Information management system

US 20040215735A1
Filed: 12/18/2003
Published: 10/28/2004
Est. Priority Date: 12/20/2002
Status: Active Grant

First Claim

Patent Images

1. An information management system comprising:

a plurality of terminal apparatuses for storing data; and

an information management server for managing management information concerning the data, which is connected to the plurality of terminal apparatuses via a network, wherein the information management server includes;

a management information storage unit operable to store the management information; and

a first secure communication unit operable to establish a secure communication channel with each of the terminal apparatuses and communicate with said each terminal apparatus via the communication channel, and said each terminal apparatus includes a tamper-resistant module, wherein the tamper-resistant module includes;

a data storage unit operable to store the data securely;

an execution unit operable to securely execute processing that affects the management information on the data stored in the data storage unit; and

a second secure communication unit operable to establish a secure communication channel with the first secure communication unit and transmit a completion notification via said communication channel, said completion notification indicating that the processing that affects the management information has been executed.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A group management server (20) in a group information management system (1) includes: a group member terminal list storage unit (25) for storing a group member terminal list (251); and a secure communication unit (21) for establishing a secure communication channel with a plurality of terminal apparatuses (60) and communicating with each of the terminal apparatuses (60) via the communication channel. Each terminal apparatus (60) includes a tamper-resistant module (68), and the tamper-resistant module (68) includes: a group information storage unit (65) for storing group information securely; a deletion unit (67) for securely executing deletion, which is processing that affects the group member terminal list (251), on the group information stored in the group information storage unit (65); and a secure communication unit (64) for establishing a secure communication channel with the secure communication unit (21) and transmitting a complete deletion notification message (M3) via the communication channel.

78 Citations

View as Search Results

20 Claims

1. An information management system comprising:
- a plurality of terminal apparatuses for storing data; and
  
  an information management server for managing management information concerning the data, which is connected to the plurality of terminal apparatuses via a network, wherein the information management server includes;
  
  a management information storage unit operable to store the management information; and
  
  a first secure communication unit operable to establish a secure communication channel with each of the terminal apparatuses and communicate with said each terminal apparatus via the communication channel, and said each terminal apparatus includes a tamper-resistant module, wherein the tamper-resistant module includes;
  
  a data storage unit operable to store the data securely;
  
  an execution unit operable to securely execute processing that affects the management information on the data stored in the data storage unit; and
  
  a second secure communication unit operable to establish a secure communication channel with the first secure communication unit and transmit a completion notification via said communication channel, said completion notification indicating that the processing that affects the management information has been executed.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The information management system according to claim 1, wherein the data is group information for determining whether or not a terminal apparatus belongs to a group that is formed of terminal apparatuses, the management information is a terminal list indicating a list of not more than a predetermined number of terminal apparatuses which belong to the group, and the processing that affects the management information is deletion of the group information, and the information management server further includes an updating unit operable to delete a terminal apparatus which has transmitted the completion notification, from the terminal list stored in the management information storage unit, upon receipt of said completion notification via the first secure communication unit.
  - 3. The information management system according to claim 2, wherein the information management server includes:
    - a common management server;
      
      a plurality of individual management servers; and
      
      a terminal list management apparatus, said each terminal apparatus further includes a first communication unit operable to communicate with the common management server, the common management server includes a second communication unit operable to notify a terminal apparatus which has transmitted an advance notification of a destination address of an individual management server to which the completion notification should be transmitted, said advance notification indicating that the group information is about to be deleted, each of the individual management servers includes;
      
      the first secure communication unit;
      
      a first temporary deletion flag list storage unit operable to store a temporary deletion flag list which is associated with the terminal list, said temporary deletion flag list being a list of one or more first temporary deletion flags indicating whether the completion notification has been received or not; and
      
      a first temporary deletion flag setting unit operable to set a first temporary deletion flag that corresponds to the terminal apparatus which has transmitted the completion notification, upon receipt of said completion notification via the first secure communication unit, and the terminal list management apparatus includes;
      
      the management information storage unit;
      
      the updating unit; and
      
      a flag confirmation unit operable to confirm at an arbitrary timing whether a predetermined first temporary deletion flag included in the first temporary deletion flag list has been set or not, wherein the updating unit deletes the terminal apparatus that corresponds to the first temporary deletion flag from the terminal list, based on the confirmation by the flag confirmation unit that the predetermined first temporary deletion flag has been set.
  - 4. The information management system according to claim 3, wherein the common management server further includes:
    - a second temporary deletion flag list storage unit operable to store a second temporary deletion flag list which is associated with the terminal list, said second temporary deletion flag list being a list of one or more second deletion flags indicating whether the advance notification has been received or not; and
      
