CN1957356A - Unauthorized deice detection device, unauthorized device detection system, unauthorized device detection method, program, recording medium, and device information update method - Google Patents
Unauthorized deice detection device, unauthorized device detection system, unauthorized device detection method, program, recording medium, and device information update method Download PDFInfo
- Publication number
- CN1957356A CN1957356A CNA200580004617XA CN200580004617A CN1957356A CN 1957356 A CN1957356 A CN 1957356A CN A200580004617X A CNA200580004617X A CN A200580004617XA CN 200580004617 A CN200580004617 A CN 200580004617A CN 1957356 A CN1957356 A CN 1957356A
- Authority
- CN
- China
- Prior art keywords
- validation value
- unit
- user terminal
- portable medium
- unauthorized device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
There are provided an unauthorized device detection device, a content reproduction device, an unauthorized device detection system, an information collection device, an unauthorized device detection method, a program, a recording medium, a device information update method, and an integrated circuit capable of detecting a clone device associated with a content reproduction device. In a management server (2), a reception processing unit (241) acquires a user terminal identifier and a first user terminal random number from a user terminal as an unauthorized device detection object and judges whether a second management server random number corresponding to the user terminal held in a recording unit (23) coincides with the first user terminal random number. If they do not coincide, a display unit (22) displays a message indicating that a clone terminal exists. If they coincide, a terminal information generation unit (243) generates a new random number and overwrites the generated random number on the second management server random number in the recording unit (23). Moreover, a transmission processing unit (246) transmits the generated random number via a transmission/reception unit (21) to the user terminal so that the user terminal updates the first user terminal random number to the generated random number.
Description
Technical field
The present invention relates to a kind of unauthorized device checkout equipment that is used to detect by the unauthorized device of duplicating production, and in particular to being used to detect the content that is used for playing copyright protection, for example the technology of the duplicate reproducing device of film and music.
Background technology
In recent years, the existence of duplicating the duplicate equipment that the reproducing device of mandate produces has become main problem.For the copyright of protection, just have only the equipment of mandate to be allowed to the content of deciphering and resetting and encrypting.Yet each duplicate equipment has and the identical Device keys of key of authorizing reproducing device to hold, and uses the identical method of using with the reproducing device of authorizing to decipher and play the content of encryption.Therefore anyone who has duplicate equipment can watch to duplicity or listen to this content.
At this problem, be used to detect the method for duplicate terminal under the situation that it is mobile phone that patent documentation 1 discloses a kind of portable terminal in mandate.
According to patent documentation 1, if detect two or more portable terminals whiles under the control of a plurality of base stations, then duplicate terminal checkout equipment is judged the existence of duplicate terminal.
Patent documentation 1: Japanese Patent Application Publication No.2000-184447
Summary of the invention
The problem to be solved in the present invention
Yet above-mentioned technology relies on each portable terminal to the base station login current location, and therefore is not suitable for comprising the not system of the content playback apparatus of location registration.
In view of this problem, the object of the invention is to provide unauthorized device checkout equipment, content playback apparatus, unauthorized device detection system, program, information collecting device, unauthorized device detection method, program, recording medium, device information update method and the integrated circuit of the duplicate that can detect content playback apparatus.
The method of dealing with problems
To achieve these goals, unauthorized device checkout equipment of the present invention is a kind of unauthorized device checkout equipment that is used to detect by the unauthorized device that duplicates production, comprise: Dispatching Unit, be used for storing first validation value accordingly with the demo plant identifier, generation is different from second validation value of described first validation value, store described second validation value replacing described first validation value, and described second validation value is distributed to the device of the described demo plant identifier of storage; Acquiring unit is used for obtaining by detecting target device identifiers and the validation value that destination apparatus is written to described portable medium from portable medium; Judging unit, if be used for described target device identifiers and described demo plant identifier match, then judge the described validation value that obtains whether with described second verification value matches; And registering unit, be what negate if be used for described judgment unit judges, then in unauthorized device tabulation, register described target device identifiers.
Unauthorized device checkout equipment of the present invention judges whether the detection destination apparatus that stores the target device identifiers identical with the demo plant identifier stores the validation value of renewal.Subsequently, may detect illegal state, wherein, i) store the demo plant identifier and upgrade before validation value device with ii) another store the demo plant identifier and upgrade after the device of validation value exist jointly.
If judgment unit judges is what negate, then registering unit is registered described target device identifiers in unauthorized device tabulation.Unauthorized device registration used herein refers to the device identification of non-coupling is carried out some processing.
For example, unauthorized device checkout equipment can be stored a plurality of target device identifiers in RAM, to from other target device identifiers, distinguish with the corresponding target device identifiers of non-coupling random number, and the display unit that independently provides will be provided the result.This operation is considered to be in registration and the corresponding target device identifiers of non-coupling random number in the unauthorized device tabulation, and this unauthorized device of transmission is tabulated to display unit.Note, unauthorized device list storage is just enough in volatile memory, and needn't be stored in the nonvolatile memory.
If described judgment unit judges is sure, then described Dispatching Unit further generates the 3rd validation value that is different from described second validation value, store described the 3rd validation value replacing described second validation value, and described the 3rd validation value is distributed in the described detection destination apparatus.
Utilize this structure, be updated with the validation value of the corresponding detection destination apparatus of demo plant identifier.Thereby, detect destination apparatus and unauthorized device pick-up unit and can store new validation value.
By repeating to handle similarly (promptly, by making acquiring unit obtain target device identifiers and validation value and whether the judgment unit judges validation value being mated), because the validation value of these equipment is not updated, so the unauthorized destination apparatus that unauthorized device checkout equipment can detection of stored checking object identifier.
Unauthorized device checkout equipment of the present invention may further include: the title key storage unit, be used to store the title key that is used to decipher the content of having encrypted, if wherein described judgment unit judges is sure, then described Dispatching Unit further is distributed to described title key described detection destination apparatus.
Utilize this structure, the detection destination apparatus that only is judged as authorization device is allowed to deciphering and playback of content, can prevent unauthorized playback thus.
The present invention detects the unauthorized device checkout equipment that destination apparatus stores private key therein, also comprises: the title key storage unit is used to store and is used to decipher the title key of content encoded; The duplicate key storage unit is used for storing duplicate key as the copy of described private key accordingly with described demo plant identifier; And the title key generation unit of encrypting, be used to utilize described duplicate key to encrypt described title key to generate the title key of encrypting, if wherein described judgment unit judges is sure, then described Dispatching Unit further is distributed to described detection destination apparatus with the title key of described encryption.
Utilize this structure, the detection destination apparatus that only is judged as authorization device can decrypt title key, can prevent unauthorized playback thus.
Unauthorized device checkout equipment of the present invention may further include: counting unit is used to count the number of times of the affirmative determination of being made by described judging unit; And counting judging unit, be used to judge whether the sum of affirmative determination surpasses predetermined quantity, if wherein described sum surpasses described predetermined quantity, then described Dispatching Unit is further used for generating the 3rd validation value that is different from described second validation value, replace described first validation value with described the 3rd validation value, and described second validation value is distributed to described detection destination apparatus.
Unauthorized device checkout equipment of the present invention may further include: the time period measuring unit is used to measure from the last validation value of described Dispatching Unit and divides the time period of initiating; And time period judging unit, be used to judge that whether the T.T. section surpasses the preset time section, wherein, if described T.T., section surpassed described preset time section, then described Dispatching Unit also is used to generate the 3rd validation value that is different from described second validation value, replace described second validation value with described the 3rd validation value, and described the 3rd validation value is distributed to described detection destination apparatus.
These structures have reduced the number of times of the generation and the renewal of new validation value, handle the workload that needs thereby reduced to upgrade.
Dispatching Unit can be used to generate random number to be used as each validation value.
This structure can reduce the risk of being guessed the unauthorized playback that causes owing to checking.
Content playback apparatus of the present invention comprises: storage unit is used for storing first validation value that is generated by the unauthorized device checkout equipment that is used to detect the unauthorized device by duplicating production accordingly with device identification; Notification unit is used for notifying the described device identification and first validation value to described unauthorized device checkout equipment; Acquiring unit, be used for from the portable medium deriving means identifier and second validation value, this device identification and second validation value are write on the described portable medium by described unauthorized device checkout equipment in response to described notice, and described second validation value is generated by described unauthorized device checkout equipment; And updating block, if be used for described device identification of obtaining and the device identification coupling that is stored in described storage unit, then replace described first validation value with described second validation value.
Utilize this structure, the content playback apparatus validation value of the validation value overwrite storage that generates by unauthorized device checkout equipment.Thereby content playback apparatus can be to the up-to-date validation value of unauthorized checkout equipment notice by unauthorized device checkout equipment generation.The reproducing device of authorizing can prevent to send old validation value and be mistaken for unauthorized device like this.
Unauthorized device detection system of the present invention is a kind of unauthorized device detection system that is used to detect by the unauthorized device that duplicates production, comprise unauthorized device checkout equipment and a plurality of detection destination apparatus, each detects destination apparatus and comprises: storage unit is used for storing first validation value accordingly with target device identifiers; Notification unit is used for notifying described device identification and described first validation value to described unauthorized device checkout equipment; The lastest imformation acquiring unit is used for second validation value that obtains the demo plant identifier and generated by described unauthorized device checkout equipment from described unauthorized device checkout equipment; And updating block, if be used for described demo plant identifier and described target device identifiers coupling, then replace described first validation value with described second validation value, and described unauthorized device checkout equipment comprises: Dispatching Unit, be used to generate second validation value that is different from first validation value of storing accordingly with the demo plant identifier, store described second validation value accordingly replacing described first validation value with described demo plant identifier, and described demo plant identifier and described second validation value are distributed to the device of the described demo plant identifier of storage; Acquiring unit is used for detecting destination apparatus from any one and obtains target device identifiers and validation value; Judging unit, if be used for received target device identifiers and described demo plant identifier match, then judge the described validation value that obtains whether with described second verification value matches; And registering unit, be what negate if be used for described judgment unit judges, then in unauthorized device tabulation, register described target device identifiers.
Utilize this structure, validation value is updated in being judged as the device of mandate.In addition, the unauthorized device pick-up unit is judged the detection target device validation value of storage update whether store the target device identifiers identical with the demo plant identifier.The unauthorized device pick-up unit can detect illegal state, wherein i thus) be judged as the device of mandate and ii) stored and verified that identifier and the device that upgrades preceding validation value exist simultaneously.
