Information processing system and method
First Claim
1. An information processing system comprising:
- A) a key distribution center (KDC) adapted to produce and issue an enabling key block (EKB), the KDC having an EKB type definition list representing a correspondence for the EKB, in which the EKB is produced based on a key tree and device keys;
the key tree including a plurality of leaves, a root, and a plurality of nodes existing in paths from the plurality of leaves to the root, wherein the leaves correspond to a plurality of devices;
the enabling key block (EKB) including a plurality of encrypted key data, the encrypted key data being produced by encrypting a key based on the device keys assigned to the root, to at least some of the leaves or to at least some of the nodes, wherein the encrypted key data in EKB is used for decoding an encrypted content key; and
B) at least one EKB requester adapted to request a EKB to the key distribution center,wherein the KDC is operable to send a notification to the EKB requester, wherein the notification indicates a change in state of EKB.
1 Assignment
0 Petitions
Accused Products
Abstract
An information processing system and method are disclosed in which information processing is performed in a highly efficient manner using an enabling key block (EKB) on the basis of a tree structure including category subtrees. A key tree is produced so as to include a plurality of subtrees that are grouped in accordance with categories and managed by category entities. An EKB is produced so as to include data produced by selecting a path in the key tree and encrypting an upper-level key in the selected path using a lower-level key in the selected path. The resultant EKB is provided to a device. If a change occurs in state of a category tree capable of processing an EKB identified in the EKB type definition list, a notification of the change in state is sent to an entity that uses the EKB thereby making it possible for an EKB requester to perform processing in accordance with a newest EKB.
-
Citations
9 Claims
-
1. An information processing system comprising:
-
A) a key distribution center (KDC) adapted to produce and issue an enabling key block (EKB), the KDC having an EKB type definition list representing a correspondence for the EKB, in which the EKB is produced based on a key tree and device keys; the key tree including a plurality of leaves, a root, and a plurality of nodes existing in paths from the plurality of leaves to the root, wherein the leaves correspond to a plurality of devices; the enabling key block (EKB) including a plurality of encrypted key data, the encrypted key data being produced by encrypting a key based on the device keys assigned to the root, to at least some of the leaves or to at least some of the nodes, wherein the encrypted key data in EKB is used for decoding an encrypted content key; and B) at least one EKB requester adapted to request a EKB to the key distribution center, wherein the KDC is operable to send a notification to the EKB requester, wherein the notification indicates a change in state of EKB. - View Dependent Claims (2, 3)
-
-
4. A key distribution center (KDC) adapted to produce and issue an enabling key block (EKB), the KDC having an EKB type definition list representing a correspondence for the EKB, in which the EKB is produced based on a key tree and device keys;
-
the key tree including a plurality of leaves, a root, and a plurality of nodes existing in paths from the plurality of leaves to the root, wherein the leaves correspond to a plurality of devices; the enabling key block (EKB) including a plurality of encrypted key data, the encrypted key data being produced by encrypting a key based on the device keys assigned to the root, to at least some of the leaves or to at least some of the nodes, wherein the encrypted key data in EKB is used for decoding an encrypted content key; and the KDC being operable to send a notification to a EKB requester, wherein the notification indicates a change in state of EKB. - View Dependent Claims (5, 6)
-
-
7. An enabling key block (EKB) requester for use with a key distribution center (KDC), said EKB requestor comprising:
-
means for requesting an EKB to the key distribution center; and means for receiving a notification from the KDC, in which the notification indicates a change in state of EKB, wherein the key distribution center (KDC) is adapted to produce and issue the enabling key block (EKB), the KDC having an EKB type definition list representing a correspondence for the EKB, in which the EKB is produced based on a key tree and device keys; the key tree includes a plurality of leaves, a root, and a plurality of nodes existing in paths from the plurality of leaves to the root, wherein the leaves correspond to a plurality of devices; and the enabling key block (EKB) includes a plurality of encrypted key data, the encrypted key data being produced by encrypting a key based on the device keys assigned to the root, to at least some of the leaves or to at least some of the nodes, wherein the encrypted key data in EKB is used for decoding an encrypted content key. - View Dependent Claims (8, 9)
-
Specification