Data processing apparatus, data processing system, and data processing method therefor
First Claim
1. A data processing apparatus for performing rights processing of content data encrypted with content key data based on usage control policy data, and for decrypting the encrypted content key data, said data processing apparatus comprising within a tamper-resistant circuit module:
- a first bus;
an arithmetic processing circuit connected to said first bus, for performing the rights processing of the content data based on the usage control policy data;
a storage circuit connected to said first bus;
a second bus;
a first interface circuit interposed between said first bus and said second bus;
an encryption processing circuit connected to said second bus, for decrypting the content key data; and
an external bus interface circuit connected to said second bus.
1 Assignment
0 Petitions
Accused Products
Abstract
A SAM receives a secure container in which content data encrypted with content key data, the encrypted content key data, and UCP data designating a handling policy of the content data are stored, and determines at least one of the purchase mode and the usage mode of the content data based on the UCP data. The SAM serves as a slave for a host CPU, and is also provided with a common memory shared with the host CPU.
336 Citations
56 Claims
-
1. A data processing apparatus for performing rights processing of content data encrypted with content key data based on usage control policy data, and for decrypting the encrypted content key data, said data processing apparatus comprising within a tamper-resistant circuit module:
-
a first bus;
an arithmetic processing circuit connected to said first bus, for performing the rights processing of the content data based on the usage control policy data;
a storage circuit connected to said first bus;
a second bus;
a first interface circuit interposed between said first bus and said second bus;
an encryption processing circuit connected to said second bus, for decrypting the content key data; and
an external bus interface circuit connected to said second bus. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A data processing apparatus for performing rights processing of content data encrypted with content key data based on usage control policy data, and for decrypting the encrypted content key data, said data processing apparatus comprising within a tamper-resistant circuit module:
-
a first bus;
an arithmetic processing circuit connected to said first bus, for performing the rights processing of the content data based on the usage control policy data;
a storage circuit connected to said first bus;
a second bus;
an interface circuit interposed between said first bus and said second bus;
an encryption processing circuit connected to said second bus, for decrypting the content key data; and
an external bus interface circuit connected to said second bus, wherein, upon receiving an interrupt from an external circuit via said external bus interface circuit, said arithmetic processing circuit becomes a slave for said external circuit so as to perform processing designated by the interrupt, and reports a result of the processing to said external circuit. - View Dependent Claims (18, 19, 20, 21, 22)
-
-
23. A data processing system comprising:
-
an arithmetic processing apparatus, for executing a predetermined program and for outputting an interrupt according to a predetermined condition by serving as a master; and
a data processing apparatus, for performing predetermined processing in response to the interrupt from said arithmetic processing apparatus by serving as a slave for said arithmetic processing apparatus, and for reporting a result of the processing to said arithmetic processing apparatus, said data processing apparatus comprising within a tamper-resistant circuit module;
determining means for determining at least one of a purchase mode and a usage mode of content data based on a handling policy indicated by usage control policy data;
log data generating means for generating log data indicating a result of the determined mode; and
decrypting means for decrypting the content key data. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A data processing system in which content data provided by a data providing apparatus is received from a data distribution apparatus, and is managed by a management apparatus, said data processing system comprising:
-
a first processing module for receiving from said data distribution apparatus a module in which content data encrypted with content key data, the encrypted content key data, usage control policy data indicating a handling policy of the content data, and price data for the content data determined by said data distribution apparatus are stored, and for decrypting the received module by using common key data, and for performing accounting processing for a distribution service of the module by said data distribution apparatus;
an arithmetic processing apparatus for executing a predetermined program and for outputting an interrupt according to a predetermined condition by serving as a master; and
a data processing apparatus for performing predetermined processing in response to the interrupt from said arithmetic processing apparatus by serving as a slave for said arithmetic processing apparatus, and for reporting a result of the processing to said arithmetic processing apparatus, said data processing apparatus comprising within a tamper-resistant circuit module;
determining means for determining at least one of a purchase mode and a usage mode of the content data based on the handling policy indicated by the usage control policy data stored in the received module;
log data generating means for generating log data indicating a result of the determined mode;
output means for outputting the price data and the log data to said management apparatus when the purchase mode of the content data is determined; and
decrypting means for decrypting the content key data.
