IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0900584
(2001-07-06)
|
등록번호 |
US-7343491
(2008-03-11)
|
우선권정보 |
JP-P2000-205615(2000-07-06); JP-P2000-211787(2000-07-12) |
발명자
/ 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
Lerner, David, Littenberg, Krumholz & Mentlik, LLP
|
인용정보 |
피인용 횟수 :
3 인용 특허 :
33 |
초록
▼
In order to limit use of content, when a source receives a request for transmitting content from a sink, the source performs an authentication process. When the authentication is successful, the source transmits to the sink key information necessary for decrypting the encryption applied to the conte
In order to limit use of content, when a source receives a request for transmitting content from a sink, the source performs an authentication process. When the authentication is successful, the source transmits to the sink key information necessary for decrypting the encryption applied to the content. The sink can receive the content by receiving the key information and by decrypting the encryption applied to the content by using the key information.
대표청구항
▼
The invention claimed is: 1. An information processing apparatus for carrying out secure transmission of content to another apparatus over a network, said information processing apparatus comprising: an encryption unit operable to encrypt the content; an authentication unit operable to receive auth
The invention claimed is: 1. An information processing apparatus for carrying out secure transmission of content to another apparatus over a network, said information processing apparatus comprising: an encryption unit operable to encrypt the content; an authentication unit operable to receive authentication information from the another apparatus when the another apparatus requests permission to receive the encrypted content, and to determine whether the authentication information is valid; a first obtaining unit operable to obtain identification information of the another apparatus from the authentication information when the authentication information is valid and to determine whether the identification information of the another apparatus is already stored in a storage unit; a transmitting unit operable to transmit a decryption key needed to decrypt the encrypted content to the another apparatus when the authentication information is valid and a count of a total number of apparatuses having permission to receive the encrypted content is less than a maximum value; a first counting unit operable to increment by one the count of the total number of apparatuses having permission to receive the encrypted content when the identification information of the another apparatus is not already stored in said storage unit and the count of the total number of apparatuses having permission to receive the encrypted content is less than the maximum value; said storage unit being operable to store the identification information of the another apparatus when the identification information of the another apparatus is not already stored in said storage unit; and an information updating unit operable to delete the identification information stored in said storage unit and to reset the count of the total number of apparatuses having permission to receive the encrypted content when the decryption key needed to decrypt the encrypted content is changed. 2. An information processing apparatus according to claim 1, wherein the another apparatus is operable to transmit the encrypted content to a plurality of further apparatuses over the network, and said information processing apparatus further comprises: a second obtaining unit operable to obtain a first value and a second value from the another apparatus when the authentication information is valid, the first value being a number of apparatuses in the plurality of further apparatuses that are newly requesting permission to receive the encrypted content, and the second value being a total number of apparatuses in the plurality of further apparatuses; and a second counting unit operable to increment the count of the total number of apparatuses having permission to receive the encrypted content by the first value when (i) the sum of the first value and the count of the total number of apparatuses having permission to receive the encrypted content is at most equal to the maximum value and (ii) the identification information of the another apparatus is already stored in said storage unit, said second counting unit being operable to increment the count of the total number of apparatuses having permission to receive the encrypted content to receive the encrypted content by the second value when (i) the sum of the second value and the count of the total number of apparatuses having permission to receive the encrypted content is at most equal to the maximum value and (ii) the identification information of the another apparatus is not already stored in said storage unit. 3. An information processing apparatus according to claim 1, wherein the authentication information includes first authentication information and second authentication information, and said authentication unit includes: a first authentication subunit operable to receive the first authentication information from the another apparatus when the another apparatus requests permission to receive the encrypted content, and to determine whether the first authentication information is valid; and a second authentication subunit operable to transmit a request for the second authentication information to the another apparatus when the first authentication information is valid, to receive the second authentication information from the another apparatus, and to determine whether the second authentication information is valid; said transmitting unit being operable to transmit the decryption key to the another apparatus when the second authentication information is valid and the count of the total number of apparatuses having permission to receive the encrypted content is less than the maximum value. 4. A method for carrying out secure transmission of content from an information processing apparatus to another apparatus over a network, said method comprising: encrypting the content; receiving authentication information from the another apparatus when the another apparatus requests permission to receive the encrypted content; determining whether the authentication information is valid; obtaining identification information of the another apparatus from the authentication information when the authentication information is valid; determining whether the identification information of the another apparatus is already stored; transmitting a decryption key needed to decrypt the encrypted content to the another apparatus when the authentication information is valid and a count of a total number of apparatuses having permission to receive the encrypted content is less than a maximum value; incrementing by one the count of the total number of apparatuses having permission to receive the encrypted content when the identification information of the another apparatus is not already stored and the count of the total number of apparatuses having permission to receive the encrypted content is less than the maximum value; storing the identification information of the another apparatus when the identification information of the another apparatus is not already stored; and deleting the stored identification information and resetting the count of the total number of apparatuses having permission to receive the encrypted content when the decryption key needed to decrypt the encrypted content is changed. 