of times in step S157, in step S158,
The display unit 16 displays that the moving image cannot be reproduced because the authentication is not approved.

In the above, the distribution data is generated based on the order data of the individual,
Although an example has been described in which only a user (who matches the ID) can reproduce (access), for example, the distribution data does not need to correspond to the order data, and the distribution server 4 voluntarily distributes the data. For example, it may be something like an advertisement. In that case, if the terminal ID matches the distribution data, the device with the terminal ID (in this case,
All users who use the TV 1) may be made accessible. In this case, for example, if a value for anonymous is set in the personal ID so that a user with any personal ID can access it, FIG. As shown in the figure, the terminal ID = "1111
When the moving image C data belonging to “11” is stored in the storage unit 14, any user of the personal ID = “0012” or “0023” can access. Therefore, in the case as shown in FIG. 28, the user with the personal ID = “0012”
The user can access the data and the moving image data C, and the user with the personal ID = “0023” can access the moving image B data and the moving image C data.

When the distribution server 4 generates distribution data, as shown in FIG. 29, Level data indicating whether the distribution unit is an individual or a terminal may be provided. In this way, the distribution data received by the TV 1 has a configuration as shown in FIG. 30. When the distribution data is read, for example, if the Level data is G (Group), all the terminals having the same terminal ID are used. Distribution data that can be accessed by the user, and in the case of P (Personal), can be distribution data that can be accessed only by the user whose personal ID matches.

Further, the facilities on the service providing / managing side include:
For example, as shown in FIG. 31, the configuration may be such that the BS server 3 and the distribution server 4 of FIG. 1 are integrated. That is,
The BS digital broadcasting station and the moving image distribution company server 6 include a microcomputer 91, a communication control unit 92, an authentication unit 9
3, a memory 93a, a decryption unit 94, an encryption unit 95, and a storage unit 96. At this time, as shown in FIG. 32, the billing data includes viewing data previously managed by the BS server 3, that is, billing information of the pay broadcast of the BS digital broadcast. In this case, “Movie A”, “Movie X”, and “Movie B” are recorded from the upper row as viewing data of pay digital broadcast of BS digital broadcasting. In the case of the configuration of FIG. 31, order data,
In transmitting and receiving the distribution data, the BS digital broadcast station and the moving image distribution company server address may be substituted while leaving only the BS server address or the distribution server address.

In the above description, the TV 1 is connected to the BS-STB 2 and the distribution server 4 is connected to the BS server 3. However, the BS-STB 2 further includes, for example,
Connect game devices, etc. to the BS server 3,
Connect a game distribution server managed by a game distribution company,
The game may be distributed from the game distribution server to the game device or the like via the BS server 3, the telephone network 5, and the BS-STB 2 by the same method as described above.

In addition, a music distribution server of a music distribution company is connected to the BS server 3, and a music recording / reproducing device capable of recording and reproducing music data is connected to the BS-STB2. 3. Telephone network 5, and BS-STB
2, the music data may be distributed to the music recording / reproducing device.

Also, what is connected to the terminal (TV1) on the client side may not necessarily be the BS-STB2, but may be, for example, a mobile telephone or a fixed telephone. In this case, instead of the IC-ID, May be used.

Further, the telephone network 5 is, for example, a CATV
(Cable Television) cable, and in this case, a CATV-STB may be installed instead of the BS-STB2.

Further, the TV 1 and the BS-STB 2 on the client side
The server authenticates information based on the respective IDs (personal ID, terminal ID, and IC-ID).
If the TV1 or BS-STB2 is installed at a remote location, the possibility of both being simultaneously stolen is low, and even if either is stolen, so-called spoofing is prevented. It becomes possible.

Further, for example, if a set of equipment corresponding to the BS-STB 2 and the BS server 3 in FIG. 1 is configured, the client can connect the BS-STB 2 with an electronic device capable of transmitting and receiving various information. Accordingly, services can be provided from various distribution servers connected to the BS server 3.

