Storage Medium Processing Method, Storage Medium Processing Apparatus, and Program

US 20070223705A1
Filed: 06/02/2005
Published: 09/27/2007
Est. Priority Date: 06/28/2004
Status: Abandoned Application

First Claim

Patent Images

1. A storage medium processing method a using a storage medium and a user terminal, wherein the storage medium stores a medium identifier data, a medium unique key data enabled to be generated based on the medium identifier data, an encrypted user key data in which a user key data is encrypted so that it may be decrypted using the medium unique key data, and encrypted content key data in which a content key data is encrypted so that it may be decrypted using the user key data, the user terminal retains an encrypted content data in which content data is encrypted so that it may be decrypted using the content key data, and the user terminal connected to the storage medium is enabled to access to a license center to obtain various kinds of data, the method comprising:

a step in which the user terminal requests to the license center an issuance of user key data submitting the medium identifier data;

a step in which the license center generates, responsive to the request of the user terminal, user key data, the user key data being different depending on types of services which the user terminal wishes to receive and the medium identifier data, and delivers the user key data to the user terminal;

a step of recording the user key data in a database at the license center; and

a step of storing the delivered user key data in the storage medium after encrypting it with the medium unique key at the user terminal.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

User keys make sensitive management of users which are different per type of services.

A SD card SDq may store plural kinds of service user keys Kus which are different per type of services. The service user key Kus is encrypted by a medium unique key Kmu and is stored in a protection area 3. The protection area 3 stores a master user key Kumst encrypted by the medium unique key Kmu, as well as the service user keys Kus. The master user key Kumst is a key used for encrypting the service user key Kus when obtaining a service user key Kus.

Citations

13 Claims

1. A storage medium processing method a using a storage medium and a user terminal, wherein the storage medium stores a medium identifier data, a medium unique key data enabled to be generated based on the medium identifier data, an encrypted user key data in which a user key data is encrypted so that it may be decrypted using the medium unique key data, and encrypted content key data in which a content key data is encrypted so that it may be decrypted using the user key data, the user terminal retains an encrypted content data in which content data is encrypted so that it may be decrypted using the content key data, and the user terminal connected to the storage medium is enabled to access to a license center to obtain various kinds of data, the method comprising:
- a step in which the user terminal requests to the license center an issuance of user key data submitting the medium identifier data;
  
  a step in which the license center generates, responsive to the request of the user terminal, user key data, the user key data being different depending on types of services which the user terminal wishes to receive and the medium identifier data, and delivers the user key data to the user terminal;
  
  a step of recording the user key data in a database at the license center; and
  
  a step of storing the delivered user key data in the storage medium after encrypting it with the medium unique key at the user terminal.
- View Dependent Claims (2, 3, 4)
- - 2. A storage medium processing method according to claim 1, wherein the step of delivering the user key data to the user terminal encrypts the generated user key data using a specific user key data transmitted beforehand, and transmits it.
  - 3. A storage medium processing method according to claim 2, wherein the specific user key data is used to encrypt other user key data, and also used to encrypt content key data concerning a specific service.
  - 4. A storage medium processing method according to claim 2, wherein the specific user key data is used to encrypt other user key data only.

5. A storage medium processing device which may be connected to a storage medium which stores medium identifier data, medium unique key data enabled to be generated based on the medium identifier data, encrypted user key data in which user key data is encrypted so that it may be decrypted using the medium unique key data, and encrypted content key data in which content key data is encrypted so that it may be decrypted using the user key data, and performs data processing of the storage medium via a user terminal retaining encrypted content data in which content data is encrypted so that it may be decrypted using the content key data, the device comprising:
- a key delivery server generating user key data which is different per types of services which the user terminal wishes to receive; and
  
  a user key database storing the user key data generated in the key delivery server.
- View Dependent Claims (6, 7, 8)
- - 6. A storage medium processing device according to claim 5, wherein the key delivery server shares secret key data used for common key encryption scheme with the user terminal, wherein specific user key data out of the user key data is encrypted by the secret key data, and the other user key data is encrypted by the specific user key data and is transmitted to the user terminal.
  - 7. A storage medium processing device according to claim 6, wherein the specific user key data is used to encrypt other user key data, and also used to encrypt content key data concerning a specific service.
  - 8. A storage medium processing device according to claim 6, wherein the specific user key data is used to encrypt the other user key data only.

