Data processing apparatus and authentication method applied to the apparatus

US 6,782,476 B1
Filed: 06/16/1999
Issued: 08/24/2004
Est. Priority Date: 06/16/1998
Status: Expired due to Fees

First Claim

Patent Images

1. A data processing apparatus having an interface for an external bus which is capable of connecting an external device having an authentication function for exchanging data to be copy-protected, the apparatus being assigned with node identification data, comprising:

an internal bus coupled to the interface for the external bus, wherein the interface transfers encrypted data to be copy-protected from the external bus to the internal bus;

a plurality of function modules which are coupled to said internal bus and transmit or receive data to be copy-protected via said internal bus, each of said function modules holding authentication data required for proving authenticity of that function module with respect to the function module or the external device with which the function module wants to exchange the data to be copy-protected, the authentication data comprising device identification data specifying the each of said function modules, wherein at least one of the plurality of function modules includes at least one of an encryption means and a decryption means for encrypting or decrypting data to be copy-protected; and

authentication means for performing authentication in which two out of said plurality of function modules or one function module and the external device authenticate each other to confirm if they are authentic devices that can deal with the data to be copy-protected, by exchanging the authentication data and node identification data corresponding to the devices therebetween, wherein the device identification data is used as a sub-address for specifying one of the function modules in said data processing apparatus as a device which authenticates the external device and which is authenticated by the external device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A CPU module, satellite or digital TV tuner, MPEG2 decoder, and DVD-RAM drives have authenticators for making device authentication, key exchange, and the like. These authenticators hold authentication data (authentication formats) of the corresponding function modules. By exchanging the authentication formats between devices which are to authenticate each other, authentication can be done in units of function modules.

Citations

17 Claims

1. A data processing apparatus having an interface for an external bus which is capable of connecting an external device having an authentication function for exchanging data to be copy-protected, the apparatus being assigned with node identification data, comprising:
- an internal bus coupled to the interface for the external bus, wherein the interface transfers encrypted data to be copy-protected from the external bus to the internal bus;
  
  a plurality of function modules which are coupled to said internal bus and transmit or receive data to be copy-protected via said internal bus, each of said function modules holding authentication data required for proving authenticity of that function module with respect to the function module or the external device with which the function module wants to exchange the data to be copy-protected, the authentication data comprising device identification data specifying the each of said function modules, wherein at least one of the plurality of function modules includes at least one of an encryption means and a decryption means for encrypting or decrypting data to be copy-protected; and
  
  authentication means for performing authentication in which two out of said plurality of function modules or one function module and the external device authenticate each other to confirm if they are authentic devices that can deal with the data to be copy-protected, by exchanging the authentication data and node identification data corresponding to the devices therebetween, wherein the device identification data is used as a sub-address for specifying one of the function modules in said data processing apparatus as a device which authenticates the external device and which is authenticated by the external device.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The apparatus according to claim 1, wherein a type of data to be copy-protected includes copy once data and copy never data, and
- 3. The apparatus according to claim 1, wherein the function module that deals with data to be copy-protected includes at least one of a CPU module, a decoder for decoding encoded data obtained by digital compression coding, and a storage device.
- 4. The apparatus according to claim 1, wherein said authentication means uses each other'"'"'s device identification data as addresses for specifying devices that are to authenticate each other, so as to exchange the authentication data corresponding to the devices with a destination function module or the external device.
- 5. The apparatus according to claim 4, wherein a communication between said data processing apparatus and the external device uses a protocol which uses the node identification data assigned to said data processing apparatus and the external device as destination addresses.
- 6. The apparatus according to claim 1, wherein said data processing apparatus is a personal computer having as the function module at least one of a CPU module, a decoder for decoding encoded data obtained by digital compression coding, and a storage device, andsaid personal computer comprises an IEEE1394 serial bus as an interface with the external bus.

7. A data processing apparatus having an interface for an external bus which is capable of connecting an external device having an authentication function for exchanging data to be copy-protected, the apparatus being assigned with node identification data, comprising:
- an internal bus coupled to the interface for the external bus, wherein the interface transfers encrypted data to be copy-protected from the external bus to the internal bus;
  
  a plurality of function modules which are coupled to said internal bus and transmit or receive data to be copy-protected via said internal bus, wherein at least one of the plurality of function modules includes at least one of an encryption means and a decryption means for encrypting or decrypting data to be copy-protected; and
  
  authentication means for performing authentication with a destination function module or the external device that exchanges the data to be copy-protected in units of function modules, said authentication means exchanging device identification data held in each of said function modules and the node identification data as an address for specifying the function module as a device which authenticates the external device and which is authenticated by the external device, when said authentication means executes authentication between the function module and external device, wherein the device identification data is used as a sub-address for specifying one of the function modules in said data processing apparatus as a device which authenticates the external device and which is authenticated by the external device.
- View Dependent Claims (8)
- - 8. The apparatus according to claim 7, wherein a communication between said data processing apparatus and the external device uses a protocol which uses the node identification data assigned to said data processing apparatus and the external device as destination addresses.

