Data communicating apparatus, data communicating method, and program
First Claim
1. A data communicating apparatus for communicating data over a network with members of a group to which the apparatus belongs as another member, said apparatus comprising:
- a processor;
a generating unit configured to generate validity verification data for validating said apparatus;
a reporting unit configured to report said validity verification data generated by said generating unit to a management device for managing said group;
a holding unit configured to, when said apparatus is validated by said management device based on said validity verification data, hold a group-shared key supplied by said management device solely to said members of said group, along with group identification information for identifying said group and self-identification information for identifying said apparatus;
a receiving unit configured to receive encrypted data furnished with said group identification information over said network;
a decrypting unit configured to decrypt said encrypted data received by said receiving unit by using said group-shared key corresponding to said group identification information attached to said encrypted data;
a verifying unit configured to verify results of the decryption performed by said decrypting unit and to match said self-identification information for identifying said apparatus with recipient identification information attached to said encrypted data;
a discarding unit configured to discard said encrypted data and said results of said decryption when the verification of the results of the decryption performed by said verifying unit is negative and when said self-identification information for identifying said apparatus does not match the recipient identification information attached to the encrypted data;
a checking unit configured to check to determine whether information which is included in outgoing data to be transmitted and which indicates a source of transmission matches said self-identification information; and
a outputting unit configured to output said outgoing data onto said network.
1 Assignment
0 Petitions
Accused Products
Abstract
A data communicating method is disclosed for use with a user terminal, the method preventing both members of a given group including the terminal and nonmembers from intercepting, tampering with or falsifying data communicated between the members without recourse to a plurality of encryption keys. In a first step, validity verification data is generated by the terminal. In a second step, the validity verification data and an attestation identity public key certificate are sent from the terminal to a group management device. In a third step, the group management device determines whether the terminal is valid. If the terminal is found valid, then a group name, a member ID and a group-shared key are supplied to the terminal in a fourth step, and a member ID list is further supplied in a fifth step. Thereafter the terminal is allowed to communicate with other members of the same group. The disclosed method can be applied advantageously to video game machines for network-based games.
7 Citations
9 Claims
-
1. A data communicating apparatus for communicating data over a network with members of a group to which the apparatus belongs as another member, said apparatus comprising:
-
a processor; a generating unit configured to generate validity verification data for validating said apparatus; a reporting unit configured to report said validity verification data generated by said generating unit to a management device for managing said group; a holding unit configured to, when said apparatus is validated by said management device based on said validity verification data, hold a group-shared key supplied by said management device solely to said members of said group, along with group identification information for identifying said group and self-identification information for identifying said apparatus; a receiving unit configured to receive encrypted data furnished with said group identification information over said network; a decrypting unit configured to decrypt said encrypted data received by said receiving unit by using said group-shared key corresponding to said group identification information attached to said encrypted data; a verifying unit configured to verify results of the decryption performed by said decrypting unit and to match said self-identification information for identifying said apparatus with recipient identification information attached to said encrypted data; a discarding unit configured to discard said encrypted data and said results of said decryption when the verification of the results of the decryption performed by said verifying unit is negative and when said self-identification information for identifying said apparatus does not match the recipient identification information attached to the encrypted data; a checking unit configured to check to determine whether information which is included in outgoing data to be transmitted and which indicates a source of transmission matches said self-identification information; and a outputting unit configured to output said outgoing data onto said network. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A data communicating method for communicating data over a network with members of a group to which a user of the method belongs as another member, implemented in a data communicating apparatus having a processor, said method comprising:
-
generating, at the group communications apparatus, validity verification data for validating said user; reporting, at the group communications apparatus, said validity verification data to a management device for managing said group; holding, at the group communications apparatus, a group-shared key supplied by said management device solely to said members of said group, along with group identification information for identifying said group and self-identification information for identifying said user, when said user is validated by said management device based on said validity verification data; receiving, at the group communications apparatus, encrypted data furnished with said group identification information over said network; decrypting, at the group communications apparatus, said encrypted data by use of said group-shared key corresponding to said group identification information attached to said encrypted data; verifying, at the group communications apparatus, results of the decryption, said verifying further matching said self-identification information for identifying said apparatus with recipient identification information attached to said encrypted data; discarding, at the group communications apparatus, said encrypted data and said results of said decryption when the verification of the results of the decryption is negative and when said self-identification information for identifying said apparatus does not match the recipient identification information attached to the encrypted data; checking, at the group communications apparatus, to determine whether information which is included in outgoing data to be transmitted and which indicates a source of transmission matches said self-identification information; and outputting, at the group communications apparatus, said outgoing data onto said network.
-
-
9. A computer-readable storage medium encoded with instructions, which when executed by a group communications apparatus causes the group communications apparatus to implement a method, said method communicates data over a network with members of a group to which a user of said method belongs as another member, said method comprising:
-
generating, at the group communications apparatus, validity verification data for validating said user; reporting, at the group communications apparatus, said validity verification data to a management device for managing said group; holding, at the group communications apparatus, a group-shared key supplied by said management device solely to said members of said group, along with group identification information for identifying said group and self-identification information for in said user, when said user is validated by said management device based on said validity verification data; receiving, at the group communications apparatus, encrypted data furnished with said group identification information over said network; decrypting, at the group communications apparatus, said encrypted data by use of said group-shared key corresponding to said group identification information attached to said encrypted data; verifying, at the group communications apparatus, results of the decryption, said verifying further matching said self-identification information for identifying said apparatus with recipient identification information attached to said encrypted data; discarding, at the group communications apparatus, said encrypted data and said results of said decryption in accordance with results of the verification of the results of the decryption is negative and when said self-identification information for identifying said apparatus does not match the recipient identification information attached to the encrypted data; checking, at the group communications apparatus, to determine whether information which is included in outgoing data to be transmitted and which indicates a source of transmission matches said self-identification information; and outputting, at the group communications apparatus, said outgoing data onto said network.
-
Specification