JP2003296484A - Server device, terminal device, storage device, and communication system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To mutually use license data between users while thoroughly protecting a copyright. <P>SOLUTION: A mediation server 200 for depositing the license data is disposed. When the license data are deposited, an encoding communication passage is established between a memory card 400 and a mediation server 200. The license data are read from the memory card 400, transmitted to the mediation server 200 via the encoding communication passage, and stored in database in the mediation server 200. In the deposition, redelivery conditions of the license data are set by a user and stored in the database of the mediation server 200. When redelivery of the license data, the redelivery conditions are referred, and only when satisfying the condition, the license data are delivered to the memory card 400. <P>COPYRIGHT: (C)2004,JPO

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a server device, a terminal device, a storage device and a communication system, and is particularly suitable for use in a content data distribution system.

[0002]

2. Description of the Related Art With the development and spread of network communication networks, various distribution servers for distributing contents such as music and video have been constructed. For example, the user can access the distribution server from his / her own mobile terminal device and download desired music content to his / her own mobile terminal device to play / listen to his / her favorite music on his / her own mobile terminal device. Like

By the way, in the distribution of such contents, the problem of copyright protection has been pointed out.
The content data is distributed as digital data.
Therefore, the downloaded content data can be easily copied from the mobile terminal device to another medium. Therefore, even if the copyright fee is collected by the charge at the time of distribution, if the copy is made indiscriminately between the users, the right of the copyright holder is unjustly infringed. Therefore, in such a distribution service, it is particularly important to apply a so-called copy protection mechanism that restricts copying between users.

One of such mechanisms is encryption of content data. That is, the content data is encrypted with a predetermined encryption key, and the encrypted content data is distributed to the mobile terminal device. On the portable terminal device side, the downloaded content data is demodulated and reproduced while being decrypted by the encryption key. Therefore, when reproducing the content data, it is necessary to separately obtain the license data including the encryption key in addition to the content data.

The license data is distributed from the distribution server at the time of distribution of the content data, or is acquired by separately accessing the distribution server, which distributes only the license data, from the portable terminal device. In addition to the above-mentioned encryption key, such license data includes data indicating the number of times of reproduction, the period of reproduction, or the prohibition of moving or copying the content. The mobile terminal device reproduces the content data while being limited to the license content.

A memory device for storing content data and license data is provided on the portable terminal device side. Such a memory device has a memory area for storing content data and a TR for storing license data.
M (Tamper-Resistant-Modul
e) and. Of these, the TRM is a circuit module whose confidentiality is physically protected, and is configured so that data exchange with devices other than the mobile terminal device is restricted. Therefore, even if the content data is copied / moved to another medium, the license data is not taken out from the TRM and copied, and therefore the content data is encrypted by the device to which the content data is copied. I can't solve it. As a result, it becomes substantially impossible to copy and reproduce the content data.

As described above, in the content distribution service, the copy / reproduction of the content data is suppressed by the encryption of the content data, the application of the license data, and the provision of the TRM function on the mobile terminal device side. Protects the copyright of content. By thus thoroughly protecting the copyright of the content, the content to be distributed can be added to the line-up with confidence, and as a result, the needs of users who receive the distribution service can be more widely met. Like

[0008]

As described above, in the conventional content distribution system, the use of the license data is limited to the mobile terminal device in order to ensure the copyright protection. The purchased content data can be reproduced only on the mobile terminal device.

However, there are cases where the same user owns a plurality of portable terminal devices or owns a content reproducing device such as a personal computer in addition to the portable terminal devices. In such a case, these other devices are also available. ,
Being able to play back the purchased content data fits the needs of the user. Further, when the content data is no longer needed, it may be desired to transfer the unnecessary content data to another user, and facilitating the transfer can be one of the improvements in the service of the distribution system. It is a thing.

Therefore, the present invention makes it possible to copy / move license data under limited conditions, thereby ensuring a copyright protection and at the same time providing a content distribution system that can meet the needs of users. It is something that will be realized.

[0011]

According to the present invention, an intermediary server is provided in addition to a content distribution server and, for example, unnecessary license data is deposited with the intermediary server. The intermediary server has means for forming an encrypted communication path with the terminal device, and exchanges license data with the terminal device via the encrypted communication path. When depositing the license data to the mediation server, the terminal device sets the redistribution condition of the license data in the mediation server. When receiving the license data redistribution request, the mediation server determines whether the redistribution request meets the set redistribution condition,
If they match, the license data is distributed to the terminal device, and if they do not match, the license data distribution to the terminal device is prohibited. As a result, only under limited conditions, such as when changing the terminal by the same user or transferring content data to another user,
The license data is re-distributed to another device, which relaxes the reproduction restriction of the content data.

The features of the invention according to each claim are as follows.

The invention of claim 1 relates to a server device, and a communication means for performing data communication with a terminal device via a communication network, and an encrypted communication for establishing an encrypted communication path between the terminal device. Path establishing means, license data storing means for storing license data transmitted from the terminal device via the established encrypted communication path, and redistribution conditions for the license data transmitted from the terminal device And a condition determining means for determining whether or not a license data delivery request from the terminal device meets the license data redelivery condition. The determining means determines that the redelivery condition is met. In this case, the license data is transmitted to the terminal device via the encrypted communication path.

According to a second aspect of the present invention, the server device according to the first aspect further comprises license analysis means for analyzing license data transmitted from the terminal device,
The license data is stored in the license data storage means when the license analysis means determines that the license data can be stored.

