JP2000078555A - Method and apparatus for charging data transmission system - Google Patents

Abstract

(57) [Problem] To provide a data service using a large-capacity, high-speed data line such as a satellite broadcast or a digital CATV line, while maintaining data confidentiality and by data unit or data type. , And further for each subscriber. An encryption module (11) for encrypting and providing data and a key management module (12) for managing an encryption key for decrypting the encrypted data and managing the distribution of the encryption key. The encrypted data is transmitted to the receiving terminal 2 via the satellite line 3, and the encryption key is transmitted to the receiving terminal via the Internet 4. The billing for the data received by the receiving terminal 2 is managed by the customer management module 14 according to the distribution form of the encryption key transmitted from the key management module 12 to the receiving terminal 2.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a charging method and apparatus for a data transmission system which provides data using a communication line and performs charging corresponding to the data provision.

[0002]

2. Description of the Related Art When a data service is provided using a large-capacity data line such as a satellite broadcast or a digital cable television (hereinafter, referred to as a CATV) line, a digital audio / video service which is in advance is used. The transport stream used (Transport St
Generally, a data service such as an Internet Protocol (hereinafter, referred to as IP) is superimposed on a packet (ream, hereinafter referred to as TS) to provide a data service.

[0003] Therefore, the easiest method for managing customers of a data service is a limited access function (Conditional) using an IC card for scrambling each TS.
Access, hereinafter appropriately referred to as CA). In this case, the scramble for each TS includes the packet ID (Packet IDentification, hereinafter PI) of the TS packet.
D), a scrambling process is performed by a multiplexer using a specific encryption key identified by the D.

[0004] For example, in the case of an Internet service system, on the transmission side, one encoder occupying a certain band generates a TS packet having a specific PID defined as a service (channel), and in this TS packet, , IP datagrams to a plurality of users' personal computers (PCs) are multiplexed.

When a CA device using an IC card is used,
Since a user group (for example, one company) and another user group have different encoders and different scramble keys, it is impossible to steal data of each other unless the scramble key is broken. is there.

On the other hand, in a group, since data which has already been descrambled can be received, it is possible to illegally steal data of another person. However, when the user group is one company and it is used on a dedicated line, it is not necessary to pay particular attention to illegal reading of data.

[0007]

However, this point becomes a problem when a data service is provided to an unspecified number of users using one service (channel). In other words, data that can be accessed by anyone, such as a general homepage, is not considered to be a problem if viewed by others.
When exchanging data with high confidentiality at work, such as users of all Office Home Office, it is very difficult for others to see the data, so a means to keep the data confidential is needed Becomes

[0008] In the case of providing a data service using satellite broadcasting or a digital CATV line, a charging system for data provided to a user must be constructed. In satellite digital broadcasting, a charging system using an IC card has already been constructed. The charging system using an IC card is originally a system based on charging for audio and video broadcast programs, and is based on data units and data types. It is not necessarily suitable for charging.

Accordingly, the present invention has been made in view of such a situation, and when performing a data service using a large-capacity and high-speed data line such as a satellite broadcast or a digital CATV line, the present invention provides a method for transmitting data. It is an object of the present invention to provide a charging method and apparatus for a data transmission system that realizes charging for each data unit or data type while maintaining confidentiality, and for charging for each subscriber.

[0010]

A billing method and apparatus for a data transmission system according to the present invention is a billing method for a data transmission system which provides data using a communication line and performs billing corresponding to the data provision. Providing encrypted data, managing an encryption key for decrypting the encrypted data, distributing the encryption key, and charging a fee in accordance with the distribution mode of the encryption key at that time. The management solves the above-mentioned problem.

[0011]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Preferred embodiments of the present invention will be described with reference to the drawings.

Hereinafter, the overall configuration of a data service system according to an embodiment to which a billing method and apparatus for a data transmission system according to the present invention is applied will be described with reference to FIG.

In the data service system shown in FIG. 1, the data server 10 of the data transmitting apparatus 1 stores not only audio data and video data but also various data such as computer programs as digital contents. . In the present embodiment, since a data service is particularly taken as an example, digital contents extracted from the data server 10 will be described as various data (hereinafter, simply referred to as data) such as a computer program. The data output from the data server 10 is sent to the encryption module 11.

Encryption module (data encoder) 1
1 encrypts data from the data server 10 using an encryption key sent from the key management module 12, and transmits the encrypted data to a large-capacity and high-speed communication such as a satellite line or a digital CATV line. Send (distribute) to the line.

Here, in the present embodiment, a case where a satellite line 3 used for satellite digital broadcasting is used as a communication line is taken as an example. Therefore, the encryption module 11 converts the data from the data server 10 into an IP.
(Internet Protocol) and other data packets into packets (that is, generate IP datagrams) and encrypt them.
This encrypted data (hereinafter, referred to as section data) has predetermined additional information (for example, MAC (Media Access Control).
l) data including headers including addresses) is superimposed on TS (Transport Stream) packets used in digital audio / video services,
Transmits (ie, distributes) the TS packet to satellite line 3
I am trying to do it. It should be noted that the IP datagram generation and encryption module 11 in the data server 10
The details and specific configuration of the encryption process (section data generation process) and the details of the section data and the MAC address included in its header will be described later.