Described notification unit also is used for described target device identifiers and described first validation value are write portable medium, and described acquiring unit also is used for reading described target device identifiers and described validation value by information collecting device from described portable medium.
Described information collecting device can comprise: reading unit is used for reading described target device identifiers and the described validation value that is written to the described portable medium from described portable medium; And transmitting element, be used to send described target device identifiers and described validation value, and described acquiring unit obtains described target device identifiers and described validation value from described information collecting device.
Utilize this structure, information collecting device obtains validation value by portable medium from detecting target device, and this validation value is sent to unauthorized device checkout equipment by communication port.Like this, disperse, also can be collected in the unauthorized device checkout equipment by each validation value that detects the target device storage even detect on the destination apparatus geography.
Information collecting device of the present invention is a kind of information collecting device, being used for will be by being sent to the unauthorized device checkout equipment that is used to detect by the unauthorized device that duplicates production as the detection destination apparatus institute canned data that detects target, described detection destination apparatus stores target device identifiers and the validation value that is generated by described unauthorized device checkout equipment, and described unauthorized device checkout equipment generates described validation value, store the validation value of described generation accordingly with the Authentication devices identifier, obtain target device identifiers and validation value, if described target device identifiers and described demo plant identifier match, the validation value of then judging described storage whether with the described verification value matches of obtaining, and it is fixed if the judgment is No, then in unauthorized device tabulation, register described target device identifiers, described information collecting device comprises: reading unit is used for reading by described detection destination apparatus from described portable medium and is written to described target device identifiers and validation value the described portable medium; And transmitting element, be used for target device identifiers of will read and the validation value of reading and send to described unauthorized device checkout equipment.
Utilize this structure, be sent to unauthorized device checkout equipment from the validation value that the detection destination apparatus obtains by communication port by portable medium.Like this, disperse, also can be collected in the unauthorized device checkout equipment by each validation value that detects the target device storage even detect on the destination apparatus geography.
Unauthorized device detection method of the present invention is a kind of unauthorized device detection method that is used to detect by the unauthorized device that duplicates production, comprise: distributing step, be used for storing first validation value accordingly with the demo plant identifier, generation is different from second validation value of described first validation value, store described second validation value replacing described first validation value, and described second validation value is distributed to the device that stores described demo plant identifier; Obtaining step is used for obtaining by detecting target device identifiers and the validation value that destination apparatus is written to described portable medium from portable medium; Determining step, if described target device identifiers and described demo plant identifier match, then judge the described validation value that obtains whether with described second verification value matches; And registration step, if described judgment unit judges is what negate, then in unauthorized device tabulation, register described target device identifiers.
Computer program of the present invention is a kind ofly to be used for detecting the computer program that uses by the unauthorized device detecting unit unauthorized device, that be equipped with storage unit that duplicates production, comprise: distributing step, be used for storing first validation value accordingly with the demo plant identifier, generation is different from second validation value of described first validation value, store described second validation value replacing described first validation value, and described second validation value is distributed to the device that stores described demo plant identifier; Obtaining step is used for obtaining by detecting target device identifiers and the validation value that destination apparatus is written to described portable medium from portable medium; Determining step, if described target device identifiers and described demo plant identifier match, then judge the described validation value that obtains whether with described second verification value matches; And registration step, if described judgment unit judges is what negate, then in unauthorized device tabulation, register described target device identifiers.
Recording medium of the present invention is computer-readable, and records computer program on it.
Utilize this structure, the validation value of being stored by device is updated in being judged as the device of mandate.Unauthorized device checkout equipment judges whether the detection destination apparatus that stores the target device identifiers identical with the demo plant identifier stores the validation value of renewal.Subsequently, unauthorized device checkout equipment can detect illegal state, wherein has been judged as the device of mandate and has stored the demo plant identifier to exist jointly with the device that upgrades preceding validation value.
Device information update method of the present invention is a kind of device information update method of being used by the content playback apparatus that is used to carry out content playback, described content playback apparatus comprises storage unit, is used for storing first validation value that is generated by the unauthorized device checkout equipment that is used to detect the unauthorized device by duplicating production accordingly with device identification; And described device information update method comprises: notifying process is used for notifying the described device identification and first validation value to described unauthorized device checkout equipment; Obtaining step, be used for obtaining the device identification and second validation value that is written to described portable medium in response to described notice by described unauthorized device checkout equipment from portable medium, described second validation value is generated by described unauthorized device checkout equipment; And step of updating, if described device identification of obtaining and the described device identification coupling that is stored in the described storage unit then replace described first validation value with described second validation value.
Computer program of the present invention is a kind of computer program that is used by the content playback apparatus that is used to carry out content playback, described content playback apparatus comprises storage unit, is used for storing first validation value that is generated by the unauthorized device checkout equipment that is used to detect the unauthorized device by duplicating production accordingly with device identification; And described computer program comprises: notifying process is used for notifying the described device identification and first validation value to described unauthorized device checkout equipment; Obtaining step, be used for obtaining the device identification and second validation value that is written to described portable medium in response to described notice by described unauthorized device checkout equipment from portable medium, described second validation value is generated by described unauthorized device checkout equipment; And step of updating, if described device identification of obtaining and the described device identification coupling that is stored in the described storage unit then replace described first validation value with described second validation value.
Recording medium of the present invention is the computer readable recording medium storing program for performing that records computer program on it.
Integrated circuit of the present invention is a kind of integrated circuit that is used by the content playback apparatus that is used to carry out content playback, comprise: storage unit is used for storing first validation value that is generated by the unauthorized device checkout equipment that is used to detect the unauthorized device by duplicating production accordingly with device identification; Notification unit is used for notifying the described device identification and first validation value to described unauthorized device checkout equipment; Acquiring unit, be used for obtaining in response to described notice by described unauthorized device checkout equipment from portable medium and be written to the device identification and second validation value the described portable medium, described second validation value is generated by described unauthorized device checkout equipment; And updating block, if be used for described device identification of obtaining and the described device identification coupling that is stored in described storage unit, then replace described first validation value with described second validation value.
Utilize this structure, the content playback apparatus validation value of the validation value overwrite storage that generates by unauthorized device checkout equipment.Subsequently, content playback apparatus can be sent to unauthorized checkout equipment with the up-to-date validation value that is generated by unauthorized device checkout equipment.The reproducing device of authorizing can prevent to send old validation value and be mistaken for unauthorized device like this.
Description of drawings
Fig. 1 shows the duplicate terminal of embodiments of the invention and searches the structure of system;
Fig. 2 shows the data structure of first portable medium of embodiments of the invention;
Fig. 3 A-3D shows the data structure of second portable medium of embodiments of the invention;
Fig. 4 is the block diagram of structure that shows the management server of embodiments of the invention;
Fig. 5 shows the data structure of storing in the storage unit of management server of embodiments of the invention;
Fig. 6 is the process flow diagram of example that shows the operation of management server of the present invention;
Fig. 7 is the block diagram of structure that shows the information collecting server of embodiments of the invention;
Fig. 8 is the process flow diagram of operation that shows the information collecting server of embodiments of the invention;
Fig. 9 is the block diagram of structure that shows the user terminal of embodiments of the invention;
Figure 10 shows the data structure of storing in the storage unit of the embodiment of the invention;
Figure 11 shows when second portable medium from user terminal is inserted into, the process flow diagram of the initial setting up of embodiments of the invention operation and renewal operation; And
Figure 12 shows the process flow diagram that the content playback in the user terminal of embodiments of the invention is handled.
Reference marker
1 duplicate terminal is searched system
2 management servers
3 information collecting servers
4 first portable mediums
5a-5m second portable medium
The 6a-6n user terminal
21 transmission/receiving elements
22 display units
23 storage unit
24 control modules
31 transmission/receiving elements
32 second portable medium access units
33 outside input blocks
34 control modules
61 second portable medium access units
62 first portable medium access units
63 output units
64 storage unit
65 control modules
241 receive processing unit
242 end message authentication units
243 end message generation units
244 title key ciphering units
245 send data generating unit
246 send processing unit
341 second portable mediums insert processing unit
342 heading message acquiring units
343 send data generating unit
344 send processing unit
345 receive processing unit
346 second portable medium data write units
651 second portable mediums insert processing unit
652 end message writing units
The 653 title key decryption unit of encrypting
654 end message updating blocks
655 first portable mediums insert processing unit
656 scramble process unit
7 communication ports
Embodiment
The duplicate terminal system of searching of first embodiment of the invention is the system that is used to search the duplicate terminal of being made and selling by unauthorized manufacturer etc.These duplicate terminals be by the legal manufacturing of bootlegging user terminal for example DVD player make.
Search system below with reference to description of drawings duplicate terminal.
Notion
The duplicate terminal of first embodiment of the invention is searched system 1 and is made of management server 2, information collecting server 3, first portable medium 4, the second portable medium 5a-5m (m is a natural number here), user terminal 6a-6n (n is a natural number here) and communication port 7.
First portable medium 4 is CD (for example DVD-ROM), records the mobile image content that uses title key to encrypt on it.First portable medium is sold by retail shop.
The second portable medium 5a-5m can both storage key for each and the rewritten portable medium (for example SD card) of end message.This key is required to decode and is recorded in the mobile image content of the encryption on first portable medium 4, need search the duplicate terminal about the end message of user terminal.The second portable medium 5a-5m is used to transmit data back and forth between information collecting server 3 and user terminal 6a-6n.
User terminal 6a-6n is reproducing device (a for example DVD player), is used to decipher and play the mobile image content that is recorded on first portable medium 4.Among the terminal 6a-6n each is stored pre-assigned private key, utilizes this private key and the information on corresponding one of the second portable medium 5a-5m of being stored in generates the title key of the mobile image content of encryption, and the content of enabling decryption of encrypted is also play this result.
Management server 2 is for being used to search the terminal of duplicate terminal.When information collecting server 3 was received information about one of user terminal 6a-6n, management server 2 judged whether the user terminal by the end message indication of obtaining is the duplicate terminal by communication port 7.If the judgment is No, then management server 2 generates the title key of encrypting, it is the encryption version of the title key of mobile image content, upgrades the information that is used to upgrade end message of user terminal storage, and the title key and the lastest imformation of encrypting is sent to information collecting server 3.Suppose that the duplicate terminal is to duplicate and stored to be used to make identical private key that this duplicates, that stored with the legal users terminal.Describe below about judging whether given terminal is the processing of duplicate terminal.