5. A method according to claim 4, wherein the another apparatus is operable to transmit the encrypted content to a plurality of further apparatuses over the network, and said method further comprises: obtaining a first value and a second value from the another apparatus when the authentication information is valid, the first value being a number of apparatuses in the plurality of further apparatuses that are newly requesting permission to receive the encrypted content, and the second value being a total number of apparatuses in the plurality of further apparatuses; incrementing the count of the total number of apparatuses having permission to receive the encrypted content by the first value when (i) the sum of the first value and the count of the total number of apparatuses having permission to receive the encrypted content is at most equal to the maximum value and (ii) the identification information of the another apparatus is already stored in said storage unit; and incrementing the count of the total number of apparatuses having permission to receive the encrypted content by the second value when (i) the sum of the second value and the count of the total number of apparatuses having permission to receive the encrypted content is at most equal to the maximum value and (ii) the identification information of the another apparatus is not already stored in said storage unit. 6. A computer-readable medium having recorded thereon computer program instructions for executing a method for carrying out secure transmission of content from an information processing apparatus to another apparatus over a network, said method comprising: encrypting the content; receiving authentication information from the another apparatus when the another apparatus requests permission to receive the encrypted content; determining whether the authentication information is valid; obtaining identification information of the another apparatus from the authentication information when the authentication information is valid; determining whether the identification information of the another apparatus is already stored; transmitting a decryption key needed to decrypt the encrypted content to the another apparatus when the authentication information is valid and a count of a total number of apparatuses having permission to receive the encrypted content is less than a maximum value; incrementing by one the count of the total number of apparatuses having permission to receive the encrypted content when the identification information of the another apparatus is not already stored and the count of the total number of apparatuses having permission to receive the encrypted content is less than the maximum value; storing the identification information of the another apparatus when the identification information of the another apparatus is not already stored; and deleting the stored identification information and resetting the count of the total number of apparatuses having permission to receive the encrypted content when the decryption key needed to decrypt the encrypted content is changed. 7. A computer-readable medium according to claim 6, wherein the another apparatus is operable to transmit the encrypted content to a plurality of further apparatuses over the network, and said method further comprises: obtaining a first value and a second value from the another apparatus when the authentication information is valid, the first value being a number of apparatuses in the plurality of further apparatuses that are newly requesting permission to receive the encrypted content, and the second value being a total number of apparatuses in the plurality of further apparatuses; incrementing the count of the total number of apparatuses having permission to receive the encrypted content by the first value when (i) the sum of the first value and the count of the total number of apparatuses having permission to receive the encrypted content is at most equal to the maximum value and (ii) the identification information of the another apparatus is already stored in said storage unit; and incrementing the count of the total number of apparatuses having permission to receive the encrypted content by the second value when (i) the sum of the second value and the count of the total number of apparatuses having permission to receive the encrypted content is at most equal to the maximum value and (ii) the identification information of the another apparatus is not already stored in said storage unit. 8. An information processing apparatus for carrying out secure receiving of content from a first apparatus over a first network connection and for carrying out secure transmission of the content to a second apparatus over a second network connection, said information processing apparatus comprising: a first transmitting unit operable to transmit to the first apparatus a request for permission to receive the content; a first authentication unit operable to perform a first authentication procedure with the first apparatus; a receiver operable to receive a first decryption key needed to decrypt the encrypted content from the first apparatus when the first authentication procedure is successful; a decryption unit operable to use the first decryption key to decrypt encrypted content received from the first apparatus; a reencryption unit operable to reencrypt the decrypted content; a second authentication unit operable to receive authentication information from the second apparatus when a request for permission to receive the content is made from the second apparatus and to determine whether the authentication information is valid; a first obtaining unit operable to obtain identification information of the second apparatus from the authentication information when the authentication information is valid and to determine whether the identification information of the second apparatus is already stored in a storage unit; a second transmitting unit operable to transmit a second decryption key needed to decrypt the reencrypted content to the second apparatus when the