Information management system having a common management server for establishing secure communication among groups formed out of a plurality of terminals

US 7,451,202 B2
Filed: 12/18/2003
Issued: 11/11/2008
Est. Priority Date: 12/20/2002
Status: Active Grant

First Claim

Patent Images

1. An information management system comprising:

a terminal apparatus; and

an information management server configured to permit a predetermined number of terminal apparatuses to receive content therefrom and configured to manage a plurality of terminal apparatuses permitted to receive the content, the terminal apparatuses permitted to receive the content being managed as a group of terminal apparatuses associated with the information management server,wherein the information management server includes;

a management information storage unit configured to store a list indicating terminal information identifying a registered terminal apparatus, the information management server permitting the registered terminal apparatus to receive the content from the information management server;

a judging unit configured to judge whether or not a number of registered terminal apparatuses, concurrently permitted by the information management server to receive the content from the information management server, exceeds the predetermined number of terminal apparatuses, the judging unit performing the judgment when the information management server receives, from the terminal apparatus of the information management system, a request for registration that identifies the registered terminal apparatus identified in the list stored in the management information storage unit; and

a first secure communication unit configured to establish a secure communication channel with the terminal apparatus of the information management system and configured to transmit, to the terminal apparatus of the information management system via the secure communication channel, group information identifying the group of terminal apparatuses associated with the information management server, the first secure communication unit performing the establishing and the transmitting when the judging unit judges that the number of registered terminal apparatuses currently permitted by the information management server to receive the content from the information management server does not exceed the predetermined number of terminal apparatuses,wherein the terminal apparatus of the information management system includes a tamper-resistant module, andwherein the tamper-resistant module includes;

a data storage unit configured to securely store the group information transmitted from the first secure communication unit; and

a second secure communication unit configured to, when the terminal apparatus of the information management system leaves the group of terminal apparatuses associated with the information management server, establish a secure communication channel with the first secure communication unit and transmit, to the information management server via the secure communication channel established between the first secure communication unit and the second secure communication unit by the second secure communication unit, a request for deleting the terminal information identifying the registered terminal apparatus, which left the group of terminal apparatuses, from the list stored in the management information storage unit.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A group management server in a group information management system includes: a group member terminal list storage unit for storing a group member terminal list; and a secure communication unit for establishing a secure communication channel with a plurality of terminal apparatuses and communicating with each of the terminal apparatuses via the communication channel. Each terminal apparatus includes a tamper-resistant module. The tamper-resistant module includes: a group information storage unit for storing group information securely; a deletion unit for securely executing deletion, which is processing that affects the group member terminal list, of the group information stored in the group information storage unit; and a secure communication unit for establishing a secure communication channel with the secure communication unit and transmitting a complete deletion notification message via the communication channel.

Citations

19 Claims

1. An information management system comprising:
- a terminal apparatus; and
  
  an information management server configured to permit a predetermined number of terminal apparatuses to receive content therefrom and configured to manage a plurality of terminal apparatuses permitted to receive the content, the terminal apparatuses permitted to receive the content being managed as a group of terminal apparatuses associated with the information management server,wherein the information management server includes;
  
  a management information storage unit configured to store a list indicating terminal information identifying a registered terminal apparatus, the information management server permitting the registered terminal apparatus to receive the content from the information management server;
  
  a judging unit configured to judge whether or not a number of registered terminal apparatuses, concurrently permitted by the information management server to receive the content from the information management server, exceeds the predetermined number of terminal apparatuses, the judging unit performing the judgment when the information management server receives, from the terminal apparatus of the information management system, a request for registration that identifies the registered terminal apparatus identified in the list stored in the management information storage unit; and
  
  a first secure communication unit configured to establish a secure communication channel with the terminal apparatus of the information management system and configured to transmit, to the terminal apparatus of the information management system via the secure communication channel, group information identifying the group of terminal apparatuses associated with the information management server, the first secure communication unit performing the establishing and the transmitting when the judging unit judges that the number of registered terminal apparatuses currently permitted by the information management server to receive the content from the information management server does not exceed the predetermined number of terminal apparatuses,wherein the terminal apparatus of the information management system includes a tamper-resistant module, andwherein the tamper-resistant module includes;
  
  a data storage unit configured to securely store the group information transmitted from the first secure communication unit; and
  
  a second secure communication unit configured to, when the terminal apparatus of the information management system leaves the group of terminal apparatuses associated with the information management server, establish a secure communication channel with the first secure communication unit and transmit, to the information management server via the secure communication channel established between the first secure communication unit and the second secure communication unit by the second secure communication unit, a request for deleting the terminal information identifying the registered terminal apparatus, which left the group of terminal apparatuses, from the list stored in the management information storage unit.

