Content distribution system
First Claim
1. A content distribution system comprising:
- a first information processing apparatus configured to issue a content-download request in which a download destination that is different from the first information processing apparatus itself is specified;
a second information processing apparatus that is specified as a download destination of content; and
a content distribution server configured to receive the content-download request from the first information processing apparatus and send the content to the second information processing apparatus,wherein the first information processing apparatus sends a ticket carrying a digital signature of the second information processing apparatus to the content distribution server to authenticate that the second information processing apparatus is authorized to receive the content from the content distribution server, andthe content distribution server verifies the digital signature on the ticket, and on condition that the verification has succeeded, the content distribution server determines that the second information processing apparatus is a content-download destination authorized by the first information processing apparatus, and sends the content to the second information processing apparatus.
1 Assignment
0 Petitions
Accused Products
Abstract
A system that allows secure processing in a case where a download-requesting terminal and a download-destination terminal are different devices is implemented. A content distribution server receives a ticket carrying a signature of a download destination from a terminal requesting downloading of content, and verifies the ticket to verify that a device serving as the download destination is a device authorized by the download-requesting terminal, thereby verifying the authenticity of the device serving as the download destination without directly authenticating the device serving as the download destination. Furthermore, a content-signing key [Ksig] or a hash value is exchanged as data that can be cryptographically processed only at the download-requesting device and the download-destination device, so that, for example, checking of the integrity of the content is allowed only at a legitimate download-destination device.
-
Citations
21 Claims
-
1. A content distribution system comprising:
-
a first information processing apparatus configured to issue a content-download request in which a download destination that is different from the first information processing apparatus itself is specified; a second information processing apparatus that is specified as a download destination of content; and a content distribution server configured to receive the content-download request from the first information processing apparatus and send the content to the second information processing apparatus, wherein the first information processing apparatus sends a ticket carrying a digital signature of the second information processing apparatus to the content distribution server to authenticate that the second information processing apparatus is authorized to receive the content from the content distribution server, and the content distribution server verifies the digital signature on the ticket, and on condition that the verification has succeeded, the content distribution server determines that the second information processing apparatus is a content-download destination authorized by the first information processing apparatus, and sends the content to the second information processing apparatus. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A content distribution method for a content distribution system:
-
at a first information processing apparatus configured to issue a content-download request in which a download destination that is different from the first information processing apparatus itself is specified, sending, by the first information processing apparatus, a ticket carrying a digital signature of a second information processing apparatus to a content distribution server to authenticate that the second information processing apparatus is authorized to receive the content from the content distribution server, the second information processing apparatus being specified as a download destination of the content; and at the content distribution server configured to receive the content-download request from the first information processing apparatus and to send the content to the second information processing apparatus, verifying the digital signature on the ticket, determining, on condition that the verification has succeeded, that the second information processing apparatus is a content-download destination authorized by the first information processing apparatus, and sending the content to the second information processing apparatus. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A first information processing apparatus, comprising:
-
storage means that stores a ticket carrying a digital signature of a second information processing apparatus that serves as a download destination of content; control means for generating a content-download request, in which the download destination that is different from the first information processing apparatus itself is specified, including the ticket stored in the storage means; and communication means for sending the content-download request, from the first information processing apparatus, including the ticket carrying the digital signature of the second information processing apparatus to a content distribution server to authenticate that the second information processing apparatus is authorized to receive the content from the content distribution server, the content distribution server configured to verify the digital signature on the ticket, and on condition that the verification has succeeded, the content distribution server configured to determine that the second information processing apparatus is a content-download destination authorized by the first information processing apparatus, and to send the content to the second information processing apparatus. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A computer storage medium, storing computer executable instructions that cause a computer to implement a method, comprising:
-
obtaining a ticket carrying a digital signature of a second information processing apparatus that serves as a download destination of content; generating a content-download-request, in which the download destination that is different from a first information processing apparatus that executes the instructions is specified, including the ticket; and sending, from the first information processing apparatus, the content-download-request including the ticket to a content distribution server to authenticate that the second information processing apparatus is authorized to receive the content from the content distribution server, the content distribution server configured to verify the digital signature on the ticket, and on condition that the verification has succeeded, the content distribution server configured to determine that the second information processing apparatus is a content-download destination authorized by the first information processing apparatus, and to send the content to the second information processing apparatus.
-
-
21. A computer storage medium, storing computer executable instructions that cause a computer to implement a method of sending content, said method comprising:
-
receiving by a content distribution server, from a first information processing apparatus, a content-download-request process in which a second information processing apparatus is specified as a download destination that is different from the first information processing apparatus itself, and a ticket carrying a digital signature of the second information processing apparatus; verifying, by the content distribution server, the digital signature included in the ticket carrying the digital signature of the second information processing apparatus serving as the download destination, the ticket being included in the content-download request to authenticate that the second information processing apparatus is authorized to receive the content from the content distribution server; and sending, by the content distribution server, content to the second information processing apparatus on condition that the verification has succeeded.
-
Specification