Discs such as DVD (Digital Versatile Disc), Blu-ray Disc (registered trademark), and the like have been employed as content recoding media. For example, a movie content or the like is recorded in a disc (e.g., ROM disc) and provided to a user, but such a disc-recorded content is often a content of which the copyright and distribution right and the like are possessed by a producer or seller thereof. With regard to such a content, for example, utilization control for preventing unauthorized copy and the like is performed.
There are various modes as a utilization control mode, but under the stipulations of AACS (Advanced Access Content System) which stipulates copyright protection art, for example, an arrangement is made wherein, in order to use a disc-recorded content, ID information such as an media ID or the like is read out from a disc, confirmation of the read ID, key generation using the ID information, or the like is executed, and accordingly, content utilization control is performed.
For example, identification information (ID) such as the following is recorded in a disc. Identification information (IDs) of
(a) Media ID (also referred to as PMSN (Pre-recorded Media Serial Number)) that is disc-specific identification information,
(b) Volume ID set in increments of disc titles, and
(c) Content certificate ID serving as the identification information of a content certificate set in a manner correlated with a disc-recorded content is recorded in a disc, for example.
A player reads out, for example, at least one of the above (a) through (c) identification information (IDs) from a disc, and performs content utilization by processing conforming to a predetermined sequence, e.g., key generation or content decoding using the ID, or the like. Further, there is a case where the player transmits the above each type of the identification information (IDs) to a server, and receives various additional contents and service data and the like from the server based on ID confirmation at the server.
Note that, instead of the above (a) through (c) recorded in the disc,
(d) Device binding ID that is player associated identification information may be used. The device binding ID is recorded in memory within the player as player-specific identification information, and at the time of using a disc-stored content, obtaining the subsequent data from the server, using the subsequent data stored in a storage unit such as a hard disk of the player, or the like, the device binding ID is used at processing, for example, ID confirmation serving as the confirmation processing of the player, key generation, content decoding, and the like.
In order to perform content playback or copy processing by reading out the above (a) through (d) identification information (IDs), or data obtaining processing from the server, or the like, a predetermined program has to be executed at the player. The program is often a program created in a manner correlated with a disc-stored content, and is recorded in a disc along with the content, and the player reads out the program from the disc to execute this.
Such a program is created as a simple program in which Java (registered trademark) is employed for example, often created by, for example, a content possessor or provider (content owner), or commissioned thereby, and accordingly, an unauthorized program may be mixed therein.
An unauthorized program may be used at unauthorized processing, such as obtaining identification information (ID) recorded in a disc in an unauthorized manner to use the content thereof, obtaining of service data from a server in an unauthorized manner, or the like.
Description will be made regarding the outline of a content utilization control configuration according to the current AACS rule, with reference to FIG. 1. FIG. 1 illustrates a disc (medium) 120 in which a content 121 is stored, a content owner 110 who provides a disc-recorded content, and a license management department 130 configured to perform content management processing. The license management department 130 is managed, for example, by an AACS LA (Licensing Administrator) who performs content utilization management following the AACS rule.
Identification information (IDs) 122 described above is recorded in the disc 120 as well as the content 121. As the identification information (IDs) 122, ID information of
(a) Media ID (PMSN) 126 that is disc-specific identification information,
(b) Volume ID 127 set in increments of disc titles, and
(c) Content certificate ID 128 serving as the identification information of a content certificate set in a manner correlated with a disc-recorded content, is included.
A content certificate 123 for proving that the content 121 is an authorized content, i.e., an authorized content certified by the license management department (AACS LA) 130 is recorded in the disc 120. The content certificate 123 is issued under the management of the license management department 130 as data, corresponding to the content 121 recorded in the disc 120, for certifying validity thereof, and is recorded in the disc 120.
The content certificate 123 has a configuration, such as shown in the details thereof within the license management department 130, wherein root certificate hash values are recorded, an electronic signature by the secret key of the license management department (AACS LA) 130 is provided to these recorded hash values. A root certificate 124 is recorded in the disc 120, and has a configuration, such as shown in the content owner 110 of the drawing, wherein a signature is set to the public key of the content owner by the secret key of the content owner.
The player which plays the content 121 recorded in the disc executes verification of the signature set to the content certificate, and permits use of the content 121 on condition that the validity of the content certificate is confirmed. Thus, confirmation of validity is rigorously executed regarding contents.
However, a disc-recorded application 125 may further be recorded in the disc 120. This disc-recorded application 125 is a program, for example, used for playback processing of the content 121, and other processing. Specifically, examples of this program include an application for providing service data to a content utilizing user from a server or the like, and a program to be executed for obtaining service data from a server by transmitting the identification information (IDs) 122 recorded in the disc 120 to the server or the like.
This disc-recorded application 125 has a configuration, such as shown in the content owner 110 in the drawing, wherein a signature is set to an application provided by the content owner using the secret key of the content owner.
The player employing the disc-recorded application 125 recorded in the disc 120 confirms the validity of the application by performing verification of the signature set to the disc-recorded application 125 using the public key of the content owner, thereby executing the application.
However, this disc-recorded application 125 may independently be created by the content owner 110, and surveillance by a third party is not made. As described above, the validity of a content can be confirmed by the content certificate 123 to be issued by the license management department 130 corresponding to the content thereof, but the disc-recorded application 125 is data of which the validity is not readily confirmed by a third party, and accordingly, a possibility is undeniable wherein the content owner 110 may create an unauthorized application.
As described above, employing an unauthorized application may cause the identification information (IDs) 122 recorded in the disc 120 to be obtained in an unauthorized manner and used in unauthorized processing such as using the content 121 in an unauthorized manner, or obtaining service data from a server in an unauthorized manner.