JP4684123B2 - License generating device, license recording device, and content using device - Google Patents

Description

  The present invention relates to a license generation device, a license recording device, and a content use device, and more specifically, a license generation device that generates a license including “information necessary for use of content and use conditions”, and records the license The present invention relates to a license recording apparatus that performs the above and a content use apparatus that uses content protected by using a license.

  In recent years, under the rapid development of networks such as the Internet, various contents (hereinafter represented by contents) such as music, images, videos, software (application programs), etc. are transmitted via networks and digital broadcasting networks. It has come to circulate. Among such contents, there is one in which the content itself cannot be used by performing an encryption process or the like in order to avoid unauthorized use of the content. Hereinafter, such content is expressed as “protected content”.

  When using protected content, users with legitimate rights hold the license, decrypt the content based on the information contained in the license, and use the content according to the usage conditions contained in the license It becomes.

With regard to content usage control, for example, Patent Literature 1 discloses a technique that can reliably provide a license and content. FIG. 10 is a block diagram of a license and content providing system described in Patent Document 1.
In Patent Document 1, when a license purchase request for viewing digital content is received from a client terminal 300 via a network, the license purchase request is received at the reception counter terminal (store front counter terminal 210) of the storefront server 200. The settlement process is performed at the first stage at the reception window terminal.

  Then, after confirming that the payment is surely completed at the reception window terminal, the license and content are stored at the management terminal (store front gateway 220) of the storefront server 200 installed behind the reception window terminal when viewed from the client terminal 300 side. Processes necessary for the delivery of. Further, when distributing the license and the content, the content is distributed to the client terminal 300, and a license to which license / content association data indicating the relationship with the distributed content is generated is generated and distributed to the client terminal 300.

  Patent Document 2 is a prior art that was invented by the inventors of the present application and filed by the same applicant as the present application. Patent Document 2 discloses a prepaid card, a prepaid card processing device, and a content reproduction device that can feed back information relating to provided information to the information provider while maintaining the privacy of the user and prevent unauthorized use of the provided information. Has been.

FIG. 11 is a diagram illustrating a configuration example of the content reproduction apparatus described in Patent Document 2. In addition to recording monetary information, the prepaid card 102 outputs decryption information for decrypting encrypted content in exchange for billing. The content reproduction apparatus 101 obtains the decrypted information for decryption by providing the prepaid card 102 with the billing information of the provided information and the encrypted decryption information, and decrypts the encrypted provision information. Further, the usage history is recorded in the prepaid card 102, and this usage history is collected in the next payment process in the prepaid card processing apparatus.
JP 2005-50225 A JP 2004-246485 A

In the method and system of Patent Document 1, it is necessary to obtain a license via a network. Moreover, in the apparatus of Patent Document 2, it is necessary to prepare a prepaid card having an arithmetic function.
Therefore, for example, when audio data such as music is protected by encryption and a large number of such protected audio data is distributed, the means of the above-mentioned patent document are not used every time a license is acquired, Therefore, an arbitrary number of audio data could not be used.

  More specifically, for example, audio data of 1000 songs was encrypted and distributed, and a license for freely using 10 of them could not be created. This is because when audio data of 1000 songs is encrypted with different encryption keys and used with different licenses, licenses for a plurality of arbitrarily selected audio data cannot be acquired.

  Also, if the audio data of 1000 songs is encrypted with the same encryption key and used with the same license, the available audio data cannot be limited to 10 songs, for example, and all audio data can be used simultaneously. turn into.

  Alternatively, it may be possible to encrypt audio data of 1000 songs with the same encryption key in units of 10 songs so that the audio data can be used with 100 licenses, but the 10 songs selected by the user are the same. It is unlikely to match the 10 songs available in the license and is not practical at all.

  The present invention has been made in view of the above-described circumstances, and a plurality of contents are protected and distributed by encryption or the like, and issuance of a license that allows some of the contents to be freely used. Provided is a license generation device that can be executed without the need to connect to a server or the like via a network, a license recording device that records a license, and a content use device that uses content protected using a license For the purpose.

