WO2006064765A1 - 不正機器検出装置及び不正機器検出システム - Google Patents
不正機器検出装置及び不正機器検出システム Download PDFInfo
- Publication number
- WO2006064765A1 WO2006064765A1 PCT/JP2005/022779 JP2005022779W WO2006064765A1 WO 2006064765 A1 WO2006064765 A1 WO 2006064765A1 JP 2005022779 W JP2005022779 W JP 2005022779W WO 2006064765 A1 WO2006064765 A1 WO 2006064765A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- content
- identifier
- target
- unauthorized
- medium
- Prior art date
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 125
- 238000003860 storage Methods 0.000 claims description 134
- 238000004590 computer program Methods 0.000 claims description 27
- 239000000284 extract Substances 0.000 claims description 20
- 238000004364 calculation method Methods 0.000 claims description 3
- 238000000605 extraction Methods 0.000 claims description 3
- 238000004891 communication Methods 0.000 description 35
- 238000000034 method Methods 0.000 description 29
- 238000010586 diagram Methods 0.000 description 16
- 230000006870 function Effects 0.000 description 10
- 238000012986 modification Methods 0.000 description 10
- 230000004048 modification Effects 0.000 description 10
- 230000004044 response Effects 0.000 description 10
- 238000004422 calculation algorithm Methods 0.000 description 9
- 238000012545 processing Methods 0.000 description 9
- 230000000694 effects Effects 0.000 description 6
- 230000005236 sound signal Effects 0.000 description 6
- 238000010295 mobile communication Methods 0.000 description 4
- 239000000470 constituent Substances 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000010354 integration Effects 0.000 description 3
- 238000007639 printing Methods 0.000 description 3
- 230000001174 ascending effect Effects 0.000 description 2
- 230000002457 bidirectional effect Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000003252 repetitive effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000000392 somatic effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/107—License processing; Key processing
- G06F21/1073—Conversion
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/00188—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving measures which result in a restriction to authorised devices recording or reproducing contents to/from a record carrier
- G11B20/00195—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving measures which result in a restriction to authorised devices recording or reproducing contents to/from a record carrier using a device identifier associated with the player or recorder, e.g. serial numbers of playback apparatuses or MAC addresses
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/0021—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/0021—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
- G11B20/00485—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier characterised by a specific kind of data which is encrypted and recorded on and/or reproduced from the record carrier
- G11B20/00492—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier characterised by a specific kind of data which is encrypted and recorded on and/or reproduced from the record carrier wherein content or user data is encrypted
- G11B20/00528—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier characterised by a specific kind of data which is encrypted and recorded on and/or reproduced from the record carrier wherein content or user data is encrypted wherein each title is encrypted with a separate encryption key for each title, e.g. title key for movie, song or data file
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/00681—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving measures which prevent a specific kind of data access
- G11B20/00688—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving measures which prevent a specific kind of data access said measures preventing that a usable copy of recorded data can be made on another medium
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/00855—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a step of exchanging information with a remote server
- G11B20/00862—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a step of exchanging information with a remote server wherein the remote server can grant the permission to use a content
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B2220/00—Record carriers by type
- G11B2220/20—Disc-shaped record carriers
- G11B2220/25—Disc-shaped record carriers characterised in that the disc is based on a specific recording technology
- G11B2220/2537—Optical discs
- G11B2220/2562—DVDs [digital versatile discs]; Digital video discs; MMCDs; HDCDs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
Definitions
- the present invention relates to a fraudulent device detection technique for detecting or identifying a fraudulent device manufactured or modified by imitation.
- encryption technology is used to protect the copyright of content, that is, to prevent unauthorized use such as unauthorized reproduction or unauthorized copying of content.
- the content encrypted using the encryption key is recorded on a recording medium such as an optical disc and distributed.
- a recording medium such as an optical disc and distributed.
- only the terminal that possesses the decryption key corresponding to the encryption key has a strong recording medium strength.
- the read encrypted content is decrypted using the decryption key, and the content is reproduced.
- a method of encrypting content a method of encrypting the content itself using an encryption key and decrypting the encrypted content using a decryption key corresponding to the encryption key, Encrypting the content using the content key, further encrypting the content key using the encryption key, decrypting the encrypted content key using the decryption key corresponding to the encryption key, There is a method of decrypting encrypted content using the generated content key.
- the decryption key held by the terminal needs to be strictly managed so as not to be exposed to the outside, but there is a risk that a certain decryption key is exposed to the outside in the analysis inside the terminal by an unauthorized person. is there. If a decryption key is exposed to an unauthorized person, the unauthorized person manufactures a recording device and playback device that illegally uses the content, or creates software that illegally uses the content and creates them over the Internet. It is possible to disseminate. In such a case, the copyright holder cannot handle the content provided by the next power with the once disclosed key. I want to do it. This technique is called a key revocation technique and is disclosed in Patent Document 1 and Patent Document 2!
- Patent Document 1 and Patent Document 2 do not disclose a method for specifying a leaked key (a key to be revoked). For this reason, illegal devices or software are identified by collecting recording devices, playback devices, or software that seems to be illegal, which are distributed in large quantities in the factory, and analyzing their internals. This method requires a lot of manpower and money.
- Patent Document 3 in a mobile communication system such as a mobile phone, the presence of an illegally copied clone terminal can be detected and notified to a maintenance person, and the mobile terminal is specially adapted to detect the presence of a clone terminal.
- at least one or more other mobile terminals having the same telephone number as the mobile terminal and location registration information transmitted under the control of the base station to which the other mobile terminal belongs Means for comparing the registered location registration information and means for detecting the presence of a plurality of mobile terminals having the same telephone number based on the comparison result.
- a mobile communication system characterized by the above is disclosed.
- Patent Document 1 JP 2000-31922 A
- Patent Document 2 Japanese Patent Laid-Open No. 2002-281013
- Patent Document 3 Japanese Patent Laid-Open No. 2000-184447
- the recording apparatus and the reproducing apparatus for recording and reproducing the content are not premised on the communication while moving as in the above mobile communication system, and are disclosed in Patent Document 3.
- the application of new technology is not realistic.
- the present invention provides a fraudulent device detection apparatus, a fraudulent device detection system, a fraudulent device detection method, and a computer program for detecting a fraudulent device that can discover and identify a device that has been illegally manufactured or modified by imitation. For the purpose. Means for solving the problem
- the present invention provides a fraudulent device detection apparatus for detecting a fraudulent device manufactured by imitation, the target being held by a detection target device that is a fraud detection target.
- Medium number storage means for storing the number of rewritable portable media used by a device having the same device identifier as the device identifier, and the medium calculated with a predetermined incorrect threshold value Comparing means for comparing numbers, and identifier storage means for storing the target device identifier when the number of media exceeds the above-mentioned incorrect! /, Value.
- an unauthorized device manufactured by imitation can be estimated based on the number of portable media used by the unauthorized device.
- the unauthorized device detection device further includes a target medium identifier for identifying the target portable medium from the rewritable target portable medium used by the detection target device, and the detection target device holds the target medium identifier.
- a target medium identifier for identifying the target portable medium from the rewritable target portable medium used by the detection target device
- the detection target device holds the target medium identifier.
- One or more used by the managed device in association with the managed device identifier held by the managed device that was previously subject to fraud detection One or more management medium identifiers for identifying each rewritable portable medium are stored, the storage unit, the management device identifier and the management medium identifier stored, and the acquired target device identifier And using the target medium identifier, the number of medium identifiers corresponding to the same device identifier as the acquired target device identifier is calculated as the medium number, and the calculated medium number is calculated as the medium number. Choi as including calculating means composed of a calculation unit for writing the number of so
- the comparison means further compares the warning threshold value smaller than the fraud threshold with the calculated number of media
- the identifier storage means further compares the calculated number of media.
- the acquired target device identifier may be stored when it is equal to or less than the fraud threshold and exceeds the warning threshold.
- the device is a playback device that decrypts and plays back the encrypted content
- the unauthorized device detection device further includes the above-described device when the calculated number of media exceeds an unauthorized threshold.
- An output unit that outputs the decryption key may be included in the target portable medium.
- Sequence number storage means for storing the number of sequences of the viewing history series of the content that has been recorded, comparison means for comparing a predetermined fraud threshold with the calculated number of series, If the value is correctly exceeded, an identifier storage unit that stores the target device identifier may be provided.
- an unauthorized device manufactured by imitation can be estimated from the number of viewing history sequences of content viewed by an unauthorized device.
- a fraudulent device detection device that detects fraudulent devices manufactured by imitation, which is associated with a managed device identifier held by a managed device that has been subject to fraud detection in the past.
- An acquisition means for acquiring one or more target content identifiers for identifying at least one content viewed on the detection target device and a target device identifier held by the detection target device; and the acquired target device identifier Extracting means for extracting one or more managed content identifiers associated with the same managed device identifier from the storage means; comparing means for comparing the extracted managed content identifier with the acquired target content identifier; Any of the extracted managed content identifiers is the acquired target content identifier! /, If it does n’t match! Registration means for registering the device identifier in the unauthorized device list.
- an unauthorized device manufactured by imitation can be estimated from content viewed by an unauthorized device.
- the storage means further stores a management viewing order indicating the order in which the content identified by the management content identifier is viewed in association with the management content identifier
- the acquisition means further includes In correspondence with the target content identifier, a target viewing order indicating the order in which the content identified by the target content identifier is viewed is acquired, and the extraction unit further performs management viewing corresponding to the management content identifier.
- the order is extracted, the comparison means further compares the extracted management viewing order with the acquired target viewing order, and the registration means further compares the extracted management content identifier with the acquired target.
- the management viewing order corresponding to the management content identifier of 1 and the management content may be registered in the unauthorized device list when the target viewing order corresponding to the same target content identifier does not match the same identifier.
- the device is a playback device that decrypts and plays back the encrypted content
- the unauthorized device detection device further includes any of the extracted managed content identifiers acquired by the target content.
- An output unit that outputs the decryption key to the target portable medium when any of the identifiers matches any of the acquired target content identifiers may be included.
- the number of unauthorized devices is considered to be on the order of 1,000 or 10,000, and conversely, the upper limit of 100 portable media owned by an individual is sufficient.
- the threshold is 100, even a user who owns multiple portable media can use the device ID as a reference. Counting the media IDs will not exceed 100.
- the media ID is counted based on the device ID. Since the number exceeds 1,000, when the threshold value of 100 is exceeded, it is possible to determine that the device ID is being used by an unauthorized device.
- FIG. 1 is a system configuration diagram showing the configuration of an unauthorized device detection system 1.
- FIG. 2 is a block diagram showing a configuration of the management server device 100.
- FIG. 3 is a data structure diagram showing a data structure of a management table 120.
- FIG. 4 is a data structure diagram showing a data structure of a device key list 130.
- FIG. 5 is a data structure diagram showing a data structure of a content key list 140.
- FIG. 9 is a table showing a control pattern by the control unit 102.
- FIG. 10 is a block diagram showing a configuration of a memory card 200.
- FIG. 11 is a block diagram showing a configuration of the register device 300.
- FIG. 12 is a block diagram showing a configuration of a DVD player 400.
- FIG. 13 is a flowchart showing an operation of acquiring a device ID from the memory card 200a by the DVD player 400.
- FIG. 14 is a flowchart showing an operation of acquiring an encrypted content key from the management server device 100 by the register device 300. Continue to Figure 15.
- FIG. 15 is a flowchart showing an operation of acquiring an encrypted content key from the management server device 100 by the register device 300. Continue to Figure 16.
- FIG. 16 is a flowchart showing an operation of acquiring an encrypted content key from the management server device 100 by the register device 300. Continue to Figure 17.
- FIG. 17 is a flowchart showing an operation of acquiring an encrypted content key from the management server device 100 by the register device 300. Continued from Figure 16.
- FIG. 18 is a flowchart showing operations of decrypting and reproducing encrypted content by the DVD player 400. Continue to Figure 19.
- FIG. 19 is a flowchart showing operations of decrypting and reproducing encrypted content by the DVD player 400. Continue from Figure 18.
- FIG. 20 is a block diagram showing a configuration of a memory card 200e as a modified example.
- FIG. 21 is a data structure diagram showing a data structure of a server history information list 120e included in the management server device 100 as a modification.
- FIG. 22 is a flowchart showing an operation at the time of content reproduction by a DVD player as a modified example.
- FIG. 23 is a flowchart showing the operation of each device when purchasing a DVD as a modified example. Continue to Figure 24.
- FIG. 24 is a flowchart showing the operation of each device when purchasing a DVD as a modification. Continued from Figure 23.
- FIG. 25 shows a first example for comparing the set oc and the set ⁇ .
- FIG. 26 A second example for comparing the set oc and the set ⁇ is shown.
- FIG. 27 shows a third example for comparison of set oc and set ⁇ .
- FIG. 28 is a data structure diagram showing a data structure of a user history information list 231f included in a memory card 200e as a modified example.
- FIG. 29 is a data structure diagram showing a data structure of a server history information list 120f included in the management server apparatus 100 as a modified example.
- FIG. 30 is a flowchart showing the operation of the management server device 100 when purchasing a DVD.
- FIG. 31 shows a first example for comparison of set oc and set ⁇ .
- FIG. 32 shows a second example for comparing the set oc and the set ⁇ .