According to the above description, even if one terminal is used by a plurality of persons, it is possible to obtain the information on a personal level and in a non-real time manner.
It is possible to receive services via the network. Also, since the encrypted information is transferred over the network in a state where it can be decrypted only by the terminal used by the user and the server to which the data is transmitted, a plurality of users can
When using one predetermined terminal, for each individual user,
It is possible to transmit and receive information to and from a specific information processing device without leaking information to another information processing device on the network.

The series of processes described above can be executed by hardware, but can also be executed by software. When a series of processing is executed by software, a program constituting the software may be executed by a computer built into dedicated hardware or by installing various programs to execute various functions. It is installed from a recording medium to a possible general-purpose personal computer or the like.

As shown in FIG. 1, this recording medium is provided to the user in a state of being incorporated in the television receiver or the moving image distribution company server 4 in advance, and stores the program in the storage unit 14, In addition to the computer 76, a magnetic disk 211, 311 (including a floppy (registered trademark) disk) on which the program is recorded and an optical disk 212, 312 (CD -ROM (Compact Dis
k-Read Only Memory), DVD (Digital Versatile Disk)
), Magneto-optical disks 213 and 313 (MD (Mini-D
isk)) or semiconductor memories 214 and 314
(Including Memory Stick).

In this specification, the step of describing a program recorded on a recording medium is not limited to processing performed in chronological order according to the described order, but is not necessarily performed in chronological order. , And processing executed in parallel or individually.

In this specification, the system is defined as:
It represents the entire device composed of a plurality of devices.

[0177]

According to the first information processing system, method, and program of the present invention, the first information processing apparatus allows the first information processing apparatus to identify information on the first information processing apparatus.
Is added to the information, the information to which the first identification information is added is encrypted by a method that can be decrypted by the fourth information processing apparatus, and the first identification information is added to encrypt the information. The information is transmitted to the second information processing device, and the second information processing device receives the encrypted information added with the first identification information transmitted from the first information processing device. Receiving the first identification information, adding the second identification information identifying itself to the encrypted information, adding the first identification information, encrypting the information, 2 is transmitted to the third information processing apparatus, and the third information processing apparatus adds the first identification information transmitted from the second information processing apparatus to the third information processing apparatus. And further receives the information to which the second identification information is added, and
The second information processing device is authenticated by the second identification information of the information to which the identification information is added and encrypted, and further the second identification information is added. And the encrypted information is transmitted to the fourth information processing device, and the fourth information processing device is transmitted from the third information processing device. Received the first identification information added and encrypted, and further added the second identification information, and received the first
, And encrypts the information, and among the information to which the second identification information is added, decrypts the encrypted information,
The decrypted information to which the first identification information is added is
The authentication is performed based on the identification information of the second identification information.

According to the second information processing system, method, and program of the present invention, the first information processing apparatus allows the first information processing apparatus to identify information on the fourth information processing apparatus.
Is added to the information, the information to which the first identification information is added is encrypted by a method which can be decrypted by the fourth information processing apparatus, and the first identification information is added and encrypted. Second information for identifying the third information processing apparatus is added to the existing information, the first identification information is added, and the information is encrypted.
The information to which the second identification information is added is transmitted to the second information processing device, and the second information processing device adds the first identification information transmitted from the first information processing device to the second information processing device. Receiving the information to which the second identification information is added, encrypting the received first identification information, encrypting the received information, and further adding the second identification information. From the information,
A first identification unit that separates the second identification information, authenticates the third information processing device based on the separated second identification information, and separates the second identification information in response to the authentication result; The information is added, and the encrypted information is transmitted to the third information processing device. The third information processing device adds the first identification information transmitted from the second information processing device. Receiving the encrypted information, adding the received first identification information,
The encrypted information is transmitted to the fourth information processing device, and the fourth information processing device adds the first identification information transmitted from the third information processing device and encrypts the encrypted information. The received information is added with the first identification information, the encrypted information is decrypted, and the decrypted information to which the first identification information is added is stored.

