Data transmitting system and method, drive unit, access method, data recording medium, recording medium producing apparatus and method
First Claim
1. A storage apparatus for storing information retrieved by an information processing apparatus, the storage apparatus comprising:
- a first storage section that stores data for access by the information processing apparatus; and
a security module distinct from the first storage section, the security module comprising;
a second storage section that stores a first revoked unit list;
a mutual authentication section that executes a mutual authentication protocol with the information processing apparatus;
a receiving section that receives a second revoked unit list from the information processing apparatus; and
a judging section that judges whether the information processing apparatus is revoked or not based on the first revoked unit list;
wherein if the information processing apparatus is revoked, the first revoked unit list is maintained in the second storage section of the security module, and if the information processing apparatus is not revoked, the first revoked unit list is replaced with the second revoked unit list in the second storage section of the security module, andwherein the security module prevents the information processing apparatus from accessing the data stored by the first storage section when the mutual authentication protocol does not authenticate the information processing apparatus.
0 Assignments
0 Petitions
Accused Products
Abstract
A security module is provided in a data recording medium, data to be written to the data recording medium is encrypted with an content key different from one data to another, and the content key is safely stored in the security module. Also, the security module makes a mutual authentication using the public-key encryption technology with a drive unit to check that the counterpart is an authorized (licensed) unit, and then gives the content key to the counterpart, thereby preventing data from being leaked to any illegal (unlicensed) unit. Thus, it is possible to prevent copyrighted data such as movie, music, etc. from being copied illegally (against the wish of the copyrighter of the data).
-
Citations
63 Claims
-
1. A storage apparatus for storing information retrieved by an information processing apparatus, the storage apparatus comprising:
-
a first storage section that stores data for access by the information processing apparatus; and a security module distinct from the first storage section, the security module comprising; a second storage section that stores a first revoked unit list; a mutual authentication section that executes a mutual authentication protocol with the information processing apparatus; a receiving section that receives a second revoked unit list from the information processing apparatus; and a judging section that judges whether the information processing apparatus is revoked or not based on the first revoked unit list; wherein if the information processing apparatus is revoked, the first revoked unit list is maintained in the second storage section of the security module, and if the information processing apparatus is not revoked, the first revoked unit list is replaced with the second revoked unit list in the second storage section of the security module, and wherein the security module prevents the information processing apparatus from accessing the data stored by the first storage section when the mutual authentication protocol does not authenticate the information processing apparatus. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. An information processing apparatus for retrieving information from a storage apparatus, comprising:
-
a storage section that stores a second revoked unit list; a mutual authentication section that executes a mutual authentication protocol with a security module on the storage apparatus; a receiving section that receives a first revoked unit list from the storage apparatus; and a judging section that judges whether the storage apparatus is revoked or not based on the second revoked unit list; wherein if the storage apparatus is revoked, the second revoked unit list is maintained, and if the storage apparatus is not revoked, the second revoked unit list is replaced with the first revoked unit list, wherein the storage apparatus comprises a first storage section that stores data for access by the information process and a security module distinct from the first storage section, and the security module comprises a second storage section that stores the first revoked unit list, and wherein the information processing apparatus does not replace the second revoked unit list with the first revoked unit list when the mutual authentication protocol does not authenticate the storage apparatus. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A system comprising an information processing apparatus and a storage apparatus, the information processing apparatus comprising:
-
a storage section that stores a second revoked unit list; a mutual authentication section that executes a mutual authentication protocol with a security module on the storage apparatus; a receiving section that receives a first revoked unit list from the storage apparatus; and a judging section that judges whether the storage apparatus is revoked or not based on the second revoked unit list; wherein if the storage apparatus is revoked, the second revoked unit list is maintained in the information processing apparatus, and if the storage apparatus is not revoked, the second revoked unit list is replaced with the first revoked unit list in the information processing apparatus, and wherein the information processing apparatus does not replace the second revoked unit list with the first revoked unit list when the mutual authentication protocol does not authenticate the storage apparatus; and the storage apparatus comprising; a first storage section that stores data for access by the information processing apparatus; and the security module, the security module being distinct from the first storage section and comprising; a second storage section that stores the first revoked unit list; a mutual authentication section that executes the mutual authentication protocol with the information processing apparatus; a receiving section that receives the second revoked unit list from the information processing apparatus; and a judging section that judges whether the information processing apparatus is revoked or not based on the first revoked unit list; wherein if the information processing apparatus is revoked, the first revoked unit list is maintained in the second storage section of the security module, and if the information processing apparatus is not revoked, the first revoked unit list is replaced with the second revoked unit list in the second storage section of the security module, and wherein the security module prevents the information processing apparatus from accessing the data stored by the first storage section when the mutual authentication protocol does not authenticate the information processing apparatus. - View Dependent Claims (33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47)
-
-
48. A method for retrieving information from a storage apparatus, comprising:
-
storing a second revoked unit list; executing a mutual authentication protocol with a security module on the storage apparatus; receiving a first revoked unit list from the storage apparatus; and judging whether the storage apparatus is revoked or not based on the second revoked unit list; wherein if the storage apparatus is revoked, the second revoked unit list is maintained, and if the storage apparatus is not revoked, the second revoked unit list is replaced with the first revoked unit list, wherein the storage apparatus comprises a first storage section that stores data for access by the information process and a security module distinct from the first storage section, and the security module comprises a second storage section that stores the first revoked unit list, and wherein the second revoked unit list is not replaced with the first revoked unit list when the mutual authentication protocol does not authenticate the storage apparatus. - View Dependent Claims (49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63)
-
Specification