The key management module 12 manages an encryption key used for encrypting the IP datagram in the encryption module 11. The encryption key from the key management module 12 is transmitted to a telephone line or ISDN (Integrated Services).
Digital Network (Integrated Services Digital Communication Network) is transmitted via a terrestrial line. In the present embodiment, the Internet 4 using a telephone line, ISDN, or the like is taken as an example of the ground line. It is assumed that the encryption key transmitted by the key management module 12 to the receiving terminal 17 via the Internet 4 is encrypted for security. The key management module 1
2 will be described later in detail, and details of transmission of the encryption key, encryption, and the like.

The key receiving module 16 of the receiving terminal 17
Receives and decrypts (decrypts) the encryption key transmitted via the Internet 4 and decrypts the received and decrypted encryption key in the decryption module 1 in the receiving terminal 17.
Transfer to 5.

The decoding module 15 is connected to the satellite line 3
The section data is extracted from the TS packet of the data received via the MAC, and a corresponding encryption key is received from the key receiving module 16 based on the MAC (Media Access Control) address included in the header of the section data. Is used to perform decryption (data decoding) of the encrypted IP datagram in the section data. The details of the decryption in the decryption module 15 will be described later.

The data display request module 17
A request for data to be provided is transmitted to the data transmitting apparatus 1 via the Internet 4, for example, and is displayed as necessary.

The data monitoring system 13 of the data transmitting apparatus 1 monitors the amount of data (amount of information) transmitted (distributed) to the receiving terminal 2 of each subscriber and the connection time when a communication path is established. I do. For example, when monitoring the amount of data to be transmitted, the data amount for each address or the data amount for each packet of the transmitted data is totaled, and
When monitoring the connection time, the connection time is totaled based on time information from an internal clock (not shown).

The customer management module 14 of the data transmission device 1 issues a command to the key management module 12 to manage how the key management module 12 distributes an encryption key. Further, the customer management module 14 manages various charging methods according to a contract form for each contractor, a billing form for each data unit or each data type, and performs a billing for each contractor based on the contract form and the billing method. Aggregate and manage information. Further, the customer management module 14 provides a credit / credit /
The line is connected to the settlement system 5, and therefore, the customer management module 14 issues an invoice to each contractor based on the aggregated billing information and manages the payment through the credit / settlement system 17. I do.

Here, the following three types of contract forms (first to third contract forms) can be considered as contract forms of the contractor in the data service system as in the present embodiment.

[First Contract Form] Once a contract capable of receiving the data service is made, the type of data to be received /
A contract form in which a fixed charge is made regardless of the amount of data (flat / flat-rate charge).

"Second contract form" A contract form charged by the amount of data received (pay-as-you-go billing).

[Third Contract Form] Contract form (content billing) charged by the type of data received.

For this reason, the customer management module 14
Selects any one of the first to third contract forms according to the billing setting made by the contractor in the data service.

First, when a contract is made in the first contract form (flat / flat-rate billing), the contractor (reception-side terminal 2) updates the encryption key as it is once receiving the encryption key. It is the easiest and most convenient to use without having to do it.

The billing when a contract is made in the first contract form may be, for example, a fixed amount billing every month. Therefore, the customer management module 14
The contractor who has selected the above contract form is charged through the credit / settlement system 17 so as to have a fixed amount every month. The details of the specific configuration and operation for charging when a contract is made in the first contract form will be described later.

However, if the same encryption key is always used without changing the encryption key, the encryption key may be clarified by a hacker or the like. Therefore, it is generally necessary to change the encryption key at a certain timing. There is.

As the timing for changing the encryption key, the following three types of change timings (first to third encryption key change timings) can be considered.

"First encryption key change timing" The encryption key is not changed until a problem such as unauthorized decryption of the encryption key occurs. In other words, the encryption key is changed when the problem occurs.

"Second encryption key change timing" Each time a communication path (session) is established, an encryption key is distributed. That is, a different encryption key is distributed at each timing when a communication path is established.

[Third encryption key change timing] The encryption key is distributed periodically during the time when the communication path (session) is established and communication is being performed. That is, different encryption keys are distributed at regular timing during the time when communication is established and communication is being performed.

The timing for changing these three encryption keys is the first
The security is sequentially improved from the encryption key change timing, and it is only necessary to determine which change timing is to be taken depending on the degree of security demands on the system.

Next, the second contract form (pay-as-you-go billing)
In the case where a contract is made in the above, that is, when charging is performed based on the amount of data to be received, the amount of data received by the contractor (receiving side terminal 2) (in other words, the amount of data transmitted by the data transmitting device 1) is measured. There must be. As the data amount measurement method, the following three types of measurement methods (first to third data amount measurement methods) can be considered.

[First Data Amount Measurement Method] In the case of the third encryption key change timing in which the encryption key is periodically distributed during the time when the communication path (session) is established and communication is performed, The number of distributions of the encryption key distributed during the period in which the communication path (session) is established is counted, and the data amount is measured from the number of distributions.

[Second Data Amount Measurement Method] A connection time is measured during a period when a communication path (session) is established, and a data amount is measured from the connection time.

[Third data amount measurement method] The actual data transmission amount for each communication path (session) is measured. For example, the data amount is measured from each transmitted address or the number of packets.

Therefore, the billing when a contract is made in the second contract mode (pay-as-you-go billing) differs depending on which of the first to third data amount measuring methods is selected. That is, the following three types of charging methods (first to third) corresponding to the above-described first to third data amount measurement methods are available as charging methods when a contract is made in the second contract form (metered charging). Third billing method) can be considered. The detailed configuration and operation for charging when a contract is made in the second contract form will be described later.