As a result, in any case, when a plurality of users use one predetermined information processing device, the information is not leaked to each of the other information processing devices on the network for each individual user. It is possible to transmit and receive with a specific information processing device.

[Brief description of the drawings]

FIG. 1 is a diagram showing a configuration of an embodiment of a broadcasting system to which the present invention is applied.

FIG. 2 is a diagram showing viewing data transmitted from the BS digital broadcasting STB of FIG. 1 to a BS digital broadcasting station server.

FIG. 3 is a diagram showing a table of viewing data managed by a BS digital broadcasting station server of FIG. 1;

FIG. 4 is a flowchart illustrating order data transmission processing of the television receiver in FIG. 1;

FIG. 5 is a diagram illustrating a display example of a display unit in FIG. 1;

FIG. 6 is a diagram showing a table of personal impression information recorded in a memory of an authentication unit of the television receiver of FIG. 1;

FIG. 7 is a diagram showing a configuration of order data.

FIG. 8 is a diagram showing a configuration of order data.

FIG. 9 is a flowchart illustrating a transfer process of order data of the STB for BS digital broadcasting in FIG. 1;

FIG. 10 is a diagram showing a table recorded in a memory of a communication control unit of the television receiver in FIG. 1;

FIG. 11 is a diagram showing a configuration of order data.

FIG. 12 is a diagram showing a configuration of distribution data.

FIG. 13 is a flowchart illustrating a transfer process of order data of the BS digital broadcasting station server in FIG. 1;

FIG. 14 is a flowchart illustrating a process of receiving order data of the moving image distribution company server of FIG. 1;

FIG. 15 is a diagram showing a configuration of distribution data.

FIG. 16 is a diagram showing a configuration of billing information stored in a storage unit of the moving image distribution company server of FIG. 1;

FIG. 17 is a flowchart illustrating a distribution process of distribution data of the moving image distribution company server of FIG. 1;

FIG. 18 is a diagram showing a configuration of distribution data.

FIG. 19 is a diagram showing a configuration of distribution data.

FIG. 20 is a flowchart illustrating a transfer process of distribution data of the BS digital broadcasting station server of FIG. 1;

FIG. 21 is a diagram showing a configuration of distribution data.

FIG. 22 is a flowchart illustrating a transfer process of distribution data of the STB for BS digital broadcasting in FIG. 1;

FIG. 23 is a flowchart illustrating a distribution data reception process of the television receiver in FIG. 1;

FIG. 24 is a diagram showing a configuration of distribution data.

FIG. 25 is a diagram showing a configuration of distribution data.

FIG. 26 is a diagram showing a configuration of distribution data.

FIG. 27 is a flowchart illustrating a moving image data selection / reproduction process of the television receiver in FIG. 1;

FIG. 28 is a flowchart illustrating permission to access data stored in a storage unit of the television receiver in FIG. 1;

FIG. 29 is a diagram showing a configuration of distribution data.

FIG. 30 is a diagram showing a configuration of distribution data.

FIG. 31 is a diagram illustrating a configuration of another broadcast system.

FIG. 32 is a diagram illustrating a configuration of billing information in the case of another broadcast system in FIG. 31;

[Explanation of symbols]

1 television receiver, 2 STB for BS digital broadcasting,
3 BS digital broadcasting station server, 4 moving picture distribution company server, 11 microcomputer, 12 authentication unit, 12
a memory, 14 storage unit, 15 personal authentication information input device, 16 display unit, 17 encryption unit, 18 decryption unit,
19 moving image compression / decompression unit, 22 communication control unit, 31 microcomputer, 32 BS digital tuner, 33
Communication control unit, 33a memory, 34 communication control unit, 3
5 storage unit, 36 data storage unit, 38 IC card, 5
1 microcomputer, 52 storage unit, 53 authentication unit, 53a memory, 54, 55 communication control unit, 71
Microcomputer, 72 communication control unit, 73 authentication unit, 73a memory, 74 decryption unit, 75 encryption unit, 76 storage unit