Be used to disclose the method for duplicate terminal below with reference to example explanation, wherein want to buy and the user of playback of content has the user terminal 6a and the second portable medium 5a.
At first, the user inserts the second portable medium 5a among the user terminal 6a.User terminal 6a will comprise that the end message of user terminal identification symbol etc. writes among the second portable medium 5a.
Then, the user takes the second portable medium 5a in the retail shop to, and second portable medium 5a insertion is installed in the information collecting server 3 of retail shop.
Based on this end message, management server 2 judges whether the user terminal of this end message is the duplicate terminal.If the judgment is No, then management server 2 generates the title key of encryption by the encrypted private key title key that uses user terminal.Title key is the key that is used for the mobile image content of scrambled record on first portable medium 4.It is also noted that the private key of user terminal is corresponding to end message.Management server 2 further generates the lastest imformation that is used to upgrade by the end message of user terminal storage, and the title key that will encrypt and lastest imformation send to information collecting server 3.
The user takes first portable medium 4 of the second portable medium 5a and purchase home, and first portable medium 4 and the second portable medium 5a are inserted among the user terminal 6a.
The title key of user terminal 6a enabling decryption of encrypted is to generate title key, and deciphering is recorded in the mobile image content of the encryption on first portable medium 4, plays this result.User terminal 6a is also based on the end message of lastest imformation updated stored.
Structure
The structure of first portable medium 4
First portable medium 4 be record on it title identifier and with DVD-ROM by the corresponding encrypted content of content of this title identifier sign.
Title identifier is utilized sequence number (1,2,3...) etc., unique designated store on first portable medium 4 film or the title of song.This content is with for example MPEG 2 (mobile motion picture expert group version) form coding, can decode this form and replay or export external unit to of user terminal.
For example, as shown in Figure 2, the content 402 " ENCCNT1 " that first portable medium 4 can be stored title identifier 401 " TLID1 " and encrypt.
ENCCNT1 utilizes the content " CNT1 " of encrypting with the corresponding title key of title identifier " TLID1 " " TLK1 ".ENCCNT1 can be expressed as Enc (TLK1, CNT1), wherein Enc (K, P) expression utilize encryption key K encrypting plaintext P to be obtained ciphertext.
Encryption and decryption depend on the encrypted private key method.In the present embodiment, encryption can be block encryption AES.Because AES is a known method, so the explanation of AES is omitted at this.
The structure of the second portable medium 5a
The second portable medium 5a is the SD card, storage user terminal table.
The user terminal table is made of one or more user terminal information.Every user terminal information comprises the title key of user terminal identification symbol, the first user terminal random number, the second user terminal random number, title identifier and encryption.
User terminal identification accords with among the identifying subscriber terminal 6a-6n uniquely.
The first user terminal random number is when the second portable medium 5a is inserted at last and user terminal identification accords with the random number that corresponding user terminal is stored.This moment, user terminal write the second portable medium 5a with first random number.
The second user terminal random number is generated by management server 2, in order to upgrade first random number by the user terminal storage.The second user terminal random number is write second portable medium by information collecting server 3, the second user terminal random number that this information collecting server 3 receives from management server 2.
Title identifier is the content of identification record on first portable medium 4 uniquely, and write the second portable medium 5a by information collecting server 3.
The title key of encrypting obtains encrypting corresponding to the title key of title identifier by utilizing the private key of being stored by the user terminal of user terminal identification symbol sign.
The first user terminal random number, the second user terminal random number, private key and title key all are 128 natural numbers.
The first terminal random number that " 0 " value representation of the second user terminal random number is stored in user terminal does not need to upgrade.The invalid still record not of the title key that " 0 " value representation of the title key of encrypting is encrypted.
Shown in Fig. 3 C, the second portable medium 5a can store user terminal table 501.User terminal table 501 comprises many user terminal informations 531, every information is made up of user terminal identification symbol 511 " TMIDa ", the first user terminal random number 512 " TMRND1a ", the second user terminal random number " TMRDN2a ", title key " TLID1 " and the title key encrypted " Enc (IKa, TLK1) ".
The structure of management server 2
As shown in Figure 4, management server 2 is made of transmission/receiving element 21, display unit 22, storage unit 23 and control module 24.
Management server 2 utilizes the computer system that is made of microprocessor, ROM, RAM, hard disk unit, display unit, keyboard, mouse, modulator-demodular unit etc. to realize.Procedure stores is in RAM and/or hard disk unit.Management server 2 is operated according to computer program by processor and is realized its function.
Transmission/receiving element 21 is modulator-demodular units etc., and itself and information collecting server 3 for example utilize the communication protocol of TCP/IP to come swap data by communication port 7.
Display unit 22 is display devices of LCD for example.Behind the idsplay order that receives from control module 24, display unit 22 is according to this repeater panel curtain.
As shown in Figure 5, storage unit 23 storage terminal admin tables 251 and title admin table 252.
Terminal management table 251 is made of many end messages.Every comprises user terminal identification symbol, the first management server random number, second management server random number and the private key.
User terminal identification accords with among the identifying subscriber terminal 6a to 6n.
The following describes TMIDx, it is the value (wherein x is between a to n) of the user terminal identification symbol of identifying subscriber terminal 6x.
The second management server random number is generated by the end message generation unit 243 of part introduction below, and it is used to upgrade the user terminal random number of being held by user terminal.The first management server random number was generated before the second management server random number by end message generation unit 243.
The first management server random number and the second management server random number can be 128 natural number.Value " 0 " the expression second user terminal random number is invalid.
Private key is unique Device keys, and each all is assigned to not same in the user terminal.Private key IKa is assigned to user terminal 6a, and private key Ikb is assigned to user terminal 6b, or the like.At last, private key Ikn is assigned to user terminal 6n.
As shown in Figure 5, terminal management table 251 can comprise a terminal management information 261.Terminal management information 261 comprises user terminal identification symbol 262, and it represents user terminal 6a, the first management server random number 263 " CRND1a ", the second management server random number 264 " CRND2a " and private key " IKa " with value " TMIDa ".
When the user terminal of authorizing is manufactured, be added in the terminal information table 251 corresponding to an end message of a new user terminal.
Title admin table 252 is made up of many title management information that comprise title identifier and title key.
Title identifier sign content, and title key is used for the content of encryption and decryption by the title key sign.
As shown in Figure 5, title admin table 252 can comprise a title management information 271.This title management information 271 comprises title identifier 272 " TLID1 " and is used for title key 273 by the content of TLID1 sign.
To the content that each bar is generated by content producer, a corresponding title management information is added in the title admin table 252.
As shown in Figure 4, control module 24 constitutes by receiving processing unit 241, end message authentication unit 242, end message generation unit 243, title key ciphering unit 244, transmission data generating unit 245 and sending processing unit 246.Control module 24 for example is the special-purpose microcomputer that comprises top each functional unit.Each unit can be realized by the program in the mask rom that writes microcomputer.Alternatively, each unit can be a microcomputer independently.
Receive processing unit 241 and receive user terminal identification symbol, first user terminal random number and the title identifier via transmission/receiving element 21 from information collecting server 3.This reception processing unit is exported the user terminal identification symbol that receives and the first user terminal random number then to end message authentication unit 242, and the output user terminal identification accords with and title identifier to title key ciphering unit 244.
End message authentication unit 242 receives from the user terminal identification symbol and the first user terminal random number that receive processing unit 241.The user terminal identification that end message authentication unit 242 obtains and receives from storage unit 23 then accords with the corresponding first management server random number.In addition, be stored in the storage unit 23 if accord with the corresponding second management server random number with user terminal identification, then end message authentication unit 242 further obtains this second management server random number.
Under the second management server random number is stored in situation in the memory cell 23, the end message authentication unit 242 checkings first user terminal random number whether with the second management server nonces match.
If coupling, then end message authentication unit 242 value of duplicating the second management server random number covers the value that is stored in the first management server random number in the storage unit 23, and deletes the second management server random number.End message authentication unit 242 is exported user terminal identification then and is accorded with to end message generation unit 243, and the generation of output encryption key is asked to title key ciphering unit 244.
When the second management server random number be stored when but the first user terminal random number and the second management server random number do not match, or when the second management server random number is not stored, the end message authentication unit verify the first user terminal random number whether with the first management server nonces match.
If the first user terminal random number and the first management server random number do not match, then end message authentication unit 242 makes display unit 22 show that it is the duplicate terminal that a screen representation and user terminal identification accord with corresponding user terminal.On the other hand, if the first user terminal random number and the first management server nonces match, then end message authentication unit 242 output user terminal identifications accord with to end message generation unit 243, and the generation of output encrypted title keys is asked to title key ciphering unit 244.
End message generation unit 243 receives the user terminal identification symbol from end message authentication unit 242, generate random number, and with the random number overwrite that generates to being stored in accordingly on the second management server random number in the storage unit 23 with the user terminal identification symbol.End message generation unit 243 is further exported identical random number to sending data generating unit 245 as the second user terminal random number.Here, this random number must be different from the random number that generated at once before random number.And, be known owing to generate the method for random number, so its explanation is omitted at this.
Title key ciphering unit 244 receives from the user terminal identification symbol that receives processing unit 241, and receives the encrypted title keys request from end message authentication unit 242.Title key ciphering unit 244 obtains with user terminal identification in the terminal management table from be stored in storage unit 23 252 then and accords with corresponding private key.Next, title key ciphering unit 244 is according to the encrypted private key title key that obtains, and generating the title key of encrypting, and the title key of exporting this title that receives and encryption is to sending data generating unit 245.
Send data generating unit 245 and from end message generation unit 243, receive the second user terminal random number, and from title key ciphering unit 244, receive the title key of title identifier and encryption.Send generation unit 245 and generate the update information data of the title key that comprises the second user terminal random number, title identifier and the encryption that receive then, and send this update information data to sending processing unit 246.
Send processing unit 246 and receive, and send these update instruction data to information collecting server 3 by transmission/receiving element 21 from the update instruction data that send data generating unit 245.
The structure of information collecting server
As shown in Figure 7, information collecting server 3 is made of transmission/receiving element 31, the second portable medium access unit 32, outside input block 33 and control module 34.