[First Accounting Method] When the data amount is measured from the number of distributions of the encryption key distributed during the period in which the communication path (session) is established as in the first data amount measuring method, Then, the contractor is charged in accordance with the number of distributions of the encryption key. That is, in the customer management module 14 in the case of the first billing method, the communication path (session)
The key management module 12 manages the number of distributions of the encryption key distributed to the receiving side terminal 2 during the established period, and charges through the credit / settlement system 17 according to the number of distributions.

[Second Billing Method] When the data amount is measured by measuring the connection time during the period when the communication path (session) is established as in the second data amount measurement method, the connection time is measured. Is charged to the contractor according to. That is,
The customer management module 1 in the case of the second billing method
In 4, the connection time counted by the data monitor system 13 during the period when the communication path (session) is established is managed,
The charging according to the connection time is performed through the credit / settlement system 17.

[Third Measurement and Billing Method] When the data transmission amount for each communication path (session) is directly measured as in the third data amount measurement method, the data transmission amount is calculated according to the total of the data transmission amount. Charge the contractor. That is, this third
In the customer management module 14 in the case of the charging method of
The data monitor system 13 manages the data transmission amount tabulated during the period in which the communication path (session) is established, and charges through the credit / settlement system 17 according to the total of the data transmission amount.

Next, when a contract is made in the third contract mode (content charging), charging is performed according to the type of data (content) to be received. That is, since the content transmitted to the contractor (reception-side terminal 2) is encrypted using a different encryption key for each content, the encryption key used when encrypting the content is determined by the contract that has been requested in advance. Only the subscriber (receiving terminal 2) that has received the encryption key is able to correctly decrypt the encrypted content and retrieve the data. . For this reason, when charging according to the type of data (content) to be received as in the third contract mode, the encryption key (decryption of the encrypted content is performed by the contractor (receiving terminal 2) (Encryption key to perform), in other words, accounting according to the encryption key transmitted to the contractor (reception-side terminal 2). In the case of the third contract mode, the amount charged may be different depending on the data type, that is, the content, or may be different depending on the importance of the data. In other words, the amount of the charge can be changed depending on the type of the encryption key sent to the contractor (reception side terminal 2).

Therefore, in the customer management module 14 in the third contract mode, the key management module 1
2 charges the contractor (reception-side terminal 2) according to the encryption key transmitted through the credit / settlement system 17. The detailed configuration and operation for charging when a contract is made in the third contract form will be described later.

Next, when a contract is made in the first and second contract forms as described above, FIG.
The specific configuration and operation of the customer management module 14 will be described with reference to FIG.

In FIG. 2, the customer management module 1
4 is a contract form for each contractor (the first to third contract forms), the first to third encryption key change timings,
It has a customer database 21 for storing information on the first to third data amount measurement methods and the first to third billing methods as customer information, and stores a content list for each data type and The content management server 20 manages the amount of information for each data type.

First, the flow of charging processing in the customer management module 14 in the case of the first contract mode (flat / flat-rate charging) will be described.

A request (request) for establishing a communication path (session) from the contractor (reception-side terminal 2) is sent to the Internet 4
This request is transferred to the key management module 12 once. Upon receiving the request, the key management module 12 controls the customer authentication / key management module control unit 2 of the customer management module 14.
3 is requested to distribute the encryption key.

Customer authentication / key management module control unit 23
Checks the contract information of the contractor who made this request using the customer information stored in the customer database 21, determines whether or not the encryption key can be given, and if it is determined that the encryption key can be given, The distribution of the encryption key is performed in accordance with the key distribution form described in the customer information.
Instruct 2 At the same time, the customer authentication / key management module control unit 23 registers the usage history of the contractor (reception-side terminal 2) that made the request in the usage history log collection unit 24, and stores the usage history in the usage fee charging processing unit 25. On the other hand, for example, on a certain date of each month, a billing process is performed in accordance with the usage status, and further, to the credit / settlement system 5 such as a bank or a credit company via the billing / storage / payment / payment management unit 26 to the contractor. Request for issuance of an invoice.

Next, the second contract form (pay-as-you-go billing)
The flow of the billing process in the customer management module 14 when performing is described.

As in the second contract mode, when charging according to the amount of transmitted information (the number of times of distribution of the encryption key, connection time, and data transmission amount), as described above, FIG.
Number of distributions of the encryption key in the key management module 12 of
The acquisition / aggregation result of the aggregation information such as the data amount (or the number of packets) for each address or the connection time and the data transmission amount in the data monitoring system 13 in FIG. 1 is transferred to the customer authentication / key management module control unit 23. The customer authentication / key management module control unit 23 uses the usage history of the contractor (reception-side terminal 2) who received the data with respect to the usage history log collection unit 24, based on the acquisition / aggregation result of the aggregation information. , And performs a charging process on the usage fee charging processing unit 25 according to the usage status, for example, on a certain date of every month.
Requests the settlement system 5 to issue a bill to the contractor.

Next, the flow of charging processing in the customer management module 14 when the third contract mode (content charging) is performed will be described.

In the case where billing is performed according to the data type to be received as in the third contract form, first, a list of data types for which content billing is performed (content list) is sent from the data server 10 via the content billing setting unit 22. Then, the data type is registered by being transferred to the content management server 20 and put on the content list.

The content charge setting unit 22 instructs the key management module 12 as a key setting notification of the data type, that is, the content type and the setting of the encryption key for encrypting the content.