2. An information management system comprising:
- a plurality of terminal apparatuses for storing data; and
  
  an information management server for managing management information concerning the data, the information management server being connected to the plurality of terminal apparatuses via a network,wherein the information management server includes;
  
  a management information storage unit operable to store the management information; and
  
  a first secure communication unit operable to establish a secure communication channel with each terminal apparatus and operable to communicate with each terminal apparatus via a respective secure communication channel,wherein each terminal apparatus includes a respective tamper-resistant module,wherein each respective tamper-resistant module includes;
  
  a data storage unit operable to securely store the data;
  
  an execution unit operable to securely execute processing affecting the management information concerning the data securely stored in the data storage unit; and
  
  a second secure communication unit operable to establish a secure communication channel with the first secure communication unit and operable to transmit a completion notification via the secure communication channel established by the second secure communication unit, the completion notification indicating that the processing affecting the management information has been executed,wherein the data is group information used for determining whether or not a terminal apparatus belongs to a group formed by terminal apparatuses,wherein the management information is a terminal list of not more than a predetermined number of terminal apparatuses which belong to the group,wherein the processing affecting the management information is deletion of the group information,wherein the information management server further includes an updating unit operable to delete a terminal apparatus, which has transmitted the completion notification, from the terminal list stored in the management information storage unit, the terminal apparatus being deleted from the terminal list upon the information management server receiving the completion notification via the first secure communication unit of the terminal apparatus being deleted from the terminal list,wherein the information management server further includes;
  
  a common management server;
  
  a plurality of individual management servers; and
  
  a terminal list management apparatus,wherein each terminal apparatus further includes a respective first communication unit operable to communicate with the common management server,wherein the common management server includes a second communication unit operable to notify a terminal apparatus which has transmitted an advance notification of a destination address of an individual management server to which the completion notification should be transmitted, the advance notification indicating that the group information is about to be deleted,wherein each individual management server includes;
  
  the first secure communication unit;
  
  a first temporary deletion flag list storage unit operable to store a temporary deletion flag list associated with the terminal list, the temporary deletion flag list being a list of one or more first temporary deletion flags indicating whether or not the completion notification has been received; and
  
  a first temporary deletion flag setting unit operable to set a first temporary deletion flag that corresponds to the terminal apparatus, which transmitted the completion notification, the first temporary deletion flag being set by the first temporary deletion flag setting unit upon receipt of the completion notification via the first secure communication unit,wherein the terminal list management apparatus further includes;
  
  the management information storage unit;
  
  the updating unit; and
  
  a flag confirmation unit operable to confirm at an arbitrary timing whether or not a predetermined first temporary deletion flag included in the first temporary deletion flag list has been set, andwherein the updating unit deletes, from the terminal list, the terminal apparatus that corresponds to the first temporary deletion flag, the terminal apparatus being deleted from the terminal list based on the confirmation by the flag confirmation unit that the predetermined first temporary deletion flag has been set.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 3. The information management system according to claim 2,wherein the common management server further includes:
    - a second temporary deletion flag list storage unit operable to store a second temporary deletion flag list associated with the terminal list, the second temporary deletion flag list being a list of one or more second temporary deletion flags indicating whether or not the advance notification has been received; and
      