      a second temporary deletion flag setting unit operable to set a second temporary deletion flag that corresponds to the terminal apparatus which has transmitted the advance notification, upon receipt of said advance notification via the second secure communication unit, the flag confirmation unit searches for the second temporary deletion flag that corresponds to a predetermined terminal apparatus included in the second temporary deletion flag list, and then searches for the first temporary deletion flag that corresponds to said predetermined terminal apparatus included in the first temporary deletion flag list in sequence, and the updating unit deletes the predetermined terminal apparatus that corresponds to both the first temporary deletion flag and the second temporary deletion flag from the terminal list, in a case where the flag confirmation unit confirms that the second temporary deletion flag and the first temporary deletion flag have been set.
  - 5. The information management system according to claim 2, wherein the information management server includes:
    - a common management server; and
      
      a plurality of individual management servers, said each of the terminal apparatuses further includes a first communication unit operable to communicate with the common management server, the common management server includes;
      
      a second communication unit operable to notify a terminal apparatus which has transmitted an advance notification of a destination address of an individual management server to which the completion notification should be transmitted, said advance notification indicating that the group information is about to be deleted; and
      
      a terminal list management apparatus, each of the individual management servers includes;
      
      the first secure communication unit;
      
      a first temporary deletion flag list storage unit operable to store a temporary deletion flag list which is associated with the terminal list, said temporary deletion flag list being a list of one or more first temporary deletion flags indicating whether the completion notification has been received or not; and
      
      a first temporary deletion flag setting unit operable to set a first temporary deletion flag that corresponds to the terminal apparatus which has transmitted the completion notification, upon receipt of said completion notification via the first secure communication unit, and the terminal list management apparatus includes;
      
      the management information storage unit;
      
      the updating unit; and
      
      a flag confirmation unit operable to confirm at an arbitrary timing whether a predetermined first temporary deletion flag included in the first temporary deletion flag list has been set or not, wherein the updating unit deletes the terminal apparatus that corresponds to the first temporary deletion flag from the terminal list, based on the confirmation by the flag confirmation unit that the predetermined first temporary deletion flag has been set.
  - 6. The information management system according to claim 5, wherein the terminal list corresponds to the terminal apparatuses which belong to the group, and includes a column of the second temporary deletion flags indicating whether the advance notification has been received or not, the common management server further includes a second temporary deletion flag setting unit operable to set a second temporary deletion flag that corresponds to the terminal apparatus which has transmitted the advance notification, upon receipt of said advance notification via the second communication unit, the flag confirmation unit searches for the second temporary deletion flag that corresponds to a predetermined terminal apparatus included in the terminal list, and then searches for the first temporary deletion flag that corresponds to said predetermined terminal apparatus included in the first temporary deletion flag list in sequence, and the updating unit deletes the predetermined terminal apparatus that corresponds to both the first temporary deletion flag and the second temporary deletion flag from the terminal list, in a case where the flag confirmation unit confirms that the second temporary deletion flag and the first temporary deletion flag have been set.
  - 7. The information management system according to claim 2, wherein the information management server further includes:
    - a group information storage unit operable to store the group information;
      
      a registrability determination unit operable to determine whether or not a terminal apparatus which has transmitted a terminal registration request can be registered in the terminal list, upon receipt of the terminal registration request for registering the terminal apparatus in the terminal list from said terminal apparatus; and
      
      a group information readout unit operable to read out the group information stored in the group information storage unit, in a case where the registrability determination unit determines that the terminal apparatus can be registered, the tamper-resistant module further includes a group information storage unit operable to store the group information into the data storage unit, upon receipt of the group information read out by the group information readout unit via the second secure communication unit, and the updating unit registers the terminal apparatus which has transmitted the terminal registration request into the terminal list, in a case where the registrability determination unit determines that the terminal apparatus can be registered.
  - 8. The information management system according to claim 7, wherein the information management server includes:
    - a common management server;
      
      a plurality of individual management servers; and
      
      a terminal list management apparatus, said each of the terminal apparatuses further includes a first communication unit operable to communicate with the common management server, the common management server includes a second communication unit operable to notify the terminal apparatus which has transmitted the terminal registration request of a destination address of an individual management server to which an obtainment request for obtaining the group information should be transmitted, upon receipt of the terminal registration request from said terminal apparatus, each of the individual management servers includes;
      
      the first secure communication unit;
      
      the group information storage unit; and
      
      the group information readout unit, the terminal list management apparatus includes;
      
      the management information storage unit;
      