Transmission/receiving element 31 is a modulator-demodular unit etc., and utilizes tcp/ip communication agreement etc. and management server 2 swap datas by communication port 7.
The second portable medium access unit 32 is the SD card reader, and when detecting second portable medium and be inserted in the SD card slot (not shown), sends to insert and notify to control module 34.This SD card slot provides in information collecting server 3.The second portable medium access unit 32 further obtains data and writes data to it from second portable medium that inserts.
In the present embodiment, the title identifier of input is assumed that TLID1.
After receiving the insertion notice from the second portable medium access unit 32, second portable medium inserts processing unit 341 and obtains the user terminal identification symbol and the first user terminal random number that is recorded on second portable medium by the second portable medium access unit 32.
Second portable medium insert that processing unit 341 export then that the user terminal identification that obtains accords with and the first user terminal random number to sending data generating unit 343, and the output header information request is to heading message acquiring unit 342.
After receiving the heading message request from second portable medium insertion processing unit 341, heading message acquiring unit 342 sends the instruction of display messages with prompting user input header identifier to display 35, makes display 35 show these message.Next, because the user inputs to outside input block 33, the heading message acquiring unit receives title identifier, and the title identifier that output is obtained is to sending data generating unit 343.
Send data generating unit 343 and obtain the user terminal identification symbol and the first user terminal random number, and obtain title identifier from heading message acquiring unit 342 from second portable medium insertion processing unit 341.
Next, send data generating unit 343 and generate the transmission data that are used to be sent to management server 2.These transmission data comprise user terminal identification symbol, the first user terminal random number and the user's title identifier of obtaining.This transmission data generating unit 343 is exported this then and is sent data to transmission processing unit 344.
Send processing unit 344 and receive, and this sends data to management server 2 by 31 transmissions of transmission/receiving element from the transmission data that send data generating unit 343.
Receive processing unit 345 and pass through transmission/receiving element 31 from management server 2, reception comprises the update instruction data of the title key of the second user terminal random number, title identifier and encryption, and exports title key to the second portable medium data write unit 346 of the second user terminal random number, title identifier and encryption.
The second portable medium writing unit 346 is by the second portable medium access unit 32, receive the title key of the second user terminal random number, title identifier and encryption, and the title key of the second user terminal random number, title identifier and the encryption that will receive records on second portable medium.
The structure of user terminal 6a
User terminal 6a is made up of the second portable medium access unit 61, the first portable medium access unit 62, output unit 63, storage unit 64 and control module 65.
The second portable medium access unit 61 provides the SD card reader in user terminal 6a, and when detecting second portable medium and be inserted in the SD card slot (not shown), sends to insert and notify to control module 65.The second portable medium access unit 32 is reading of data and write data to it from second portable medium that inserts further.
The first portable medium access unit 62 provides the DVD driver in user terminal 6a, and when detecting first portable medium and be inserted in the DVD driver (not shown), sends to insert and notify to control module 65.The first portable medium access unit 62 is reading of data and write data to it from first portable medium that inserts further.
The random number and the heading message table of storage unit 64 storage user terminal identification symbols, private key, terminal storage.
User terminal identification symbol identifying subscriber terminal, and before dispatching from the factory, be written into user terminal.
Private key all is different concerning each user terminal, and is written into user terminal before dispatching from the factory.
The random number of terminal storage is used to detect the duplicate terminal by management server 2, and before user terminal dispatches from the factory given initial value " 0 ".
The heading message table is made of at least one heading message, and every heading message comprises title identifier and title key.Title key is used to the content of encryption and decryption by the title identifier sign.
When new heading message was acquired, the heading message of obtaining was added in the heading message table.
As shown in Figure 10, storage unit 64 is stored for example random number 673 " CRND1a " and the heading message table 681 of user terminal identification symbol 671 " TMIDa ", private key 672 " IKa ", terminal storage.Heading message table 681 comprises a heading message 682, and it is made of title identifier 683 " TLID1 " and title key 684 " TLK1 ", is used for the content of encryption and decryption by the TLID1 sign.
After the insertion notice that receives from the second portable medium access unit 61, second portable medium inserts processing unit 651 and obtains user terminal identification symbol 671 " TMIDa " that are stored in the storage unit 64.
Next, second portable medium inserts processing unit 651 by the second portable medium access unit 61, and whether the user terminal identification symbol that checking has value " TMIDa " is recorded on second portable medium.When the user identifier with value " TMIDa " was not recorded on second portable medium, second portable medium inserted processing unit 651 output user terminal identifications and accords with to end message writing unit 652 and end process.
On the other hand, when having value and be recorded on second portable medium for the user terminal identification of " TMIDa " symbol, second portable medium insert the processing unit 651 checkings second user terminal random number, title identifier and encrypted title keys whether with user terminal identification symbol " TMIDa " record accordingly.
If the second user terminal random number is recorded on second portable medium accordingly with user terminal identification symbol " TMIDa ", then second portable medium inserts the second user terminal random number that processing unit 651 outputs read to end message updating block 654, value with the second user terminal random number in the storage unit 64 rewrites the value of the first user terminal random number, and deletes the second user terminal random number.
If the title key of title identifier and encryption and user terminal identification symbol " TMIDa " are recorded on second portable medium accordingly, then second portable medium inserts processing unit 651 and reads the title key of title identifier and encryption by the second portable medium access unit 61 from second portable medium, the title key decryption unit 653 that the title identifier that output is read and the title key of encryption are extremely encrypted, and from second portable medium, delete the title key of title identifier and encryption.
The title key decryption unit 653 of encrypting is inserted processing unit 651 from second portable medium and is received the title key of title identifier and encryption, and obtains private key IKa from storage unit 64.
Next, the title key decryption unit 653 of encryption is obtained title key by the title key that utilizes private key IKa enabling decryption of encrypted, and title identifier and title key are joined in the heading message table 681.
End message updating block 654 inserts the processing unit 651 from second portable medium and obtains the second user terminal random number, and updates stored in the value of the random number of the terminal storage in the storage unit 64 with the value of the second user terminal random number that gets access to.
First portable medium inserts the insertion notice of processing unit 655 receptions from the first portable medium access unit 62, and obtains the title identifier that is recorded on first portable medium 4 by the first portable medium access unit 62.
Then, first portable medium inserts processing unit 655 and judges whether title key corresponding to the title identifier that gets access to is stored in the heading message table 681 in the storage unit 64, if and judge it is sure, from storage unit 64, obtain title key, and the title key that output gets access to is to scramble process unit 656.
Though the structure of user terminal 6a has been described above, the difference of other user terminal only be to have TMIDb to TMIDn as user terminal identification symbol and IKb to IKn as private key.Therefore the explanation of other-end omits.
Operation
The following describes the duplicate terminal and search the operation of system 1, comprise, by the appearance order, (1) initial setting up and renewal operation, the operation of (2) content purchase, and the operation of (3) content playback.
(1) initial setting up and to upgrade operation be operation performed when the user has the second portable medium 5a and user terminal 6a and the former is inserted the latter and come playback of content.(2) content purchase operation is to take the second portable medium 5a to store as the user, buys first portable medium 4, and the operation of carrying out when second portable medium inserted the information collecting server 3 that is installed in the store.(3) content playback operation is to return in to the home when first portable medium 4 that the user carries purchase, for view content, and the operation of carrying out when first portable medium 4 and second portable medium 5 are inserted user terminal 6a.
(1) initial setting up and renewal are handled
Initial setting up is described and upgrades operation below with reference to Figure 11.
Here, suppose that the user who wishes the purchase content has the user terminal 6a and the second portable medium 5a.The supposition of TMIDa value is used as the user terminal identification symbol and writes when dispatching from the factory in the storage unit 64 of user terminal 6a.Similarly, IKa also supposes as private key 672 and CRND1a and writes as the first user terminal random number 673.Also further there are not data in the supposition user terminal table 501 as shown in Figure 3A.
At first, the user inserts the second portable medium 5a in the draw-in groove of user terminal 6a.
The second portable medium access unit 61 detects this insertion, and will insert notice and send to second portable medium and insert processing unit 651 (step S601).
After receiving the insertion notice, second portable medium inserts processing unit 651 and read user terminal identification symbol 671 " TMIDa " (step S602) from storage unit 64.
Second portable medium inserts processing unit 651 then by the second portable medium access unit 651 search data from second portable medium, and has judged whether to write down the user terminal identification symbol (step S603) of same sample value (that is: TMIDa).
Be not recorded in the second portable medium 5a upward (being not among the step S603) if having the user terminal identification symbol of TMIDa value, then second portable medium inserts processing unit 651 output user terminal identifications and accords with TMIDa to end message writing unit 652.End message writing unit 652 receives the user terminal identification symbol TMIDa that inserts processing unit 651 from second portable medium.
End message writing unit 652 is read the first user terminal random number 673 " TMRND1a " then, and user terminal identification the symbol 671 and first user terminal random number 673 is recorded in the user terminal table of the second portable medium 5a by the second portable medium access unit 61, and end process (step S604).
In this stage, be recorded in user terminal table 501 among the second portable medium 5a and be in state shown in Fig. 3 B.
On the other hand,, goes up the user terminal identification of TMIDa symbol (among the step S603 for being) for being recorded in the second portable medium 5a if having value, then second portable medium inserts processing unit 651 judgements and whether is recorded in the second portable medium 5a upward (step S605) with user terminal identification symbol " TMIDa " corresponding second user terminal random number, and fixed if the judgment is No (being not among the step S605) then handled and proceeded to the step S607 that the following describes.
If judge with user terminal identification symbol " TMIDa " corresponding second user terminal random number and be recorded (among the step S605 for being), the user terminal table 501 that then is recorded on the second portable medium 5a is the state as shown in Fig. 3 C, and second portable medium inserts the processing unit 651 outputs second user terminal random number TMRND2a to end message updating block 654.In addition, second portable medium inserts processing unit 651 and by the second portable medium access unit 61 the value overwrite of the second user terminal random number is recorded in the first user terminal random number among the second portable medium 5a, and deletes the second user terminal random number.
End message updating block 654 inserts processing unit 651 from second portable medium and receives the second user terminal random number TMRND2a, and the value overwrite of the second user terminal random number TMRND2a is stored in the first user terminal random number (step S606) in the storage unit 64.
