1. Field of the Invention
The present invention relates to a method of controlling access to a detachable storage medium.
2. Description of the Related Art
Recently, in personal computers, personal digital assistants, cellular phones, digital still cameras, and the like, fixed disks and detachable storage mediums such as a SD (Secure Digital) memory card are used as a storage device in which digital data is stored.
For example, the storage medium is attached to the digital still camera, and taken image data is stored in the storage medium. SD memory card in which the image data is stored can be connected to a card reader of the personal computer to access to the image data with the personal computer. Accordingly, in the storage medium, it is necessary that write and read can be performed to the same data with all the devices on which a connection interface is mounted, namely, device compatibility is required.
There is a problem in the storage medium which is widely used due to the device compatibility. That is, in the case where the storage medium is used in order to distribute the data such as multimedia contents and firmware update data having a commercial value, there is the problem that unauthorized copy can easily be made.
Windows 2000 Professional (registered trademark of Microsoft, U.S.) and the like which are of OS (Operating System) in the personal computer are widest used as measures against the problem. In the measures, a user cannot utilize data on the storage medium unless the user buys a license to obtain a serial number. However, in the measures, because one license can be utilized by an indefinite number of devices, unauthorized use is easy to perform in software or the like in which one license should be required for one device.
Another method is applied to the storage mediums such as the SD memory card having a data area in which access can be restricted. That is, the number of times of data reading is set in an area in which access can be restricted, the number of times of data reading is decremented every time the data is used, and the data cannot be read when the number of times of data reading becomes zero. However, in the method, because the number of times of data reading is restricted to the device in which the access should be permitted, the method cannot be applied to the data which is probably used over and over again. Further, since any device can read the data until the number of times of data reading becomes zero, the data can be used in an indefinite number of information devices.
In addition, for example Japanese Patent Application Laid-Open (JP-A) No. H09-115241 discloses a method of storing the data by encrypting the data based on unique information on the storage medium. However, in the method, because there is possibility to obtain the storage medium unique information necessary for data decode can be obtained, anyone who knows a decoding method can use the data. Therefore, the method is not suitable for the distribution of the data having the commercial value.
The methods, in which the data is encrypted and stored to restrict the device being able to decode the data, are disclosed for example in JP-A-No. H10-293725, JP-A-No. 2000-048479, JP-A-No. 2001-076425, and JP-A-No. 2002-084271.
In the method disclosed in JP-A-No. H10-293725, a key used in the encryption is further encrypted by a secret key, and the key is stored along with the data. The secret key is stored on the storage medium by the method which cannot be obtained from the outside. Therefore, the data can be obtained only by a special device called decoding unit having means for obtaining the secret key. However, in the method, since the data can be obtained only by the special device called decoding unit, the device compatibility is lost.
In the data protection method disclosed in JP-A-No. 2000-048479, the data is stored by encrypting the data with ID unique to a recording device, which allows the data to be reproduced only by the same recording device. However, since the data can be reproduced only by the same recording device, it is necessary that both the digital data and the recording device are distributed in order to apply the method to the data which is developed for the purpose of the distribution of the firmware update data and the like. As s result, the device compatibility is lost and cost is increased.
In the method disclosed in JP-A-No. 2001-076425, the data is encrypted by a contents key, the contents key and the encrypted data are transferred a data storage device, the contents key is encrypted by a retaining key unique to the data storage device, and the contents key and the data are stored. Therefore, the data can be reproduced only by the data storage device. However, as with the method disclosed in JP-A-No. 2000-048479, since it is necessary that both the digital data and the data storage device are distributed, the device compatibility is lost and the cost is increased.
In the data protection method disclosed in JP-A-No. 2002-084271, the data is encrypted so as to be able to be decoded only by combination of secret information and a media key, and the data and the secret information are stored on the storage medium. Therefore, the data can be reproduced only by the device having the media key. However, in the method, since any information device having the media key can use the data without limitation, there is a possibility that the unauthorized use of the data is performed by an indefinite number of devices.
Further, there is the method in which a license agreement system is adopted and the decode key is stored in the area to which the access can be gained only by the licensed device. For example, in the method described in JP-A-No. 2001-057019, the data is encrypted by a public key encryption system, the secret key is stored in the area to which normally the access cannot be gained, and the secret key is obtained by obtaining the license. Therefore, the data can be decoded by the secret key. However, since the license agreement system is adopted, an indefinite number of devices can use the data by obtaining only one license, and the unauthorized use can easily be performed.
JP-A-No. 2003-099729 describes the SD memory card which has the authentication function and two kinds of storage areas. The access to the two kinds of the storage areas can be gained according to the authentication.
In the storage medium having the high device compatibility, there is a demand that the digital data having the commercial value is distributed without losing the device compatibility while stored on the storage medium and the digital data stored on one storage medium can be used only by one information device. However, as described above, currently there is no method of appropriately protecting the digital data-having the commercial value.