A third aspect of the present invention relates to a terminal device, wherein the communication means for performing data communication with the server device via the communication network and the encrypted communication for establishing an encrypted communication path with the server device. Path establishing means, license data transmitting means for transmitting license data to the server device via the established encrypted communication path, and redistribution condition for transmitting the redistribution condition of the transmitted license data to the server device. And a transmission means.

According to a fourth aspect of the present invention, the terminal device according to the third aspect further comprises license analysis means for analyzing license data to be transmitted to the server device, and when the license analysis means determines that transmission is possible. In addition, the license data is transmitted to the server device.

According to a fifth aspect of the present invention, in the terminal device according to the third or fourth aspect, when the license analyzing unit determines that the license data cannot be shared by a plurality of terminal devices, The feature is that the license data is deleted.

According to a sixth aspect of the present invention, in a storage device mounted on a terminal device that performs data communication with a server device via a communication network, a license storage unit for storing license data and a request from the terminal device are provided. And an encrypted communication path establishing means for establishing an encrypted communication path with the server device, and the license data is transmitted to the server device via the terminal device via the encrypted communication path established. And a license data transmission means.

According to a seventh aspect of the present invention, the storage device according to the sixth aspect further comprises license analysis means for analyzing license data to be transmitted to the server device, and when the license analysis means determines that transmission is possible. In addition, the license data is transmitted to the server device.

According to an eighth aspect of the present invention, in the storage device according to the sixth or seventh aspect, when the license analysis unit determines that the license data cannot be shared among a plurality of terminal devices and / or storage devices. The license data in the storage device is erased.

According to a ninth aspect of the present invention, in the storage device according to any one of the sixth to eighth aspects, the storage device has a memory area for storing content data and a circuit area whose confidentiality is physically protected. The license storing means, the encrypted communication path establishing means, the license data transmitting means, and the license analyzing means are arranged in the circuit area.

According to a tenth aspect of the present invention, in a communication system for performing data communication between a server device and a terminal device via a communication network, the server device performs data communication with the terminal device via the communication network. A communication unit that performs communication, an encrypted communication path establishing unit that establishes an encrypted communication path with the terminal device, and license data transmitted from the terminal device via the established encrypted communication path. The license data storage means, the redistribution condition storage means for storing the redistribution condition of the license data transmitted from the terminal device, and the license data distribution request from the terminal device conforms to the redistribution condition of the license data. And a condition determining means for determining whether or not the terminal device is connected between the server device and the communication device that performs data communication with the server device via the communication network. An encrypted communication path establishing means for establishing an encrypted communication path, a license data transmitting means for transmitting license data to the server device via the established encrypted communication path, and a redistribution condition for the transmitted license data. And a re-delivery condition transmitting means for transmitting the license data from the terminal device to the server via the encrypted communication path established by the encrypted communication path establishing means when depositing the license data. The license data and the redistribution condition are output from the terminal device to the server device while being transmitted to the device, and the license data and the redistribution condition are held in the server device. In, the distribution request of the license data meets the redistribution condition of the license data Determine, if appropriate, and transmits the license data from said server device via the encrypted communication path established by the encryption communication path establishing unit to the terminal device.

In the wording described in the above claims, the "encrypted communication path" means sharing a unique encryption key with a server device, a terminal device or a storage device for transmitting and receiving data,
It means a communication path for transmitting and receiving data encrypted by the encryption key. Further, "license data" can broadly include an encryption key for decrypting the encryption of the content data, as well as data indicating the number of times of reproduction of the content data, the reproduction period, or prohibition of moving or copying the content data. Is. Further, the “redistribution condition” can broadly include a redistribution period, the number of redistributions, and the like, in addition to the condition for limiting the terminal device of the redistribution destination.

The features of the present invention will be more apparent from the following description of the embodiments.

The constituent elements in the above claims are as follows:
In the embodiment, the controller 204 and the encryption circuit 203 shown in FIG. 3 or the controller 421 shown in FIG.
It is mainly realized by the encryption circuit 423.

However, the following embodiment is merely one embodiment of the present invention, and the meanings of the terms of the present invention and each constituent element are limited to those described in the following embodiment. Not something.

[0027]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of the present invention will be described below with reference to the drawings.

First, FIG. 1 shows the configuration of a content distribution system according to the embodiment.

The distribution system comprises a distribution server 100.
, License intermediary server 200, and mobile terminal device 30
0 and a communication network. Mobile terminal 3
A memory card 400 is installed at 00.

After the content data is encrypted with a predetermined encryption key Kc, it is transmitted from the distribution server 100 to the mobile terminal device 300 via the communication network and downloaded to the memory card 400. At the same time as the distribution, or by accessing the distribution server again after the distribution is completed, the license data of the content data is transmitted from the distribution server 100 to the mobile terminal device 300 and stored in the memory card 400.

In the license data, in addition to the encryption key Kc used when encrypting the content data, the content ID of the content, the number of times of reproduction of the content data, the reproduction period, or moving / copying of the content data. Includes data indicating prohibition, etc.
The license data is stored after the encrypted communication path is established between the distribution server 100 and the memory card 400.
It is transmitted from the distribution server 100 to the memory card 400.

Here, the encrypted communication path is the distribution server 1
00 and the memory card 400 share a unique encryption key, and a communication path for transmitting and receiving data encrypted with the encryption key. The details of the process of establishing the encrypted communication path will be described later.

