US20080016001A1 - Unauthorized Device Detection Device And Unauthorized Device Detection System - Google Patents
Unauthorized Device Detection Device And Unauthorized Device Detection System Download PDFInfo
- Publication number
- US20080016001A1 US20080016001A1 US11/791,853 US79185305A US2008016001A1 US 20080016001 A1 US20080016001 A1 US 20080016001A1 US 79185305 A US79185305 A US 79185305A US 2008016001 A1 US2008016001 A1 US 2008016001A1
- Authority
- US
- United States
- Prior art keywords
- content
- media
- unauthorized
- unit
- total
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 100
- 238000003860 storage Methods 0.000 claims description 139
- 238000004590 computer program Methods 0.000 claims description 30
- 239000000284 extract Substances 0.000 claims description 27
- 238000000605 extraction Methods 0.000 claims description 4
- 238000004364 calculation method Methods 0.000 claims description 2
- 238000004891 communication Methods 0.000 description 35
- 238000012545 processing Methods 0.000 description 29
- 238000012986 modification Methods 0.000 description 21
- 230000004048 modification Effects 0.000 description 21
- 238000010586 diagram Methods 0.000 description 16
- 230000005540 biological transmission Effects 0.000 description 12
- 238000004422 calculation algorithm Methods 0.000 description 11
- 238000000034 method Methods 0.000 description 11
- 230000006870 function Effects 0.000 description 10
- 230000004044 response Effects 0.000 description 9
- 230000005236 sound signal Effects 0.000 description 6
- 238000010295 mobile communication Methods 0.000 description 4
- 230000010354 integration Effects 0.000 description 3
- 238000007639 printing Methods 0.000 description 3
- 230000001174 ascending effect Effects 0.000 description 2
- 230000002457 bidirectional effect Effects 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/107—License processing; Key processing
- G06F21/1073—Conversion
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/00188—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving measures which result in a restriction to authorised devices recording or reproducing contents to/from a record carrier
- G11B20/00195—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving measures which result in a restriction to authorised devices recording or reproducing contents to/from a record carrier using a device identifier associated with the player or recorder, e.g. serial numbers of playback apparatuses or MAC addresses
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/0021—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/0021—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
- G11B20/00485—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier characterised by a specific kind of data which is encrypted and recorded on and/or reproduced from the record carrier
- G11B20/00492—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier characterised by a specific kind of data which is encrypted and recorded on and/or reproduced from the record carrier wherein content or user data is encrypted
- G11B20/00528—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier characterised by a specific kind of data which is encrypted and recorded on and/or reproduced from the record carrier wherein content or user data is encrypted wherein each title is encrypted with a separate encryption key for each title, e.g. title key for movie, song or data file
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/00681—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving measures which prevent a specific kind of data access
- G11B20/00688—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving measures which prevent a specific kind of data access said measures preventing that a usable copy of recorded data can be made on another medium
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/00855—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a step of exchanging information with a remote server
- G11B20/00862—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a step of exchanging information with a remote server wherein the remote server can grant the permission to use a content
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B2220/00—Record carriers by type
- G11B2220/20—Disc-shaped record carriers
- G11B2220/25—Disc-shaped record carriers characterised in that the disc is based on a specific recording technology
- G11B2220/2537—Optical discs
- G11B2220/2562—DVDs [digital versatile discs]; Digital video discs; MMCDs; HDCDs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
Definitions
- the present invention relates to unauthorized device detection techniques for finding or specifying an unauthorized device altered or manufactured by copying.
- cryptography is employed to protect a copyright of content, that is, to protect content from unauthorized use such as unauthorized playback and copying.
- content encrypted using an encryption key is recorded on a recording medium such as an optical disc and distributed. Only a terminal in possession of a decryption key corresponding to the encryption key can decrypt the encrypted content read from the recording medium using the decryption key and play back the content.
- Example methods of content encryption include a method of encrypting content itself using an encryption key so that the encrypted content is decrypted using a decryption key corresponding to the encryption key, and a method of encrypting content using a content key and further encrypting the content key using an encryption key so that the encrypted content key is decrypted using a decryption key corresponding to the encryption key and the encrypted content is decrypted using the decrypted content key.
- the decryption key possessed by the terminal needs to be securely managed so as not to be revealed to outside. However, there is a danger that the decryption key may be revealed as a result of an unauthorized party conducting analysis inside the terminal.
- the unauthorized party can manufacture a recording device or a playback device for unauthorized use of the content, or produce software for unauthorized use of the content and distribute it via an internet and the like.
- a copyright holder wants to disable the revealed key so that the content is no longer treatable using the revealed key. This technique is called a key invalidation technique, and is disclosed in patent document 1 and patent document 2.
- patent document 1 discloses a method of specifying the key revealed to outside (i.e. the key to be invalidated). This being so, a large number of recording devices, playback devices, or software distributed on a market and having a possibility of being unauthorized need to be collected and their internal structures analyzed in order to identify an unauthorized device or unauthorized software. This requires much labor and cost.
- patent document 3 discloses a mobile communication system, such as a mobile phone system, for detecting the existence of a clone terminal manufactured by unauthorized copying and notifying the existence to a maintenance entity, without providing a mobile terminal with a special function for clone terminal detection.
- This mobile communication system includes: a unit for making location registration to notify the system of a location of the mobile terminal so as to allow for reception processing by the mobile terminal; a unit for comparing location registration information submitted by another mobile terminal having a same phone number as the mobile terminal under control of a base station to which the other mobile terminal belongs, with location registration information corresponding to the last location registration made in the system; and a unit for detecting the existence of two or more mobile terminals having the same phone number based on a result of the comparison.
- Patent document 1 Japanese Patent Application Publication No. 2000-31922
- Patent document 2 Japanese Patent Application Publication No. 2002-281013
- Patent document 3 Japanese Patent Application Publication No. 2000-184447
- the present invention aims to provide an unauthorized device detection device, an unauthorized device detection system, an unauthorized device detection method, and a computer program for unauthorized device detection that can find and specify an unauthorized device altered or manufactured by copying.
- a detection device for detecting an unauthorized device manufactured by copying including: a media number storage unit operable to store a total media number corresponding to a device identifier, the total media number being a total number of rewritable portable media used by one or more devices, including a target device, that hold the device identifier; a comparison unit operable to compare the total media number with a predetermined threshold value used for unauthorized device detection; and an identifier storage unit operable to store the device identifier if the total media number is greater than the threshold value.
- a device that is likely to be an unauthorized device manufactured by copying can be detected based on the number of portable media used by unauthorized devices.
- the detection device may further include: a calculation unit that includes: an acquisition unit operable to acquire, from a rewritable portable medium used by the target device, a media identifier for identifying the portable medium and the device identifier held by the target device; a storage unit operable to store, in correspondence with a device identifier held by each past target device, one or more media identifiers respectively for identifying one or more rewritable portable media used by the past target device; and a calculating unit operable to calculate, using the stored device identifier and one or more media identifiers and the acquired device identifier and media identifier, a total number of media identifiers corresponding to a same device identifier as the acquired device identifier, as the total media number, and write the calculated total media number to the media number storage unit.
- a calculation unit that includes: an acquisition unit operable to acquire, from a rewritable portable medium used by the target device, a media identifier for identifying the portable medium and the
- the total media number can be calculated reliably.
- the comparison unit may further compare the total media number with a warning value that is smaller than the threshold value, wherein the identifier storage unit further stores the device identifier if the total media number is no greater than the threshold value but is greater than the warning value.
- a device that is likely to be either an unauthorized device or a device that requires a warning can be detected.
- the target device may be a playback device for decrypting encrypted content and playing back the decrypted content
- the detection device further includes: a prohibition unit operable to prohibit to output a decryption key used for decrypting the encrypted content to the portable medium, if the total media number is greater than the threshold value; and an output unit operable to output the decryption key to the portable medium, if the total media number is no greater than the threshold value.
- the detection device for detecting an unauthorized device manufactured by copying may include: a series number storage unit operable to store a total series number corresponding to a device identifier, the total series number being a total number of viewing history series of content viewed by one or more devices, including a target device, that hold the device identifier; a comparison unit operable to compare the total series number with a predetermined threshold value used for unauthorized device detection; and an identifier storage unit operable to store the device identifier if the total series number is greater than the threshold value.
- a device that is likely to be an unauthorized device manufactured by copying can be detected based on the number of viewing history series of content viewed by the device.
- the detection device for detecting an unauthorized device manufactured by copying may include: a storage unit operable to store, in correspondence with a device identifier held by each past target device, one or more content identifiers respectively for identifying one or more sets of content viewed by the past target device; an acquisition unit operable to acquire, from a rewritable portable medium used by a target device, one or more content identifiers respectively for identifying one or more sets of content viewed by the target device and a device identifier held by the target device; an extraction unit operable to extract one or more content identifiers corresponding to a same device identifier as the acquired device identifier, from the storage unit; a comparison unit operable to compare the extracted one or more content identifiers and the acquired one or more content identifiers; and a registration unit operable to register the acquired device identifier to an unauthorized device list, if none of the extracted one or more content identifiers matches any of the acquired one or more content identifiers.
- a device that is likely to be an unauthorized device manufactured by copying can be detected based on content viewed by the device.
- the storage unit may further store, in a one-to-one correspondence with the one or more content identifiers, one or more viewing ordinal numbers representing an order in which the one or more sets of content identified by the one or more content identifiers were viewed by the past target device, wherein the acquisition unit further acquires, in a one-to-one correspondence with the one or more content identifiers, one or more viewing ordinal numbers representing an order in which the one or more sets of content identified by the one or more content identifiers were viewed by the target device, the extraction unit further extracts one or more viewing ordinal numbers corresponding to the one or more content identifiers that correspond to the same device identifier as the acquired device identifier, from the storage unit, the comparison unit further compares the extracted one or more viewing ordinal numbers and the acquired one or more viewing ordinal numbers, and the registration unit further registers the acquired device identifier to the unauthorized device list, if the extracted one or more content identifiers match the acquired one or more content identifiers but a viewing
- a device that is likely to be an unauthorized device manufactured by copying can be detected more precisely based on the content viewing order.
- the target device may be a playback device for decrypting encrypted content and playing back the decrypted content
- the detection device further includes: a prohibition unit operable to prohibit to output a decryption key used for decrypting the encrypted content to the portable medium, if none of the extracted one or more content identifiers matches any of the acquired one or more content identifiers; and an output unit operable to output the decryption key to the portable medium, if any of the extracted one or more content identifiers matches any of the acquired one or more content identifiers.
- the threshold value can be set at 100 as one example. Even when a user possesses a plurality of portable media, the number of media IDs corresponding to that user, counted based on a device ID of his/her device, should not exceed this threshold of 100. However, if there are 1,000 unauthorized devices having the same device ID, the number of media IDs counted based on the device ID will exceed 1,000, because a portable medium possessed by a user of each unauthorized device has a different media ID. Accordingly, when the threshold value of 100 is exceeded, that device ID can be judged as being used by unauthorized devices.
- FIG. 1 is a system configuration diagram showing a configuration of an unauthorized device detection system 1 .
- FIG. 2 is a block diagram showing a configuration of a management server device 100 .
- FIG. 3 is a data structure diagram showing a data structure of a management table 120 .
- FIG. 4 is a data structure diagram showing a data structure of a device key list 130 .
- FIG. 5 is a data structure diagram showing a data structure of a content key list 140 .
- FIG. 6 is a data structure diagram showing a data structure of an advisory device list 150 .
- FIG. 7 is a data structure diagram showing a data structure of a warning device list 160 .
- FIG. 8 is a data structure diagram showing a data structure of an unauthorized device list 170 .
- FIG. 9 is a table showing patterns of control by a control unit 102 .
- FIG. 10 is a block diagram showing a configuration of a memory card 200 .
- FIG. 11 is a block diagram showing a configuration of a register device 300 .
- FIG. 12 is a block diagram showing a configuration of a DVD player 400 .
- FIG. 13 is a flowchart showing an operation of acquiring a device ID from a memory card 200 a by the DVD player 400 .
- FIG. 14 is a flowchart showing an operation of acquiring an encrypted content key from the management server device 100 by the register device 300 , continuing to FIG. 15 .
- FIG. 15 is a flowchart showing the operation of acquiring the encrypted content key from the management server device 100 by the register device 300 , continuing to FIG. 16 .
- FIG. 16 is a flowchart showing the operation of acquiring the encrypted content key from the management server device 100 by the register device 300 , continuing to FIG. 17 .
- FIG. 17 is a flowchart showing the operation of acquiring the encrypted content key from the management server device 100 by the register device 300 , continuing from FIG. 16 .
- FIG. 18 is a flowchart showing an operation of decrypting and playing back encrypted content by the DVD player 400 , continuing to FIG. 19 .
- FIG. 19 is a flowchart showing the operation of decrypting and playing back the encrypted content by the DVD player 400 , continuing from FIG. 18 .
- FIG. 20 is a block diagram showing a configuration of a memory card 200 e as a modification.
- FIG. 21 is a data structure diagram showing a data structure of a server history information list 120 e held by the management server device 100 as a modification.
- FIG. 22 is a flowchart showing an operation of the DVD player when playing back content as a modification.
- FIG. 23 is a flowchart showing an operation of each device when purchasing a DVD as a modification, continuing to FIG. 24 .
- FIG. 24 is a flowchart showing the operation of each device when purchasing the DVD as the modification, continuing from FIG. 23 .
- FIG. 25 shows a first example of comparison between group ⁇ and group ⁇ .
- FIG. 26 shows a second example of comparison between group ⁇ and group ⁇ .
- FIG. 27 shows a third example of comparison between group ⁇ and group ⁇ .
- FIG. 28 is a data structure diagram showing a data structure of a user history information list 231 f held by the memory card 200 e as a modification.
- FIG. 29 is a data structure diagram showing a data structure of a server history information list 120 f held by the management server device 100 as a modification.
- FIG. 30 is a flowchart showing an operation of the management server device 100 when purchasing a DVD.
- FIG. 31 shows a first example of comparison between group ⁇ and group ⁇ .
- FIG. 32 shows a second example of comparison between group ⁇ and group ⁇ .
- FIG. 33 is a flowchart showing an operation of the management server device 100 when purchasing a DVD as a modification.
- FIG. 34 is a data structure diagram showing a data structure of an extracted server history information group 621 .
- the following describes an unauthorized device detection system 1 as one embodiment of the present invention.
- the unauthorized device detection system 1 includes a management server device 100 , a register device 300 , and DVD players 400 a , . . . , 400 b , 400 c , . . . , 400 d , as shown in FIG. 1 .
- the management server device 100 and the register device 300 are connected to each other via an internet 10 .
- the DVD players 400 a , . . . , 400 b are authorized players manufactured by an authorized manufacturer, and each hold a device ID for uniquely identifying the DVD player itself. For example, a total number of the DVD players 400 a , . . . , 400 b is 10,000.
- the DVD players 400 c , . . . , 400 d are players manufactured by an unauthorized manufacturer copying the DVD player 400 b , and each hold a same device ID as the one for uniquely identifying the DVD player 400 b .
- a total number of the DVD players 400 c , 400 d is 10,000.
- the user Before a user of the DVD player 400 a purchases a new DVD, the user loads a memory card 200 a to the DVD player 400 a .
- the memory card 200 a stores a media ID for uniquely identifying the memory card 200 a itself.
- the DVD player 400 a writes the device ID stored therein onto the memory card 200 a.
- the user brings the memory card 200 a on which the device ID for identifying the DVD player 400 a is stored, to a shop.
- the user selects a desired DVD package 500 at the shop.
- the DVD package 500 contains a DVD 500 a .
- the user then hands the memory card 200 a and the DVD package 500 to a shop clerk who operates the register device 300 .
- the shop clerk loads the memory card 200 a to the register device 300 , and scans a barcode shown on the DVD package 500 using a barcode reader of the register device 300 .
- the register device 300 reads a content ID of content stored on the DVD 500 a contained in the DVD package 500 , from the barcode shown on the DVD package 500 .
- the register device 300 also reads the device ID and the media ID from the loaded memory card 200 a , and transmits the content ID and the read pair of device ID and media ID to the management server device 100 via the internet 10 .
- the management server device 100 stores, in correspondence with each device ID for identifying a DVD player, one or more media ID respectively for identifying one or more memory cards loaded to the DVD player and a total media ID number showing a total number of these memory cards.
- the management server device 100 judges whether the received device ID is stored in the management server device 100 . If the received device ID is stored, the management server device 100 further judges whether the received media ID is stored in the management server device 100 . If the received media ID is not stored, the management server device 100 stores the received media ID in correspondence with the device ID, and adds the value “1” to a total media ID number corresponding to the device ID. If the received device ID is not stored, the management server device 100 stores the pair of device ID and media ID, and sets the total media ID number to “1”.
- the management server device 100 judges which of the following ranges the total media ID number corresponding to the received device ID belongs to: (i) no more than “100”; (ii) from “101 to “150” inclusive; (iii) from “151” to “199” inclusive; and (iv) no less than “200”.
- the management server device 100 encrypts a content key corresponding to the received content ID, and transmits the encrypted content key to the register device 300 via the internet 10 together with a device judgment level indicating that the device used by the user is not an unauthorized device.
- the management server device 100 registers the received device ID to an advisory device list held therein, encrypts the content key corresponding to the received content ID, and transmits the encrypted content key to the register device 300 via the internet 10 together with a device judgment level indicating that the device used by the user requires an advisory (i.e. a caution).
- the management server device 100 registers the received device ID to a warning device list held therein, encrypts the content key corresponding to the received content ID, and transmits the encrypted content key to the register device 300 via the internet 10 together with a device judgment level indicating that the device used by the user requires a warning.
- the management server device 100 registers the received device ID to an unauthorized device list held therein, and transmits a device judgment level indicating that the device used by the user is an unauthorized device, to the register device 300 via the internet 10 . In this case, the content key is not transmitted to the register device 300 .
- the register device 300 receives the device judgment level from the management server device 100 via the internet 10 .
- the register device 300 may also receive the encrypted content key.
- the register device 300 If the received device judgment level indicates that the DVD player used by the user is not an unauthorized device (i), the register device 300 writes the received encrypted content key to the memory card 200 a . In this case, the user pays a price of the DVD package 500 to the shop.
- the register device 300 displays an advisory, and writes the received encrypted content key to the memory card 200 a . In this case, the user pays the price of the DVD package 500 to the shop.
- the register device 300 displays a warning, and requests the operator to input an instruction as to whether or not to approve the provision of the encrypted content key. If the instruction approves the provision, the register device 300 writes the received encrypted content key to the memory card 200 a . In this case, the user pays the price of the DVD package 500 to the shop. If the instruction does not approve the provision, the register device 300 does not provide the received encrypted content key to the user. In this case, the shop refuses to sell the DVD package 500 to the user.
- the register device 300 displays that the device used by the user is unauthorized, and ends the processing.
- the register device 300 does not provide the encrypted content key to the user. In this case, the shop refuses to sell the DVD package 500 to the user.
- the DVD player 400 a reads the encrypted content key from the memory card 200 a , decrypts the encrypted content key to generate a decrypted content key, and decrypts the encrypted content on the DVD 500 a using the decrypted content key to generate decrypted content.
- the DVD player 400 a converts the decrypted content to a video signal and an audio signal, and outputs the video signal and the audio signal to a monitor 411 a.
- the DVD players 400 a , . . . , 400 b are 10,000 in total, and each have a different device ID.
- the total media ID number stored in the management server device 100 in correspondence with each device ID is 10 at most.
- the management server device 100 judges that each of the DVD players 400 a , . . . , 400 b is an authorized device.
- the DVD players 400 c , . . . , 400 d are 10,000 in total, and have the same device ID.
- the total media ID number stored in the management server device 100 in correspondence with this device ID is 10,000.
- the management server device 100 judges that each of the DVD players 400 c , . . . , 400 d is an unauthorized device. In this way, the management server device 100 can determine whether a DVD player is authorized or unauthorized.
- the management server device 100 includes a communication unit 101 , a control unit 102 , a management table storage unit 103 , a content key storage unit 104 , a selection unit 105 , a device key storage unit 106 , an encryption unit 107 , a device list storage unit 108 , an input unit 110 , a display unit 111 , and an authentication unit 112 , as shown in FIG. 2 .
- the management server device 100 can actually be realized by a computer system that includes a microprocessor, a ROM, a RAM, a hard disk unit, a display unit, a keyboard, a mouse, and the like.
- a computer program is stored on the RAM or the hard disk unit. Functions of the management server device 100 can partly be achieved by the microprocessor operating in accordance with this computer program.
- Management Table Storage Unit 103 Content Key Storage Unit 104 , Device Key Storage Unit 106 , and Device List Storage Unit 108
- the management table storage unit 103 , the content key storage unit 104 , the device key storage unit 106 , and the device list storage unit 108 are actually constituted by one hard disk unit.
- the management table storage unit 103 has a management table 120 , as shown in FIG. 2 .
- the management table 120 has an area for storing one or more sets of media ID information, as shown in FIG. 3 .
- one set of media ID information corresponds to one authorized device (DVD player in this embodiment). If there is an unauthorized device that stores a device ID unauthorizedly, however, one set of media ID information corresponds to all devices storing the same device ID.
- Each set of media ID information includes a device ID, at least one media ID, and a total media ID number.
- the device ID is identification information for uniquely identifying a device corresponding to the media ID information that includes the device ID. As mentioned above, however, if there is an unauthorized device that stores the device ID unauthorizedly, the device ID may be unable to uniquely identify one device.
- the media ID is identification information for uniquely identifying a memory card used in a state of being loaded in the device corresponding to the media ID information that includes the media ID.
- the total media ID number shows a total number of media IDs included in the media ID information that includes the total media ID number.
- the management table 120 is made up of media ID information 128 , 129 , . . . .
- the media ID information 128 includes a device ID 121 “ID-A”, a media ID 122 “MID- 1 ”, a media ID 123 “MID- 5 ”, and a total media ID number 124 “ 2 ”. This indicates that two memory cards identified by “MID- 1 ” and “MID- 5 ” are loaded and used in a device (DVD player) identified by “ID-A”.
- the media ID information 129 includes a device ID 125 “ID-B”, a media ID 126 “MID- 2 ”, and a total media ID number 127 “ 1 ”. This indicates that one memory card identified by “MID- 2 ” is loaded and used in a device (DVD player) identified by “ID-B”.
- the device key storage unit 106 has a device key list 130 , as shown in FIG. 2 .
- the device key list 130 is made up of one or more sets of device key information as shown in FIG. 4 .
- One set of device key information corresponds to one device (DVD player in this embodiment), and includes a device ID and a device key. However, if there is an unauthorized device, the correspondence relation between device key information and a device is as explained above.
- the device ID is identification information for uniquely identifying a device corresponding to the device key information that includes the device ID.
- the device key is key information assigned to the device corresponding to the device key information that includes the device key.
- the device key is 128 bits long.
- the device key list 130 is made up of device key information 133 , 134 , . . . .
- the device key information 133 includes a device ID 131 “ID-A” and a device key 132 “DK-A”. This indicates that a device key assigned to a device (DVD player) identified by “ID-A” is “DK-A”.
- the content key storage unit 104 has a content key list 140 , as shown in FIG. 2 .
- the content key list 140 is made up of one or more sets of content key information 143 , 144 , 145 , . . . as shown in FIG. 5 .
- Each set of content key information corresponds to one set of content, and includes a content ID and a content key.
- the content key information 143 includes a content ID 141 “C 001 ” and a content key 142 “CK- 1 ”.
- the content ID is identification information for uniquely identifying content corresponding to the content key information that includes the content ID.
- the content key is key information assigned to the content corresponding to the content key information that includes the content key.
- the device list storage unit 108 includes an advisory device list 150 , a warning device list 160 , and an unauthorized device list 170 , as shown in FIG. 2 .
- the advisory device list 150 has an area for storing one or more advisory device IDs as shown in FIG. 6 , as one example.
- An advisory device ID is identification information for uniquely identifying a device that is judged as requiring an advisory, as mentioned above.
- the advisory device list 150 includes an advisory device ID 151 “ID-X 005 ”, an advisory device ID 152 “ID-Y 007 ”, an advisory device ID 153 “ID-Z 009 ”, . . . . This indicates that devices (DVD players) identified by “ID-X 005 ”, “ID-Y 007 ”, and “ID-Z 009 ” require an advisory.
- the warning device list 160 has an area for storing one or more warning device IDs as shown in FIG. 7 , as one example.
- a warning device ID is identification information for uniquely identifying a device that is judged as requiring a warning, as mentioned above.
- the warning device list 160 includes a warning device ID 161 “ID-X 003 ”, a warning device ID 162 “ID-Y 004 ”, a warning device ID 163 “ID-Z 004 ”, . . . . This indicates that devices (DVD players) identified by “ID-X 003 ”, “ID-Y 004 ”, and “ID-Z 004 ” require a warning.
- the unauthorized device list 170 has an area for storing one or more unauthorized device IDs as shown in FIG. 8 , as one example.
- An unauthorized device ID is identification information for uniquely identifying a device that is judged as being unauthorized, as mentioned above.
- the unauthorized device list 170 includes an unauthorized device ID 171 “ID-X 001 ”, an unauthorized device ID 172 “ID-Y 002 ”, an unauthorized device ID 173 “ID-Z 005 ”, . . . . This indicates that devices (DVD players) identified by “ID-X 001 ”, “ID-Y 002 ”, and “ID-Z 005 ” are unauthorized.
- the control unit 102 receives a connection request from the register device 300 via the internet 10 and the communication unit 101 . Upon receiving the connection request, the control unit 102 instructs the authentication unit 112 to perform mutual device authentication with the register device 300 .
- control unit 102 receives authentication result information indicating a result of the mutual device authentication from the authentication unit 112 . If the received authentication result information indicates mutual device authentication failure, the control unit 102 ends the processing. If the received authentication result information indicates mutual device authentication success, the control unit 102 performs the following processing.
- the control unit 102 receives a content key request, a content ID, a device ID, and a media ID from the register device 300 via the internet 10 and the communication unit 101 .
- the control unit 102 Having received the content key request, the content ID, the device ID, and the media ID, the control unit 102 searches the management table 120 for the same device ID as the received device ID. If the same device ID is not found in the management table 120 , the control unit 102 sets a total media ID number to “1”, and writes the received device ID and media ID and the total media ID number to the management table 120 as media ID information.
- the control unit 102 extracts media ID information that includes the same device ID from the management table 120 , and judges whether the extracted media ID information includes the same media ID as the received media ID. If the extracted media ID information does not include the same media ID, the control unit 102 adds “1” to a total media ID number in the extracted media ID information, and writes the received media ID to the extracted media ID information. The control unit 102 then writes the media ID information to which the media ID has been added, to the management table 120 over the corresponding old media ID information.
- the control unit 102 does not update the extracted media ID information.
- control unit 102 judges which of the following ranges the total media ID number belongs to: (i) no more than “100”; (ii) from “101” to “150” inclusive; (iii) from “151” to “199” inclusive; and (iv) no less than “200”.
- a table 180 shows a general outline of processing by the control unit 102 for each of the four cases respectively in fields 181 , 182 , 183 , and 184 .
- the control unit 102 sets the device judgment level to “0” indicating that the device used by the user is not an unauthorized device.
- the control unit 102 transmits the device judgment level set to “0”, to the register device 300 via the communication unit 101 and the internet 10 .
- the control unit 102 also outputs the received content ID to the selection unit 105 , and instructs the selection unit 105 to select a content key.
- the control unit 102 further outputs the received device ID to the encryption unit 107 , and instructs the encryption unit 107 to encrypt the content key (field 189 ).
- the control unit 102 sets the device judgment level to “1” indicating that the device used by the user requires an advisory.
- the control unit 102 transmits the device judgment level set to “1”, to the register device 300 via the communication unit 101 and the internet 10 .
- the control unit 102 also adds the received device ID to the advisory device list 150 (field 194 ).
- the control unit 102 outputs the received content ID to the selection unit 105 , and instructs the selection unit 105 to select the content key.
- the control unit 102 also outputs the received device ID to the encryption unit 107 , and instructs the encryption unit 107 to encrypt the content key (field 190 ).
- the control unit 102 sets the device judgment level to “2” indicating that the device used by the user requires a warning.
- the control unit 102 transmits the device judgment level set to “2”, to the register device 300 via the communication unit 101 and the internet 10 .
- the control unit 102 also adds the received device ID to the warning device list 160 (field 195 ).
- the control unit 102 receives an instruction as to whether or not to approve the provision of the content key to the user, from the register device 300 via the internet 10 and the communication unit 101 . If the received instruction does not approve the provision, the control unit 102 ends the processing.