Claims (17)

[Claims] A first information processing device configured to encrypt and transmit / receive information;
A first information processing device not directly connected to each other, a fourth information processing device, and a fourth information processing device connected to the fourth information processing device and connected to the first information processing device. In an information processing system including a third information processing device connected to a second information processing device, the first information processing device includes a first information processing device for identifying the information on the first information processing device. First identification information adding means for adding identification information to the information; and the fourth information processing device decoding the information to which the first identification information is added by the first identification information adding means. Encrypting means for encrypting in a possible manner; and first transmitting means for transmitting the encrypted information to the second information processing device, to which the first identification information is added, The second information processing device may be configured to: It sent from the information processing apparatus, the first
A first receiving unit that receives the encrypted information with the identification information added thereto, and the first identification information that is received by the first receiving unit and added with the first identification information is encrypted. Second identification information adding means for adding second identification information identifying itself to the information, and the first identification information is added and encrypted, and the second identification information is further encrypted. And a second transmitting unit that transmits the information added with the third information processing device to the third information processing device, wherein the third information processing device transmits the second information transmitted from the second information processing device. 1
Identification information is added, encrypted, and further, the second reception means for receiving the information to which the second identification information is added, and the first reception means received by the second reception means The second information processing apparatus authenticates the second information processing apparatus with the second identification information added to the information to which the identification information is added, encrypted, and further added to the information to which the second identification information is added. A first authentication unit, the first identification information is added and encrypted corresponding to an authentication result of the first authentication unit, and
And a third transmitting unit that transmits the information to which the identification information is added to the fourth information processing device, wherein the fourth information processing device is transmitted from the third information processing device. , The first
A third receiving unit for receiving the information to which the identification information is added and encrypted and further to which the second identification information is added; and a first receiving unit for receiving the first identification information received by the third receiving unit. And decryption means for decrypting the encrypted information among the information to which the second identification information has been added, and the decryption means for decrypting the encrypted information. An information processing system comprising: a second authentication unit that authenticates information to which the first identification information is added based on the first identification information and the second identification information. . 2. The first identification information is a personal ID for identifying a user himself or the first ID used by the user.
The information processing system according to claim 1, further comprising a terminal ID for identifying the information processing apparatus. 3. The first information processing apparatus comprises: first unique identification information storage means for storing first unique identification information for identifying itself; and second second information for identifying the second information processing apparatus. A second unique identification information storage unit for storing unique identification information; and a first information processing device and a second information processing device based on a combination of the first unique identification information and the second unique identification information. Further comprising a communication determination unit for determining whether communication with the first communication unit is possible, wherein the first transmission unit adds the first identification information in accordance with a determination result of the communication determination unit, The information processing system according to claim 1, wherein the encrypted information is transmitted to the second information processing device. 4. A table in which a combination of the first unique identification information and the second unique identification information, which enables communication between the first information processing device and the second information processing device, is recorded. The communication determination unit is capable of performing communication depending on whether a combination of the first unique identification information and the second unique identification information is a combination recorded in the table. 4. The information processing system according to claim 3, wherein it is determined whether or not the information processing is performed. 5. On a network comprising first to fourth information processing devices, encrypts and transmits / receives information.
A first information processing device not directly connected to each other, a fourth information processing device, and a fourth information processing device connected to the fourth information processing device and connected to the first information processing device. In an information processing method for an information processing system including a third information processing apparatus connected to a second information processing apparatus, the information processing method for the first information processing apparatus includes: transmitting the information on the first information processing apparatus; A first identification information adding step of adding first identification information for identifying the information to the information, and the information to which the first identification information has been added in the processing of the first identification information adding step. An encrypting step of encrypting the information by a method that can be decrypted by the fourth information processing device; and transmitting the encrypted information to the second information processing device with the first identification information added. First transmission step The information processing method of the second information processing apparatus, wherein the first information processing apparatus transmitted from the first information processing apparatus,