- FIG. 33 is a flowchart showing the operation of the management server device 100 when purchasing a DVD as a modified example.
- FIG. 34 is a data structure diagram showing a data structure of an extracted server history information group 621. BEST MODE FOR CARRYING OUT THE INVENTION
- Unauthorized device detection system 1 The unauthorized device detection system 1 as one embodiment according to the present invention will be described below. 1.1 Overview of the unauthorized device detection system 1
- the unauthorized device detection system 1 includes a management server device 100, a register device 300, and a DVD player 400a,..., 400b, 400c,.
- the management server device 100 and the register device 300 are connected via the Internet 10.
- the DVD players 400a,..., 400b are legitimate players manufactured by legitimate manufacturers, and each stores therein a device ID that uniquely identifies itself.
- the total of DV player 400a,..., 400b is, for example, 10,000 units.
- DVD players 400c,..., 400d are players manufactured by an unauthorized manufacturer imitating DVD player 400b.
- Each of the DVD players 400c,..., 400d stores therein the same device ID as the device ID that uniquely identifies the DVD player 400b.
- the user Before the user of the DVD player 400a purchases a new DVD, the user attaches the memory card 200a to the DVD player 400a.
- the memory card 200a stores a medium ID that uniquely identifies itself.
- the DVD player 400a writes the device ID stored therein in the memory card 200a.
- the user when purchasing the DVD, the user goes to the retail store with the memory card 200a storing the device ID for identifying the DVD player 400a. The user selects the desired DVD package 500 at the retail store. The DVD package 500 is packed with a DVD 500 a. Next, the user hands over the memory card 200a and the DVD package 500 to a store clerk who is an operator of the register device 300. The store clerk inserts the memory card 200a into the register device 300 and scans the bar code displayed on the DVD package 500 with the bar code reader of the register device 300.
- the register device 300 is configured to store contents stored in a DVD package 500 from a bar code displayed on the DVD package 500! Read the ID, read the device ID and media ID from the installed memory card 200a, and send the set of the content ID and the read device ID and media ID to the management server device 100 via the Internet 10. .
- the management server device 100 associates a device ID for identifying a DVD player with a medium ID for identifying one or more memory cards mounted on the DVD player, and the total number of the memory cards. The total number of medium IDs to be shown is stored.
- the management server device 100 determines whether the received device ID is stored in the device. If the received device ID is stored internally, it is further determined whether or not the received media ID is stored internally. If the received medium ID is not stored, the received medium ID is stored in association with the device ID, and a value of “1” is added to the total number of medium IDs. If it is determined that the received device ID is not stored internally, the set of device ID and media ID is stored, and the total number of media IDs is set to “1”.
- the total number of medium IDs corresponding to the received device ID is (i) “100” or less, (ii) “101” or more and “150” or less, (iii) “151 ”Or more and“ 199 ”or less, and (iv)“ 200 ”or more.
- the management server device 100 encrypts the content key corresponding to the received content ID, and the device used by the user is not an unauthorized device! /
- the encrypted content key is transmitted to the register device 300 via the Internet 10 together with the device determination level indicating that.
- the management server device 100 registers the device ID in the caution device list held inside and receives the received content ID. Encrypt the content key corresponding to, and send the encrypted content key to the register device 300 via the Internet 10 together with the device judgment level indicating that the device is a device that requires attention. To do.
- the management server device 100 registers the device ID in the alarm device list held therein, and receives the received content ID Encrypt the content key corresponding to the device, and the device used by the user is a device that requires a warning. With the device judgment level indicating that
- the management server device 100 registers the device ID in the internal unauthorized device list and uses the device used by the user. However, the device judgment level indicating that the device is an unauthorized device is transmitted to the register device 300 via the Internet 10. However, in this case, the content key is not transmitted.
- the register device 300 receives the device determination level from the management server device 100 via the Internet 10. Furthermore, an encrypted content key may be received.
- the register device 300 stores the received encrypted content key in memory capacity To 200a. In this case, the user pays for the DVD package 500 to the retail store.
- the register device 300 displays a warning and displays the received encrypted content key as a memory card. Write to 200a. In this case, the user pays for the DVD package 500 to the retail store.
- the register device 300 displays a warning
- the received encrypted key content key is written into the memory card 200a.
- the user pays for the DVD package 500 to the retail store.
- the retail store refuses to sell the DVD package 500 to the user.
- the register device 300 performs an unauthorized display and ends. No encryption content key is provided to the user. In this case, the retail store refuses to sell the DVD package 500 to the user.
- the user purchases the DVD package 500. Then, the user takes home the memory card 200a and the DVD package 500, attaches the memory card 200a to the DVD player 400a, and packs the DV D500a into the DVD player 400a.
- the DVD player 400a reads the encrypted content key from the memory card 200a, decrypts the read encrypted content key to generate a decrypted content key, and uses the generated decryption content key to generate a DVD 500a
- the decrypted content is decrypted to generate the decrypted content
- the generated decrypted content is converted into a video signal and an audio signal
- the video signal and the audio signal are output to the monitor 41 la.
- the total number of DVD players 400a, ⁇ , 400b is 10,000, but since each device ID is different, each user has, for example, 10 memory cards.
- the total number of medium IDs that the management server apparatus 100 has and stores corresponding to the device IDs is 10 at most.
- the management server device 100 determines that each of these DVD players 400a,..., 400b is a legitimate device.
- the total number of DVD players 400c, ⁇ , 400d is 10,000, but since each device ID is the same, each user, for example, inserts a memory card one by one. If there is, the total number of medium IDs that the management server device 100 has stored in correspondence with the device ID after the operation as described above is 10,000. At this time, the management server device 100 determines that each of these DVD players 400c,..., 400d is an unauthorized device. In this way, the management server device 100 can determine the validity of the DVD player.
- the management server device 100 includes a communication unit 101, a control unit 102, a management table storage unit 103, a content key storage unit 104, a selection unit 105, a device key storage unit 106, an encryption unit 107, a device It comprises a list storage unit 108, an input unit 110, a display unit 111, and an authentication unit 112.
- the management server device 100 is a computer system including a microprocessor, ROM, RAM, a hard disk unit, a display unit, a keyboard, a mouse, and the like.
- the RAM or the hard disk unit has a computer program.
- the program is stored.
- Microprocessor power The management server device 100 achieves a part of its functions by operating according to the computer program.
- Management table storage unit 103 content key storage unit 104, device key storage unit 106, and device list storage unit 108
- the management table storage unit 103, the content key storage unit 104, the device key storage unit 106, and the device list storage unit 108 are configured by one hard disk unit.
- the management table storage unit 103 has a management table 120 as shown in FIG.
- the management table 120 includes an area for storing one or more pieces of medium HD information, as shown in FIG.
- the medium I blueprint usually corresponds to one regular device (in this embodiment, one DVD player). However, if there is an unauthorized device that illegally stores the device ID, the media information corresponds to all devices that store the same device ID.
- Medium HD information includes device ID, one or more medium IDs, and the total number of medium IDs.
- the device ID is identification information for uniquely identifying a device corresponding to the medium I containing the device ID.
- the device cannot always be uniquely identified.
- the medium ID is identification information for uniquely identifying a memory card used by being mounted on a device corresponding to the medium I blueprint including the medium ID.
- the total number of medium IDs indicates the number of medium IDs included in the medium I including the total number of medium IDs.
- the management table 120 is composed of medium HD information 128, 129,.
- the medium HD information 128 includes a device ID 121 “ID—A”, a medium ID 122 “MID-1”, 123 “MID-5”, and a total number of medium IDs 124 “2”. Show that two memory cards identified by “MID-1” and “MID-5” are installed and used in the device (DVD player)! / Speak. [0040] Further, since the medium HD information 129 includes the device ID 125 "ID-B”, the medium ID 126 "MID-2”, and the medium ID total number 127 "1”, the medium HD information 129 is identified by "ID-B". It shows that one memory card identified by “MID-2” is installed in the device (DVD player).
- the device key storage unit 106 has a device key list 130 as shown in FIG.
- the device key list 130 includes one or more pieces of device key information as shown in FIG.
- the device key information corresponds to one device (in this embodiment, one DVD player) and includes a device ID and a device key. If there is an unauthorized device, the correspondence between the device key information and the device is the same as in the above case.
- the device ID is identification information that uniquely identifies the device corresponding to the device key information including the device ID.
- the device key is key information assigned to a device corresponding to device key information including the device key.
- the device key is 128 bits long.
- the device key list 130 includes device key information 133, 134,. Since the device key information 133 includes a device ID 131 “ID—A” and a device key 132 “DK—A”, the device key assigned to the device (DVD player) identified by “ID—A” is Indicate “DK—A”.
- the content key storage unit 104 has a content key list 140.
- the content key list 140 includes one or more pieces of content key information 143, 144. 145.
- the content key information corresponds to one content and includes a content ID and a content key.
- content key ⁇ blueprint 143 includes content ID 141 “C001” and content key 142 “CK-1”.
- the content ID is identification information for uniquely identifying the content corresponding to the content key ⁇ blueprint including the content ID.
- the content key is key information assigned to the content corresponding to the content key ⁇ blueprint including the content key.
- the device list storage unit 108 includes a caution device list 150, a warning device list 160, and an unauthorized device list 170.
- the caution device list 150 includes an area for storing one or more caution device IDs, as shown in FIG.
- the attention device ID is identification information for uniquely identifying a device determined to require attention.
- the caution device list 150 includes caution device ID 151 “ID—X005”, caution device ID 152 “ID—Y007”, caution device ID 153 “ID—Z009”, and so on. — The device (DVD player) identified by “X0 05”, “ID—Y007”, and “ID— ⁇ 009” requires caution.
- the warning device list 160 includes an area for storing one or more warning device IDs, as shown in FIG.
- the warning device ID is identification information for uniquely identifying a device determined to require a warning.
- the warning device list 160 includes warning device ID 161 “ID—X003”, warning device 10162 “10— ⁇ 004”, warning device 10163 “10—2004”, and so on.
- a device (DVD player) identified by “ID—X0 03”, “ID—Y004”, “ID—Z004” requires a warning.
- the unauthorized device list 170 includes an area for storing one or more unauthorized device IDs, as shown in FIG.
- the unauthorized device ID is identification information that uniquely identifies a device that is determined to be unauthorized.
- the unauthorized device list 170 includes an unauthorized device ID 171 “ID—X001”, an unauthorized device ID 172 “ID—Y002”, an unauthorized device ID 173 “ID—Z005”,.
- the device (DVD player) identified by “X0 01”, “ID—Y002”, and “ID—Z005” is a device determined to be illegal.
- the control unit 102 receives a connection request from the register device 300 via the Internet 10 and the communication unit 101.
- the authentication unit 112 is instructed to perform mutual device authentication with the register device 300.
- control unit 102 receives authentication result information indicating the result of mutual device authentication from the authentication unit 112. If the received authentication result information indicates a mutual device authentication failure, the subsequent processing is not performed. If the received authentication result information indicates successful mutual device authentication, the following processing is performed.
- the control unit 102 receives a request for a content key, a content ID, a device ID, and a medium ID from the register device 300 via the Internet 10 and the communication unit 101.
- the control unit 102 Upon receiving the content key request, content ID, device ID, and medium ID, the control unit 102 searches the management table 120 for the same device ID as the received device ID, and the same device ID is stored in the management table 120. If it does not exist, the total number of medium IDs is set to “1”, and the received device ID, medium ID, and total number of medium IDs are written in the management table 120 as medium ID information.
- control unit 102 When the same device ID exists in the management table 120, the control unit 102
- the medium information including the ID is extracted from the management table 120, and the extracted medium information includes the same medium ID as the received medium ID. In this case, add “1” to the total number of media IDs included in the extracted media HD information, and add the received media ID to the extracted media information. Next, the medium information written with the medium ID added is overwritten in the management table 120 on the medium I or blue information that has been extracted.
- the control unit 102 When the extracted medium HD information includes the same medium ID as the received medium ID, the control unit 102 does not update the extracted medium HD information.
- control unit 102 determines that the total number of medium IDs is (i) “100” or less, (ii) “101” or more and “150” or less, (iii) “151” or more and “199” or less, and (iv) “ Judge whether it belongs to “200” or more.
- each column of Table 180 shown in FIG. 9 includes the above four types of cases shown in Column 181, Column 182, Column 183, and Column 184.
- the outline of processing in the control unit 102 is described for each of the above.
- the control unit 102 sets the device determination level to “0” indicating that the device used by the user is not an unauthorized device. Next, the device determination level in which “0” is set is transmitted to the register device 300 via the communication unit 101 and the Internet 10. Further, the control unit 102 outputs the received content ID to the selection unit 105 and outputs an instruction to select a content key. Further, the received device ID is output to the encryption key unit 107, and an instruction to encrypt the content key is output (column 189).
- the control unit 102 sets the device determination level to the device that the user uses. Set to “1” to indicate this. Next, the device determination level for which “1” is set is transmitted to the register device 300 via the communication unit 101 and the Internet 10. Next, the received device ID is added to the caution device list 150 and written (column 194). Further, the control unit 102 outputs the received content ID to the selection unit 105, outputs an instruction to select a content key, outputs the received device ID to the encryption unit 107, and encrypts the content key. Output instructions (column 190).