- control unit 102 If the received instruction approves the provision, the control unit 102 outputs the received content ID to the selection unit 105 , and instructs the selection unit 105 to select the content key. The control unit 102 also outputs the received device ID to the encryption unit 107 , and instructs the encryption unit 107 to encrypt the content key (field 191 ).
- the control unit 102 sets the device judgment level to “3” indicating that the device used by the user is an unauthorized device.
- the control unit 102 adds the received device ID to the unauthorized device list 170 (field 196 ).
- the control unit 102 also transmits the device judgment level set to “3”, to the register device 300 via the communication unit 101 and the internet 10 .
- the control unit 102 then ends the processing (field 192 ).
- the selection unit 105 receives the content ID and the content key selection instruction from the control unit 102 . Upon receiving the content ID and the content key selection instruction, the selection unit 105 reads content key information that includes the same content ID as the received content ID from the content key list 140 , extracts a content key from the read content key information, and outputs the extracted content key to the encryption unit 107 .
- the encryption unit 107 receives the device ID and the content key encryption instruction from the control unit 102 , and receives the content key from the selection unit 105 .
- the encryption unit 107 reads device key information that includes the same device ID as the received device ID from the device key list 130 , and extracts a device key from the read device key information.
- A E (B, C) denotes cipher text A generated by applying encryption algorithm E to plain text C using key B.
- Encryption algorithm E 1 used here is an AES (Advanced Encryption Standard) algorithm, as one example.
- the encryption unit 107 transmits the generated encrypted content key to the register device 300 via the communication unit 101 and the internet 10 .
- each block representing a different one of the configuration units of the management server device 100 is connected to other blocks by connecting lines, though some connecting lines are omitted in FIG. 2 .
- each connecting line indicates a path through which a signal or information is transmitted.
- a connecting line marked with a key symbol indicates a path through which key information is transmitted to the encryption unit 107 .
- the input unit 110 receives an input of various information or an input of various instructions from an operator of the management server device 100 , and outputs the received information or instructions to the control unit 102 .
- the display unit 111 displays various information in accordance with instructions from the control unit 102 .
- the authentication unit 112 performs challenge-response mutual device authentication with the register device 300 via the communication unit 101 and the internet 10 , according to an instruction from the control unit 102 .
- the authentication unit 112 authenticates the register device 300 , and is subject to the authentication by the register device 300 .
- the authentication unit 112 When the mutual device authentication results in success or failure, the authentication unit 112 outputs authentication result information indicating the success or failure to the control unit 102 .
- the communication unit 101 conducts transmission/reception of various information between the register device 300 and the control unit 102 . Also, the communication unit 101 conducts transmission/reception of various information between the register device 300 and the authentication unit 112 .
- the memory card 200 includes an input/output unit 201 , an authentication unit 202 , and a storage unit 203 , as shown in FIG. 10 .
- the memory card 200 can actually be realized by a computer system that includes a microprocessor, a ROM, a RAM, and the like. A computer program is stored on the RAM. Functions of the memory card 200 can partly be achieved by the microprocessor operating in accordance with this computer program.
- the storage unit 203 has a media ID area 204 and a general area 205 , as shown in FIG. 10 .
- the media ID area 204 stores a media ID 211 , as shown in FIG. 10 .
- the media ID 211 is identification information for uniquely identifying the memory card 200 .
- the general area 205 has an encrypted content key list 221 , as shown in FIG. 10 .
- the encrypted content key list 221 has an area for storing one or more sets of encrypted content key information.
- Each set of encrypted content key information includes one device ID and at least one pair of content ID and encrypted content key.
- One set of encrypted content key information corresponds to one device (DVD player in this embodiment), and one pair of content ID and encrypted content key corresponds to one set of content. If there is an unauthorized device that stores the device ID unauthorizedly, however, one set of encrypted content key information corresponds to all devices storing the same device ID.
- the device ID is identification information for uniquely identifying a device (DVD player in this embodiment). As mentioned above, however, if there is an unauthorized device that stores the device ID unauthorizedly, the device ID may be unable to uniquely identify one device.
- the content ID is identification information for uniquely identifying content corresponding to the pair that includes the content ID.
- the encrypted content key is generated by encrypting a content key, which is used when encrypting the content corresponding to the pair that includes the encrypted content key, using a device key assigned to the corresponding device.
- encrypted content key information 236 includes a device ID 231 “ID-A”, a pair 237 of a content ID 232 “C 001 ” and an encrypted content key 234 “E 1 (DK-A, CK- 1 )”, and a pair 238 of a content ID 233 “C 002 ” and an encrypted content key 238 “E 1 (DK-A, CK- 2 )”.
- the encrypted content key 234 “E 1 (DK-A, CK- 1 )” in the pair 237 is generated by encrypting a content key “CK- 1 ” assigned to content identified by the content ID 232 “C 001 ”, using a device key “DK-A” assigned to a DVD player identified by the device ID 231 “ID-A”.
- the encrypted content key 235 “E 1 (DK-A, CK- 2 )” in the pair 238 is generated by encrypting a content key “CK- 2 ” assigned to content identified by the content ID 233 “C 002 ”, using the device key “DK-A” assigned to the DVD player identified by the device ID 231 “ID-A”.
- the input/output unit 201 reads information from the media ID area 204 or the general area 205 in the storage unit 203 , and outputs the read information to an external device in which the memory device 200 is loaded. Also, the input/output unit 201 receives information from the external device, and writes the received information to the general area 205 in the storage unit 203 .
- the external device referred to here is any of the register device 300 and the DVD players 400 a , . . . , 400 b , 400 c , . . . , 400 d.
- the authentication unit 202 performs, when the memory card 200 is loaded to an external device, mutual device authentication with the external device via the input/output unit 201 .
- the device authentication referred to here is challenge-response device authentication. Since the challenge-response device authentication is well known in the art, its detailed explanation has been omitted here.
- the external device referred to here is any of the register device 300 and the DVD-players 400 a , . . . , 400 b , 400 c , . . . , 400 d.
- the authentication unit 202 controls the input/output unit 201 to perform transmission/reception of information between the storage unit 203 and the external device. If the mutual device authentication results in failure, the authentication unit 202 controls the input/output unit 201 not to perform transmission/reception of information between the storage unit 203 and the external device.
- the register device 300 includes an authentication unit 301 , an input unit 302 , a display unit 303 , a display unit 304 , an input/output unit 305 , a control unit 306 , a communication unit 307 , a printing unit 308 , a storage 309 , a barcode processing unit 310 , an information storage unit 312 , and an authentication unit 313 , as shown in FIG. 11 .
- a barcode reader 311 is connected to the register device 300 .
- the register device 300 is a cash register device for calculating sales transactions of products such as DVDs, and storing currency. Also, the register device 300 is a device for acquiring a content key assigned to content stored on a DVD from the management server device 100 and providing the content key to a user via a memory card.
- the register device 300 can actually be realized by a computer system that includes a microprocessor, a ROM, a RAM, a hard disk unit, a display unit, a keyboard, and the like. A computer program is stored on the hard disk unit. Functions of the register device 300 can partly be achieved by the microprocessor operating in accordance with this computer program.
- the information storage unit 312 stores a price list 321 , as shown in FIG. 11 .
- the price list 321 is made up of a plurality of sets of price information. Each set of price information corresponds to one DVD, and includes a content ID and a price.
- the content ID is identification information for uniquely identifying content stored on the DVD corresponding to the price information that includes the content ID.
- the DVD stores only one set of content.
- the price shows a selling price of the DVD corresponding to the price information that includes the price.
- the authentication unit 313 performs, when a memory card is loaded to the register device 300 , mutual device authentication with the loaded memory card via the input/output unit 305 .
- the device authentication referred to here is challenge-response device authentication.
- the challenge-response device authentication is well known in the art, so that its detailed explanation has been omitted here.
- the authentication unit 313 When the mutual device authentication between the authentication unit 313 and the loaded memory card results in success, the authentication unit 313 outputs an authentication result indicating the device authentication success, to the control unit 306 .
- the authentication unit 313 When the mutual device authentication results in failure, on the other hand, the authentication unit 313 outputs an authentication result indicating the device authentication failure, to the control unit 306 .
- the register device 300 When the mutual device authentication results in failure, the register device 300 does not perform subsequent transmission/reception of information with the memory card.
- the authentication unit 301 performs mutual device authentication with the management server device 100 via the communication unit 307 .
- the device authentication referred to here is challenge-response device authentication.
- the challenge-response device authentication is well known in the art, so that its detailed explanation has been omitted here.
- the authentication unit 301 When the mutual device authentication between the authentication unit 301 and the management server device 100 results in success, the authentication unit 301 outputs an authentication result indicating the device authentication success, to the control unit 306 .
- the authentication unit 301 When the mutual device authentication results in failure, on the other hand, the authentication unit 301 outputs an authentication result indicating the device authentication failure, to the control unit 306 .
- the register device 300 When the device authentication results in failure, the register device 300 does not perform subsequent transmission/reception of information with the management server device 100 .
- the input/output unit 305 performs bidirectional transmission/reception of information between the control unit 306 and the loaded memory card under control of the control unit 306 , and between the authentication unit 313 and the loaded memory card under control of the authentication unit 313 .
- the barcode reader 311 optically reads a barcode printed on a surface of the DVD package 500 , generates corresponding read information, and outputs the generated read information to the barcode processing unit 310 .
- the barcode processing unit 310 receives the read information from the barcode reader 311 , generates a content ID from the received read information, and outputs the generated content ID to the control unit 306 .
- the control unit 306 transmits a connection request to the management server device 100 via the communication unit 307 and the internet 10 .
- the control unit 306 then instructs the authentication unit 301 to perform mutual device authentication with the management server device 100 .
- control unit 306 Upon receiving an authentication result indicating device authentication failure from the authentication unit 301 , the control unit 306 ends the processing.
- the control unit 306 Upon receiving an authentication result indicating device authentication success from the authentication unit 301 , the control unit 306 receives the content ID from the barcode processing unit 310 , and reads price information that includes the same content ID as the received content ID from the price list 321 . The control unit 306 extracts a price from the read price information, outputs the received content ID and the extracted price to the display units 303 and 304 , and instructs the display units 303 and 304 to display them.
- the control unit 306 receives loading information indicating the loading of the memory card 200 a , from the input/output unit 305 . Having received the loading information, the control unit 306 instructs the authentication unit 313 to perform mutual device authentication with the loaded memory card 200 a . Upon receiving an authentication result indicating device authentication failure from the authentication unit 313 , the control unit 306 ends the processing.
- the control unit 306 Upon receiving an authentication result indicating device authentication success from the authentication unit 313 , the control unit 306 outputs a read instruction to read a media ID and a device ID stored on the memory card 200 a , to the memory card 200 a via the input/output unit 305 .
- the control unit 306 receives a read result via the input/output unit 305 .
- the read result includes a media ID, and at least one device ID or device ID absence information “NO” indicating that no device ID is stored.
- control unit 306 When receiving the device ID absence information “NO”, the control unit 306 outputs a message indicating that no device ID is stored on the memory card 200 a to the display units 303 and 304 , instructs the display units 303 and 304 to display the message, and ends the processing.
- control unit 306 When receiving a plurality of device IDs, the control unit 306 outputs the plurality of device IDs to the display units 303 and 304 , and instructs the display units 303 and 304 to display the plurality of device IDs. The control unit 306 then receives designation of one device ID selected from the plurality of device IDs by the user.
- control unit 306 When receiving one device ID, the control unit 306 uses that device ID.
- control unit 306 transmits request information for requesting a content key, to the management server device 100 via the communication unit 307 .
- the control unit 306 also transmits the received content ID, the received media ID, and the received device ID to the management server device 100 via the communication unit 307 .
- control unit 306 receives a device judgment level from the management server device 100 via the communication unit 307 .
- the control unit 306 may also receive an encrypted content key.
- the control unit 306 receives the encrypted content key when the received device judgment level is any of “0”, “1”, and “2”. If the received device judgment level is “3”, the control unit 306 does not receive the encrypted content key.
- the control unit 306 judges which of “0”, “1”, “2”, and “3” the received device judgment level is.
- control unit 306 If the received device judgment level is “0”, the control unit 306 outputs a message indicating that the provision of the encrypted content key to the user is permitted, to the display units 303 and 304 , and instructs the display units 303 and 304 to display the message.
- the control unit 306 also outputs the device ID and the content ID to the memory card 200 a via the input/output unit 305 , and outputs the encrypted content key to the memory card 200 a via the input/output unit 305 .
- the control unit 306 If the received device judgment level is “1”, the control unit 306 outputs a message indicating an advisory to the operator of the register device 300 , to the display units 303 and 304 , and instructs the display units 303 and 304 to display the message. Also, as in the case where the device judgment level is “0”, the control unit 306 outputs the device ID, the content ID, and the encrypted content key to the memory card 200 a via the input/output unit 305 .
- the control unit 306 If the received device judgment level is “2”, the control unit 306 outputs a message indicating a warning to the operator of the register device 300 , to the display units 303 and 304 , and instructs the display units 303 and 304 to display the message.
- the control unit 306 also receives an instruction as to whether or not to approve the provision of the encrypted content key to the user, from the operator of the register device 300 via the input unit 302 . If the instruction does not approve the provision, the control unit 306 ends the processing. That is, the control unit 306 does not output the device ID, the content ID, and the encrypted content key to the memory card 200 a .
- control unit 306 outputs the device ID, the content ID, and the encrypted content key to the memory card 200 a via the input/output unit 305 , as in the case where the device judgment level is “0”.
- control unit 306 If the received device judgment level is “3”, the control unit 306 outputs a message indicating that the provision of the encrypted content key to the user is prohibited, to the display units 303 and 304 , and instructs the display units 303 and 304 to display the message. The control unit 306 then ends the processing. That is, the control unit 306 does not output the encrypted content key to the memory card 200 a.
- the input unit 302 receives an input of information or an instruction from the operator of the register device 300 , and outputs the received information or instruction to the control unit 306 .
- the display units 303 and 304 receive information to be displayed from the control unit 306 , and displays the received information.
- the printing unit 308 prints various information under control of the control unit 306 .
- the storage 309 stores notes and coins.
- the communication unit 307 is connected to the management server device 100 via the internet 10 .
- the communication unit 307 performs transmission/reception of information between the control unit 306 and the management server device 100 , and transmission/reception of information between the authentication unit 301 and the management server device 100 .
- the DVD players 400 a , . . . , 400 b , 400 c , . . . , 400 d have a same configuration.
- the DVD player 400 includes a device ID storage unit 401 , an input/output unit 402 , a device key storage unit 403 , a decryption unit 404 , a read unit 405 , a decryption unit 406 , a playback unit 407 , a display unit 408 , an input unit 409 , a control unit 410 , and an authentication unit 411 , as shown in FIG. 12 .
- a monitor equipped with a speaker is connected to the DVD player 400 .
- the DVD player 400 can actually be realized by a computer system that includes a microprocessor, a ROM, a RAM, and the like. A computer program is stored on the ROM. Functions of the DVD player 400 can partly be achieved by the microprocessor operating in accordance with this computer program.
- the device ID storage unit 401 is made inaccessible from outside. As shown in FIG. 12 , the device ID storage unit 401 stores a device ID 421 in advance.
- the device ID 421 is identification information for uniquely identifying the DVD player 400 . However, if the DVD player 400 is an unauthorized device, the device ID 421 may be unable to uniquely identify the DVD player 400 .
- the device key storage unit 403 is made inaccessible from outside. As shown in FIG. 12 , the device key storage unit 403 stores a device key 422 in advance.
- the device key 422 is key information assigned to the DVD player 400 .
- the read unit 405 reads information from a DVD loaded in the DVD player 400 and outputs the read information to the control unit 410 or the decryption unit 406 , under control of the control unit 410 .
- the input/output unit 402 detects, when a memory card is loaded to the DVD player 400 , the loading of the memory card and outputs detection information indicating the loading detection to the control unit 410 .
- the input/output unit 402 performs bidirectional transmission/reception of information between the control unit 410 and the memory card loaded in the DVD player 400 under control of the control unit 410 , and between the authentication unit 411 and the memory card loaded in the DVD player 400 under control of the authentication unit 411 .
- the authentication unit 411 performs, when the memory card is loaded to the DVD player 400 , mutual device authentication with the loaded memory card via the input/output unit 402 .
- the device authentication referred to here is challenge-response device authentication. Since the challenge-response device authentication is well known in the art, its detailed explanation has been omitted here.
- the authentication unit 411 When the mutual device authentication between the authentication unit 411 and the memory card results in success, the authentication unit 411 outputs an authentication result indicating the device authentication success to the control unit 41 b . When the mutual device authentication results in failure, on the other hand, the authentication unit 411 outputs an authentication result indicating the device authentication failure to the control unit 410 .
- the DVD player 400 does not perform subsequent transmission/reception of information with the memory card.
- the decryption unit 404 reads the device key 422 from the device key storage unit 403 and receives an encrypted content key from the input/output unit 402 .
- the decryption unit 404 applies decryption algorithm D 1 to the encrypted content key using the read device key to generate a playback content key, and outputs the generated playback content key to the decryption unit 406 .
- AES is used as decryption algorithm D 1 .
- the decryption unit 406 receives the playback content key from the decryption unit 404 , and reads encrypted content from the DVD via the read unit 405 .
- the decryption unit 406 applies decryption algorithm D 2 to the encrypted content using the received playback content key, to generate playback content.
- AES is used as decryption algorithm D 2 .
- the decryption unit 406 outputs the generated playback content to the playback unit 407 .
- Playback Unit 407 Monitor, and Speaker
- the playback unit 407 receives the playback content from the decryption unit 406 , and separates the received playback content into compressed video information and compressed audio information.
- the playback unit 407 decodes the compressed video information to generate video information, and converts the video information to an analog video signal.
- the playback unit 407 also decodes the compressed audio information to generate audio information, and converts the audio information to an analog audio signal.
- the playback unit 407 outputs the generated video signal to the monitor, and the generated audio signal to the speaker provided with the monitor.
- the monitor receives the video signal and displays video.
- the speaker provided with the monitor receives the audio signal and outputs audio.
- the control unit 410 receives the detection information indicating the detection of the loading of the memory card, from the input/output unit 402 .
- the control unit 410 Upon receiving the detection information, the control unit 410 instructs the authentication unit 411 to perform mutual device authentication with the loaded memory card. The control unit 410 then receives an authentication result from the authentication unit 411 . If the received authentication result indicates device authentication failure, the control unit 410 outputs a message indicating this to the display unit 408 , and instructs the display unit 408 to display the message. The control unit 410 then ends the processing.
- the control unit 410 reads the device ID 421 from the device ID storage unit 401 , outputs a read instruction to read a device ID stored on the loaded memory card to the input/output unit 402 , and instructs the input/output unit 402 to read the device ID.
- the control unit 410 receives a read result from the loaded memory card via the input/output unit 402 .
- the received read result is either at least one device ID or absence information indicating that no device ID is stored on the memory card.
- the control unit 410 When the received read result is the absence information, or when the received read result is at least one device ID that does not include the read device ID 421 , the control unit 410 outputs the read device ID 421 to the loaded memory card via the input/output unit 402 , and instructs the input/output unit 402 to write the device ID 421 to the memory card.
- the control unit 410 receives an instruction to play back the encrypted content stored on the DVD, from the user of the DVD player 400 via the input unit 409 . Upon receiving the instruction, the control unit 410 reads the content ID from the DVD via the read unit 405 , outputs the content ID and its own device ID to the input/output unit 402 , and instructs the input/output unit 402 to read a content key that corresponds to both the content ID and its own device ID from the memory card.
- the control unit 410 receives a read result from the memory card via the input/output unit 402 .
- the read result is either one encrypted content key or absence information “NO” indicating that there is no corresponding encrypted content key.
- control unit 410 When the read result is the absence information “NO”, the control unit 410 outputs a message indicating this to the display unit 408 , and instructs the display unit 408 to display the message.
- control unit 410 instructs the decryption unit 404 to decrypt the encrypted content key, instructs the decryption unit 406 to decrypt the encrypted content, and instructs the playback unit 407 to play back the playback content and outputs it to the monitor.
- the display unit 408 displays a message designated by an instruction from the control unit 410 .
- the input unit 409 receives an instruction from the user of the DVD player 400 , and outputs the received instruction to the control unit 410 .
- step S 101 Upon receiving detection information indicating detection of loading of a memory card from the input/output unit 402 (step S 101 : YES), the control unit 410 in the DVD player 400 instructs the authentication unit 411 to perform mutual device authentication with the loaded memory card (step S 102 ). If an authentication result received from the authentication unit 411 indicates device authentication failure (step S 103 : NO), the control unit 410 outputs a message indicating this to the display unit 408 , and instructs the display unit 408 to display the message (step S 105 ). The control unit 410 then ends the processing.
- step S 103 If the received authentication result indicates device authentication success (step S 103 : YES), the control unit 410 reads the device ID 421 from the device ID storage unit 401 (step S 106 ), and outputs a read instruction to read a device ID stored on the loaded memory card to the input/output unit 402 (step S 107 ).
- the input/output unit 201 in the memory card 200 attempts to read a device ID from the encrypted content key list 221 in the general area 205 (step S 108 ), and outputs a read result to the DVD player 400 .
- the control unit 410 receives the read result from the loaded memory card via the input/output unit 402 (step S 109 ).
- step S 110 If the received read result is absence information, or if the received read result is at least one device ID that does not include the read device ID 421 (step S 110 : YES), the control unit 410 outputs the read device ID 421 to the loaded memory card via the input/output unit 402 (step S 111 ), and the input/output unit 201 in the memory card 200 writes the received device ID to the encrypted content key list 221 (step S 112 ).
- the control unit 306 in the register device 300 transmits a connection request to the management server device 100 via the communication unit 307 and the internet 10 (step S 200 ).
- the control unit 306 then instructs the authentication unit 301 to perform mutual device authentication with the management server device 100 (step S 201 ). If the control unit 306 receives an authentication result indicating device authentication failure from the authentication unit 301 (step S 203 : NO), the control unit 306 ends the processing.
- control unit 306 receives an authentication result indicating device authentication success from the authentication unit 301 (step S 203 : YES), the control unit 306 receives a content ID from the barcode processing unit 310 (step S 204 ), reads price information that includes the same content ID as the received content ID from the price list 321 , and extracts a price from the read price information.
- the control unit 306 outputs the received content ID and the extracted price to the display units 303 and 304 , and instructs the display units 303 and 304 to display them (step S 205 ).
- control unit 306 instructs the authentication unit 313 to perform mutual device authentication with the loaded memory card 200 a (step S 206 ). If the control unit 306 receives an authentication result indicating device authentication failure from the authentication unit 313 (step S 207 : NO), the control unit 306 outputs a message indicating the device authentication failure to the display units 303 and 304 , and instructs the display units 303 and 304 to display the message (step S 209 ). The control unit 306 then ends the processing.
- control unit 306 If the control unit 306 receives an authentication result indicating device authentication success from the authentication unit 313 (step S 207 : YES), the control unit 306 outputs a read instruction to read a media ID and a device ID stored on, the memory card 200 a to the memory card 200 a via the input/output unit 305 (step S 210 ).
- step S 208 NO
- the input/output unit 201 in the memory card 200 receives an authentication result indicating device authentication failure from the authentication unit 202 (step S 208 : NO)
- the input/output unit 201 ends the processing.
- step S 208 If the input/output unit 201 receives an authentication result indicating device authentication success from the authentication unit 202 (step S 208 : YES), the input/output unit 201 attempts to read, a device ID from the encrypted content key list 221 in the general area 205 (step S 211 ), and outputs a read result to the register device 300 (step S 212 ).
- the control unit 306 receives the read result via the input/output unit 305 (step S 212 ).
- the control unit 306 outputs a message indicating that no device ID is stored on the memory card 200 a to the display units 303 and 304 , instructs the display units 303 and 304 to display the message (step S 214 ), and ends the processing.
- the control unit 306 If the read result is a plurality of device IDs (step S 213 ), the control unit 306 outputs the plurality of device IDs to the display units 303 and 304 , and instructs the display units 303 and 304 to display the plurality of device IDs (step S 215 ). The control unit 306 receives a designation of one device ID selected from the plurality of device IDs by the user (step S 216 ).
- the control unit 306 transmits request information showing a content key request to the management server device 100 via the communication unit 307 (step S 231 ), and transmits the content ID, the device ID, and the media ID to the management server device 100 via the communication unit 307 (step S 232 ).
- the control unit 102 in the management server device 100 receives the content key request, the content ID, the device ID, and the media ID from the register device 300 via the internet 10 and the communication unit 101 (steps S 231 -S 232 ), and searches the management table 120 for the same device ID as the received device ID (step S 233 ). If the same device ID is not found in the management table 120 (step S 234 : NO), the control unit 102 sets a total media ID number to “1” (step S 235 ), writes the received device ID and media ID and the total media ID number to the management table 120 as media ID information (step S 236 ), and moves to step S 252 .
- step S 234 If the same device ID is found in the management table 120 (step S 234 : YES), the control unit 102 extracts media ID information that includes the same device ID from the management table 120 , and judges whether the extracted media ID information includes the same media ID as the received media ID (step S 237 ) If the same media ID is not included (step S 238 : NO), the control unit 102 adds the value “1” to a total media ID number in the extracted media ID information (step S 239 ), and writes the received media ID to the extracted media ID information (step S 240 ).
- control unit 102 judges which of the following ranges the total media ID number in the extracted media ID information belongs to: (i) no more than “100”; (ii) from “101” to “150” inclusive; (iii) from “151” to “199” inclusive; and (iv) no less than “200” (step S 251 ).
- step S 251 If the total media ID number is no more than “100” (i) (step S 251 ), or if the same device ID as the received device ID is not found in the management table 120 (step S 234 : NO, steps S 235 and S 236 ), the control unit 102 sets a device judgment level to “0” indicating that the device used by the user is not an unauthorized device (step S 252 ).
- the control unit 102 transmits the device judgment level set to “0”, to the register device 300 via the communication unit 101 and the internet 10 (step S 253 ).
- the encryption unit 107 reads device key information that includes the same device ID as the received device ID from the device key list 130 , and extracts a device key from the read device key information (step S 265 ).
- the selection unit 105 reads content key information that includes the same content ID as the received content ID from the content key list 140 , extracts a content key from the read content key information, and outputs the extracted content key to the encryption unit 107 (step S 266 ).
- the encryption unit 107 applies encryption algorithm E 1 to the received content key using the extracted device key to generate an encrypted content key (step S 267 ), and transmits the encrypted content key to the register device 300 via the communication unit 101 and the internet 10 (step S 268 ).
- step S 251 If the total media ID number is in the range of “101” to “150” inclusive (ii) (step S 251 ), the control unit 102 sets the device judgment level to “1” indicating that the device used by the user requires an advisory (step S 254 ), transmits the device judgment level set to “1” to the register device 300 via the communication unit 101 and the internet 10 (step S 255 ), and writes the received device ID to the advisory device list 150 (step S 256 ). The control unit 102 then moves to step S 265 .
- step S 251 the control unit 102 sets the device judgment level to “2” indicating that the device used by the user requires a warning (step S 257 ), transmits the device judgment level set to “2” to the register device 300 via the communication unit 101 and the internet 10 (step S 258 ), and writes the received device ID to the warning device list 160 (step S 259 ).
- the control unit 102 receives an instruction as to whether or not to approve the provision of the content key to the user, from the register device 300 via the internet 10 and the communication unit 101 (step S 260 ) If the received instruction does not approve the provision (step S 261 ), the control unit 102 ends the processing. If the received instruction approves the provision (step S 261 ), the control unit 102 moves to step S 265 .
- step S 251 If the total media ID number is no less than “200” (step S 251 ), the control unit 102 sets the device judgment level to “3” indicating that the device used by the user is an unauthorized device (step S 262 ), transmits the device judgment level set to “3” to the register device 300 via the communication unit 101 and the internet 10 (step S 263 ), writes the received device ID to the unauthorized device list 170 (step S 264 ), and ends the processing.
- the control unit 306 receives the device judgment level from the management server device 100 via the communication unit 307 (steps S 253 , S 255 , S 258 , S 263 ).
- the control unit 306 may also receive the encrypted content key (step S 268 ).
- the control unit 306 judges which of “0”, “1”, “2”, and “3” the received device judgment level is (step S 281 ).
- step S 281 the control unit 306 outputs a message indicating that the provision of the encrypted content key to the user is permitted to the display units 303 and 304 , and instructs the display units 303 and 304 to display the message (step S 282 ).
- the control unit 306 also outputs the device ID and the content ID to the memory card 200 a via the input/output unit 305 (step S 291 ), and further outputs the encrypted content key to the memory card 200 a via the input/output unit 305 (step S 293 ).