authentication information is valid and a count of a total number of apparatuses having permission to receive the reencrypted content is less than a maximum value; a first counting unit operable to increment by one the count of the number of apparatuses having permission to receive the reencrypted content when the identification information of the second apparatus is not already stored in said storage unit and the count of the total number of apparatuses having permission to receive the reencrypted content is less than the maximum value; said storage unit being operable to store the identification information of said second apparatus when the identification information of the second apparatus is not already stored in said storage unit; and an information updating unit operable to delete the identification information stored in said storage unit and to reset the count of the number of apparatuses having permission to receive the reencrypted content when the second decryption key needed to decrypt the reencrypted content is changed. 9. An information processing apparatus according to claim 8, further comprising: a third transmitting unit operable to transmit, to the first apparatus, the count of the number of apparatuses having permission to receive the content. 10. An information processing apparatus according to claim 8, wherein the authentication information includes first authentication information and second authentication information, and said second authentication unit includes: a first authentication subunit operable to receive the first authentication information from the second apparatus when the second apparatus requests permission to receive the content, and to determine whether the first authentication information is valid; and a second authentication subunit operable to transmit a request for the second authentication information to the second apparatus when the first authentication information is valid, to receive the second authentication information from the second apparatus, and to determine whether the second authentication information is valid; said second transmitting unit being operable to transmit the second decryption key to the second apparatus when the second authentication information is valid and the count of the total number of apparatuses having permission to receive the reencrypted content is less than the maximum value. 11. A method for carrying out secure receiving of content from a first apparatus over a first network connection and for carrying out secure transmission of the content to a second apparatus over a second network connection, said method comprising: transmitting to the first apparatus a request for permission to receive the content; performing a first authentication procedure with the first apparatus; receiving a first decryption key needed to decrypt the encrypted content from the first apparatus when the first authentication procedure is successful; decrypting, using the first decryption key, encrypted content received from the first apparatus; reencrypting the decrypted content; receiving authentication information from the second apparatus when a request for permission to receive the content is made from the second apparatus; determining whether the authentication information is valid; obtaining identification information of the second apparatus from the authentication information when the authentication information is valid; determining whether the identification information of the second apparatus is already stored; transmitting a second decryption key needed to decrypt the reencrypted content to the second apparatus when the authentication information is valid and a count of a total number of apparatuses having permission to receive the reencrypted content is less than a maximum value; incrementing by one the count of the number of apparatuses having permission to receive the reencrypted content when the identification information of the second apparatus is not already stored in said storage unit and the count of the total number of apparatuses having permission to receive the reencrypted content is less than the maximum value; storing the identification information of the second apparatus when the identification information of the second apparatus is not already stored; and deleting the identification information stored in said storage unit and resetting the count of the number of apparatuses having permission to receive the reencrypted content when the second decryption key needed to decrypt the reencrypted content is changed. 12. A computer-readable medium having recorded thereon computer program instructions for executing a method for carrying out secure receiving of content from a first apparatus over a first network connection and for carrying out secure transmission of the content to a second apparatus over a second network connection, said method comprising: transmitting to the first apparatus a request for permission to receive the content; performing a first authentication procedure with the first apparatus; receiving a first decryption key needed to decrypt the encrypted content from the first apparatus when the first authentication procedure is successful; decrypting, using the first decryption key, encrypted content received from the first apparatus; reencrypting the decrypted content; receiving authentication information from the second apparatus when a request for permission to receive the content is made from the second apparatus; determining whether the authentication information is valid; obtaining identification information of the second apparatus from the authentication information when the authentication information is valid; determining whether the identification information of the second apparatus is already stored; transmitting a second decryption key needed to decrypt the reencrypted content to the second apparatus when the authentication information is valid and a count of a total number of apparatuses having permission to receive the reencrypted content is less than a maximum value; incrementing by one the count of the number of apparatuses having permission to receive the reencrypted content when the identification information of the second apparatus is not already stored in said storage unit and the count of the total number of apparatuses having permission to receive the reencrypted content is less than the maximum value; storing the identification information of the second apparatus when the identification information of the second apparatus is not already stored; and deleting the identification information stored in said storage unit and resetting the count of the number of apparatuses having permission to receive the reencrypted content when the second decryption key needed to decrypt the reencrypted content is changed.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.