A first receiving step of receiving the encrypted information with the identification information added thereto, and the first receiving step of receiving the information in the processing of the first receiving step.
A second identification information adding step of adding second identification information for identifying itself to the encrypted information, and the first identification information is added to the encrypted information. And transmitting the information to which the second identification information has been added to the third information processing apparatus.
The information processing method of the third information processing apparatus, wherein the first information processing method transmitted from the second information processing apparatus includes:
A second receiving step of receiving the information to which the identification information is added and encrypted and further adding the second identification information; and First
Identification information is added and encrypted, and further added to the information to which the second identification information is added,
A first authentication step of authenticating the second information processing device using the second identification information; and the first identification information being added in accordance with an authentication result in the processing of the first authentication step. And transmitting the information to which the second identification information has been added, to the fourth information processing device. The information of the fourth information processing device The processing method includes the steps of: transmitting the first information transmitted from the third information processing apparatus;
A third receiving step of receiving the information to which the identification information is added and encrypted and further adding the second identification information; and First
And a decryption step of decrypting the encrypted information among the information to which the second identification information has been added, and a decryption step of decrypting the encrypted information. And a second authentication step of authenticating the information to which the first identification information is added based on the first identification information and the second identification information. Processing method. 6. On a network including first to fourth information processing devices, encrypts and transmits and receives information.
A first information processing device not directly connected to each other, a fourth information processing device, and a fourth information processing device connected to the fourth information processing device and connected to the first information processing device. A program for controlling an information processing system including a third information processing apparatus connected to the second information processing apparatus, wherein the program of the first information processing apparatus stores the information on the first information processing apparatus. A first identification information addition control step of controlling the addition of the first identification information to the information for identification, and the first identification information control addition step in the first identification information control addition step.
An encryption control step of controlling encryption of the information to which the identification information of the above is added by a method which can be decrypted by the fourth information processing apparatus; and And a first transmission control step of controlling transmission of the information to the second information processing device, wherein the program of the second information processing device is transmitted from the first information processing device. The first
A first reception control step for controlling the reception of the encrypted information with the identification information added thereto, and the first identification information received in the processing of the first reception control step is added. A second identification information addition control step of controlling the addition of second identification information for identifying itself to the encrypted information, and the first identification information being added, and And a second transmission control step of controlling transmission of the information to which the second identification information is added to the third information processing device. The program of the third information processing device includes: The first information transmitted from the second information processing device;
A second reception control step of controlling reception of the information to which the identification information is added, encrypted, and further to which the second identification information is added; and receiving the information in the processing of the second reception control step. The first identification information is added and encrypted, and the second identification information is added to the information to which the second identification information is added. A first authentication control step of controlling authentication of the information processing apparatus, and the first identification information is added and encrypted in accordance with an authentication result in the processing of the first authentication control step,
And a third transmission control step of controlling transmission of the information to which the second identification information is added to the fourth information processing device. The program of the fourth information processing device includes: The first information transmitted from the third information processing device;
A third reception control step of controlling reception of the information to which the identification information is added, encrypted, and further to which the second identification information is added; A decryption control step of controlling decryption of the encrypted information among the information to which the first identification information is added and encrypted and the second identification information is added. The first decrypted by the decryption control step.
A computer readable information including the first identification information and a second authentication control step of controlling authentication based on the second identification information, of the information to which the identification information is added. Media on which various programs are recorded. 7. On a network including first to fourth information processing apparatuses, encrypts and transmits / receives information.
A first information processing device not directly connected to each other, a fourth information processing device, and a fourth information processing device connected to the fourth information processing device and connected to the first information processing device. A computer that controls an information processing system including a third information processing device connected to the second information processing device; a computer that controls the first information processing device; and the information on the first information processing device. A first identification information addition control step of controlling the addition of the first identification information to the information for identification, and the first identification information control addition step in the first identification information control addition step.