Next, second portable medium inserts processing unit 651 by the second portable medium access unit 61, and whether judgement is recorded in (step S607) on second portable medium with the title key of user terminal identification symbol corresponding title identifier of TMIDa and encryption.Fixed if the judgment is No (being not among the step S607), then second portable medium inserts processing unit 651 end process.If be judged as sure (in the step 607 for being), then second portable medium inserts processing unit 651 and reads the title key of title identifier and encryption, the title key of the title identifier that reads and encryption is sent to the title key decryption unit 653 of encryption, and the title key of deletion and user terminal identification symbol corresponding title identifier of TMIDa and encryption from the second portable medium 5a.
In this stage, the user terminal table 501 that is recorded on the second portable medium 5a is the state shown in Fig. 3 D.
The title key decryption unit 653 of encrypting is inserted the title key that receives title identifier and encryption the processing unit 651 from second portable medium, from storage unit 64, obtain private key 672, and utilize private key 672 to obtain title key by the title key of enabling decryption of encrypted.
For example, if title key is " TLID1 ", and the title key of encrypting is Enc (IKa, TLK1) (that is, title key " TLK1 " is encrypted with private key " IKa "), then the title key decryption unit 653 of Jia Miing is inserted processing unit 651 from second portable medium and is received TLID1 and Enc (IKa, TLK1), obtain private key 672 " IKa " from storage unit 64, and the title key Enc by utilizing private key IKa enabling decryption of encrypted (IKa TLK1) obtains title key TLK1.
The title key decryption unit 653 of encrypting combines the title identifier that receives as a heading message with the title key that obtains, adds in the heading message table 681 that is stored in the storage unit 64 (step S608), and end process.
(2) content purchase is handled
Here, the end message of supposing user terminal 6a comprises user terminal identification symbol TMIDa and user terminal random number TMRND1a, by above-mentioned initial setting up operation note on the second portable medium 5a.
The user takes the second portable medium 5a to retail shop, buys first portable medium 4, and the second portable medium 5a is inserted in the draw-in groove that provides in the information collecting server 3.The encrypted content ENCCNT1 that first portable medium has write down thereon by title identifier TLID1 sign (is ENC (TLK1, CNT1)).
Buy operation below with reference to Fig. 8 description.
In the information server 3, the second portable medium access unit 32 detects the second portable medium 5a and inserts in the draw-in groove, and will insert notice and send to second portable medium insertion processing unit (step S301).
Second portable medium inserts processing unit 341 and receives the insertion notice, and obtains the user terminal identification symbol TMIDa and the first user terminal random number TMRND1a (step S302).
Second portable medium inserts processing unit 341 and exports the user terminal identification symbol TMIDa and the first user terminal random number TMRND1a that obtains to transmission data generating unit 343 (step S303), and exports the heading message request to heading message acquiring unit 342.
Heading message acquiring unit 342 inserts processing unit 341 from second portable medium and receives the heading message request, and sends instruction with display message prompting user input header identifier to display 35.Display unit 35 is according to this instruction display message.
Be subjected to message notifying, the user buys the title identifier TLID1 of content by outside input block 33 input signs.
Heading message acquiring unit 342 obtains title identifier TLID1 (step S304) from outside input block 33, and exports the title identifier of obtaining to transmission data generating unit 343 (step S305).
Send data generating unit 343 and obtain the user terminal identification symbol TMIDa and the first user terminal random number TMRND1a from second portable medium insertion processing unit 341, receive title identifier TLID1 from heading message acquiring unit 342, generation comprises the transmission data of user terminal identification symbol TMIDa, the first user terminal random number TMRND1a and title identifier TLID1, and will send data and export transmission processing unit 344 (step S306) to.
Send processing unit 344 and receive the transmission data, and the transmission data that will receive are sent to management server 2 (step S307) by transmission/receiving element 31 from sending data generating unit.
Management server 2 receives and sends data and utilize the transmission data to carry out duplicate judgment processing (step S308).The duplicate judgment processing is incited somebody to action part explanation below.
The terminal updating data that management server 2 will generate in the duplicate judgment processing are sent to information collecting server 3.
The terminal updating data comprise the second user terminal random number TMRND2a, title identifier TLID1, and the title key ENCTLK1 that encrypts (is ENC (IKa, TLK1)).
Transmission/receiving element 31 in the information collecting server 3 waits the terminal updating data (in step S309 be not) of reception from management server 2, and when receiving the terminal updating data (among the step S309 for being), the terminal updating data are sent to receive processing unit 345.
Receive the second user terminal random number TMRND2a, title identifier TLID1 in the terminal updating data that processing unit 345 will be included in reception and the title key ENCTLK1 of encryption and export the second portable medium data write unit 346 (step S310) to.
The second portable medium data write unit 346 receives the title key ENCTLK1 of the second user terminal random number TMRND2a, title identifier TLID1 and encryption, and the second user terminal random number TMRND2a, the title identifier TLID1 that will receive and the title key ENCTLK1 of encryption are recorded in (step S311) on second portable medium by the second portable medium access unit 32.
Will be by the duplicate judgment processing that management server 2 is carried out in step S308 with reference to figure 6 explanation below.
Transmission/receiving element 21 in the management server 2 receives the transmission data from information collecting server 3, and will send data and be sent to reception processing unit 241.
Receive processing unit 241 and receive the transmission data, the user terminal identification that will the comprise symbol TMIDa and the first user terminal random number TMRND1a export end message authentication unit 242 to, and user terminal identification are accorded with TMIDa and title identifier TLID1 exports title key ciphering unit 244 (step S201) to.
End message authentication unit 242 receives the user terminal identification symbol TMIDa and the first user terminal random number TMRND1a (step S202) from receiving processing unit 241, judges whether the second management server random number is stored in (step S203) in the storage unit 23 accordingly with user terminal identification symbol TMIDa.If the second management server random number is not stored (being not among the step S203), then end message authentication unit 242 proceeds to below with the step S207 that illustrates.If the second management server random number is stored (step S203 is for being), then the end message authentication unit obtains the second management server random number CRND2a (step S204) from storage unit 23.
The value TMRND1a that end message authentication unit 242 is judged the first user terminal random number whether with the value CRND2a of the second management server random number be complementary (step S205), and fixed if the judgment is No (step S205 is for denying) then proceeds to the step S207 that the following describes.If be judged as sure (step S205 is for being), then the value CRND2a overwrite of the end message authentication unit 242 usefulness second management server random number and user terminal identification accord with the value CRND1a of the corresponding first management server random number of TMIDa, delete the second management server random number CRND2a, proceed to step S210 (step S206) then.
Do not match (being not among the step S205) if judge the value of the first user terminal random number TMRND1a and the second management server random number CRND2a, then end message authentication unit 242 obtains the corresponding first management server random number CRND1a (step S207) with user terminal identification symbol TMIDa from storage unit 23.
End message authentication unit 242 compares (step S208) with the value of the first user terminal random number TMRND1a and the value of the first management server random number CRND1a, and if judge two couplings (among the step S208 for being), then proceed to step S210.Do not match (being not among the step S208) if judge two, then 242 indications of end message authentication unit are duplicate with the corresponding user terminal of user terminal identification symbol TMIDa.Information Authentication unit 242 makes the display unit demonstration for example comprise the screen (step S209) of the message of " find duplicate: user terminal identification accords with TMIDa " then, proceeds to step S210 then.
End message authentication unit 242 accords with TMIDa with user terminal identification and exports end message generation unit 243 to, and the title key generation that output is encrypted is asked to title key ciphering unit 244 (step S210).
End message generation unit 243 obtains user terminal identification symbol TMIDa from end message authentication unit 242, generate new random number, and with the random number that the generates value as the second management server random number CRND2a, TMIDa is stored in the storage unit 23 accordingly with the user terminal identification symbol.
End message generation unit 243 also exports this random number to and sends data generating unit 245 (step S211) as the second user terminal random number TMRND2a.
Title key ciphering unit 244 receives user terminal identification symbol TMIDa and title identifier TLID1 from receiving processing unit 241, the title key that receives encryption from end message authentication unit 242 generates request, and obtains and user terminal identification corresponding private key IKa of symbol TMIDa and and the corresponding title key TLK1 of title identifier TLID1 from storage unit 23.
Title key ciphering unit 244 utilizes private key IKa encrypted title keys TLK1 to generate the title key ENCTLK1=Enc (TLK1 that encrypts then, IKa), export to and with the title key ENCTLK1 of title identifier TLDID1 and encryption and to send data generating unit 245 (step S212).
Send data generating unit 245 and from end message generation unit 243, receive the second user terminal random number TMRND2a, and receive the title key ENCTLK1 of title identifier TLID1 and encryption from title key ciphering unit 244.
Send data generating unit 245 and generate the terminal updating data, these terminal updating data comprise the second user terminal random number TMRND2a, the title identifier TLID1 of reception and the title key ENCTLK1 of encryption, and these terminal updating data are sent to transmission processing unit 246 (step S213).
Send processing unit 246 from sending more new data of data generating unit 245 receiving terminals, the terminal updating data are sent to information collecting server 3 by transmission/receiving element 21, and end process (step S214).
(3) playback is handled
Here, suppose that the user returns to home after retail shop is bought first portable medium 4, and first portable medium 4 and the second portable medium 5a are inserted user terminal 6a with view content.After the second portable medium 5a inserted, user terminal 6a carried out the renewal of the step S605 to S608 among Figure 11 and handles.
Below with reference to Figure 12, description is reset and is handled.
When first portable medium 4 was inserted in the dish slot that provides among the user terminal 6a, the first portable medium access unit 62 detected this insertion, and sent the insertion notice to first portable medium insertion processing unit 655.First portable medium inserts processing unit 655 and receives this insertion notice (step S651).
First portable medium inserts processing unit 655 and obtains the title identifier TLID1 (step S652) that is recorded on first portable medium by the first portable medium access unit 62.
First portable medium inserts processing unit 655 and judges with the corresponding title key TLK1 of title identifier TLID1 whether be stored in (step S653) in the storage unit 64, and fixed if the judgment is No (step S653 is for denying), then end process.If be judged as sure (step S653 is for being), then first portable medium inserts the corresponding title key TLK1 of title identifier TLID1 (step S654) that processing unit 655 is read and read from first portable medium 4 from storage unit 64, and output header cipher key T LK1 is to scramble process unit 656 (step S655).