- step S 281 When the received device judgment level is “1” (step S 281 ), the control unit 306 outputs a message indicating an advisory to the operator of the register device 300 to the display units 303 and 304 , and instructs the display units 303 and 304 to display the message (step S 283 ). The control unit 306 then moves to step S 291 .
- step S 281 the control unit 306 outputs a message indicating a warning to the operator of the register device 300 to the display units 303 and 304 , and instructs the display units 303 and 304 to display the message (step S 284 ).
- the control unit 306 receives an instruction as to whether or not to approve the provision of the encrypted content key to the user, from the operator of the register device 300 via the input unit 302 (step S 285 ).
- the control unit 306 outputs the received instruction to the management server device 100 (step S 260 ). If the received instruction does not approve the provision (step S 287 ), the control unit 306 ends the processing. If the received instruction approves the provision (step S 287 ), the control unit 306 moves to step S 291 .
- control unit 306 When the received device judgment level is “3” (step S 281 ), the control unit 306 outputs, to the display units 303 and 304 , a message indicating that the provision of the encrypted content key to the user is prohibited to the operator of the register device 300 , and instructs the display units 303 and 304 to display the message (step S 288 ). The control unit 306 then ends the processing.
- the input/output unit 201 in the memory card 200 receives the device ID and the content ID (step S 291 ), and writes the content ID to the encrypted content key list 221 in correspondence with the device ID (step S 292 ).
- the input/output unit 201 also receives the encrypted content key (step S 293 ), and writes the encrypted content key to the encrypted content key list 221 in correspondence with the content ID (step S 294 ).
- the DVD player 400 acquires the device ID from the memory card 200 according to the procedure shown in the flowchart of FIG. 13 (step S 301 ).
- the control unit 410 receives an instruction to play back encrypted content stored on the DVD, from the user of the DVD player 400 via the input unit 409 (step S 302 ).
- the control unit 410 reads a content ID from the DVD via the read unit 405 (step S 305 ), and outputs the content ID and its own device ID to the input/output unit 402 (step S 306 ).
- the input/output unit 201 in the memory card 200 attempts to read a content key corresponding to both the content ID and the device ID (step S 307 ), and outputs a read result to the DVD player 400 (step S 308 ).
- the control unit 410 receives the read result from the memory card 200 via the input/output unit 402 (step S 308 ).
- the control unit 410 outputs a message indicating this to the display unit 408 , instructs the display unit 408 to display the message (step S 310 ), and ends the processing.
- the decryption unit 404 reads the device key 422 from the device key storage unit 403 (step S 311 ), and applies decryption algorithm D 1 to the encrypted content key using the read device key to generate a playback content key (step S 312 ).
- the decryption unit 406 reads the encrypted content from the DVD via the read unit 405 (step S 313 ), and applies decryption algorithm D 2 to the encrypted content using the playback content key to generate playback content (step S 314 ).
- the playback unit 407 separates the received playback content into compressed video information and compressed audio information.
- the playback unit 407 decodes the compressed video information to generate video information, and converts the video information to an analog video signal.
- the playback unit 407 also decodes the compressed audio information to generate audio information, and converts the audio information to an analog audio signal.
- the monitor displays video, and the speaker provided with the monitor outputs audio (step S 315 ).
- the unauthorized device detection system 1 is based on the assumption that a large number of unauthorized DVD players that store a same device ID as a device ID for uniquely identifying an authorized DVD player are distributed in the market.
- the unauthorized DVD player When a user of an unauthorized DVD player storing the same device ID wants to play back content, the unauthorized DVD player writes the device ID stored therein onto a memory card.
- the device ID and a media ID for uniquely identifying the memory card, both of which are stored on the memory card, are collected by the management server device 100 via the register device 300 .
- the management server device 100 summarizes a total number of media IDs corresponding to one device ID, thereby calculating a total media ID number. If the total media ID number is no less than a predetermined threshold value, the management server device 100 judges that a DVD player having this device ID is an unauthorized device.
- the threshold value used here is “100”. This threshold value represents a maximum number of memory cards that are likely to be possessed by one user. That is, this threshold value is set on the assumption that it is not unnatural for one user to possess up to 100 memory cards.
- unauthorized DVD players e.g. 1,000 unauthorized DVD players
- the following describes an unauthorized device detection system 1 e (not illustrated) as a first modification example of the unauthorized device detection system 1 .
- the management server device 100 stores, in correspondence with each device ID, one or more content IDs respectively for identifying one or more sets of content played back by a DVD player identified by the device ID.
- the management server device 100 compares a group of one or more content IDs respectively for identifying one or more sets of content played back by a DVD player identified by a specific device ID, with a group of one or more content IDs stored in the management server device 100 in correspondence with that device ID.
- the management server device 100 judges that the DVD player identified by the device ID is an authorized device. Otherwise, the management server device 100 judges that the DVD player identified by the device ID is an unauthorized device.
- the unauthorized device detection system 1 e has a similar configuration to the unauthorized device detection system 1 .
- a memory card 200 e shown in FIG. 20 is used instead of the memory card 200 in the unauthorized device detection system 1 .
- the memory card 200 e includes an input/output unit 201 e and a storage unit 203 e , as shown in FIG. 20 .
- the memory card 200 e may further include an authentication unit 202 e (not illustrated) that is the same as the authentication unit 202 in the memory card 200 .
- the storage unit 203 e has a general area 205 e .
- the general area 205 e has a user history information list 231 e.
- the user history information list 231 e has an area for storing one or more sets of user history information.
- Each set of user history information includes one device ID and one content ID, and corresponds to one set of content played back by one device (DVD player in this embodiment).
- the device ID is identification information for uniquely identifying a device (DVD player in this embodiment) that plays back the content corresponding to the user history information that includes the device ID. As mentioned above, however, if there is an unauthorized device storing the device ID, the device ID may be unable to uniquely identify one device.
- the content ID is identification information for uniquely identifying the content corresponding to the user history information that includes the content ID.
- the input/output unit 201 e reads information from the general area 205 e in the storage unit 203 e , and outputs the read information to an external device in which the memory card 200 e is loaded.
- the input/output unit 201 e also receives information from the external device, and writes the received information to the general area 205 e in the storage unit 203 e .
- the external device referred to here is the register device or each DVD player.
- the management server device 100 in the unauthorized device detection system 1 e has the same configuration as the management server device 100 in the unauthorized device detection system 1 .
- the management server device 100 has a server history information list 120 e shown in FIG. 21 , in the management table storage unit 103 .
- the server history information list 120 e is made up of a plurality of sets of server history information. Each set of server history information corresponds to one set of content played back by one device (DVD player in this embodiment).
- Each set of server history information includes a device ID and a content ID.
- the device ID is identification information for uniquely identifying a device that plays back the content corresponding to the server history information that includes the device ID. As mentioned above, however, if there is an unauthorized device that stores the device ID, the device ID may be unable to uniquely identify one device.
- the content ID is identification information for uniquely identifying the content corresponding to the server history information that includes the content ID.
- the control unit 102 receives the user history information list from the memory card 200 e via the register device 300 and the internet 10 , and extracts a device ID from the received user history information list. Here, it is supposed that one device ID is extracted.
- the control unit 102 extracts all sets of server history information that include the extracted device ID, from the server history information list 120 e .
- a group of all extracted sets of server history information is referred to as server history information group ⁇ , while the received user history information list is referred to as group ⁇ .
- the control unit 102 compares group ⁇ and group ⁇ , to judge if group ⁇ and group ⁇ completely match each other, group ⁇ is a subset of group ⁇ , group ⁇ is a subset of group ⁇ , or group ⁇ and group ⁇ neither completely match each other nor have the subset relation.
- group ⁇ and group ⁇ completely match each other, group ⁇ is a subset of group ⁇ , or group ⁇ is a subset of group ⁇ , the control unit 102 judges that the DVD player identified by the extracted device ID is an authorized device, and sets a device judgment level to “0”.
- the control unit 102 also adds a difference between group ⁇ and group ⁇ to the server history information list 120 e .
- the control unit 102 then transmits the device judgment level to the register device 300 via the internet 10 .
- the control unit 102 judges that the DVD player identified by the extracted device ID is an unauthorized device, sets the device judgment level to “3”, and adds the extracted device ID to the unauthorized device list.
- the control unit 102 also adds a difference between group ⁇ and group ⁇ to the server history information list 120 e .
- the control unit 102 then transmits the device judgment level to the register device 300 via the internet 10 .
- the DVD player detects loading of a DVD (step S 401 ), reads its own device ID stored therein (step S 402 ), reads a content ID from the loaded DVD (step S 403 ), and outputs an instruction to read a device ID and a content ID to the memory card 200 e (step S 404 ).
- the memory card 200 e attempts to read the pair of device ID and content ID (viewing history information) (step S 405 ), and outputs a read result to the DVD player (step S 406 ).
- the DVD player If the read result indicates that the pair of device ID and content ID does not exist, the DVD player outputs a write instruction to write the device ID and the content ID to the memory card 200 e (step S 408 ).
- the memory card 200 e writes the received device ID and content ID to the general area 205 e (step S 411 ).
- the DVD player reads content from the loaded DVD (step S 409 ), and plays back the read content (step S 410 ).
- the register device 300 outputs a read instruction to read the user history information list to the loaded memory card 200 e (step S 431 ).
- the memory card 200 e reads the user history information list 231 e from the general area 205 e (step S 432 ), and outputs the read user history information list 231 e to the register device 300 (step S 433 ).
- the register device 300 transmits the received user history information list to the management server device 100 via the internet 10 (step S 434 ).
- the control unit 102 in the management server device 100 receives the user history information list from the memory card 200 e via the register device 300 and the internet 10 (steps S 433 and S 434 ), and extracts a device ID from the received user history information list (step S 435 ).
- the control unit 102 extracts all sets of server history information that include the extracted device ID, from the server history information list 120 e (step S 436 ).
- the control unit 102 compares group ⁇ and group ⁇ , to judge if group ⁇ and group ⁇ completely match each other, group ⁇ is a subset of group ⁇ , group ⁇ is a subset of group ⁇ , or group ⁇ and group ⁇ neither completely match each other nor have the subset relation (step S 437 ).
- control unit 102 sets the device judgment level to “0” (step S 438 ).
- the control unit 102 also adds a difference between group ⁇ and group ⁇ to the server history information list 120 e (step S 441 ).
- the control unit 102 then transmits the device judgment level to the register device 300 via the internet 10 (step S 442 ).
- control unit 102 sets the device judgment level to “3” (step S 439 ), and writes the extracted device ID to the unauthorized device list (step S 440 ).
- control unit 102 also adds a difference between group ⁇ and group a to the server history information list 120 e (step S 441 ).
- the control unit 102 then transmits the device judgment level to the register device 300 via the internet 10 (step S 442 ).
- group ⁇ is obtained from the memory card 200 e
- group ⁇ is extracted from the server history information list 120 e in the management server device 100 .
- FIG. 25 shows a first example of group ⁇ and group ⁇ .
- group ⁇ 601 is composed of content IDs “C 001 ”, “C 002 ”, . . . , “C 006 ”, while group ⁇ 602 is composed of content IDs “C 001 ”, “C 002 ”, . . . , “C 005 ”. Since group ⁇ 602 is a subset of group ⁇ 601 , the device identified by the extracted device ID is judged as an authorized device.
- group ⁇ 601 and group ⁇ 602 shown in FIG. 25 only the content IDs are illustrated while a device ID as part of the group elements has been omitted for simplicity's sake. The same applies to FIGS. 26 and 27 .
- FIG. 26 shows a second example of group ⁇ and group ⁇ .
- group ⁇ 603 is composed of content IDs “C 001 ” and “C 002 ”, while groups 604 is composed of content IDs “C 001 ”, “C 002 ”, . . . , “C 005 ”. Since group ⁇ 603 is a subset of group ⁇ 604 , the device identified by the extracted device ID is judged as an authorized device in this case too.
- FIG. 27 shows a third example of group ⁇ and group ⁇ .
- group ⁇ 605 is composed of content IDs “X 001 ” and “X 002 ”
- group ⁇ 606 is composed of content IDs “M 001 ” and “M 002 ”. Since group ⁇ 605 and group ⁇ 606 have no subset relation, the device identified by the extracted device ID is judged as an unauthorized device.
- the user history information list 231 e Before the user plays back content for the first time, there is no user history information in the user history information list 231 e stored on the memory card 200 e . As an alternative, the user history information list 231 e itself may not be stored on the memory card 200 e at this stage.
- the register device 300 does not transmit user history information to the management server device 100 , because no user history information is included in the user history information list 231 e or the user history information list 231 e itself does not exist.
- user history information that is composed of a device ID for identifying a device used for the playback such as “ID-A” and the content ID “C 001 ” is written to the user history information list 231 e on the memory card 200 e .
- this user history information list 231 e is transmitted from the register device 300 to the management server device 100 , and the management server device 100 writes the user history information composed of “ID-A” and the content ID “C 001 ” to the server history information list 120 e.
- the user history information list 231 e includes the user history information composed of “ID-A” and “C 001 ” and the user history information composed of “ID-A” and “C 002 ”.
- this user history information list 231 e is transmitted from the register device 300 to the management server device 100 , and the management server device 100 writes the user history information composed of “ID-A” and the content ID “C 002 ” to the server history information list 120 e.
- group ⁇ stored in the management server device 100 is always a subset of group ⁇ transmitted from the memory card 200 e.
- the reason for using another memory card is that the user lost the memory card 200 e , the memory card 200 e was broken, or the entire storage capacity of the memory card 200 e has been used up.
- the user uses another memory card and plays back, the content identified by the content ID “C 001 ”.
- user history information composed of the device ID for identifying the device used for the playback such as “ID-A” and the content ID “C 001 ” is written to a user history information list of the other memory card.
- the user history information list of the other memory card includes the user history information composed of “ID-A” and “C 001 ”.
- group ⁇ transmitted from the memory card 200 e is always a subset of group ⁇ stored in the management server device 100 , instead of group ⁇ being a subset of group ⁇ .
- the device identified by the device ID can be regarded as an authorized device.
- control unit 102 judges that the device identified by the device ID is an authorized device in both of the case where group ⁇ is a subset of group ⁇ and the case where group ⁇ is a subset of group ⁇ .
- a DVD player which is a content playback device may have the following configuration.
- the DVD player includes: an identifier storage unit operable to store a device identifier for identifying the DVD player; a history storage unit operable to acquire, each time a BD is loaded or an instruction to play back content stored on the BD is received from a user, that is, for each instance of content playback, a content identifier for identifying the content from the BD and store, together with a playback ordinal number of the content, the acquired content identifier and date and time information showing a playback date and time, as playback history information showing the playback of the content; and a write unit operable to write, when a memory card is loaded to the DVD player, the device identifier, the playback history information, and the playback ordinal number to the memory card.
- the following describes an unauthorized device detection system 1 f (not illustrated) as a modification example of the unauthorized device detection system 1 e.
- the unauthorized device detection system 1 f operates in the following manner.
- the management server device 100 stores, in correspondence with each device ID, one or more content IDs respectively for identifying one or more sets of content played back by a DVD player identified by the device ID and a playback ordinal number showing an ordinal number of each set of content in a content playback order.
- the management server device 100 compares a group of playback ordinal numbers and content IDs for identifying one or more sets of content played back by a DVD player identified by a specific device ID, with a group of playback ordinal numbers and content IDs stored in the management server device 100 in correspondence with that device ID.
- the management server device 100 judges that the DVD player identified by the device ID is an authorized device. Otherwise, the management server device 100 judges that the DVD player identified by the device ID is an unauthorized device.
- the unauthorized device detection system 1 f has a similar configuration to the unauthorized device detection system 1 e .
- the unauthorized device detection system 1 f uses the memory card 200 e as in the unauthorized device detection system 1 e .
- the storage unit 203 e in the memory card 200 e has the general area 205 e .
- the general area 205 e has a user history information list 231 f shown in FIG. 28 , instead of the user history information list 231 e .
- the following mainly describes the difference from the memory card 200 e used in the unauthorized device detection system 1 e.
- the user history information list 231 f has an area for storing at least one set of user history information.
- Each set of user history information includes one device ID, one playback ordinal number, and one content ID, and corresponds to one set of content played back by one device (DVD player in this embodiment).
- the device ID is identification information for uniquely identifying a device (DVD player in this embodiment) that plays back the content corresponding to the user history information that includes the device ID. As mentioned earlier, however, if there is an unauthorized device that stores the device ID unauthorizedly, the device ID may be unable to uniquely identify one device.
- the content ID is identification information for uniquely identifying the content corresponding to the user history information that includes the content ID.
- the playback ordinal number is information showing an ordinal number at which the content corresponding to the user history information that includes the playback ordinal number is played back by the device.
- the management server device 100 in the unauthorized device detection system 1 f has a similar configuration to the management server device 100 in the unauthorized device detection system 1 e .
- the following mainly describes the difference from the management server device 100 in the unauthorized device detection system 1 e.
- the management server device 100 has a server history information list 120 f shown in FIG. 29 in the management table storage unit 103 , instead of the server history information list 120 e.
- the server history information list 120 f is made up of a plurality of sets of server history information. Each set of server history information corresponds to one set of content played back by one device (DVD player in this embodiment).
- Each set of server history information includes a device ID, a playback ordinal number, and a content ID.
- the device ID is identification information for uniquely identifying the device that plays back the content corresponding to the server history information that includes the device ID. As mentioned earlier, however, if there is an unauthorized device that stores the device ID unauthorizedly, the device ID may be unable to uniquely identify one device.
- the content ID is identification information for uniquely identifying the content corresponding to the server history information that includes the content ID.
- the playback ordinal number is information showing an ordinal number at which the content corresponding to the server history information that includes the playback ordinal number is played back by the device.
- the control unit 102 receives the user history information list from the memory card 200 e via the register device 300 and the internet 10 , and extracts a device ID from the received user history information list. Here, it is supposed that one device ID is extracted.
- the control unit 102 extracts all sets of server history information that include the extracted device ID, from the server history information list 120 f .
- a group of all extracted sets of server history information is referred to as server history information group ⁇ , while the received user history information list is referred to as group ⁇ .
- the control unit 102 compares group ⁇ and group ⁇ , to judge whether or not group ⁇ and group ⁇ completely match each other.
- All content IDs in group ⁇ completely match all content IDs in group ⁇ , and also a playback ordinal number corresponding to each content ID in group ⁇ matches a playback ordinal number corresponding to its matching content ID in group ⁇ .
- control unit 102 judges that a DVD player identified by the extracted device ID is an authorized device, sets the device judgment level to “0”, and transmits the device judgment level to the register device 300 via the internet 10 .
- control unit 102 judges that the DVD player identified by the extracted device ID is an unauthorized device, sets the device judgment level to “3”, and writes the extracted device ID to the unauthorized device list.
- the control unit 102 also adds group ⁇ to the server history information list 120 f , and transmits the device judgment level to the register device 300 via the internet 10 .
- the control unit 102 in the management server device 100 receives the user history information list from the memory card 200 e via the register device 300 and the internet 10 , extracts a device ID from the received user history information list, and extracts all sets of server history information that include the extracted device ID from the server history information list 120 f.
- the control unit 102 compares group ⁇ and group ⁇ . If content IDs in group ⁇ match content IDs in group ⁇ (step S 437 f ), the control unit 102 compares their corresponding playback ordinal numbers. If their corresponding playback ordinal numbers match, that is, if group ⁇ and group ⁇ completely match each other (step S 451 ), the control unit 102 sets the device judgment level to “0” (step S 438 f ).
- step S 437 f the control unit 102 sets the device judgment level to “3” (step S 439 f ), and writes the extracted device ID to the unauthorized device list (step S 440 f ).
- group ⁇ is obtained from the memory card 200 e
- group ⁇ is extracted from the server history information list 120 f in the management server device 100 .
- FIG. 31 shows a first example of comparison between group ⁇ and group ⁇ .
- group ⁇ 611 is composed of pairs of playback ordinal numbers and content IDs ⁇ “ 1 ”, “C 001 ” ⁇ , ⁇ “ 2 ”, “C 002 ” ⁇ , ⁇ “ 3 ”, “C 003 ” ⁇ , ⁇ “ 4 ”, “C 004 ” ⁇ , and ⁇ “ 5 ”, “C 005 ” ⁇
- group ⁇ 612 is composed of pairs of playback ordinal numbers and content IDs ⁇ “ 1 ”, “C 001 ” ⁇ , ⁇ “ 2 ”, “C 002 ” ⁇ , ⁇ “ 3 ”, “C 003 ” ⁇ , ⁇ “ 4 ”, “C 004 ” ⁇ , and ⁇ “ 5 ”, “C 005 ” ⁇ .
- group ⁇ 611 and group ⁇ 612 completely match each other, and so the device identified by the extracted device ID is presumed to be an authorized device.
- FIG. 32 shows a second example of comparison between group ⁇ and group ⁇ .
- group ⁇ 613 is composed of pairs of playback ordinal numbers and content IDs ⁇ “ 2 ”, “C 001 ” ⁇ , ⁇ “ 1 ”, “C 002 ” ⁇ , ⁇ “ 3 ”, “C 003 ” ⁇ , ⁇ “ 4 ”, “C 004 ” ⁇ , and ⁇ “ 5 ”, “C 005 ” ⁇
- group ⁇ 614 is composed of pairs of playback ordinal numbers and content IDs ⁇ “ 1 ”, “C 001 ” ⁇ , ⁇ “ 2 ”, “C 002 ” ⁇ , ⁇ “ 3 ”, “C 003 ” ⁇ , ⁇ “ 4 ”, “C 004 ” ⁇ , and ⁇ “ 5 ”, “C 005 ” ⁇ .
- the playback ordinal numbers corresponding to the content IDs “C 001 ” and “C 002 ” in group ⁇ 613 are different from the playback ordinal numbers corresponding to the content IDs “C 001 ” and “C 002 ” in group ⁇ 614 . Accordingly, the device identified by the extracted device ID is presumed to be an unauthorized device in this case.
- the device is presumed to be authorized when group ⁇ and group ⁇ completely match each other, but the present invention is not limited to such.
- the following operation may be performed except when group ⁇ and group ⁇ completely match each other.
- the control unit 102 compares group A which is composed of the content IDs of group ⁇ and group B which is composed of the content IDs of group ⁇ , to judge if group A is a subset of group B, group B is a subset of group A, or group A and group B do not have the subset relation.
- control unit 102 extracts each content ID that is included in both group A and group B.
- the control unit 102 extracts a playback ordinal number corresponding to the extracted content ID from group ⁇ and a playback ordinal number corresponding to the extracted content ID from group ⁇ , and judges whether the extracted two playback ordinal numbers match each other. If the extracted two playback ordinal numbers do not match each other, the control unit 102 presumes that the device identified by the extracted device ID is an unauthorized device.
- control unit 102 presumes that the device identified by the extracted device ID is an authorized device.
- the following describes an unauthorized device detection system 1 g (not illustrated) as a modification of the unauthorized device detection system 1 f.
- the unauthorized device detection system 1 f before the user plays back content for the first time, there is no user history information in the user history information list 231 f stored on the memory card 200 e.
- user history information that is made up of a device ID for identifying a device used for the playback such as “ID-A”, a payback ordinal number “ 1 ”, and the content ID “C 001 ” is written to the user history information list 231 f on the memory card 200 e.
- this user history information list 231 f is transmitted from the register device 300 to the management server device 100 , and the management server device 100 writes the user history information made up of “ID-A”, the playback ordinal number “ 1 ”, and the content ID “C 001 ” to the server history information list 120 f.
- the user history information list 231 f includes the user history information made up of “ID-A”, “ 1 ”, and “C 001 ” and the user history information made up of “ID-A”, “ 2 ”, and “C 002 ”.
- this user history information list 231 f is transmitted from the register device 300 to the management server device 100 , and the management server device 100 writes the user history information made up of “ID-A”, the playback ordinal number “ 2 ”, and the content ID “C 002 ” to the server history information list 120 f.
- group ⁇ stored in the management server device 100 is always a subset of group ⁇ transmitted from the memory card 200 e.
- the user subsequently uses another memory card having the same configuration as the memory card 200 e and plays back content identified by the content ID “C 003 ”.
- the reason for using another memory card is as explained above.
- user history information that is made up of the device ID for identifying the device used for the playback such as “ID-A”, a playback ordinal number “ 1 ”, and the content ID “C 003 ” is written to a user history information list on the other memory card.
- the user history information list of the other memory card includes the user history information made up of “ID-A”, the playback ordinal number “ 1 ”, and “C 003 ”.
- group ⁇ stored in the management server device 100 is not a subset of group ⁇ transmitted from the memory card 200 e , and also group ⁇ is not a subset of group ⁇ . Even in this case, the device identified by the device ID can be regarded as an authorized device.
- the following states are regarded as belonging to a same viewing history series (a first viewing history series): an initial state where no user history information is included in the user history information list 231 f on the memory card 200 e ; a subsequent state where the user history information made up of “ID-A”, “ 1 ”, and “C 001 ” is written to the user history information list 231 f ; a subsequent state where the user history information made up of “ID-A”, “ 2 ”, and “C 002 ” is written to the user history information list 231 f ; a subsequent state where user history information made up of “ID-A”, a playback ordinal number, and another content ID is written to the user history information list 231 f ; and a similar state that would subsequently occur.
- the following states are regarded as belonging to a same viewing history series (a second viewing history series): a state where the user history information made up of “ID-A”, the playback ordinal number “ 1 ”, and the content ID “C 003 ” is written to the user history information list on the other memory card; a subsequent state where user history information made up of “ID-A”, a playback ordinal number, and another content ID is written to the user history information list; and a similar state that would subsequently occur.
- the first viewing history series and the second viewing history series correspond to the same device ID, but are different from each other.
- the management server device 100 in the unauthorized device detection system 1 g extracts, from the server history information list 120 f stored therein (same as the server history information list 120 f in the unauthorized device detection system 1 f ), one or more viewing history series that correspond to the same device ID as the device ID received from the memory card 200 e via the register device 300 , and judges whether a viewing history series to which the received user history information list belongs is the same as any of the extracted viewing history series. If the judgment is affirmative, the management server device 100 calculates a total series number showing a total number of the extracted viewing history series. If the judgment is negative, the management server device 100 adds “1” to the total number of the extracted viewing history series, to thereby calculate the total series number.
- the management server device 100 compares the calculated total series number with a predetermined threshold value such as “100”. If the calculated total series number is more than “100”, the management server device 100 presumes that the device identified by the received device ID is an unauthorized device. If the calculated total series number is no more than “100”, the management server device 100 presumes that the device identified by the received device ID is an authorized device.
- the unauthorized device detection system 1 g has a similar configuration to the unauthorized device detection system 1 f .
- the unauthorized device detection system 1 g uses the memory card 200 e having the same configuration as that in the unauthorized device detection system 1 f .
- the memory card 200 e has the user history information list 231 f shown in FIG. 28 .
- the management server device 100 in the unauthorized device detection system 1 g has a similar configuration to the management server device 100 in the unauthorized device detection system 1 f .
- the following mainly describes the difference from the management server device 100 in the unauthorized device detection system 1 f.
- the management server device 100 has the server history information list 120 f shown in FIG. 29 , in the management table storage unit 103 .
- the server history information list 120 f is as described above. In the server history information list 120 f , all sets of server history information that belong to a same viewing history series are arranged adjacent to each other and in ascending order of playback ordinal numbers.
- the control unit 102 receives the user history information list from the memory card 200 e via the register device 300 and the internet 10 , and extracts a device ID from the received user history information list. Here, it is supposed that one device ID is extracted.
- the control unit 102 extracts all sets of server history information that include the extracted device ID, from the server history information list 120 f . All of the extracted sets of server history information are referred to as a server history information group.
- FIG. 34 shows a server history information group 621 as one example of the server history information group.
- control unit 102 classifies the extracted sets of server history information into one or more viewing history series, in the following way.
- server history information list 120 f sets of server history information that belong to a same viewing history series are arranged adjacent to each other and in ascending order of playback ordinal numbers. This being so, the control unit 102 sequentially reads the extracted sets of server history information one by one, and compares a playback ordinal number in a set of server history information which is currently read with a playback ordinal number in a set of server history information which was read immediately before.
- the control unit 102 judges that the immediately preceding set of server history information and the set of server history information represent a boundary between two viewing history series, and determines the immediately preceding set of server history information as belonging to one viewing history series and the set of server history information onward as belonging to another viewing history series.
- a group 631 of sets of server history information belongs to one viewing history series
- a group 632 of other sets of server history information belongs to another viewing history series
- a group 633 of other sets of server history information belongs to another viewing history series.