- the control unit 102 sets the device determination level to indicate that the device used by the user requires a warning. Set to “2” to indicate. Next, the device determination level for which “2” is set is transmitted to the register device 300 via the communication unit 101 and the Internet 10. Next, the received device ID is added to the warning device list 160 and written (column 195). The control unit 102 also gives an instruction indicating that the provision of the content key to the user is approved or not approved from the register device 300 via the Internet 10 and the communication unit 101. If the received instruction indicates that the received instruction is not approved, the process ends.
- control unit 102 When the received instruction indicates approval, the control unit 102 outputs the received content ID to the selection unit 105, outputs an instruction to select a content key, and receives the received device to the encryption unit 107. Outputs the ID and outputs an instruction to encrypt the content key (box 191).
- the control unit 102 sets the device determination level to Set to “3” to indicate that the device used by the user is an unauthorized device.
- the received device ID is added to the unauthorized device list 170 and written (column 196).
- the device determination level in which “3” is set is transmitted to the register device 300 via the communication unit 101 and the Internet 10.
- the control unit 102 ends the process (column 192).
- the selection unit 105 receives an instruction for selecting a content ID and a content key from the control unit 102.
- the content key ⁇ blueprint including the same content ID as the received content ID is read from the content key list 140, and the content key is extracted from the read content key information.
- the extracted content key is output to the signal key unit 107.
- the encryption unit 107 receives an instruction to encrypt the device ID and content key received from the control unit 102, and receives the content key from the selection unit 105. Next, device key information including the same device ID as the device ID received from the device key list 130 is read, and a device key is extracted from the read device key information card.
- the encryption key unit 107 performs an encryption key algorithm E1 on the received content key to generate an encrypted content key.
- Encrypted content key E1 (device key, content key)
- A E (B, C) indicates ciphertext A generated by applying encryption algorithm E to plaintext C using key B.
- the encryption algorithm E1 is, for example, based on AES (Advanced Encryption Standard).
- the encryption key unit 107 transmits the generated encrypted content key to the register device 300 via the communication unit 101 and the Internet 10.
- each block indicating each component of the management server device 100 is connected to another block by a connection line.
- connection lines may be omitted.
- each connection line indicates a path through which signals and information are transmitted.
- a key mark is drawn on the connection line among a plurality of connection lines connected to the block indicating the encryption unit 107.
- a path through which information as a key is transmitted to the encryption unit 107 is shown. The same applies to other drawings.
- the input unit 110 also accepts input of various information by the operator power of the management server apparatus 100, or receives input of various instructions, and outputs the information or instructions that have been accepted to the control unit 102.
- the display unit 111 displays various information according to instructions from the control unit 102.
- the authentication unit 112 performs challenge-response type mutual device authentication with the register device 300 via the communication unit 101 and the Internet 10 according to an instruction from the control unit 102.
- the authentication unit 112 authenticates the validity of the register device 300 and receives the validity authentication by the register device 300.
- the authentication unit 112 When mutual device authentication succeeds or fails, the authentication unit 112 outputs authentication result information indicating that mutual device authentication succeeds or fails to the control unit 102.
- the communication unit 101 relays transmission / reception of various information between the register device 300 and the control unit 102. In addition, transmission / reception of various information is relayed between the register device 300 and the authentication unit 112.
- the memory card 200 includes an input / output unit 201, an authentication unit 202, and a storage unit 203.
- the memory card 200 is a computer system that includes a microprocessor, ROM, RAM, and the like. A computer program is stored in the RAM. Microprocessor power The memory card 200 achieves a part of its functions by operating according to the computer program.
- the storage unit 203 includes a medium ID area 204 and a general area 205 as shown in FIG.
- the medium ID area 204 stores a medium ID 211 as shown in FIG.
- the medium ID 211 is identification information that uniquely identifies the memory card 200.
- the general area 205 has an encrypted content key list 221 as shown in FIG.
- the encrypted content key list 221 includes an area for storing one or more pieces of encrypted content key information.
- Each encrypted content key information includes one device ID and one or more sets of content IDs and encrypted content keys, and the encrypted content key information includes one device (for the implementation). In the form, it corresponds to a DVD player), and a set of content ID and encrypted content key corresponds to one content. However, if there is an illegal device that stores the device ID illegally, the encrypted content key information is stored in the same device ID and corresponds to all devices! /
- the device ID is identification information for uniquely identifying a device (in this embodiment, a DVD player).
- a device in this embodiment, a DVD player.
- the content ID is identification information that uniquely identifies the content corresponding to the thread including the content ID.
- the content key used when encrypting the content corresponding to the string including the encrypted content key is encrypted by the device key assigned to the corresponding device. As a result, it is generated.
- the encrypted content key information 236 shown in FIG. 10 includes a set 237 including a device 10231 3 ⁇ 43-8, a content ID 232 “C001”, and an encrypted content key 234 “E1 (DK—A, CK—1)”. , Content ID 233 “C002”, encrypted content key 238 “E1 (DK—A, CK—2)” and a powerful set 238.
- the encrypted content key 234 “E1 (DK—A, CK—1)” included in the set 237 is the device key assigned to the DVD player identified by the device ID 231 riD-Aj. It is generated by encrypting the content key “CK-1” assigned to the content identified by the content ID 232 “C001” using “DK-A” as a key.
- the encrypted content key 235 “E1 (DK—A, CK—2)” included in the set 238 is the device key “DK” assigned to the DVD player identified by the device ID 231 riD-Aj. — It is generated by encrypting the content key “CK-2” assigned to the content identified by the content ID 233 “C002” using “A” as a key.
- the input / output unit 201 reads information from the medium ID area 204 or the general area 205 of the storage unit 203 and outputs the read information to an external device in which the memory card 200 is inserted. Also, information is received from the external device, and the received information is written into the general area 205 of the storage unit 203.
- the external devices are the register device 300 and the DVD player 400a,..., 400b, 400c,.
- the authentication unit 202 performs mutual device authentication with the external device via the input / output unit 201 when the memory card 200 is attached to the external device.
- device authentication is a challenge-response authentication. Since challenge-response type device authentication is publicly known, detailed description thereof is omitted here.
- the external devices are the register device 300 and the DVD player 400a,..., 400b, 400c,.
- the authentication unit 202 controls the input / output unit 201 to transmit and receive information between the storage unit 203 and the external device when mutual device authentication is successful with the external device. If the device authentication fails, the input / output unit 201 is controlled so that information is not transmitted / received between the storage unit 203 and an external device thereafter.
- the register device 300 includes an authentication unit 301, an input unit 302, a display unit 303, a display unit 304, an input / output unit 305, a control unit 306, a communication unit 307, a printing unit 308, and a storage 309.
- a bar code reader 311 is connected to the register device 300.
- the register device 300 is a cash register device that performs settlement and storage of sales prices of products such as DVDs that are also paid for by users, and a content key assigned to the content stored on the DVD. Is obtained from the management server device 100 and provided to the user via the memory card.
- the register device 300 is a computer system including a microprocessor, ROM, RAM, a hard disk unit, a display unit, a keyboard, and the like.
- a computer program is stored in the hard disk unit. Microprocessor power By operating according to the computer program, the register device 300 achieves a part of its functions.
- the information storage unit 312 includes a price list 321 as shown in FIG.
- the price list 321 includes a plurality of price information. Each price information corresponds to DVD and includes the content ID and sales price.
- the content ID is identification information for uniquely identifying the content stored on the DVD corresponding to the sales information including the content ID.
- the DVD contains only one content.
- the sales price indicates the sales price of the DVD corresponding to the sales information including the sales price.
- the authentication unit 313 When a memory card is attached to the register device 300, the authentication unit 313 performs mutual device authentication with the attached memory card via the input / output unit 305.
- device authentication is challenge-response type authentication. Since challenge-response type device authentication is publicly known, detailed description thereof is omitted here.
- the authentication unit 313 notifies the control unit 306 of an authentication result indicating that the device authentication is successful when the mutual device authentication is successful between the authentication unit 313 and the attached memory card. In addition, when the device authentication fails, the control unit 306 is notified of an authentication result indicating that the device authentication has failed.
- the authentication unit 301 mutually performs device authentication with the management server device 100 via the communication unit 307.
- the device authentication is challenge-response type authentication. Since challenge-response type device authentication is publicly known, detailed description thereof is omitted here.
- the authentication unit 301 When the mutual device authentication is successful between the authentication unit 301 and the management server device 100, the authentication unit 301 notifies the control unit 306 of an authentication result indicating that the device authentication is successful. In addition, when the device authentication fails, the control unit 306 is notified of an authentication result indicating that the device authentication has failed.
- the register device 300 does not transmit / receive information to / from the management server device 100.
- the input / output unit 305 is connected between the control unit 306 and the attached memory card under the control of the control unit 306, or under the control of the authentication unit 313. Bidirectional information is sent to and received from the card.
- Bar code reader 311 and bar code processing unit 310 Bar code reader 311 and bar code processing unit 310
- the barcode reader 311 optically reads a barcode printed on the surface of the DVD package 500, generates corresponding reading information, and outputs the generated reading information to the barcode processing unit 310.
- Bar code processing section 310 receives the read information from bar code reader 311, the received read information power also generates a content ID, and outputs the generated content ID to control section 306.
- the control unit 306 transmits a connection request to the management server device 100 via the communication unit 307 and the Internet 10. Next, the control unit 306 instructs the authentication unit 301 to perform mutual device authentication with the management server device 100.
- the control unit 10 2 ends the process.
- the control unit 306 Upon receiving the authentication result indicating that the device authentication is successful from the authentication unit 301, the control unit 306 receives the content ID from the barcode processing unit 310 and the price including the same content ID as the content ID received from the price list 321. Information is read out, and the price information is read out. The sales price is extracted, the received content ID and the extracted sales price are output to the display units 303 and 304, and the display units 303 and 304 are displayed. Is directed to.
- the control unit 306 receives mounting information indicating that the memory card 200a is mounted from the input / output unit 305. When receiving the mounting information, the control unit 306 instructs the authentication unit 313 to perform mutual device authentication with the mounted memory card 200a. When receiving the authentication result indicating that the device authentication has failed from the authentication unit 313, the control unit 306 ends the process.
- the control unit 306 Upon receiving an authentication result indicating that the device authentication is successful from the authentication unit 313, the control unit 306 reads the medium ID and the device ID stored in the memory card 200a via the input / output unit 305. Is output to the memory card 200a. Next, the read result is received via the input / output unit 3 05. The read result receives the medium ID and one or more device IDs or device ID non-existence information “none” indicating that the device ID is stored.
- the control unit 306 When the device ID non-existence information “none” is received, the control unit 306 outputs a message indicating that the device ID is not stored in the memory card 200 a to the display units 303 and 304. The display units 303 and 304 are instructed to display a message, and the process is terminated.
- control unit 306 When a plurality of device IDs are received, the control unit 306 outputs the received plurality of device IDs to the display units 303 and 304, and displays the plurality of device IDs so that the plurality of device IDs are displayed. Next, an instruction is given to 304, and then the designation of one device ID selected from the plurality of device IDs by the user is received from the input unit 302.
- control unit 306 uses the device ID as it is. To do.
- control unit 306 transmits request information indicating a request for a content key to the management server device 100 via the communication unit 307, and also receives the received content ID, the one device ID, and the received medium ID. Is transmitted to the management server device 100 via the communication unit 307.
- the control unit 306 receives a device determination level from the management server device 100 via the communication unit 307. Furthermore, you may receive an encrypted content key.
- the encrypted content key is received when the received device determination level is any one of “0”, “1”, and “2”. When the received device determination level is “3”, the encrypted content key is not received.
- control unit 306 determines whether the received device determination level force is “0”, “1”, “2”, or “3”.
- the control unit 306 displays a message indicating that the received encrypted content key is permitted to be provided to the user. And 304 to instruct the display units 303 and 304 to display the message.
- the device ID and the content ID are output to the memory card 200a via the input / output unit 305, and the encrypted content key is output to the memory card 200a via the input / output unit 305.
- the control unit 306 When it is determined that the received device determination level power is “1”, the control unit 306 outputs a message indicating a caution to the operator of the register device 300 to the display units 303 and 304. The display units 303 and 304 are instructed to display the message. Similarly to the case where it is determined to be “0”, the device ID, the content ID, and the encrypted content key are output to the memory card 200a via the input / output unit 305.
- the control unit 306 When it is determined that the received device determination level power is “2”, the control unit 306 outputs a message indicating a warning to the operator of the register device 300 to the display units 303 and 304. The display units 303 and 304 are instructed to display the message. Further, an instruction indicating whether the provision of the encrypted content key to the user is approved or not is received from the operator of the register device 300 via the input unit 302. Do not approve When the instruction to that effect is received, the control unit 306 ends the process. That is, the device, content ID, and encrypted content key are not output to the memory force 200a. When an instruction to approve is received, the device ID, the content ID, and the encrypted content key are input to the memory card 200a through the input / output unit 305, as in the case of determining “0”. Output to.
- the control unit 306 When it is determined that the received device determination level power is “3”, the control unit 306 outputs a message indicating fraud to the operator of the register device 300 to the display units 303 and 304. The display units 303 and 304 are instructed to display the message. Next, the control unit 306 ends the process. That is, the encrypted content key is not output to the memory card 200a.
- the input unit 302 also accepts input of information or instructions from the operator of the register device 300, and outputs the information or instructions accepted to the control unit 306.