In order to solve the above-described problem, the first technical means is a license generation device that generates a license for releasing the protection of the protected content and making the content usable, and uses the protected content. protecting a first license necessary, have a license generation unit which generates a second license for allowing use of the content protected by unprotect first license protected, the One license has first information for releasing protection of the protected content and a first use condition that defines the use condition of the content, and the second license has the first protected condition. a second information for canceling the license protection is obtained by characterized by chromatic and second information defining the use conditions of the second license.

A second technical means is the first technical means, the license generating unit, from the first license that has been protected, using the second information contained in the second license, the protection is released The first license is generated.

A third technical means is a license generating device that generates a license for releasing the protection of the protected content and making the content usable, and the first license necessary for using the protected content is When further protected , remove the protection of the protected first license, obtain a second license to make the protected content available, and remove the protected first license. have a product license generating unit, the first license includes a first information for canceling the protection of the protected content, and the first usage rule defining a usage rule of the content, the second license, and characterized in that the chromatic and second information to unprotect first license protected, and a second information defining the use conditions of the second license Those were.

  A fourth technical means includes a recording means for recording either or both of the first license and the second license on a recording medium in any one of the first to third technical means. It is a thing.

A fifth technical means is a license recording apparatus for recording a license for releasing the protection of the protected content and making the content usable, and the first license required for using the protected content is When further protected, the license input unit for inputting the second license for releasing the protection of the protected first license and enabling the use of the protected content from the outside, and input from the license input unit a second license that have a recording means for recording on a recording medium, the first license, a first information for canceling the protection of the protected content, the first that defines the usage rules of the content The second license includes the second information for releasing protection of the protected first license, and the second license usage condition. It is obtained by characterized by chromatic and second information defining the.

A sixth technical means is a content use device that releases the protection of the protected content so that the content can be used, and the first license necessary for using the protected content is further protected A license input unit for inputting a second license for releasing the protection of the protected first license and making the protected content available, and a second license input from the license input unit. recording means for recording on a recording medium, it obtains the second license from the recording device, and the license generation unit protected using the second license and generates the first license has been released, to enter content available reproduced by using the content input unit, a first license for protected content that is input from the contents input section is released That have a content usage unit, the first license includes a first information for canceling the protection of the protected content, and the first usage rule defining a usage rule of the content, the second license, the second information to unprotect first license protected, which was characterized to have a the second information defining the use conditions of the second license is there.

According to the present invention, a plurality of contents are protected and distributed by encryption or the like, and a license issuance that can freely use some of the contents is connected to a server or the like via a network. Can be done without the need for
According to the present invention, for example, audio data of 1000 songs can be encrypted and distributed free of charge, and a license to freely use 10 of them can be issued without connecting to a server or the like via a network. Furthermore, when the first license and the second license are stored in the same format in the recording medium, it is not necessary to provide a prepaid card access unit, so that the configuration can be simplified without increasing the cost. it can.

  FIG. 1 is a block diagram showing a basic configuration in an embodiment of a content utilization apparatus according to the present invention. In the content use apparatus of the present embodiment, a removable recording medium 11 that records encrypted content and a license necessary for using the content is used. The removable recording medium 11 can be detachably disposed on the content utilization apparatus 1 independently of the content utilization apparatus 1 or can be configured such that the removable recording medium 11 is built in the content utilization apparatus 1.

It is preferable to use a recording medium having a normal area and a secure area as a recording medium for recording the encrypted content as described above and a license for using the encrypted content.
The secure area is an area that is provided in a TRM (Taper Resistant Module) area of the recording medium, requires a special procedure for reading and writing, and cannot be freely referred to or changed by a user or an application.

  The normal area is an area where a user or a normal application can freely refer to or change the area. If the user can freely refer to or change the license information, it leads to unauthorized use of the content. Therefore, it is preferable to record the license information in a secure area where the user or application cannot refer to or change the license information.

