The present invention relates generally to an information providing apparatus and method, an information processing apparatus and method, a program storage medium, a program, and an information providing system. More particularly, the present invention relates to an information providing apparatus and method, an information processing apparatus and method, a program storage medium, a program, and an information providing system which manage and provide a content on the basis of usage conditions.
FIG. 1 shows a configuration of a related-art digital data transmission system. A personal computer 1-1 is connected to a network 3 constituted by a local area network or the Internet. The personal computer 1-1 receives content usage conditions and music data (hereinafter referred to as a content) from a shop server 4 via the network 3 and records the received content in accordance with the received usage connotations. The content received from the shop server 4 is encoded by a predetermined compression scheme (for example, ATRAC3 (trademark) and encrypted by a predetermined encryption algorithm such as DES (Data Encryption Standard).
The usage conditions indicate the number of portable devices 2 (also referred to as PDs) which can simultaneously use the content compliant with the usage conditions (namely, the number of PDs that can check out the content, which will be described later), for example. When a content has been checked out by the number of times specified by the usage conditions, the personal computer 1-1 can reproduce this content.
The personal computer 1-1 displays the data associated with the content stored therein (for example, music titles or usage conditions) and makes a software module (hereinafter referred to as LCM (Licensed Compliant Module), not shown, compliant with the SDMI (Secure Digital Music Initiative) standard execute processing such as check-out when a check-out command for example is inputted.
The LCM of the personal computer 1-1 is constituted by a group of modules which control the use of content only when the usage conditions specified by the copyright holder of individual content are satisfied, thereby preventing the copyright infringement based on noncompliant secondary use of the content. The usage conditions include content's reproduction condition, copy condition, move condition, and accumulation condition.
The LCM of the personal computer 1-1 makes an authentication whether the devices connected to the personal computer 1-1 are compliant ones and executes the processing such as a movement of content by a safe method. Along with this processing, the LCM generates a necessary key, manages the generated key, and encrypts the content with this key, or controls the communication with the connected devices.
The LCM of the personal computer 1-1 checks the connected portable device 2 for its validity, adds the usage conditions specified by the shop server 4 to the (encrypted) content, and stores the content in the portable device 2.
The LCM of the personal computer 1-1 supplies the stored encrypted content along with the data (for example, a music title or usage conditions) associated with the content to the connected portable device 2 and accordingly updates the usage conditions (this update operation is hereinafter referred to as a check-out). To be more specific, when a check-out is made, the LCM decrements by one the permitted check-out count for the usage conditions for this content, the permitted check-out count being stored in the personal computer 1-1. When the check-out count is 0, the content cannot be checked out.
The portable device 2 stores in its internal storage medium such as a flash memory for example the content supplied from the personal computer 1-1 (namely, the checked out content) along with the data (for example, a music title or usage conditions) associated with that content.
The portable device 2 reproduces the stored content on the basis of its usage conditions and outputs a reproduced signal to a headphone for example, not shown.
For example, if the user attempts the reproduction of a certain content stored in the portable device 2 in excess of a reproduction count set as a reproduction limit, the portable device 2 fails the attempt.
The user can remove the portable device 2 storing a content from the personal computer 1-1 to carry it about and reproduce the stored content to listen to the reproduced music for example by means of a headphone.
When the portable device 2 is connected to the personal computer 1-1 via a USB cable for example, the portable device 2 and the personal computer 1-1 cross-authenticate each other. This cross-authentication is based on a challenge-response scheme. In the challenge-response scheme, to a certain value (or a challenge) generated by the personal computer 1-1, the portable device 2 makes a response with a value (or a response) generated by use of a secret key shared by the personal computer 1-1.
If a duplication of the content purchased from the shop server 4 is not permitted (namely, if the duplication is prohibited in the usage conditions), the duplication made from the personal computer 1-1 to a personal computer 1-2 cannot be used by the personal computer 1-2.
Likewise, when the content is checked out to the portable device 2, the portable device 2 does not permit the content to be further replicated to a personal computer 1-3.