Here, once, the content management server 20
Once the data type is registered in the first step, the same processing as in the first contract mode (flat charging / flat-rate charging) is performed. That is, a specific data type (specific content)
If there is a request (request) for delivery,
The key management module control unit 23 determines whether the requester is a contractor registered in the customer database 21, checks the contract information of the contractor who has made this request, and gives an encryption key. It is determined whether or not the request is acceptable, and if it is determined that the request can be given, whether or not the requested data type is registered in the content list of the content management server 20 is checked, and the requested data is checked. If the type is confirmed to be registered in the content list, the key distribution module instructs the key management module 12 to distribute the key corresponding to the requested data type. At the same time, the customer authentication / key management module control unit 23 registers the contractor who has made a distribution request to the usage history log collection unit 24 and the usage history of the requested data type, and uses the usage fee charging process. For example, on a certain date of each month, a billing process is performed on the unit 25 according to the usage status. Request issuance, etc.

Next, a schematic configuration of the data service system according to the embodiment of the present invention, generation of an IP datagram in the data server 10 and encryption processing (section data generation processing) in the encryption module 11 will be described. Details and specific configuration, details such as the MAC address included in the section data and its header, encryption keys managed by the key management module 12, details of transmission and encryption of the encryption keys, and decryption in the decryption module 15 The details will be described below.

As shown in FIG. 3, the data service system according to the embodiment of the present invention is connected to the communication line via a satellite line 3, a dedicated line 37, a telephone line 38, and a two-way communication line 39. Data is transmitted from the data transmitting device 1 to the data receiving devices 2a, 2b, and 2c, which are the receiving terminals 2. The data transmitting device 1 encrypts the data, and transmits the encrypted data. This is a data service system for transmitting data to the data receiving devices 2a, 2b, 2c via a communication path.

The data service system includes a communication satellite 3 serving as a first communication path used for transmitting data from the data transmitting device 1 to the data receiving devices 2a, 2b, 2c.
4, a dedicated line 37, a telephone line 38, and a two-way communication path that enable two-way communication between the data transmitting apparatus 1 and the data receiving apparatuses 2a, 2b, and 2c. And a communication path 39. The data service system uses the first communication path to transmit the encrypted data sent from the data transmitting device 1 to the data receiving devices 2a, 2b, and 2c, and transmits the encrypted data from the data transmitting device 1 to the data receiving devices 2a, 2a, and 2c. The second communication path is used for transmitting the encryption key to 2b and 2c. The second communication path is connected to the Internet 4.

The data transmitting apparatus 1 distributes various data to the data receiving apparatuses 2a, 2b and 2c using the communication lines. Data receiving devices 2a, 2b, 2c
Receives data transmitted from each communication line.
In FIG. 1, the data receiving devices 2a, 2b, 2c are 3
Although it is shown as a unit, in actuality, there are several hundreds to tens of thousands of data receiving devices (reception-side terminals 2), which constitute the data service system.

The data transmitting device 1 and the data receiving device 2
a, 2b, and 2c (in the following description, when it is not necessary to specify the data receiving devices 2a, 2b, and 2c, simply refer to the data receiving device 2). The communication path is configured as follows.

The satellite line 3 is assumed to be a Ku-band one-way line having a band of about 30 Mbps. With this satellite line 3, for example, data transmission from the data transmission device 1 can be performed simultaneously to data reception devices distributed throughout Japan.

The bidirectional communication path 39 is a communication path provided separately from the satellite link 3 between the data transmitting apparatus 1 and the data receiving apparatus 2, and is provided between the data transmitting apparatus 1 and the data receiving apparatus 2. This allows two-way communication between the two. In this embodiment, the bidirectional communication path 39 is assumed to be a general-purpose communication path used for communication on the Internet 4.

The dedicated line 37 is a communication means for directly connecting the data transmitting device 1 and the data receiving device 2.

The Internet 4 provides various kinds of information such as so-called video information and music information.
The Internet 4 and the data receiving device 2 are communicably connected. The data transmission device 1 is connected to the Internet 4
It is connected to the.

As described above, the dedicated line 37, the telephone line 38, and the two-way communication path 39 for enabling data transmission and reception between the data transmitting device 1 and the data receiving device 2
Is not as large as the bandwidth of satellite line 3, but several kbps
From about several hundred Kbps is a normal band.

In the data service system, predetermined data can be received only by a specific data receiving apparatus. For example, individual distribution (unicast data distribution) in which data is transmitted only to the data receiving apparatus 2a. ) Or, for example, broadcasting (multicast type data distribution) addressed to a group in which data is transmitted only to a receiving group composed of the data receiving devices 2a and 2b, or data is simultaneously transmitted to all the data receiving devices 2a, 2b and 2c. A distribution form such as simultaneous distribution (broadcast type distribution) such as transmission is made possible.

Next, transmission of data from the data transmitting device 1 to the data receiving device 2 in this data service system will be described.

The data transmitted from the data transmitting device 1 to the data receiving device 2 is subjected to data encapsulation as shown in FIG. This encapsulation is a process performed in the data transmitting apparatus 1 that transmits data. In the first encapsulating step, data to be distributed to the data receiving apparatus 2 is encapsulated by a first protocol. In the second encapsulation step, the data encapsulated by the first protocol is encapsulated by the second protocol. Here, encapsulation refers to encapsulating the data itself in a capsule (packet or frame, etc.) based on a transmission format defined by a communication protocol without processing the data itself. This encapsulation enables data transmission control.

In the first encapsulation step, the real data section including the entire data to be distributed to the data receiving apparatus 2 is encapsulated by adding an additional information section relating to the real data section to the real data section. The data portion is encrypted and encapsulated. This will be described in detail below.