  The license information is assumed to be recorded in the secure area of the recording medium, unless otherwise specified. As a hard disk having a secure area, there is iVDR (information Versatile Disk for Removable usage). iVDR is a removable recording medium that can record encrypted content in a normal area and a license in a secure area. In the present embodiment, a removable hard disk is used as the removable recording medium 11.

  In this embodiment, audio data is handled as content. Then, for example, a process of encrypting and distributing audio data of 1000 songs and creating a license for freely using 10 songs among them will be described as an example.

  In the configuration of FIG. 1, the content use apparatus 1 includes an input / output interface IF (interface) 2 for detachably connecting a removable recording medium 11, an input unit 3 for inputting content and a license, and an operation input unit 9. The user IF 4 for inputting the operation signal, the control unit 5 including a CPU and a memory for controlling the content use apparatus 1, the encryption unit 6 for encrypting / decrypting the content, and reproducing the content for using the content It has a content use unit 7 and a buffer 8 that temporarily holds the content.

The operation input unit 9 and the output device 10 are arranged integrally with the content use device 1 or connected to the content use device 1 externally.
In FIG. 1, dotted arrows indicate the flow of control signals, and solid arrows indicate the flow of data signals.

  Each part of FIG. 1 will be described in more detail. The input / output IF 2 is an interface for connecting the content using apparatus 1 and the removable recording medium 11. The input / output IF 2 corresponds to a recording unit of the present invention, and holds an attachment / detachment mechanism for the removable recording medium 11 and an interface for reading / writing data. In this embodiment, for example, an ATA (AT Attachment) interface is used as an interface for reading / writing data with the removable recording medium 11 in the input / output IF 2, but an interface such as USB (Universal Serial Bus) or IEEE1394 is used. May be.

  The input unit 3 is configured as a means for inputting content and a license. In the present embodiment, the input unit 3 is connected to a network, and content and a license are input via the network. The input unit 3 corresponds to the license input unit and the content input unit of the present invention.

  The operation input unit 9 is typically configured by an operation remote controller, a button provided in the content use apparatus 1, and the like, and receives a user operation related to the operation of the apparatus. The output device 10 is a device for outputting the reproduced content, and for example, a liquid crystal display or a speaker can be applied. Here, the output device 10 can display content and an OSD (On Screen Display) created by the user IF 4 and has a function of reproducing audio data.

  Further, the user IF 4 selects an operation in the content use apparatus 1 such as selection of content to be used by the user and selection of a second license in accordance with a user operation on the operation input unit 9. The control unit 5 controls each component of the device based on an input from the user IF 4. The control unit 5 includes a license analysis unit 5b that analyzes the read license and acquires a content key, and a license generation unit 5a that generates a license. The license analysis unit 5b and the license generation unit 5a are preferably configured so that they cannot be accessed from normal applications.

  The encryption unit 6 encrypts / decrypts content. In addition, the content use unit 7 reproduces the content by performing decoding processing of the content decrypted by the encryption unit 6 and outputs the content to the output device 10. The buffer 8 is a buffer for temporarily storing contents.

  The data read / write function to / from the removable recording medium 11, the function of the input unit 3, the function of the content use unit 7 for decoding the content, and the like are the same as those of the audio player with a built-in hard disk. Details of the license input process and the process in the encryption unit 6 will be described later.

FIG. 2 is a diagram for explaining a configuration example of a first license applied to the present invention. The first license 21 includes information of a license ID 21a, a license type 21b, a content key 21c, a copy restriction 21d, a move restriction 21e, a reproduction restriction 21f, and an expiration date 21g.
The license ID 21a is information for taking correspondence with the content. In the present embodiment, when the license ID 21a matches the content ID (not shown), the content having the content ID can be used with the first license 21 having the license ID 21a. In the example of FIG. 2, the license ID 21a is “LID1”.

  The license type 21b represents the type of content that can be used with the corresponding license, and represents "audio" in the example of FIG. In addition, license types such as “video” and “text” can be represented. Further, as described later, “license” can be designated as the license type.

