Information processing system and method
First Claim
1. An information processing system for distributing an enabling key block (EKB) requested by an EKB requester, wherein the EKB includes an encrypted key set formed by encrypting an upper-level node key in a selected path in a category tree by a lower-level node key in the selected path in the category tree, the category tree being a part of a key tree and being grouped in accordance with a category managed by a category entity, and wherein the key tree includes leaves, a root, and nodes existing in paths from each of the leaves to the root, each of the leaves being assigned to a device, the information processing apparatus comprising:
- receiving means for receiving EKB requests requesting an EKB by an EKB type identifier from the EKB requester;
identifying means for identifying one or more category trees from an EKB type definition list defining the EKB type identifier and identifying one or more category tree identification data to match the EKB specified by the EKB type identifier received from the EKB requester;
creating means for creating an EKB to be decrypted in common in the one or more category trees identified by the identifying means; and
distributing means for distributing the EKB created by the creating means to the EKB requester.
1 Assignment
0 Petitions
Accused Products
Abstract
An information processing system and method are disclosed in which information processing is performed in a highly efficient manner using an enabling key block (EKB) on the basis of a tree structure including category subtrees. A key tree is formed so as to include a plurality of subtrees serving as category trees categorized in accordance with categories and managed by category entities. An EKB includes data produced by selecting a path in a tree and encrypting a higher-level key in the selected path using a lower-level key in the selected path. The resultant EKB is provided to a device. Distribution of EKB'"'"'s is managed on the basis of an EKB type definition list representing the correspondence between an EKB type identifier and one or more identification data identifying one or more category trees that can process an EKB of an EKB type specified by the EKB type identifier.
7 Citations
22 Claims
-
1. An information processing system for distributing an enabling key block (EKB) requested by an EKB requester, wherein the EKB includes an encrypted key set formed by encrypting an upper-level node key in a selected path in a category tree by a lower-level node key in the selected path in the category tree, the category tree being a part of a key tree and being grouped in accordance with a category managed by a category entity, and wherein the key tree includes leaves, a root, and nodes existing in paths from each of the leaves to the root, each of the leaves being assigned to a device, the information processing apparatus comprising:
-
receiving means for receiving EKB requests requesting an EKB by an EKB type identifier from the EKB requester; identifying means for identifying one or more category trees from an EKB type definition list defining the EKB type identifier and identifying one or more category tree identification data to match the EKB specified by the EKB type identifier received from the EKB requester; creating means for creating an EKB to be decrypted in common in the one or more category trees identified by the identifying means; and distributing means for distributing the EKB created by the creating means to the EKB requester. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 18)
-
-
11. An information processing method for distributing an enabling key block (EKB) requested by an EKB requester, wherein the EKB includes an encrypted key set formed by encrypting an upper-level node key in a selected path in a category tree by a lower-level node key in the selected path in the category tree, the category tree being a part of a key tree and being grouped in accordance with a category managed by a category entity, and wherein the key tree includes leaves, a root, and nodes existing in paths from each of the leaves to the root, each of the leaves being assigned to a device, the information processing method comprising:
-
receiving EKB requests requesting an EKB by an EKB type identifier from the EKB requester; identifying one or more category trees from an EKB type definition list defining the EKB type identifier and identifying one or more category tree identification data to match the EKB specified by the EKB type identifier received from the EKB requester; creating an EKB to be decrypted in common in the one or more category trees identified by the identifying means; and distributing the EKB created by the creating means to the EKB requester. - View Dependent Claims (12, 13, 14, 15, 16, 17, 19, 20)
-
-
21. An information processing apparatus for distributing an enabling key block (EKB) requested by an EKB requester, wherein the EKB includes an encrypted key set formed by encrypting an upper-level node key in a selected path in a category tree by a lower-level node key in the selected path in the category tree, the category tree being a part of a key tree and being grouped in accordance with a category managed by a category entity, and wherein the key tree includes leaves, a root, and nodes existing in paths from each of the leaves to the root, each of the leaves being assigned to a device, the information processing apparatus comprising:
-
a receiver configured to receive EKB requests requesting an EKB by an EKB type identifier from the EKB requester; an identifier module configured to identify one or more category trees from an EKB type definition list defining the EKB type identifier and identifying one or more category tree identification data to match the EKB specified by the EKB type identifier received from the EKB requester; a creator module configured to create an EKB to be decrypted in common in the one or more category trees identified by the identifier module; and a distributor module configured to distribute the EKB created by the creator module to the EKB requester.
-
-
22. A program storage medium having a computer program for enabling a key distribution apparatus to distribute an enabling key block (EKB) requested by a EKB requester, wherein the EKB includes an encrypted key set formed by encrypting an upper-level node key in a selected path in a category tree by a lower-level node key in the selected path in the category tree, the category tree being a part of a key tree and being grouped in accordance with a category managed by a category entity, and wherein the key tree includes leaves, a root, and nodes existing in paths from each of the leaves to the root, each of the leaves being assigned to a device, the program comprising instructions to cause the key distribution apparatus to:
-
receive EKB requests requesting an EKB by an EKB type identifier from the EKB requester; identify one or more category trees from an EKB type definition list defining the EKB type identifier and identifying one or more category tree identification data to match the EKB specified by the EKB type identifier received; create an EKB to be decrypted in common in the one or more category trees identified; and distribute the EKB created to the EKB requester.
-
Specification