9. A storage medium processing program a using a storage medium and a user terminal, wherein the storage medium stores medium identifier data, a medium unique key data enabled to be generated based on the medium identifier data, an encrypted user key data in which a user key data is encrypted so that it may be decrypted using the medium unique key data, and encrypted content key data in which a content key data is encrypted so that it may be decrypted using the user key data, the user terminal retains an encrypted content data in which a content data is encrypted so that it may be decrypted using the content key data, and the user terminal connected to the storage medium is enabled to access to a license center to obtain various kinds of data, the program is configured to perform:
- a step in which the user terminal requests to the license center an issuance of user key data submitting the medium identifier data;
  
  a step in which the license center generates, responsive to the request of the user terminal, user key data, the user key data being different depending on types of services which the user terminal wishes to receive and the medium identifier data, and delivers the user key data to the user terminal;
  
  a step of recording the user key data in a database at the license center; and
  
  a step of storing the user key data delivered in the storage medium at the user terminal after encrypting it with the medium unique key.

10. A user terminal which may be connected to a storage medium which stores medium identifier data, medium unique key data enabled to be generated based on the medium identifier data, encrypted user key data in which user key data is encrypted so that it may be decrypted using the medium unique key data, and encrypted content key data in which content key data is encrypted so that it may be decrypted using the user key data, the user terminal being configured to hold encrypted content data in which a content data is encrypted so that it may be decrypted using the content key data, the user terminal comprising:
- a transmitting/receiving unit configured to transmit a request of issuance of user key data while submitting data concerning types of services wished and the medium identifier data to a license center, and receive user key data which is different per type of the services and the medium identifier data; and
  
  a storage medium processing unit that encrypts the user key data received with the medium unique key and stores it in the storage medium.
- View Dependent Claims (11)
- - 11. A user terminal according to claim 10, wherein secret key data used for common key encryption scheme is shared with the license center, and the transmitting/receiving unit is configured to receive specific user key data out of the user key data in a form it is encrypted by the secret key data, and decrypt it with the secret key data, while receiving the other user key data in a form it is encrypted by the specific user key data and decoding it with the specific user key data.

12. A storage medium storing medium identifier data, medium unique key data enabled to be generated based on the medium identifier data, encrypted user key data in which user key data is encrypted so that it may be decrypted using the medium unique key data, and encrypted content key data in which content key data is encrypted so that it may be decrypted using the user key data, and configured to be connected to a user terminal configured to hold encrypted content data in which a content data is encrypted so that it may be decrypted using the content key data, wherein said user key data may be encrypted to a plural kinds of data by the medium unique key data per type of services, and at least one of said user key data is user for encrypting the other user key data.
- View Dependent Claims (13)
- - 13. A storage medium according to claim 12, wherein each of the plurality of user key data holds metadata, respectively.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Original Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Inventors
Suu, Hiroshi, Miura, Akira, Kasahara, Akihiro

Application Number

US11/571,064
Publication Number

US 20070223705A1
Time in Patent Office

Days
Field of Search
US Class Current

380/281
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/602   Providing cryptographic fac...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/357   Cards having a plurality of...

G06Q 20/35765   Access rights to memory zones

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

G07F 7/1016   Devices or methods for secu...

G11B 20/00086   Circuits for prevention of ...

G11B 20/0021   involving encryption or dec...

G11B 20/00224   wherein the key is obtained...

G11B 20/00253   wherein the key is stored o...

G11B 20/00413   wherein the key is input by...

G11B 20/00492   wherein content or user dat...

G11B 20/00536   wherein encrypted content d...

G11B 20/0071   involving a purchase action

H04L 2209/60   Digital content management,...

H04L 9/083   involving central third par...

H04L 9/0894   Escrow, recovery or storing...

Storage Medium Processing Method, Storage Medium Processing Apparatus, and Program

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Storage Medium Processing Method, Storage Medium Processing Apparatus, and Program

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links