- the playback ordinal number drops from “3” to “1” at the boundary between the group 631 and the group 632 .
- control unit 102 classifies all of the extracted sets of server history information into one or more viewing history series.
- the control unit 102 judges whether the viewing history series to which the received user history information list belongs is the same as any of the extracted viewing history series. If the judgment is affirmative, the control unit 102 calculates a total series number showing a total number of the extracted viewing history series. If the judgment is negative, the control unit 102 adds “1” to the number of the extracted viewing history series and calculates the total series number.
- the control unit 102 compares the calculated total series number with a predetermined threshold value such as “100”. If the calculated total series number is more than “100”, the control unit 102 presumes that the device identified by the received device ID is an unauthorized device, sets the device judgment level to “3”, and writes the extracted device ID to the unauthorized device list. The control unit 102 also adds the received user history information list to the server history information list 120 f , and transmits the device judgment level to the register device 300 via the internet 10 .
- a predetermined threshold value such as “100”. If the calculated total series number is more than “100”, the control unit 102 presumes that the device identified by the received device ID is an unauthorized device, sets the device judgment level to “3”, and writes the extracted device ID to the unauthorized device list.
- the control unit 102 also adds the received user history information list to the server history information list 120 f , and transmits the device judgment level to the register device 300 via the internet 10 .
- control unit 102 presumes that the device identified by the received device ID is an authorized device, sets the device judgment level to “0”, adds the received user history information list to the server history information list 120 f , and transmits the device judgment level to the register device 300 via the internet 10 .
- the register device 300 outputs a read instruction to read the user history information list to the loaded memory card 200 e (step S 431 ).
- the memory card 200 e reads the user history information list 231 f from the general area 205 e (step S 432 ), and outputs the read user history information list 231 f to the register device 300 (step S 433 ).
- the register device 300 transmits the received user history information list to the management server device 100 via the internet 10 (step S 434 ).
- the control unit 102 in the management server device 100 receives the user history information list from the memory card 200 e via the register device 300 and the internet 10 (steps S 433 -S 434 ), and extracts a device ID from the received user history information list (step S 435 ).
- the control unit 102 then extracts all sets of server history information that include the extracted device ID, from the server history information list 120 f (step S 436 ).
- control unit 102 extracts viewing history series, calculates a total series number of the extracted viewing history series, and temporarily stores the calculated total series number (step S 461 ).
- the control unit 102 compares the calculated total series number with “100”. If the calculated total series number is more than “100” (step S 462 ), the control unit 102 sets the device judgment level to “3” (step S 439 ), and writes the extracted device ID to the unauthorized device list (step S 440 ).
- step S 462 If the calculated total series number is no more than “100” (step S 462 ), the control unit 102 sets the device judgment level to “0” (step S 438 ).
- the control unit 102 then writes the received user history information list to the server history information list 120 f (step S 411 ), and transmits the device judgment level to the register device 300 via the internet 10 (step S 442 ).
- the above embodiment describes the case where a DVD player decrypts encrypted content stored on a DVD and plays back the decrypted content, but this is not a limit for the present invention.
- a content playback device that acquires encrypted content via a network, decrypts the encrypted content, and plays back the decrypted content may be used instead of the DVD player.
- encrypted content may be broadcast by digital broadcasting, so that a digital broadcast reception device receives a broadcast wave, extracts the encrypted content from the received broadcast wave, decrypts the encrypted content, and plays back the decrypted content.
- encrypted content may be stored on a portable memory card together with an encrypted content key, so that a content playback device reads the encrypted content from the memory card, decrypts the encrypted content, and plays back the decrypted content.
- the above embodiment describes the case where one device key is assigned to one DVD player, but the number of device keys assigned to one playback device may be more than one. Alternatively, a plurality of devices may share a same device key.
- one more level may be added to a key hierarchy such that content is encrypted using a content key, the content key is encrypted using a media key, and the media key is encrypted using a device key.
- a key hierarchy such that content is encrypted using a content key, the content key is encrypted using a media key, and the media key is encrypted using a device key.
- the above embodiment describes the case where the management server device detects an unauthorized device by judging whether a device that uses content is authorized or unauthorized, but the present invention is not limited to such.
- the present invention may be applied to a commuter pass use system for trains or the like, so that a management device detects unauthorized use by judging whether a commuter pass is used authorizedly or unauthorizedly.
- the commuter pass use system is constituted by a ticket gate installed at a station and a pair of a mobile terminal which has a device ID and a portable medium which stores commuter pass information and has a media ID.
- the portable medium is used in a state of being loaded in the mobile terminal.
- the ticket gate operates in the same way as the management server device in the above embodiment.
- the ticket gate manages pairs of device IDs and media IDs. If one portable medium is loaded to a mobile terminal of another person and used, the management device can detect that a media ID of this portable medium is used in pair with a different device ID. Thus, the management device can detect the unauthorized use of the portable medium.
- a threshold value may be provided to enable to set the number of devices (the number of device IDs) that can be used by one portable medium.
- the present invention is equally applicable to other systems that detect an unauthorized device or unauthorized use based on device IDs and media IDs.
- a MAC address may be used instead of a media ID.
- a device ID and a MAC address are transmitted to, a management device via a network, and the management device judges whether a device is unauthorized using the MAC address and, if not, transmits an encrypted content key.
- an IC card or the like that has unrewritable unique information may be used instead of the MAC address.
- the present invention is equally applicable to any configuration in which unrewritable or unchangeable unique information is used instead of a media ID.
- a portable medium holds a unique media ID
- the present invention is not limited to such.
- a plurality of predetermined (manageable) portable media may have a same media ID.
- the above embodiment describes the case where a plurality of threshold values are set such that a warning is issued before judging that the device is unauthorized when one threshold value is exceeded, and the device is judged as unauthorized when another threshold value is exceeded.
- This can be modified to use only one threshold value. In such a case, the device is presumed to be unauthorized when the threshold value is exceeded, and authorized when the threshold value is not exceeded.
- an IC card may be used instead of a memory card.
- management server device 100 and the register device 300 may be combined to form one device.
- Each of the aforedescribed devices can actually be realized by a computer system that includes a microprocessor, a ROM, a RAM, a hard disk unit, a display unit, a keyboard, a mouse, and the like.
- a computer program is stored on the RAM or the hard disk unit.
- the computer program is structured by combining a plurality of instruction codes showing commands to a computer.
- the functions of each device can be achieved by the microprocessor operating in accordance with this computer program. Which is to say, the microprocessor reads the instructions included in the computer program one by one, decodes the read instruction, and operates in accordance with a decoding result.
- the elements constituting each of the aforedescribed devices may be partially or entirely implemented by a single system LSI (Large Scale Integration).
- the system LSI is an ultra-multifunctional LSI manufactured by integrating multiple components on a single chip, and can actually be realized by a computer system that includes a microprocessor, a ROM, a RAM, and the like.
- a computer program is stored on the RAM. Functions of the system LSI can be achieved by the microprocessor operating in accordance with this computer program.
- each of the aforedescribed devices may be individually implemented by one chip, or partly or wholly implemented by one chip.
- the LSI is described here, the circuit may be called an IC, a system LSI, a super LSI, or an ultra LSI, depending on the degree of integration.
- the integration is not limited to the LSI, and may be performed using a dedicated circuit or a general processor.
- a FPGA Field Programmable Gate Array
- a reconfigurable processor capable of reconfiguring connections and settings of circuit cells in an LSI may be used after producing the LSI.
- the elements constituting each of the aforedescribed devices may be partially or entirely implemented by a removable IC card or a discrete module.
- the IC card or the module referred to here is a computer system that includes a microprocessor, a ROM, a RAM, and the like.
- the IC card or the module may contain the above ultra-multifunctional LSI. Functions of the IC card or the module can be achieved by the microprocessor operating in accordance with the computer program.
- the IC card or the module may be tamper-resistant.
- the present invention also applies to the method described above.
- This method may be realized by a computer program that is executed by a computer.
- Such a computer program may be distributed as a digital signal.
- the present invention may be realized by a computer-readable recording medium, such as a flexible disk, a hard disk, a CD-ROM, an MO, a DVD, a DVD-ROM, a DVD-RAM, a BD (Blu-ray Disc), or a semiconductor memory, on which the above computer program or digital signal is recorded.
- a computer-readable recording medium such as a flexible disk, a hard disk, a CD-ROM, an MO, a DVD, a DVD-ROM, a DVD-RAM, a BD (Blu-ray Disc), or a semiconductor memory, on which the above computer program or digital signal is recorded.
- the present invention may also be realized by the computer program or digital signal that is recorded on such a recording medium.
- the computer program or digital signal that achieves the present invention may also be transmitted via a network, such as an electronic communications network, a wired or wireless communications network, or an internet, or via data broadcasting.
- a network such as an electronic communications network, a wired or wireless communications network, or an internet, or via data broadcasting.
- the present invention can also be realized by a computer system that includes a microprocessor and a memory.
- the computer program can be stored in the memory, with the microprocessor operating in accordance with this computer program.
- the computer program or the digital signal may be provided to an independent computer system by distributing a recording medium on which the computer program or the digital signal is recorded, or by transmitting the computer program or the digital signal via a network.
- the independent computer system may then execute the computer program or the digital signal to function as the present invention.
- the present invention is an unauthorized device detection system that includes a use device for using content, a management device for managing whether the use device is unauthorized or not, and a portable medium for storing data.
- the user device includes: a storage unit operable to store device identification information for identifying the device.
- the portable medium includes: a first storage area for storing the device identification information; and a second storage area for storing media identification information for identifying the portable medium.
- the management device includes: a read unit operable to read the device identification information and the media identification information respectively from the first storage area and the second storage area of the portable medium; and a judgment unit operable to judge, from the read device identification information and media identification information, whether the use device holding the device identification information is an unauthorized device.
- the management device may include: a table generation unit operable to generate a management table for managing the media identification information based on the device identification information.
- the management device may include: a threshold value storage unit operable to store a threshold value for judging whether the use device is an unauthorized device, wherein the table generation unit in the management device counts a total number of sets of media identification information based on the device identification information and generates the management table storing the counted total number, and the judgment unit in the management device judges that the use device is an unauthorized device when the counted total number exceeds the threshold value stored in the threshold value storage unit.
- the threshold value storage unit in the management device may store one or more threshold values for each set of device identification information.
- the management device may include: a device key storage unit operable to store a device key in correspondence with the device identification information; a selection unit operable to select a content key necessary for using the content; an encryption nit operable to encrypt the selected content key using the device key corresponding to the device identification information; and a write unit operable to write the encrypted content key to the portable medium, wherein the portable medium includes a third storage area for storing the encrypted content key.
- the use device may include: a judgment unit operable to judge whether the device identification information stored therein is stored on the portable medium; and a write unit operable to write, if the device identification information is not stored on the portable medium, the device identification information to the first storage area of the portable medium.
- the portable medium may include: a third storage area for storing an encrypted content key necessary for using the content, wherein the use device includes: a read unit operable to read the encrypted content key corresponding to the device from the third storage area of the portable medium.
- the portable medium may include: a third storage area for storing an encrypted content key necessary for using the content; and a fourth storage area for storing the content encrypted using a content key, wherein the use device includes: a read unit operable to read the encrypted content from the fourth storage area of the portable medium.
- the portable medium may include: a third storage area for storing an encrypted content key necessary for using the content, wherein the use device includes: a judgment unit operable to judge whether the encrypted content key necessary for the device exists in the third storage area of the portable medium.
- the portable medium may be a memory card.
- the portable medium may be an IC card.
- the present invention is a management device for managing whether a use device that uses content is unauthorized or not
- a portable medium for storing data includes: a first storage area for storing device identification information for identifying the use device; and a second storage area for storing media identification information for identifying the portable medium
- the management device includes: a read unit operable to read the device identification information and the media identification information respectively from the first storage area and the second storage area of the portable medium; and a judgment unit operable to judge, from the read device identification information and media identification information, whether the use device holding the device identification information is an unauthorized device.
- the management device may include: a table generation unit operable to generate a management table for managing the media identification information based on the device identification information.
- the management device may include: a threshold value storage unit operable to store a threshold value for judging whether the use device is an unauthorized device, wherein the management table generation unit in the management device counts a total number of sets of media identification information based on the device identification information and generates the management table storing the counted total number, and the judgment unit in the management device judges that the use device is an unauthorized device when the counted total number exceeds the threshold value stored in the threshold value storage unit.
- the threshold value storage unit in the management device may store one or more threshold values for each set of device identification information.
- the management device may include: a device key storage unit operable to store a device key in correspondence with the device identification information; a selection unit operable to select a content key necessary for using the content; an encryption nit operable to encrypt the selected content key using the device key corresponding to the device identification information; and a write unit operable to write the encrypted content key to the portable medium.
- the present invention is a use device for using content, wherein a portable medium for storing data includes: a first storage area for storing device identification information for identifying the use device; and a second storage area for storing media identification information for identifying the portable medium, and the use device includes: a storage unit operable to store the device identification information for identifying the device.
- the use device may include: a judgment unit operable to judge whether the device identification information stored therein is stored on the portable medium; and a write unit operable to write, if the device identification information is not stored on the portable medium, the device identification information to the first storage area of the portable medium.
- the portable medium may include: a third storage area for storing an encrypted content key necessary for using the content, wherein the use device includes: a read unit operable to read the encrypted content key corresponding to the device from the third storage area of the portable medium.
- the portable medium may include: a third storage area for storing an encrypted content key necessary for using the content; and a fourth storage area for storing the content encrypted using a content key, wherein the use device includes: a read unit operable to read the encrypted content from the fourth storage area of the portable medium.
- the portable medium may include: a third storage area for storing an encrypted content key necessary for using the content, wherein the use device includes: a judgment unit operable to judge whether the encrypted content key necessary for the device exists in the third storage area of the portable medium.
- the present invention is a portable medium for storing data, including: a first storage area for storing device identification information for identifying a use device for using content; and a second storage area for storing media identification information for identifying the portable medium.
- the portable medium may include: a third storage area for storing an encrypted content key necessary for using the content.
- the portable medium may be a memory card.
- the portable medium may be an IC card.
- the present invention is an unauthorized use detection system that includes a management device for managing unauthorized use and a portable medium for storing data.
- the portable medium includes: a first storage area for storing device identification information for identifying a use device; and a second storage area for storing media identification information for identifying the portable medium.
- the management device includes: a read unit operable to read the device identification information and the media identification information respectively from the first storage area and the second storage area of the portable medium; and a judgment unit operable to judge, from the read device identification information and media identification information, whether the use device holding the device identification information is unauthorizedly used.
- the management device may include: a table generation unit operable to generate a management table for managing a pair of the device identification information and the media identification information; and a judgment unit operable to judge, based on the media identification information, that the use is unauthorized when different device identification information is obtained.
- the management device may include: a storage unit operable to store a different threshold value for each set of media identification information.
- the present invention is a management device for managing unauthorized use, wherein a portable medium for storing data includes: a first storage area for storing device identification information for identifying a use device; and a second storage area for storing media identification information for identifying the portable medium, and the management device includes: a read unit operable to read the device identification information and the media identification information respectively from the first storage area and the second storage area of the portable medium; and a judgment unit operable to judge, from the read device identification information and media identification information, whether the use device holding the device identification information is unauthorizedly used.
- the management device may include: a table generation unit operable to generate a management table for managing a pair of the device identification information and the media identification information; and a judgment unit operable to judge, based on the media identification information, that the use is unauthorized when different device identification information is obtained.
- the management device may include: a storage unit operable to store a different threshold value for each set of media identification information.
- the present invention is an unauthorized device detection method used in a use device for using content, a management device for managing whether the use device is unauthorized, and a portable medium for storing data
- the unauthorized device detection method including: a storage step of, in the use device, storing device identification information for identifying the device; a first storage step of, in the portable medium, storing the device identification information; a second storage step of, in the portable medium, storing media identification information for identifying the portable medium; a read step of, in the management device, reading the device identification information and the media identification information respectively from a first storage area and a second storage area of the portable medium; and a judgment step of, in the management device, judging, from the read device identification information and media identification information, whether the use device holding the device identification information is an unauthorized device.
- Each device and recording medium constituting the present invention can be used recurrently and continuously in any industry that requires detection of an unauthorized device, and especially in a content distribution industry for producing and distributing content. Also, each device and recording medium constituting the present invention can be manufactured and sold recurrently and continuously in an electric device manufacturing industry.
Abstract
Description
- The present invention relates to unauthorized device detection techniques for finding or specifying an unauthorized device altered or manufactured by copying.
- In recent years, the development of multimedia-related technologies, the emergence of large-capacity recording media, and the like have led to the advent of systems that distribute digital content (hereafter “content”) made up of video, audio, and the like on large-capacity recording media such as optical discs or via a network or broadcasting.
- In general, cryptography is employed to protect a copyright of content, that is, to protect content from unauthorized use such as unauthorized playback and copying. In detail, content encrypted using an encryption key is recorded on a recording medium such as an optical disc and distributed. Only a terminal in possession of a decryption key corresponding to the encryption key can decrypt the encrypted content read from the recording medium using the decryption key and play back the content.
- Example methods of content encryption include a method of encrypting content itself using an encryption key so that the encrypted content is decrypted using a decryption key corresponding to the encryption key, and a method of encrypting content using a content key and further encrypting the content key using an encryption key so that the encrypted content key is decrypted using a decryption key corresponding to the encryption key and the encrypted content is decrypted using the decrypted content key.
- The decryption key possessed by the terminal needs to be securely managed so as not to be revealed to outside. However, there is a danger that the decryption key may be revealed as a result of an unauthorized party conducting analysis inside the terminal. Once the decryption key has been revealed to the unauthorized party, the unauthorized party can manufacture a recording device or a playback device for unauthorized use of the content, or produce software for unauthorized use of the content and distribute it via an internet and the like. When this happens, a copyright holder wants to disable the revealed key so that the content is no longer treatable using the revealed key. This technique is called a key invalidation technique, and is disclosed in
patent document 1 andpatent document 2. - However, neither
patent document 1 norpatent document 2 discloses a method of specifying the key revealed to outside (i.e. the key to be invalidated). This being so, a large number of recording devices, playback devices, or software distributed on a market and having a possibility of being unauthorized need to be collected and their internal structures analyzed in order to identify an unauthorized device or unauthorized software. This requires much labor and cost. - Meanwhile,
patent document 3 discloses a mobile communication system, such as a mobile phone system, for detecting the existence of a clone terminal manufactured by unauthorized copying and notifying the existence to a maintenance entity, without providing a mobile terminal with a special function for clone terminal detection. This mobile communication system includes: a unit for making location registration to notify the system of a location of the mobile terminal so as to allow for reception processing by the mobile terminal; a unit for comparing location registration information submitted by another mobile terminal having a same phone number as the mobile terminal under control of a base station to which the other mobile terminal belongs, with location registration information corresponding to the last location registration made in the system; and a unit for detecting the existence of two or more mobile terminals having the same phone number based on a result of the comparison. - Patent document 1: Japanese Patent Application Publication No. 2000-31922
- Patent document 2: Japanese Patent Application Publication No. 2002-281013
- Patent document 3: Japanese Patent Application Publication No. 2000-184447
- However, given that a recording device or a playback device for recording or playing back content does not perform mobile communication like the above mobile communication system, it is not practical to apply the technique disclosed in
patent document 3. - In view of this, the present invention aims to provide an unauthorized device detection device, an unauthorized device detection system, an unauthorized device detection method, and a computer program for unauthorized device detection that can find and specify an unauthorized device altered or manufactured by copying.
- The stated aim can be achieved by a detection device for detecting an unauthorized device manufactured by copying, including: a media number storage unit operable to store a total media number corresponding to a device identifier, the total media number being a total number of rewritable portable media used by one or more devices, including a target device, that hold the device identifier; a comparison unit operable to compare the total media number with a predetermined threshold value used for unauthorized device detection; and an identifier storage unit operable to store the device identifier if the total media number is greater than the threshold value.
- According to this configuration, a device that is likely to be an unauthorized device manufactured by copying can be detected based on the number of portable media used by unauthorized devices.
- Here, the detection device may further include: a calculation unit that includes: an acquisition unit operable to acquire, from a rewritable portable medium used by the target device, a media identifier for identifying the portable medium and the device identifier held by the target device; a storage unit operable to store, in correspondence with a device identifier held by each past target device, one or more media identifiers respectively for identifying one or more rewritable portable media used by the past target device; and a calculating unit operable to calculate, using the stored device identifier and one or more media identifiers and the acquired device identifier and media identifier, a total number of media identifiers corresponding to a same device identifier as the acquired device identifier, as the total media number, and write the calculated total media number to the media number storage unit.
- According to this configuration, the total media number can be calculated reliably.
- Here, the comparison unit may further compare the total media number with a warning value that is smaller than the threshold value, wherein the identifier storage unit further stores the device identifier if the total media number is no greater than the threshold value but is greater than the warning value.
- According to this configuration, a device that is likely to be either an unauthorized device or a device that requires a warning can be detected.
- Here, the target device may be a playback device for decrypting encrypted content and playing back the decrypted content, wherein the detection device further includes: a prohibition unit operable to prohibit to output a decryption key used for decrypting the encrypted content to the portable medium, if the total media number is greater than the threshold value; and an output unit operable to output the decryption key to the portable medium, if the total media number is no greater than the threshold value.
- According to this configuration, when a device is presumed to be an unauthorized device, the output of the decryption key is prohibited so as to protect the content from unauthorized use.
- Here, the detection device for detecting an unauthorized device manufactured by copying may include: a series number storage unit operable to store a total series number corresponding to a device identifier, the total series number being a total number of viewing history series of content viewed by one or more devices, including a target device, that hold the device identifier; a comparison unit operable to compare the total series number with a predetermined threshold value used for unauthorized device detection; and an identifier storage unit operable to store the device identifier if the total series number is greater than the threshold value.
- According to this configuration, a device that is likely to be an unauthorized device manufactured by copying can be detected based on the number of viewing history series of content viewed by the device.
- Here, the detection device for detecting an unauthorized device manufactured by copying may include: a storage unit operable to store, in correspondence with a device identifier held by each past target device, one or more content identifiers respectively for identifying one or more sets of content viewed by the past target device; an acquisition unit operable to acquire, from a rewritable portable medium used by a target device, one or more content identifiers respectively for identifying one or more sets of content viewed by the target device and a device identifier held by the target device; an extraction unit operable to extract one or more content identifiers corresponding to a same device identifier as the acquired device identifier, from the storage unit; a comparison unit operable to compare the extracted one or more content identifiers and the acquired one or more content identifiers; and a registration unit operable to register the acquired device identifier to an unauthorized device list, if none of the extracted one or more content identifiers matches any of the acquired one or more content identifiers.
- According to this configuration, a device that is likely to be an unauthorized device manufactured by copying can be detected based on content viewed by the device.
- Here, the storage unit may further store, in a one-to-one correspondence with the one or more content identifiers, one or more viewing ordinal numbers representing an order in which the one or more sets of content identified by the one or more content identifiers were viewed by the past target device, wherein the acquisition unit further acquires, in a one-to-one correspondence with the one or more content identifiers, one or more viewing ordinal numbers representing an order in which the one or more sets of content identified by the one or more content identifiers were viewed by the target device, the extraction unit further extracts one or more viewing ordinal numbers corresponding to the one or more content identifiers that correspond to the same device identifier as the acquired device identifier, from the storage unit, the comparison unit further compares the extracted one or more viewing ordinal numbers and the acquired one or more viewing ordinal numbers, and the registration unit further registers the acquired device identifier to the unauthorized device list, if the extracted one or more content identifiers match the acquired one or more content identifiers but a viewing ordinal number corresponding to one of the extracted one or more content identifiers is different from a viewing ordinal number corresponding to a matching one of the acquired one or more content identifiers.
- According to this configuration, a device that is likely to be an unauthorized device manufactured by copying can be detected more precisely based on the content viewing order.
- Here, the target device may be a playback device for decrypting encrypted content and playing back the decrypted content, wherein the detection device further includes: a prohibition unit operable to prohibit to output a decryption key used for decrypting the encrypted content to the portable medium, if none of the extracted one or more content identifiers matches any of the acquired one or more content identifiers; and an output unit operable to output the decryption key to the portable medium, if any of the extracted one or more content identifiers matches any of the acquired one or more content identifiers.
- According to this configuration, when a device is presumed to be an unauthorized device, the output of the decryption key is prohibited to protect the content from unauthorized use.
- Generally, the number of unauthorized devices is on the order of 1,000 or 10,000, whereas the number of portable media possessed by one user is 100 at most. This being so, the threshold value can be set at 100 as one example. Even when a user possesses a plurality of portable media, the number of media IDs corresponding to that user, counted based on a device ID of his/her device, should not exceed this threshold of 100. However, if there are 1,000 unauthorized devices having the same device ID, the number of media IDs counted based on the device ID will exceed 1,000, because a portable medium possessed by a user of each unauthorized device has a different media ID. Accordingly, when the threshold value of 100 is exceeded, that device ID can be judged as being used by unauthorized devices.
