Software data (hereinafter referred to as content), such as music data, game programs, and video data is widely distributed via networks such as the internet, or using portable recording media such as a memory card, HD, DVD, and CD. These distributed contents are replayed and used on a variety of replay apparatuses owned by users, including PCs (Personal Computers), recording and replaying apparatuses, replaying only apparatuses, or game playing machines. The contents are stored in storage means of these apparatuses, such as a hard disk, a card-type storage device containing a flash memory, CD, and DVD.
The distributorship of a great deal of software contents such as game programs, music data, and image data is typically held by creators and sellers. The distribution of contents is subject to a certain constraint, in other words, authorized users only are permitted to use software and unauthorized copying of the software is prevented. In other words, distribution is performed taking into consideration security of the software.
Currently in particular, recording apparatuses and storage media for recording digital information are going to be in widespread use. These recording apparatuses and storage media repeatedly record and replay videos and sound in a manner free from degradation. Digital data is repeatedly copied with image quality and sound quality maintained. If storage media with unauthorized copied data stored thereon are distributed in the market, the copyright of a variety of contents of copyright holders including music and movies and the distributorship of the authorized sellers are violated. To prevent digital data from being copied in an unauthorized manner, implementation of a variety of process mechanisms in the digital recording apparatus and the storage media for protecting the digital data from unauthorized copying is carried out or proposed.
For example, SDMI (Secure Digital Music Initiative) that has proposed a variety of specifications relating to music delivery techniques has also proposed a specification of a copyright protection function in a portable player. Techniques for protecting copyright include limiting the number of copies or the available period of a content.
One system records and replays a content such as audio data or video data using a compact storage medium such as a flash memory, a card-type HD, and a memory card. In one usage of such a system, for example, a content, such as music, is copied from a DVD or CD to a compact storage medium and the copied content is then replayed on a portable device with the compact storage medium loaded therewithin. A content delivered via a network is stored in a large-capacity storage medium, such as a hard disk, DVD, or CD built in a personal computer, and the content is then transferred from the personal computer to-a memory card or a portable hard disk (HD). The content is then replayed on a portable device with the memory card or the hard disk loaded therein, in other words, the PC is used as a personal server of the contents. Such a usage finds many applications.
A content from a storage medium such as a CD or a content acquired via communications with the internet is stored in a large-capacity storage medium such as a hard disk, DVD, or CD, and the content is then copied or moved from the storage medium to a memory card. Replaying of the content from the memory card in an unlimited way presents a problem in the copyright protection of the content. The move of a content refers to an operation in which after the content is copied from a large-capacity storage medium to a memory card, the content is deleted from the storage medium (HD, DVD, CD, etc.) as a copy source.
From the standpoint of copyright protection, copy and move must be subject to certain degree of limitation. However, a full inhibition of copy/move is not appropriate because with the full inhibition a content cannot be moved from a PC to a portable medium to enjoy replaying the content. There is a demand for an appropriate copy/move management that allows a user to privately copy a content while protecting copyright at the same time.
When a content is transferred from a PC to a portable device and is then used, the content is preferably used within a scope that is permitted by usage conditions set corresponding to the content. For example, availability period and the number of uses permitted are set, a status reflecting the usage of the content is recorded, and the content is used within the scope of a usage condition on each of apparatuses such as a portable device, and PC.
In a system that permits a particular permitted device to use a content, an encrypted content is provided to the device on which the content is intended to be used, and a license setting the usage condition of the content is supplied to the device. The device reads content usage condition information contained in the license, and performs content use eligibility determination process based on the content usage condition information, and acquires a key for decrypting the encrypted content conditional on the determination of a content use permitted device.
In such a system that performs a content use eligibility determination based on the content usage condition information, the device using the content contains a module interpreting a usage condition description, and interprets the usage condition description received from a license provider, such as a content provider or a service provider, using the usage condition module, and determines whether own device is permitted to use the content and determines setting condition of usage.
To perform a precise determination process on the right to use content, the usage condition interpretation module of the device must be compatible with a usage condition description format. However, an access right determination process based on the usage condition description for a known copyright management system is typically a uniform access right determination process, and an effective right of use determination cannot be performed in response to the introduction of devices having new functions.
If a usage condition corresponding to a new device having a new function, such as a device enabled to output digital data, namely, a usage condition description requesting determination of whether a digital output is available is generated, an old device, namely, a usage condition interpretation module unable to interpret the digital output cannot performs precise determination on the usage condition.
If the usage condition interpretation module in the device neglects or fails to interpret a portion of information of the content usage condition description data, the determination of the access right cannot be precisely performed. This leads to a serious problem, such as violation of copyright protection of a content and the destruction of the maintenance of the authorized usage of the content. Since new apparatuses and devices currently appear in the market one after another, it becomes even more difficult to determine the right to use the content based on the usage condition description in each of the devices different in function. Conveying constraint information and extended usage condition intended for a new device is particularly difficult.
The usage condition description must have high power of expression and extendability. One description languages proposed as the usage condition description is XrML (extensible rights markup language). XrML is a description language that has power of expression based on XML (extensible markup language) and high extendability. However, it is currently still unclear as to what operation is performed as a whole system as a result of interpreting the usage condition of XrML description. The extension of the usage condition becomes a difficult job, leading to a low level of actual extendability and interchangeability regardless of theoretically high level of extendability.
Available as a minimum expression to achieve operational clarification of the usage condition description is the usage condition description intended for use with a MagicGate audio device. With its small number of description items, the usage condition description is easy to implement and it is clear as to what operation is performed. On the other hand, to perform a job to extend the usage condition to be handled, a minimum usage condition description expression must be defined again.
In this way, the known usage condition description cannot satisfy all of the high level of extendability, ease of mounting, high level of interchangeability, and operational clarification at the same time. As a result, a remedial step to update both the usage condition description format and the interpretation module in version at the same time must be taken to covey constraint information and extended usage condition to a new device. A device firmware with the usage condition interpretation module thereof difficult to update in version becomes a serious problem.
An addition of a new apparatus to a network is frequently performed. The requirement for a job to update the usage condition description format and the interpretation module thereof is a major factor impeding the content copyright management in the network.
Currently, a network including not only PCs but also consumer electronics, such as a home network is constructed at homes, and ubiquitous environments where any apparatus gains access to a network are being established. With radio LANs in widespread use, any apparatus with communication capability can easily intrude the LAN network from the outside. Under such a network environment, an unauthorized access easily takes place to networked apparatuses. The theft of confidential information through unauthorized access and unauthorized reading of contents are more likely to happen. Under such a situation, there is a need for an appropriate access control mechanism which is easy to construct and imposes no burden on public users.