In recent years, a content distribution service capable of distributing digital contents such as music, video and games (hereinafter referred to as content) from a server apparatus to one or more terminal apparatuses through communication such as Internet, digital broadcast, Cable Television (CATV), and of using the content in one or more terminal apparatuses has been developed for a practical use. A common system used for the content distribution service uses a copyright protection technique for protecting a copyright of content in order to prevent an illegal use of the content by a malicious user. The copyright protection technique is, in detail, a technique of securely controlling use of content by a user such as reproducing the content or copying it to a recording media using an encoding technique, identifying technique and the like. Using the copyright protection technique allows a provider such as a content provider and a service provider to securely control the use of content in the one or more terminal apparatuses by a user.
By the way, in recent years, in order to promote sales, metadata which is data for supplementing the explanation for a content body is distributed from a content provider and the like to one or more terminal apparatuses; and the metadata is utilized by the one or more terminal apparatuses. Thus, new forms of content use such as scene search of content and digest viewing are being developed.
On the other hand, there is a case where unintended and unauthorized metadata such as scene index for skipping Commercial Message (CM) is circulated. And, the content provider providing digital content is requested to prevent the above mentioned circulation of unauthorized metadata. Thus, a method for excluding unauthorized metadata by using a digital signature assigned to metadata by a metadata provider that generated the metadata is suggested (refer to Japanese Laid-Open Patent publication No. 2003-51816).
Conventionally, as disclosed in the above mentioned Japanese Laid-Open Patent publication No. 2003-51816 and the like, by using verification of a digital signature, validity of metadata signer and tamper of metadata content have been detected, and use permission of the metadata has been judged.
Here, the use permission judgment of metadata using the conventional technique of digital signature will be explained.
For verification of a digital signature of metadata, digitally signed metadata, a public key certificate of a metadata signer, and a Certificate Revocation List (CRL) which is a list of revoked public key certificates are used. The digital signature to metadata is executed by a content provider or a metadata provider.
In the one or more terminal apparatuses, in the case where metadata is used, use permission of the metadata is judged by the following procedures.
First, whether the signer ID of the signer who has digitally signed the metadata is included in the CRL is confirmed. Here, the signer ID means identification information which uniquely identifies a signer. In the case where the signer ID is included in the CRL, the metadata is judged as impossible to be used. In the case where the signer ID is not included in the CRL, the signature of the metadata is verified by the public key certificate, and existence or non-existence of tamper is detected. In the case where tamper is detected, the metadata is judged as impossible to be used. In the case where modification is not detected, the metadata is judged as possible to be used.
In other words, after confirming that the metadata has been digitally signed by the metadata provider having an unrevoked signer ID, only in the case of confirming that the metadata is not tampered, reproduction of the metadata is permitted. The verification of the digital signature is specifically disclosed in “Secure Electronic Commerce: Building the Infrastructure for Digital Signatures and Encryption” published by Warwick Ford and Michael Baum, Pearson Education Co., Ltd. in 1997.
However, in the metadata use permission judgment according to the conventional technique of digital signature verification, failure caused by unauthorized metadata occurs at least once, and a CRL is generated after discovering tamper. Therefore, for the important content for which failure caused by unauthorized metadata should not occur, the content provider itself examines the content of the metadata, and desires to permit only the metadata which has been digitally signed. In such case as described above, there is a problem that the above mentioned desire cannot be realized only by the conventional verification of digital signature.
Also, a user privately generates metadata, and desires to use the metadata only in the one or more terminal apparatuses owned by the user. However, in the metadata use permission judgment according to the conventional digital signature, metadata can only be used in all of the one or more terminal apparatuses or cannot be used. Therefore, there is a problem that even if a content provider attempts to permit such use as described above, the use range of the metadata generated by a user cannot be limited to the one or more terminal apparatuses owned by the user.
In addition, depending on the content, there is a case where the content provider desires to limit generation or revision of metadata by a user, or the content provider desires to cause the metadata, specified by the content provider, to be used. However, there is a problem that such cases as described above cannot be realized only by a digital signature.
In other words, according to the conventional verification of a digital signature using a CRL, there is a problem that metadata cannot be flexibly used.
The object of the present invention, in view of such problems as described above, is to provide a content distribution system comprising: a method for judging metadata use permission which can limit metadata that can be used for each content, and limit the use range of the metadata generated by the user; and one or more apparatuses that execute judgment according to the method for judging metadata use permission.
In other words, the object of the present invention is to provide: a method for judging information use permission that can certainly exclude the use of unauthorized metadata and enables the flexible use of metadata; and a content distribution system using the above mentioned method.