  The content key 21c is information necessary for releasing the protection of the content, and is an encryption key in the present embodiment. In the example of FIG. 2, the content is protected by being encrypted with the content key “Kc1”. The content key “Kc1” is data representing a 128-bit number, for example. Further, although AES (Advanced Encryption Standard) is used as an encryption method, other encryption methods can be used.

  The copy restriction 21d represents information on whether copying (duplication) is possible, and if possible, how many times it is possible to copy. The example in FIG. 2 is “impossible” and represents that copying cannot be performed. Yes. The move limit 21e indicates information on whether or not a move (moving) is possible, and if possible, how many times it can be moved. The example in FIG. 2 is “impossible” and indicates that a move cannot be performed. ing.

  The reproduction limit 21f represents information regarding how many times reproduction is possible, and the example in FIG. 2 is “unlimited” and represents that reproduction can be performed any number of times. Further, the expiration date 21g represents information on how long the content can be used using the license. In the example of FIG. 2, it is “unlimited” and indicates that the content can be used without limitation.

  FIG. 3 is a flowchart for explaining an example of a procedure when content is used using a license. First, the control unit 5 of the content using apparatus 1 reads a license from the secure area of the removable recording medium 11 via the input / output IF 2 (step S1). Then, the license analysis unit 5b of the control unit 5 analyzes the read license and acquires a content key (step S2). Then, the control unit 5 sets the content key in the encryption unit 6 (step S3), and reads the protected content from the normal area of the removable recording medium 11 via the input / output IF2.

  Next, in the encryption unit 6, the read content is decrypted and buffered in the buffer 8 (step S5). The decrypted content is decoded by the content using unit 7 (step S6), and the decoded result is output to the output device 10 (step S7).

  FIG. 4 is a diagram for further explaining decryption processing using a license. As a result of analyzing the license (first license 21) read in step S1 of FIG. 3 in step S2, the content key “Kc1” 22 is extracted. Then, the content 23 is extracted from the protected content 23 ′ and the content key “Kc1” 22 read in step S4. In this way, the content key 22 extracted from the first license 21 can be used to decrypt the content 23 ′ protected by encryption and reproduce the content 23.

Next, a processing example using the second license according to the present invention will be described.
FIG. 5 is a diagram for explaining a configuration example of a second license applied to the present invention. The second license 31 in the present embodiment has the same data configuration as the first license 21. That is, information items of license ID 31a, license type 31b, content key 31c, copy restriction 31d, move restriction 31e, reproduction restriction 31f, and expiration date 31g are set. The data configurations of the first license 21 and the second license 31 are not necessarily the same.

In the example of FIG. 5, the license ID 31a is “LID2”. The association between the license ID a31 of the second license 31 and the first license 21 will be described later.
The second license 31 has “license” information as the license type 31b. This represents a license for generating a license. The content key 31c is "Kc2", the copy restriction 31d is "copy not possible", the move restriction 31e is "none" (can be moved any number of times), and the reproduction restriction 31f is "10 times". The reproduction limit 31f “10 times” indicates the number of usable audio data. The content key “Kc2” is data representing a 128-bit number, for example.

  The expiration date 31g is a time limit for selecting the audio data and generating the first license for using the audio data. The expiration date for the audio data is the one recorded in the first license. It is. In the example of FIG. 5, the expiration date 31g is “one year”. The expiration date 31g can also be specified by date information.

  FIG. 6 is a flowchart for explaining an example of a procedure for generating the first license from the second license. The control unit 5 of the content using apparatus 1 reads the first license from the secure area of the removable recording medium 11 via the input / output IF 2 (step S11). Then, the license analysis unit 5b of the control unit 5 analyzes the first license and acquires a content key (step S12).

  Then, it is determined whether the first license is protected (step S13). For example, when the license type 31b is “audio”, the first license is not protected, and when the license type 31b is “audio and protection”, the first license is protected. Here, a flag indicating the presence or absence of protection may be provided in the license type, or a flag indicating validity / invalidity may be provided in the content key, and the determination may be made based thereon.