9. An authentication method applied to a data processing apparatus which comprises an internal bus, a plurality of function modules which are coupled to said internal bus and transmit or receive data to be copy-protected via said internal bus, and an interface for an external bus which is capable of connecting an external device having an authentication function for exchanging data to be copy-protected, and wherein the interface transfers encrypted data to be copy-protected from the external bus to the internal bus;
- making each of said function modules hold authentication data required for proving authenticity of that function module with respect to the function module or the external device with which the function module wants to exchange the data to be copy-protected, wherein at least one of said function modules includes at least one of an encryption means and a decryption means for encrypting or decrypting data to be copy-protected; and
  
  executing authentication in which two out of said plurality of function modules or one function module and the external device authenticate each other to confirm if they are authentic devices that can deal with the data to be copy-protected, by exchanging the authentication data corresponding to the devices therebetween, the authentication data comprising node identification data assigned to the data processing apparatus and the external device and device identification data assigned to the function modules, wherein the device identification data is used as a sub-address for specifying one of the function modules in said data processing apparatus as a device which authenticates the external device and which is authenticated by the external device.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The method according to claim 9, wherein a type of data to be copy-protected includes copy once data and copy never data, and
- 11. The method according to claim 9, wherein the function module that deals with data to be copy-protected includes at least one of a CPU module, a decoder for decoding encoded data obtained by digital compression coding, and a storage device.
- 12. The method according to claim 9, wherein the authentication uses each other'"'"'s device identification data as addresses for specifying devices that are to authenticate each other, so as to exchange the authentication data corresponding to the devices with a destination function module or the external device.
- 13. The method according to claim 12, wherein a communication between said data processing apparatus and the external device uses a protocol which uses the node identification data assigned to said data processing apparatus and the external device as destination addresses.
- 14. The method according to claim 9, wherein said data processing apparatus is a personal computer having as the function module at least one of a CPU module, a decoder for decoding encoded data obtained by digital compression coding, a and a storage device, andsaid personal computer comprises an IEEE1394 serial bus as an interface with the external bus.

15. An authentication method applied to a data processing apparatus which comprises an internal bus, a plurality of function modules which are coupled to said internal bus and transmit or receive data to be copy-protected via said internal bus, and an interface for an external bus which is capable of connecting an external device having an authentication function for exchanging data to be copy-protected, and wherein the interface transfers encrypted data to be copy-protected from the external bus to the internal bus without decrypting data to be copy-protected, comprising the steps of:
- making each of said function modules hold device identification data for specifying the function module, wherein at least on of said function modules includes at least one of an encryption means and a decryption means for encrypting or decrypting data to be copy-protected; and
  
  executing authentication between a specific one of said function modules and the external device to confirm if they are authentic devices that can deal with the data to be copy-protected, using the device identification data held in each of said function modules and node identification data assigned to the data processing apparatus and the external device as an address for specifying the function module as a device which authenticates the external device and which is authenticated by the external device, wherein the device identification data is used as a sub-address for specifying one of the function modules in said data processing apparatus as a device which authenticates the external device and which is authenticated by the external device.
- View Dependent Claims (16)
- - 16. The method according to claim 15, wherein a communication between said data processing apparatus and the external device uses a protocol which uses the node identification data assigned to said data processing apparatus and the external device as destination addresses.

17. A data processing apparatus having an interface for an external bus which is capable of connecting an external device having an authentication function for exchanging data to be copy-protected, comprising:
- an internal bus coupled to the interface for the external bus, wherein the interface transfers encrypted data to be copy-protected from the external bus to the internal bus;
  
  a plurality of function modules which are coupled to said internal bus and transmit or receive data to be copy-protected via said internal bus, wherein at least one of the plurality of function modules includes at least one of an encryption means and a decryption means for encrypting or decrypting data to be copy-protected; and
  
  authentication means, provided in units of function modules and implemented as a device driver for the respective function modules, for performing authentication with a destination function module or the external device that exchanges the data to be copy-protected in units of function modules, said authentication means exchanging device identification data held in each of said function modules and node identification data assigned to the data processing apparatus and the external device as an address for specifying the function module as a device which authenticates the external device and which is authenticated by the external device, when said authentication means executes authentication between the function module and external device, wherein the device identification data is used as a sub-address for specifying one of the function modules in said data processing apparatus as a device which authenticates the external device and which is authenticated by the external device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Original Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Inventors
Ishibashi, Yasuhiro
Primary Examiner(s)
Barrón, Gilberto
Assistant Examiner(s)
Gurshman, Grigory

Application Number

US09/333,680
Time in Patent Office

1,896 Days
Field of Search

713/169, 713/170, 713/151, 713/160
US Class Current

713/169
CPC Class Codes

H04N 2005/91328   the copy protection signal ...

H04N 2005/91364   the video signal being scra...

H04N 21/4143   embedded in a Personal Comp...

H04N 21/43615   Interfacing a Home Network,...

H04N 21/43632   involving a wired protocol,...

H04N 21/4367   Establishing a secure commu...

H04N 21/4627   Rights management associate...

H04N 5/913   for scrambling ; for copy p...

Data processing apparatus and authentication method applied to the apparatus

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Data processing apparatus and authentication method applied to the apparatus

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links