The present invention relates to a data transfer system, data transfer apparatus, a data recording apparatus, a data transfer method, and a recording medium which are suitable for transfer and recording of content data such as music to be copyright protected.
For example, content data such as music are stored in a hard disk drive (hereafter referred to as a HDD), the recording medium, of a personal computer, the stored content data are transferred to another recording medium (the secondary recording medium), and the content data are reproduced from this secondary recording medium.
In this case, the HDD stores content data such as music reproduced from a package medium such as CD-DA (Compact Disk Digital Audio) and DVD (Digital Versatile Disk) or content data downloaded from an external music server for example via a communication network to which the personal computer is connected. The user of the personal computer connects a recording apparatus for the secondary recording medium to the personal computer, copies or moves the content data from the HDD to the secondary recording medium, and reproduces the content data such as music through a reproducing apparatus compatible with the secondary recording medium.
The secondary recording medium may be a memory card based on a semiconductor memory such as a flash memory, a Mini Disc (trademark), a CD-R (CD Recordable), a CD-RW (CD Rewritable), a DVD-RAM, a DVD-R, or a DVD-RW, which is a magneto-optical disk.
Recorders/players capable of recording and/or playing these recording media are in wide use as recording/reproducing apparatuses compatible with the secondary recording medium. These recorders/players are various in type; stationary type, portable type, and so on. Users can record/playback content data in accordance with their preference and the types of their apparatuses.
Given the above-mentioned content data usage forms, the copyright protection of these content data must be taken into consideration. For example, if users can store content data into the HDD of their personal computers by downloading the content data through content data distribution services or from purchased package media and then copy the stored content data without restriction to secondary recording media, a problem of copyright violation occurs. To overcome this problem to maintain the copyright protection in the handling of content data as digital data, various technological and data handling standards have been proposed. One of them is SDMI (Secure Digital Music Initiative).
FIG. 1 illustrates a data path formulated by SDMI. It should be noted that, in a personal computer having a HDD as the primary recording medium, this data path stores and transfers music content to external devices (on the secondary recording medium side). In other words, this data path is implemented by an installed software program which stores and/or transfers music content. The procedures and processing on the data path shown in FIG. 1 are denoted by references DP21 through DP28. In what follows, these references are used for corresponding descriptions.
The software installed in the personal computer having the HDD determines whether the content data distributed by an external server via a network (hereafter referred to as network content) are based on SDMI for copyright protection (DP21).
The network content to be distributed includes the content data which are transmitted by the server side as SDMI-compliant content (hereafter referred to as SDMI-compliant content) and content data which are not associated with SDMI (hereafter referred to as non-SDMI content).
With the SDMI-compliant content, the content data are encrypted by content key CK based on DES (Data Encryption Standard) for example. The content data themselves are originally encoded by a compression algorithm such as ATRAC3 (Adaptive Transform Acoustic Coding 3) or MP3 (Moving Picture Experts Group ½ Layer 3), which are then encrypted for distribution.
It should be noted that, for the convenience of description, data y encrypted by key x are represented as E(x, y).
For the encrypted data E(x, y), the data decrypted by key x are represented as D{x, E(x, y)}.
Therefore, if the compressed data based on ATRAC3 is represented as A3D, then the SDMI-compliant content to be encrypted by key CK for distribution is represented as E(CK, A3D).
If the distributed network content is SDMI-compliant, it is stored in the primary recording medium such as the HDD as SDMI content (DP21 and DP22).
In this case, the content data are written to the HDD in the state of encrypted E(CK, A3D). Alternatively, the content data are decrypted and then encrypted by another key CK′, namely encryption keys are changed, and then the newly encrypted content data are written to the HDD in the state of E(CK′, A3D).
On the other hand, if the network content is non-SDMI content, then watermark check, namely screening by electronic watermark is executed (DP21 to DP23).
Further, direct watermark check is executed (DP23) on the content data read from package media such as CD-DA and DVD for example (hereafter referred to as disk content) which are reproduced on a disk drive device such as the CD-ROM drive installed on the personal computer or on a disk drive device connected to the personal computer for example.
Namely, watermark check is executed on the content data not based on SDMI.
If the watermark-checked content data are found no good, the content data are copy-disabled on the SDMI data path (DP23 to DP25). Specific handling of copy disablement depends on the software design. For example, the content data may be stored in the HDD but may not be transferred for copying or moving to other recording media or the content data may not be stored in the HDD in the processing of SDMI-compliant content.
If the content data have passed watermark check, namely if a watermark is found in the content data and a control bit indicates the permission of copy, then the content data are found rightfully copyable. Next, whether or not the content data are to be handled on the basis of SDMI is determined (DP24). Whether or not to handle these content data as compliant with SDMI may be determined by the software design or user setting.
If the content data are not handled as compliant with SDMI, then the content data are regarded as non-SDMI content and excluded from the content data path compliant with SDMI (DP26). For example, these content data may be transferred to recording apparatuses which are not compatible with SDMI.
On the other hand, if the content data are to be handled as compliant with SDMI, then these content data are encrypted and stored in the HDD as SDMI content (DP24 to DP22). For example, these content data are stored in the form of E(CK, A3D) or E(CK′, A3D).