As shown in FIG. 4A, an IP (Internet Protocol) datagram 101 is data configured in accordance with the Internet protocol. The IP datagram 101 stores data to be distributed to the data receiving device 2. In the header of the IP datagram, for example, a destination address for identifying a destination used on the Internet is added.

The part of the IP datagram 101 is
The present invention is not limited to being configured as an Internet protocol, and may be configured using an Ethernet protocol.

Then, the data transmitting apparatus 1 encapsulates the data according to the first protocol as shown in FIGS. 4B to 4D. For example, the first protocol is DVB (Digital Video Broadcasting).
ting) Multiprotocol Encapsulation.

First, the data transmitting apparatus 1 performs the data encapsulation according to the first protocol by padding the IP datagram as shown in FIG. 4B (adding the padding unit 102). , The length of the data portion is made an integer multiple of 64 bits. For example, padding of 0 to 63 bits in length is performed at the end of the IP datagram 101, and all bits to be padded are 1. By this padding, it is possible to set a predetermined data length,
This is because the IP datagram 101 and the padding unit 1
This is because, when encrypting the data portion of the section consisting of 02, it is more convenient if the length of the data portion is an integral multiple of 64 bits. In the present embodiment, a data portion constituted by the format of the first protocol is called a section.

Next, the data transmitting apparatus 1 encrypts the section to which the padding section 102 has been added, as shown in FIG. Here, the encryption is performed using an encryption key, and the encryption key is a session key to be described later used for encrypting information to be distributed to the data receiving device 2. Further, as an encryption method, block encryption of a common key method such as so-called Triple-DES is used. This Triple-DES encryption is one of the strongest encryption methods among public key methods, and its speed is easily increased by hardware implementation. Thereby, even in the case of high-speed encryption of about 30 Mbps, unlike the encryption of the public key system, it is possible to prevent the processing time from being too long and the data transmission not being in time.

Then, as shown in FIG. 4D, the data transmitting apparatus 1 adds the section header section 103 and the tailor section 105 used for error detection to the encrypted section data section 104. I do.

Here, the encrypted section data section 104 is configured by being converted into a MAC (Media Access Control) frame. By this MAC framing, a MAC header is added to the data part, and this MAC
By referring to the header portion, it is possible to easily control the destination of the data stored in the frame. Specifically, the MAC frame includes the MA
Stores the destination address of the data receiving device that is permitted to receive the data in the C frame.

The section header section 103 is a section for storing a destination address, and a data space is secured so that a 48-bit destination address is stored.
Specifically, in the section header section 103, M
The destination address is stored in an AC header. By providing a space for storing the destination address represented by 48 bits in the section header section 103, it is possible to eliminate the limited type of limited range of the data receiving apparatus. That is, much information for identifying the encryption key can be stored.
Further, when transmitting the IP datagram 101, it is not necessary to associate a packet ID, which will be described later, with the destination address of the Internet protocol, so that compatibility with the Internet protocol can be obtained.

Further, the tailor section 105 is provided with a CRC (Cy
clic Redundancy Checking (Cyclic Redundancy Checking). The CRC is for the data receiving device 2 that has received the data converted into the MAC frame to check whether the MAC frame is correctly transmitted on the satellite line. For example, the CRC is coded by 32 bits.

The above is the encapsulation of the data to be distributed by the first protocol. Next, the process of encapsulating the data encapsulated by the first protocol by the second protocol will be described. I do.

The encapsulation by the second protocol is an encapsulation executed by dividing the data encapsulated by the first protocol into a plurality of packets.

Here, the second protocol is TS (Tran
sport Stream) packetization. MPEG
2 (Moving Picture Experts Group Phase 2), which multiplexes various types of data such as audio and video signals and data, and enables transmission over large-capacity digital lines. Become. According to the second protocol, the data encapsulated by the first protocol is encapsulated as shown in FIG. 4 (e) to FIG. 4 (g), and the plurality of TS packets 106 and 107 are encapsulated. , 108. The above TS
Packets 106, 107, and 108 have a TS header HTS
And a TS payload section P.
The payload portion P stores data that has been divided and encapsulated by the first protocol. The TS header section HTS of the TS packet includes a packet ID (PID) section and a scramble control section as shown in FIG. FIG. 5 shows the structure of a general TS packet format. An encryption key is specified by a PID (Packet Identification) unit 411 and a scramble control unit 412 in the header. The encryption key includes a session key Ks and a work key Km. The PID section 411 is 13-bit data.
The scramble control unit 412 generates 2-bit data, T
The data of the S packet is described in the payload portion 413. Although the destination address is written in the PID section 411 and the scramble control section 412 in the example of FIG. 5, in the present embodiment, the destination address is written in the section header section 103 as described above. This prevents the destination address information from being restricted.

The above is the encapsulation by the second protocol. Therefore, the data transmitting apparatus 1 converts the data (IP datagram) to be distributed to the data receiving apparatus 2 into the first protocol and the second protocol. And the data is transmitted to the communication satellite 34.

As described above, in this embodiment, data transmission is performed by processing independently at the two levels of the TS packet and the section. For example, without increasing the number of PIDs to be used, many encryption keys are used. Information can be secured, there is no need to prepare control methods for each application, quick response to new applications can be achieved, and authentication headers and encrypted payloads can be used on the existing Internet Will be able to

Next, the data encryption performed by the data transmission device 1 using the encryption key and the decryption of the encrypted data performed by the data reception device 2 using the encryption key (decryption key) will be described.