      a second temporary deletion flag setting unit operable to set a second temporary deletion flag that corresponds to the terminal apparatus, which transmitted the advance notification, the second temporary deletion flag being set by the second temporary deletion flag setting unit upon receipt of the advance notification via the second secure communication unit of the terminal apparatus which transmitted the advance notification,wherein the flag confirmation unit searches for the second temporary deletion flag that corresponds to a predetermined terminal apparatus included in the second temporary deletion flag list, and then searches, in sequence, for the first temporary deletion flag that corresponds to the predetermined terminal apparatus included in the first temporary deletion flag list, andwherein the updating unit deletes the predetermined terminal apparatus, that corresponds to both the first temporary deletion flag and the second temporary deletion flags, from the terminal list, in a case where the flag confirmation unit confirms that the second temporary deletion flag and the first temporary deletion flag have been set.
  - 4. The information management system according to claim 2, wherein the common management server of the information management server includes the terminal list management apparatus.
  - 5. The information management system according to claim 4,wherein the terminal list corresponds to the terminal apparatuses which belong to the group, and includes a column of second temporary deletion flags indicating whether or not the advance notification has been received,wherein the common management server further includes a second temporary deletion flag setting unit operable to set a second temporary deletion flag that corresponds to the terminal apparatus, which transmitted the advance notification, the second temporary deletion flag being set by the second temporary deletion flag setting unit upon receipt of the advance notification via the second communication unit,wherein the flag confirmation unit searches for the second temporary deletion flag that corresponds to a predetermined terminal apparatus included in the terminal list, and then searches, in sequence, for the first temporary deletion flag that corresponds to the predetermined terminal apparatus included in the first temporary deletion flag list, andwherein the updating unit deletes the predetermined terminal apparatus, that corresponds to both the first temporary deletion flag and the second temporary deletion flag, from the terminal list, in a case where the flag confirmation unit confirms that the second temporary deletion flag and the first temporary deletion flag have been set.
  - 6. The information management system according to claim 2,wherein the information management server further includes:
    - a group information storage unit operable to store the group information;
      
      a registrability determination unit operable to determine whether or not a terminal apparatus, which has transmitted a terminal registration request, can be registered in the terminal list, the determination being made upon receipt of the terminal registration request for registering the terminal apparatus in the terminal list from the terminal apparatus which transmitted the terminal registration request; and
      
      a group information readout unit operable to read out the group information stored in the group information storage unit, in a case where the registrability determination unit determines that the terminal apparatus, which transmitted the terminal registration request, can be registered,wherein each respective tamper-resistant module further includes a group information storage unit operable to store the group information in the data storage unit, upon receipt of the group information read out by the group information readout unit via the second secure communication unit of the respective tamper-resistant module, andwherein the updating unit registers the terminal apparatus, which transmitted the terminal registration request, in the terminal list, in a case where the registrability determination unit determines that the terminal apparatus, which transmitted the terminal registration request, can be registered.
  - 7. The information management system according to claim 6,wherein the second communication unit of the common management server is operable to notify the terminal apparatus, which transmitted the terminal registration request, of a destination address of an individual management server to which an obtainment request for obtaining the group information should be transmitted, the second communication unit performing the notification upon receipt of the terminal registration request from the terminal apparatus which transmitted the terminal registration request,wherein each of the individual management servers includes:
    - the group information storage unit; and
      
      the group information readout unit,wherein the terminal list management apparatus includesthe registrability determination unit,wherein the registrability determination unit determines whether or not the terminal apparatus, which transmitted the terminal registration request, can be registered in the terminal list, upon receipt of the terminal registration request via the first communication unit,wherein the second communication unit notifies the destination address of the obtainment request in a case where the registrability determination unit determines that the terminal apparatus, which transmitted the terminal registration request can be registered, andwherein the first secure communication unit transmits the group information read out by the group information readout unit to the terminal apparatus, which transmitted the obtainment request, upon receipt of the obtainment request.
  - 8. The information management system according to claim 7,wherein the flag confirmation unit is operable to confirm a predetermined first temporary deletion flag included in the first temporary deletion flag list at a timing of receipt of the terminal registration request, andwherein the updating unit deletes the terminal apparatus, that corresponds to the first temporary deletion flag, from the terminal list prior to the determination by the registrability determination unit, the updating unit performing the deletion based on the confirmation by the flag confirmation unit that the predetermined first temporary deletion flag has been set.
  - 9. The information management system according to claim 8,wherein the common management server further includes:
    - a second temporary deletion flag list storage unit operable to store a second temporary deletion flag list associated with the terminal list, the second temporary deletion flag list being a list of one or more second temporary deletion flags indicating whether or not the advance notification has been received; and
      