The shop server 4 accumulates a content compressed and encrypted in predetermined algorithms and distributes the accumulated content on demand from the personal computer 1-1. The shop server 4 accumulates content keys for decrypting the content supplied to the personal computer 1-1 and supplies the accumulated content keys to the personal computer 1-1. Before supplying the content, the shop server 4 cross-authenticates the personal computer 1-1. The shop server 4 encrypts the content key by a temporary key shared as a result of the cross-authentication and sends the encrypted content key to the personal computer 1-1. The personal computer 1-1 decrypts the content key by the shared temporary key.
When the personal computer 1-1 has purchased a content from the shop server 4, a charging server 5 cross-authenticates the personal computer 1-1 and, upon request from the personal computer 1-1, executes payment processing by use of a credit card number for example of the user of the personal computer 1-1.
The following describes processing for the personal computer 1-1 to purchase a content with reference to the flowchart shown in FIG. 2. In step S11, the personal computer 1-1 authenticates the shop server 4 via the network 3. In step S21, the shop server 4 authenticates the personal computer 1-1 via the network 3.
The shop server 4 stores a masker key KMS in advance and the personal computer 1-1 stores a private key KPP and an ID (Identification) of the personal computer 1-1 in advance. The personal computer 1-1 further stores a master key KMP in advance and the shop server 4 also stores its ID and a private key KPS in advance.
The shop server 4 receives the ID of the personal computer 1-1 therefrom and applies a hash function to the received ID and the master key KMS of the shop server 4 to generate a key which is the same as the private key KPP of the personal computer 1-1.
The personal computer 1-1 receives the ID of the shop server 4 from the shop server 4 and applies a hash function to the received ID and the master key KMP of the personal computer 1-1 to generate the same key as the private key KPS of the shop server 4. Consequently, the common private keys are shared between the personal computer 1-1 and the shop server 4. Using these private keys, a temporary key is further generated.
In step S12, the personal computer 1-1 sends a request to the shop server 4 via the network 3 for purchasing a desired content. In step S22, the shop server 4 receives the content purchase request from the personal computer 1-1.
In step S23, the shop server 4 sends the content requested by the process of step S22 to the personal computer 1-1 via the network 3. In step S13, the personal computer 1-1 receives the content from the shop server 4. In step S14, the personal computer 1-1 stores the content received in the process of step S13.
In step S15, the personal computer 1-1 authenticates the charging server 5 via the network 3. In step S31, the charging server 5 authenticates the personal computer 1-1 via the network 3.
In step S16, the personal computer 1-1 sends a payment request to the charging server 5 via the network 3. The payment request includes the credit card number for example of the user of the personal computer 1-1 and is encrypted by the temporary key generated in the authentication processing. In step S32, the charging server 5 receives the payment request from the personal computer 1-1. In step S33, the charging server 5 executes a payment process for a corresponding credit card company on the basis of the payment request received in the process of the step S32, upon which the content purchase processing comes to an end.
The following describes the processing in which the personal computer 1-1 checks out a content to the portable device 2 with reference to the flowchart shown in FIG. 3. In step S51, the personal computer 1-1 selects a content to be checked out, according to an operation by the user.
In step S52, the personal computer 1-1 sends the content selected in the process of step S51 to the portable device 2 along with the usage conditions. In step S53, the personal computer 1-1 updates the usage condition of the content sent to the portable device 2 (namely, the number of times the content can be checked out is decremented by 1).
In step S61, the portable device 2 receives the content from the personal computer 1-1 along with the usage conditions. In step S62, the portable device 2 stores the content and the usage conditions received in the process of step S61, upon which the check out processing comes to an end.
A problem with the above-mentioned related-art technology lies in that the user cannot purchase a content unless the user operates the personal computer 1-1. Another problem is that the user cannot check out a desired content from the personal computer 1-1 to the portable device 2 when the user carries about the portable device 2.
Another problem with the related-art is that, when checking out purchased content, the related-art requires troublesome operations such as content selection and check-out instruction.
Further another problem with the related-art is that, unless the portable device 2 has an enough free space, no content can be checked out.
Still another problem with the related-art is that, if there are two or more portable devices 2 connected to the personal computer 1-1, they must be distinguished from each other by displaying the distinction, otherwise the destination portable devices 2 of content movement, copy, and check-out cannot be known.