(1) Field of the Invention
The present invention relates to a group admission system for determining whether to permit a device to join a group within which digital works are available for use via a network, while preventing unauthorized use of the digital works by third parties not having legitimate rights.
(2) Description of the Related Art
In recent years, the easy acquisition of digital copyrighted works (hereinafter “contents”), such as music, videos, games and so forth, has become possible as a result of circulation using the Internet, digital broadcast, package media and the like.
JP unexamined patent application publication No. 2002-169726 discloses a music data management system whose aim is to enable use of contents by desiring information processing apparatuses, while preventing use by third parties not having legitimate rights.
In this music data management system, a plurality of personal computers (hereafter “PCs”) each transmit a credit card number or the like to an authentication server together with the ID of a computer management program of the PC.
The authentication server receives the ID and the credit card number, and sorts PCs having the same credit card number into the same group. The PCs and their users are registered by recording the IDs and credit card numbers with respect to each group. After registration, the authentication server transmits a group key to each PC together with the ID and password of the corresponding group.
Each PC stores the received group key, group ID and password.
In this way, PCs having the same group key are able to transmit/receive contents using the group key.
Further, “5C Digital Transmission Content Protection White Paper” (Revision 1.0, Jul. 14, 1998) discloses a specification called DTCP (Digital Transmission Content Protection).
The DTCP is a specification for protecting contents from unauthorized use as they are distributed via a high-performance serial bus conforming to the IEEE1394 standard. Devices permitted to use contents are each provided with a secret key that is distributed under a license agreement from an administrator called a DTLA (Digital Transmission Licensing Administrator). For viewing a content, a transmitting device and a receiving device conduct mutual authentication using the respective secret keys, and the receiving end is allowed to view the content if the mutual authentication is successful.
Unfortunately, however, both the prior art techniques noted above have the following problems.
According to the technique disclosed in JP unexamined patent application publication No. 2002-169726, it is required to transmit a credit card number to an external authentication server via a network. Transmission of a credit card inevitably leads to a possibility that the credit card number is revealed and maliciously used.
According to the DTCP specification, use of contents is restricted to a personal use level by employing an IEEE1394-compliant bus of which physical length is limited. That is to say, when mutual authentication according to the DTCP specification is applied to contents distributed via, for example, the Internet, rather than an IEEE1394-compliant bus, an unlimited number of devices including outside devices can use the contents beyond a personal use level. Consequently, a range within which use of the contents is permitted is no longer restricted.