- the display unit 303 and the display unit 304 receive information to be displayed from the control unit 306, and display the received information.
- the printing unit 308 prints various information under the control of the control unit 306.
- the storage 309 stores banknotes and money.
- the communication unit 307 is connected to the management server device 100 via the Internet 10, and transmits and receives information between the control unit 306 and the management server device 100. Further, the communication unit 307 communicates between the authentication unit 301 and the management server device 100. Send and receive information between them.
- DVD player 400a ... ), ..., d have the same configuration.
- the configuration of the DVD player 400 will be described on behalf of these.
- the DVD player 400 includes a device ID storage unit 401, an input / output unit 402, a device key storage unit 403, a decryption unit 404, a reading unit 405, a decryption unit 406, a playback unit 407, and a display unit 4 08. , An input unit 409, a control unit 410, and an authentication unit 411.
- the DVD player 400 is connected to a monitor with a speaker attached! [0096]
- the DVD player 400 is a computer system including a microprocessor, a ROM, a RAM, and the like. A computer program is stored in the ROM. The microprocessor power By operating according to the computer program, the DVD player 400 achieves some of its functions.
- the device ID storage unit 401 is provided so that an external force cannot be accessed, and stores a device ID 421 in advance as shown in FIG.
- the device ID 421 is identification information that uniquely identifies the DVD player 400. However, if the DVD player 400 is an unauthorized device, the device ID 421 may not uniquely identify the DVD player 400! /.
- the device key storage unit 403 is provided so that an external force cannot be accessed, and stores a device key 422 in advance as shown in FIG.
- the device key 422 is key information assigned to the DVD player 400.
- the reading unit 405 reads information also on the DVD power attached to the DVD player 400, and outputs the read information to the control unit 410 or the decoding unit 406.
- the input / output unit 402 detects that the memory card has been inserted, and outputs detection information indicating the detection to the control unit 410.
- the input / output unit 402 is connected to the authentication unit 411 under the control of the control unit 410, between the control unit 410 and the memory card attached to the DVD player 400, or under the control of the authentication unit 411. Bidirectional information is sent to and received from the installed memory card.
- the authentication unit 411 When the memory card is mounted on the DVD player 400, the authentication unit 411 performs mutual device authentication with the mounted memory card via the input / output unit 402.
- device authentication is challenge-response type authentication. Since challenge-response type device authentication is publicly known, detailed description thereof is omitted here.
- the authentication unit 411 When the mutual device authentication is successful between the authentication unit 411 and the memory card, the authentication unit 411 notifies the control unit 410 of an authentication result indicating that the device authentication is successful. Also, device authentication If the device authentication fails, the DVD player 400 thereafter sends and receives information to and from the memory card. ,Not performed.
- the decryption unit 404 reads the device key 422 from the device key storage unit 403 according to an instruction from the control unit 410, receives the encrypted content key from the input / output unit 402, and uses the read device key as a key to perform encryption.
- the decryption algorithm D1 is applied to the encrypted content key to generate a playback content key, and the generated playback content key is output to the decryption unit 406.
- AES is used as the decoding algorithm D1.
- the decryption unit 406 receives the playback content key from the decryption unit 404, reads the encrypted content from the DVD via the reading unit 405, and uses the received playback content key to decrypt the decrypted encryption content into the read encrypted content D2 is applied to generate playback content.
- AES is used as the decoding algorithm D2.
- decryption section 406 outputs the generated playback content to playback section 407.
- Playback unit 407 monitor and speaker
- the playback unit 407 receives the playback content from the decoding unit 406, separates the received playback content into compressed video information and compressed audio information, decodes the compressed video information to generate video information, and converts the video information into analog video information. Convert to video signal, decode compressed audio information to generate audio information, convert audio information to analog audio signal, output the generated video signal to monitor, and attach the generated audio signal to the monitor Output to the speaker.
- the monitor receives the video signal and displays the video, and the speaker attached to the monitor receives the audio signal and outputs the audio.
- Control unit 410 receives detection information indicating detection of memory card attachment from input / output unit 402. [0105] Upon receiving the detection information, control unit 410 instructs authentication unit 411 to perform mutual device authentication with the attached memory card. Next, the authentication result is received from the authentication unit 411. If the received authentication result indicates that the authentication has failed, the control unit 410 instructs the display unit 408 to output and display a message to that effect, and then ends the process.
- the control unit 410 reads the device ID 421 from the device ID storage unit 401 and then attaches it to the input / output unit 402. Outputs a read instruction to read the device ID stored in the memory card, and instructs to read the device ID.
- control unit 410 receives a read result from the attached memory card via the input / output unit 402.
- the received read result is non-existence information indicating that it is stored in one or more device IDs or device ID memory force.
- the read device ID 421 is entered.
- the data is output to the attached memory card via the output unit 402, and the input / output unit 402 is instructed to write the device ID 421 in the memory card.
- the control unit 410 receives an instruction to reproduce the encrypted content stored in the DVD via the input unit 409 from the user of the DVD player 400.
- the content ID is read from the DVD via the reading unit 405, the content ID and its own device ID are output to the input / output unit 402, and the memory card power is also the content ID and its own device ID. Instruct to read the content key corresponding to both of the above.
- control unit 410 receives the read result from the memory card via input / output unit 402.
- the read result is non-existence information “none” indicating that there is no one encrypted key content key or the corresponding encrypted content key.
- control unit 410 When non-existence information “none” is received as a read result, control unit 410 outputs a message to that effect to display unit 408 and instructs display unit 408 to display the message. To do. [0109]
- the control unit 410 instructs the decryption unit 404 to decrypt the encrypted content key, and then the decryption unit 406 Then, it instructs to decrypt the encrypted content, and then instructs the playback unit 407 to play back the playback content and output it to the monitor.
- Display unit 408 displays a specified message in accordance with an instruction from control unit 410.
- input unit 409 receives an instruction from the user of DVD player 400 and outputs the received instruction to control unit 410.
- control unit 410 of DVD player 400 receives detection information indicating detection of memory card insertion from input / output unit 402 (YES in step S101), memory unit mounted to authentication unit 411 is detected. If the authentication result received from the authentication unit 411 indicates that the authentication has failed (NO in step S1 03), the control unit 410 Instructs the display unit 408 to output and display a message to that effect (step S105), and then ends the process.
- the control unit 410 reads the device ID 421 from the device ID storage unit 401 (step S106), and then The input / output unit 402 is instructed to output a reading instruction indicating reading of the device ID stored in the attached memory card and to read the device ID (step S107).
- the input / output unit 201 of the memory card 200 attempts to read the device ID from the encrypted content key list 221 in the general area 205 (step S108), outputs the read result to the DVD player 400, and the control unit 410 Then, the read result is received from the inserted memory card via the input / output unit 402 (step S109).
- the received read result is non-existence information, or when one or more device IDs are received, if the read device ID 421 does not exist (YES in step S110), read The device ID 421 is output to the attached memory card via the input / output unit 402 (step S111), and the input / output unit 201 of the memory card 200 writes the received device ID to the encrypted content key list 221 (step S111).
- SI 12 the input / output unit 201 of the memory card 200 attempts to read the device ID from the encrypted content key list 221 in the general area 205 (step S108), outputs the read result to the DVD player 400, and the control unit 410 Then, the read result is received from the
- the control unit 306 of the register device 300 transmits a connection request to the management server device 100 via the communication unit 307 and the Internet 10 (step S200).
- the control unit 306 instructs the authentication unit 301 to perform mutual device authentication with the management server device 100 (step S201), and the authentication unit 301 confirms that device authentication has failed.
- control unit 102 ends the process.
- the control unit 306 receives the content ID from the barcode processing unit 310 (step S204) and receives it from the price list 321.
- the price information including the same content ID as the acquired content ID is read, the read price information power is extracted, the received content ID and the extracted sales price are output to the display units 303 and 304, and these are output.
- the display units 303 and 304 are instructed to display them (step S205).
- control unit 306 instructs the authentication unit 313 to perform mutual device authentication with the attached memory card 200a (step S206).
- the control unit 306 Upon receiving an authentication result indicating that device authentication has failed from the authentication unit 313 (NO in step S207), the control unit 306 outputs a message indicating that device authentication has failed to the display units 303 and 304. Is displayed to the display units 303 and 304 (step S209), and then the process ends.
- control unit 306 Upon receiving an authentication result indicating that the device authentication has been successful from the authentication unit 313 (YES in step S207), the control unit 306 is a medium stored in the memory card 200a via the input / output unit 305. Outputs read instruction indicating reading of ID and device ID to memory card 200a (Step S210).
- the input / output unit 201 of the memory card 200 receives the authentication result indicating that the device authentication has failed from the authentication unit 202 (NO in step S208), the input / output unit 201 ends the process.
- the input / output unit 201 Upon receiving an authentication result indicating that the device authentication was successful from the authentication unit 202 (YES in step S208), the input / output unit 201 reads the device ID from the encrypted content key list 221 in the general area 205. Then, the read result is output to the DVD player 400 (step S212).
- the control unit 306 receives the read result via the input / output unit 305 (step S212).
- step S213 When the device ID non-existence information "None" is received (step S213), the control unit 306 outputs a message indicating that the device ID is not stored in the memory card 200a to the display units 303 and 304. Then, the display units 303 and 304 are instructed to display the message (step S214), and then the process ends.
- control unit 306 When a plurality of device IDs are received (step S213), the control unit 306 outputs the received plurality of device IDs to the display units 303 and 304 so that the plurality of device IDs are displayed.
- the display unit 303 and 304 are instructed (step S215), and then the designation of one device ID selected from the plurality of device IDs by the user is received from the input unit 302 (step S215). S 216).
- control unit 306 transmits request information indicating a request for a content key to the management server device 100 via the communication unit 307 (step S231), and also receives the received content ID.
- the device ID and the received medium ID are transmitted to the management server device 100 via the communication unit 307 (step S232).
- the control unit 102 of the management server device 100 receives the request for the content key, the content ID, the device ID, and the medium ID from the register device 300 via the Internet 10 and the communication unit 101 (Steps S231 to S232). If the same device ID does not exist in the management table 120 (NO in step S234), the total number of media IDs is set to “1”. (Step S235), and the received device ID, medium ID, and total number of medium IDs are used as medium information, and the management table 12 Write to 0 (step S236), then transfer control to step S252.
- the control unit 102 extracts media information including the same device ID from the management table 120 and extracts the extracted media HD information. Is not included (step S237), and if it is not included (NO in step S238), it is included in the extracted medium HD information. The value of “1” is added to the total number of media IDs that have been recorded (step S239), and the received media ID is added to the extracted media ID and blueprint (step S240).
- control unit 102 determines that the total number of medium IDs included in the extracted medium HD information is (i) “100” or less, (ii) “101” or more and “150” or less, (iii) “151” It is determined whether it belongs to any range above “199” and (iv) above “200” (step S251).
- step S251 When the total number of medium IDs is “100” or less (step S251), or in the above, the same device ID as the received device ID is retrieved from the management table 120, and the same device ID is found in the management table 120. (No in step S234, steps S235, S236), the control unit 102 sets the device determination level to “0” indicating that the device used by the user is not an unauthorized device. (Step S252). Next, the device determination level set to “0” is transmitted to the register device 300 via the communication unit 101 and the Internet 10 (step S253).
- the encryption key unit 107 reads out device key information including the same device ID as the device ID received from the device key list 130, extracts the device key from the read device key information (step S265), and selects the selection unit 105. Reads the content key ⁇ blueprint containing the same content ID as the received content ID from the content key list 140, extracts the content key from the read content key information, and then inputs the extracted content key. (Step S266), and the encryption key unit 107 applies the encryption algorithm E1 to the received content key using the extracted device key, and sends the encrypted content key. Generated (step S267), and transmits the generated encrypted content key to the register device 300 via the communication unit 101 and the Internet 10 (step S268).
- step S251 When the total number of medium IDs is not less than “101” and not more than “150” (step S251), the control unit 102 requires the device used by the user to be careful about the device determination level. Set to “1”, which indicates that the device is a device (step S254), and pass the device judgment level for which “1” is set. The data is transmitted to the register device 300 via the communication unit 101 and the Internet 10 (step S255), and the received device ID is added to the caution device list 150 and written (step S256). Next, control is passed to step S265.
- step S251 When the total number of medium IDs is “151” or more and “199” or less (step S251), the control unit 102 sets the device determination level, and the device used by the user requires a warning. It is set to “2” indicating that it is a device (step S257), and the device determination level set to “2” is transmitted to the register device 300 via the communication unit 101 and the Internet 10 (step S258). Then, the received device ID is added to the warning device list 160 and written (step S259).
- control unit 102 receives an instruction indicating that the provision of the content key to the user is approved or an instruction indicating that it is not approved from the register device 300 via the Internet 10 and the communication unit 101 (step If the received instruction indicates that the received instruction is not approved (step S261), the process ends. If the received instruction indicates approval (step S261), control is passed to step S265.
- step S251 When the total number of medium IDs is “200” or more (step S251), the control unit 102 sets the device determination level to indicate that the device used by the user is an unauthorized device. Set to ⁇ 3 '' (step S262), and the device determination level set to ⁇ 3 '' is transmitted to the register device 300 via the communication unit 101 and the Internet 10 (step S263). The device ID is added to the unauthorized device list 170 and written (step S264), and then the process ends.