-
FIG. 1 is a system configuration diagram showing a configuration of an unauthorizeddevice detection system 1. -
FIG. 2 is a block diagram showing a configuration of amanagement server device 100. -
FIG. 3 is a data structure diagram showing a data structure of a management table 120. -
FIG. 4 is a data structure diagram showing a data structure of adevice key list 130. -
FIG. 5 is a data structure diagram showing a data structure of acontent key list 140. -
FIG. 6 is a data structure diagram showing a data structure of anadvisory device list 150. -
FIG. 7 is a data structure diagram showing a data structure of awarning device list 160. -
FIG. 8 is a data structure diagram showing a data structure of anunauthorized device list 170. -
FIG. 9 is a table showing patterns of control by acontrol unit 102. -
FIG. 10 is a block diagram showing a configuration of amemory card 200. -
FIG. 11 is a block diagram showing a configuration of aregister device 300. -
FIG. 12 is a block diagram showing a configuration of aDVD player 400. -
FIG. 13 is a flowchart showing an operation of acquiring a device ID from amemory card 200 a by theDVD player 400. -
FIG. 14 is a flowchart showing an operation of acquiring an encrypted content key from themanagement server device 100 by theregister device 300, continuing toFIG. 15 . -
FIG. 15 is a flowchart showing the operation of acquiring the encrypted content key from themanagement server device 100 by theregister device 300, continuing toFIG. 16 . -
FIG. 16 is a flowchart showing the operation of acquiring the encrypted content key from themanagement server device 100 by theregister device 300, continuing toFIG. 17 . -
FIG. 17 is a flowchart showing the operation of acquiring the encrypted content key from themanagement server device 100 by theregister device 300, continuing fromFIG. 16 . -
FIG. 18 is a flowchart showing an operation of decrypting and playing back encrypted content by theDVD player 400, continuing toFIG. 19 . -
FIG. 19 is a flowchart showing the operation of decrypting and playing back the encrypted content by theDVD player 400, continuing fromFIG. 18 . -
FIG. 20 is a block diagram showing a configuration of amemory card 200 e as a modification. -
FIG. 21 is a data structure diagram showing a data structure of a serverhistory information list 120 e held by themanagement server device 100 as a modification. -
FIG. 22 is a flowchart showing an operation of the DVD player when playing back content as a modification. -
FIG. 23 is a flowchart showing an operation of each device when purchasing a DVD as a modification, continuing toFIG. 24 . -
FIG. 24 is a flowchart showing the operation of each device when purchasing the DVD as the modification, continuing fromFIG. 23 . -
FIG. 25 shows a first example of comparison between group α and group β. -
FIG. 26 shows a second example of comparison between group α and group β. -
FIG. 27 shows a third example of comparison between group α and group β. -
FIG. 28 is a data structure diagram showing a data structure of a userhistory information list 231 f held by thememory card 200 e as a modification. -
FIG. 29 is a data structure diagram showing a data structure of a serverhistory information list 120 f held by themanagement server device 100 as a modification. -
FIG. 30 is a flowchart showing an operation of themanagement server device 100 when purchasing a DVD. -
FIG. 31 shows a first example of comparison between group α and group β. -
FIG. 32 shows a second example of comparison between group α and group β. -
FIG. 33 is a flowchart showing an operation of themanagement server device 100 when purchasing a DVD as a modification. -
FIG. 34 is a data structure diagram showing a data structure of an extracted serverhistory information group 621. - 1. Unauthorized
Device Detection System 1 - The following describes an unauthorized
device detection system 1 as one embodiment of the present invention. - 1.1. Overview of the Unauthorized
Device Detection System 1 - The unauthorized
device detection system 1 includes amanagement server device 100, aregister device 300, andDVD players 400 a, . . . , 400 b, 400 c, . . . , 400 d, as shown inFIG. 1 . Themanagement server device 100 and theregister device 300 are connected to each other via aninternet 10. - The
DVD players 400 a, . . . , 400 b are authorized players manufactured by an authorized manufacturer, and each hold a device ID for uniquely identifying the DVD player itself. For example, a total number of theDVD players 400 a, . . . , 400 b is 10,000. - Meanwhile, the
DVD players 400 c, . . . , 400 d are players manufactured by an unauthorized manufacturer copying theDVD player 400 b, and each hold a same device ID as the one for uniquely identifying theDVD player 400 b. For example, a total number of theDVD players - Before a user of the
DVD player 400 a purchases a new DVD, the user loads amemory card 200 a to theDVD player 400 a. Thememory card 200 a stores a media ID for uniquely identifying thememory card 200 a itself. When thememory card 200 a is loaded, theDVD player 400 a writes the device ID stored therein onto thememory card 200 a. - Next, when purchasing the DVD, the user brings the
memory card 200 a on which the device ID for identifying theDVD player 400 a is stored, to a shop. The user selects a desiredDVD package 500 at the shop. TheDVD package 500 contains aDVD 500 a. The user then hands thememory card 200 a and theDVD package 500 to a shop clerk who operates theregister device 300. The shop clerk loads thememory card 200 a to theregister device 300, and scans a barcode shown on theDVD package 500 using a barcode reader of theregister device 300. - The
register device 300 reads a content ID of content stored on theDVD 500 a contained in theDVD package 500, from the barcode shown on theDVD package 500. Theregister device 300 also reads the device ID and the media ID from the loadedmemory card 200 a, and transmits the content ID and the read pair of device ID and media ID to themanagement server device 100 via theinternet 10. - The
management server device 100 stores, in correspondence with each device ID for identifying a DVD player, one or more media ID respectively for identifying one or more memory cards loaded to the DVD player and a total media ID number showing a total number of these memory cards. - Having received the content ID, the device ID, and the media ID from the
register device 300 via theinternet 10, themanagement server device 100 judges whether the received device ID is stored in themanagement server device 100. If the received device ID is stored, themanagement server device 100 further judges whether the received media ID is stored in themanagement server device 100. If the received media ID is not stored, themanagement server device 100 stores the received media ID in correspondence with the device ID, and adds the value “1” to a total media ID number corresponding to the device ID. If the received device ID is not stored, themanagement server device 100 stores the pair of device ID and media ID, and sets the total media ID number to “1”. - Next, the
management server device 100 judges which of the following ranges the total media ID number corresponding to the received device ID belongs to: (i) no more than “100”; (ii) from “101 to “150” inclusive; (iii) from “151” to “199” inclusive; and (iv) no less than “200”. - If the total media ID number is no more than “100” (i), the
management server device 100 encrypts a content key corresponding to the received content ID, and transmits the encrypted content key to theregister device 300 via theinternet 10 together with a device judgment level indicating that the device used by the user is not an unauthorized device. - If the total media ID number is in the range of “101” to “150” inclusive (ii), the
management server device 100 registers the received device ID to an advisory device list held therein, encrypts the content key corresponding to the received content ID, and transmits the encrypted content key to theregister device 300 via theinternet 10 together with a device judgment level indicating that the device used by the user requires an advisory (i.e. a caution). - If the total media ID number is in the range of “151” to “199” inclusive (iii), the
management server device 100 registers the received device ID to a warning device list held therein, encrypts the content key corresponding to the received content ID, and transmits the encrypted content key to theregister device 300 via theinternet 10 together with a device judgment level indicating that the device used by the user requires a warning. - If the total media ID number is no less than “200” (iv), the
management server device 100 registers the received device ID to an unauthorized device list held therein, and transmits a device judgment level indicating that the device used by the user is an unauthorized device, to theregister device 300 via theinternet 10. In this case, the content key is not transmitted to theregister device 300. - The
register device 300 receives the device judgment level from themanagement server device 100 via theinternet 10. Theregister device 300 may also receive the encrypted content key. - If the received device judgment level indicates that the DVD player used by the user is not an unauthorized device (i), the
register device 300 writes the received encrypted content key to thememory card 200 a. In this case, the user pays a price of theDVD package 500 to the shop. - If the received device judgment level indicates that the device used by the user requires an advisory (ii), the
register device 300 displays an advisory, and writes the received encrypted content key to thememory card 200 a. In this case, the user pays the price of theDVD package 500 to the shop. - If the received device judgment level indicates that the device used by the user requires a warning (iii), the
register device 300 displays a warning, and requests the operator to input an instruction as to whether or not to approve the provision of the encrypted content key. If the instruction approves the provision, theregister device 300 writes the received encrypted content key to thememory card 200 a. In this case, the user pays the price of theDVD package 500 to the shop. If the instruction does not approve the provision, theregister device 300 does not provide the received encrypted content key to the user. In this case, the shop refuses to sell theDVD package 500 to the user. - If the received device judgment level indicates that the device used by the user is an unauthorized device (iv), the
register device 300 displays that the device used by the user is unauthorized, and ends the processing. Theregister device 300 does not provide the encrypted content key to the user. In this case, the shop refuses to sell theDVD package 500 to the user. - In the above cases (i), (ii), and (iii), having purchased the
DVD package 500 and returned from the shop with thememory card 200 a and theDVD package 500, the user loads thememory card 200 a to theDVD player 400 a, and loads theDVD 500 a contained in theDVD package 500 to theDVD player 400 a. - The
DVD player 400 a reads the encrypted content key from thememory card 200 a, decrypts the encrypted content key to generate a decrypted content key, and decrypts the encrypted content on theDVD 500 a using the decrypted content key to generate decrypted content. TheDVD player 400 a converts the decrypted content to a video signal and an audio signal, and outputs the video signal and the audio signal to amonitor 411 a. - Here, the
DVD players 400 a, . . . , 400 b are 10,000 in total, and each have a different device ID. For example, when the user of each of theDVD players 400 a, . . . , 400 b has ten memory cards and has undergone the aforementioned operation for each memory card, the total media ID number stored in themanagement server device 100 in correspondence with each device ID is 10 at most. In such a case, themanagement server device 100 judges that each of theDVD players 400 a, . . . , 400 b is an authorized device. - On the other hand, the
DVD players 400 c, . . . , 400 d are 10,000 in total, and have the same device ID. For example, when the user of each of theDVD players 400 c, . . . , 400 d has one memory card and has undergone the aforementioned operation for that memory card, the total media ID number stored in themanagement server device 100 in correspondence with this device ID is 10,000. In such a case, themanagement server device 100 judges that each of theDVD players 400 c, . . . , 400 d is an unauthorized device. In this way, themanagement server device 100 can determine whether a DVD player is authorized or unauthorized. - 1.2. Configuration of the
Management Server Device 100 - The
management server device 100 includes acommunication unit 101, acontrol unit 102, a managementtable storage unit 103, a contentkey storage unit 104, aselection unit 105, a devicekey storage unit 106, anencryption unit 107, a devicelist storage unit 108, aninput unit 110, adisplay unit 111, and anauthentication unit 112, as shown inFIG. 2 . - The
management server device 100 can actually be realized by a computer system that includes a microprocessor, a ROM, a RAM, a hard disk unit, a display unit, a keyboard, a mouse, and the like. A computer program is stored on the RAM or the hard disk unit. Functions of themanagement server device 100 can partly be achieved by the microprocessor operating in accordance with this computer program. - (1) Management
Table Storage Unit 103, ContentKey Storage Unit 104, DeviceKey Storage Unit 106, and DeviceList Storage Unit 108 - The management
table storage unit 103, the contentkey storage unit 104, the devicekey storage unit 106, and the devicelist storage unit 108 are actually constituted by one hard disk unit. - (Management Table Storage Unit 103)
- The management
table storage unit 103 has a management table 120, as shown inFIG. 2 . - As one example, the management table 120 has an area for storing one or more sets of media ID information, as shown in
FIG. 3 . Normally, one set of media ID information corresponds to one authorized device (DVD player in this embodiment). If there is an unauthorized device that stores a device ID unauthorizedly, however, one set of media ID information corresponds to all devices storing the same device ID. Each set of media ID information includes a device ID, at least one media ID, and a total media ID number. - The device ID is identification information for uniquely identifying a device corresponding to the media ID information that includes the device ID. As mentioned above, however, if there is an unauthorized device that stores the device ID unauthorizedly, the device ID may be unable to uniquely identify one device.
- The media ID is identification information for uniquely identifying a memory card used in a state of being loaded in the device corresponding to the media ID information that includes the media ID.
- The total media ID number shows a total number of media IDs included in the media ID information that includes the total media ID number.
- As shown in
FIG. 3 , the management table 120 is made up ofmedia ID information - The
media ID information 128 includes adevice ID 121 “ID-A”, amedia ID 122 “MID-1”, amedia ID 123 “MID-5”, and a totalmedia ID number 124 “2”. This indicates that two memory cards identified by “MID-1” and “MID-5” are loaded and used in a device (DVD player) identified by “ID-A”. - The
media ID information 129 includes adevice ID 125 “ID-B”, amedia ID 126 “MID-2”, and a totalmedia ID number 127 “1”. This indicates that one memory card identified by “MID-2” is loaded and used in a device (DVD player) identified by “ID-B”. - (Device Key Storage Unit 106)
- The device
key storage unit 106 has a devicekey list 130, as shown inFIG. 2 . - As one example, the device
key list 130 is made up of one or more sets of device key information as shown inFIG. 4 . One set of device key information corresponds to one device (DVD player in this embodiment), and includes a device ID and a device key. However, if there is an unauthorized device, the correspondence relation between device key information and a device is as explained above. - The device ID is identification information for uniquely identifying a device corresponding to the device key information that includes the device ID.
- The device key is key information assigned to the device corresponding to the device key information that includes the device key. For example, the device key is 128 bits long.
- As shown in
FIG. 4 , the devicekey list 130 is made up of devicekey information key information 133 includes adevice ID 131 “ID-A” and adevice key 132 “DK-A”. This indicates that a device key assigned to a device (DVD player) identified by “ID-A” is “DK-A”. - (Content Key Storage Unit 104)
- The content
key storage unit 104 has a contentkey list 140, as shown inFIG. 2 . - As one example, the content
key list 140 is made up of one or more sets of contentkey information FIG. 5 . Each set of content key information corresponds to one set of content, and includes a content ID and a content key. For instance, the contentkey information 143 includes acontent ID 141 “C001” and acontent key 142 “CK-1”. - The content ID is identification information for uniquely identifying content corresponding to the content key information that includes the content ID.
- The content key is key information assigned to the content corresponding to the content key information that includes the content key.
- (Device List Storage Unit 108)
- The device
list storage unit 108 includes anadvisory device list 150, awarning device list 160, and anunauthorized device list 170, as shown inFIG. 2 . - The
advisory device list 150 has an area for storing one or more advisory device IDs as shown inFIG. 6 , as one example. An advisory device ID is identification information for uniquely identifying a device that is judged as requiring an advisory, as mentioned above. - As shown in
FIG. 6 , theadvisory device list 150 includes anadvisory device ID 151 “ID-X005”, anadvisory device ID 152 “ID-Y007”, anadvisory device ID 153 “ID-Z009”, . . . . This indicates that devices (DVD players) identified by “ID-X005”, “ID-Y007”, and “ID-Z009” require an advisory. - The
warning device list 160 has an area for storing one or more warning device IDs as shown inFIG. 7 , as one example. A warning device ID is identification information for uniquely identifying a device that is judged as requiring a warning, as mentioned above. - As shown in
FIG. 7 , thewarning device list 160 includes awarning device ID 161 “ID-X003”, awarning device ID 162 “ID-Y004”, awarning device ID 163 “ID-Z004”, . . . . This indicates that devices (DVD players) identified by “ID-X003”, “ID-Y004”, and “ID-Z004” require a warning. - The
unauthorized device list 170 has an area for storing one or more unauthorized device IDs as shown inFIG. 8 , as one example. An unauthorized device ID is identification information for uniquely identifying a device that is judged as being unauthorized, as mentioned above. - As shown in
FIG. 8 , theunauthorized device list 170 includes anunauthorized device ID 171 “ID-X001”, anunauthorized device ID 172 “ID-Y002”, anunauthorized device ID 173 “ID-Z005”, . . . . This indicates that devices (DVD players) identified by “ID-X001”, “ID-Y002”, and “ID-Z005” are unauthorized. - (2)
Control Unit 102 - (Mutual Device Authentication with the Register Device 300)
- The
control unit 102 receives a connection request from theregister device 300 via theinternet 10 and thecommunication unit 101. Upon receiving the connection request, thecontrol unit 102 instructs theauthentication unit 112 to perform mutual device authentication with theregister device 300. - Subsequently, the
control unit 102 receives authentication result information indicating a result of the mutual device authentication from theauthentication unit 112. If the received authentication result information indicates mutual device authentication failure, thecontrol unit 102 ends the processing. If the received authentication result information indicates mutual device authentication success, thecontrol unit 102 performs the following processing. - (Transmission of a Content Key)
- The
control unit 102 receives a content key request, a content ID, a device ID, and a media ID from theregister device 300 via theinternet 10 and thecommunication unit 101. - Having received the content key request, the content ID, the device ID, and the media ID, the
control unit 102 searches the management table 120 for the same device ID as the received device ID. If the same device ID is not found in the management table 120, thecontrol unit 102 sets a total media ID number to “1”, and writes the received device ID and media ID and the total media ID number to the management table 120 as media ID information. - If the same device ID is found in the management table 120, the
control unit 102 extracts media ID information that includes the same device ID from the management table 120, and judges whether the extracted media ID information includes the same media ID as the received media ID. If the extracted media ID information does not include the same media ID, thecontrol unit 102 adds “1” to a total media ID number in the extracted media ID information, and writes the received media ID to the extracted media ID information. Thecontrol unit 102 then writes the media ID information to which the media ID has been added, to the management table 120 over the corresponding old media ID information. - If the extracted media ID information includes the same media ID as the received media ID, the
control unit 102 does not update the extracted media ID information. - Next, the
control unit 102 judges which of the following ranges the total media ID number belongs to: (i) no more than “100”; (ii) from “101” to “150” inclusive; (iii) from “151” to “199” inclusive; and (iv) no less than “200”. - Each of the above four cases is explained below. In
FIG. 9 , a table 180 shows a general outline of processing by thecontrol unit 102 for each of the four cases respectively infields - When the total media ID number is no more than “100” (i) or when the same device ID as the received device ID cannot be found in the management table 120 in the above operation, the
control unit 102 sets the device judgment level to “0” indicating that the device used by the user is not an unauthorized device. Thecontrol unit 102 transmits the device judgment level set to “0”, to theregister device 300 via thecommunication unit 101 and theinternet 10. Thecontrol unit 102 also outputs the received content ID to theselection unit 105, and instructs theselection unit 105 to select a content key. Thecontrol unit 102 further outputs the received device ID to theencryption unit 107, and instructs theencryption unit 107 to encrypt the content key (field 189). - When the total media ID number is in the range of “101” to “150” inclusive (ii), the
control unit 102 sets the device judgment level to “1” indicating that the device used by the user requires an advisory. Thecontrol unit 102 transmits the device judgment level set to “1”, to theregister device 300 via thecommunication unit 101 and theinternet 10. Thecontrol unit 102 also adds the received device ID to the advisory device list 150 (field 194). Thecontrol unit 102 outputs the received content ID to theselection unit 105, and instructs theselection unit 105 to select the content key. Thecontrol unit 102 also outputs the received device ID to theencryption unit 107, and instructs theencryption unit 107 to encrypt the content key (field 190). - When the total media ID number is in the range of “151” to “199” inclusive (iii), the
control unit 102 sets the device judgment level to “2” indicating that the device used by the user requires a warning. Thecontrol unit 102 transmits the device judgment level set to “2”, to theregister device 300 via thecommunication unit 101 and theinternet 10. Thecontrol unit 102 also adds the received device ID to the warning device list 160 (field 195). Further, thecontrol unit 102 receives an instruction as to whether or not to approve the provision of the content key to the user, from theregister device 300 via theinternet 10 and thecommunication unit 101. If the received instruction does not approve the provision, thecontrol unit 102 ends the processing. If the received instruction approves the provision, thecontrol unit 102 outputs the received content ID to theselection unit 105, and instructs theselection unit 105 to select the content key. Thecontrol unit 102 also outputs the received device ID to theencryption unit 107, and instructs theencryption unit 107 to encrypt the content key (field 191). - When the total media ID number is no less than “200” (iv), the
control unit 102 sets the device judgment level to “3” indicating that the device used by the user is an unauthorized device. Thecontrol unit 102 adds the received device ID to the unauthorized device list 170 (field 196). Thecontrol unit 102 also transmits the device judgment level set to “3”, to theregister device 300 via thecommunication unit 101 and theinternet 10. Thecontrol unit 102 then ends the processing (field 192). - (3)
Selection Unit 105 - The
selection unit 105 receives the content ID and the content key selection instruction from thecontrol unit 102. Upon receiving the content ID and the content key selection instruction, theselection unit 105 reads content key information that includes the same content ID as the received content ID from the contentkey list 140, extracts a content key from the read content key information, and outputs the extracted content key to theencryption unit 107. - (4)
Encryption Unit 107 - The
encryption unit 107 receives the device ID and the content key encryption instruction from thecontrol unit 102, and receives the content key from theselection unit 105. Theencryption unit 107 reads device key information that includes the same device ID as the received device ID from the devicekey list 130, and extracts a device key from the read device key information. - The
encryption unit 107 applies encryption algorithm E1 to the received content key using the extracted device key, to generate an encrypted content key:
(encrypted content key)=E1((device key), (content key)) - where A=E (B, C) denotes cipher text A generated by applying encryption algorithm E to plain text C using key B.
- Encryption algorithm E1 used here is an AES (Advanced Encryption Standard) algorithm, as one example.
- The
encryption unit 107 transmits the generated encrypted content key to theregister device 300 via thecommunication unit 101 and theinternet 10. - In
FIG. 2 , each block representing a different one of the configuration units of themanagement server device 100 is connected to other blocks by connecting lines, though some connecting lines are omitted inFIG. 2 . Here, each connecting line indicates a path through which a signal or information is transmitted. Among a plurality of connecting lines connected to the block representing theencryption unit 107, a connecting line marked with a key symbol indicates a path through which key information is transmitted to theencryption unit 107. The same applies to other drawings. - (5)
Input Unit 110 andDisplay Unit 111 - The
input unit 110 receives an input of various information or an input of various instructions from an operator of themanagement server device 100, and outputs the received information or instructions to thecontrol unit 102. - The
display unit 111 displays various information in accordance with instructions from thecontrol unit 102. - (6)
Authentication Unit 112 - The
authentication unit 112 performs challenge-response mutual device authentication with theregister device 300 via thecommunication unit 101 and theinternet 10, according to an instruction from thecontrol unit 102. In the mutual device authentication, theauthentication unit 112 authenticates theregister device 300, and is subject to the authentication by theregister device 300. - Since the aforementioned mutual device authentication is well known in the art, its detailed explanation has been omitted here.
- When the mutual device authentication results in success or failure, the
authentication unit 112 outputs authentication result information indicating the success or failure to thecontrol unit 102. - (7)
Communication Unit 101 - The
communication unit 101 conducts transmission/reception of various information between theregister device 300 and thecontrol unit 102. Also, thecommunication unit 101 conducts transmission/reception of various information between theregister device 300 and theauthentication unit 112. - 1.3. Configuration of the
Memory Card 200 - The
memory card 200 includes an input/output unit 201, anauthentication unit 202, and astorage unit 203, as shown inFIG. 10 . - The
memory card 200 can actually be realized by a computer system that includes a microprocessor, a ROM, a RAM, and the like. A computer program is stored on the RAM. Functions of thememory card 200 can partly be achieved by the microprocessor operating in accordance with this computer program. - The following describes each element that constitutes the
memory card 200. - (1)
Storage Unit 203 - The
storage unit 203 has amedia ID area 204 and ageneral area 205, as shown inFIG. 10 . - The
media ID area 204 stores amedia ID 211, as shown inFIG. 10 . Themedia ID 211 is identification information for uniquely identifying thememory card 200. - The
general area 205 has an encrypted contentkey list 221, as shown inFIG. 10 . As illustrated, the encrypted contentkey list 221 has an area for storing one or more sets of encrypted content key information. - Each set of encrypted content key information includes one device ID and at least one pair of content ID and encrypted content key. One set of encrypted content key information corresponds to one device (DVD player in this embodiment), and one pair of content ID and encrypted content key corresponds to one set of content. If there is an unauthorized device that stores the device ID unauthorizedly, however, one set of encrypted content key information corresponds to all devices storing the same device ID.
- The device ID is identification information for uniquely identifying a device (DVD player in this embodiment). As mentioned above, however, if there is an unauthorized device that stores the device ID unauthorizedly, the device ID may be unable to uniquely identify one device.
- The content ID is identification information for uniquely identifying content corresponding to the pair that includes the content ID.
- The encrypted content key is generated by encrypting a content key, which is used when encrypting the content corresponding to the pair that includes the encrypted content key, using a device key assigned to the corresponding device.
- In
FIG. 10 , encrypted contentkey information 236 includes adevice ID 231 “ID-A”, apair 237 of acontent ID 232 “C001” and an encrypted content key 234 “E1 (DK-A, CK-1)”, and apair 238 of acontent ID 233 “C002” and anencrypted content key 238 “E1(DK-A, CK-2)”. - The encrypted content key 234 “E1(DK-A, CK-1)” in the
pair 237 is generated by encrypting a content key “CK-1” assigned to content identified by thecontent ID 232 “C001”, using a device key “DK-A” assigned to a DVD player identified by thedevice ID 231 “ID-A”. - Meanwhile, the
encrypted content key 235 “E1(DK-A, CK-2)” in thepair 238 is generated by encrypting a content key “CK-2” assigned to content identified by thecontent ID 233 “C002”, using the device key “DK-A” assigned to the DVD player identified by thedevice ID 231 “ID-A”. - (2) Input/
Output Unit 201 - The input/
output unit 201 reads information from themedia ID area 204 or thegeneral area 205 in thestorage unit 203, and outputs the read information to an external device in which thememory device 200 is loaded. Also, the input/output unit 201 receives information from the external device, and writes the received information to thegeneral area 205 in thestorage unit 203. The external device referred to here is any of theregister device 300 and theDVD players 400 a, . . . , 400 b, 400 c, . . . , 400 d. - (3)
Authentication Unit 202 - The
authentication unit 202 performs, when thememory card 200 is loaded to an external device, mutual device authentication with the external device via the input/output unit 201. The device authentication referred to here is challenge-response device authentication. Since the challenge-response device authentication is well known in the art, its detailed explanation has been omitted here. - The external device referred to here is any of the
register device 300 and the DVD-players 400 a, . . . , 400 b, 400 c, . . . , 400 d. - If the mutual device authentication with the external device results in success, the
authentication unit 202 controls the input/output unit 201 to perform transmission/reception of information between thestorage unit 203 and the external device. If the mutual device authentication results in failure, theauthentication unit 202 controls the input/output unit 201 not to perform transmission/reception of information between thestorage unit 203 and the external device. - 1.4. Configuration of the
Register Device 300 - The
register device 300 includes anauthentication unit 301, aninput unit 302, adisplay unit 303, adisplay unit 304, an input/output unit 305, acontrol unit 306, acommunication unit 307, aprinting unit 308, astorage 309, abarcode processing unit 310, aninformation storage unit 312, and anauthentication unit 313, as shown inFIG. 11 . Abarcode reader 311 is connected to theregister device 300. - The
register device 300 is a cash register device for calculating sales transactions of products such as DVDs, and storing currency. Also, theregister device 300 is a device for acquiring a content key assigned to content stored on a DVD from themanagement server device 100 and providing the content key to a user via a memory card. - The
register device 300 can actually be realized by a computer system that includes a microprocessor, a ROM, a RAM, a hard disk unit, a display unit, a keyboard, and the like. A computer program is stored on the hard disk unit. Functions of theregister device 300 can partly be achieved by the microprocessor operating in accordance with this computer program. - (1)
Information Storage Unit 312 - The
information storage unit 312 stores aprice list 321, as shown inFIG. 11 . - In
FIG. 11 , theprice list 321 is made up of a plurality of sets of price information. Each set of price information corresponds to one DVD, and includes a content ID and a price. - The content ID is identification information for uniquely identifying content stored on the DVD corresponding to the price information that includes the content ID. Here, it is supposed that the DVD stores only one set of content.
- The price shows a selling price of the DVD corresponding to the price information that includes the price.