An encryption control step of controlling encryption of the information to which the identification information of the above is added by a method which can be decrypted by the fourth information processing apparatus; and And a first transmission control step of controlling the transmission of the information to the second information processing apparatus. The first information processing apparatus controls a computer that controls the second information processing apparatus. Said first sent
A first reception control step for controlling the reception of the encrypted information with the identification information added thereto, and the first identification information received in the processing of the first reception control step is added. A second identification information addition control step of controlling the addition of second identification information for identifying itself to the encrypted information, and the first identification information is added to the encrypted Controlling the transmission of the information to which the second identification information is added to the third information processing device, and controlling the third information processing device. The first information transmitted from the second information processing device to the computer;
A second reception control step of controlling reception of the information to which the identification information is added, encrypted, and further to which the second identification information is added; and receiving the information in the processing of the second reception control step. The first identification information is added and encrypted, and the second identification information is added to the information to which the second identification information is added. A first authentication control step of controlling authentication of the information processing apparatus, and the first identification information is added and encrypted in accordance with an authentication result in the processing of the first authentication control step,
And a third transmission control step of controlling transmission of the information to which the second identification information is added to the fourth information processing device, and a computer that controls the fourth information processing device. The first information transmitted from the third information processing apparatus;
A third reception control step of controlling reception of the information to which the identification information is added, encrypted, and further to which the second identification information is added; A decryption control step of controlling decryption of the encrypted information among the information to which the first identification information is added and encrypted and the second identification information is added. The first decrypted by the decryption control step.
And a second authentication control step of controlling authentication based on the first identification information and the second identification information of the information to which the identification information is added. 8. On a network comprising first to fourth information processing devices, encrypts and transmits / receives information.
A first information processing device not directly connected to each other, a fourth information processing device, and a fourth information processing device connected to the fourth information processing device and connected to the first information processing device. In an information processing system including a third information processing device connected to a second information processing device, the first information processing device includes a first information processing device for identifying the information on the fourth information processing device. First identification information adding means for adding identification information to the information; and the fourth information processing device decoding the information to which the first identification information is added by the first identification information adding means. Encrypting means for encrypting in a possible manner; and adding the first identification information, and adding second identification information for identifying the third information processing apparatus to the encrypted information. 2 identification information adding means, First transmission means for transmitting the information to which the identification information has been added and encrypted and further to which the second identification information has been added, to the second information processing apparatus, wherein the second information The processing device may be configured to transmit the first information transmitted from the first information processing device.
The first receiving the information with the identification information added thereto and encrypted and further receiving the information with the second identification information added thereto
From the information received by the first receiving means, the first identification information being added and encrypted, and further the second identification information being added, Separation means for separating the second identification information; first authentication means for authenticating the third information processing device based on the second identification information separated by the separation means; and first authentication. In response to the authentication result of the means, the second identification information is separated by the separation means, the first identification information is added thereto, and the encrypted information is transmitted to the third information processing apparatus. A second transmission unit for transmitting, wherein the third information processing apparatus transmits the first information transmitted from the second information processing apparatus.
A second receiving unit that receives the encrypted information with the identification information added thereto, and the first identification information that is received by the second receiving unit and added with the first identification information is encrypted. A third transmitting unit that transmits the information to the fourth information processing apparatus, wherein the fourth information processing apparatus transmits the first information transmitted from the third information processing apparatus.
A third receiving unit that receives the encrypted information with the identification information added thereto, and the first identification information that is received by the third receiving unit is added and encrypted. An information processing system comprising: a decoding unit that decodes the information; and a storage unit that stores the information to which the first identification information is added, which is decoded by the decoding unit. 9. The first identification information may be a personal ID for identifying a user himself or the fourth ID used by the user.