      the updating unit; and
      
      the registrability determination unit, wherein the registrability determination unit determines whether or not the terminal apparatus which has transmitted the terminal registration request can be registered in the terminal list, upon receipt of the terminal registration request via the first communication unit, the second communication unit notifies the destination address of the obtainment request in a case where the registrability determination unit determines that the terminal apparatus can be registered, and the first secure communication unit transmits the group information read out by the group information readout unit to the terminal apparatus which has transmitted the obtainment request, upon receipt of the obtainment request.
  - 9. The information management system according to claim 8, wherein said each individual management server further includes:
    - a first temporary deletion flag list storage unit operable to store a temporary deletion flag list which is associated with the terminal list, said first temporary deletion flag list being a list of one or more first temporary deletion flags indicating whether the completion notification has been received or not; and
      
      a first temporary deletion flag setting unit operable to set a first temporary deletion flag that corresponds to the terminal apparatus which has transmitted the completion notification, upon receipt of said completion notification via the first secure communication unit, the terminal list management apparatus further includes a flag confirmation unit operable to confirm a predetermined first temporary deletion flag included in the first temporary deletion flag list at a timing of receipt of the terminal registration request, the second communication unit notifies a terminal apparatus which has transmitted an advance notification of a destination address of an individual management server to which the completion notification should be transmitted, upon receipt of the advance notification from the terminal apparatus, said advance notification indicating that the group information is about to be deleted, and the updating unit deletes the terminal apparatus that corresponds to the first temporary deletion flag from the terminal list prior to the determination by the registrability determination unit, based on the confirmation by the flag confirmation unit that the predetermined first temporary deletion flag has been set.
  - 10. The information management system according to claim 9, wherein the common management server further includes:
    - a second temporary deletion flag list storage unit operable to store a second temporary deletion flag list which is associated with the terminal list, said second temporary deletion flag list being a list of one or more second temporary deletion flags indicating whether the advance notification has been received or not; and
      
      a second temporary deletion flag setting unit operable to set a second temporary deletion flag that corresponds to the terminal apparatus which has transmitted the advance notification, upon receipt of said advance notification via the second communication unit, the flag confirmation unit searches for the second temporary deletion flag that corresponds to a predetermined terminal apparatus included in the second temporary deletion flag list, and then searches for the first temporary deletion flag that corresponds to said predetermined terminal apparatus included in the first temporary deletion flag list in sequence, and the updating unit deletes the predetermined terminal apparatus that corresponds to both the first temporary deletion flag and the second temporary deletion flag from the terminal list prior to the determination by the registrability determination unit, in a case where the flag confirmation unit confirms that the second temporary deletion flag and the first temporary deletion flag have been set.
  - 11. The information management system according to claim 7, wherein the information management server includes:
    - a common management server; and
      
      a plurality of individual management servers, said each of the terminal apparatuses further includes a first communication unit operable to communicate with the common management server, the common management server includes;
      
      a second communication unit operable to notify the terminal apparatus which has transmitted the terminal registration request of a destination address of an individual management server to which an obtainment request for obtaining the group information should be transmitted, upon receipt of the terminal registration request from said terminal apparatus; and
      
      a terminal list management apparatus, each of the individual management servers includes;
      
      the first secure communication unit;
      
      the group information storage unit; and
      
      the group information readout unit, the terminal list management apparatus includes;
      
      the management information storage unit;
      
      the updating unit; and
      
      the registrability determination unit, wherein the registrability determination unit determines whether or not the terminal apparatus which has transmitted the terminal registration request can be registered in the terminal list, upon receipt of the terminal registration request via the first communication unit, the second communication unit notifies the destination address of the obtainment request in a case where the registrability determination unit determines that the terminal apparatus can be registered, and the first secure communication unit transmits the group information read out by the group information readout unit to the terminal apparatus which has transmitted the obtainment request, upon receipt of the obtainment request.
  - 12. The information management system according to claim 11, wherein said each individual management server further includes:
    - a first temporary deletion flag list storage unit operable to store a temporary deletion flag list which is associated with the terminal list, said temporary deletion flag list being a list of one or more first temporary deletion flags indicating whether the completion notification has been received or not; and
      