      a second temporary deletion flag setting unit operable to set a second temporary deletion flag that corresponds to the terminal apparatus, which transmitted the advance notification, the second temporary deletion flag being set by the second temporary deletion flag setting unit upon receipt of the advance notification via the second communication unit,wherein the flag confirmation unit searches for the second temporary deletion flag that corresponds to a predetermined terminal apparatus included in the second temporary deletion flag list, and then searches, in sequence, for the first temporary deletion flag that corresponds to the predetermined terminal apparatus included in the first temporary deletion flag list, andwherein the updating unit deletes the predetermined terminal apparatus, that corresponds to both the first temporary deletion flag and the second temporary deletion flag, from the terminal list, the updating unit performing the deletion prior to the determination by the registrability determination unit, and in a case where the flag confirmation unit confirms that the second temporary deletion flag and the first temporary deletion flag have been set.
  - 10. The information management system according to claim 6,wherein the second communication unit of the common management server is operable to notify the terminal apparatus, which transmitted the terminal registration request, of a destination address of an individual management server to which an obtainment request for obtaining the group information should be transmitted, the second communication unit performing the notification upon receipt of the terminal registration request from the terminal apparatus which transmitted the terminal registration request,wherein the common management server includes the terminal list management apparatus,wherein each of the individual management servers includes:
    - the group information storage unit; and
      
      the group information readout unit,wherein the terminal list management apparatus includes the registrability determination unit,wherein the registrability determination unit determines whether or not the terminal apparatus, which transmitted the terminal registration request, can be registered in the terminal list, upon receipt of the terminal registration request via the first communication unit,wherein the second communication unit notifies the destination address of the obtainment request in a case where the registrability determination unit determines that the terminal apparatus, which transmitted the terminal registration request, can be registered, andwherein the first secure communication unit transmits the group information read out by the group information readout unit to the terminal apparatus, which transmitted the obtainment request, upon receipt of the obtainment request.
  - 11. The information management system according to claim 10,wherein the flag confirmation unit is operable to confirm a predetermined first temporary deletion flag included in the first temporary deletion flag list at a timing of receipt of the terminal registration request, andwherein the updating unit deletes the terminal apparatus, that corresponds to the first temporary deletion flag, from the terminal list prior to the determination by the registrability determination unit, the updating unit performing the deletion based on the confirmation by the flag confirmation unit that the first temporary deletion flag has been set.
  - 12. The information management system according to claim 11,wherein the terminal list corresponds to the terminal apparatuses which belong to the group, and includes a column of second temporary deletion flags indicating whether or not the advance notification has been received,wherein the common management server further includes a second temporary deletion flag setting unit operable to set a second temporary deletion flag that corresponds to the terminal apparatus which transmitted the advance notification, the second temporary deletion flag being set by the second temporary deletion flag setting unit upon receipt of the advance notification via the second communication unit,wherein the flag confirmation unit searches for the second temporary deletion flag that corresponds to a predetermined terminal apparatus included in the second temporary deletion flag list, and then searches, in sequence, for the first temporary deletion flag that corresponds to the predetermined terminal apparatus included in the first temporary deletion flag list, andwherein the updating unit deletes the predetermined terminal apparatus, that corresponds to both the first temporary deletion flag and the second temporary deletion flag, from the terminal list prior to the determination by the registrability determination unit, in a case where the flag confirmation unit confirms that the second temporary deletion flag and the first temporary deletion flag have been set.

13. An information management system comprising:
- a plurality of terminal apparatuses for storing data; and
  
  an information management server for managing management information concerning the data, the information management server being connected to the plurality of terminal apparatuses via a network,wherein the information management server includes;
  
  a management information storage unit operable to store the management information; and
  
  a first secure communication unit operable to establish a secure communication channel with each terminal apparatus and operable to communicate with each terminal apparatus via a respective secure communication channel,wherein each terminal apparatus includes a respective tamper-resistant module,wherein each respective tamper-resistant module includes;
  
  a data storage unit operable to securely store the data;
  
  an execution unit operable to securely execute processing affecting the management information concerning the data securely stored in the data storage unit; and
  
  a second secure communication unit operable to establish a secure communication channel with the first secure communication unit and operable to transmit a completion notification via the secure communication channel established by the second secure communication unit, the completion notification indicating that the processing affecting the management information has been executed,wherein the data is group information used for determining whether or not a terminal apparatus belongs to a group formed by terminal apparatuses,wherein the management information is a terminal list of not more than a predetermined number of terminal apparatuses which belong to the group,wherein the processing affecting the management information is moving the group information between the terminal apparatuses,wherein the information management server further includes an updating unit operable to delete a terminal apparatus, which has transmitted the completion notification, from the terminal list stored in the management information storage unit, the terminal apparatus being deleted from the terminal list upon the information management server receiving the completion notification via the first secure communication unit of the terminal apparatus being deleted from the terminal list,wherein the information management server further includes;
  
  a common management server;
  
  a plurality of individual management servers; and
  
  a terminal list management apparatus,wherein each terminal apparatus further includes a respective first communication unit operable to communicate with the common management server,wherein the common management server includes a second communication unit operable to notify a terminal apparatus which has transmitted an advance notification of a destination address of an individual management server to which the completion notification should be transmitted, the advance notification indicating that the group information is about to be deleted,wherein each individual management server includes;
  
  the first secure communication unit;
  
  a first temporary deletion flag list storage unit operable to store a temporary deletion flag list associated with the terminal list, the temporary deletion flag list being a list of one or more first temporary deletion flags indicating whether or not the completion notification has been received; and
  
  a first temporary deletion flag setting unit operable to set a first temporary deletion flag that corresponds to the terminal apparatus, which transmitted the completion notification, the first temporary deletion flag being set by the first temporary deletion flag setting unit upon receipt of the completion notification via the first secure communication unit,wherein the terminal list management apparatus further includes;
  
  the management information storage unit;
  
  the updating unit; and
  
  a flag confirmation unit operable to confirm at an arbitrary timing whether or not a predetermined first temporary deletion flag included in the first temporary deletion flag list has been set, andwherein the updating unit deletes, from the terminal list, the terminal apparatus that corresponds to the first temporary deletion flag, the terminal apparatus being deleted from the terminal list based on the confirmation by the flag confirmation unit that the predetermined first temporary deletion flag has been set.

14. An information management system comprising:
- a plurality of terminal apparatuses for storing data; and
  
  an information management server for managing management information concerning the data, the information management server being connected to the plurality of terminal apparatuses via a network,wherein the information management server includes;
  
  a management information storage unit operable to store the management information; and
  
  a first secure communication unit operable to establish a secure communication channel with each terminal apparatus and operable to communicate with each terminal apparatus via a respective secure communication channel,wherein each terminal apparatus includes a respective tamper-resistant module,wherein each respective tamper-resistant module includes;
  
  a data storage unit operable to securely store the data;
  
  an execution unit operable to securely execute processing affecting the management information concerning the data securely stored in the data storage unit; and
  
  a second secure communication unit operable to establish a secure communication channel with the first secure communication unit and operable to transmit a completion notification via the secure communication channel established by the second secure communication unit, the completion notification indicating that the processing affecting the management information has been executed,wherein the data is group information used for determining whether or not a terminal apparatus belongs to a group formed by terminal apparatuses,wherein the management information is a terminal list of not more than a predetermined number of terminal apparatuses which belong to the group,wherein the data is a license of a digital work,wherein the management information is a historical log of the license,wherein the processing affecting the management information is a use of the license,wherein the information management server further includes an updating unit operable to delete a terminal apparatus, which has transmitted the completion notification, from the terminal list stored in the management information storage unit, the terminal apparatus being deleted from the terminal list upon the information management server receiving the completion notification via the first secure communication unit of the terminal apparatus being deleted from the terminal list,wherein the information management server further includes;
  
  a common management server;
  
  a plurality of individual management servers; and
  
  a terminal list management apparatuswherein each terminal apparatus further includes a respective first communication unit operable to communicate with the common management server,wherein the common management server includes a second communication unit operable to notify a terminal apparatus which has transmitted an advance notification of a destination address of an individual management server to which the completion notification should be transmitted, the advance notification indicating that the group information is about to be deleted,wherein each individual management server includes;
  
  the first secure communication unit;
  
  a first temporary deletion flag list storage unit operable to store a temporary deletion flag list associated with the terminal list, the temporary deletion flag list being a list of one or more first temporary deletion flags indicating whether or not the completion notification has been received; and
  
  a first temporary deletion flag setting unit operable to set a first temporary deletion flag that corresponds to the terminal apparatus, which transmitted the completion notification, the first temporary deletion flag being set by the first temporary deletion flag setting unit upon receipt of the completion notification via the first secure communication unit,wherein the terminal list management apparatus further includes;
  
  the management information storage unit;
  
  the updating unit; and
  
  a flag confirmation unit operable to confirm at an arbitrary timing whether or not a predetermined first temporary deletion flag included in the first temporary deletion flag list has been set, andwherein the updating unit deletes, from the terminal list, the terminal apparatus that corresponds to the first temporary deletion flag, the terminal apparatus being deleted from the terminal list based on the confirmation by the flag confirmation unit that the predetermined first temporary deletion flag has been set.