- control unit 306 receives a device determination level from the management server device 100 via the communication unit 307 (steps S253, S255, S258, S263).
- a B-note key content key may be received (step S268).
- control unit 306 determines whether the received device determination level force is “0”, “1”, “2”, or “3” (step S281).
- step S281 When it is determined that the received device determination level power is "0" (step S281), the control unit 306 indicates that the provision of the received encrypted content key to the user is permitted. Is output to the display units 303 and 304, and the display units 303 and 304 are instructed to display the message (step S282). Also, device ID and content The ID is output to the memory card 200a via the input / output unit 305 (step S291), and the encrypted content key is output to the memory card 200a via the input / output unit 305 (step S293).
- step S281 When it is determined that the received device determination level force is “1” (step S281), the control unit 306 displays a message indicating a caution to the operator of the register device 300 with the display units 303 and 304. And instructing the display units 303 and 304 to display the message (step S283). Next, control is passed to step S291.
- step S281 When it is determined that the received device determination level power is “2” (step S281), the control unit 306 outputs a message indicating a warning to the operator of the register device 300 to the display units 303 and 304. The display units 303 and 304 are instructed to display the message (step S284). Furthermore, an instruction is received from the operator of the register device 300 through the input unit 302 indicating whether to approve or not to provide the encryption key to the user (step S285). The instruction is output to the management server device 100 (step S260). When an instruction not to approve is received (step S287), the control unit 306 ends the process. If an instruction to approve is received (step S287), control is transferred to step S291.
- step S281 When it is determined that the received device determination level power is “3” (step S281), the control unit 306 displays a message indicating fraud to the operator of the register device 300, and the display units 303 and 304. And instructing the display units 303 and 304 to display the message (step S288). Next, the control unit 306 ends the process.
- the input / output unit 201 of the memory card 200 receives the device ID and the content ID (step S291), writes the content ID in association with the device ID into the encrypted content key list 221 (step S292), and encrypts it.
- the content key is received (step S293), and the encryption key content key is written in the encryption content key list 221 in association with the content ID (step S294).
- the DVD player 400 acquires the memory card 200 power device ID by the procedure shown in the flowchart of FIG. 13 (step S301).
- the control unit 410 receives an instruction to reproduce the encrypted content stored on the DVD from the user of the DVD player 400 via the input unit 409 (step S302).
- the content ID is read from the DVD via the reading unit 405 (step S305), and the content ID and its own device ID are output to the input / output unit 402 (step S306).
- the input / output unit 201 of the memory card 200 tries to read the content key corresponding to both the content ID and its own device ID (step S307), and outputs the read result to the DVD player 400 (step S308).
- control unit 410 receives the read result from the memory card via input / output unit 402 (step S308), and when non-existence information “none” is received as the read result (step S308). (Step S309), the control unit 410 outputs a message to that effect to the display unit 408, instructs the display unit 408 to display the message (step S310), and ends the process.
- the decryption unit 404 reads the device key 422 from the device key storage unit 403 according to an instruction from the control unit 410 (step S311). Using the device key as a key, the decryption algorithm D1 is applied to the encrypted content key to generate a playback content key (step S312).
- the decryption unit 406 also reads out the encrypted content via the reading unit 405 with the DVD power (step S313), applies the decryption algorithm D2 to the read encrypted content using the playback content key, and plays back the playback content. Is generated (step S314).
- the playback unit 407 separates the received playback content into compressed video information and compressed audio information, decodes the compressed video information to generate video information, converts the video information into an analog video signal, and compresses the compressed video information.
- the audio information is decoded to generate audio information, and the audio information is converted into an analog audio signal.
- the monitor displays the video, and the speaker attached to the monitor outputs the audio (step S315).
- an unauthorized DVD player When the same device ID as the device ID that uniquely identifies the device is illegally stored, and there are many such illegal DVD players that store the same device ID. Is assumed.
- an unauthorized DVD player when playing back content, stores the same device ID in the memory card with the device ID stored in the DVD player. Write.
- the device ID stored in the memory card and the media ID that uniquely identifies the memory card are collected by the management server device 100 via the register device 300 when the user purchases a new DVD.
- the management server device 100 calculates the total number of medium IDs by calculating the total number of medium IDs corresponding to one device ID using a plurality of sets of collected device IDs and medium IDs. If the total number of media IDs is equal to or greater than a predetermined threshold, the DVD player having the device ID is determined to be an unauthorized device.
- the threshold is “100”, for example. This threshold indicates the maximum number of memory cards that a single user may have. If you are a single user, it is not unnatural to have up to 100 memory cards!
- an unauthorized DVD player is specified by using the total number of medium IDs.
- a management server is used.
- the storage device 100 stores a content ID that identifies each of one or more contents reproduced by the DVD player identified by the device ID in association with the device ID, and is identified by a specific device ID.
- a set of content IDs for identifying content played back on a DVD player is compared with a set of content IDs stored in the management server device 100 and associated with the device ID.
- the DVD player identified by the device ID is presumed to be a legitimate device if it is a subset of the set and if one set and the other set exactly match, otherwise
- the DVD player identified by the device ID is presumed to be an unauthorized device.
- the unauthorized device detection system le has the same configuration as the unauthorized device detection system 1. Here, the difference from the unauthorized device detection system 1 will be mainly described.
- a memory card 200e shown in FIG. 20 is used in place of the memory card 200 of the unauthorized device detection system 1.
- the memory card 200e is composed of an input / output unit 201e and a storage unit 203e. Note that, similarly to the memory card 200, the memory card 200e may further include an authentication unit 202e (not shown) similar to the authentication unit 202 included in the memory force 200.
- the storage unit 203e includes a general area 205e, and the general area 205e has a user history information list 23le.
- the user history information list 23 le has an area for storing one or more pieces of user history information.
- Each user history information includes one device ID and one content ID, and the user history information is stored in one piece of content played on one device (in this embodiment, a DVD player). Speak in response.
- the device ID is identification information for uniquely identifying a device (in this embodiment, a DVD player) that reproduces content corresponding to the user history information including the device ID.
- the content ID is identification information that uniquely identifies the content corresponding to the IJ user history ⁇ blueprint that includes the content ID.
- the input / output unit 201e reads information from the general area 205 of the storage unit 203e, and outputs the read information to an external device in which the memory card 200e is inserted. Also, information is received from the external device, and the received information is written into the general area 205e of the storage unit 203e.
- the external devices are a register device and each DVD player.
- the management server device 100 has the same configuration as the management server device 100 of the unauthorized device detection system 1.
- the management server device 100 has a server history information list 120e shown in FIG. 21 in the management table storage unit 103.
- the server history information list 120e includes a plurality of server history information, and each server history information corresponds to one piece of content played on one device (in this embodiment, a DVD player). .
- Each server history information includes a device ID and a content ID.
- the device ID is identification information for uniquely identifying a device that reproduces content corresponding to the server history information including the device ID.
- the content ID is identification information for uniquely identifying the content corresponding to the blueprint for the server history including the content ID.
- the control unit 102 receives the user history information list from the memory card 200e via the register device 300 and the Internet 10, and extracts the device ID from the received user history information list. Here, it is assumed that one device ID is extracted.
- the control unit 102 extracts all server history information including the extracted device ID from the server history information list 120e.
- a set including all the extracted server history information powers is called a server history information group ⁇ .
- the received user history information list is called ⁇ go.
- control unit 102 compares the set oc with the set ⁇ , and the set ex is identical to the set ⁇ , or the set a is a subset of the set ⁇ . Or a subset of Judge whether it is in other state.
- the control unit 102 is identified by the extracted device ID. If the DVD player is valid, the device determination level is “0”, and the set 13 is a subset of the set ⁇ , the difference between the set 13 and the set ⁇ is calculated as the server history information list 120e. The device judgment level is transmitted to the register device 300 via the Internet 10.
- control unit 102 assumes that the DVD player identified by the extracted device ID is illegal, sets the device determination level to “3”, and extracts the extracted device. If ID is added to the unauthorized device list and written, and set 13 is a subset of set ⁇ , the difference between set ⁇ and set ⁇ is added to server history information list 120e and written, and the device judgment level is set to The data is transmitted to the register device 300 via the Internet 10.
- the DVD player detects the installation of the DVD (step S401), reads the stored device ID (step S402), reads the content ID from the loaded DVD (step S403), and reads the device ID.
- the content ID read instruction is output to the memory card 200e (step S404).
- the memory card 200e tries to read the device ID and content ID (viewing history information) (step S405), and outputs the read result to the DVD player (step S406).
- the DVD player When the read result indicates that the set does not exist, the DVD player outputs an instruction to write the device ID and content ID to the memory card 200e (step S408).
- the memory card 200e writes the received device ID and content ID in the general area 205e (step S411).
- the DVD player reads the content from the loaded DVD (step S409) and reproduces the read content (step S410).
- the register device outputs a reading instruction indicating reading of the user history information list to the mounted memory card 200e (step S431), and the memory card 200e reads the user history information list 231e from the general area 205e. Is read (step S432), and the read user history information list 23 le is output to the register device 300 (step S433).
- the register device 300 transmits the received user history information list to the management server device 100 via the Internet 10 (step S434).
- the control unit 102 of the management server device 100 receives the user history information list from the memory card 200e via the register device 300 and the Internet 10 (steps S433 to S434), and receives the device ID from the received user history information list. Extract (step S435).
- control unit 102 extracts all server history information including the extracted device ID from the server history information list 120e (step S436).
- control unit 102 compares the set ⁇ with the set 13, and the set ⁇ is a subset of the set 13, or the set ⁇ is a subset of the set 13. Or whether it is in another state (step S437).
- the control unit 102 sets the device determination level to " 0 '' (step S438), and if set 13 is a subset of set ⁇ , the difference between set 13 and set ⁇ is added to server history information list 120e and written (step S441), and the device judgment level is set. Then, the data is transmitted to the register device 300 via the Internet 10 (step S442)
- the control unit 102 sets the device determination level to “3” (step S 439), adds the extracted device ID to the unauthorized device list, and writes it (step S 440).
- the combination 13 is a subset of the set ⁇
- the difference between the set 13 and the set ⁇ is added to the server history information list 120e and written (step S441), and the device determination level is set via the Internet 10.
- the data is transmitted to the register device 300 (step S442).
- FIG. 25 shows a first example of the set ⁇ and the set j8.
- the set ⁇ 601 shown in this figure includes “C001”, “C002”, and “C006” as content IDs, and the set j8 602 includes “C001”, “C002”, and so on as content IDs.
- FIG. 6 A second example of the set ⁇ and the set j8 is shown in FIG.
- the set ⁇ 603 shown in this figure includes “C001” and “C002” as content IDs, and the set j8 604 includes “C 001”, “C002”,... “C005” as content IDs. Including! As described above, since the set ⁇ 603 ⁇ is a subset of the set j8604, the extracted device ID is determined to be valid in this case as well.
- FIG. 27 shows a third example of the set ⁇ and the set j8.
- the set ⁇ 605 shown in this figure includes “X001” and “Y002” as content IDs, and the set j8 606 includes “M 001” and “M002” as content IDs.
- the set ⁇ 605 and the set j8 606 are not in a proportional set relationship with each other. In this case, the extracted device ID is determined to be invalid.
- the user history information list 231e stored in the memory card 200e does not include user history information.
- the user history information list 23 le may not be stored in the memory card 200e.
- the register The host device 300 transmits the user history information to the management server device 100 because the user history information list 231e does not include the user history information or the user history information list 23 le does not exist. None do.
- the user history information list 231e stored in the memory card 20Oe does not include user history information.
- the user history information list 231e of the memory card 200e includes a device ID that identifies the device used for playback, for example, User history information consisting of “ID-A” and content ID “C001” is written.
- the management server device 100 stores “ID— Write user history information that also has the power of “A” and content ID “C001”.
- the user history information list 231e of the memory card 200e contains a device ID that identifies the device used for playback, for example, User history information consisting of “ID-A” and content ID “C002” is written. Therefore, in this case, the user history information list 231e includes the user history information consisting of “ID—A” and “C001” and the user history information consisting of “ID—A” and “ji 002”. Include
- the memory card 200e is attached to the register device 300, and the user history information list 23 le is transmitted from the register device 300 to the management server device 100, and the management server device 100 stores the server history information list 120e in the server history information list 120e.
- 8 stored by the management server device 100 is always a subset of the set ⁇ transmitted from the memory card 200e. is there.
- a case is assumed where, for some reason, another memory card having the same configuration as the user memory card 200e is used.
- the reason for using another memory card may be, for example, when the user's power S memory card 200e is lost, the memory card 200e is broken, or the memory card 200e is completely used up.
- the user history information list of another memory card contains the device ID for identifying the device used for playback, for example, user history information consisting of “ID-A” and content ID “C001”. Written. Therefore, in this case, the user history information list of this other memory card includes user history information consisting of “ID-A” and “Same 001”.
- 8 stored by the management server device 100 is always the set ⁇ transmitted from the memory card 200e.
- the set ⁇ is a subset of the set 13!
- the device identified by the device ID may be considered valid.
- control unit 102 recognizes the device identified by the device ID both when the set oc is a subset of the set ⁇ and when the set ⁇ 8 is a subset of the set ⁇ . Is presumed to be legitimate.
- a DVD player as a content playback apparatus is configured as follows!