  When the first license is not protected, the first license can be used as it is, so that the processing after step S1 in FIG. 3 described above can be executed. When the first license is protected, the control unit 5 reads the second license from the secure area of the removable recording medium 11 (step S14). Then, the license generation unit 5a of the control unit 5 generates a first license (step S15). The generated first license is license information whose protection by encryption or the like is released. The content key included in the first license becomes a valid content key.

  Next, the control unit 5 writes the first license in the secure area of the removable recording medium 11 via the input / output IF 2 (step S16). After the first license is generated, the protected content can be used by executing the procedure shown in FIG.

  FIG. 7 is a diagram for further explaining the procedure for generating the first license using the second license. In step S14 in FIG. 6, the content key “Kc2” 32 is extracted from the second license 31. Then, the content key of the protected first license 21 ′ read in step S 11 is decrypted with the content key “Kc 2” 32 to obtain the decrypted (unprotected) first license 21. Here, AES is used as the encryption method.

  In this way, the content key 32 of the first license 21 ′ protected by encryption can be decrypted using the content key 32 extracted from the second license 31 to obtain the first license 21. . Then, using the content key 22 of the obtained first license 21, the content 23 ′ protected by encryption can be decrypted and the content 23 can be reproduced.

  FIG. 8 is a flowchart for explaining an example of a procedure for generating a protected first license and a second license. First, the license generation unit 5a of the control unit 5 changes the license type of the first license (step S21). For example, the license type of the first license is changed from “audio” to “audio and protection”.

  Next, the license key is rewritten in the license generation unit 5a of the control unit 5 (step S22). Here, the content key of the second license is randomly generated, and the first license key “Kc1” is encrypted with the content key “Kc2” and rewritten by AES, thereby generating a protected first license. The content key “Kc2” is generated as a common value for 1000 contents, for example. The first license key “Kc1” takes a different value for every 1000 pieces of content. Therefore, the first license exists for each of 1000 contents.

  Then, the control unit 5 writes the protected first license in the secure area of the removable recording medium 11 via the input / output IF 2 (step S23).

  FIG. 9 is a diagram for further explaining the procedure for generating the protected first license using the second license. Using the content key “Kc2” 32 of the second license 31, the content key of the first license 21 is encrypted. Thus, the protected first license 21 'can be obtained. AES can be used as the encryption method.

As described above, for example, 1000 pieces of audio data may be encrypted with different content keys to create 1000 pieces of protected audio data, and a first license may be generated for each piece of audio data. it can.
Then, these 1000 first licenses can be encrypted with the same content key to create 1000 protected first licenses. Then, one second license for using the protected first license can be generated.

  Then, by setting the number of times of reproduction of the second license to “10 times”, for example, ten first licenses are generated from the ten protected first licenses using the second license. Any ten audio contents can be used.

  The 1000 protected audio data generated as described above can be distributed free of charge or inexpensively using a DVD (Digital Versatile Disk) or a multimedia network. Then, the second license is recorded on the recording medium by the license recording device in exchange for billing or the like. In this way, by using the second license recorded on the recording medium, the content can be used in the above-described procedure.

  The license recording apparatus according to the present invention is configured to have the functions of the input / output IF 2, the input unit 3, and the control unit 5 of the content use apparatus 1 of FIG. Then, a license is input from the input unit 3 and the license is written to the removable recording medium 11 via the input / output IF 2.

  In the above-described embodiment, when the first license is protected, the content key of the first license is encrypted with AES using the content key of the second license as a key, but other methods are used. Is also possible. Also, as an encryption method, an encryption method other than AES may be used.

  Alternatively, a content in which the content keys of the first license are arranged may be created, and the entire content may be encrypted with the second license key. In this arrangement, the content key and the license ID of the first license can be recorded, and the correspondence between the second license and the first license can be taken.

  In the above embodiment, audio data has been described as an example of content, but the present invention can also be applied to content other than audio data. For example, when video data is used as content, the content use unit 7 adopts the same configuration as that of the hard disk recorder. In the case of text data or the like, the content using unit 7 adopts the same configuration as that of the electronic book viewer.

