Data distribution system and recording device for use therein
First Claim
Patent Images
1. (Amended) A data distribution system comprising:
- a data provision device (10, 11) provided to distribute a license key (Kc) serving as a decryption key decrypting encrypted content data ({Data}Kc} to obtain plaintext content data (Data) and;
a plurality of terminals (100, 101) receiving the distribution from said data provision device, wherein;
said data provision device includes a first interface unit (350) provided to communicate data externally, and a distribution control unit (315) operative, when said distribution is requested, to exert control for generating access restriction information (AC1) and distributing reproduction information (Kc//AC2, {Kc//AC2}Kcom) at least including said license key and said access restriction information via said first interface unit;
each said terminal includes a second interface unit (1102) provided to communicated data externally, a distributed-data deciphering device (110, 210) recording said reproduction information and said access restriction information received from said data provision device via said second interface unit, and a terminal control unit (1106) provided for controlling an operation of said terminal; and
said deciphering device has a storage unit (1415, 1430, 1440) provided to record said reproduction information and said access restriction information therein, and a control unit (1420) operative, when said terminal control unit issues a request to output said reproduction information recorded in said storage unit, to refer to said access restriction information in said storage unit to determine whether said reproduction information may be output, when said control unit determines that said reproduction information may be output said reproduction information being output and thereafter as required said control unit changing said access restriction information recorded in said storage unit.
3 Assignments
0 Petitions
Accused Products
Abstract
A memory card (110) stores access restriction information (AC1) to a license information hold unit (1440) arranged in a TRM area. Access restriction information (AC1) has information for example of a frequency of reproduction allowed and a number of licenses owned. A controller (1420) in reproducing and transferring content initially confirms access restriction information (AC1) and thereafter effects reproduction and transfer and after the reproduction and transfer are effected updates access restriction information (AC1), as required, for storage in a license information hold unit (1440).
-
Citations
36 Claims
-
1. (Amended) A data distribution system comprising:
-
a data provision device (10, 11) provided to distribute a license key (Kc) serving as a decryption key decrypting encrypted content data ({Data}Kc} to obtain plaintext content data (Data) and;
a plurality of terminals (100, 101) receiving the distribution from said data provision device, wherein;
said data provision device includes a first interface unit (350) provided to communicate data externally, and a distribution control unit (315) operative, when said distribution is requested, to exert control for generating access restriction information (AC1) and distributing reproduction information (Kc//AC2, {Kc//AC2}Kcom) at least including said license key and said access restriction information via said first interface unit;
each said terminal includes a second interface unit (1102) provided to communicated data externally, a distributed-data deciphering device (110, 210) recording said reproduction information and said access restriction information received from said data provision device via said second interface unit, and a terminal control unit (1106) provided for controlling an operation of said terminal; and
said deciphering device has a storage unit (1415, 1430, 1440) provided to record said reproduction information and said access restriction information therein, and a control unit (1420) operative, when said terminal control unit issues a request to output said reproduction information recorded in said storage unit, to refer to said access restriction information in said storage unit to determine whether said reproduction information may be output, when said control unit determines that said reproduction information may be output said reproduction information being output and thereafter as required said control unit changing said access restriction information recorded in said storage unit. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 20, 21, 22, 23, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
-
19. (Amended) A recording device for storing therein reproduction information (Kc//AC2, {Kc//AC2}Kcom) for encrypted data ({Data}Kc) containing a license key (Kc) serving as a decryption key decrypting said encrypted data to obtain plaintext data (Data), comprising:
-
an interface unit (1202) provided to communicate data externally;
a storage unit (1415, 1430, 1440) provided to record therein said reproduction information and access restriction information (AC1) used to control outputting said reproduction information from said recording device; and
a control unit (1420) operative, when an external instruction is issued to output said reproduction information recorded in said storage unit, to refer to said access restriction information in said storage unit to determine whether said reproduction information may be output, when said control unit so determines said reproduction information being output and thereafter as required said control unit changing said access restriction information recorded in said storage unit.
-
-
24. (Amended) A recording device, comprising:
-
an interface unit (1202) for externally communicating data;
a storage unit (1415, 1430, 1440) for storing therein data storage (Kc//AC2, {Kc//AC2}Kcom) and access restriction information (AC1) received through said interface unit, said access restriction information (AC1) being used to control outputting said data storage from said recording device;
an authentication data hold unit (1400) holding a first public encryption key (KPmc(m)) determined to correspond to said recording device and encrypted in a state decryptable with an authentication key (KPma), for external output via said interface unit (1202) when said data storage (Kc//AC2, {Kc//AC2}Kcom) and said access restriction information (AC1) are received;
a first key hold unit (1442) holding a first private decryption key (Kmc(m)) provided to decrypt data encrypted with said first public encryption key;
a first decryption unit (1404) receiving externally via said interface unit a first symmetric key (Ks1) encrypted with said first public encryption key, and decrypting said first symmetric key;
a second key hold unit (1416) holding a second public encryption key (KPm(i)) different for each said recording device;
a session key generation unit (1418) producing a second symmetric key (Ks2) updated whenever said data storage is communicated;
a first encryption unit (1406) encrypting said second symmetric key and said second public encryption key with said first symmetric key for output externally via said interface unit;
a second decryption unit (1412) receiving said data storage and access restriction information input via said interface unit, for decryption with said second symmetric key, said data storage and access restriction information being encrypted with said second symmetric key and said second public encryption key;
a third key hold unit (1421) holding a second private decryption key (Km(i)) provided to decrypt data encrypted with said second public encryption key;
a third decryption unit (1422) using said second private decryption key to decrypt said data storage and access restriction information encrypted;
a control unit (1420) operative, when an external instruction is issued to output said data storage recorded in said storage unit, to refer to said access restriction information in said storage unit to determine whether reproduction information for said data storage may be output, wherein said storage unit (1415, 1430, 1440) records therein said data storage in one of a state encrypted with said second public encryption key and a state decrypted by said third decryption unit, and when said control unit determines that said data storage may be output said data storage is output and thereafter as required said control unit changes said access restriction information recorded in said storage unit.
-
Specification