The above-mentioned data path stores, in the primary recording medium such as HDD, the content handled as compliant with SDMI obtained via a network (hereafter referred to as SDMI network content) and the content handled as compliant with SDMI retrieved from a disk such as CD-DA (hereafter referred to as SDMI disk content).
The SDMI content (SDMI network content or SDMI disk content) stored in the HDD is transferred to a recording/reproducing apparatus compliant with SDMI to be copyable to the secondary recording medium compliant with SDMI. The recording/reproducing apparatus compliant with SDMI is a portable recorder/player based on memory card for example, which is compatible with the encryption based on SDMI.
In the case of SDMI disk content, a transfer handling rule (or a usage rule) corresponding to SDMI disk content is defined, on the basis of which the transfer for copy to an SDMI-compliant recording/reproducing is authorized (DP28).
It should be noted that the transfer for copy from the primary recording medium (HDD) to the secondary recording medium (memory card for example) which is recorded and reproduced by an SDMI-compliant recording/reproducing apparatus is referred to as “checkout.” The transfer for move from the secondary recording medium to the primary recording medium is referred to as “check-in.” It should be noted that the move from the secondary recording medium to the primary recording medium deletes the transferred content data from the secondary recording medium.
The rules of transferring SDMI disk content may define a checkout upper limit count that each piece of content data can be checked out a maximum of three times for example. Therefore, SDMI disk content can be copied up to three SDMI-compliant secondary recording media for example. If a checkout takes place, the checkout count of the content data managed in the personal computer having the HDD is decremented. Consequently, even after the copying to three SDMI-compliant secondary recording media, if content data are checked in from one of these secondary recording media to the primary recording medium (HDD), the checkout count of content data managed in the personal computer is incremented by one. As a result, the content is made copyable once again from the primary recording medium (HDD) to an SDMI-compliant secondary recording medium. Namely, content data are allowed to exist always on up to three SDMI-compliant secondary recording media.
In the case of SDMI network content, a transfer handling rule (usage rule) corresponding to SDMI network content is also defined, on the basis of which the transfer for copy to an SDMI-compliant recording/reproducing apparatus is authorized (DP27).
This transfer handling rule specifies the upper limit of checkout count for example as with the rule for SDMI disk content. The upper limit count may be the same as or different from the rule for SDMI disk content. For example, the upper limit checkout count may be one. In this case, one piece of content data can be copied to only another one SDMI-compliant secondary recording medium; however, if content data are checked in from that secondary recording medium, the content data can be transferred for copy again.
When SDMI content is transferred for copy to an SDMI-compliant secondary recording medium in accordance with these handling rules, the content data are transmitted as encrypted on a transmission path. Namely, the content data are transmitted in the above-mentioned state of E(CK, A3D) or E(CK′, A3D).
Further, on the SDMI-compliant recording/reproducing apparatus which has received the encrypted SDMI content, the received SDMI content is copied to the secondary recording medium as encrypted.
If the SDMI-compliant recording/reproducing apparatus reproduces the SDMI content from the secondary recording medium, the content data read from the secondary recording medium are decrypted. Namely, the content data copied to the secondary recording medium in the state of E(CK, A3D) or E(CK′, A3D) are decrypted by key CK or key CK′.
More specifically, the original content data are restored as the ATRAC3 data (A3D) decrypted as D{CK, E(CK, A3D)}=A3D or D{CK′, E(CK′, A3D)}=A3D. The decrypted content data are then decompressed from ATRAC3 compression to be demodulated as audio data for example, which are reproduced as music.
According to the SDMI-compliant data path, the encrypted content data are transmitted from a server on the network to a secondary recording medium and the copying of these content data is controlled by predetermined rules, so that the copyright of the content data can be properly protected.
However, the following drawbacks may occur from the copying of content data to SDMI-compliant secondary recording media.
Assume here that a Mini Disc (a kind of magneto-optical disk) currently in wide use be used as the secondary recording medium.
For example, if an SDMI-compliant Mini Disc recording apparatus is used, this Mini Disc recording apparatus records checked out SDMI content to a Mini Disc in the encrypted state of E(CK, A3D) or E(CK′, A3D).
In reproduction, ATRAC3 data (A3D) decrypted as D{CK, E(CK, A3D)}=A3D or D{CK′, E(CK′, A3D)}=A3D must be obtained to be decoded in a predetermined manner, the result, music for example, being outputted for reproduction.
Currently popular Mini Disc systems cannot record encrypted data to Mini Discs. Obviously, no Mini Disc reproducing device has a decoder for decrypting encrypted data.
If, in the future, an SDMI-compliant Mini Disc recording apparatus is developed and encrypted content data can be recorded to a Mini Disc, the encrypted content data recorded to the Mini Disc cannot be reproduced by many non-SDMI-compliant Mini Disc players. Namely, such a system will not provide the compatibility in reproduction.
This may eventually restrict the proper use of the SDMI content purchased by general users, thereby significantly lowering the value and satisfaction to general users of SDMI content providing services.
In consideration of the above-mentioned problem, a system may be proposed in which SDMI content is transferred, in a decrypted state, to a non-SDMI Mini Disc recording apparatus for example to be copied to a secondary recording medium such as a Mini Disc.
However, if this manner of copying is permitted, content data can be copied easily, including unauthorized copy. This may prevent the implementation of copyright protection which is the inherent intent of SDMI.