Here, the key management module 12 and the encryption module 11 of the data transmission device 1 and the key reception module 16 and the decryption module 15 of the data reception device 2 are specifically configured as shown in FIG. It is configured.

In FIG. 6, the session key Ks12
Keys 4 and 134 are keys used by the data transmitting device 1 and the data receiving device 2 for data encryption / decryption, and employ a so-called common key system. The key management module 12 manages the session key Ks124 of the data transmission device 1, and the key reception module 16 decrypts and generates the session key Ks134 of the data reception device 2.

The encryption unit 121 of the data transmission device 1
Encrypts information data sent to a specific data receiving device using the session key Ks124. That is, the encryption module 11 of FIG. 1 replaces the data portion of the section shown in FIG.
24 using the above Triple-DES encryption. In addition, the decryption unit 131 of the data receiving device 2 converts the distributed encrypted data into a session key Ks13.
4 and extracted as meaningful information.

The master keys Km125 and Km135 are
Similar to the session key Ks, the data transmission device 1 and the data reception device 2 have the same encryption key,
It is unique to each data receiving device 2a, 2b, 2c.

The master key Km is not transmitted between the data transmitting apparatus 1 and the data receiving apparatus 2, that is, it does not exist on the communication path. It is an encryption key that cannot be known.

The master key Km is the same as the session key Ks
Is transmitted from the data transmitting apparatus 1 to the data receiving apparatus 2 to encrypt / decrypt the session key Ks. That is, the encryption unit 122 built in the key management module 12 of the data transmission device 1 encrypts the session key Ks124 using the master key Km125 and transmits the encrypted session key Ks124 to the data reception device 2 in advance. The decryption unit 132 incorporated in the key receiving module 16 of the data receiving device 2 decrypts the received encrypted session key Ks124 by using the master key Km135 possessed by the data receiving device 2, and extracts it ( Extracted as the session key Ks134).

By encrypting and decrypting the encryption key (session key Ks) using the master key Km, the encrypted session key Ks is transmitted by the eavesdropper during transmission from the data transmitting device 1 to the data receiving device 2. Even if eavesdropping, it will not be decrypted.

Note that the encryption / decryption of the session key Ks using the master key Km is also described in the above Triple-DES.
However, a public encryption method can be adopted. This is because, in the public encryption method, unlike the encryption / decryption of data, in which encryption and decryption of keys do not require high-speed performance, security can be ensured.

In the present embodiment, the session key Ks
124 is managed by the key management module 12 under the management of the customer management module 14 as described above, and the above-described charging is performed according to the distribution status of the session key Ks124.

In the above description, the data receiving apparatus 2 passively sends the session key Ks124 from the data transmitting apparatus 1.
Although an example of receiving the session key Ks has been described, it is also possible to actively request the session key Ks from the data receiving device 2 by using the bidirectional communication path 9. This allows
Each of the data receiving apparatuses 2a, 2b, and 2c can quickly and surely acquire the necessary session key Ks124 from the data transmitting apparatus 1. Specifically, for example, when the data receiving device 2 newly joins the data service system, or when the data receiving device 2 that has been disconnected from the system due to a fault recovers from the fault and joins the data service system again, When the data receiving device 2 cannot correctly receive the session key Ks, for example, the data receiving device 2 actively requests the session key Ks, thereby enabling each of the data receiving devices 2a, 2b, and 2c.
Can quickly and reliably obtain the required session key Ks. For example, the above-described failure recovery and management of updating of the session key Ks are performed by the key management module 12 of the data transmission device 1, the key reception module 16 and the data display request module in the data reception device (reception-side terminal) 2. 17 are realized by performing bidirectional communication. For this reason, in the present embodiment,
For example, it is possible to solve a problem caused by incorporating only a satellite line into a data service system, such as a problem that a data transmitting device cannot know whether information has been correctly transmitted to each data receiving device.

The transmission of the session key Ks from the data transmitting apparatus 1 to the data receiving apparatus 2 may be performed using the satellite line 3 which is a one-way communication path, or may be performed via the two-way communication path 39. You may.

Here, the session key Ks may be periodically updated and distributed as in the third encryption key change timing. The updating of the session key Ks is executed according to an updating procedure as shown in the flowchart of FIG.

First, at some point, the key receiving module 16 of the data receiving device 2 sets the session key Ks134
As the session key Ks_even and the session key Ks_odd
Are held. By holding two session keys Ks in this way, the data receiving apparatus 2 decrypts the information data transmitted from the data transmitting apparatus 1 using either the session key Ks_even or the session key Ks_odd. I do.

Here, the currently used session key Ks
Is written as information in the session header section 103 shown in FIG. For example, as shown in FIG. 8, the section header section 103 includes a table ID (table_id), a MAC address section (MAC_address_1,
MAC_address_2, MAC_address_3, MAC_address_4, MAC_addr
ess_5, MAC_address_6) and section information section (section
_length, section_number, last_section_number), ss
i (section_syntax_indicator), pi (private_indi
cator), rsvd (reserved), psc (payload_scr)
amble_indicator) 111, asc (address_scramble_
indicator), LSf (LLC_SNAP_flag), and cni
(Current_next_indicator). Here, the session key Ks currently used by the psc 111
Indicates information about which is. For example, the above psc1
Numeral 11 is 2-bit information. For example, when the upper bit of psc is “0”, it indicates that the session key Ks_even is used, and when the upper bit of psc is “1”, the session key Ks_odd is used. Is used.