- (2)
Authentication Unit 313 - The
authentication unit 313 performs, when a memory card is loaded to theregister device 300, mutual device authentication with the loaded memory card via the input/output unit 305. The device authentication referred to here is challenge-response device authentication. The challenge-response device authentication is well known in the art, so that its detailed explanation has been omitted here. - When the mutual device authentication between the
authentication unit 313 and the loaded memory card results in success, theauthentication unit 313 outputs an authentication result indicating the device authentication success, to thecontrol unit 306. When the mutual device authentication results in failure, on the other hand, theauthentication unit 313 outputs an authentication result indicating the device authentication failure, to thecontrol unit 306. - When the mutual device authentication results in failure, the
register device 300 does not perform subsequent transmission/reception of information with the memory card. - (3)
Authentication Unit 301 - The
authentication unit 301 performs mutual device authentication with themanagement server device 100 via thecommunication unit 307. The device authentication referred to here is challenge-response device authentication. The challenge-response device authentication is well known in the art, so that its detailed explanation has been omitted here. - When the mutual device authentication between the
authentication unit 301 and themanagement server device 100 results in success, theauthentication unit 301 outputs an authentication result indicating the device authentication success, to thecontrol unit 306. When the mutual device authentication results in failure, on the other hand, theauthentication unit 301 outputs an authentication result indicating the device authentication failure, to thecontrol unit 306. - When the device authentication results in failure, the
register device 300 does not perform subsequent transmission/reception of information with themanagement server device 100. - (4) Input/
Output Unit 305 - The input/
output unit 305 performs bidirectional transmission/reception of information between thecontrol unit 306 and the loaded memory card under control of thecontrol unit 306, and between theauthentication unit 313 and the loaded memory card under control of theauthentication unit 313. - (5)
Barcode Reader 311 andBarcode Processing Unit 310 - The
barcode reader 311 optically reads a barcode printed on a surface of theDVD package 500, generates corresponding read information, and outputs the generated read information to thebarcode processing unit 310. - The
barcode processing unit 310 receives the read information from thebarcode reader 311, generates a content ID from the received read information, and outputs the generated content ID to thecontrol unit 306. - (6)
Control Unit 306 - (Connection with the Management Server Device 100)
- The
control unit 306 transmits a connection request to themanagement server device 100 via thecommunication unit 307 and theinternet 10. Thecontrol unit 306 then instructs theauthentication unit 301 to perform mutual device authentication with themanagement server device 100. - Upon receiving an authentication result indicating device authentication failure from the
authentication unit 301, thecontrol unit 306 ends the processing. - (Acquisition of a Content ID)
- Upon receiving an authentication result indicating device authentication success from the
authentication unit 301, thecontrol unit 306 receives the content ID from thebarcode processing unit 310, and reads price information that includes the same content ID as the received content ID from theprice list 321. Thecontrol unit 306 extracts a price from the read price information, outputs the received content ID and the extracted price to thedisplay units display units - (Connection with a Memory Card)
- The
control unit 306 receives loading information indicating the loading of thememory card 200 a, from the input/output unit 305. Having received the loading information, thecontrol unit 306 instructs theauthentication unit 313 to perform mutual device authentication with the loadedmemory card 200 a. Upon receiving an authentication result indicating device authentication failure from theauthentication unit 313, thecontrol unit 306 ends the processing. - Upon receiving an authentication result indicating device authentication success from the
authentication unit 313, thecontrol unit 306 outputs a read instruction to read a media ID and a device ID stored on thememory card 200 a, to thememory card 200 a via the input/output unit 305. Thecontrol unit 306 receives a read result via the input/output unit 305. The read result includes a media ID, and at least one device ID or device ID absence information “NO” indicating that no device ID is stored. - When receiving the device ID absence information “NO”, the
control unit 306 outputs a message indicating that no device ID is stored on thememory card 200 a to thedisplay units display units - When receiving a plurality of device IDs, the
control unit 306 outputs the plurality of device IDs to thedisplay units display units control unit 306 then receives designation of one device ID selected from the plurality of device IDs by the user. - When receiving one device ID, the
control unit 306 uses that device ID. - (Acquisition of a Content Key from the Management Server Device 100)
- Next, the
control unit 306 transmits request information for requesting a content key, to themanagement server device 100 via thecommunication unit 307. Thecontrol unit 306 also transmits the received content ID, the received media ID, and the received device ID to themanagement server device 100 via thecommunication unit 307. - Subsequently, the
control unit 306 receives a device judgment level from themanagement server device 100 via thecommunication unit 307. Thecontrol unit 306 may also receive an encrypted content key. In detail, thecontrol unit 306 receives the encrypted content key when the received device judgment level is any of “0”, “1”, and “2”. If the received device judgment level is “3”, thecontrol unit 306 does not receive the encrypted content key. - The
control unit 306 judges which of “0”, “1”, “2”, and “3” the received device judgment level is. - If the received device judgment level is “0”, the
control unit 306 outputs a message indicating that the provision of the encrypted content key to the user is permitted, to thedisplay units display units control unit 306 also outputs the device ID and the content ID to thememory card 200 a via the input/output unit 305, and outputs the encrypted content key to thememory card 200 a via the input/output unit 305. - If the received device judgment level is “1”, the
control unit 306 outputs a message indicating an advisory to the operator of theregister device 300, to thedisplay units display units control unit 306 outputs the device ID, the content ID, and the encrypted content key to thememory card 200 a via the input/output unit 305. - If the received device judgment level is “2”, the
control unit 306 outputs a message indicating a warning to the operator of theregister device 300, to thedisplay units display units control unit 306 also receives an instruction as to whether or not to approve the provision of the encrypted content key to the user, from the operator of theregister device 300 via theinput unit 302. If the instruction does not approve the provision, thecontrol unit 306 ends the processing. That is, thecontrol unit 306 does not output the device ID, the content ID, and the encrypted content key to thememory card 200 a. If the instruction approves the provision, on the other hand, thecontrol unit 306 outputs the device ID, the content ID, and the encrypted content key to thememory card 200 a via the input/output unit 305, as in the case where the device judgment level is “0”. - If the received device judgment level is “3”, the
control unit 306 outputs a message indicating that the provision of the encrypted content key to the user is prohibited, to thedisplay units display units control unit 306 then ends the processing. That is, thecontrol unit 306 does not output the encrypted content key to thememory card 200 a. - (7)
Input Unit 302,Display Unit 303,Display Unit 304,Printing Unit 308,Storage 309 - The
input unit 302 receives an input of information or an instruction from the operator of theregister device 300, and outputs the received information or instruction to thecontrol unit 306. Thedisplay units control unit 306, and displays the received information. - The
printing unit 308 prints various information under control of thecontrol unit 306. - The
storage 309 stores notes and coins. - (8)
Communication Unit 307 - The
communication unit 307 is connected to themanagement server device 100 via theinternet 10. Thecommunication unit 307 performs transmission/reception of information between thecontrol unit 306 and themanagement server device 100, and transmission/reception of information between theauthentication unit 301 and themanagement server device 100. - 1.5. Configuration of the
DVD Players 400 a, . . . , 400 b, 400 c, . . . , 400 d - The
DVD players 400 a, . . . , 400 b, 400 c, . . . , 400 d have a same configuration. The following describes the configuration of theDVD player 400 as a representative of these DVD players. - The
DVD player 400 includes a deviceID storage unit 401, an input/output unit 402, a devicekey storage unit 403, adecryption unit 404, aread unit 405, adecryption unit 406, aplayback unit 407, adisplay unit 408, aninput unit 409, acontrol unit 410, and anauthentication unit 411, as shown inFIG. 12 . A monitor equipped with a speaker is connected to theDVD player 400. - The
DVD player 400 can actually be realized by a computer system that includes a microprocessor, a ROM, a RAM, and the like. A computer program is stored on the ROM. Functions of theDVD player 400 can partly be achieved by the microprocessor operating in accordance with this computer program. - (1) Device
ID Storage Unit 401 and DeviceKey Storage Unit 403 - The device
ID storage unit 401 is made inaccessible from outside. As shown inFIG. 12 , the deviceID storage unit 401 stores adevice ID 421 in advance. Thedevice ID 421 is identification information for uniquely identifying theDVD player 400. However, if theDVD player 400 is an unauthorized device, thedevice ID 421 may be unable to uniquely identify theDVD player 400. - The device
key storage unit 403 is made inaccessible from outside. As shown inFIG. 12 , the devicekey storage unit 403 stores adevice key 422 in advance. - The
device key 422 is key information assigned to theDVD player 400. - (2) Read
Unit 405 - The
read unit 405 reads information from a DVD loaded in theDVD player 400 and outputs the read information to thecontrol unit 410 or thedecryption unit 406, under control of thecontrol unit 410. - (3) Input/
Output Unit 402 - The input/
output unit 402 detects, when a memory card is loaded to theDVD player 400, the loading of the memory card and outputs detection information indicating the loading detection to thecontrol unit 410. - Also, the input/
output unit 402 performs bidirectional transmission/reception of information between thecontrol unit 410 and the memory card loaded in theDVD player 400 under control of thecontrol unit 410, and between theauthentication unit 411 and the memory card loaded in theDVD player 400 under control of theauthentication unit 411. - (4)
Authentication Unit 411 - The
authentication unit 411 performs, when the memory card is loaded to theDVD player 400, mutual device authentication with the loaded memory card via the input/output unit 402. The device authentication referred to here is challenge-response device authentication. Since the challenge-response device authentication is well known in the art, its detailed explanation has been omitted here. - When the mutual device authentication between the
authentication unit 411 and the memory card results in success, theauthentication unit 411 outputs an authentication result indicating the device authentication success to the control unit 41 b. When the mutual device authentication results in failure, on the other hand, theauthentication unit 411 outputs an authentication result indicating the device authentication failure to thecontrol unit 410. - When the mutual device authentication results in failure, the
DVD player 400 does not perform subsequent transmission/reception of information with the memory card. - (5)
Decryption Unit 404 - The
decryption unit 404, according to an instruction by thecontrol unit 410, reads the device key 422 from the devicekey storage unit 403 and receives an encrypted content key from the input/output unit 402. Thedecryption unit 404 applies decryption algorithm D1 to the encrypted content key using the read device key to generate a playback content key, and outputs the generated playback content key to thedecryption unit 406. Here, AES is used as decryption algorithm D1. - (6)
Decryption Unit 406 - The
decryption unit 406 receives the playback content key from thedecryption unit 404, and reads encrypted content from the DVD via theread unit 405. Thedecryption unit 406 applies decryption algorithm D2 to the encrypted content using the received playback content key, to generate playback content. Here, AES is used as decryption algorithm D2. Thedecryption unit 406 outputs the generated playback content to theplayback unit 407. - (7)
Playback Unit 407, Monitor, and Speaker - The
playback unit 407 receives the playback content from thedecryption unit 406, and separates the received playback content into compressed video information and compressed audio information. Theplayback unit 407 decodes the compressed video information to generate video information, and converts the video information to an analog video signal. Theplayback unit 407 also decodes the compressed audio information to generate audio information, and converts the audio information to an analog audio signal. Theplayback unit 407 outputs the generated video signal to the monitor, and the generated audio signal to the speaker provided with the monitor. - The monitor receives the video signal and displays video. The speaker provided with the monitor receives the audio signal and outputs audio.
- (7)
Control Unit 410 - (Detection of a Memory Card)
- The
control unit 410 receives the detection information indicating the detection of the loading of the memory card, from the input/output unit 402. - Upon receiving the detection information, the
control unit 410 instructs theauthentication unit 411 to perform mutual device authentication with the loaded memory card. Thecontrol unit 410 then receives an authentication result from theauthentication unit 411. If the received authentication result indicates device authentication failure, thecontrol unit 410 outputs a message indicating this to thedisplay unit 408, and instructs thedisplay unit 408 to display the message. Thecontrol unit 410 then ends the processing. - If the received authentication result indicates device authentication success, the
control unit 410 reads thedevice ID 421 from the deviceID storage unit 401, outputs a read instruction to read a device ID stored on the loaded memory card to the input/output unit 402, and instructs the input/output unit 402 to read the device ID. - The
control unit 410 receives a read result from the loaded memory card via the input/output unit 402. The received read result is either at least one device ID or absence information indicating that no device ID is stored on the memory card. - When the received read result is the absence information, or when the received read result is at least one device ID that does not include the
read device ID 421, thecontrol unit 410 outputs theread device ID 421 to the loaded memory card via the input/output unit 402, and instructs the input/output unit 402 to write thedevice ID 421 to the memory card. - (Playback of Content)
- The
control unit 410 receives an instruction to play back the encrypted content stored on the DVD, from the user of theDVD player 400 via theinput unit 409. Upon receiving the instruction, thecontrol unit 410 reads the content ID from the DVD via theread unit 405, outputs the content ID and its own device ID to the input/output unit 402, and instructs the input/output unit 402 to read a content key that corresponds to both the content ID and its own device ID from the memory card. - Subsequently, the
control unit 410 receives a read result from the memory card via the input/output unit 402. Here, the read result is either one encrypted content key or absence information “NO” indicating that there is no corresponding encrypted content key. - When the read result is the absence information “NO”, the
control unit 410 outputs a message indicating this to thedisplay unit 408, and instructs thedisplay unit 408 to display the message. - When the read result is the encrypted content key, the
control unit 410 instructs thedecryption unit 404 to decrypt the encrypted content key, instructs thedecryption unit 406 to decrypt the encrypted content, and instructs theplayback unit 407 to play back the playback content and outputs it to the monitor. - (8)
Display Unit 408 andInput Unit 409 - The
display unit 408 displays a message designated by an instruction from thecontrol unit 410. - The
input unit 409 receives an instruction from the user of theDVD player 400, and outputs the received instruction to thecontrol unit 410. - 1.6. Operations of the Unauthorized
Device Detection System 1 - Operations of the unauthorized
device detection system 1 are described below. - (1) Operation of Acquiring a Device ID from the
Memory Card 200 a by theDVD Player 400 - An operation of acquiring a device ID from the
memory card 200 a by theDVD player 400 is described below, with reference to a flowchart ofFIG. 13 . - Upon receiving detection information indicating detection of loading of a memory card from the input/output unit 402 (step S101: YES), the
control unit 410 in theDVD player 400 instructs theauthentication unit 411 to perform mutual device authentication with the loaded memory card (step S102). If an authentication result received from theauthentication unit 411 indicates device authentication failure (step S103: NO), thecontrol unit 410 outputs a message indicating this to thedisplay unit 408, and instructs thedisplay unit 408 to display the message (step S105). Thecontrol unit 410 then ends the processing. - If the received authentication result indicates device authentication success (step S103: YES), the
control unit 410 reads thedevice ID 421 from the device ID storage unit 401 (step S106), and outputs a read instruction to read a device ID stored on the loaded memory card to the input/output unit 402 (step S107). - The input/
output unit 201 in thememory card 200 attempts to read a device ID from the encrypted contentkey list 221 in the general area 205 (step S108), and outputs a read result to theDVD player 400. Thecontrol unit 410 receives the read result from the loaded memory card via the input/output unit 402 (step S109). - If the received read result is absence information, or if the received read result is at least one device ID that does not include the read device ID 421 (step S110: YES), the
control unit 410 outputs theread device ID 421 to the loaded memory card via the input/output unit 402 (step S111), and the input/output unit 201 in thememory card 200 writes the received device ID to the encrypted content key list 221 (step S112). - (2) Operation of Acquiring an Encrypted Content Key by the
Register Device 300 - An operation of acquiring an encrypted content key from the
management server device 100 by theregister device 300 is described below, with reference to flowcharts ofFIGS. 14-17 . - The
control unit 306 in theregister device 300 transmits a connection request to themanagement server device 100 via thecommunication unit 307 and the internet 10 (step S200). Thecontrol unit 306 then instructs theauthentication unit 301 to perform mutual device authentication with the management server device 100 (step S201). If thecontrol unit 306 receives an authentication result indicating device authentication failure from the authentication unit 301 (step S203: NO), thecontrol unit 306 ends the processing. If thecontrol unit 306 receives an authentication result indicating device authentication success from the authentication unit 301 (step S203: YES), thecontrol unit 306 receives a content ID from the barcode processing unit 310 (step S204), reads price information that includes the same content ID as the received content ID from theprice list 321, and extracts a price from the read price information. Thecontrol unit 306 outputs the received content ID and the extracted price to thedisplay units display units - Next, the
control unit 306 instructs theauthentication unit 313 to perform mutual device authentication with the loadedmemory card 200 a (step S206). If thecontrol unit 306 receives an authentication result indicating device authentication failure from the authentication unit 313 (step S207: NO), thecontrol unit 306 outputs a message indicating the device authentication failure to thedisplay units display units control unit 306 then ends the processing. - If the
control unit 306 receives an authentication result indicating device authentication success from the authentication unit 313 (step S207: YES), thecontrol unit 306 outputs a read instruction to read a media ID and a device ID stored on, thememory card 200 a to thememory card 200 a via the input/output unit 305 (step S210). - If the input/
output unit 201 in thememory card 200 receives an authentication result indicating device authentication failure from the authentication unit 202 (step S208: NO), the input/output unit 201 ends the processing. - If the input/
output unit 201 receives an authentication result indicating device authentication success from the authentication unit 202 (step S208: YES), the input/output unit 201 attempts to read, a device ID from the encrypted contentkey list 221 in the general area 205 (step S211), and outputs a read result to the register device 300 (step S212). - The
control unit 306 receives the read result via the input/output unit 305 (step S212). - If the read result is device ID absence information “NO” (step S213), the
control unit 306 outputs a message indicating that no device ID is stored on thememory card 200 a to thedisplay units display units - If the read result is a plurality of device IDs (step S213), the
control unit 306 outputs the plurality of device IDs to thedisplay units display units control unit 306 receives a designation of one device ID selected from the plurality of device IDs by the user (step S216). - The
control unit 306 transmits request information showing a content key request to themanagement server device 100 via the communication unit 307 (step S231), and transmits the content ID, the device ID, and the media ID to themanagement server device 100 via the communication unit 307 (step S232). - The
control unit 102 in themanagement server device 100 receives the content key request, the content ID, the device ID, and the media ID from theregister device 300 via theinternet 10 and the communication unit 101 (steps S231-S232), and searches the management table 120 for the same device ID as the received device ID (step S233). If the same device ID is not found in the management table 120 (step S234: NO), thecontrol unit 102 sets a total media ID number to “1” (step S235), writes the received device ID and media ID and the total media ID number to the management table 120 as media ID information (step S236), and moves to step S252. - If the same device ID is found in the management table 120 (step S234: YES), the
control unit 102 extracts media ID information that includes the same device ID from the management table 120, and judges whether the extracted media ID information includes the same media ID as the received media ID (step S237) If the same media ID is not included (step S238: NO), thecontrol unit 102 adds the value “1” to a total media ID number in the extracted media ID information (step S239), and writes the received media ID to the extracted media ID information (step S240). - Next, the
control unit 102 judges which of the following ranges the total media ID number in the extracted media ID information belongs to: (i) no more than “100”; (ii) from “101” to “150” inclusive; (iii) from “151” to “199” inclusive; and (iv) no less than “200” (step S251). - If the total media ID number is no more than “100” (i) (step S251), or if the same device ID as the received device ID is not found in the management table 120 (step S234: NO, steps S235 and S236), the
control unit 102 sets a device judgment level to “0” indicating that the device used by the user is not an unauthorized device (step S252). Thecontrol unit 102 transmits the device judgment level set to “0”, to theregister device 300 via thecommunication unit 101 and the internet 10 (step S253). Theencryption unit 107 reads device key information that includes the same device ID as the received device ID from the devicekey list 130, and extracts a device key from the read device key information (step S265). Theselection unit 105 reads content key information that includes the same content ID as the received content ID from the contentkey list 140, extracts a content key from the read content key information, and outputs the extracted content key to the encryption unit 107 (step S266). Theencryption unit 107 applies encryption algorithm E1 to the received content key using the extracted device key to generate an encrypted content key (step S267), and transmits the encrypted content key to theregister device 300 via thecommunication unit 101 and the internet 10 (step S268). - If the total media ID number is in the range of “101” to “150” inclusive (ii) (step S251), the
control unit 102 sets the device judgment level to “1” indicating that the device used by the user requires an advisory (step S254), transmits the device judgment level set to “1” to theregister device 300 via thecommunication unit 101 and the internet 10 (step S255), and writes the received device ID to the advisory device list 150 (step S256). Thecontrol unit 102 then moves to step S265. - If the total media ID number is in the range of “151” to “199” inclusive (step S251), the
control unit 102 sets the device judgment level to “2” indicating that the device used by the user requires a warning (step S257), transmits the device judgment level set to “2” to theregister device 300 via thecommunication unit 101 and the internet 10 (step S258), and writes the received device ID to the warning device list 160 (step S259). Thecontrol unit 102 then receives an instruction as to whether or not to approve the provision of the content key to the user, from theregister device 300 via theinternet 10 and the communication unit 101 (step S260) If the received instruction does not approve the provision (step S261), thecontrol unit 102 ends the processing. If the received instruction approves the provision (step S261), thecontrol unit 102 moves to step S265. - If the total media ID number is no less than “200” (step S251), the
control unit 102 sets the device judgment level to “3” indicating that the device used by the user is an unauthorized device (step S262), transmits the device judgment level set to “3” to theregister device 300 via thecommunication unit 101 and the internet 10 (step S263), writes the received device ID to the unauthorized device list 170 (step S264), and ends the processing. - The
control unit 306 receives the device judgment level from themanagement server device 100 via the communication unit 307 (steps S253, S255, S258, S263). Thecontrol unit 306 may also receive the encrypted content key (step S268). - The
control unit 306 judges which of “0”, “1”, “2”, and “3” the received device judgment level is (step S281). - When the received device judgment level is “0” (step S281), the
control unit 306 outputs a message indicating that the provision of the encrypted content key to the user is permitted to thedisplay units display units control unit 306 also outputs the device ID and the content ID to thememory card 200 a via the input/output unit 305 (step S291), and further outputs the encrypted content key to thememory card 200 a via the input/output unit 305 (step S293). - When the received device judgment level is “1” (step S281), the
control unit 306 outputs a message indicating an advisory to the operator of theregister device 300 to thedisplay units display units control unit 306 then moves to step S291. - When the received device judgment level is “2” (step S281), the
control unit 306 outputs a message indicating a warning to the operator of theregister device 300 to thedisplay units display units control unit 306 receives an instruction as to whether or not to approve the provision of the encrypted content key to the user, from the operator of theregister device 300 via the input unit 302 (step S285). Thecontrol unit 306 outputs the received instruction to the management server device 100 (step S260). If the received instruction does not approve the provision (step S287), thecontrol unit 306 ends the processing. If the received instruction approves the provision (step S287), thecontrol unit 306 moves to step S291. - When the received device judgment level is “3” (step S281), the
control unit 306 outputs, to thedisplay units register device 300, and instructs thedisplay units control unit 306 then ends the processing. - The input/
output unit 201 in thememory card 200 receives the device ID and the content ID (step S291), and writes the content ID to the encrypted contentkey list 221 in correspondence with the device ID (step S292). The input/output unit 201 also receives the encrypted content key (step S293), and writes the encrypted content key to the encrypted contentkey list 221 in correspondence with the content ID (step S294). - (3) Decryption and Playback of Encrypted Content by the
DVD Player 400 - Decryption and playback of encrypted content by the
DVD player 400 is described below, with reference to flowcharts ofFIGS. 18-19 . - The
DVD player 400 acquires the device ID from thememory card 200 according to the procedure shown in the flowchart ofFIG. 13 (step S301). Thecontrol unit 410 receives an instruction to play back encrypted content stored on the DVD, from the user of theDVD player 400 via the input unit 409 (step S302). Upon receiving the instruction, thecontrol unit 410 reads a content ID from the DVD via the read unit 405 (step S305), and outputs the content ID and its own device ID to the input/output unit 402 (step S306). The input/output unit 201 in thememory card 200 attempts to read a content key corresponding to both the content ID and the device ID (step S307), and outputs a read result to the DVD player 400 (step S308). - The
control unit 410 receives the read result from thememory card 200 via the input/output unit 402 (step S308). When the read result is absence information “NO” (step S309), thecontrol unit 410 outputs a message indicating this to thedisplay unit 408, instructs thedisplay unit 408 to display the message (step S310), and ends the processing. - When the read result is an encrypted content key (step S309), in accordance with an instruction from the
control unit 410, thedecryption unit 404 reads the device key 422 from the device key storage unit 403 (step S311), and applies decryption algorithm D1 to the encrypted content key using the read device key to generate a playback content key (step S312). - The
decryption unit 406 reads the encrypted content from the DVD via the read unit 405 (step S313), and applies decryption algorithm D2 to the encrypted content using the playback content key to generate playback content (step S314). - The
playback unit 407 separates the received playback content into compressed video information and compressed audio information. Theplayback unit 407 decodes the compressed video information to generate video information, and converts the video information to an analog video signal. Theplayback unit 407 also decodes the compressed audio information to generate audio information, and converts the audio information to an analog audio signal. The monitor displays video, and the speaker provided with the monitor outputs audio (step S315). - 1.7. Summary on the Unauthorized
Device Detection System 1 - The unauthorized
device detection system 1 is based on the assumption that a large number of unauthorized DVD players that store a same device ID as a device ID for uniquely identifying an authorized DVD player are distributed in the market. - When a user of an unauthorized DVD player storing the same device ID wants to play back content, the unauthorized DVD player writes the device ID stored therein onto a memory card.
- When the user purchases a new DVD, the device ID and a media ID for uniquely identifying the memory card, both of which are stored on the memory card, are collected by the
management server device 100 via theregister device 300. - Through the use of a plurality of pairs of collected device IDs and media IDs, the
management server device 100 summarizes a total number of media IDs corresponding to one device ID, thereby calculating a total media ID number. If the total media ID number is no less than a predetermined threshold value, themanagement server device 100 judges that a DVD player having this device ID is an unauthorized device. - For example, the threshold value used here is “100”. This threshold value represents a maximum number of memory cards that are likely to be possessed by one user. That is, this threshold value is set on the assumption that it is not unnatural for one user to possess up to 100 memory cards.
- However, suppose a large number of unauthorized DVD players, e.g. 1,000 unauthorized DVD players, are manufactured and distributed, and each user of these unauthorized DVD players possesses 100 memory cards. Since the 1,000 unauthorized DVD players store a same device ID, a total media ID number calculated for this device ID is 100×1,000=100,000. Thus, if the calculated total media ID number exceeds a reasonable number of memory cards that are likely to be possessed by one user, a DVD player having the device ID is judged as an unauthorized device.
- 2. Modification (1)
- The following describes an unauthorized device detection system 1 e (not illustrated) as a first modification example of the unauthorized
device detection system 1. - In the unauthorized
device detection system 1, an unauthorized DVD player is specified by using a total media ID number. In the unauthorized device detection system 1 e, on the other hand, the following method is employed. Themanagement server device 100 stores, in correspondence with each device ID, one or more content IDs respectively for identifying one or more sets of content played back by a DVD player identified by the device ID. Themanagement server device 100 compares a group of one or more content IDs respectively for identifying one or more sets of content played back by a DVD player identified by a specific device ID, with a group of one or more content IDs stored in themanagement server device 100 in correspondence with that device ID. If either one of the two groups is a subset of the other group or the two groups completely match each other, themanagement server device 100 judges that the DVD player identified by the device ID is an authorized device. Otherwise, themanagement server device 100 judges that the DVD player identified by the device ID is an unauthorized device. - The unauthorized device detection system 1 e has a similar configuration to the unauthorized
device detection system 1. The following mainly describes the difference from the unauthorizeddevice detection system 1. - (1) Configuration of the
Memory Card 200 e - In the unauthorized device detection system 1 e, a
memory card 200 e shown inFIG. 20 is used instead of thememory card 200 in the unauthorizeddevice detection system 1. - The
memory card 200 e includes an input/output unit 201 e and astorage unit 203 e, as shown inFIG. 20 . Thememory card 200 e may further include an authentication unit 202 e (not illustrated) that is the same as theauthentication unit 202 in thememory card 200. - The
storage unit 203 e has ageneral area 205 e. Thegeneral area 205 e has a userhistory information list 231 e. - The user
history information list 231 e has an area for storing one or more sets of user history information. - Each set of user history information includes one device ID and one content ID, and corresponds to one set of content played back by one device (DVD player in this embodiment).
- The device ID is identification information for uniquely identifying a device (DVD player in this embodiment) that plays back the content corresponding to the user history information that includes the device ID. As mentioned above, however, if there is an unauthorized device storing the device ID, the device ID may be unable to uniquely identify one device. The content ID is identification information for uniquely identifying the content corresponding to the user history information that includes the content ID.
- The input/
output unit 201 e reads information from thegeneral area 205 e in thestorage unit 203 e, and outputs the read information to an external device in which thememory card 200 e is loaded. The input/output unit 201 e also receives information from the external device, and writes the received information to thegeneral area 205 e in thestorage unit 203 e. The external device referred to here is the register device or each DVD player. - (2) Configuration of the
Management Server Device 100 - The
management server device 100 in the unauthorized device detection system 1 e has the same configuration as themanagement server device 100 in the unauthorizeddevice detection system 1. - The
management server device 100 has a serverhistory information list 120 e shown inFIG. 21 , in the managementtable storage unit 103. - The server
history information list 120 e is made up of a plurality of sets of server history information. Each set of server history information corresponds to one set of content played back by one device (DVD player in this embodiment). - Each set of server history information includes a device ID and a content ID.
- The device ID is identification information for uniquely identifying a device that plays back the content corresponding to the server history information that includes the device ID. As mentioned above, however, if there is an unauthorized device that stores the device ID, the device ID may be unable to uniquely identify one device.
- The content ID is identification information for uniquely identifying the content corresponding to the server history information that includes the content ID.
- The
control unit 102 receives the user history information list from thememory card 200 e via theregister device 300 and theinternet 10, and extracts a device ID from the received user history information list. Here, it is supposed that one device ID is extracted. - The
control unit 102 extracts all sets of server history information that include the extracted device ID, from the serverhistory information list 120 e. A group of all extracted sets of server history information is referred to as server history information group β, while the received user history information list is referred to as group α. - The
control unit 102 compares group α and group β, to judge if group α and group β completely match each other, group α is a subset of group β, group β is a subset of group α, or group α and group β neither completely match each other nor have the subset relation. - When group α and group β completely match each other, group α is a subset of group β, or group β is a subset of group α, the
control unit 102 judges that the DVD player identified by the extracted device ID is an authorized device, and sets a device judgment level to “0”. Here, if group β is a subset of group α, thecontrol unit 102 also adds a difference between group β and group α to the serverhistory information list 120 e. Thecontrol unit 102 then transmits the device judgment level to theregister device 300 via theinternet 10. - When groups α and β neither completely match each other nor have the subset relation, the
control unit 102 judges that the DVD player identified by the extracted device ID is an unauthorized device, sets the device judgment level to “3”, and adds the extracted device ID to the unauthorized device list. Here, if group is a subset of group α, thecontrol unit 102 also adds a difference between group β and group α to the serverhistory information list 120 e. Thecontrol unit 102 then transmits the device judgment level to theregister device 300 via theinternet 10. - (3) Operation of a DVD Player when Playing Back Content
- An operation of a DVD player when playing back content is described below, with reference to a flowchart of
FIG. 22 . - The DVD player detects loading of a DVD (step S401), reads its own device ID stored therein (step S402), reads a content ID from the loaded DVD (step S403), and outputs an instruction to read a device ID and a content ID to the
memory card 200 e (step S404). Thememory card 200 e attempts to read the pair of device ID and content ID (viewing history information) (step S405), and outputs a read result to the DVD player (step S406). - If the read result indicates that the pair of device ID and content ID does not exist, the DVD player outputs a write instruction to write the device ID and the content ID to the
memory card 200 e (step S408). Thememory card 200 e writes the received device ID and content ID to thegeneral area 205 e (step S411). - Meanwhile, the DVD player reads content from the loaded DVD (step S409), and plays back the read content (step S410).