      a first temporary deletion flag setting unit operable to set a first temporary deletion flag that corresponds to the terminal apparatus which has transmitted the completion notification indicating that the group information has been deleted, upon receipt of said completion notification via the first secure communication unit, the terminal list management apparatus further includes a flag confirmation unit operable to confirm a predetermined first temporary deletion flag included in the first temporary deletion flag list at a timing of receipt of the terminal registration request, the second communication unit notifies a terminal apparatus which has transmitted an advance notification of a destination address of an individual management server to which the completion notification should be transmitted, upon receipt of an advance notification from the terminal apparatus, said advance notification indicating that the group information is about to be deleted, and the updating unit deletes the terminal apparatus that corresponds to the first temporary deletion flag from the terminal list prior to the determination by the registrability determination unit, based on the confirmation by the flag confirmation unit that the first temporary deletion flag has been set.
  - 13. The information management system according to claim 12, wherein the terminal list corresponds to the terminal apparatuses which belong to the group, and includes a column of the second temporary deletion flags indicating whether the advance notification has been received or not, the common management server further includes a second temporary deletion flag setting unit operable to set a second temporary deletion flag that corresponds to the terminal apparatus which has transmitted the advance notification, upon receipt of said advance notification via the second communication unit, the flag confirmation unit searches for the second temporary deletion flag that corresponds to a predetermined terminal apparatus included in the second temporary deletion flag list, and then searches for the first temporary deletion flag that corresponds to said predetermined terminal apparatus included in the first temporary deletion flag list in sequence, and the updating unit deletes the predetermined terminal apparatus that corresponds to both the first temporary deletion flag and the second temporary deletion flag from the terminal list prior to the determination by the registrability determination unit, in a case where the flag confirmation unit confirms that the second temporary deletion flag and the first temporary deletion flag have been set.
  - 14. The information management system according to claim 1, wherein the data is group information for determining whether or not a terminal apparatus belongs to a group that is formed of not more than a predetermined number of terminal apparatuses, the management information is a terminal list indicating a list of the terminal apparatuses which belong to the group, and the processing that affects the management information is moving of the group information between the terminal apparatuses.
  - 15. The information management system according to claim 1, wherein the data is a license of a digital work, the management information is a historical log of the license, and the processing that affects the management information is a use of the license.
  - 16. The information management system according to claim 1, wherein the data is a license of a digital work, the management information is the number of licenses that said each terminal apparatus can hold, and the processing that affects the management information is deletion of the license.
  - 17. The information management system according to claim 1, wherein the data is a digital work, the management information is a limited number of distributions of the digital work, and the processing that affects the management information is moving of the license.

18. An information management method used for an information management system, wherein the information management system comprises:
- a plurality of terminal apparatuses for storing data; and
  
  an information management server for managing management information concerning the data, which is connected to the plurality of terminal apparatuses via a network, and the information management method comprises a step I executed by the information management server and a step 1I executed by a tamper-resistant module of said each terminal apparatus, wherein the step I includes a first secure communication step of establishing a secure communication channel with each of the terminal apparatuses and communicating with said each terminal apparatus via the communication channel, and the step II includes;
  
  an execution step of securely executing processing that affects the management information on the data securely stored in the data storage unit; and
  
  a second secure communication step of establishing a secure communication channel with the information management server and transmitting a completion notification via the communication channel, said completion notification indicating that the processing that affects the management information has been executed.

19. A terminal apparatus for storing data, which is connected via a network with an information management server for managing management information concerning the data, the apparatus comprising a tamper-resistant module, wherein the tamper-resistant module includes:
- a data storage unit operable to store the data securely;
  
  an execution unit operable to execute processing that affects the management information on the data stored in the data storage unit; and
  
  a second secure communication unit operable to establish a secure communication channel with the information management server and transmit a completion notification via the communication channel, said completion notification indicating that the processing that affects the management information has been executed.

20. An information management server for managing management information, which is connected via a network with a plurality of terminal apparatuses for storing data and securely executing, on the data, processing that affects the management information concerning said data, the server comprising:
- a management information storage unit operable to store the management information; and
  
  a first secure communication unit operable to establish a secure communication channel with each of the terminal apparatuses and communicate with said each terminal apparatus via the communication channel, wherein the first secure communication unit receives a completion notification from said each terminal apparatus, said completion notification indicating that the processing that affects the management information has been executed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lilly Pathway LLC (IP Edge LLC)
Original Assignee
Panasonic Corporation (Panasonic Holdings Corporation)
Inventors
Yamamoto, Masaya, Nakahara, Tohru, Hiramoto, Takuji, Inoue, Mitsuhiro, Miura, Kouji

Granted Patent

US 7,451,202 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/207
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/105   Arrangements for software l...

G06F 21/42   using separate channels for...

G06Q 20/20   Point-of-sale [POS] network...

H04L 63/08   for authentication of entit...

H04L 63/104   Grouping of entities

Information management system

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

78 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Information management system

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

78 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links