After the content data and the license data are downloaded to the memory card 400, when a reproduction command for the content data is input to the mobile terminal device 300, the encryption key Kc is extracted from the license data in the memory card 400, This is set in the mobile terminal device 300. Then, the reading of the content data from the memory card 400 is started, and the encryption of the read content data is sequentially released with the encryption key Kc. Then, the decrypted content data is sequentially demodulated and reproduced by the reproduction circuit of the mobile terminal device 300. As a result, if the content data is music content, the reproduced audio signal is the reproduced audio signal.
It is output to the outside through the headphones on 00.

In the distribution system of FIG. 1, license data can be deposited in the mediation server 200.
When depositing license data from the mobile terminal device 300 to the mediation server 200, as in the case of the distribution server,
First, an encrypted communication path is established between the mobile terminal device 300 and the mediation server 200. Then, the license data is read from the memory card 400, and this is transferred via the mobile terminal device 300 and the communication network.
00 is transmitted. The transmitted license data is stored in the database in the mediation server 200.

At the time of such transmission, the user operates the key operation unit of the portable terminal device 300 to set the redistribution condition of the license data, and transmits it to the mediation server 200. Here, the re-delivery condition is a condition that restricts the portable terminal device of the re-delivery destination, and also defines a re-delivery period, the number of times of re-delivery, and the like. The limitation of the redelivery destination is set, for example, by designating the personal ID of the mobile terminal device. Data regarding such redelivery conditions,
After being transmitted to the mediation server 200, it is stored in the database of the mediation server 200 in association with the license data.

After the license data is deposited in the intermediary server 200, when a distribution request for the license data is transmitted from the mobile terminal device 300 to the intermediary server 200, the intermediary server 200 determines that the personal ID of the mobile terminal device 300 is present. , It is determined whether it matches the personal ID corresponding to the license data in the database. Then, when the two match, the encrypted communication path is established with the memory card 400 of the mobile terminal device 300, and then the license data is read from the database and transmitted to the memory card 400. To do. Then, the deposited license data is transferred to the mediation server 200.
Is re-delivered from the mobile terminal device 30 within the re-delivery condition range.
It is stored in the memory card 400 attached to 0.

According to this distribution system, for example,
When reproducing content data on a plurality of mobile terminal devices owned by the same user, the license data is temporarily deposited in the intermediary server 200, the content data is copied to the memory card of another device, and then the deposited license is deposited. By reacquiring the data from the mediation server 200, the content data can be reproduced by any mobile terminal device without receiving the dual distribution of the content data and the license data from the distribution server 100. Become.

When transferring unnecessary content data to another user, after copying the content data to the memory card 400 of the portable terminal device 300 owned by the other user, the license data of the content data is transferred. If the other terminal's mobile terminal device 300 is included in the redelivery destination condition and is deposited with the intermediary server 200,
When the other user obtains the license data from the mediation server 200, the content data can be reproduced by the mobile terminal device 300 of the other user.

As described above, according to the distribution system of FIG. 1, it is possible to easily change the usage or transfer of the content data under a certain condition, thereby protecting the copyright and
It becomes possible to simultaneously improve the convenience of the user in the distribution of contents.

Hereinafter, the distribution server 100, the license server 200, and the mobile terminal device 3 in the distribution system of FIG.
00 and memory card 400, and a flow of data transmission / reception control will be described with reference to FIGS. 2 to 10. It should be noted that the following shows a configuration example in the case of delivering music content data, but it goes without saying that the present invention is also applicable to the case of delivering text data or video data in addition to this.

FIG. 2 shows a configuration example of the distribution server 100.

The communication device 101 performs data communication with the portable terminal device 300 via the communication network. Authentication unit 10
2 is a memory card 400 via the reproduction terminal device 300.
The device certificate transmitted from is decrypted with the authentication key Kpa, and the suitability of the device certificate is determined.

Here, the device certificate means the intermediary server 20.
0, which is held in the mobile terminal device 300 and the memory card 400, includes a public key for certifying the security of the held device and for performing encryption that can be decrypted in the device, and the validity of the public key. Is data for certifying that the device certificate is valid, and can be authenticated by the authentication key Kpa. Therefore, if the device certificate is judged to be valid in the authentication process, it is permitted to confirm the device security and use the included public key. On the other hand, when it is determined that the device is unlawful, the device is not safe, or the device certificate is rewritten, and the use of the included public key is prohibited.

The encryption circuit 103 establishes an encrypted communication path with the memory card 400, encrypts data to be transmitted via the encrypted communication path, and decrypts the received data. (Also called decryption). The encryption key generated / held in this process and the process of establishing the encrypted communication path will be described later in detail.

The controller 104 controls each unit according to the control program stored in the built-in memory. The content database 105 stores the content data encrypted by the content encryption key Kc, classified by content.

The license database 106 stores the license data of each content including the content ID for each content. Content encryption key K
c is included as one of the license data. In addition to the content encryption key Kc, the license data includes
For example, it includes data indicating the number of reproduction times and reproduction period of the content data, or prohibition of movement / copy of the content data.

The customer database 107 stores the personal ID of the user who can distribute the content data and the license data, the billing data of the user and the content ID of the distributed content.

In this system, two types of personal IDs (personal ID 1 and personal ID 2) are set by the user as the user's personal ID. Of these, the personal ID 1 is registered in the distribution server 100 before the first distribution of the content data, and the personal ID 2 is registered before the first deposit of the license data.
It is registered in the mediation server 200.

FIG. 3 shows a configuration example of the mediation server 200.