- (4) Operation when Purchasing a DVD
- An operation of each device when purchasing a DVD is described below, with reference to flowcharts of
FIGS. 23-24 . - The
register device 300 outputs a read instruction to read the user history information list to the loadedmemory card 200 e (step S431). Thememory card 200 e reads the userhistory information list 231 e from thegeneral area 205 e (step S432), and outputs the read userhistory information list 231 e to the register device 300 (step S433). - The
register device 300 transmits the received user history information list to themanagement server device 100 via the internet 10 (step S434). - The
control unit 102 in themanagement server device 100 receives the user history information list from thememory card 200 e via theregister device 300 and the internet 10 (steps S433 and S434), and extracts a device ID from the received user history information list (step S435). - The
control unit 102 extracts all sets of server history information that include the extracted device ID, from the serverhistory information list 120 e (step S436). - The
control unit 102 compares group α and group β, to judge if group α and group β completely match each other, group α is a subset of group β, group β is a subset of group α, or group α and group β neither completely match each other nor have the subset relation (step S437). - When group α and group β completely match each other, group α is a subset of group β, or group β is a subset of group α, the
control unit 102 sets the device judgment level to “0” (step S438). Here, if group β is a subset of group α, thecontrol unit 102 also adds a difference between group β and group α to the serverhistory information list 120 e (step S441). Thecontrol unit 102 then transmits the device judgment level to theregister device 300 via the internet 10 (step S442). - If group α and group β neither completely match each other nor have the subset relation, the
control unit 102 sets the device judgment level to “3” (step S439), and writes the extracted device ID to the unauthorized device list (step S440). Here, if group β is a subset of group α, thecontrol unit 102 also adds a difference between group β and group a to the serverhistory information list 120 e (step S441). Thecontrol unit 102 then transmits the device judgment level to theregister device 300 via the internet 10 (step S442). - (5) Example of Comparison between Group α and Group β
- The comparison between group α and group β by the
control unit 102 is explained below, using examples. As noted earlier, group α is obtained from thememory card 200 e, whereas group β is extracted from the serverhistory information list 120 e in themanagement server device 100. -
FIG. 25 shows a first example of group α and group β. InFIG. 25 , group α 601 is composed of content IDs “C001”, “C002”, . . . , “C006”, while group β 602 is composed of content IDs “C001”, “C002”, . . . , “C005”. Sincegroup β 602 is a subset ofgroup α 601, the device identified by the extracted device ID is judged as an authorized device. - It should be noted here that in
group α 601 and group β 602 shown inFIG. 25 , only the content IDs are illustrated while a device ID as part of the group elements has been omitted for simplicity's sake. The same applies toFIGS. 26 and 27 . -
FIG. 26 shows a second example of group α and group β. InFIG. 26 , group α 603 is composed of content IDs “C001” and “C002”, whilegroups 604 is composed of content IDs “C001”, “C002”, . . . , “C005”. Since group α 603 is a subset of group β 604, the device identified by the extracted device ID is judged as an authorized device in this case too. -
FIG. 27 shows a third example of group α and group β. InFIG. 27 , group α 605 is composed of content IDs “X001” and “X002”, while group β 606 is composed of content IDs “M001” and “M002”. Since group α 605 andgroup β 606 have no subset relation, the device identified by the extracted device ID is judged as an unauthorized device. - (6) Supplementary Explanation (1)
- Before the user plays back content for the first time, there is no user history information in the user
history information list 231 e stored on thememory card 200 e. As an alternative, the userhistory information list 231 e itself may not be stored on thememory card 200 e at this stage. - In such a case, when the
memory card 200 e is loaded to theregister device 300, theregister device 300 does not transmit user history information to themanagement server device 100, because no user history information is included in the userhistory information list 231 e or the userhistory information list 231 e itself does not exist. - (7) Supplementary Explanation (2)
- As mentioned above, before the user plays back content for the first time, there is no user history information in the user
history information list 231 e stored on thememory card 200 e. - When the user plays back content identified by the content ID “C001”, user history information that is composed of a device ID for identifying a device used for the playback such as “ID-A” and the content ID “C001” is written to the user
history information list 231 e on thememory card 200 e. Subsequently, when thememory card 200 e is loaded to theregister device 300, this userhistory information list 231 e is transmitted from theregister device 300 to themanagement server device 100, and themanagement server device 100 writes the user history information composed of “ID-A” and the content ID “C001” to the serverhistory information list 120 e. - After this, when the user-plays back content identified by the content ID “C002”, user history information that is composed of the device ID for identifying the device used for the playback such as “ID-A” and the content ID “C002” is written to the user
history information list 231 e on thememory card 200 e. As a result, the userhistory information list 231 e includes the user history information composed of “ID-A” and “C001” and the user history information composed of “ID-A” and “C002”. - When the
memory card 200 e is loaded to theregister device 300, this userhistory information list 231 e is transmitted from theregister device 300 to themanagement server device 100, and themanagement server device 100 writes the user history information composed of “ID-A” and the content ID “C002” to the serverhistory information list 120 e. - Thus, in the case where the user uses only one memory card, group β stored in the
management server device 100 is always a subset of group α transmitted from thememory card 200 e. - Consider the case where the user subsequently uses another memory card having the same configuration as the
memory card 200 e for some reason. For example, the reason for using another memory card is that the user lost thememory card 200 e, thememory card 200 e was broken, or the entire storage capacity of thememory card 200 e has been used up. - Suppose the user uses another memory card and plays back, the content identified by the content ID “C001”. In this case, user history information composed of the device ID for identifying the device used for the playback such as “ID-A” and the content ID “C001” is written to a user history information list of the other memory card. As a result, the user history information list of the other memory card includes the user history information composed of “ID-A” and “C001”.
- In such a case, since the user uses only the second card, group α transmitted from the
memory card 200 e is always a subset of group β stored in themanagement server device 100, instead of group β being a subset of group α. - In this case too, the device identified by the device ID can be regarded as an authorized device.
- For the above reason, the
control unit 102 judges that the device identified by the device ID is an authorized device in both of the case where group α is a subset of group β and the case where group β is a subset of group α. - (8) Another Modification
- A DVD player which is a content playback device may have the following configuration.
- The DVD player includes: an identifier storage unit operable to store a device identifier for identifying the DVD player; a history storage unit operable to acquire, each time a BD is loaded or an instruction to play back content stored on the BD is received from a user, that is, for each instance of content playback, a content identifier for identifying the content from the BD and store, together with a playback ordinal number of the content, the acquired content identifier and date and time information showing a playback date and time, as playback history information showing the playback of the content; and a write unit operable to write, when a memory card is loaded to the DVD player, the device identifier, the playback history information, and the playback ordinal number to the memory card.
- 3. Modification (2)
- The following describes an unauthorized device detection system 1 f (not illustrated) as a modification example of the unauthorized device detection system 1 e.
- The unauthorized device detection system 1 f operates in the following manner. The
management server device 100 stores, in correspondence with each device ID, one or more content IDs respectively for identifying one or more sets of content played back by a DVD player identified by the device ID and a playback ordinal number showing an ordinal number of each set of content in a content playback order. Themanagement server device 100 compares a group of playback ordinal numbers and content IDs for identifying one or more sets of content played back by a DVD player identified by a specific device ID, with a group of playback ordinal numbers and content IDs stored in themanagement server device 100 in correspondence with that device ID. If the two groups completely match each other, that is, if all content IDs included in either one of the two groups completely match all content IDs included in the other group and also a playback ordinal number corresponding to each content ID in one group matches a playback ordinal number corresponding to its matching content ID in the other group, themanagement server device 100 judges that the DVD player identified by the device ID is an authorized device. Otherwise, themanagement server device 100 judges that the DVD player identified by the device ID is an unauthorized device. - The unauthorized device detection system 1 f has a similar configuration to the unauthorized device detection system 1 e. The following mainly describes the difference from the unauthorized device detection system 1 e.
- (1) Configuration of the
Memory Card 200 e - The unauthorized device detection system 1 f uses the
memory card 200 e as in the unauthorized device detection system 1 e. Thestorage unit 203 e in thememory card 200 e has thegeneral area 205 e. Thegeneral area 205 e has a userhistory information list 231 f shown inFIG. 28 , instead of the userhistory information list 231 e. The following mainly describes the difference from thememory card 200 e used in the unauthorized device detection system 1 e. - The user
history information list 231 f has an area for storing at least one set of user history information. - Each set of user history information includes one device ID, one playback ordinal number, and one content ID, and corresponds to one set of content played back by one device (DVD player in this embodiment).
- The device ID is identification information for uniquely identifying a device (DVD player in this embodiment) that plays back the content corresponding to the user history information that includes the device ID. As mentioned earlier, however, if there is an unauthorized device that stores the device ID unauthorizedly, the device ID may be unable to uniquely identify one device.
- The content ID is identification information for uniquely identifying the content corresponding to the user history information that includes the content ID.
- The playback ordinal number is information showing an ordinal number at which the content corresponding to the user history information that includes the playback ordinal number is played back by the device.
- (2) Configuration of the
Management Server Device 100 - The
management server device 100 in the unauthorized device detection system 1 f has a similar configuration to themanagement server device 100 in the unauthorized device detection system 1 e. The following mainly describes the difference from themanagement server device 100 in the unauthorized device detection system 1 e. - The
management server device 100 has a serverhistory information list 120 f shown inFIG. 29 in the managementtable storage unit 103, instead of the serverhistory information list 120 e. - The server
history information list 120 f is made up of a plurality of sets of server history information. Each set of server history information corresponds to one set of content played back by one device (DVD player in this embodiment). - Each set of server history information includes a device ID, a playback ordinal number, and a content ID.
- The device ID is identification information for uniquely identifying the device that plays back the content corresponding to the server history information that includes the device ID. As mentioned earlier, however, if there is an unauthorized device that stores the device ID unauthorizedly, the device ID may be unable to uniquely identify one device.
- The content ID is identification information for uniquely identifying the content corresponding to the server history information that includes the content ID.
- The playback ordinal number is information showing an ordinal number at which the content corresponding to the server history information that includes the playback ordinal number is played back by the device.
- The
control unit 102 receives the user history information list from thememory card 200 e via theregister device 300 and theinternet 10, and extracts a device ID from the received user history information list. Here, it is supposed that one device ID is extracted. - The
control unit 102 extracts all sets of server history information that include the extracted device ID, from the serverhistory information list 120 f. A group of all extracted sets of server history information is referred to as server history information group β, while the received user history information list is referred to as group α. - The
control unit 102 compares group α and group β, to judge whether or not group α and group β completely match each other. - The complete match mentioned here denotes the following state.
- All content IDs in group α completely match all content IDs in group β, and also a playback ordinal number corresponding to each content ID in group α matches a playback ordinal number corresponding to its matching content ID in group β.
- If group α and group β completely match each other, the
control unit 102 judges that a DVD player identified by the extracted device ID is an authorized device, sets the device judgment level to “0”, and transmits the device judgment level to theregister device 300 via theinternet 10. - If group α and group β do not completely match each other, the
control unit 102 judges that the DVD player identified by the extracted device ID is an unauthorized device, sets the device judgment level to “3”, and writes the extracted device ID to the unauthorized device list. Thecontrol unit 102 also adds group α to the serverhistory information list 120 f, and transmits the device judgment level to theregister device 300 via theinternet 10. - (3) Operation when Purchasing a DVD
- An operation of the
management server device 100 when purchasing a DVD is described below, with reference to a flowchart ofFIG. 30 . - The
control unit 102 in themanagement server device 100 receives the user history information list from thememory card 200 e via theregister device 300 and theinternet 10, extracts a device ID from the received user history information list, and extracts all sets of server history information that include the extracted device ID from the serverhistory information list 120 f. - The
control unit 102 compares group α and group β. If content IDs in group α match content IDs in group β (step S437 f), thecontrol unit 102 compares their corresponding playback ordinal numbers. If their corresponding playback ordinal numbers match, that is, if group α and group β completely match each other (step S451), thecontrol unit 102 sets the device judgment level to “0” (step S438 f). - Otherwise (step S437 f), the
control unit 102 sets the device judgment level to “3” (step S439 f), and writes the extracted device ID to the unauthorized device list (step S440 f). - (4) Example of Comparison between Group α and Group β
- The comparison between group α and group β by the
control unit 102 is explained below, using examples. As mentioned earlier, group α is obtained from thememory card 200 e, whereas group β is extracted from the serverhistory information list 120 f in themanagement server device 100. -
FIG. 31 shows a first example of comparison between group α and group β. InFIG. 31 , group α 611 is composed of pairs of playback ordinal numbers and content IDs {“1”, “C001”}, {“2”, “C002”}, {“3”, “C003”}, {“4”, “C004”}, and {“5”, “C005”}, while group β 612 is composed of pairs of playback ordinal numbers and content IDs {“1”, “C001”}, {“2”, “C002”}, {“3”, “C003”}, {“4”, “C004”}, and {“5”, “C005”}. - In this case, group α 611 and group β 612 completely match each other, and so the device identified by the extracted device ID is presumed to be an authorized device.
-
FIG. 32 shows a second example of comparison between group α and group β. InFIG. 32 , group α 613 is composed of pairs of playback ordinal numbers and content IDs {“2”, “C001”}, {“1”, “C002”}, {“3”, “C003”}, {“4”, “C004”}, and {“5”, “C005”}, while group β 614 is composed of pairs of playback ordinal numbers and content IDs {“1”, “C001”}, {“2”, “C002”}, {“3”, “C003”}, {“4”, “C004”}, and {“5”, “C005”}. When comparinggroup α 613 andgroup β 614, though the content IDs in the two groups match each other, the playback ordinal numbers corresponding to the content IDs “C001” and “C002” ingroup α 613 are different from the playback ordinal numbers corresponding to the content IDs “C001” and “C002” ingroup β 614. Accordingly, the device identified by the extracted device ID is presumed to be an unauthorized device in this case. - (5) Modification of the Unauthorized Device Detection System 1 f
- In the above example, the device is presumed to be authorized when group α and group β completely match each other, but the present invention is not limited to such. The following operation may be performed except when group α and group β completely match each other.
- By referring to the content IDs that constitute part of the elements of group α and the content IDs that constitute part of the elements of group β, the
control unit 102 compares group A which is composed of the content IDs of group α and group B which is composed of the content IDs of group β, to judge if group A is a subset of group B, group B is a subset of group A, or group A and group B do not have the subset relation. - When group A is a subset of group B or group B is a subset of group A, the
control unit 102 extracts each content ID that is included in both group A and group B. - The
control unit 102 extracts a playback ordinal number corresponding to the extracted content ID from group α and a playback ordinal number corresponding to the extracted content ID from group β, and judges whether the extracted two playback ordinal numbers match each other. If the extracted two playback ordinal numbers do not match each other, thecontrol unit 102 presumes that the device identified by the extracted device ID is an unauthorized device. - If the extracted two playback ordinal numbers match each other for every extracted content ID, the
control unit 102 presumes that the device identified by the extracted device ID is an authorized device. - 4. Modification (3)
- The following describes an unauthorized device detection system 1 g (not illustrated) as a modification of the unauthorized device detection system 1 f.
- As explained with regard to the unauthorized device detection system 1 f, before the user plays back content for the first time, there is no user history information in the user
history information list 231 f stored on thememory card 200 e. - When the user plays back content identified by the content ID “C001”, user history information that is made up of a device ID for identifying a device used for the playback such as “ID-A”, a payback ordinal number “1”, and the content ID “C001” is written to the user
history information list 231 f on thememory card 200 e. - When the
memory card 200 e is loaded to theregister device 300, this userhistory information list 231 f is transmitted from theregister device 300 to themanagement server device 100, and themanagement server device 100 writes the user history information made up of “ID-A”, the playback ordinal number “1”, and the content ID “C001” to the serverhistory information list 120 f. - After this, when the user plays back content identified by the content ID “C002”, user history information that is made up of the device ID for identifying the device used for the playback such as “ID-A”, a playback ordinal number “2”, and the content ID “C002” is written to the user
history information list 231 f on thememory card 200 e. As a result, the userhistory information list 231 f includes the user history information made up of “ID-A”, “1”, and “C001” and the user history information made up of “ID-A”, “2”, and “C002”. - When the
memory card 200 e is loaded to theregister device 300, this userhistory information list 231 f is transmitted from theregister device 300 to themanagement server device 100, and themanagement server device 100 writes the user history information made up of “ID-A”, the playback ordinal number “2”, and the content ID “C002” to the serverhistory information list 120 f. - Thus, in the case where the user uses only one memory card, group β stored in the
management server device 100 is always a subset of group α transmitted from thememory card 200 e. - Suppose the user subsequently uses another memory card having the same configuration as the
memory card 200 e and plays back content identified by the content ID “C003”. The reason for using another memory card is as explained above. In this case, user history information that is made up of the device ID for identifying the device used for the playback such as “ID-A”, a playback ordinal number “1”, and the content ID “C003” is written to a user history information list on the other memory card. As a result, the user history information list of the other memory card includes the user history information made up of “ID-A”, the playback ordinal number “1”, and “C003”. - In such a case, group β stored in the
management server device 100 is not a subset of group α transmitted from thememory card 200 e, and also group α is not a subset of group β. Even in this case, the device identified by the device ID can be regarded as an authorized device. - Here, the following states are regarded as belonging to a same viewing history series (a first viewing history series): an initial state where no user history information is included in the user
history information list 231 f on thememory card 200 e; a subsequent state where the user history information made up of “ID-A”, “1”, and “C001” is written to the userhistory information list 231 f; a subsequent state where the user history information made up of “ID-A”, “2”, and “C002” is written to the userhistory information list 231 f; a subsequent state where user history information made up of “ID-A”, a playback ordinal number, and another content ID is written to the userhistory information list 231 f; and a similar state that would subsequently occur. - Meanwhile, the following states are regarded as belonging to a same viewing history series (a second viewing history series): a state where the user history information made up of “ID-A”, the playback ordinal number “1”, and the content ID “C003” is written to the user history information list on the other memory card; a subsequent state where user history information made up of “ID-A”, a playback ordinal number, and another content ID is written to the user history information list; and a similar state that would subsequently occur.
- The first viewing history series and the second viewing history series correspond to the same device ID, but are different from each other.
- (1) Configuration of the Unauthorized Device Detection System 1 g
- The
management server device 100 in the unauthorized device detection system 1 g extracts, from the serverhistory information list 120 f stored therein (same as the serverhistory information list 120 f in the unauthorized device detection system 1 f), one or more viewing history series that correspond to the same device ID as the device ID received from thememory card 200 e via theregister device 300, and judges whether a viewing history series to which the received user history information list belongs is the same as any of the extracted viewing history series. If the judgment is affirmative, themanagement server device 100 calculates a total series number showing a total number of the extracted viewing history series. If the judgment is negative, themanagement server device 100 adds “1” to the total number of the extracted viewing history series, to thereby calculate the total series number. Themanagement server device 100 compares the calculated total series number with a predetermined threshold value such as “100”. If the calculated total series number is more than “100”, themanagement server device 100 presumes that the device identified by the received device ID is an unauthorized device. If the calculated total series number is no more than “100”, themanagement server device 100 presumes that the device identified by the received device ID is an authorized device. - The unauthorized device detection system 1 g has a similar configuration to the unauthorized device detection system 1 f. The following mainly describes the difference from the unauthorized device detection system 1 f.
- The unauthorized device detection system 1 g uses the
memory card 200 e having the same configuration as that in the unauthorized device detection system 1 f. Thememory card 200 e has the userhistory information list 231 f shown inFIG. 28 . - (2) Configuration of the
Management Server Device 100 - The
management server device 100 in the unauthorized device detection system 1 g has a similar configuration to themanagement server device 100 in the unauthorized device detection system 1 f. The following mainly describes the difference from themanagement server device 100 in the unauthorized device detection system 1 f. - The
management server device 100 has the serverhistory information list 120 f shown inFIG. 29 , in the managementtable storage unit 103. - The server
history information list 120 f is as described above. In the serverhistory information list 120 f, all sets of server history information that belong to a same viewing history series are arranged adjacent to each other and in ascending order of playback ordinal numbers. - The
control unit 102 receives the user history information list from thememory card 200 e via theregister device 300 and theinternet 10, and extracts a device ID from the received user history information list. Here, it is supposed that one device ID is extracted. - The
control unit 102 extracts all sets of server history information that include the extracted device ID, from the serverhistory information list 120 f. All of the extracted sets of server history information are referred to as a server history information group.FIG. 34 shows a serverhistory information group 621 as one example of the server history information group. - Next, the
control unit 102 classifies the extracted sets of server history information into one or more viewing history series, in the following way. - In the server
history information list 120 f, sets of server history information that belong to a same viewing history series are arranged adjacent to each other and in ascending order of playback ordinal numbers. This being so, thecontrol unit 102 sequentially reads the extracted sets of server history information one by one, and compares a playback ordinal number in a set of server history information which is currently read with a playback ordinal number in a set of server history information which was read immediately before. If the playback ordinal number in the set of server history information is smaller than the playback ordinal number in the immediately preceding set of server history information, thecontrol unit 102 judges that the immediately preceding set of server history information and the set of server history information represent a boundary between two viewing history series, and determines the immediately preceding set of server history information as belonging to one viewing history series and the set of server history information onward as belonging to another viewing history series. - In the server
history information group 621 shown inFIG. 34 , agroup 631 of sets of server history information belongs to one viewing history series, agroup 632 of other sets of server history information belongs to another viewing history series, and agroup 633 of other sets of server history information belongs to another viewing history series. As shown inFIG. 34 , the playback ordinal number drops from “3” to “1” at the boundary between thegroup 631 and thegroup 632. - In this way, the
control unit 102 classifies all of the extracted sets of server history information into one or more viewing history series. - The
control unit 102 then judges whether the viewing history series to which the received user history information list belongs is the same as any of the extracted viewing history series. If the judgment is affirmative, thecontrol unit 102 calculates a total series number showing a total number of the extracted viewing history series. If the judgment is negative, thecontrol unit 102 adds “1” to the number of the extracted viewing history series and calculates the total series number. - The
control unit 102 compares the calculated total series number with a predetermined threshold value such as “100”. If the calculated total series number is more than “100”, thecontrol unit 102 presumes that the device identified by the received device ID is an unauthorized device, sets the device judgment level to “3”, and writes the extracted device ID to the unauthorized device list. Thecontrol unit 102 also adds the received user history information list to the serverhistory information list 120 f, and transmits the device judgment level to theregister device 300 via theinternet 10. - If the calculated total series number is no more than “100”, the
control unit 102 presumes that the device identified by the received device ID is an authorized device, sets the device judgment level to “0”, adds the received user history information list to the serverhistory information list 120 f, and transmits the device judgment level to theregister device 300 via theinternet 10. - (3) Operation when Purchasing a DVD
- An operation of the
management server device 100 when purchasing a DVD is described below, with reference to a flowchart ofFIG. 33 . - The
register device 300 outputs a read instruction to read the user history information list to the loadedmemory card 200 e (step S431). Thememory card 200 e reads the userhistory information list 231 f from thegeneral area 205 e (step S432), and outputs the read userhistory information list 231 f to the register device 300 (step S433). - The
register device 300 transmits the received user history information list to themanagement server device 100 via the internet 10 (step S434). - The
control unit 102 in themanagement server device 100 receives the user history information list from thememory card 200 e via theregister device 300 and the internet 10 (steps S433-S434), and extracts a device ID from the received user history information list (step S435). - The
control unit 102 then extracts all sets of server history information that include the extracted device ID, from the serverhistory information list 120 f (step S436). - Through the use of the received user history information list and all of the extracted sets of server history information, the
control unit 102 extracts viewing history series, calculates a total series number of the extracted viewing history series, and temporarily stores the calculated total series number (step S461). - The
control unit 102 compares the calculated total series number with “100”. If the calculated total series number is more than “100” (step S462), thecontrol unit 102 sets the device judgment level to “3” (step S439), and writes the extracted device ID to the unauthorized device list (step S440). - If the calculated total series number is no more than “100” (step S462), the
control unit 102 sets the device judgment level to “0” (step S438). - The
control unit 102 then writes the received user history information list to the serverhistory information list 120 f (step S411), and transmits the device judgment level to theregister device 300 via the internet 10 (step S442). - 5. Other Modifications
- Although the present invention has been described by way of the above embodiment, it should be obvious that the present invention is not limited to the above. Example modifications are given below.
- (1) The above embodiment describes the case where a DVD player decrypts encrypted content stored on a DVD and plays back the decrypted content, but this is not a limit for the present invention. For example, a content playback device that acquires encrypted content via a network, decrypts the encrypted content, and plays back the decrypted content may be used instead of the DVD player. As an alternative, encrypted content may be broadcast by digital broadcasting, so that a digital broadcast reception device receives a broadcast wave, extracts the encrypted content from the received broadcast wave, decrypts the encrypted content, and plays back the decrypted content.
- Also, encrypted content may be stored on a portable memory card together with an encrypted content key, so that a content playback device reads the encrypted content from the memory card, decrypts the encrypted content, and plays back the decrypted content.
- (2) The above embodiment describes the case where one device key is assigned to one DVD player, but the number of device keys assigned to one playback device may be more than one. Alternatively, a plurality of devices may share a same device key.
- (3) The above embodiment describes the case where content is encrypted using a content key and the content key is encrypted using a device key, but the present invention is not limited to this.
- For example, one more level may be added to a key hierarchy such that content is encrypted using a content key, the content key is encrypted using a media key, and the media key is encrypted using a device key. There is no specific limit to the number of levels of the key hierarchy.
- (4) The above embodiment describes the case where the management server device detects an unauthorized device by judging whether a device that uses content is authorized or unauthorized, but the present invention is not limited to such.
- For instance, instead of applying the present invention to a content use system, the present invention may be applied to a commuter pass use system for trains or the like, so that a management device detects unauthorized use by judging whether a commuter pass is used authorizedly or unauthorizedly.
- As one example, the commuter pass use system is constituted by a ticket gate installed at a station and a pair of a mobile terminal which has a device ID and a portable medium which stores commuter pass information and has a media ID. The portable medium is used in a state of being loaded in the mobile terminal. The ticket gate operates in the same way as the management server device in the above embodiment. The ticket gate manages pairs of device IDs and media IDs. If one portable medium is loaded to a mobile terminal of another person and used, the management device can detect that a media ID of this portable medium is used in pair with a different device ID. Thus, the management device can detect the unauthorized use of the portable medium.
- In this case too, a threshold value may be provided to enable to set the number of devices (the number of device IDs) that can be used by one portable medium.
- The present invention is equally applicable to other systems that detect an unauthorized device or unauthorized use based on device IDs and media IDs.
- (5) The above embodiment describes the case where the user carries a portable medium to use a shop device, but this is not a limit for the present invention.
- As one example, a MAC address may be used instead of a media ID. In this case, a device ID and a MAC address are transmitted to, a management device via a network, and the management device judges whether a device is unauthorized using the MAC address and, if not, transmits an encrypted content key.
- Also, an IC card or the like that has unrewritable unique information may be used instead of the MAC address. The present invention is equally applicable to any configuration in which unrewritable or unchangeable unique information is used instead of a media ID.
- (6) The above embodiment describes the case where a portable medium holds a unique media ID, but the present invention is not limited to such. For instance, a plurality of predetermined (manageable) portable media may have a same media ID.
- (7) The above embodiment describes the case where a plurality of threshold values are set such that a warning is issued before judging that the device is unauthorized when one threshold value is exceeded, and the device is judged as unauthorized when another threshold value is exceeded. This can be modified to use only one threshold value. In such a case, the device is presumed to be unauthorized when the threshold value is exceeded, and authorized when the threshold value is not exceeded.
- (8) In the above embodiment and modifications, an IC card may be used instead of a memory card.
- (9) In the above embodiment and modifications, the
management server device 100 and theregister device 300 may be combined to form one device. - (10) Each of the aforedescribed devices can actually be realized by a computer system that includes a microprocessor, a ROM, a RAM, a hard disk unit, a display unit, a keyboard, a mouse, and the like. A computer program is stored on the RAM or the hard disk unit. Here, to attain predetermined functions, the computer program is structured by combining a plurality of instruction codes showing commands to a computer. The functions of each device can be achieved by the microprocessor operating in accordance with this computer program. Which is to say, the microprocessor reads the instructions included in the computer program one by one, decodes the read instruction, and operates in accordance with a decoding result.
- (11) The elements constituting each of the aforedescribed devices may be partially or entirely implemented by a single system LSI (Large Scale Integration). The system LSI is an ultra-multifunctional LSI manufactured by integrating multiple components on a single chip, and can actually be realized by a computer system that includes a microprocessor, a ROM, a RAM, and the like. A computer program is stored on the RAM. Functions of the system LSI can be achieved by the microprocessor operating in accordance with this computer program.
- The elements constituting each of the aforedescribed devices may be individually implemented by one chip, or partly or wholly implemented by one chip. Also, though the LSI is described here, the circuit may be called an IC, a system LSI, a super LSI, or an ultra LSI, depending on the degree of integration.
- Also, the integration is not limited to the LSI, and may be performed using a dedicated circuit or a general processor. A FPGA (Field Programmable Gate Array) that can be programmed or a reconfigurable processor capable of reconfiguring connections and settings of circuit cells in an LSI may be used after producing the LSI.