When the output of the descrambling of the content ENCCT1 that encrypts and content is finished, scramble process unit 656 end process (step S656).
The supplemental instruction of the effect of embodiment
The supplemental instruction of effect of the present invention relates to following situation, one in the user terminal analyzed (in the situation of 6a) wherein, and have been found that the end message that comprises user terminal identification symbol TMIDa, the private key IKa and the first user terminal random number TMRND1a.
When end message is found by this way, also exist a large amount of duplicate terminals (6y represents) will appear at possibility on the market.
User terminal 6a and duplicate terminal 6y preserve same end message, comprise user terminal identification symbol TMIDa, the private key IKa and the first user terminal random number TMRND1a.
Here, suppose that (user is different users with the user (user y) of duplicate terminal a), and user a has second different portable medium 5a and the 5y with user y for the user of user terminal 6a.
At first, the user who considers user terminal 6a goes to buy the normal condition of first portable medium 4 of content.
In this case, the second portable medium 5a that is held by user a is inserted in the information collecting server 3 that is installed in the retail shop.
Management server 2 writes the second portable medium 5a with the title key and the new random number of encrypting then.New random number is the second user terminal random number with user terminal of user terminal identification symbol TMIDa.
User a inserts the second portable medium 5a among the user terminal 6a.The value of the first user terminal random number is updated to the value that is recorded in the second user terminal random number on the portable medium 5a then.
When the user bought another group content, the user was installed in second portable medium 5a insertion in the information collecting server 3 of retail shop according to the mode of front.
New random number is set to first random number on the second portable medium 5a then.
When receiving new random number by information collecting server 3, management server 2 recognizes that the first user terminal random number with the corresponding user terminal 6a of user terminal identification symbol TMIDa is updated.
Suppose that user y arrives retail shop subsequently and buys content.
In this case, user y inserts the second portable medium 5y in the aforesaid information server 3.
In this stage, the value of the first user terminal random number when second portable medium 5y storage user terminal identification symbol TMIDa that is held by user y and end message are found.
Like this, management server 2 is recognized corresponding certain user terminal 6x with user terminal identification symbol TMIDa, keeps the first old user terminal random number.
Management server 2 learns that the first user terminal random number with the corresponding user terminal 6a of user terminal identification symbol TMIDa has been updated to new random number.
Subsequently, there are at least two user terminals holding same user terminal identification symbol TMIDa in management server 2 judgements.
Management server shows that then there are the one or more duplicate that accord with the corresponding user terminal of TMIDa with user terminal identification in the warning indication.
Like this, the duplicate of user terminal can be found and detect to embodiments of the invention effectively.
Analyzed and have been found that under the situation of the end message relevant (user terminal identification symbol TMIDa, private key IKa and the first user terminal random number TMRND1a) as one in the user terminal (for example 6a) with user terminal 6a, can imagine that user terminal identification symbol TMIDa is changed to emitting (being TMIDz in this case) another form with the duplicate terminal avoiding detecting of supplementing with money.Such duplicate terminal is indicated as duplicate terminal 6z.
Yet in an embodiment of the present invention, management server 2 provides title key as the title key of encrypting for the content of the encryption of purchase, and its user terminal identification that has utilized and received accords with corresponding encrypted private key.
Subsequently, if user terminal identification symbol TMIDz is transmitted to management server 2, the duplicate terminal 6z that then holds private key IKa can not decipher the title key of the encryption that receives.
Subsequently, duplicate terminal 6z can not export the content of purchase.
Like this, supplement with emitting to supplement with money to replace the user terminal identification symbol find and will emit that to offer management server 2 be insignificant with money.Therefore embodiments of the invention can be emitted under the situation of supplementing replacement with money at the user identifier that finds effectively, stop the illegal use of content.
Revise
The foregoing description is exemplary enforcement of the present invention.Yet the present invention is not limited to this embodiment, and can adopt any various ways on the basis that does not depart from the scope of the present invention.Following modification also can comprise in the present invention.
(1) in this embodiment, each second portable medium be inserted in the information collecting server and management server 2 when information collecting server obtains information, management server 2 generates random numbers.This random number is recorded on second portable medium as the second user terminal random number then, and the random number of user terminal is updated.Yet the present invention is not limited to this scheme.The random number of user terminal section (for example month) is at the fixed time only upgraded once.Alternatively, random number can only be upgraded when receiving the request signal of random number renewal from the outside.Also may random number when reaching certain purchase number of times (for example, ten times), upgrade.These schemes can be by determining that when the renewal of random number there is no need management server 2 neither generates new random number and also the second user terminal random number is not stored on second portable medium and realizes.
In management server 2, when in step S205, judge do not match and, subsequently, when the value of the value of the first user terminal random number TMRND1a and the first management server random number CRND1a was mated in step S208, the requesting users terminal was confirmed as not being the duplicate terminal.This scheme is in view of needing the possibility of certain hour to make before the random number in the new terminal more.
In order to increase the preciseness of the standard of judging the duplicate terminal, when judging that in step S205 user terminal can be judged as the duplicate terminal under the situation that does not have coupling.Handle in this case and proceed directly to step S209.
(2) in this embodiment, random number is used to end message.Yet, can accept to use value except random number, as long as can discerning the third party that this value and this value can not do not had the relative users terminal, easily extrapolates management server 2.For example, this value can be to add 1 continuous number when being initiated with 0 each the renewal.Alternatively, the information that receives the time correlation of data from information collecting server 3 with management server 2 can be used.Can use the information that is inserted into the time correlation of information collecting server 3 with second portable medium.Can use second portable medium to insert the counting of the number of times of information collecting server 3.Can use and the history-sensitive information of playback that constitutes by content title.Alternatively, this information can be the cryptographic hash that gets from the history of resetting.
(3) in this embodiment, random number is used in the end message.Yet, can accept to use the arbitrary value that upgrades automatically by user terminal, as long as can not had the third party of relative users terminal, this value easily extrapolates.For example, can use with second portable medium and insert the relevant temporal information of user terminal at last.Can use second portable medium to insert the counting of the number of times of user terminal.When this value was generated by this way automatically, management server 2 no longer was required to upgrade end message.As a result of, can reduce the load of management server 2.
(4) this embodiment relates to the situation that each user holds the second independent portable medium, but the present invention is not limited to this scheme.For example, each user can hold two or more portable mediums.If each second portable medium has same user terminal identification symbol, then management server will receive same user terminal identification symbol by a plurality of second portable mediums.With this scheme, management server 2 both can write in second portable medium one with according with the corresponding second user terminal random number with user terminal identification, the same second user terminal random number can also be write in a plurality of second portable mediums.In two options, the former shortcoming is that then the user terminal random number can not be updated if the user has lost second portable medium that stores the second user terminal random number.And the latter is opposite, has lost second portable medium that stores the second user terminal random number even its advantage is the user, and the user terminal random number also can be updated.In order to realize the latter, random number can be upgraded complement mark and add in the end message that is recorded on second portable medium.When the renewal of the value of the first user terminal random number had been finished on whole user terminals, random number was finished updating mark and is written in the value that is recorded in the second user terminal random number on second portable medium.The interpolation of such sign can make with the corresponding same random number of unique user terminal identifier and be written into a plurality of second portable mediums.Even end message offers management server 2 by a plurality of second portable mediums, if the random number complement mark is recorded, then management server 2 is only recognized also that random number is upgraded and is finished.
(5) in this embodiment, second portable medium is a SD card etc., but second portable medium is not limited to the SD card.The IC-card that can calculate can be used to replace the SD card.In this case, second portable medium can be provided to utilize encryption etc. to verify user terminal before end message and title key information are provided.Can set up safer system like this.The random number of distortion (4) is upgraded complement mark and can be added in the IC-card.This random number that prevents that unauthorized user from unlawfully changing in second portable medium is upgraded complement mark.
Although first portable medium 4 is described to DVD-ROM, it is not limited to DVD-ROM, and can optionally be the similar mediums that BD, CD-R or other can memory contentss.In addition, second portable medium is not limited to the SD card, and can be the portable medium that allows overwriting data arbitrarily.
(6) in this embodiment, management server 2 utilizes second portable medium that heading message is provided in response to obtaining of end message, but the invention is not restricted to this scheme.For example, management server can only obtain end message and any information is not provided.Alternatively, management server 2 can be authorized a licence to the user terminal of exchange, be used to utilize second portable medium to obtain end message, this licence in the set time section effectively (for example, one month), and if licence in the set time section, do not upgrade then stop user terminal to use content.
(7) in this embodiment, the target that duplicate is searched system is the user terminal of output content, but the invention is not restricted to this.For example, to search the target of system can be second portable medium (for example SD card) to duplicate.Like this, this target can be the train pass, ticket basis, train ticket, IC-card, credit card, cash card, debit card, electronic money, electronic ticket, E-Passport, electronic bill, room entry/exit management card, driving license, social safety card, mobile phone, PDA, STB (set-top box), e-book, computing machine, IC tag, computer software, game on line licence or the like.Under any circumstance, the target that duplicate is searched system all is used as the storage random number, and can make duplicate search system applies in the technology except the user terminal of output content.
(8) in this embodiment, use AES encrypted private key method, but the invention is not restricted to make in this way.For example can use different encrypted private key method (for example DES) or key encrypt method (for example RSA).
(9) in this embodiment, management server 2 be when receiving two first different user terminal random numbers, and each judges that according with corresponding user terminal with user terminal identification is duplicate during corresponding to same user terminal identification symbol.Yet, the invention is not restricted to this.For example, management server 2 can be worked as and received when according with the predetermined threshold counting (for example 3) of the corresponding different first user terminal random number with same user terminal identification, judges that according with corresponding user terminal with user terminal identification is duplicate.Adopt this scheme, can reduce false detection rate.And this scheme may be used on a plurality of user terminals to be had in the system of common user terminal identification symbol.
For example, a plurality of user terminals of same pattern can have common user terminal identification symbol.In such system, it is the number with user terminal of same user terminal identification symbol at least that predetermined number is set to.Adopt this scheme,, also can detect duplicate even have in the system of common user terminal identification symbol at a plurality of user terminals.
(10) in explanation, each disposes modulator-demodular unit etc. management server 2 and information collecting server 3, and utilizes this modulator-demodular unit to communicate, but the invention is not restricted to this scheme.For example, the transmission/receiving element 21 of management server 2 and the transmission/receiving element 31 of information collecting server 3 can be lan adapter, and communication port 7 can be the Internet.