9. The information processing system according to claim 8, further comprising a terminal ID for identifying the information processing apparatus. 10. The third information processing apparatus comprises: first unique identification information storage means for storing first unique identification information for identifying itself; and second information for identifying the fourth information processing apparatus. A second unique identification information storage unit for storing unique identification information; and a third information processing device and a fourth information processing device based on a combination of the first unique identification information and the second unique identification information. Further comprising communication determination means for determining whether or not communication with is possible, wherein the third transmission means adds the first identification information in accordance with a determination result of the communication determination means, The information processing system according to claim 9, wherein the encrypted information is transmitted to the fourth information processing device. 11. A table in which a combination of the first unique identification information and the second unique identification information, which enables communication between the third information processing device and the fourth information processing device, is recorded. The communication determination unit is capable of performing communication depending on whether a combination of the first unique identification information and the second unique identification information is a combination recorded in the table. The information processing system according to claim 10, wherein it is determined whether or not the information processing is performed. 12. The first information processing apparatus according to claim 1, wherein
9. The information processing system according to claim 8, wherein only a user who possesses the identification information is permitted to access the information stored by the storage unit. 13. The first identification information includes a personal ID for identifying a user himself / herself or a terminal ID for identifying the fourth information processing device used by the user, wherein the fourth information processing device is 13. The information processing system according to claim 12, wherein only a user who owns the personal ID or the terminal ID is permitted to access the information stored by the storage unit. 14. The first identification information includes the personal ID,
Or, the terminal ID, further includes identification information priority information to prioritize any one, the fourth information processing device, based on the identification information priority information, the personal ID, or, of the terminal ID, Only for the user who owns one of the above IDs,
14. The information processing system according to claim 13, wherein access to the information stored by the storage unit is permitted. 15. A first information processing apparatus which is not directly connected to each other, and which is on a network including first to fourth information processing apparatuses and which transmits and receives information after being encrypted.
And a fourth information processing device, and a third information processing device connected to the fourth information processing device and connected to a second information processing device connected to the first information processing device. An information processing method for an information processing system comprising: an information processing method for the first information processing apparatus; a first identification information for identifying the information on the fourth information processing apparatus; A first identification information adding step of adding the first identification information to the first identification information in the processing of the first identification information adding step. An encrypting step of encrypting, and second identification information to which the first identification information is added and second identification information for identifying the third information processing apparatus is added to the encrypted information. An adding step; and the first identification Transmitting the information to which the second information has been added, the encrypted information, and the second identification information, to the second information processing apparatus. The information processing method for the device, wherein the first information processing device transmits the first information processing device,
The first receiving the information with the identification information added thereto and encrypted and further receiving the information with the second identification information added thereto
Receiving step; and receiving the first receiving step in the processing of the first receiving step.
Identification information is added and encrypted, and the second information is added to the second
And a first step of authenticating the third information processing apparatus based on the second identification information separated in the processing of the separation step.
And the second identification information is separated in the processing in the separation step in accordance with the authentication result in the processing in the first authentication step, and the first identification information is added. A second transmitting the encrypted information to the third information processing apparatus;
The information processing method of the third information processing apparatus, wherein the first information processing method transmitted from the second information processing apparatus includes:
A second receiving step of receiving the encrypted information with the identification information added thereto, and the first receiving step receiving the information in the processing of the second receiving step.
And transmitting the encrypted information to the fourth information processing device with the identification information added to the fourth information processing device. The information processing method of the fourth information processing device comprises: Transmitted from an information processing apparatus of
A third receiving step of receiving the encrypted information with the identification information added thereto, and the first receiving step receiving the information in the processing of the third receiving step.
A decryption step of decrypting the encrypted information to which the identification information is added, and a storage step of storing the information to which the first identification information has been decrypted in the processing of the decryption step. An information processing method comprising: 16. A first information processing apparatus which is not directly connected to each other and which is on a network including first to fourth information processing apparatuses and which encrypts and transmits and receives information.
And a fourth information processing device, and a third information processing device connected to the fourth information processing device and connected to a second information processing device connected to the first information processing device. A program for controlling an information processing system including a device, wherein the program of the first information processing device is the program of the first identification information for identifying the information on the fourth information processing device. A first identification information addition control step of controlling addition to the first identification information;
An encryption control step of controlling encryption of the information to which the identification information of the above is added by a method which can be decrypted by the fourth information processing apparatus; and A second identification information addition control step of controlling addition of second identification information for identifying the third information processing apparatus from the information that has been added, and the first identification information is added and encrypted. A first transmission control step of controlling transmission of the information to which the second identification information is added to the second information processing apparatus, wherein the program of the second information processing apparatus includes: The first information transmitted from the first information processing device;
A first reception control step of controlling reception of the information to which the identification information is added and encrypted and further to which the second identification information is added; and a process of the first reception control step. Separation control for controlling separation of the second identification information from the received information to which the first identification information has been added and encrypted and further to which the second identification information has been added. A first authentication control step of controlling authentication of the third information processing device based on the second identification information separated in the processing of the separation control step; and a first authentication control step. In response to the authentication result in the processing of the above, the second identification information is separated in the processing of the separation control step, the third identification information is added and the third identification information is encrypted. Transmission to the information processing device And a second transmission control step Gosuru, the third program of the information processing apparatus, the second sent from the information processing apparatus, the first
And a second reception control step of controlling reception of the encrypted information, wherein the first identification information received in the processing of the second reception control step is added. And a third transmission control step of controlling transmission of the encrypted information to the fourth information processing device, wherein the program of the fourth information processing device comprises: Sent from the first
And a third reception control step of controlling reception of the encrypted information, and the first identification information received in the processing of the third reception control step is added. A decryption control step of controlling decryption of the encrypted information; and the first decryption process performed in the decryption control step.
A storage control step of controlling the storage of the information to which the identification information is added. 17. A first information processing apparatus which is not directly connected to each other and which is on a network including first to fourth information processing apparatuses and which transmits and receives information after encrypting the information.
And a fourth information processing device, and a third information processing device connected to the fourth information processing device and connected to a second information processing device connected to the first information processing device. A computer for controlling an information processing system comprising a device; a computer for controlling the first information processing device; and the information of first identification information for identifying the information on the fourth information processing device. A first identification information addition control step of controlling addition to the first identification information;
An encryption control step of controlling encryption of the information to which the identification information of the above is added by a method which can be decrypted by the fourth information processing apparatus; and A second identification information addition control step of controlling addition of second identification information for identifying the third information processing apparatus from the information that has been added, and the first identification information is added and encrypted. And a first transmission control step of controlling transmission of the information to which the second identification information is added to the second information processing apparatus, and a computer that controls the second information processing apparatus. The first information transmitted from the first information processing device,
A first reception control step of controlling reception of the information to which the identification information is added and encrypted and further to which the second identification information is added; and a process of the first reception control step. Separation control for controlling separation of the second identification information from the received information to which the first identification information has been added and encrypted and further to which the second identification information has been added. A first authentication control step of controlling authentication of the third information processing device based on the second identification information separated in the processing of the separation control step; and a first authentication control step. In response to the authentication result in the processing of the above, the second identification information is separated in the processing of the separation control step, the third identification information is added and the third identification information is encrypted. Transmission to the information processing device Gosuru to execute a second transmission control step, the computer for controlling the third information processing apparatus, has been transmitted from the second information processing apparatus, the first
And a second reception control step of controlling reception of the encrypted information, wherein the first identification information received in the processing of the second reception control step is added. And a third transmission control step of controlling transmission of the encrypted information to the fourth information processing apparatus. The computer controlling the fourth information processing apparatus includes: The first information transmitted from the information processing device;
And a third reception control step of controlling reception of the encrypted information, and the first identification information received in the processing of the third reception control step is added. A decryption control step of controlling decryption of the encrypted information; and the first decryption process performed in the decryption control step.
A storage control step of controlling storage of information to which the identification information is added.