The communication device 201 performs data communication with the portable terminal device 300 via the communication network. Authentication unit 20
2 is a memory card 400 via the reproduction terminal device 300.
The device certificate transmitted from is authenticated with the authentication key Kpa, and the validity of the transmitted device certificate is determined.

The encryption circuit 203 establishes an encrypted communication path with the memory card 400, encrypts data to be transmitted via the encrypted communication path, and decrypts the received encrypted data. . The encryption key generated / held in this process and the process of establishing the encrypted communication path will be described later in detail.

The controller 204 controls each unit according to the control program stored in the built-in memory. The license database 205 stores the license data of each content in association with the content ID. Similar to the distribution server, the license data includes, in addition to the content encryption key Kc, data indicating, for example, the number of times of reproduction of the content data, a reproduction period, or prohibition of moving or copying the content data.

The customer database 207 stores the personal ID of the user who can deposit the license data and the data regarding the redelivery condition of the deposited license data. The personal ID stored here is the personal ID 2 as described above.

The device certificate holding unit 207 holds the device certificate of the mediation server 200.

In the above configuration, the authentication unit 202, the encryption circuit 203, and the device certificate holding unit 207 are composed of TRM whose physical confidentiality is protected.

FIG. 4 shows a configuration example of the mobile terminal device 300.

The communication device 301 performs data communication with the distribution server 100 and the mediation server 200 via the communication network. The key operation unit 302 includes a numeric keypad, function keys, and the like, and is used for selecting distribution contents, inputting a personal ID, and the like. Decryption key storage unit 303
Stores the content encryption key Kc acquired from the memory card 400 by the encryption circuit 308. Decoding unit 30
4 decrypts the content data read from the memory card 400 using the content encryption key Kc stored in the decryption key storage unit 303. DA converter 305
Converts the decrypted content data into an analog audio signal and supplies it to the speaker.

The controller 306 controls each unit according to the control program stored in the built-in memory. The device certificate holding unit 307 holds the device certificate of the mobile terminal device 300.

The encryption circuit 308 establishes an encrypted communication path with the memory card 400, encrypts data to be transmitted via the encrypted communication path, and decrypts the received encrypted data. . In addition, the encryption circuit 203
It holds a private key paired with the public key included in its own device certificate, and decrypts the data encrypted with the public key included in its own device certificate. The encryption key generated / held in this process and the process of establishing the encrypted communication path will be described later in detail.

The memory card interface 309 controls data exchange with the memory card 400.

It should be noted that, in the above configuration, the decryption key storage unit 30
3, the decryption unit 304, the D / A conversion unit 305, the device certificate storage unit 307, the encryption circuit 308, and the memory card interface 309 are configured by a TRM whose physical confidentiality is protected. .

FIG. 5 shows a configuration example of the memory card 400.

The memory card 400 comprises a memory 410 for storing content data and a TRM 420 for storing and processing license data. Further, the TRM 420 has a controller 421.
A memory unit 422, an encryption circuit 423, and an authentication unit 42.
4 and.

The controller 306 controls each unit according to the control program stored in the built-in memory. The memory unit 422 stores the license data in association with the content ID and holds the device certificate of the memory card 400.

The encryption circuit 423 establishes and establishes an encrypted communication path with the distribution server 100, the mediation server 200, and the mobile terminal device 300, and encrypts data to be transmitted via the encrypted communication path. In addition, the received encrypted data is decrypted. Further, the encryption circuit 423 holds a private key paired with the public key included in its own device certificate, and decrypts the data encrypted by the public key included in its own device certificate. The encryption key generated / held in this process and the process of establishing the encrypted communication path will be described later in detail.

The authentication unit 424 performs authentication processing on the device certificate transmitted from the mediation server 200 and the portable terminal device 300 with the authentication key Kpa, and determines the validity of the transmitted device certificate.

FIG. 6 shows a processing flow among the distribution server 100, the mobile terminal device 300 and the memory card 400 at the time of distributing the content data and the license data.

First, the user operates the key operation unit 302 of the mobile terminal device 300 to obtain the content ID of the content to be distributed and the personal ID 1 of the distribution server 10.
0 (S101), and this is received by the distribution server 100 (S102), the received personal ID1
Is present in the customer list in the customer database 107 (S103). Where personal I
If it is determined that D1 does not exist in the customer list, S1
Proceeding to 19, the distribution server 100 to the mobile terminal device 300
The error notification is transmitted to the device, and the distribution operation ends (S12).
0).

When it is determined in S103 that the personal ID 1 is present in the customer list, the distribution server 10
The distribution permission notification is transmitted from 0 to the mobile terminal device 300 (S104, S105), and the license distribution process is executed among the distribution server 100, the mobile terminal device 300, and the memory card 400 (S106). Here, when the license distribution process is properly performed, the license data is transmitted from the distribution server 100 to the mobile terminal device 300,
This is stored in the memory unit 422 of the memory card 400. A specific processing flow of the license distribution processing (S106) will be described later in detail with reference to FIG.

If the distribution request from the portable terminal device 300 does not include the license data distribution request, S
The license distribution process 106 is not performed. In this case, when the distribution permission notification is received in S105, S10
Skip 6 and proceed to S107.

When the license distribution process is properly performed in S106, it is then determined whether or not the distribution request from the mobile terminal device 300 includes the distribution request for the content data (S107). Here, if it is determined that the content data distribution request is not included, the playback portable terminal 300 transmits a license acceptance notification to the distribution server 100 (S108, S109), and the customer database 107 of the distribution server 100 is sent. The distribution record of the license data is stored (S118). Then, the distribution process for the distribution request ends.