(11) in this embodiment, use 13 second portable medium 5a-5m in the example of description, but the quantity of medium is not limited to 13.Can use 12 or portable medium still less.Alternatively, can use 14 or more portable medium.Although use 14 user terminal 6a-6n in the example, the quantity of user terminal is not limited to 14.Can use 15 or more user terminal.Alternatively, can use 13 or user terminal still less.In addition, can use more than an information collecting server 3.Similarly, can use title identifier and title key more than one type.
When management server 2 is installed in retail shop, except information collecting server 3, can use to be used for the read/write device of access as the SD card of second portable medium.In this case, management server 2 can obtain title identifier by user's input except information collecting server 3.
(12) in this embodiment, content still the invention is not restricted to this scheme by retail stores sales, can also be used in the situation that content is hired out or leased.
(13) functional block of the control module 65 of the control module 34 of the control module 24 of management server 2, information collecting server 3 and each user terminal 6a-6n can be for using the integrated circuit of LSI.Each of these functional blocks may be implemented as single chip or is included as the part of single chip.
Although mention LSI, term changes with integrated level.Other titles comprise IC, system LSI, super LSI (super LSI) and super LSI (ultra LSI).
Special circuit or general processor can be used to replace the LSI method and realize integrated circuit.Can use the FPGA (field programmable gate array) that after LSI makes, programmes.Alternatively, can use permission that unit among the LSI is connected and the manufacturing that is provided with after the configuration processor again changed.
In addition, if the senior or derivative form of semiconductor technology replaces LSI as the technology that forms integrated circuit, it is integrated that then functional module can be utilized new technology.
(14) the present invention can be any said method.Alternatively, the present invention can be for utilizing the computer program of computer realization said method, or the digital signal of configuration program.The present invention can for example comprise floppy disk, hard disk, CD-ROM, MO, DVD, DVD-ROM, DVD-RAM, BD (Blu-ray disc) and semiconductor memory etc. for having the computer readable recording medium storing program for performing of this computer program or record digital signal thereon.Alternatively, the present invention can be for being recorded in computer program or the digital signal on any these recording mediums.The present invention can typically comprise telecommunications network, wireless or cable network and the Internet for computer program or the digital signal that sends by data broadcasting or network etc.The present invention can be for providing the computer system of microprocessor and storer, wherein memory stores computer program and microprocessor is operated according to this computer program.Computer program or digital signal can be carried out by the computer program or the digital signal conversion that will be recorded on the recording medium in the stand alone computer system that separates, or carry out by coordinate conversion computer program such as network or digital signal.
(15) the present invention can be the combination in any of the foregoing description and distortion.
Industrial applicability
Unauthorized device checkout equipment of the present invention, content playback apparatus, information collecting device, Program, recording medium and integrated circuit can be used in the management system of the content that needs copyright protection In the system, and can processed computer and digital electronic device for example content playback apparatus and usefulness Industrial produce and market in the management server of such reproducing device.
Claims (19)
1, a kind of unauthorized device checkout equipment that is used to detect by the unauthorized device that duplicates production comprises:
Dispatching Unit, be used for storing first validation value accordingly with the demo plant identifier, generation is different from second validation value of described first validation value, store described second validation value replacing described first validation value, and described second validation value is distributed to the device of the described demo plant identifier of storage;
Acquiring unit is used for obtaining by detecting target device identifiers and the validation value that destination apparatus is written to described portable medium from portable medium;
Judging unit, if be used for described target device identifiers and described demo plant identifier match, then judge the described validation value that obtains whether with described second verification value matches; And
Registering unit is what negate if be used for described judgment unit judges, then the described target device identifiers of registration in unauthorized device tabulation.
2, unauthorized device checkout equipment as claimed in claim 1, wherein
If described judgment unit judges is sure, then described Dispatching Unit further generates the 3rd validation value that is different from described second validation value, store described the 3rd validation value replacing described second validation value, and described the 3rd validation value is distributed in the described detection destination apparatus.
3, unauthorized device checkout equipment as claimed in claim 1 also comprises:
The title key storage unit is used to store the title key that is used to decipher the content of having encrypted, wherein
If described judgment unit judges is sure, then described Dispatching Unit further is distributed to described title key described detection destination apparatus.
4, unauthorized device checkout equipment as claimed in claim 2, described detection destination apparatus stores private key therein, and described unauthorized device checkout equipment also comprises:
The title key storage unit is used to store and is used to decipher the title key of content encoded;
The duplicate key storage unit is used for storing duplicate key as the copy of described private key accordingly with described demo plant identifier; And
The title key generation unit of encrypting is used to utilize described duplicate key to encrypt described title key to generate the title key of encrypting, wherein
If described judgment unit judges is sure, then described Dispatching Unit further is distributed to described detection destination apparatus with the title key of described encryption.
5, unauthorized device checkout equipment as claimed in claim 1 also comprises:
Counting unit is used to count the number of times of the affirmative determination of being made by described judging unit; And
The counting judging unit is used to judge whether the sum of affirmative determination surpasses predetermined quantity, wherein
If described sum surpasses described predetermined quantity, then described Dispatching Unit is further used for generating the 3rd validation value that is different from described second validation value, replace described first validation value with described the 3rd validation value, and described second validation value is distributed to described detection destination apparatus.
6, unauthorized device checkout equipment as claimed in claim 1 also comprises:
The time period measuring unit is used to measure from the last validation value of described Dispatching Unit and divides the time period of initiating; And
The time period judging unit is used to judge that whether the T.T. section surpasses the preset time section, wherein,
If described T.T., section surpassed described preset time section, then described Dispatching Unit also is used to generate the 3rd validation value that is different from described second validation value, replace described second validation value with described the 3rd validation value, and described the 3rd validation value is distributed to described detection destination apparatus.
7, unauthorized device checkout equipment as claimed in claim 1, wherein
Described Dispatching Unit is used to generate random number to be used as each validation value.
8, a kind of content playback apparatus that is used to carry out content playback comprises:
Storage unit is used for storing first validation value that is generated by the unauthorized device checkout equipment that is used to detect the unauthorized device by duplicating production accordingly with device identification;
Notification unit is used for notifying the described device identification and first validation value to described unauthorized device checkout equipment;
Acquiring unit, be used for from the portable medium deriving means identifier and second validation value, this device identification and second validation value are write on the described portable medium by described unauthorized device checkout equipment in response to described notice, and described second validation value is generated by described unauthorized device checkout equipment; And
Updating block if be used for described device identification of obtaining and the device identification coupling that is stored in described storage unit, then replaces described first validation value with described second validation value.
9, a kind of unauthorized device detection system that is used to detect by the unauthorized device that duplicates production comprises unauthorized device checkout equipment and a plurality of detection destination apparatus,
Each detects destination apparatus and comprises:
Storage unit is used for storing first validation value accordingly with target device identifiers;
Notification unit is used for notifying described device identification and described first validation value to described unauthorized device checkout equipment;
The lastest imformation acquiring unit is used for second validation value that obtains the demo plant identifier and generated by described unauthorized device checkout equipment from described unauthorized device checkout equipment; And
Updating block if be used for described demo plant identifier and described target device identifiers coupling, then replaces described first validation value with described second validation value, and
Described unauthorized device checkout equipment comprises:
Dispatching Unit, be used to generate second validation value that is different from first validation value of storing accordingly with the demo plant identifier, store described second validation value accordingly replacing described first validation value with described demo plant identifier, and described demo plant identifier and described second validation value are distributed to the device of the described demo plant identifier of storage;
Acquiring unit is used for detecting destination apparatus from any one and obtains target device identifiers and validation value;
Judging unit, if be used for received target device identifiers and described demo plant identifier match, then judge the described validation value that obtains whether with described second verification value matches; And
Registering unit is what negate if be used for described judgment unit judges, then the described target device identifiers of registration in unauthorized device tabulation.
10, unauthorized device detection system as claimed in claim 9, wherein
Described notification unit also is used for described target device identifiers and described first validation value are write portable medium, and
Described acquiring unit also is used for reading described target device identifiers and described validation value by information collecting device from described portable medium.
11, unauthorized device detection system as claimed in claim 10, wherein
Described information collecting device comprises:
Reading unit is used for reading described target device identifiers and the described validation value that is written to the described portable medium from described portable medium; And
Transmitting element is used to send described target device identifiers and described validation value, and
Described acquiring unit obtains described target device identifiers and described validation value from described information collecting device.
12, a kind of information collecting device is used for and will be sent to the unauthorized device checkout equipment that is used to detect by the unauthorized device that duplicates production by the detection destination apparatus institute canned data as the detection target,
Described detection destination apparatus stores target device identifiers and the validation value that is generated by described unauthorized device checkout equipment, and
Described unauthorized device checkout equipment generates described validation value, store the validation value of described generation accordingly with the Authentication devices identifier, obtain target device identifiers and validation value, if described target device identifiers and described demo plant identifier match, the validation value of then judging described storage whether with the described verification value matches of obtaining, and fixed if the judgment is No, then in unauthorized device tabulation, register described target device identifiers
Described information collecting device comprises:
Reading unit is used for reading by described detection destination apparatus from described portable medium and is written to described target device identifiers and validation value the described portable medium; And
Transmitting element is used for target device identifiers of will read and the validation value of reading and sends to described unauthorized device checkout equipment.
13, a kind of unauthorized device detection method that is used to detect by the unauthorized device that duplicates production comprises:
Distributing step, be used for storing first validation value accordingly with the demo plant identifier, generation is different from second validation value of described first validation value, store described second validation value replacing described first validation value, and described second validation value is distributed to the device that stores described demo plant identifier;
Obtaining step is used for obtaining by detecting target device identifiers and the validation value that destination apparatus is written to described portable medium from portable medium;
Determining step, if described target device identifiers and described demo plant identifier match, then judge the described validation value that obtains whether with described second verification value matches; And
Registration step if described judgment unit judges is what negate, is then registered described target device identifiers in unauthorized device tabulation.