15. An information management system comprising:
- a plurality of terminal apparatuses for storing data; and
  
  an information management server for managing management information concerning the data, the information management server being connected to the plurality of terminal apparatuses via a network,wherein the information management server includes;
  
  a management information storage unit operable to store the management information; and
  
  a first secure communication unit operable to establish a secure communication channel with each terminal apparatus and operable to communicate with each terminal apparatus via a respective secure communication channel,wherein each terminal apparatus includes a respective tamper-resistant module,wherein each respective tamper-resistant module includes;
  
  a data storage unit operable to securely store the data;
  
  an execution unit operable to securely execute processing affecting the management information concerning the data securely stored in the data storage unit; and
  
  a second secure communication unit operable to establish a secure communication channel with the first secure communication unit and operable to transmit a completion notification via the secure communication channel established by the second secure communication unit, the completion notification indicating that the processing affecting the management information has been executed,wherein the data is group information used for determining whether or not a terminal apparatus belongs to a group formed by terminal apparatuses,wherein the management information is a terminal list of not more than a predetermined number of terminal apparatuses which belong to the group,wherein the data is a license of a digital work,wherein the management information is the number of licenses that each terminal apparatus can hold,wherein the processing affecting the management information is deletion of the license,wherein the information management server further includes an updating unit operable to delete a terminal apparatus, which has transmitted the completion notification, from the terminal list stored in the management information storage unit, the terminal apparatus being deleted from the terminal list upon the information management server receiving the completion notification via the first secure communication unit of the terminal apparatus being deleted from the terminal list,wherein the information management server further includes;
  
  a common management server;
  
  a plurality of individual management servers; and
  
  a terminal list management apparatus,wherein each terminal apparatus further includes a respective first communication unit operable to communicate with the common management server,wherein the common management server includes a second communication unit operable to notify a terminal apparatus which has transmitted an advance notification of a destination address of an individual management server to which the completion notification should be transmitted, the advance notification indicating that the group information is about to be deleted,wherein each individual management server includes;
  
  the first secure communication unit;
  
  a first temporary deletion flag list storage unit operable to store a temporary deletion flag list associated with the terminal list, the temporary deletion flag list being a list of one or more first temporary deletion flags indicating whether or not the completion notification has been received; and
  
  a first temporary deletion flag setting unit operable to set a first temporary deletion flag that corresponds to the terminal apparatus, which transmitted the completion notification, the first temporary deletion flag being set by the first temporary deletion flag setting unit upon receipt of the completion notification via the first secure communication unit,wherein the terminal list management apparatus further includes;
  
  the management information storage unit;
  
  the updating unit; and
  
  a flag confirmation unit operable to confirm at an arbitrary timing whether or not a predetermined first temporary deletion flag included in the first temporary deletion flag list has been set, andwherein the updating unit deletes, from the terminal list, the terminal apparatus that corresponds to the first temporary deletion flag, the terminal apparatus being deleted from the terminal list based on the confirmation by the flag confirmation unit that the predetermined first temporary deletion flag has been set.