- (12) The elements constituting each of the aforedescribed devices may be partially or entirely implemented by a removable IC card or a discrete module. The IC card or the module referred to here is a computer system that includes a microprocessor, a ROM, a RAM, and the like. The IC card or the module may contain the above ultra-multifunctional LSI. Functions of the IC card or the module can be achieved by the microprocessor operating in accordance with the computer program. Here, the IC card or the module may be tamper-resistant.
- (13) The present invention also applies to the method described above. This method may be realized by a computer program that is executed by a computer. Such a computer program may be distributed as a digital signal.
- The present invention may be realized by a computer-readable recording medium, such as a flexible disk, a hard disk, a CD-ROM, an MO, a DVD, a DVD-ROM, a DVD-RAM, a BD (Blu-ray Disc), or a semiconductor memory, on which the above computer program or digital signal is recorded. Conversely, the present invention may also be realized by the computer program or digital signal that is recorded on such a recording medium.
- The computer program or digital signal that achieves the present invention may also be transmitted via a network, such as an electronic communications network, a wired or wireless communications network, or an internet, or via data broadcasting.
- The present invention can also be realized by a computer system that includes a microprocessor and a memory. In this case, the computer program can be stored in the memory, with the microprocessor operating in accordance with this computer program.
- The computer program or the digital signal may be provided to an independent computer system by distributing a recording medium on which the computer program or the digital signal is recorded, or by transmitting the computer program or the digital signal via a network. The independent computer system may then execute the computer program or the digital signal to function as the present invention.
- (14) The above embodiment and modifications may be freely combined.
- (15) Conclusion
- As described above, the present invention is an unauthorized device detection system that includes a use device for using content, a management device for managing whether the use device is unauthorized or not, and a portable medium for storing data. The user device includes: a storage unit operable to store device identification information for identifying the device. The portable medium includes: a first storage area for storing the device identification information; and a second storage area for storing media identification information for identifying the portable medium. The management device includes: a read unit operable to read the device identification information and the media identification information respectively from the first storage area and the second storage area of the portable medium; and a judgment unit operable to judge, from the read device identification information and media identification information, whether the use device holding the device identification information is an unauthorized device.
- Here, the management device may include: a table generation unit operable to generate a management table for managing the media identification information based on the device identification information.
- Here, the management device may include: a threshold value storage unit operable to store a threshold value for judging whether the use device is an unauthorized device, wherein the table generation unit in the management device counts a total number of sets of media identification information based on the device identification information and generates the management table storing the counted total number, and the judgment unit in the management device judges that the use device is an unauthorized device when the counted total number exceeds the threshold value stored in the threshold value storage unit.
- Here, the threshold value storage unit in the management device may store one or more threshold values for each set of device identification information.
- Here, the management device may include: a device key storage unit operable to store a device key in correspondence with the device identification information; a selection unit operable to select a content key necessary for using the content; an encryption nit operable to encrypt the selected content key using the device key corresponding to the device identification information; and a write unit operable to write the encrypted content key to the portable medium, wherein the portable medium includes a third storage area for storing the encrypted content key.
- Here, the use device may include: a judgment unit operable to judge whether the device identification information stored therein is stored on the portable medium; and a write unit operable to write, if the device identification information is not stored on the portable medium, the device identification information to the first storage area of the portable medium.
- Here, the portable medium may include: a third storage area for storing an encrypted content key necessary for using the content, wherein the use device includes: a read unit operable to read the encrypted content key corresponding to the device from the third storage area of the portable medium.
- Here, the portable medium may include: a third storage area for storing an encrypted content key necessary for using the content; and a fourth storage area for storing the content encrypted using a content key, wherein the use device includes: a read unit operable to read the encrypted content from the fourth storage area of the portable medium.
- Here, the portable medium may include: a third storage area for storing an encrypted content key necessary for using the content, wherein the use device includes: a judgment unit operable to judge whether the encrypted content key necessary for the device exists in the third storage area of the portable medium.
- Here, the portable medium may be a memory card.
- Here, the portable medium may be an IC card.
- Also, the present invention is a management device for managing whether a use device that uses content is unauthorized or not, wherein a portable medium for storing data includes: a first storage area for storing device identification information for identifying the use device; and a second storage area for storing media identification information for identifying the portable medium, and the management device includes: a read unit operable to read the device identification information and the media identification information respectively from the first storage area and the second storage area of the portable medium; and a judgment unit operable to judge, from the read device identification information and media identification information, whether the use device holding the device identification information is an unauthorized device.
- Here, the management device may include: a table generation unit operable to generate a management table for managing the media identification information based on the device identification information.
- Here, the management device may include: a threshold value storage unit operable to store a threshold value for judging whether the use device is an unauthorized device, wherein the management table generation unit in the management device counts a total number of sets of media identification information based on the device identification information and generates the management table storing the counted total number, and the judgment unit in the management device judges that the use device is an unauthorized device when the counted total number exceeds the threshold value stored in the threshold value storage unit.
- Here, the threshold value storage unit in the management device may store one or more threshold values for each set of device identification information.
- Here, the management device may include: a device key storage unit operable to store a device key in correspondence with the device identification information; a selection unit operable to select a content key necessary for using the content; an encryption nit operable to encrypt the selected content key using the device key corresponding to the device identification information; and a write unit operable to write the encrypted content key to the portable medium.
- Also, the present invention is a use device for using content, wherein a portable medium for storing data includes: a first storage area for storing device identification information for identifying the use device; and a second storage area for storing media identification information for identifying the portable medium, and the use device includes: a storage unit operable to store the device identification information for identifying the device.
- Here, the use device may include: a judgment unit operable to judge whether the device identification information stored therein is stored on the portable medium; and a write unit operable to write, if the device identification information is not stored on the portable medium, the device identification information to the first storage area of the portable medium.
- Here, the portable medium may include: a third storage area for storing an encrypted content key necessary for using the content, wherein the use device includes: a read unit operable to read the encrypted content key corresponding to the device from the third storage area of the portable medium.
- Here, the portable medium may include: a third storage area for storing an encrypted content key necessary for using the content; and a fourth storage area for storing the content encrypted using a content key, wherein the use device includes: a read unit operable to read the encrypted content from the fourth storage area of the portable medium.
- Here, the portable medium may include: a third storage area for storing an encrypted content key necessary for using the content, wherein the use device includes: a judgment unit operable to judge whether the encrypted content key necessary for the device exists in the third storage area of the portable medium.
- Also, the present invention is a portable medium for storing data, including: a first storage area for storing device identification information for identifying a use device for using content; and a second storage area for storing media identification information for identifying the portable medium.
- Here, the portable medium may include: a third storage area for storing an encrypted content key necessary for using the content.
- Here, the portable medium may be a memory card.
- Here, the portable medium may be an IC card.
- Also, the present invention is an unauthorized use detection system that includes a management device for managing unauthorized use and a portable medium for storing data. The portable medium includes: a first storage area for storing device identification information for identifying a use device; and a second storage area for storing media identification information for identifying the portable medium. The management device includes: a read unit operable to read the device identification information and the media identification information respectively from the first storage area and the second storage area of the portable medium; and a judgment unit operable to judge, from the read device identification information and media identification information, whether the use device holding the device identification information is unauthorizedly used.
- Here, the management device may include: a table generation unit operable to generate a management table for managing a pair of the device identification information and the media identification information; and a judgment unit operable to judge, based on the media identification information, that the use is unauthorized when different device identification information is obtained.
- Here, the management device may include: a storage unit operable to store a different threshold value for each set of media identification information.
- Also, the present invention is a management device for managing unauthorized use, wherein a portable medium for storing data includes: a first storage area for storing device identification information for identifying a use device; and a second storage area for storing media identification information for identifying the portable medium, and the management device includes: a read unit operable to read the device identification information and the media identification information respectively from the first storage area and the second storage area of the portable medium; and a judgment unit operable to judge, from the read device identification information and media identification information, whether the use device holding the device identification information is unauthorizedly used.
- Here, the management device may include: a table generation unit operable to generate a management table for managing a pair of the device identification information and the media identification information; and a judgment unit operable to judge, based on the media identification information, that the use is unauthorized when different device identification information is obtained.
- Here, the management device may include: a storage unit operable to store a different threshold value for each set of media identification information.
- Also, the present invention is an unauthorized device detection method used in a use device for using content, a management device for managing whether the use device is unauthorized, and a portable medium for storing data, the unauthorized device detection method including: a storage step of, in the use device, storing device identification information for identifying the device; a first storage step of, in the portable medium, storing the device identification information; a second storage step of, in the portable medium, storing media identification information for identifying the portable medium; a read step of, in the management device, reading the device identification information and the media identification information respectively from a first storage area and a second storage area of the portable medium; and a judgment step of, in the management device, judging, from the read device identification information and media identification information, whether the use device holding the device identification information is an unauthorized device.
- Each device and recording medium constituting the present invention can be used recurrently and continuously in any industry that requires detection of an unauthorized device, and especially in a content distribution industry for producing and distributing content. Also, each device and recording medium constituting the present invention can be manufactured and sold recurrently and continuously in an electric device manufacturing industry.
Claims (13)
Applications Claiming Priority (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2004-360436 | 2004-12-13 | ||
JP2004-360437 | 2004-12-13 | ||
JP2004360436 | 2004-12-13 | ||
JP2004360437 | 2004-12-13 | ||
PCT/JP2005/022779 WO2006064765A1 (en) | 2004-12-13 | 2005-12-12 | Unauthorized device detection device and unauthorized device detection system |
Publications (1)
Publication Number | Publication Date |
---|---|
US20080016001A1 true US20080016001A1 (en) | 2008-01-17 |
Family
ID=36587821
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/589,288 Active 2026-07-09 US7617536B2 (en) | 2004-12-13 | 2005-12-12 | Unauthorized device detection device, unauthorized device detection system, unauthorized device detection method, program, recording medium, and device information update method |
US11/791,853 Abandoned US20080016001A1 (en) | 2004-12-13 | 2005-12-12 | Unauthorized Device Detection Device And Unauthorized Device Detection System |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/589,288 Active 2026-07-09 US7617536B2 (en) | 2004-12-13 | 2005-12-12 | Unauthorized device detection device, unauthorized device detection system, unauthorized device detection method, program, recording medium, and device information update method |
Country Status (3)
Country | Link |
---|---|
US (2) | US7617536B2 (en) |
JP (2) | JP4857123B2 (en) |
WO (2) | WO2006064768A1 (en) |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080205642A1 (en) * | 2007-02-20 | 2008-08-28 | Canon Kabushiki Kaisha | Image capture apparatus |
US20090144204A1 (en) * | 2007-11-29 | 2009-06-04 | Visa Usa, Inc. | Module id based targeted marketing |
US20100064379A1 (en) * | 2008-09-10 | 2010-03-11 | Tia Manning Cassett | Remote Diagnosis of Unauthorized Hardware Change |
US20100146297A1 (en) * | 2008-11-26 | 2010-06-10 | Stephane Onno | Method and system digital for processing digital content according to a workflow |
US20130198005A1 (en) * | 2012-01-27 | 2013-08-01 | Sony Network Entertainment International Llc | System, method, and infrastructure for real-time live streaming content |
US20140143084A1 (en) * | 2012-11-16 | 2014-05-22 | Nintendo Co., Ltd. | Service provision system, service provision method, server system, and non-transitory computer-readable storage medium having stored therein service provision program |
US20150294111A1 (en) * | 2014-04-11 | 2015-10-15 | Fuji Xerox Co., Ltd. | Unauthorized-communication detecting apparatus, unauthorized-communication detecting method and non-transitory computer readable medium |
US20160269179A1 (en) * | 2015-03-13 | 2016-09-15 | Fornetix Llc | Server-client key escrow for applied key management system and process |
US10860086B2 (en) | 2016-02-26 | 2020-12-08 | Fornetix Llc | Policy-enabled encryption keys having complex logical operations |
US10880281B2 (en) | 2016-02-26 | 2020-12-29 | Fornetix Llc | Structure of policies for evaluating key attributes of encryption keys |
US10917239B2 (en) | 2016-02-26 | 2021-02-09 | Fornetix Llc | Policy-enabled encryption keys having ephemeral policies |
US10931653B2 (en) | 2016-02-26 | 2021-02-23 | Fornetix Llc | System and method for hierarchy manipulation in an encryption key management system |
US11063980B2 (en) | 2016-02-26 | 2021-07-13 | Fornetix Llc | System and method for associating encryption key management policy with device activity |
US20220138285A1 (en) * | 2015-11-04 | 2022-05-05 | Screening Room Media, Inc. | Pairing Devices to Prevent Digital Content Misuse |
US11470086B2 (en) | 2015-03-12 | 2022-10-11 | Fornetix Llc | Systems and methods for organizing devices in a policy hierarchy |
Families Citing this family (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2008131557A (en) * | 2006-11-24 | 2008-06-05 | Matsushita Electric Ind Co Ltd | Video/audio output equipment, authentication processing method, and video/audio processing system |
EP2278513A1 (en) | 2009-07-15 | 2011-01-26 | Nagravision SA | Method for preventing the use of a cloned user unit communicating with a server |
US9253544B2 (en) * | 2009-07-20 | 2016-02-02 | Verimatrix, Inc. | Systems and methods for detecting clone playback devices |
CN101807236B (en) * | 2010-02-08 | 2012-11-28 | 深圳市同洲电子股份有限公司 | Authentication method, authentication system and corresponding terminal and headend equipment |
JP2011238062A (en) * | 2010-05-11 | 2011-11-24 | Sony Corp | Server apparatus, program, and information processing system |
JP5589685B2 (en) * | 2010-09-06 | 2014-09-17 | ソニー株式会社 | Information processing apparatus and method, and program |
JP2014524060A (en) * | 2011-05-16 | 2014-09-18 | パナソニック株式会社 | Duplicate determination device and duplicate management system |
US9226141B1 (en) | 2013-11-04 | 2015-12-29 | Sprint Communications Company L.P. | Identifying unsubscribed tethering in a wireless network |
US9699185B2 (en) | 2014-01-31 | 2017-07-04 | Panasonic Intellectual Property Management Co., Ltd. | Unauthorized device detection method, unauthorized device detection server, and unauthorized device detection system |
EP3275121B1 (en) | 2015-03-26 | 2020-06-10 | Maxxian Technology Inc. | Systems and methods for detecting and interfering with compromised devices |
CN105868623A (en) * | 2015-11-13 | 2016-08-17 | 乐视移动智能信息技术(北京)有限公司 | Permission detection method and terminal equipment |
KR102419505B1 (en) | 2016-03-09 | 2022-07-08 | 삼성전자주식회사 | Method and system for authentication of a storage device |
US10812613B2 (en) * | 2016-12-19 | 2020-10-20 | Chicago Mercantile Exchange Inc. | Optimization of encoding cycles for object recovery feed |
TWI766538B (en) * | 2021-01-12 | 2022-06-01 | 華碩電腦股份有限公司 | Encrypted hard disk device |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5715403A (en) * | 1994-11-23 | 1998-02-03 | Xerox Corporation | System for controlling the distribution and use of digital works having attached usage rights where the usage rights are defined by a usage rights grammar |
US5892900A (en) * | 1996-08-30 | 1999-04-06 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
US20010044786A1 (en) * | 2000-03-14 | 2001-11-22 | Yoshihito Ishibashi | Content usage management system and method, and program providing medium therefor |
US20020059120A1 (en) * | 2000-06-06 | 2002-05-16 | Milton James K. | Method and apparatus for creating and maintaining a virtual inventory in a distributed network |
US20020076204A1 (en) * | 2000-12-18 | 2002-06-20 | Toshihisa Nakano | Key management device/method/program, recording medium, reproducing device/method, recording device, and computer-readable, second recording medium storing the key management program for copyright protection |
US6466777B1 (en) * | 1998-12-15 | 2002-10-15 | Nec Corporation | Clone terminal detection system and method |
US20040244032A1 (en) * | 2003-04-25 | 2004-12-02 | Kabushiki Kaisha Toshiba | Receiving apparatus, communication apparatus, receiving system and receiving method |
US20110255690A1 (en) * | 2003-07-07 | 2011-10-20 | Rovi Solutions Corporation | Reprogrammable security for controlling piracy and enabling interactive content |
Family Cites Families (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH03195309A (en) | 1989-12-21 | 1991-08-26 | Kyushu Electric Power Co Inc | Protection cover inserter |
US5029207A (en) * | 1990-02-01 | 1991-07-02 | Scientific-Atlanta, Inc. | External security module for a television signal decoder |
JPH09167477A (en) * | 1995-12-18 | 1997-06-24 | Kokusai Electric Co Ltd | Voice reproducing device |
US5949877A (en) * | 1997-01-30 | 1999-09-07 | Intel Corporation | Content protection for transmission systems |
US6118873A (en) * | 1998-04-24 | 2000-09-12 | International Business Machines Corporation | System for encrypting broadcast programs in the presence of compromised receiver devices |
US7007162B1 (en) * | 1998-04-24 | 2006-02-28 | International Business Machines Corporation | Forensic media key block for identifying compromised keys |
JP2000222534A (en) | 1999-01-29 | 2000-08-11 | Hitachi Ltd | Illegal id detection supporting system |
US7380137B2 (en) * | 1999-07-20 | 2008-05-27 | International Business Machines Corporation | Content guard system for copy protection of recordable media |
JP2001118333A (en) * | 1999-10-14 | 2001-04-27 | Nomura Semiconductor Technology Inc | System for managing and inspecting reproduced information of information recording medium |
US6850914B1 (en) | 1999-11-08 | 2005-02-01 | Matsushita Electric Industrial Co., Ltd. | Revocation information updating method, revocation informaton updating apparatus and storage medium |
US20010029583A1 (en) * | 2000-02-17 | 2001-10-11 | Dennis Palatov | Video content distribution system including an interactive kiosk, a portable content storage device, and a set-top box |
JP2001337925A (en) * | 2000-05-25 | 2001-12-07 | Nec Gumma Ltd | User authentication device and business transaction system using it |
KR20050035140A (en) * | 2001-10-12 | 2005-04-15 | 마쯔시다덴기산교 가부시키가이샤 | Content processing apparatus and content protection program |
JP4084053B2 (en) * | 2002-02-07 | 2008-04-30 | 財団法人鉄道総合技術研究所 | Server system and authentication method |
US7020636B2 (en) * | 2002-09-05 | 2006-03-28 | Matsushita Electric Industrial, Co., Ltd. | Storage-medium rental system |
KR20040092649A (en) * | 2003-04-24 | 2004-11-04 | 엘지전자 주식회사 | Method for managing a copy protection information of optical disc |
-
2005
- 2005-12-12 US US10/589,288 patent/US7617536B2/en active Active
- 2005-12-12 WO PCT/JP2005/022788 patent/WO2006064768A1/en active Application Filing
- 2005-12-12 JP JP2006548829A patent/JP4857123B2/en not_active Expired - Fee Related
- 2005-12-12 WO PCT/JP2005/022779 patent/WO2006064765A1/en active Application Filing
- 2005-12-12 JP JP2006548827A patent/JP4827034B2/en active Active
- 2005-12-12 US US11/791,853 patent/US20080016001A1/en not_active Abandoned
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5715403A (en) * | 1994-11-23 | 1998-02-03 | Xerox Corporation | System for controlling the distribution and use of digital works having attached usage rights where the usage rights are defined by a usage rights grammar |
US5892900A (en) * | 1996-08-30 | 1999-04-06 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
US6466777B1 (en) * | 1998-12-15 | 2002-10-15 | Nec Corporation | Clone terminal detection system and method |
US20010044786A1 (en) * | 2000-03-14 | 2001-11-22 | Yoshihito Ishibashi | Content usage management system and method, and program providing medium therefor |
US20020059120A1 (en) * | 2000-06-06 | 2002-05-16 | Milton James K. | Method and apparatus for creating and maintaining a virtual inventory in a distributed network |
US20020076204A1 (en) * | 2000-12-18 | 2002-06-20 | Toshihisa Nakano | Key management device/method/program, recording medium, reproducing device/method, recording device, and computer-readable, second recording medium storing the key management program for copyright protection |
US20040244032A1 (en) * | 2003-04-25 | 2004-12-02 | Kabushiki Kaisha Toshiba | Receiving apparatus, communication apparatus, receiving system and receiving method |
US20110255690A1 (en) * | 2003-07-07 | 2011-10-20 | Rovi Solutions Corporation | Reprogrammable security for controlling piracy and enabling interactive content |
Cited By (32)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080205642A1 (en) * | 2007-02-20 | 2008-08-28 | Canon Kabushiki Kaisha | Image capture apparatus |
US9280775B2 (en) | 2007-11-29 | 2016-03-08 | Visa U.S.A. Inc. | Module ID based encryption for financial transactions |
US20090144204A1 (en) * | 2007-11-29 | 2009-06-04 | Visa Usa, Inc. | Module id based targeted marketing |
US10497001B2 (en) * | 2007-11-29 | 2019-12-03 | Visa U.S.A. Inc. | Module ID based targeted marketing |
US9805347B2 (en) | 2007-11-29 | 2017-10-31 | Visa Usa, Inc. | Serial number and payment data based payment card processing |
US9349127B2 (en) | 2007-11-29 | 2016-05-24 | Visa Usa Inc. | Serial number and payment data based payment card processing |
US20160140549A1 (en) * | 2007-11-29 | 2016-05-19 | Simon J. Hurry | Module id based targeted marketing |
US9269086B2 (en) * | 2007-11-29 | 2016-02-23 | Visa Usa, Inc. | Module ID based targeted marketing |
US20100064379A1 (en) * | 2008-09-10 | 2010-03-11 | Tia Manning Cassett | Remote Diagnosis of Unauthorized Hardware Change |
US8245315B2 (en) * | 2008-09-10 | 2012-08-14 | Qualcomm Incorporated | Remote diagnosis of unauthorized hardware change |
US9237310B2 (en) * | 2008-11-26 | 2016-01-12 | Thomson Licensing | Method and system digital for processing digital content according to a workflow |
US20100146297A1 (en) * | 2008-11-26 | 2010-06-10 | Stephane Onno | Method and system digital for processing digital content according to a workflow |
US20130198005A1 (en) * | 2012-01-27 | 2013-08-01 | Sony Network Entertainment International Llc | System, method, and infrastructure for real-time live streaming content |
US9875480B2 (en) * | 2012-01-27 | 2018-01-23 | Sony Network Entertainment International Llc | System, method, and infrastructure for real-time live streaming content |
US20140143084A1 (en) * | 2012-11-16 | 2014-05-22 | Nintendo Co., Ltd. | Service provision system, service provision method, server system, and non-transitory computer-readable storage medium having stored therein service provision program |
US9785991B2 (en) * | 2012-11-16 | 2017-10-10 | Nintendo Co., Ltd. | Service provision system, service provision method, server system, and non-transitory computer-readable storage medium having stored therein service provision program |
US20150294111A1 (en) * | 2014-04-11 | 2015-10-15 | Fuji Xerox Co., Ltd. | Unauthorized-communication detecting apparatus, unauthorized-communication detecting method and non-transitory computer readable medium |
US9705901B2 (en) * | 2014-04-11 | 2017-07-11 | Fuji Xerox Co., Ltd. | Unauthorized-communication detecting apparatus, unauthorized-communication detecting method and non-transitory computer readable medium |
US11470086B2 (en) | 2015-03-12 | 2022-10-11 | Fornetix Llc | Systems and methods for organizing devices in a policy hierarchy |
US11924345B2 (en) | 2015-03-13 | 2024-03-05 | Fornetix Llc | Server-client key escrow for applied key management system and process |
US10965459B2 (en) * | 2015-03-13 | 2021-03-30 | Fornetix Llc | Server-client key escrow for applied key management system and process |
US20160269179A1 (en) * | 2015-03-13 | 2016-09-15 | Fornetix Llc | Server-client key escrow for applied key management system and process |
US20220138285A1 (en) * | 2015-11-04 | 2022-05-05 | Screening Room Media, Inc. | Pairing Devices to Prevent Digital Content Misuse |
US11941089B2 (en) | 2015-11-04 | 2024-03-26 | Sr Labs, Inc. | Pairing devices to prevent digital content misuse |
US11853403B2 (en) * | 2015-11-04 | 2023-12-26 | Sr Labs, Inc. | Pairing devices to prevent digital content misuse |
US10931653B2 (en) | 2016-02-26 | 2021-02-23 | Fornetix Llc | System and method for hierarchy manipulation in an encryption key management system |
US11063980B2 (en) | 2016-02-26 | 2021-07-13 | Fornetix Llc | System and method for associating encryption key management policy with device activity |
US11537195B2 (en) | 2016-02-26 | 2022-12-27 | Fornetix Llc | Policy-enabled encryption keys having complex logical operations |
US11700244B2 (en) | 2016-02-26 | 2023-07-11 | Fornetix Llc | Structure of policies for evaluating key attributes of encryption keys |
US10860086B2 (en) | 2016-02-26 | 2020-12-08 | Fornetix Llc | Policy-enabled encryption keys having complex logical operations |
US10917239B2 (en) | 2016-02-26 | 2021-02-09 | Fornetix Llc | Policy-enabled encryption keys having ephemeral policies |
US10880281B2 (en) | 2016-02-26 | 2020-12-29 | Fornetix Llc | Structure of policies for evaluating key attributes of encryption keys |
Also Published As
Publication number | Publication date |
---|---|
US20070283162A1 (en) | 2007-12-06 |
JPWO2006064768A1 (en) | 2008-06-12 |
WO2006064768A1 (en) | 2006-06-22 |
US7617536B2 (en) | 2009-11-10 |
JPWO2006064765A1 (en) | 2008-06-12 |
WO2006064765A1 (en) | 2006-06-22 |
JP4827034B2 (en) | 2011-11-30 |
JP4857123B2 (en) | 2012-01-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20080016001A1 (en) | Unauthorized Device Detection Device And Unauthorized Device Detection System | |
US5835595A (en) | Method and apparatus for crytographically protecting data | |
CN100498948C (en) | Reproducing apparatus and method | |
CN100568367C (en) | Content delivering system, recording unit and method, reproducing device and method | |
US7940935B2 (en) | Content playback apparatus, content playback method, computer program, key relay apparatus, and recording medium | |
US7912789B2 (en) | Electronic value, electronic purse device, and system for using the same | |
JP4348818B2 (en) | Data distribution system and method, and data recording medium | |
KR101574618B1 (en) | Recordingreproducing system recording medium device and recordingreproducing device | |
US7020636B2 (en) | Storage-medium rental system | |
US7576651B2 (en) | Radio frequency identification (RFID) tag encryption method and system using broadcast encryption (BE) scheme | |
EP1473722B1 (en) | System and method for mutual authentication thereby scrambling information for accessing a confidential data storage area | |
CN100470573C (en) | Unauthorized deice detection device, unauthorized device detection system, unauthorized device detection method, program, recording medium, and device information update method | |
AU1547402A (en) | Information processing method/apparatus and program | |
CN103209176A (en) | System and method for building home domain by using smart card | |
US20090024849A1 (en) | Information acquisition device, information acquisition method, and information acquisition program | |
WO2011152065A1 (en) | Controller, control method, computer program, program recording medium, recording apparatus, and method of manufacturing recording apparatus | |
CN103797488A (en) | Method and apparatus for using non-volatile storage device | |
US20020004903A1 (en) | Controlled distributing of digital information, in particular audio | |
CN101292292B (en) | Method for etching and secure distribution of digital data, access device and writer | |
JP2002279102A (en) | Contents distribution system, contents decoding key delivery server, contents delivery method, contents regenerating device and program record medium | |
US7197649B1 (en) | Secure optical disk and method for securement of an optical disk | |
CN102959628B (en) | Information reproduction device, content provider system, method of providing content | |
JP2009530945A (en) | Method and apparatus for authenticating a static data carrier | |
CN103117071A (en) | Information processing device and information processing method, and program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: MATSUSHITA ELECTRIC INDUSTRIAL CO., LTD., JAPAN Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:NAKANO, TOSHIHISA;NONAKA, MASAO;FUTA, YUICHI;AND OTHERS;REEL/FRAME:020408/0346;SIGNING DATES FROM 20070416 TO 20070507 Owner name: THE UNIVERSITY OF TOKYO, JAPAN Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:NAKANO, TOSHIHISA;NONAKA, MASAO;FUTA, YUICHI;AND OTHERS;REEL/FRAME:020408/0346;SIGNING DATES FROM 20070416 TO 20070507 |
|
AS | Assignment |
Owner name: PANASONIC CORPORATION, JAPAN Free format text: CHANGE OF NAME;ASSIGNOR:MATSUSHITA ELECTRIC INDUSTRIAL CO., LTD.;REEL/FRAME:021851/0504 Effective date: 20081001 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |