For example, there is an application in which an HDD (hard-disc drive) employed in a personal computer is used as a primary recording medium for storing contents data such as music and the contents data are transferred to another recording medium referred to as a secondary recording medium and recorded on the secondary recording medium to be reproduced and enjoyed later. It is to be noted that the contents data are data mainly to be distributed, transferred and used. Examples of the contents data are music data, video data, game data and computer software.
In this case, the HDD employed in the personal computer is used for storing contents data such as pieces of music, which are reproduced from a package medium such as a CD-DA (Compact Disc Digital Audio) or a DVD (Digital Versatile Disc). As an alternative, the contents data are downloaded to the personal computer from an external music server by way of a communication network, to which the personal computer is connected. Then, the user connects a recording apparatus employing the secondary recording medium to the personal computer to copy or move contents data stored in the HDD to the secondary recording medium. Finally, the user utilizes a reproduction apparatus for the secondary recording medium to reproduce the copied contents data such as music from the recording apparatus (secondary recording medium).
Examples of the secondary recording medium include a memory card using a semiconductor memory such a flash memory, a mini disc used as a magneto-optical disc, a CD-R (CD Recordable), a CD-RW (CD Rewritable) a DVD-RAM, a DVD-R and a DVD-RW.
As the recording apparatus and the reproduction apparatus, which are used for the secondary recording medium, respectively, a recorder and a player have been becoming popular for a wide range of applications. There are a variety of recorders and players such as stationary and portable recording/reproduction apparatus. The user is thus allowed to record and reproduce contents data by using a recording/reproduction apparatus that the user likes or is suitable for an apparatus already owned by the user.
It is to be noted that, when considering such usage of contents data, protection of a copyright of the contents data must be taken into account. Assume for example that the user makes use of a service of distributing contents data to users, purchases a package medium used for recording contents data or obtains contents data in another way, and records the contents data on to the HDD. If the user is allowed to copy the contents data from the HDD to a secondary recording medium without any restrictions, there will be resulted in a situation in which the copyright of the contents data is not protected properly. In order to solve this problem, there have been proposed a variety of technologies and a variety of data-processing rules for protection of a copyright of contents data used in handling of the contents data as digital data. One of the rules is called an SDMI (Secure Digital Music Initiative).
A data path of contents data prescribed by the SDMI standard will be described later. Network contents and disc contents are transferred to a secondary recording medium and recorded onto the secondary recording medium appropriately by considering protection of copyrights of the contents data and interests of general users or rights to copy the contents data for private use. Network contents are contents data distributed from an external server to a personal computer by way of a network and stored in the personal computer's HDD serving as a primary recording medium. On the other hand, disc contents are contents data reproduced from the personal computer's disc drive unit such as a CD-ROM drive, or contents data reproduced from a package medium such as a CD-DA or a DVD mounted on a disc drive unit connected to such a personal computer.
By the way, in a process to transfer contents data from a primary recording medium such as an HDD to a secondary recording medium such as a mini disc or a memory card and record the contents data onto the secondary recording medium, efforts are made to consider both protection of a copyright of the contents data and a right to copy the contents data for private use. That is to say, contents data are transferred to a secondary recording medium conforming to the SDMI standard described above as follows.
A memory card, which uses a semiconductor memory such as a flash memory and conforms to the SDMI standard, can be assumed to be an example of a secondary recording medium conforming to the SDMI standard. In such a secondary recording medium, contents are recorded in an encrypted state. SDMI-conforming contents are encrypted before being recorded onto a primary recording medium such as an HDD. Thus, SDMI-conforming contents are copied to a secondary recording medium in an encrypted state as it is.
It is needless to say that a reproduction apparatus for the secondary recording medium has a decryption function. Thus, the reproduction apparatus is capable of reproducing the contents data from the secondary recording medium, which have been copied to the secondary recording medium in an encrypted state.
In addition, the format of a secondary recording medium conforming to the SDMI standard includes an area for recording contents IDs each serving as an identifier for contents data recorded on the secondary recording medium.
Contents ID is generated by an apparatus for a primary recording medium for each contents data recorded on the HDD used as the primary recording medium and stored in the primary recording medium along with the contents data. When the contents data are copied to a secondary recording medium, the contents ID for the contents data are also recorded onto the secondary recording medium as well.
Contents IDs are used in management of contents rights in the primary recording medium and the secondary recording medium. Contents right in the primary recording medium is a right to transfer (or copy) contents data to the secondary recording medium. On the other hand, contents right in the secondary recording medium is a right to reproduce copied contents data.
It is to be noted that, in the following description, a transfer of contents data from a primary recording medium to a secondary recording medium, that is, a transfer of a right, is referred to as a check-out. On the other hand, a return of contents data from a secondary recording medium to a primary recording medium is referred to as a check-in. As will be described later, a check-in is actually only a return of a right.
The SDMI standard sets usage rules for check-outs and check-ins. For example, only up to three check-outs from a primary recording medium to a secondary recording medium can be carried out on contents data. That is to say, the transfer of a right described above can be performed up to three times.
When a check-out is carried out on contents data, the right of the contents data is transferred from a primary recording medium to a secondary recording medium. That is to say, the transfer of a right of the contents data can be carried out only two more times. On the other hand, the secondary recording medium obtains a right to reproduce the contents data.
When a check-in is carried out on contents data from a secondary recording medium to a primary recording medium, on the other hand, the right of the contents data is returned from the secondary recording medium to the primary recording medium. That is to say, a right to reproduce the contents data from the secondary recording medium is lost while the number of times the contents data can be transferred from the primary recording medium to a secondary recording medium is incremented by 1.
Such check-outs and check-ins are managed in contents data units by assigning contents ID to each of contents data.
In a check-out of contents data from a primary recording medium to a secondary recording medium, the contents data and the contents ID of the contents data are recorded onto the secondary recording medium in order to allow the contents data to be reproduced from the secondary recording medium, that is, in order to give the secondary recording medium a right to reproduce the contents data. In the primary recording medium, on the other hand, the check-out is regarded as one transfer of contents ID, and the number of transfers allowable by the usage rule is decremented by 1.
In a check-in, contents data are not actually returned to the primary recording medium. Instead, the contents data are deleted from the secondary recording medium and, in the primary recording medium, the check-in is regarded as a return of the contents ID of the contents data from the secondary recording medium. Thus, the number of transfers allowable by the usage rule is incremented by 1. In the secondary recording medium, a right to reproduce the contents data from the secondary recording medium is lost.
As described above, contents data in an encrypted state is copied to a secondary recording medium and recorded onto the secondary recording medium, which conforms to the SDMI standard, as it is. In addition, a right of contents is managed in every check-in and every check-out. Thus, a copyright can be protected by avoidance of copy operations without restrictions. At the same time, the user's right to copy contents data for private use is assured.
It is to be noted that contents data are downloaded from typically an external server to an HDD used as a primary recording medium in a state of being encrypted by using a contents key CK.
In the description of this specification, contents data recorded in an HDD used as a primary recording medium is assumed to be A3D contents data encrypted by using a contents key CK. A3D contents data are contents data compressed by adoption of an ATRAC3 technique. It is needless to say, however, that contents data may be compressed by using a compression method other than the ATRAC3 technique.
In addition, in the description of this specification, symbol E (x, y) denotes data y encrypted by adoption of a key x. On the other hand, symbol D {x, E (x, y)} denotes data obtained as a result of decrypting data E (x, y) by adoption of the key x.
Thus, symbol E (CK, A3D) denotes data obtained as a result of encrypting contents data A3D by adoption of a contents key CK. As described above, the A3D contents data are contents data compressed by adoption of the ATRAC3 compression technique. On the other hand, symbol D {CK, E (CK, A3D)} denotes data obtained as a result of decrypting data E (CK, A3D) by adoption of the contents key CK.
In addition, an HDD serving as a primary recording medium is used for storing also E (KR, CK) along with the encrypted contents data E (CK, A3D). Symbol E (KR, CK) denotes the contents key CK encrypted by adoption of a root key KR. Thus, the encrypted contents key E (KR, CK) is downloaded from an external server to the HDD along with the encrypted contents data E (CK, A3D).
In this case, when the encrypted contents data E (CK, A3D) is transferred from the HDD serving as a primary recording medium to a secondary recording medium, the encrypted contents key E (KR, CK) needs to be also transmitted to the secondary recording medium as well.
The apparatus for the secondary recording medium has the root key KR and is thus capable of decrypting the encrypted contents key E (KR, CK) by using the root key KR to produce the contents key CK, which is then used to decrypt the encrypted contents data.
However, the root key KR may be varied in accordance with the will of the copyright owner or in accordance with a variety of changes in condition. For example, the set root key KR may vary from contents data to contents data. A function to limit contents distribution destinations can be executed by carrying out a process of the root key KR. However, details of this process are not explained in this specification.
In order to carry out a process of the root key KR, data called an EKB (Enabling Key Block) is also distributed. For example, an ordinary terminal apparatus to receive contents data adopts a technique allowing a root key to be verified by using a received EKB. That is to say, an EKB is also distributed by a server along with the aforementioned encrypted contents data and the aforementioned encrypted contents key to an apparatus and stored onto the HDD employed in the apparatus.
In this case, consider a case in which a mini disc or a magneto-optical disc, which has been becoming popular in a wide range of applications, is used as a secondary recording medium.