16. An information management system comprising:
- a plurality of terminal apparatuses for storing data; and
  
  an information management server for managing management information concerning the data, the information management server being connected to the plurality of terminal apparatuses via a network,wherein the information management server includes;
  
  a management information storage unit operable to store the management information; and
  
  a first secure communication unit operable to establish a secure communication channel with each terminal apparatus and operable to communicate with each terminal apparatus via a respective secure communication channel,wherein each terminal apparatus includes a respective tamper-resistant module,wherein each respective tamper-resistant module includes;
  
  a data storage unit operable to securely store the data;
  
  an execution unit operable to securely execute processing affecting the management information concerning the data securely stored in the data storage unit; and
  
  a second secure communication unit operable to establish a secure communication channel with the first secure communication unit and operable to transmit a completion notification via the secure communication channel established by the second secure communication unit, the completion notification indicating that the processing affecting the management information has been executed,wherein the data is group information used for determining whether or not a terminal apparatus belongs to a group formed by terminal apparatuses,wherein the management information is a terminal list of not more than a predetermined number of terminal apparatuses which belong to the group,wherein the data is a digital work,wherein the management information is a limited number of distributions of the digital work,wherein the processing affecting the management information is moving of the license,wherein the information management server further includes an updating unit operable to delete a terminal apparatus, which has transmitted the completion notification, from the terminal list stored in the management information storage unit, the terminal apparatus being deleted from the terminal list upon the information management server receiving the completion notification via the first secure communication unit of the terminal apparatus being deleted from the terminal list,wherein the information management server further includes;
  
  a common management server;
  
  a plurality of individual management servers; and
  
  a terminal list management apparatus,wherein each terminal apparatus further includes a respective first communication unit operable to communicate with the common management server,wherein the common management server includes a second communication unit operable to notify a terminal apparatus which has transmitted an advance notification of a destination address of an individual management server to which the completion notification should be transmitted, the advance notification indicating that the group information is about to be deleted,wherein each individual management server includes;
  
  the first secure communication unit;
  
  a first temporary deletion flag list storage unit operable to store a temporary deletion flag list associated with the terminal list, the temporary deletion flag list being a list of one or more first temporary deletion flags indicating whether or not the completion notification has been received; and
  
  a first temporary deletion flag setting unit operable to set a first temporary deletion flag that corresponds to the terminal apparatus, which transmitted the completion notification, the first temporary deletion flag being set by the first temporary deletion flag setting unit upon receipt of the completion notification via the first secure communication unit,wherein the terminal list management apparatus further includes;
  
  the management information storage unit;
  
  the updating unit; and
  
  a flag confirmation unit operable to confirm at an arbitrary timing whether or not a predetermined first temporary deletion flag included in the first temporary deletion flag list has been set, andwherein the updating unit deletes, from the terminal list, the terminal apparatus that corresponds to the first temporary deletion flag, the terminal apparatus being deleted from the terminal list based on the confirmation by the flag confirmation unit that the predetermined first temporary deletion flag has been set.

17. An information management method of using an information management system, the information management system including a terminal apparatus and an information management server, the information management server permitting a predetermined number of terminal apparatuses to receive content therefrom and managing a plurality of terminal apparatuses permitted to receive the content, the terminal apparatuses permitted to receive the content being managed as a group of terminal apparatuses associated with the information management server, the information management method comprising:
- storing a list in the information management server, the list indicating terminal information identifying a registered terminal apparatus, the information management server permitting the registered terminal apparatus to receive the content from the information management server;
  
  judging, via the information management server, whether or not a number of registered terminal apparatuses, concurrently permitted by the information management server to receive the content from the information management server, exceeds the predetermined number of terminal apparatuses, said judging being performed when the information management server receives, from the terminal apparatus of the information management system, a request for registration that identifies the registered terminal apparatus identified in the list stored in the information management server;
  
  establishing, via the information management server, a secure communication channel with the terminal apparatus of the information management system;
  
  transmitting, to the terminal apparatus of the information management system via the secure communication channel, group information identifying the group of terminal apparatuses associated with the information management server, the transmitting being performed by the information management server when said judging judges that the number of registered terminal apparatuses currently permitted by the information management server to receive the content from the information management server does not exceed the predetermined number of terminal apparatuses;
  
  securely storing, in the terminal apparatus of the information management system, the group information transmitted from the information management server;
  
  establishing, via the terminal apparatus of the information management system, a secure communication channel with the information management server when the terminal apparatus of the information management system leaves the group of terminal apparatuses associated with the information management server; and
  
  transmitting, from the terminal apparatus of the information management system to the information management server, via the secure communication channel established by said establishing via the terminal apparatus, a request for deleting the terminal information identifying the registered terminal apparatus, which left the group of terminal apparatuses, from the list stored in the information management server.

18. A terminal apparatus for storing data, the terminal apparatus being connected via a network to an information management server, the information management server permitting a predetermined number of terminal apparatuses to receive content therefrom and managing a plurality of terminal apparatuses permitted to receive the content, the terminal apparatuses permitted to receive the content being managed as a group of terminal apparatuses associated with the information management server, the information management server storing a list indicating terminal information identifying a registered terminal apparatus, the information management server permitting the registered terminal apparatus to receive the content from the information management server, the information management server judging whether or not a number of registered terminal apparatuses, concurrently permitted by the information management server to receive the content from the information management server, exceeds the predetermined number of terminal apparatuses, the judging being performed when the information management server receives, from the terminal apparatus, a request for registration that identifies the registered terminal apparatus identified in the list stored in the information management server, the information management server establishing a secure communication channel with the terminal apparatus and transmitting, to the terminal apparatus via the secure communication channel, group information identifying the group of terminal apparatuses associated with the information management server, the establishing and transmitting being performed when the information management server judges that the number of registered terminal apparatuses, currently permitted by the information management server to receive the content from the information management server, does not exceed the predetermined number of terminal apparatuses, the terminal apparatus comprising a tamper-resistant module,wherein the tamper-resistant module includes:
- a data storage unit configured to securely store the group information transmitted from the information management server; and
  
  a second secure communication unit configured to, when the terminal apparatus leaves the group of terminal apparatuses associated with the information management server, establish a secure communication channel with the information management server and transmit, to the information management server via the secure communication channel established by the second secure communication unit, a request for deleting the terminal information identifying the registered terminal apparatus, which left the group of terminal apparatuses, from the list stored in the information management server.

19. An information management server for permitting a predetermined number of terminal apparatuses to receive content therefrom and for managing a plurality of terminal apparatuses permitted to receive the content, the terminal apparatuses permitted to receive the content being managed as a group of terminal apparatuses associated with the information management server, the information management server comprising:
- a management information storage unit configured to store a list indicating terminal information identifying a registered terminal apparatus, the information management server permitting the registered terminal apparatus to receive the content from the information management server;
  
  a judging unit configured to judge whether or not a number of registered terminal apparatuses, concurrently permitted by the information management server to receive the content from the information management server, exceeds the predetermined number of terminal apparatuses, the judging unit performing the judgment when the information management server receives, from one terminal apparatus, a request for registration that identifies the registered terminal apparatus identified in the list stored in the management information storage unit; and
  
  a first secure communication unit configured to establish a secure communication channel with the one terminal apparatus and configured to transmit, to the one terminal apparatus via the secure communication channel, group information identifying the group of terminal apparatuses associated with the information management server, the first secure communication unit performing the establishing and transmitting when the judging unit judges that the number of registered terminal apparatuses currently permitted by the information management server to receive the content from the information management server does not exceed the predetermined number of terminal apparatuses,wherein the one terminal apparatus includes a tamper-resistant module, and wherein the tamper-resistant module includes;
  
  a data storage unit configured to securely store the group information transmitted from the information management server; and
  
  a second secure communication unit configured to, when the terminal apparatus of the information management system leaves the group of terminal apparatuses associated with the information management server, establish a secure communication channel with the first secure communication unit and transmit, to the information management server via the secure communication channel established between the first secure communication unit and the second secure communication unit by the second secure communication unit, a request for deleting the terminal information identifying the registered terminal apparatus, which left the group of terminal apparatuses, from the list stored in the management information storage unit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lilly Pathway LLC (IP Edge LLC)
Original Assignee
Panasonic Corporation (Panasonic Holdings Corporation)
Inventors
Yamamoto, Masaya, Nakahara, Tohru, Hiramoto, Takuji, Inoue, Mitsuhiro, Miura, Kouji
Primary Examiner(s)
Lin; Wen-Tai

Application Number

US10/738,302
Publication Number

US 20040215735A1
Time in Patent Office

1,790 Days
Field of Search

None
US Class Current

709/223
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/105   Arrangements for software l...

G06F 21/42   using separate channels for...

G06Q 20/20   Point-of-sale [POS] network...

H04L 63/08   for authentication of entit...

H04L 63/104   Grouping of entities

Information management system having a common management server for establishing secure communication among groups formed out of a plurality of terminals

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Information management system having a common management server for establishing secure communication among groups formed out of a plurality of terminals

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links