- each time a DVD player receives an identifier storage unit that stores a device identifier for identifying itself and a playback instruction for content recorded on the BD by the user when the BD is attached That is, each time a content is played back, a content identifier for identifying the content is acquired from the BD, and the acquired content identifier and date / time information indicating the playback date / time are used as playback history information indicating the playback of the content.
- the device identifier, the playback history information, and the playback order are added to the installed memory card.
- a writing unit for writing to the memory card are added to the installed memory card.
- the management server device 100 associates the device ID with the content that individually identifies one or more contents played by the DVD player identified by the device ID.
- the set of content IDs and playback order numbers associated with the device IDs stored in the management server device 100 and when one set and the other set completely match, that is, All content IDs included in one set Completely match all content IDs included in the other set, and two matching If the playback order numbers for each set of IDs match, the DVD player identified by the device ID is assumed to be a legitimate device, otherwise it is identified by the device ID. It is presumed that the DVD player is an unauthorized device.
- the unauthorized device detection system If has the same configuration as the unauthorized device detection system le. This section focuses on the differences from the unauthorized device detection system le.
- the memory card 20 Oe is used as in the unauthorized device detection system le.
- the storage unit 203e of the memory card 200e includes a general area 205e, and the general area 205e has a user history information list 23 If shown in FIG. 28 instead of the user history information list 231e.
- the description will focus on differences from the memory card 200e used in the unauthorized device detection system le.
- the user history information list 231f includes an area for storing one or more pieces of user history information.
- Each user history information includes one device ID, one playback order number, and one content ID, and the user history information includes one device (in this embodiment, a DVD player). However, it corresponds to one piece of content that has been played.
- the device ID is identification information for uniquely identifying a device (in this embodiment, a DVD player) that reproduces content corresponding to the user history information including the device ID.
- a device in this embodiment, a DVD player
- the device cannot always be uniquely identified.
- the content ID is identification information that uniquely identifies the content corresponding to the IJ user history ⁇ blueprint that includes the content ID.
- the playback order number is information indicating the order in which the content corresponding to the user history information including the playback order number is played back on the device.
- the management server device 100 has the same configuration as the management server device 100 of the unauthorized device detection system le. Here, the difference from the management server device 100 of the unauthorized device detection system le will be mainly described.
- the management server device 100 has a server history information list 120f shown in FIG. 29 instead of the server history information list 120e in the management table storage unit 103.
- the server history information list 120f includes a plurality of server history information, and each server history information corresponds to one content played on one device (in this embodiment, a DVD player).
- Each server history information includes a device ID, a playback order number, and a content ID.
- the device ID is identification information for uniquely identifying a device that reproduces content corresponding to the server history information including the device ID.
- the content ID is identification information for uniquely identifying the content corresponding to the blueprint for the server history including the content ID.
- the playback order number is information indicating the order in which the content corresponding to the server history information including the playback order number is played back by the device.
- the control unit 102 receives the user history information list from the memory card 200e via the register device 300 and the Internet 10, and extracts the device ID from the received user history information list. To do. Here, it is assumed that one device ID is extracted.
- the control unit 102 extracts all the server history information including the extracted device ID from the server history information list 120f.
- a set including all the extracted server history information powers is called a server history information group ⁇ .
- the received user history information list is called ⁇ go.
- the control unit 102 compares the set ⁇ with the set 13 to determine whether the set ⁇ and the set 13 are in a completely identical force or other state.
- perfect match means the following state.
- All content IDs included in the set ⁇ and all content IDs included in the set j8 are completely the same, and each set of two matching content IDs corresponds to each content ID 2 Number of playback order numbers match.
- the control unit 102 assumes that the DVD player identified by the extracted device ID is valid, sets the device determination level to “0”, and sets the function.
- the device determination level is transmitted to the register device 300 via the Internet 10.
- control unit 102 is identified by the extracted device ID.
- D is added to the unauthorized device list and written, set ⁇ is added to the server history information list 120f and written, and the device determination level is transmitted to the register device 300 via the Internet 10.
- the control unit 102 of the management server device 100 receives the user history information list from the memory card 200e via the register device 300 and the Internet 10, extracts the device ID from the received user history information list, and extracts the server history. All server history information including the extracted device ID is extracted from the information list 120e.
- control unit 102 compares the set a with the set / 3, and when the content ID included in the set a matches the content ID included in the set j8 (step S437f), the playback order If the two playback order numbers match, that is, set a and set ⁇ are complete. If all match (step S451), the control unit 102 sets the device determination level to “0” (step S438f).
- step S437f the control unit 102 sets the device determination level to "3" (step S439f), and adds the extracted device ID to the unauthorized device list and writes it (step S440f). ).
- 8 by the control unit 102 will be described with an example.
- the set ⁇ is acquired from the memory card 200e, and the set ⁇ is extracted from the server history information list 120e included in the management server device 100.
- FIG. 31 shows a first example of comparison between the set ⁇ and the set j8.
- the set ⁇ 611 shown in this figure includes a reproduction order number and a content ID set of ⁇ “1”, “C001” ⁇ , ⁇ “2”, “C002” ⁇ , ⁇ “3”, “C003” ⁇ , ⁇ "4", "C004" ⁇ , ⁇ "5", “C005" ⁇ , and the set j8 612 includes ⁇ "1", "C001” ⁇ , ⁇ "2” , “C002” ⁇ , ⁇ “3”, “C003” ⁇ , ⁇ “4”, “C004” ⁇ , ⁇ “5”, “C005” ⁇ .
- 8 612 are completely coincident with each other, and therefore the extracted device ID is presumed to be valid.
- FIG. 8 614 is a combination of the playback order number and the content ID, ⁇ “1”, “C001” ⁇ , ⁇ “2”, “C002” ⁇ , ⁇ “3”, “C003” ⁇ , ⁇ “4”, “C004” ⁇ , ⁇ “5”, “C005” ⁇ .
- the extracted device ID is presumed to be invalid.
- the control unit 102 pays attention to the content ID that is a part of the element of the set a and the content ID that is a part of the element of the set / 3, and the set A of the content ID that is an element of the set a and the collection ID. Compare the content ID set B, which is an element of j8, to determine whether set A is a force that is a subset of set B, set B is a force that is a subset of set A, or other state .
- control unit 102 when the set A is a subset of the set B, and when the set B is a subset of the set A, the control unit 102 includes one or more included in both the set A and the set B. Extract the content ID of.
- the corresponding playback order number is extracted from the set ⁇ , the corresponding playback order number is extracted from the set
- the user history information list 23 If stored in the memory card 200e contains History information is included! /, Na! /.
- the user history information list 231f of the memory card 200e includes a device ID that identifies the device used for playback, for example, “ID — A ”, playback sequence number“ 1 ”, content ID“ C001 ”, and other user history information are also written.
- the memory card 200e is attached to the register device 300, and the user history information list 23 If is transmitted from the register device 300 to the management server device 100, and the management server device 100 stores the server history information list 120f in the server history information list 120f.
- Write user history information consisting of “ID—A”, playback sequence number “1”, and content ID “C001”.
- the user history information list 231f of the memory card 200e includes a device ID for identifying the device used for playback, for example, “ID — A ”, playback sequence number“ 2 ”, content ID“ C002 ”, and other user history information are written. Therefore, in this case, the user history information list 23 If consists of user history information consisting of “ID — A”, “1” and “C001”, and riD-Aj, “2” and “C002”. User history information.
- the memory card 200e is inserted into the register device 300, and the user history information list 23 If is transmitted from the register device 300 to the management server device 100.
- the management server device 100 stores the server history information list 120f in the server history information list 120f. Write user history information consisting of “ID—A”, playback sequence number “1”, and content ID “C002”.
- 8 stored by the management server device 100 is always a subset of the set ⁇ transmitted from the memory card 200e. is there.
- the user history information list of another memory card consists of a device ID for identifying the device used for playback, for example, riD-A, playback order number “1”, and content ID “C003”. User history information is written. Therefore, in this case, the user history information list of this other memory card includes user history information including “ID-A”, reproduction order numbers “1”, and “C003”.
- 8 stored by the management server device 100 is not a subset of the set oc transmitted from the memory force 200e, and the set ex is a part of the set ⁇ . It is not a subset. However, even in such a case, the device identified by the device ID may be considered valid.
- the user history information list 231f of the memory card 200e contains no user history information, and then the user history consisting of “ID—A”, “1” and “C001” A state where information is additionally written, a state where user history information consisting of “ID—A”, “2” and “C002” is additionally written.
- — A and the playback order number
- the user history information consisting of riD-Aj, playback order number "1", and content ID "C003" is written in the user history information list of another memory card.
- These multiple states, including the state in which user history information consisting of “ID—A”, the playback order number, and another content ID is written, and the following similar states, are the same. It belongs to the viewing history series (second viewing history series).
- the first viewing history sequence and the second viewing history sequence correspond to the same device ID.
- the first viewing history sequence and the second viewing history sequence are different.
- the management server device 100 of the unauthorized device detection system lg uses the server history information list 120f stored therein (the same as the server history information list 120f of the unauthorized device detection system If) to register from the memory card 200f.
- One or more viewing history sequences corresponding to the same device ID as the device ID received via 300 are extracted, and the viewing history sequence to which the received user history information list belongs is If they are the same, the number of sequences indicating the number of extracted viewing history sequences is calculated. If not, “1” is added to the number of extracted viewing history sequences.
- the number of series is calculated and compared with a predetermined threshold, for example, “100”. If the calculated number of series is greater than “100”, the device identified by the received device ID is illegal. Equipment Estimated, equal the calculated sequence number of "100" is smaller than, device identified by the received device ID is assumed to be a legitimate device.
- the unauthorized device detection system lg has the same configuration as the unauthorized device detection system If. This section focuses on the differences from the unauthorized device detection system If.
- the unauthorized device detection system lg uses a memory card 200e having the same configuration as the unauthorized device detection system If.
- the memory card 200e has a user history information list 2 3 If shown in FIG.
- the management server device 100 of the unauthorized device detection system lg has the same configuration as the management server device 100 of the unauthorized device detection system If.
- the difference from the management server device 100 of the unauthorized device detection system If will be mainly described.
- the management server device 100 has a server history information list 120f shown in FIG. 29 in the management table storage unit 103.
- the server history information list 120f is as described above.
- server history information belonging to the same viewing history series is arranged adjacent to each other and arranged in ascending order of playback order numbers.
- the control unit 102 receives the user history information list from the memory card 200e via the register device 300 and the Internet 10, and extracts the device ID from the received user history information list. Here, it is assumed that one device ID is extracted.
- the control unit 102 extracts all server history information including the extracted device ID from the server history information list 120f. All extracted server history information is called a server history information group. An example of the server history information group is shown as a server history information group 621 in FIG.
- the server history information belonging to the same viewing history series is arranged adjacent to each other and arranged in ascending order of the playback order numbers.
- the information is read one by one in order, and the playback order number included in the read server history information is compared with the playback order number included in the previous server history information. If it is smaller than the previous playback sequence number, the server history information read immediately before and the read server history information are regarded as indicating the boundary of the viewing history series, and are read up to the previous one.
- the server history information is set as one viewing history series, and the server history information after the read server history information is set as another viewing history series.
- a plurality of server history information sets 631 belong to one viewing history series
- another plurality of server history information sets 632 include another one Another set of server history information 633 belonging to the viewing history series is It belongs to another viewing history series.
- the value of the playback order number is reduced from “3” to “1”.
- control unit 102 classifies all the extracted server history information into one or more viewing history sequences.
- control unit 102 determines whether the received viewing history sequence power to which the received user history information list belongs is the same as one of the extracted viewing history sequences. If they are the same, the number of series indicating the number of extracted viewing history series is calculated. Otherwise, “1” is added to the number of extracted viewing history series to calculate the number of series.
- control section 102 compares the calculated number of sequences with a predetermined threshold, for example, “100”.
- the device determination level is set to “3”, and the extracted device ID is the unauthorized device.
- the user history information list added and written to the list is added to the server history information list 120f and written, and the device determination level is transmitted to the register device 300 via the Internet 10.
- control unit 102 estimates that the device identified by the received device ID is a valid device, and sets the device determination level to "0".
- the received user history information list is added to the server history information list 120 f and written, and the device judgment level is transmitted to the register device 300 via the Internet 10.
- the register device outputs a reading instruction indicating reading of the user history information list to the mounted memory card 200e (step S431), and the memory card 200e reads the user history from the general area 205e.
- the information list 231f is read (step S432), and the read user history information list 23 If is output to the register device 300 (step S433).
- the register device 300 transmits the received user history information list to the management server device 100 via the Internet 10 (step S434).
- the control unit 102 of the management server device 100 is connected to the register device 300 and the memory card 200e. Then, the user history information list is received via the Internet 10 (steps S433 to S434), and the device ID is extracted from the received user history information list (step S435).
- control unit 102 extracts all the server history information including the extracted device ID from the server history information list 120f (step S436).
- control unit 102 extracts a viewing history sequence using the received user history information list and all the extracted server history information, calculates the number of sequences of the extracted viewing history sequence, and calculates the calculated sequence.
- the number is temporarily stored internally (step S461).
- control section 102 compares the calculated and stored number of sequences with “100”, and if the calculated and stored number of sequences is greater than “100” (step S462), device control level is set. “3” is set (step S439), and the extracted device ID is added to the unauthorized device list and written (step S440).