To be more specific, as an example, let a mini-disc-recording apparatus conform to the SDMI standard. The apparatus records encrypted contents data E (CK, A3D) transferred from a primary recording medium in a check-out onto a mini disc thereof in an encrypted state as it is.
In a reproduction process, the mini-disc-reproduction apparatus conforming to the SDMI standard generates D {CK, E (CK, A3D)}, which is the contents data A3D itself. Then, the mini-disc-reproduction apparatus carries out a predetermined decoding process on the contents data A3D to reproduce and output typically music of the contents data.
On the other hand, an ordinary mini-disc system, which has been becoming popular, does not record encrypted contents onto a mini disc thereof. It is needless to say that such a mini-disc-reproduction apparatus does not have a function to decrypt encrypted contents data either.
Thus, even if contents data can be recorded on a mini disc by a mini-disc-recording apparatus conforming to the SDMI standard, the contents data recorded on a mini disc cannot be reproduced by a large number of mini-disc players not conforming to the SDMI standard. This is because there is no reproduction compatibility between the mini-disc-recording apparatus conforming to the SDMI standard and the mini-disc players not conforming to the SDMI standard.
This reproduction incompatibility restricts proper use of SDMI contents purchased by the general user and, hence, substantially reduces the value of a service to provide the SDMI contents to the general user and the degree of user satisfaction.
In order to solve the problem described above, when SDMI contents are recorded onto a secondary recording medium of a mini-disc-recording apparatus not conforming to the SDMI standard in a copy operation, there is conceived a technique wherein the contents data are decrypted before being transferred to the apparatus and finally recorded onto a mini disc used as the secondary recording medium in an unencrypted state as it is.
If the above technique to copy contents data is adopted, however, the contents data can be copied with ease. Thus, there is inevitably room for illegally copying contents data. As a result, the original object of the SDMI standard to protect copyrights cannot be achieved.
Thus, in order to solve the problems described above, the applicant for a patent of the present invention has proposed the following transfer technique as a means for transferring contents data.
In a process to transfer contents data, the primary-recording-medium-side apparatus serving as a data transfer apparatus authenticates the secondary-recording-medium-side apparatus serving as a data-recording apparatus, and a transfer of the contents data is permitted on condition that the result of the authentication is OK and the contents provider such as the copyright owner approves the transfer. The contents data are then transferred through a transmission line in an encrypted state but decrypted before being recorded on a secondary recording medium of the data-recording apparatus. In addition, in accordance with this proposed technique, contents rights are managed in every check-out and every check-in.
Thus, an operation to copy and record contents data in an unencrypted state is permitted and the function to protect a copyright of the contents data is not lost.
In actuality, a transfer of contents from an HDD used as a primary recording medium in a personal computer serving as the data transfer apparatus to a mini disc used as a secondary recording medium in a mini-disc recorder serving as a data-recording apparatus by adoption of the technique described above is beneficial to both the contents provider and the user.
By the way, in a data transfer system adopting the technique described above, there is a variety of recording media such as a memory card and a mini disc, which can be utilized by the user as a secondary recording medium at a destination of a check-out of contents data. In such a data transfer system, a data-recording apparatus or a mini-disc recorder is connected arbitrarily to the personal computer, allowing a check-out and a check-in to be carried out.
In this case, it is necessary to provide the personal computer serving as the data transfer apparatus with a function for controlling check-outs and check-ins of contents data in conjunction with a variety of data-recording apparatus such as a memory-card-recording apparatus or a mini-disc recorder and controlling processes of contents data on the secondary recording medium of the data-recording apparatus.
In other words, the personal computer serving as the data transfer apparatus is required to have application software capable of transmitting commands or control codes provided for each of various secondary-recording-medium-side apparatus to the secondary-recording-medium-side apparatus.
In the present state of the art, however, the memory-card-recording apparatus and the mini-disc recorders do not share standardized formats such as control-code forms and command-frame structures for control commands issued by the application software.
Because of the reason described above, in the case of an application intended mainly for check-outs and check-ins of contents data, it is necessary to provide independent application for each secondary-recording-medium-side apparatus connected to the personal computer.
In addition, since a variety of secondary-recording-medium-side apparatus exists, it is necessary to also provide a separately local application intended mainly for controlling various kinds of processing dependent on the types of the secondary-recording-medium-side apparatus. Examples of the processing dependent on the types of the secondary-recording-medium-side apparatus are processes to reproduce, record and edit contents data.
In this case, there exist independent control-code forms and independent command-frame structures for control commands issued by the application issued by the application for the purpose of mainly carrying out check-outs and check-ins and control commands issued by the local application for the purpose of mainly controlling the processing dependent on the types of the secondary-recording-medium-side apparatus.
In consequence, it is necessary to carry out a complicated process to switch the application from one to another and a device driver from one to another in dependent on the processing.