When it is determined in S107 that the distribution request includes the distribution request for the content data, the mobile terminal device 300 transmits a content request notification to the distribution server 100 (S110, S111). . In response to the request, the distribution server 100 causes the content I
The content data corresponding to D is read from the content database 105 and transmitted to the mobile terminal device 300 (S112, S113). In response to this, the mobile terminal device 300 specifies the storage address and outputs the content data to the memory card 400 (S114).
The memory card 400 stores the received content data in the designated address in the memory 410 and outputs the stored response to the mobile terminal device 300 (S115).

When the storage of the content data is completed, the portable terminal device 300 outputs a content acceptance notification to the distribution server 100 (S114, S1).
15). Then, the distribution record of the license data and the content data is stored in the customer database 107 of the distribution server 100 (S118), whereby the distribution process for the distribution request ends.

FIG. 7 shows the intermediary server 200 and the portable terminal device 30 at the time of depositing and redistributing the license data.
0 shows the flow of processing between 0 and the memory card 400.
0, the flow of processing between the mobile terminal device 300 and the memory card 400 is shown.

The user operates the key operation unit 302 of the portable terminal device 300 to set the personal ID 2 to the mediation server 2
00 (S201) and received by the mediation server 100 (S202), the received personal ID 2
Is present in the customer list in the customer database 206 (S203). Where personal I
If it is determined that D2 does not exist in the customer list, S2
Proceeding to 16, the mediation server 200 moves the mobile terminal device 300.
The error notification is transmitted to the process and the process ends (S21).
7).

When it is determined in S203 that the personal ID 2 exists in the customer list, the mediation server 20
A connection permission notification is transmitted from 0 to the mobile terminal device 300 (S204, S205).

The connection permission notification is sent to the portable terminal device 30.
0 is displayed on the monitor section. In response to this display, the user inputs a desired processing request, that is, either the deposit processing or the redistribution processing, to the mobile terminal device 300. Here, in the case of the redelivery processing, the content ID of the license data to be redelivered is simultaneously input.

When the processing request is input by the user, it is then determined whether the processing request is a deposit or a redelivery (S206). Here, if it is determined that the deposit processing is performed, the processing proceeds to S207 and the intermediary server 20.
0, the license deposit process is executed between the mobile terminal device 300 and the memory card 400. Here, when the license deposit processing is properly performed, the license data is transmitted from the memory card 400 to the mediation server 200, and stored in the license database 205 of the mediation server 200. A specific processing flow of the license deposit processing (S207) will be described later in detail with reference to FIG.

When the license deposit processing is properly performed in S207, the key operation unit 302 of the portable terminal device 300 then re-delivers the conditions (personal I of re-delivery destination).
D2, the number of re-delivery, the re-delivery period, etc. are input and transmitted to the mediation server 200 (S208, S20).
9). Then, the received redistribution condition data is stored in the customer database 206 of the mediation server 200 together with the content ID (S210). This completes the process for the deposit request.

On the other hand, if it is determined in the above S206 that the redelivery processing is being performed, the process proceeds to S211 and the contents I
The redistribution condition data of D is read from the customer database 107, and it is determined whether or not the license data of the content ID can be transmitted. This determination is based on whether the personal ID 2 of the user exists in the redelivery condition, and
It is performed by referring to whether the number of times of re-delivery and the re-delivery period are not exceeded.

If it is determined that the distribution conditions are met, the process proceeds to S212, and the license data redistribution process is executed among the mediation server 200, the mobile terminal device 300, and the memory card 400. When the redistribution process of the license data is properly performed, the license data is transmitted from the mediation server 200 to the mobile terminal device 300 and stored in the memory unit 422 of the memory card 400.

Such license redistribution processing (S212)
The specific process flow of is similar to the license data distribution process from the distribution server 100. This processing flow will be described later in detail with reference to FIG.

When the license redistribution process is properly performed in S212, a license acceptance notification is transmitted from the mobile terminal device 300 to the intermediation server 200 (S213, S214). Then, the redelivery record of the license data is stored in the customer database 206 (S215), and the process for the redelivery request is completed.

FIG. 8 shows a processing flow of the license data distribution processing (S106) and redistribution processing (S212).

When the distribution processing step is entered, first, an output request for a device certificate is transmitted from the mobile terminal device 300 to the memory card 400 (S301, S30).
2). In response to the request, the memory card 400 reads the device certificate from the memory unit 422 and sends it to the mobile terminal device 300 (S303). Further, the device certificate is transmitted from the mobile terminal device 300 to the distribution server 10.
0 or the intermediary server 200 (hereinafter, for convenience, description will be given for the processing with the distribution server 100) (S304, S305).

The device certificate received by the distribution server 100 is authenticated by the authentication unit 102 using the authentication key Kpa, and the validity of the device certificate is determined (S30).
6). Here, if the device certificate is invalid, the process proceeds to S319, and an error notification is transmitted from the distribution server 100 to the reproduction terminal device 300 (S319, S320).
On the other hand, if the device certificate is valid, the process proceeds to S307 and the encrypted communication path establishing process is performed.

In establishing such an encrypted communication path, first, the common key Ks is set in the encryption circuit 103 of the distribution server 100.
1 is issued, is encrypted with the public key included in the received device certificate, is then transmitted to the mobile terminal device 300, and is further transferred to the memory card 400 (S30).
7, S308). The transferred common key Ks1 is decrypted by the encryption circuit 423 of the memory card 400 by the private key paired with the public key included in the transmitted device certificate,
It is held here (S309). Thereafter, the encryption circuit 423 of the memory card 400 issues the common key Ks2, which is encrypted by the common key Ks1 (S31).
0). The encrypted common key Ks2 is stored in the mobile terminal device 30.
It is transmitted to the encryption circuit 103 of the distribution server 300 via 0 (S311, S312). The encryption circuit 103 decrypts the common key Ks2 using Ks1 issued by itself,
Hold this.

By the above processing, the encryption circuit 103 of the distribution server 100 and the encryption circuit 423 of the memory card 400 hold the common keys Ks1 and Ks2, respectively.
An encrypted communication path is established through the common keys Ks1 and Ks2.

Then, the distribution server 100 encrypts the license data to be distributed with the common key Ks2, and further with the common key Ks1, and then the portable terminal device 30.
0 (S313, S314). The license data is transferred from the mobile terminal device 300 to the memory card 40.
0 is transferred to the encryption circuit 423 and decrypted using the common key Ks1 (S315). Further, it is decrypted with the common key Ks2, and thereby the unencrypted license data is acquired (S316).

When the license data is decrypted, the portable terminal device 300 transfers the memory card 40 to the memory card 40.
A memory address is designated for 0 (S31).
7). In response to this, the memory card 400 stores the decrypted license data in the designated address of the memory unit 422 (S318). This completes the license data distribution process.

Note that, of the above-mentioned processing, the processing of S316 and subsequent steps has been described by taking the data exchange with the distribution server 100 as an example for convenience, but the same steps are followed for the data exchange with the mediation server 200. Is done. In such cases,
The authentication of the device certificate is performed by the authentication unit 202 of the mediation server 200.
The encryption circuit 2 is used to establish the encrypted communication path.
It will be held at 03.

FIG. 9 shows a process flow of the deposit process (S207) of the license data.

When the deposit process step is entered, first, the portable terminal device 300 transmits a device certificate output request to the intermediation server 200 (S401, S402).
In response to the request, the intermediary server 200 reads the device certificate from the device certificate holding unit 207 and sends it to the mobile terminal device 300 (S403). Further, the device certificate is stored in the memory card 4 from the mobile terminal device 300.
00 (S404, S405).

The device certificate received by the memory card 400 is authenticated by the authentication unit 424 using the authentication key Kpa, and the validity of the device certificate is determined (S40).
6). Here, if the device certificate is invalid, the process proceeds to S424, and an error notification is transmitted from the memory card 400 to the reproduction terminal device 300 (S424, S425).
On the other hand, if the device certificate is valid, the process proceeds to S407 and the encrypted communication path establishing process is performed.

The establishment of the encrypted communication path is performed in the same manner as the establishment of the encrypted communication path in the distribution server. First, the common key Ks2 is issued by the encryption circuit 423 of the memory card 400, and this is encrypted with the public key included in the received device certificate, and then the mobile terminal device 300.
To the mediation server 200 (S4
07, S408). The transmitted common key Ks2 is decrypted by the encryption circuit 203 of the mediation server 200 by the private key paired with the public key included in the transmitted device certificate,
It is held here (S409). Then, the common key Ks1 is issued by the encryption circuit 203 of the mediation server 200,
This is encrypted with the common key Ks2 (S41).
0). The encrypted common key Ks1 is stored in the mobile terminal device 30.
It is transmitted to the encryption circuit 423 of the memory card 400 via 0 (S411, S412). The encryption circuit 433 decrypts the common key Ks1 using Ks2 issued by itself, and holds it.

Through the above processing, the encryption circuit 203 of the mediation server 200 and the encryption circuit 423 of the memory card 400 hold the common keys Ks1 and Ks2, respectively, and
An encrypted communication path is established through the common keys Ks1 and Ks2.

Thereafter, the mobile terminal device 300 specifies the address of the license data to be deposited on the memory card 400 (S413). In response to the address designation, the memory card 400 retrieves the license data from the memory unit 422 and uses it for the controller 4
Send to 21. The controller 421 analyzes the license data, and first determines whether the license data defines prohibition of copying of content data (S415). Here, if the copy prohibition is specified, the deposit of the license data is prohibited and an error notification is given (S424, S425).

When it is determined in S415 that the copy prohibition is not defined in the license data, next movement prohibition (copying of the license data is possible, but the license data must be owned simultaneously by a plurality of memory cards. Is prohibited is determined (S41).
6). Here, if the movement prohibition is specified, the license data for the deposit subject stored in the memory unit 422 is erased (S417). On the other hand, if movement prohibition is not specified in the license data, the license data in the memory unit 422 is not erased and S4 remains unchanged.
Proceed to 18.

Then, the memory card 400 encrypts the license data to be deposited with the common key Ks2 and further with the common key Ks1, and then encrypts it.
00 (S418, S419). The license data is transferred from the mobile terminal device 300 to the mediation server 20.
0 is transmitted to the encryption circuit 203, and is first decrypted using the common key Ks1 (S420). Furthermore, the common key Ks2
Then, the license data that has not been encrypted is acquired (S421).

When the license data is decrypted, the decrypted license data is stored in the license database 205 (S422). Further, the deposit record of the license is stored in the customer database 206 (S423), whereby the deposit process ends.

FIG. 10 shows the flow of processing between the mobile terminal device 300 and the memory card 400 when reproducing content data.

When the key operation unit 302 is operated to input a reproduction instruction of a predetermined content, first, the device certificate is read from the device certificate holding unit 307 of the portable terminal device 300, and this is read by the memory card 400. Is output to (S5
01, S502). The device certificate received by the memory card 400 is authenticated by the authentication unit 424 using the authentication key Kpa, and the validity of the device certificate is determined (S503). Here, if the device certificate is invalid, the reproduction process ends. On the other hand, if the device certificate is valid, the process proceeds to S504, and an encrypted communication path establishing process is performed.

The establishment of such an encrypted communication path is performed in the same manner as above. First, the encryption circuit 423 of the memory card 400 issues the common key Ks3, which is encrypted with the public key included in the received device certificate and then transmitted to the mobile terminal device 300 (S504). The transmitted common key Ks3 is decrypted by the encryption circuit 308 of the mobile terminal device 300 using the private key paired with the public key included in the transmitted device certificate, and is stored here (S505). Thereafter, the common key Ks4 is issued by the encryption circuit 308 of the mobile terminal device 300, this is encrypted by the common key Ks3, and it is transmitted to the encryption circuit 423 of the memory card 400 (S506). The encryption circuit 433 decrypts the common key Ks4 using Ks3 issued by itself, and holds it.

By the above processing, the encryption circuit 308 of the mobile terminal device 300 and the encryption circuit 423 of the memory card 400 are executed.
Hold common keys Ks3 and Ks4, respectively, whereby an encrypted communication path is established via the common keys Ks3 and Ks4.

Thereafter, the portable terminal device 300 specifies the address of the license data relating to the content to be reproduced on the memory card 400 (S508). In response to the address designation, the memory card 400 extracts the license data from the memory unit 422 and sends it to the controller 421 (S509). The controller 421 analyzes the license data and determines whether or not the reproduction restriction is defined in the license data (S510).

If there is no reproduction restriction, the content encryption key Kc in the license data is encrypted with the common key Ks4, and this is transmitted to the portable terminal device 300 (S5).
12). The mobile terminal device 300 decrypts this with the secret key K4 and acquires the unencrypted content encryption key Kc (S513). The content encryption key Kc is stored in the decryption key storage unit 303. Then, the content data is read from the memory 410 of the memory card 400 and supplied to the decoding unit 304. Then, after being decrypted by the content encryption key Kc stored in the decryption key storage unit 303, it is converted into an analog audio signal by the DA conversion unit 305 and output from the speaker.

On the other hand, if it is determined in S510 that the license data has a limit on the number of reproductions,
After the number of reproductions (permissible number of reproductions) in the license data is reduced by 1 (S511), the content encryption key Kc in the license data is encrypted with the common key Ks4,
This is transmitted to the mobile terminal device 300 (S512).
Hereinafter, in the same manner as above, the content encryption key Kc is decrypted and the content data is reproduced (S51).
3).

In S510, if it is determined that the content cannot be reproduced, for example, if the reproduction allowable count is zero or the reproduction permission period has expired, the reproduction process is terminated. .

As described above, according to the distribution system of the present embodiment, since the license data can be deposited with the intermediary server 200, it is possible to easily change the mobile terminal device for reproducing the content data and transfer the content data. Therefore, the convenience of the user can be improved. Further, such deposit is prohibited when the copy prohibition is specified in the license data, and is executed after deleting the license data from the memory card 400 when the copy prohibition is specified. Since the content is in accordance with the license content, the copyright of the content is not unreasonably harmed, and the redistribution destination of the license data is also limited by the user, so that the license data can be shared without restriction. Nothing.

As described above, according to the distribution system,
It is possible to simplify the redistribution of content data and license data and prevent the improper copying of the data at the same time. Therefore, from the both sides of user convenience and protection of the copyright holder, It is possible to improve the quality of the distribution system at the same time.

Needless to say, the present invention is not limited to the above-mentioned embodiment, and various modifications can be made.

For example, in the above-described embodiment, the suitability of depositing the license data is determined in the memory card 400 (S415 to S417 in FIG. 9), but the determination is made on the intermediary server 200 side. Alternatively, the determination may be performed by both the memory card 400 and the mediation server 200. The determination is
FIG. 11 shows a processing flow when both the memory card 400 and the mediation server 200 perform the processing. In this flow, compared to the process flow of FIG. 9, S430 and S4 are newly added.
31 has been added. That is, if the license data is analyzed in S430 and it is determined that copying is prohibited as a result, an error notification is issued in S431 and S425, and the deposit of copying is prohibited.

In the above embodiment, the configuration example in which the memory card 400 is attached to the mobile terminal device 300 has been shown. However, even if the configuration corresponding to the memory card 400 is built in the mobile terminal device 300. Of course, such a configuration may be realized by a storage unit different from the memory card, such as a disk drive device.

Further, in the above embodiment, only the portable terminal device 300 was described as an example of the terminal device connected to the communication network, but other than this, a stationary personal computer or the like is not portable. The terminal device may be connected to a communication network, and in such a case, the present invention is naturally applied to the terminal device.

Further, in the above embodiment, the mediation server and the distribution server are shown separately, but they may be integrated, and the mediation server 200 should also have a content data distribution function. You can

The embodiments of the present invention can be appropriately modified in various ways within the scope of the technical idea of the present invention.

[0117]

As described above, according to the present invention, by providing the server device for depositing the license data,
The license data can be easily distributed, and the convenience of the distribution system can be improved.

Further, since the deposit is made through the encrypted communication path established between the terminal device and the server device,
If the confidentiality of the license data is secured, and if the license data prohibits copying, the deposit will be prohibited. If the transfer prohibition is prohibited, the license data will be erased before the deposit. Since the deposit processing is limitedly performed according to the analysis result obtained by analyzing the license data, the right of the copyright holder of the content is not unduly harmed.

As described above, according to the present invention, it is possible to simplify the redistribution of the content data and the license data and prevent the improper copying of the data at the same time. From the aspects of both convenience and protection of the copyright holder, it can simultaneously contribute to the quality improvement of the content distribution system.

[Brief description of drawings]

FIG. 1 is a diagram showing a configuration of a distribution system according to an embodiment.

FIG. 2 is a diagram showing a configuration of a distribution server according to the embodiment.

FIG. 3 is a diagram showing a configuration of a mediation server according to the embodiment.

FIG. 4 is a diagram showing a configuration of a mobile terminal device according to an embodiment.

FIG. 5 is a diagram showing a configuration of a memory card according to an embodiment.

FIG. 6 is a diagram showing a flow of content distribution processing according to the embodiment.

FIG. 7 is a diagram showing a flow of content mediation processing according to the embodiment.

FIG. 8 is a diagram showing a license data distribution process according to the embodiment.

FIG. 9 is a diagram showing a deposit process of license data according to the embodiment.

FIG. 10 is a diagram showing a flow of content reproduction processing according to the embodiment.

FIG. 11 is a diagram showing deposit processing of license data according to another embodiment.

[Explanation of symbols]

100 distribution server 103 cryptographic circuit 104 controller 200 Mediation server 203 Cryptographic circuit 204 controller 205 license database 206 Customer Database 300 mobile terminal device 400 memory card 422 memory section 423 cryptographic circuit

Claims (10)

[Claims] 1. A communication means for performing data communication with a terminal device via a communication network, an encrypted communication path establishing means for establishing an encrypted communication path with the terminal device, and the established encrypted communication path. License data storage means for storing license data transmitted from the terminal device via the terminal, redistribution condition storage means for storing redistribution conditions of the license data transmitted from the terminal device, and license from the terminal device And a condition determining unit that determines whether or not the data distribution request meets the redistribution condition of the license data, and when the determination unit determines that the redistribution condition is satisfied, the license data is encrypted. A server device, which transmits to the terminal device via a communication path. 2. The license data according to claim 1, further comprising license analysis means for analyzing the license data transmitted from the terminal device, and when the license analysis means determines that the license data can be stored, the license data is converted into the license data. A server device characterized by storing in a storage means. 3. A communication means for performing data communication with a server device via a communication network, an encrypted communication path establishing means for establishing an encrypted communication path with the server device, and the established encrypted communication path. A terminal device, comprising: a license data transmitting unit for transmitting license data to the server device via a redistribution condition transmitting unit for transmitting the redistribution condition of the transmitted license data to the server device. . 4. The license analysis device according to claim 3, further comprising license analysis means for analyzing license data to be transmitted to the server device, wherein the license data is transmitted to the server device when the license analysis device determines that the license data can be transmitted. A terminal device characterized by transmitting. 5. The method according to claim 3 or 4, wherein the license analysis unit determines that the license data cannot be shared by a plurality of terminal devices.
A terminal device, wherein the license data in the terminal device is erased. 6. A storage device mounted on a terminal device for performing data communication with a server device via a communication network, comprising: a license storage means for storing license data; and a server device in response to a request from the terminal device. Encrypted communication path establishing means for establishing an encrypted communication path between them, and license data transmitting means for transmitting license data to the server device via the terminal device, which has been established. A storage device having: 7. The server according to claim 6, further comprising license analysis means for analyzing license data to be transmitted to the server device, wherein the license data is transmitted to the server device when the license analysis means determines that transmission is possible. A storage device characterized by transmitting. 8. The license data in the storage device according to claim 6 or 7, when the license analysis unit determines that the license data cannot be shared among a plurality of terminal devices and / or storage devices. A storage device characterized by: 9. The storage device according to claim 6, further comprising: a memory area for storing content data; and a circuit area whose confidentiality is physically protected. The storage device, wherein the communication channel establishing means, the license data transmitting means, and the license analyzing means are arranged in the circuit area. 10. A communication system for performing data communication between a server device and a terminal device via a communication network, wherein the server device includes communication means for performing data communication with the terminal device via the communication network, Encrypted communication path establishing means for establishing an encrypted communication path with the terminal device; license data storage means for storing license data transmitted from the terminal device via the established encrypted communication path. , A redistribution condition storage means for storing the redistribution condition of the license data transmitted from the terminal device, and a condition for determining whether the license data distribution request from the terminal device meets the redistribution condition of the license data A communication means for performing data communication with the server device via a communication network; and an encrypted communication path between the server device and the server device. An encrypted communication channel establishing means for establishing a license data, a license data transmitting means for transmitting license data to the server device via the encrypted communication channel established, and a redistribution condition of the transmitted license data for the server device. Re-delivery condition transmitting means for transmitting the license data to the server device from the terminal device via the encrypted communication path established by the encrypted communication path establishing means when depositing the license data. At the same time, the redistribution condition of the license data is output from the terminal device to the server device, and the license data and the redistribution condition are held in the server device. Determine whether the distribution request for If it matches, the license data is transmitted from the server device to the terminal device via the encrypted communication path established by the encrypted communication path establishing means.