- control unit 102 sets the device determination level to “0” (step S438).
- control unit 102 adds the received user history information list to the server history information list 120f and writes it (step S441), and sets the device determination level via the Internet 10 to the register device 300. (Step S442).
- the DVD player is capable of decrypting and reproducing the encrypted content recorded on the DVD, but is not limited to this.
- the encrypted content may be acquired, decrypted and played back via the content playback device network.
- the digital broadcast receiving apparatus receives the broadcast wave, extracts the encrypted content from the received broadcast wave, and decrypts and reproduces the extracted encrypted content. Moyo.
- the encrypted content is recorded together with the encrypted content key on the portable memory card, and the content playback apparatus reads the encrypted content from the memory card and reads it.
- the extracted encrypted content may be decrypted and reproduced.
- one device key is assigned to a DVD player.
- the number of device keys assigned to one playback device does not have to be one, but is plural. May be. Furthermore, the same device key may be shared by multiple device IDs.
- the content is encrypted with the content key
- the content key is encrypted with the device key.
- the present invention is not limited to the configuration. Absent.
- the content is encrypted with a content key
- the content key is encrypted with a media key
- the media key is encrypted with a device key. Moyo.
- the management server device determines a legitimate device that uses content or an unauthorized device and detects the unauthorized device.
- the present invention is limited to this configuration. It is not something.
- the present invention instead of applying the present invention to a content use system, it is applied to a commuter pass use system such as a train, and the management device determines whether the use is regular use or unauthorized use, and detects unauthorized use. Also good.
- a commuter pass usage system is composed of a portable terminal having a device ID, a pair of portable media having commuter pass information recorded and a medium ID, and a ticket gate installed at a station. It is.
- the portable medium is used by being inserted into a portable terminal.
- the ticket gate operates in the same manner as the management server device in the above embodiment.
- the ticket gate manages a set of device ID and media ID.For example, when a portable medium is inserted into another person's mobile terminal and used, the managed device has a device ID with a different media ID. Therefore, it is possible to detect unauthorized use of portable media.
- the present invention can also be applied to systems other than those described above as long as they are unauthorized devices using a device ID and a medium ID or a system that detects unauthorized use.
- the user holds the portable medium and uses the store equipment, but the present invention is not limited to the configuration.
- a MAC address may be used instead of the medium ID.
- the device and the MAC address are transmitted to the management device via the network, and the management device uses the MAC address to determine the unauthorized device. If it is not the unauthorized device, the encrypted content key is transmitted. .
- the present invention may have any configuration as long as it uses a unique information that cannot be rewritten or changed instead of the medium ID! /.
- the portable medium is configured to hold a unique medium ID, but the present invention is not limited to that configuration.
- a configuration may be adopted in which a plurality of defined (manageable) portable media have the same media ID.
- a warning is issued before the device is determined to be an unauthorized device, and the second threshold value is determined. If the value is exceeded, it is determined that the device is illegal. However, one threshold value may be used. If it is greater than the threshold, it is assumed that the device is illegal, and if it is less than the threshold, it is assumed that the device is legitimate.
- an IC card may be used instead of the memory card.
- management server device 100 and the register device 300 may be combined to be realized as an integrated device.
- Each of the above devices is specifically a computer system including a microprocessor, ROM, RAM, a hard disk unit, a display unit, a keyboard, a mouse, and the like.
- a computer program is stored in the RAM or the hard disk unit.
- the computer program is configured by combining a plurality of instruction codes indicating instructions for the computer in order to achieve a predetermined function.
- Microprocessor power Each device achieves its functions by operating according to the computer program. In other words, the microprocessor Then, each instruction included in the computer program is read one by one, the read instruction is decoded, and the operation is performed according to the decoding result.
- System L SI is an ultra-multifunctional LSI manufactured by integrating multiple components on a single chip. Specifically, it is a computer system that includes a microprocessor, ROM, RAM, and so on. Stem. A computer program is stored in the RAM. The microphone processor power By operating according to the computer program, the system LSI achieves its functions.
- each part of the constituent elements constituting each of the above-described devices may be individually made into one chip, or may be made into one chip so as to include a part or all of them. Also, here, it is also called IC, system LSI, super LSI, or ultra LSI, depending on the difference in power integration as LSI.
- the method of circuit integration is not limited to LSI, and may be realized by a dedicated circuit or a general-purpose processor. It is also possible to use an FPGA (Field Programmable Gate Array) that can be programmed after LSI manufacture and a reconfigurable processor that can reconfigure the connection and settings of circuit cells inside the LSI!
- FPGA Field Programmable Gate Array
- a part or all of the constituent elements constituting each of the above devices may be configured as an IC card that can be attached to and detached from each device or a single module force.
- the IC card or the module is a computer system including a microprocessor, ROM, RAM, and the like.
- the IC card or the module may include the super multifunctional LSI described above.
- the IC card or the module achieves its function by the microprocessor operating according to the computer program. This IC card or module may be tamper resistant! /.
- the present invention may be the method described above. Further, the present invention may be a computer program that realizes these methods by a computer, or may be a digital signal that also has the computer program power.
- the present invention provides the computer program or the digital signal to a computer.
- Even readable recording media such as flexible disks, hard disks, CD-ROM, MO, DVD, DVD-ROM, DVD-RAM, BD (Blu-ray Disc), semiconductor memory, etc. Good.
- the present invention may be the computer program or the digital signal recorded on these recording media.
- the present invention may transmit the computer program or the digital signal via an electric communication line, a wireless or wired communication line, a network typified by the Internet, a data broadcast, or the like.
- the present invention may also be a computer system including a microprocessor and a memory.
- the memory may store the computer program, and the microprocessor may operate according to the computer program.
- the present invention is a device that uses content, a management device that manages the improperness of the device used, and an unauthorized device detection system that has a portable medium power for recording data.
- the utilization device includes a storage unit that stores device identification information that can identify the device.
- the portable medium includes a first storage area for storing the device identification information and a second storage area for storing medium identification information capable of identifying the portable medium.
- the management device includes a reading unit for reading device identification information and medium identification information, respectively, and the read device identification information and medium identification information. And a determination unit that determines whether or not the user device having the device identification information is an unauthorized device.
- the management device may include a table generation unit that generates a management table for managing the medium identification information based on the device identification information.
- the management device stores a threshold value for determining whether or not the unauthorized device is a valid device.
- a threshold storage unit, and the table generation unit of the management device counts the medium identification information on the basis of the device identification information, generates a management table for storing the counted total number, and generates a management table for the management device.
- the determination unit may determine that the device is an unauthorized device when the counted total exceeds a threshold value stored in the threshold value storage unit.
- the threshold storage unit of the management device may store one or more threshold values for each device identification information.
- the management device includes a device key storage unit that stores a device key in association with the device identification information, a selection unit that selects a content key necessary for using the content, and the content selected by the selection unit.
- An encryption unit that encrypts a key with a device key corresponding to the device identification information; and a writing unit that writes the encrypted content key to the portable medium. Let's say you have a third storage area to store the encryption key.
- the using device stores the device identification information stored in the portable device by the determination unit that determines whether or not the device identification information is stored in the portable medium and the determination unit.
- a writing unit that writes the device identification information in the first storage area of the portable medium may be provided.
- the portable medium includes a third storage area that stores an encrypted content key necessary for use of the content, and the user device uses the third storage area that the portable medium stores.
- a reading unit that reads the encrypted content corresponding to the device may be provided.
- the portable medium stores a third storage area for storing an encrypted content key necessary for using the content, and a fourth storage area for storing the content encrypted with the content key.
- the utilization device may include a reading unit that reads out encrypted content from a fourth storage area stored in the portable medium.
- the portable medium includes a third storage area that stores an encrypted content key necessary for use of the content, and the user device uses the third storage area that the portable medium stores.
- the device may include a determination unit that determines whether an encrypted content key necessary for the device exists.
- the portable medium may be a memory card! /.
- the portable medium may be an IC card.
- the present invention is a management device that manages fraud of a user device that uses content
- the portable medium for recording data is a first storage area that stores device identification information that can identify the user device.
- a second storage area for storing the medium identification information that can identify the portable medium and the management device has the device identification information from the first storage area and the second storage area of the portable medium, and A reading unit that reads out the medium identification information, and a determination unit that determines from the read out device identification information and the medium identification information whether the device that uses the device identification information is an unauthorized device.
- the management device may include a table generation unit that generates a management table for managing the medium identification information based on the device identification information.
- the management device includes a threshold value storage unit that stores a threshold value for determining whether or not an unauthorized device is a device.
- the management table generation unit of the management device uses the device identification information as a reference.
- the medium identification information is counted, and a management table for storing the counted total is generated, and the judgment unit of the management device determines that the counted total exceeds the threshold when stored in the threshold storage unit. In some cases, it may be judged as an unauthorized device.
- the threshold storage unit of the managed device may store one or more threshold values for each piece of device identification information.
- the management device includes a device key storage unit that stores a device key in association with the device identification information, a selection unit that selects a content key necessary for using the content, and the content selected by the selection unit.
- An encryption unit that encrypts the key with a device key corresponding to the device identification information and a writing unit that writes the encrypted content key to the portable medium may be provided.
- the present invention is a use device that uses content, and a portable medium for recording data includes a first storage area that stores device identification information that can identify the use device, and the portable device.
- a second storage area for storing medium identification information capable of identifying a medium may be provided, and the utilization device may include a storage unit for storing device identification information capable of identifying the device.
- the use device is determined to be a device that has stored the device identification information stored in the portable medium to determine whether or not it can be used, and is stored in the determination unit.
- a writing unit for writing the device identification information in the first storage area of the portable medium may be provided.
- the portable medium includes a third storage area that stores an encrypted content key necessary for using the content, and the use device stores a third storage that the portable medium stores.
- a reading unit that reads out the encrypted content corresponding to the device from the area may be provided.
- the portable medium includes a third storage area for storing an encrypted content key necessary for using the content, and a fourth storage area for storing the content encrypted with the content key
- the utilization device may include a reading unit that reads encrypted content from a fourth storage area stored in the portable medium.
- the portable medium includes a third storage area that stores an encrypted content key necessary for use of the content, and the use device stores a third storage that the portable medium stores.
- a determination unit may be provided for determining whether the encrypted content key required by the device exists from the area.
- the present invention is a portable medium for recording data, wherein the portable medium stores a first storage area that stores device identification information that can identify a device that uses content, and the portable medium. It is also possible to provide a second storage area for storing medium identification information that can identify the ID.
- the portable medium may include a third storage area for storing an encrypted content key necessary for use of the content.
- the portable medium may be a memory card.
- the portable medium may be an IC card.
- the present invention is an unauthorized use detection system comprising a management device for managing unauthorized use and a portable medium for recording data.
- the portable medium includes a first storage area that stores device identification information that can identify a device to be used, and a second storage area that stores medium identification information that can identify the portable medium.
- the management device includes a first storage area of the portable medium, And the second storage area, respectively, a reading unit for reading the device identification information and the medium identification information, and the use device holding the device identification information is illegally used from the read device identification information and the medium identification information.
- a determination unit is provided for determining whether or not there is a mistake.
- the management device generates a management table for managing a set of the device identification information and the medium identification information, and sets different device identification information based on the medium identification information. If it is obtained, it will be equipped with a judgment unit that judges that the use is illegal.
- the management device may include a storage for storing a different threshold value for each medium-specific information.
- the present invention is a management device that manages unauthorized use, and a portable medium for recording data includes a first storage area that stores device identification information that can identify a device used, and the portable device.
- a second storage area for storing medium identification information capable of identifying the medium; and the management device receives device identification information and medium identification information from the first storage area and the second storage area of the portable medium, respectively.
- the management device generates a management table that manages a set of the device identification information and the medium identification information, and different device identification information based on the medium identification information. If it is obtained, it will be equipped with a judgment unit that judges that the use is illegal.
- the management device may include a storage for storing a different threshold value for each medium-specific information.
- the present invention also relates to a device that uses content, a management device that manages fraud of the device used, and a fraudulent device detection method that is used in a portable medium for recording data.
- Storing a device identification information capable of identifying the device a first storage step storing the device identification information in the portable medium, and storing a medium identification information capable of identifying the portable medium.
- the devices and recording media constituting the present invention are management, continuous, and repetitive in all industries where it is necessary to detect unauthorized devices, particularly in the content distribution industry that produces and distributes content. Can be used.
- each device and recording medium constituting the present invention can be manufactured and sold in the electric appliance manufacturing industry in a management manner, continuously and repeatedly.