-
-
33. A data processing system comprising:
-
an arithmetic processing apparatus for executing a predetermined program and for outputting an interrupt according to a predetermined ;
condition by serving as a master;
a first tamper-resistant data processing apparatus for performing rights processing of content data encrypted with content key data in response to the interrupt from said arithmetic processing apparatus by serving as a slave for said arithmetic processing apparatus, and for reporting a result of the processing to said arithmetic processing apparatus; and
a second tamper-resistant data processing apparatus for decrypting the content data by using the content key data obtained by performing mutual authentication with said first tamper-resistant data processing apparatus and for compressing or decompressing the content data in response to the interrupt from said arithmetic processing apparatus or said first tamper-resistant data processing apparatus by serving as a slave for said arithmetic processing apparatus or said first tamper-resistant data processing apparatus. - View Dependent Claims (34)
-
-
35. A data processing system comprising:
-
an arithmetic processing apparatus for executing a predetermined program and for outputting an interrupt according to a predetermined condition by serving as a master;
a first tamper-resistant data processing apparatus for performing rights processing of content data encrypted with content key data in response to the interrupt from said arithmetic processing apparatus by serving as a slave for said arithmetic processing apparatus, and for reporting a result of the processing to said arithmetic processing apparatus; and
a second tamper-resistant data processing apparatus for performing mutual authentication with said arithmetic processing apparatus and for reading and writing the content data from and into a recording medium in response to the interrupt output from said arithmetic processing apparatus. - View Dependent Claims (36, 37)
-
-
38. A data processing system comprising:
-
an arithmetic processing apparatus for executing a predetermined program and for outputting an interrupt according to a predetermined condition by serving as a master;
a first tamper-resistant data processing apparatus for performing mutual authentication with said arithmetic processing apparatus and for reading and writing content data from and into a recording medium in response to the interrupt from said arithmetic processing apparatus; and
a second tamper-resistant data processing apparatus for decrypting the content data by using content key data and for compressing or decompressing the content data in response to the interrupt from said arithmetic processing apparatus by serving as a slave for said arithmetic processing apparatus. - View Dependent Claims (39, 40, 41)
-
-
42. A data processing method using an arithmetic processing apparatus and a data processing apparatus, said data processing method comprising the steps of:
-
executing, in said arithmetic processing apparatus, a predetermined program and outputting an interrupt according to a predetermined condition by serving as a master; and
determining, in said data processing apparatus, at least one of a purchase mode and a usage mode of content data based on a handling policy of usage control policy data, creating log data indicating a result of the determined mode, and decrypting content key data, within a tamper-resistant circuit module in response to the interrupt from said arithmetic processing apparatus by serving as a slave for said arithmetic processing apparatus. - View Dependent Claims (43, 44, 45, 46, 47, 48, 49)
-
-
50. A data processing method using an arithmetic processing apparatus, a first data processing apparatus, and a second data processing apparatus, said data processing method comprising the steps of:
-
executing, in said arithmetic processing apparatus, a predetermined program and outputting an interrupt according to a predetermined condition by serving as a master;
performing, in said first data processing apparatus, rights processing of content data encrypted with content key data within a tamper-resistant module in response to the interrupt from said arithmetic processing apparatus by serving as a slave for said arithmetic processing apparatus, and reporting a result of the processing to said arithmetic processing apparatus; and
decrypting, in said second data processing apparatus, the content data by using the content key data obtained by performing mutual authentication with said first data processing apparatus and compressing or decompressing the content data within a tamper-resistant module in response to the interrupt from said arithmetic processing apparatus or said first data processing apparatus by serving as a slave for said arithmetic processing apparatus or said first data processing apparatus.
-
-
51. A data processing method using an arithmetic processing apparatus, a first data processing apparatus, and a second data processing apparatus, said data processing method comprising the steps of:
-
executing, in said arithmetic processing apparatus, a predetermined program and outputting an interrupt according to a predetermined condition by serving as a master;
performing, in said first data processing apparatus, rights processing of content data encrypted with content key data within a tamper-resistant module in response to the interrupt from said arithmetic processing apparatus by serving as a slave for said arithmetic processing apparatus, and reporting a result of the processing to said arithmetic processing apparatus; and
performing, in said second data processing apparatus, mutual authentication with said arithmetic processing apparatus, and reading and writing the content data from and into a recording medium within a tamper-resistant module in response to the interrupt from said arithmetic processing apparatus. - View Dependent Claims (52, 53)
-
-
54. A data processing method using an arithmetic processing apparatus, a first data processing apparatus, and a second data processing apparatus, said data processing method comprising the steps of:
-
executing, in said arithmetic processing apparatus, a predetermined program and outputting an interrupt according to a predetermined condition by serving as a master;
performing, in said first data processing apparatus, mutual authentication with said arithmetic processing apparatus, and reading and writing content data from and into a recording medium within a tamper-resistant module in response to the interrupt from said arithmetic processing apparatus; and
decrypting, in said second data processing apparatus, the content data by using content key data and compressing or decompressing the content data within a tamper-resistant module in response to the interrupt from said arithmetic processing apparatus by serving as a slave for said arithmetic processing apparatus. - View Dependent Claims (55, 56)
-
Specification