  Also, when the first license is generated from the second license, the content usage history is recorded on the recording medium, and the next time the second license is obtained, the content usage history is acquired. If configured, it is possible to feed back to the content provider which content has been used.

  In the above example, encryption is used to protect the content, but the content can be protected by other protection means. For example, a flag indicating whether or not content can be used is provided in the first license, and the initial value is disabled. When the first license is generated by the second license, the availability flag is set to be possible. However, in this case, it is necessary to take into account the balance between the use and the strength of protection.

It is a block diagram which shows the basic composition in one Embodiment of the content utilization apparatus by this invention. It is a figure for demonstrating the structural example of the 1st license applied to this invention. It is a flowchart for demonstrating an example of the procedure at the time of using a content using a license. It is a figure for demonstrating further about the decoding process using a license. It is a figure for demonstrating the structural example of the 2nd license applied to this invention. It is a flowchart for demonstrating an example of the procedure at the time of producing | generating a 1st license from a 2nd license. It is a figure for further explaining the generation procedure of the 1st license using the 2nd license. It is a flowchart for demonstrating an example of the production | generation procedure of the protected 1st license and the 2nd license. It is a figure for demonstrating further the procedure which produces | generates the protected 1st license using a 2nd license. 1 is a block diagram of a license and content providing system described in Patent Document 1. FIG. FIG. 11 is a diagram illustrating a configuration example of a content reproduction device described in Patent Document 2.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 ... Content utilization apparatus, 2 ... Input / output IF, 3 ... Input part, 4 ... User IF, 5 ... Control part, 6 ... Encryption part, 7 ... Content utilization part, 8 ... Buffer, 9 ... Operation input part, 10 ... output device, 11 ... removable recording medium.

Claims (6)

A license generation device that generates a license for releasing the protection of protected content and making the content usable,
Protecting a first license necessary for use of protected content, generates a second license for by unprotect first licenses the protective make available the protected content have a license generation unit,
The first license has first information for releasing protection of the protected content, and a first use condition that defines a use condition of the content,
The second license, characterized in that the chromatic and second information to unprotect first licenses the protection, and a second information defining the use conditions of the second license A license generation device. In the license generation device according to claim 1, wherein the license generation unit, the first licenses the protection, using said second information included in the second license, the protection release Generating a licensed first license. A license generation device that generates a license for releasing the protection of protected content and making the content usable,
When the first license required for using the protected content is further protected, a second license for releasing the protection of the protected first license and making the protected content available licensed, have a license generation unit which generates a first license the protection is canceled,
The first license has first information for releasing protection of the protected content, and a first use condition that defines a use condition of the content,
The second license, characterized in that the chromatic and second information to unprotect first licenses the protection, and a second information defining the use conditions of the second license A license generation device.   4. The license generation apparatus according to claim 1, further comprising recording means for recording either or both of the first license and the second license on a recording medium. Generator. A license recording device for recording a license for releasing the protection of protected content and making the content usable,
When the first license necessary for use of protected content are further protected, the protected for enabling use of the protected content to unprotect the first license second A license input section for inputting a license from the outside;
Have a recording means for recording on a recording medium a second license input from the license input unit,
The first license has first information for releasing protection of the protected content, and a first use condition that defines a use condition of the content,
The second license, characterized in that the chromatic and second information to unprotect first licenses the protection, and a second information defining the use conditions of the second license The license recording device. A content use device that releases the protection of protected content so that the content can be used.
When the first license required for using the protected content is further protected, a second license for releasing the protection of the protected first license and making the protected content available A license input section for inputting a license from the outside;
Recording means for recording the second license input from the license input unit on a recording medium;
A license generation unit which generates a first license acquired a second license from the recording device, the protected using said second license is released,
A content input unit for inputting content;
Have a content usage unit that reproduces available using a first license the content input from the content input unit the protection is released,
The first license has first information for releasing protection of the protected content, and a first use condition that defines a use condition of the content,
The second license, characterized in that the chromatic and second information to unprotect first licenses the protection, and a second information defining the use conditions of the second license A content using device.

Images