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/791,853 US20080016001A1 (en) | 2004-12-13 | 2005-12-12 | Unauthorized Device Detection Device And Unauthorized Device Detection System |
JP2006548827A JP4827034B2 (ja) | 2004-12-13 | 2005-12-12 | 不正機器検出装置及び不正機器検出システム |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2004-360436 | 2004-12-13 | ||
JP2004360436 | 2004-12-13 | ||
JP2004360437 | 2004-12-13 | ||
JP2004-360437 | 2004-12-13 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2006064765A1 true WO2006064765A1 (ja) | 2006-06-22 |
Family
ID=36587821
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2005/022788 WO2006064768A1 (ja) | 2004-12-13 | 2005-12-12 | 不正機器検出装置、不正機器検出システム、不正機器検出方法、プログラム、記録媒体及び機器情報更新方法 |
PCT/JP2005/022779 WO2006064765A1 (ja) | 2004-12-13 | 2005-12-12 | 不正機器検出装置及び不正機器検出システム |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2005/022788 WO2006064768A1 (ja) | 2004-12-13 | 2005-12-12 | 不正機器検出装置、不正機器検出システム、不正機器検出方法、プログラム、記録媒体及び機器情報更新方法 |
Country Status (3)
Country | Link |
---|---|
US (2) | US20080016001A1 (ja) |
JP (2) | JP4857123B2 (ja) |
WO (2) | WO2006064768A1 (ja) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2008131557A (ja) * | 2006-11-24 | 2008-06-05 | Matsushita Electric Ind Co Ltd | 映像音声出力機器、認証処理方法及び映像音声処理システム |
Families Citing this family (28)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4911705B2 (ja) * | 2007-02-20 | 2012-04-04 | キヤノン株式会社 | 撮像装置 |
US9349127B2 (en) | 2007-11-29 | 2016-05-24 | Visa Usa Inc. | Serial number and payment data based payment card processing |
US8245315B2 (en) * | 2008-09-10 | 2012-08-14 | Qualcomm Incorporated | Remote diagnosis of unauthorized hardware change |
US9237310B2 (en) * | 2008-11-26 | 2016-01-12 | Thomson Licensing | Method and system digital for processing digital content according to a workflow |
EP2278513A1 (en) * | 2009-07-15 | 2011-01-26 | Nagravision SA | Method for preventing the use of a cloned user unit communicating with a server |
EP2457358B1 (en) * | 2009-07-20 | 2018-12-12 | Verimatrix, Inc. | Systems and methods for detecting clone playback devices |
CN101807236B (zh) * | 2010-02-08 | 2012-11-28 | 深圳市同洲电子股份有限公司 | 一种鉴权方法、系统及对应的前端设备 |
JP2011238062A (ja) * | 2010-05-11 | 2011-11-24 | Sony Corp | サーバ装置、プログラム、情報処理システム |
JP5589685B2 (ja) * | 2010-09-06 | 2014-09-17 | ソニー株式会社 | 情報処理装置および方法、並びにプログラム |
JP2014524060A (ja) * | 2011-05-16 | 2014-09-18 | パナソニック株式会社 | 重複判定装置及び重複管理システム |
US9875480B2 (en) * | 2012-01-27 | 2018-01-23 | Sony Network Entertainment International Llc | System, method, and infrastructure for real-time live streaming content |
JP6007075B2 (ja) * | 2012-11-16 | 2016-10-12 | 任天堂株式会社 | サービス提供システム、サービス提供方法、サーバシステムおよびサービス提供プログラム |
US9226141B1 (en) * | 2013-11-04 | 2015-12-29 | Sprint Communications Company L.P. | Identifying unsubscribed tethering in a wireless network |
US9699185B2 (en) | 2014-01-31 | 2017-07-04 | Panasonic Intellectual Property Management Co., Ltd. | Unauthorized device detection method, unauthorized device detection server, and unauthorized device detection system |
JP6421436B2 (ja) * | 2014-04-11 | 2018-11-14 | 富士ゼロックス株式会社 | 不正通信検知装置及びプログラム |
US10630686B2 (en) | 2015-03-12 | 2020-04-21 | Fornetix Llc | Systems and methods for organizing devices in a policy hierarchy |
US10965459B2 (en) | 2015-03-13 | 2021-03-30 | Fornetix Llc | Server-client key escrow for applied key management system and process |
MX2017012275A (es) * | 2015-03-26 | 2018-05-28 | Maxxian Tech Inc � | Sistemas y metodos para detectar e interferir dispositivos vulnerados y el traslado no autorizado de los dispositivos en una red de comunicaciones. |
US10395011B2 (en) | 2015-11-04 | 2019-08-27 | Screening Room Media, Inc. | Monitoring location of a client-side digital content delivery device to prevent digital content misuse |
CN105868623A (zh) * | 2015-11-13 | 2016-08-17 | 乐视移动智能信息技术(北京)有限公司 | 一种权限的检测方法和终端设备 |
US11063980B2 (en) | 2016-02-26 | 2021-07-13 | Fornetix Llc | System and method for associating encryption key management policy with device activity |
US10931653B2 (en) | 2016-02-26 | 2021-02-23 | Fornetix Llc | System and method for hierarchy manipulation in an encryption key management system |
US10880281B2 (en) | 2016-02-26 | 2020-12-29 | Fornetix Llc | Structure of policies for evaluating key attributes of encryption keys |
US10917239B2 (en) | 2016-02-26 | 2021-02-09 | Fornetix Llc | Policy-enabled encryption keys having ephemeral policies |
US10860086B2 (en) | 2016-02-26 | 2020-12-08 | Fornetix Llc | Policy-enabled encryption keys having complex logical operations |
KR102419505B1 (ko) | 2016-03-09 | 2022-07-08 | 삼성전자주식회사 | 스토리지 디바이스의 인증 방법 및 시스템 |
US10812613B2 (en) * | 2016-12-19 | 2020-10-20 | Chicago Mercantile Exchange Inc. | Optimization of encoding cycles for object recovery feed |
TWI766538B (zh) * | 2021-01-12 | 2022-06-01 | 華碩電腦股份有限公司 | 加密式硬碟裝置 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH09167477A (ja) * | 1995-12-18 | 1997-06-24 | Kokusai Electric Co Ltd | 音声再生装置 |
JP2001118333A (ja) * | 1999-10-14 | 2001-04-27 | Nomura Semiconductor Technology Inc | 情報記録媒体の再生情報管理監査システム |
JP2003234826A (ja) * | 2002-02-07 | 2003-08-22 | Railway Technical Res Inst | サーバシステム及び認証方法 |
JP2004328517A (ja) * | 2003-04-25 | 2004-11-18 | Toshiba Corp | 受信装置、通信装置、受信システム及び受信方法 |
Family Cites Families (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH03195309A (ja) | 1989-12-21 | 1991-08-26 | Kyushu Electric Power Co Inc | 防護カバー挿入器 |
US5029207A (en) * | 1990-02-01 | 1991-07-02 | Scientific-Atlanta, Inc. | External security module for a television signal decoder |
US5715403A (en) * | 1994-11-23 | 1998-02-03 | Xerox Corporation | System for controlling the distribution and use of digital works having attached usage rights where the usage rights are defined by a usage rights grammar |
US5892900A (en) * | 1996-08-30 | 1999-04-06 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
US5949877A (en) * | 1997-01-30 | 1999-09-07 | Intel Corporation | Content protection for transmission systems |
US6118873A (en) | 1998-04-24 | 2000-09-12 | International Business Machines Corporation | System for encrypting broadcast programs in the presence of compromised receiver devices |
US7007162B1 (en) * | 1998-04-24 | 2006-02-28 | International Business Machines Corporation | Forensic media key block for identifying compromised keys |
JP2000184447A (ja) | 1998-12-15 | 2000-06-30 | Nec Corp | 移動通信システム及びクローン端末検出方法 |
JP2000222534A (ja) * | 1999-01-29 | 2000-08-11 | Hitachi Ltd | 不正id検知支援システム |
US7380137B2 (en) * | 1999-07-20 | 2008-05-27 | International Business Machines Corporation | Content guard system for copy protection of recordable media |
US6850914B1 (en) * | 1999-11-08 | 2005-02-01 | Matsushita Electric Industrial Co., Ltd. | Revocation information updating method, revocation informaton updating apparatus and storage medium |
AU2001239780A1 (en) * | 2000-02-17 | 2001-08-27 | Minds@Work | Video content distribution system including an interactive kiosk, a portable content storage device, and a set-top box |
US20010044786A1 (en) * | 2000-03-14 | 2001-11-22 | Yoshihito Ishibashi | Content usage management system and method, and program providing medium therefor |
JP2001337925A (ja) * | 2000-05-25 | 2001-12-07 | Nec Gumma Ltd | ユーザ認証装置及びこれを用いた商取引システム |
US20020059120A1 (en) * | 2000-06-06 | 2002-05-16 | Milton James K. | Method and apparatus for creating and maintaining a virtual inventory in a distributed network |
US20020076204A1 (en) * | 2000-12-18 | 2002-06-20 | Toshihisa Nakano | Key management device/method/program, recording medium, reproducing device/method, recording device, and computer-readable, second recording medium storing the key management program for copyright protection |
WO2003034651A1 (fr) * | 2001-10-12 | 2003-04-24 | Matsushita Electric Industrial Co., Ltd. | Appareil de traitement de contenu et programme de protection de contenu |
US7020636B2 (en) | 2002-09-05 | 2006-03-28 | Matsushita Electric Industrial, Co., Ltd. | Storage-medium rental system |
KR20040092649A (ko) * | 2003-04-24 | 2004-11-04 | 엘지전자 주식회사 | 광디스크의 복사 방지 정보 관리방법 |
AU2004258523B2 (en) * | 2003-07-07 | 2009-12-10 | Irdeto B.V. | Reprogrammable security for controlling piracy and enabling interactive content |
-
2005
- 2005-12-12 JP JP2006548829A patent/JP4857123B2/ja not_active Expired - Fee Related
- 2005-12-12 JP JP2006548827A patent/JP4827034B2/ja active Active
- 2005-12-12 WO PCT/JP2005/022788 patent/WO2006064768A1/ja active Application Filing
- 2005-12-12 WO PCT/JP2005/022779 patent/WO2006064765A1/ja active Application Filing
- 2005-12-12 US US11/791,853 patent/US20080016001A1/en not_active Abandoned
- 2005-12-12 US US10/589,288 patent/US7617536B2/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH09167477A (ja) * | 1995-12-18 | 1997-06-24 | Kokusai Electric Co Ltd | 音声再生装置 |
JP2001118333A (ja) * | 1999-10-14 | 2001-04-27 | Nomura Semiconductor Technology Inc | 情報記録媒体の再生情報管理監査システム |
JP2003234826A (ja) * | 2002-02-07 | 2003-08-22 | Railway Technical Res Inst | サーバシステム及び認証方法 |
JP2004328517A (ja) * | 2003-04-25 | 2004-11-18 | Toshiba Corp | 受信装置、通信装置、受信システム及び受信方法 |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2008131557A (ja) * | 2006-11-24 | 2008-06-05 | Matsushita Electric Ind Co Ltd | 映像音声出力機器、認証処理方法及び映像音声処理システム |
Also Published As
Publication number | Publication date |
---|---|
US20070283162A1 (en) | 2007-12-06 |
JP4827034B2 (ja) | 2011-11-30 |
JPWO2006064768A1 (ja) | 2008-06-12 |
US20080016001A1 (en) | 2008-01-17 |
JPWO2006064765A1 (ja) | 2008-06-12 |
JP4857123B2 (ja) | 2012-01-18 |
WO2006064768A1 (ja) | 2006-06-22 |
US7617536B2 (en) | 2009-11-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4827034B2 (ja) | 不正機器検出装置及び不正機器検出システム | |
CN100527148C (zh) | 不正当设备检测装置及不正当设备检测系统 | |
CN100568367C (zh) | 内容发布系统、记录设备和方法、重放设备和方法 | |
CN1985319B (zh) | 内容使用设备及记录介质 | |
KR100682290B1 (ko) | 콘텐츠 관리 시스템, 장치, 방법 및 프로그램 격납 매체 | |
EP1280149B1 (en) | Apparatus and method and for protected recording and playback of digital content | |
CN101167300B (zh) | 信息安全装置 | |
KR101217110B1 (ko) | 라이센스의 전송원 컴포넌트와 전송처 컴포넌트 및, 그처리 방법 | |
JP4348818B2 (ja) | データ配信システムとその方法およびデータ記録媒体 | |
CN100423041C (zh) | 数据处理设备和数据处理方法 | |
US5835595A (en) | Method and apparatus for crytographically protecting data | |
CN101853679B (zh) | 信息处理设备、信息处理方法和程序 | |
JP4760101B2 (ja) | コンテンツ提供システム,コンテンツ再生装置,プログラム,およびコンテンツ再生方法 | |
CN100428256C (zh) | 信息处理设备和信息处理方法 | |
CN100452219C (zh) | 用于保护内容的方法和设备 | |
JP3895940B2 (ja) | 情報端末装置 | |
CN1989560A (zh) | 内容重放装置,内容重放方法,计算机程序,密钥传递装置,以及记录介质 | |
KR20060051212A (ko) | 이동 컴포넌트와 프로그램 및 이동 방법 | |
CN103348623A (zh) | 终端装置、验证装置、密钥分发装置、内容再现方法、密钥分发方法以及计算机程序 | |
CN101874248A (zh) | 记录再现系统、记录媒体装置及记录再现装置 | |
JP2002163577A (ja) | データ端末装置 | |
WO2004023524A2 (en) | Storage medium rental system | |
WO2002080446A1 (fr) | Appareil de traitement d'information | |
CN101533654A (zh) | 用于处理信息的设备和方法 | |
KR20060051285A (ko) | 복제 컴포넌트와 프로그램 및 그 복제 방법 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KN KP KR KZ LC LK LR LS LT LU LV LY MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2006548827 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 11791853 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 200580042810.2 Country of ref document: CN |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 05814215 Country of ref document: EP Kind code of ref document: A1 |
|
WWP | Wipo information: published in national office |
Ref document number: 11791853 Country of ref document: US |