Information processing system and method

US 7,738,662 B2
Filed: 12/15/2006
Issued: 06/15/2010
Est. Priority Date: 12/26/2000
Status: Expired due to Fees

First Claim

Patent Images

1. An information processing system comprising:

A) a key distribution center (KDC) adapted to produce and issue an enabling key block (EKB), the KDC having an EKB type definition list representing a correspondence for the EKB, in which the EKB is produced based on a key tree and device keys;

the key tree including a plurality of leaves, a root, and a plurality of nodes existing in paths from the plurality of leaves to the root, wherein the leaves correspond to a plurality of devices;

the enabling key block (EKB) including a plurality of encrypted key data, the encrypted key data being produced by encrypting a key based on the device keys assigned to the root, to at least some of the leaves or to at least some of the nodes, wherein the encrypted key data in EKB is used for decoding an encrypted content key; and

B) at least one EKB requester adapted to request a EKB to the key distribution center,wherein the KDC is operable to send a notification to the EKB requester, wherein the notification indicates a change in state of EKB.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An information processing system and method are disclosed in which information processing is performed in a highly efficient manner using an enabling key block (EKB) on the basis of a tree structure including category subtrees. A key tree is produced so as to include a plurality of subtrees that are grouped in accordance with categories and managed by category entities. An EKB is produced so as to include data produced by selecting a path in the key tree and encrypting an upper-level key in the selected path using a lower-level key in the selected path. The resultant EKB is provided to a device. If a change occurs in state of a category tree capable of processing an EKB identified in the EKB type definition list, a notification of the change in state is sent to an entity that uses the EKB thereby making it possible for an EKB requester to perform processing in accordance with a newest EKB.

Citations

9 Claims

1. An information processing system comprising:
- A) a key distribution center (KDC) adapted to produce and issue an enabling key block (EKB), the KDC having an EKB type definition list representing a correspondence for the EKB, in which the EKB is produced based on a key tree and device keys;
  
  the key tree including a plurality of leaves, a root, and a plurality of nodes existing in paths from the plurality of leaves to the root, wherein the leaves correspond to a plurality of devices;
  
  the enabling key block (EKB) including a plurality of encrypted key data, the encrypted key data being produced by encrypting a key based on the device keys assigned to the root, to at least some of the leaves or to at least some of the nodes, wherein the encrypted key data in EKB is used for decoding an encrypted content key; and
  
  B) at least one EKB requester adapted to request a EKB to the key distribution center,wherein the KDC is operable to send a notification to the EKB requester, wherein the notification indicates a change in state of EKB.
- View Dependent Claims (2, 3)
- - 2. An information processing system according to claim 1, wherein the change in state arises from a revocation of one of the devices.
  - 3. An information processing system according to claim 1, wherein the change in state arises from a change of a key stored in a specific one of the plurality of devices.

4. A key distribution center (KDC) adapted to produce and issue an enabling key block (EKB), the KDC having an EKB type definition list representing a correspondence for the EKB, in which the EKB is produced based on a key tree and device keys;
- the key tree including a plurality of leaves, a root, and a plurality of nodes existing in paths from the plurality of leaves to the root, wherein the leaves correspond to a plurality of devices;
  
  the enabling key block (EKB) including a plurality of encrypted key data, the encrypted key data being produced by encrypting a key based on the device keys assigned to the root, to at least some of the leaves or to at least some of the nodes, wherein the encrypted key data in EKB is used for decoding an encrypted content key; and
  
  the KDC being operable to send a notification to a EKB requester, wherein the notification indicates a change in state of EKB.
- View Dependent Claims (5, 6)
- - 5. The key distribution center according to claim 4, wherein the change in state arises from a revocation of one of the devices.
  - 6. The key distribution center according to claim 4, wherein the change in state arises from a change of a key stored in a specific one of the plurality of devices.

7. An enabling key block (EKB) requester for use with a key distribution center (KDC), said EKB requestor comprising:
- means for requesting an EKB to the key distribution center; and
  
  means for receiving a notification from the KDC, in which the notification indicates a change in state of EKB,whereinthe key distribution center (KDC) is adapted to produce and issue the enabling key block (EKB), the KDC having an EKB type definition list representing a correspondence for the EKB, in which the EKB is produced based on a key tree and device keys;
  
  the key tree includes a plurality of leaves, a root, and a plurality of nodes existing in paths from the plurality of leaves to the root, wherein the leaves correspond to a plurality of devices; and
  
  the enabling key block (EKB) includes a plurality of encrypted key data, the encrypted key data being produced by encrypting a key based on the device keys assigned to the root, to at least some of the leaves or to at least some of the nodes, wherein the encrypted key data in EKB is used for decoding an encrypted content key.
- View Dependent Claims (8, 9)
- - 8. The enabling key block requester according to claim 7, wherein the change in state arises from a revocation of one of the devices.
  - 9. The enabling key block requester according to claim 7, wherein the change in state arises from a change of a key stored in a specific one of the plurality of devices.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sony Corporation (Sony Group Corp.)
Original Assignee
Sony Corporation (Sony Group Corp.)
Inventors
Taki, Ryuta, Asano, Tomoyuki, Oishi, Tateo, Osawa, Yoshitomo, Ishiguro, Ryuji
Primary Examiner(s)
Smithers; Matthew B

Application Number

US11/639,711
Publication Number

US 20070098177A1
Time in Patent Office

1,278 Days
Field of Search

713/177, 380/279, 380/286
US Class Current

380/277
CPC Class Codes

G06F 21/107   License processing; Key pro...

G11B 20/00086   Circuits for prevention of ...

G11B 20/0021   involving encryption or dec...

G11B 20/00855   involving a step of exchang...

H04L 2209/60   Digital content management,...

H04L 63/0428   wherein the data content is...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0869   for achieving mutual authen...

H04L 63/104   Grouping of entities

H04L 9/0836   using tree structure or hie...

H04L 9/0891   Revocation or update of sec...

Information processing system and method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Information processing system and method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links