14, a kind ofly be used for detecting the computer program that uses by the unauthorized device detecting unit unauthorized device, that be equipped with storage unit that duplicates production, comprising:
Distributing step, be used for storing first validation value accordingly with the demo plant identifier, generation is different from second validation value of described first validation value, store described second validation value replacing described first validation value, and described second validation value is distributed to the device that stores described demo plant identifier;
Obtaining step is used for obtaining by detecting target device identifiers and the validation value that destination apparatus is written to described portable medium from portable medium;
Determining step, if described target device identifiers and described demo plant identifier match, then judge the described validation value that obtains whether with described second verification value matches; And
Registration step if described judgment unit judges is what negate, is then registered described target device identifiers in unauthorized device tabulation.
15, computer program as claimed in claim 14, wherein
Described computer program is recorded on the computer readable recording medium storing program for performing.
16, a kind of device information update method of using by the content playback apparatus that is used to carry out content playback,
Described content playback apparatus comprises storage unit, is used for storing first validation value that is generated by the unauthorized device checkout equipment that is used to detect the unauthorized device by duplicating production accordingly with device identification;
And described device information update method comprises:
Notifying process is used for notifying the described device identification and first validation value to described unauthorized device checkout equipment;
Obtaining step, be used for obtaining the device identification and second validation value that is written to described portable medium in response to described notice by described unauthorized device checkout equipment from portable medium, described second validation value is generated by described unauthorized device checkout equipment; And
Step of updating is if described device identification of obtaining and the described device identification coupling that is stored in the described storage unit then replace described first validation value with described second validation value.
17, a kind of computer program that uses by the content playback apparatus that is used to carry out content playback,
Described content playback apparatus comprises storage unit, is used for storing first validation value that is generated by the unauthorized device checkout equipment that is used to detect the unauthorized device by duplicating production accordingly with device identification;
And described computer program comprises:
Notifying process is used for notifying the described device identification and first validation value to described unauthorized device checkout equipment;
Obtaining step, be used for obtaining the device identification and second validation value that is written to described portable medium in response to described notice by described unauthorized device checkout equipment from portable medium, described second validation value is generated by described unauthorized device checkout equipment; And
Step of updating is if described device identification of obtaining and the described device identification coupling that is stored in the described storage unit then replace described first validation value with described second validation value.
18, computer program as claimed in claim 17, wherein
Described computer program is recorded on the computer readable recording medium storing program for performing.
19, a kind of integrated circuit that is used by the content playback apparatus that is used to carry out content playback comprises:
Storage unit is used for storing first validation value that is generated by the unauthorized device checkout equipment that is used to detect the unauthorized device by duplicating production accordingly with device identification;
Notification unit is used for notifying the described device identification and first validation value to described unauthorized device checkout equipment;
Acquiring unit, be used for obtaining in response to described notice by described unauthorized device checkout equipment from portable medium and be written to the device identification and second validation value the described portable medium, described second validation value is generated by described unauthorized device checkout equipment; And
Updating block if be used for described device identification of obtaining and the described device identification coupling that is stored in described storage unit, then replaces described first validation value with described second validation value.
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP2004360436 | 2004-12-13 | ||
| JP360436/2004 | 2004-12-13 | ||
| JP360437/2004 | 2004-12-13 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1957356A true CN1957356A (en) | 2007-05-02 |
| CN100470573C CN100470573C (en) | 2009-03-18 |
Family
ID=38063741
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB200580004617XA Active CN100470573C (en) | 2004-12-13 | 2005-12-12 | Unauthorized deice detection device, unauthorized device detection system, unauthorized device detection method, program, recording medium, and device information update method |
| CNB2005800428102A Active CN100527148C (en) | 2004-12-13 | 2005-12-12 | Unauthorized device detection device, unauthorized device detection system, |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2005800428102A Active CN100527148C (en) | 2004-12-13 | 2005-12-12 | Unauthorized device detection device, unauthorized device detection system, |
Country Status (1)
| Country | Link |
|---|---|
| CN (2) | CN100470573C (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102075323A (en) * | 2010-12-10 | 2011-05-25 | 惠州市德赛视听科技有限公司 | Production management method of digital right management (DRM) key in blu-ray DVD player |
| CN102231054A (en) * | 2011-06-08 | 2011-11-02 | 珠海天威技术开发有限公司 | Chip, data communication method for chip, consumable container and imaging equipment |
| CN102270183A (en) * | 2011-07-08 | 2011-12-07 | 宇龙计算机通信科技(深圳)有限公司 | Method and device for increasing security of data card |
| CN102498702A (en) * | 2009-07-20 | 2012-06-13 | 美国唯美安视国际有限公司 | Systems and methods for detecting clone playback devices |
| CN102687159A (en) * | 2009-10-19 | 2012-09-19 | 杉中顺子 | Terminal management system and terminal management method |
| CN103020500A (en) * | 2011-09-28 | 2013-04-03 | 联想(北京)有限公司 | Login authentication method and electronic device |
| CN103503069A (en) * | 2011-05-16 | 2014-01-08 | 松下电器产业株式会社 | Duplication judgment device and duplication management system |
| CN107368737A (en) * | 2016-05-13 | 2017-11-21 | 阿里巴巴集团控股有限公司 | A kind of processing method for preventing copy-attack, server and client |
| CN108475482A (en) * | 2016-01-20 | 2018-08-31 | 瑞萨电子欧洲有限公司 | Integrated circuit with anti-counterfeiting resistance |
| CN110289956A (en) * | 2019-06-27 | 2019-09-27 | 飞天诚信科技股份有限公司 | A kind of cloud speaker updates the method and system of configuration |
| CN116150731A (en) * | 2022-11-28 | 2023-05-23 | 深圳市富临通实业股份有限公司 | Method for preventing MCU internal program from plagiarism based on UID |
-
2005
- 2005-12-12 CN CNB200580004617XA patent/CN100470573C/en active Active
- 2005-12-12 CN CNB2005800428102A patent/CN100527148C/en active Active
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102498702A (en) * | 2009-07-20 | 2012-06-13 | 美国唯美安视国际有限公司 | Systems and methods for detecting clone playback devices |
| CN102687159A (en) * | 2009-10-19 | 2012-09-19 | 杉中顺子 | Terminal management system and terminal management method |
| CN102075323A (en) * | 2010-12-10 | 2011-05-25 | 惠州市德赛视听科技有限公司 | Production management method of digital right management (DRM) key in blu-ray DVD player |
| CN103503069A (en) * | 2011-05-16 | 2014-01-08 | 松下电器产业株式会社 | Duplication judgment device and duplication management system |
| CN102231054A (en) * | 2011-06-08 | 2011-11-02 | 珠海天威技术开发有限公司 | Chip, data communication method for chip, consumable container and imaging equipment |
| CN102231054B (en) * | 2011-06-08 | 2013-01-02 | 珠海天威技术开发有限公司 | Chip, data communication method for chip, consumable container and imaging equipment |
| CN102270183A (en) * | 2011-07-08 | 2011-12-07 | 宇龙计算机通信科技(深圳)有限公司 | Method and device for increasing security of data card |
| CN103020500B (en) * | 2011-09-28 | 2019-02-05 | 联想(北京)有限公司 | Login authentication method and electronic equipment |
| CN103020500A (en) * | 2011-09-28 | 2013-04-03 | 联想(北京)有限公司 | Login authentication method and electronic device |
| CN108475482A (en) * | 2016-01-20 | 2018-08-31 | 瑞萨电子欧洲有限公司 | Integrated circuit with anti-counterfeiting resistance |
| CN107368737A (en) * | 2016-05-13 | 2017-11-21 | 阿里巴巴集团控股有限公司 | A kind of processing method for preventing copy-attack, server and client |
| US10887343B2 (en) | 2016-05-13 | 2021-01-05 | Advanced New Technologies Co., Ltd. | Processing method for preventing copy attack, and server and client |
| US10999321B2 (en) | 2016-05-13 | 2021-05-04 | Advanced New Technologies Co., Ltd. | Processing method for preventing copy attack, and server and client |
| CN110289956A (en) * | 2019-06-27 | 2019-09-27 | 飞天诚信科技股份有限公司 | A kind of cloud speaker updates the method and system of configuration |
| CN116150731A (en) * | 2022-11-28 | 2023-05-23 | 深圳市富临通实业股份有限公司 | Method for preventing MCU internal program from plagiarism based on UID |
| CN116150731B (en) * | 2022-11-28 | 2023-09-15 | 深圳市富临通实业股份有限公司 | Method for preventing MCU internal program from plagiarism based on UID |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100470573C (en) | 2009-03-18 |
| CN101080723A (en) | 2007-11-28 |
| CN100527148C (en) | 2009-08-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1957356A (en) | Unauthorized deice detection device, unauthorized device detection system, unauthorized device detection method, program, recording medium, and device information update method | |
| CN1160955C (en) | Data transmitter, data transmitting method, data receiver, information processor, and information recording medium | |
| CN1269333C (en) | Information processing method, device and program | |
| CN1125407C (en) | Information processing apparatus, information processing method, information processing system and recording medium | |
| CN1217509C (en) | Content data storage | |
| CN100340079C (en) | Device for reproducing data | |
| CN1310462C (en) | Data protection system that protects data by encrypting the data | |
| CN1708971A (en) | System and method for pushing information from a service provider to a communication terminal comprising a memory card | |
| CN1235131C (en) | Device for data reproduction | |
| CN1855112A (en) | Content information providing system, content information providing server, content reproduction apparatus, content information providing method, content reproduction method and computer program | |
| CN1396568A (en) | Digital works protection system, recording medium device, transmission device and playback device | |
| CN1423871A (en) | Data distributing system and recording medium used for it | |
| CN1682174A (en) | Group formation/management system, group management device, and member device | |
| CN1324487C (en) | Data storing device | |
| CN1795466A (en) | Storage medium rental system | |
| CN1735939A (en) | Content distribution system, recording device and method, reproduction device and method, and program | |
| CN1930625A (en) | Content playback device | |
| CN1886734A (en) | Authentication system | |
| CN1759559A (en) | Copyright protection system, recording apparatus, reproduction apparatus, and recording medium | |
| CN1476580A (en) | Content usage authority management system and management method | |
| CN1914649A (en) | Authentication system, authentication device, and recording medium | |
| CN1520655A (en) | Information processing appts. and method, and storage medium | |
| CN1571959A (en) | Information processing device, information processing method, and computer program | |
| CN1767036A (en) | Information management method, information reproduction apparatus, and information management apparatus | |
| CN1820315A (en) | Content reproducing apparatus, content reproducing method, and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |