The present invention generally relates to a storage apparatus for accessing a replaceable storage medium in detachable form to record/reproduce data (information) of the accessed storage medium. More specifically, the present invention is directed to a storage apparatus and an access control method, capable of securing both secrecy and security of data recorded on a storage medium, while limiting use permission (license) and a total number of times of use of this storage medium.
Large capacity storage media such as magneto-optical disks (MO) and optical disks is suitable for storage media for storing therein data protected by copyright, or secret data. The copyright-protected data includes image information, for instance, movies and games, and also includes music information, for example, KARAOKE music. On the other hand, the secret data includes medical information and accounting information.
Such a storage medium is detachably mounted on a storage apparatus. When this type of storage medium is loaded on (inserted in) a storage apparatus having a compatibility, in the case that a user accesses via a superior control apparatus (namely host computer) connected through SCSI (Small Computer System Interface) to this storage apparatus, data can be read (reproduced) and/or written (recorded) from/on this storage medium. As a result, if such a storage medium falls into hands of someone who has a wrongful intent, then the person can readily be involved with unauthorized use, for instance, the person may steal and/or alter copyright-protected data, or secret data recorded on this storage medium.
To avoid such an unauthorized use problem, conventional use permission methods using passwords have been proposed in, for example, Japanese Patent Application Laid-open No. Hei 11-213551. That is, in this use permission method, passwords are recorded in advance on both a storage medium and a storage apparatus, and when the storage medium is mounted on the storage apparatus, this storage apparatus may control an access operation by a user, depending upon a condition as to whether or not an entered password coincides with the recorded password. Also, another conventional method has been proposed to avoid such an unauthorized use problem. It is a method of limiting the number of times used in which one storage medium storing therein the above-described copyright-protected data, or secret data is combined with another storage medium storing therein a number of times of use permission, e.g., a floppy disk.
However, in the case of the former use permission method based on the password system using no other medium than the storage medium, if the password is analyzed and broken, then there is absolutely no way to control such an unauthorized use of stealing or altering the copyright-protected data or the secret data recorded on this storage medium.
Furthermore, in the latter method of limiting the number of times used which employs the separate storage media, not only that legitimate users are given inconveniences of executing such a cumbersome operation, but also that the problem of unauthorized use through decipherment of the storage media can not be solved.