1. Field of the Invention
The present invention relates to a contents transmission/reception system, a contents transmission device, a contents reception device, and a contents transmission/reception method for transmitting/receiving contents from a transmission device to a reception device.
2. Description of the Related Art
In conjunction with the spread and digitalization of computer networks in recent years, the products called digital information home electronics are becoming popular. Also, in conjunction with the start of the ground based digital broadcasting, it is expected that the digital broadcasting compatible TV, set-top box, DVD recorder, etc. will become more popular in the future. It is convenient for the users to connect these digital home electronics through networks.
The digital contents have an advantage that they can be easily copied without causing any the degradation in their quality, but they also require measures concerning the copyright of the contents.
FIG. 33 shows an overall configuration of a conventional network system having a transmission device and a reception device. As shown in FIG. 33, a transmission device 1 (referred hereafter as a source device B) is connected to a local area network 2 such as the Ethernet. The source device B 1, a reception device 4 (referred hereafter as a sink device A), and a router device C 5 are connected to an Ethernet segment A 3 of this local area network 2. A sink device D 7 is connected to the router device C 5 through the Internet 6. The sink device A 4 receives contents from the source device B 1 through the local area network 2. On the other hand, the sink device D 7 is located within a range in which communications with the source device B 1 through the Internet 6 and the router device C 5 are possible.
Here, the contents indicate digital contents such as video data and audio data such as MPEG4 data and documents such as text data and image data, for example. Here, for the sake of explanation, the digital contents to be transferred after applying the copyright protection (which will be simply referred to as contents) will be considered.
Now, consider the case of transmitting contents from the source device B 1 to the sink device A 4 and the sink device D 7. At this point, it is necessary to account for the copyright of the contents. As described above, a range for exchanging this contents should preferably be limited to a certain range, such as a range of a legitimate right such as a range of a personal use or a range narrower than that, for example, such that the contents cannot be exchange between others beyond that range.
In order to realize the copyright protection, the following rules will be used regarding the contents transfer in the network system of FIG. 33.
(1) The transmission/reception of contents that require the copyright protection is permitted within the local area network. This is because exchanges among devices connected to the local area network can be regarded as communications within a range of personal or family entertainment.
(2) The transmission/reception of contents that require the copyright protection is not permitted outside the local area network. The communications outside the local area network indicate open communications through the public network such as the Internet or the telephone network, as in the communications between the source device B 1 and the sink device D 7 shown in FIG. 33, for example. This is because the communications that are not closed within the local area network cannot be regarded as communications within a range of personal or family entertainment.
Note that, in the following, the exemplary case of using the Ethernet as the local area network and using IP (Internet protocol) for transmission/reception of contents at an upper layer will be described. See documents disclosed at “http://www.ietf.org” for details regarding IP, for example. Of course, it is also possible to use the other protocols, as in the case where the local area network is the IEEE 1394 and the upper layer protocol is the IP over 1394 which emulates the IP.
One method for limiting the contents distribution range to a range of personal entertainment is a method for permitting communications only within the identical local area network. In order to realize this, methods proposed conventionally include (1) a method for carrying out AKE (Authentication and Key Exchange) by using Ethernet frames (Japanese Patent Application Laid Open No. 2002-19135), and (2) a method for checking whether the network address of the transmission device and the reception device are identical or not (Japanese Patent Application Laid Open No 2001-285284). Besides these, there are also (3) a method for transmitting IP packets by setting ITL (Time To Live) equal to one, and (4) a combination of the above described methods.
A method combining the methods (2) and (3) will be described as an exemplary method for limiting the transmission/reception of contents from the source device B 1 to sink devices within an identical Ethernet segment in an environment shown in FIG. 34.
In general, in the IP, a plurality of devices can be regarded as belonging to the identical Ethernet segment. If they have the same network address, so that it is possible to regard that the source device B 1 and the sink device are connected to the identical local area network by checking that they have the same network address. This method is shown in FIG. 35.
As shown in FIG. 35, the network address A of the sink device is registered into the source device in advance (step S21). At a time of the transmission/reception of the contents, the source device compares the own network address with the network address of the sink device (steps S22, S23), and if they coincide, they are regarded as existing in the identical local area network (Step S24) and the transmission of the contents is carried out. At this point, the TTL field of the packet destined to the sink device may be set equal to one (step S25). If they do not coincide, the contents transmission/reception processing is interrupted (step S26). Note that the comparison processing is carried out by the source device in this example, but the comparison processing may be carried out by the sink device instead.
However, it is possible to circumvent the above described limitation to the identical local area network based on the network address comparison, by making appropriate settings in the source device and the sink device such that it appears as if the source device and the sink device are virtually existing in the identical sub-net even if the source device and the sink device are not physically connected to the identical local area network.
One example of such cases is the VPN (Virtual Private Network), which is a generic term for indicating techniques for making a computer at a remote location to appear as if it is connected to the local area network by constructing a network virtually, as a computer at a remote location which is connected to the Internet or an access point such as a router carries out communications with a computer connected to the local area network.
The examples of the VPN include L2TP, PPTP and IPSec. Here. the exemplary case of L2TP will be described. Note that the standardization of L2TP, PPTP and IPSec is in progress by the IETF, and details can be found in documents disclosed at “http://www.ietf.org”.
FIG. 36 shows an exemplary network configuration using the VPN. As shown in FIG. 36, a source device B 1, a sink device C 9, and a VPN server device D 50 are physically connected to an Ethernet segment A 3, and they have the identical network address so as to constitute the local area network Z 61. Also, a sink device A 4 and a router device E 5 have the identical network address so as to constitute the local area network Y.
The VPN server device D 60 is provided with a router function and connected to the Internet 6. The sink device A 4 is assigned with a global IP address and connected to the VPN server device D 60 via the Internet 6 by using the VPN client function so as to constitute a virtual network X, such that the sink device A 4 is connected to this virtual network X. Here, what is important is that the sink device A 4 is connected by the VPN so that the same network address as the source device B 1 and the sink device C 9 is assigned virtually to the sink device A 4.
Now, at a time of transmitting contents from the source device B 1 to the sink device A 4, suppose that the above described distribution range limiting method based on the network address comparison is applied.
The sink device A 4 has the identical network address as the source device B 1 so that the network addresses will coincide. As long as the sink device A 4 is connected to the Internet 6, regardless of its location in the world, the source device B 1 can transmit the contents to the sink device A 4.
Also, even if the source device B 1 transmits the IP packet by setting TTL=1 to the sink device A 4, the value of the TTL can be easily changed, so that the packet can reach the sink device A 4 if a device for changing the value of the TTL is placed somewhere between the VPN server device D 60 and the source device B 1.
This implies that there can be cases where even it the sub-net addresses of the source device B 1 and the sink device A 4 are identical, these devices may not necessarily be existing physically in the identical local area network (the Ethernet segment in this example).