After determining the used session key Ks as described above in step S1, the key receiving module 16 of the data receiving apparatus 2 triggers the timer in step S2 to update the session key Ks. Know the timing.

Subsequently, in step S3, the key receiving module 16 of the data receiving apparatus 2 sets the current session key K in the correspondence table between the MAC address and the session key Ks.
Update the s flag. The key receiving module 16 of the data receiving apparatus has, for example, a correspondence table between the MAC address and the session key Ks in FIG. 9 and updates the flag 112 of the current session key Ks with reference to the correspondence table. By this update processing, the top 1 of the above-mentioned psc111
Bits are inverted. For example, the upper bit of psc is inverted to “0”.

Then, in step S4, the data receiving device 2 decodes the IP datagram included in the section based on the psc. That is, when the upper bit of the psc is set to “0”, the key receiving module 16 of the data receiving device 2 is used when the upper bit of the session key Ks_odd (the upper bit of the psc is “1”). From the session key Ks) to the session key Ks_even, and the decryption module 15 performs decryption using the session key Ks_even. Also, p
When the upper bit of the sc is set to “1”, the key receiving module 16 of the data receiving apparatus 2 transmits the session key Ks_even (the session used when the upper bit of the psc is “0”) Key Ks) to the session key Ks_odd, and the decryption module 15 performs decryption using the session key Ks_odd.

Until the timing of switching the next session key Ks, in step S5, the key management module 12 of the data transmitting apparatus 1 encrypts the next session key Ks with the master key Km124, and Transfer to 2.

The encrypted session key Km (K
s) is transmitted using the satellite line 3 or the two-way communication line 39, and the transmission is performed using a protocol with a response, such as TCP / IP.
(Transmissiom Control Protocol / Internet Protoco
Use l). Thereby, the transmission of the session key Ks from the data transmitting device 1 to the data receiving device 2 is reliably performed.

Then, during this transfer processing, step S
6, the key receiving module 16 of the data receiving device 2
Updates the comparison table of the session key Ks of the MAC address shown in FIG. That is, a process of rewriting the previously used session key Ks with a new session key Ks is performed.

After that, in step S7, the key receiving module 16 of the data receiving device 2 checks whether the next session key Ks is held in the target data receiving device 2, and then proceeds to step S8 to execute the next session key Ks. Key K
Switch to s. Here, step S8 and subsequent steps are performed.
The processing up to 13 is processing when the upper bit of the psc is set to “1” and the session key Ks_odd is used for decryption, and is processing that proceeds from step S7. The data receiving device 2 sets the current session key Ks to the session key Ks_even (ps
This is also a process executed when the upper bit of c is set to “0”.

According to the above-described procedure, the data transmitting apparatus 1 can reliably deliver the updated session key Ks to the data receiving apparatus 2, and the data receiving apparatus 2
Instantly switch between two session keys Ks,
Decryption with the session key Ks can be realized without data loss. Note that the update frequency of the session key Ks124 can be flexibly changed as long as the transmission processing time permits.

As described above, even when the session key Ks is successively changed in the data transmitting apparatus 1, the data receiving apparatus 2 can change the session key Ks
Can decrypt the encrypted data.

Next, a procedure until the data transmitting apparatus 1 transmits data and a procedure when the data receiving apparatus 2 receives data will be described. The procedure until the data transmitting apparatus 1 transmits data is described in, for example, FIG.
Is executed according to the flowchart shown in FIG. And
The procedure after the data receiving device 2 receives the data is executed, for example, according to the flowchart shown in FIG.

First, regarding the procedure until the data transmitting apparatus 1 transmits data, in step S21, the data transmitting apparatus 1 transmits the IP datagram to be transmitted to the data receiving apparatus 2 to the data transmitting apparatus 1 itself or the bidirectional datagram. Is received from the interface connected to the communication path 39. In addition, based on access information from the Internet 4, information center information is provided.

Next, in step S22, the data transmitting device 1 looks at the destination address of the IP datagram and knows the destination address of the first protocol. For example, the data transmitting device 1 knows the destination address of the data receiving device 2 in the first protocol from the correspondence table of the IP address and the MAC address as shown in FIG.

Then, the data transmission device 1 that knows the destination address creates the section based on the destination address. Here, the data transmitting apparatus 1 performs padding of the data part with bit 1 as necessary, so that the data part is a multiple of 64 bits.

Next, in step S23, the current session key Ks 124 is extracted by looking up the flag 112 of the current session key Ks from the correspondence table between the MAC address and the session key Ks as shown in FIG. 9, for example. By using the extracted session key Ks, FIG.
(C), the data portion of the section is encrypted. At this time, the flag of the current session key Ks is checked, and its contents are put into the upper one bit of the psc 111 of the session header shown in FIG.

Next, in step S24, as shown in FIG. 4 (e) to FIG. 4 (g), the entire section 109 is divided and each TS packet 106, 107,
108, and the TS packet 10
6, 107 and 108 are added with the predetermined PID, and the payload P is encrypted as required by the second protocol and transmitted to the satellite line 3.

The procedure up to the point where the data transmitting apparatus 2 transmits data has been described above. Then, in the data receiving device 2,
The data transmitted to the satellite line 3 is received as described above.

The data receiving apparatus 2 first decodes the TS packets 106, 107, and 108 received from the satellite link 3 in accordance with the second protocol in step S31 in FIG. 11, and reconstructs the entire section 109.

Next, in step S32, the data receiving device 2 extracts the destination address (MAC address) of the section, and subsequently, in step S33, refers to the correspondence table between the MAC address and the session key Ks shown in FIG. A determination process is performed to determine whether a MAC address exists. That is, a determination process is performed to determine whether or not the data contains data that is allowed to be transmitted. Here, when it is confirmed that there is no MAC address,
The data receiving device 2 proceeds to step S34 and performs a process of discarding the data. If it is confirmed that there is a MAC address, the data transmission device 2 proceeds to step S35, and the
Is taken out. Then, the data transmission device 2 checks which one of the currently valid session keys Ks is the upper one bit of the psc 111 and finds out the currently valid session key K from the two session keys Ks.
Take out s.

In step S36, the data receiving apparatus 2 decrypts the section data section 104 by Triple-DES using the session key Ks thus extracted.

Then, the data receiving device 2 executes step S
At 37, an IP datagram is extracted from the decrypted data. For example, to retrieve an IP datagram, the TOTAL LENGTH field 113 in FIG. 14 is read from the IP header at the beginning of the decrypted data part,
Check the length of the IP datagram and calculate the I
Retrieve the entire P datagram. As a result, unnecessary padding added during encryption is removed. In this way, a desired IP datagram can be extracted.

According to the above-described procedure, the data transmitting apparatus 1 performs processing until data transmission, and the data receiving apparatus 2 performs processing on received data.
Receives information data delivered to itself.

The data service system according to the present embodiment can be modified as follows.

That is, as a first modification, the data service system can be configured as shown in FIG. The data service system shown in FIG. 15 is a case where the data receiving device 2 is configured as an IP router.

In the data service system described above, the data receiving device 2 is configured to directly receive an IP datagram. However, in this data service system, by configuring the data receiving device 2 as an IP router, the data received by the data receiving device 2 from the satellite line 3 is connected via a local area network (LAN) 202 such as Ethernet. Data can also be transmitted to the computers 203a and 203b that do not have an interface to the satellite line 3 that is running. At that time, the data transmitting device 1 and the data receiving device 2
Not only the data receiving device 2 but also the computer 20 on the local area network 202 to which it is connected
It becomes possible to distribute data for all 3a and 203b. Specifically, the IP address in the correspondence table between the IP address in the data transmission device 1 and the destination address (MAC address) of the section shown in FIG. 12 indicates not a single IP address but a set of a plurality of IP addresses. It will change to an IP network address. However, in this data service system, data transmission is performed only in the section of the satellite line 3, so that data transmission between the data receiving device 2 and the computers 203a and 203b requires the IP protocol or higher. It is necessary to control data distribution at the application level.

Next, as a second modification, the data service system can be configured as shown in FIG. This data service system is different from the data transmission system 201 in that the data receiving device 2 is configured as a bridge, performs only conversion of a protocol for transmitting an IP datagram, and does not perform routing.

In this case, the data receiving apparatus 2 decodes the data received from the satellite line 3 to take out an IP datagram, puts it into an Ethernet frame, and transfers it to the general-purpose router 302. And general-purpose router 3
02 performs a process on a normal IP datagram.
As a result, the configuration of the data receiving device 2 is simplified because no routing is performed, and an existing general-purpose router can be used.

[0125]

As is apparent from the above description, according to the present invention, data is provided in an encrypted form, an encryption key for decrypting the encrypted data is managed, and the encryption key is distributed. By managing the billing according to the distribution form of the encryption key, the confidentiality of data can be improved when a data service is performed using a large-capacity, high-speed data line such as a satellite broadcast or a digital CATV line. It is possible to realize charging for each data unit or data type, and for each contractor, while maintaining the same.

That is, the billing method and apparatus of the data transmission system of the present invention are represented by a large-capacity and high-speed data transmission line such as a satellite broadcast or a two-way or one-way digital CATV line, and a telephone line or ISDN. A data service such as high-speed Internet access is realized by combining with a relatively low-speed line, and a data distribution mechanism is combined with a key distribution mechanism in IP packet-based encryption and charging for data provision. While maintaining confidentiality, it is possible to realize charging for each data unit and data type, and for each contractor.

[Brief description of the drawings]

FIG. 1 is a block diagram showing a configuration of a main part of a data service system to which a billing method and device of a data transmission system according to the present invention is applied.

FIG. 2 is a block diagram illustrating a configuration example of a customer management module of the data service system according to the present embodiment.

FIG. 3 is a diagram showing a schematic configuration of a data service system according to an embodiment of the present invention.

FIG. 4 is a diagram showing data transmitted from a data transmitting device to a data receiving device constituting the data service system according to the present embodiment, the data being encapsulated by a plurality of protocols.

FIG. 5 is a diagram showing a format of a data structure of a TS packet.

FIG. 6 is a block diagram illustrating a configuration of a data transmitting device and a data receiving device.

FIG. 7 is a flowchart showing a series of steps of a procedure for changing a session key for encrypting data transmitted from the data transmitting device to the data receiving device.

FIG. 8 is a diagram showing a data structure of a section header.

FIG. 9 is a diagram showing a correspondence table between MAC addresses and session key flags.

FIG. 10 is a flowchart showing a series of procedures for encapsulating data performed in the data transmitting apparatus.

FIG. 11 is a flowchart showing a series of procedures when decrypting data received by the data receiving device using a session key.

FIG. 12 is a diagram showing a correspondence table between IP addresses and MAC addresses.

FIG. 13 is a diagram showing a correspondence table between MAC addresses and session keys.

FIG. 14 is a diagram showing a data structure in which a TOTALLENGTH field used for extracting an IP datagram is stored.

FIG. 15 is a diagram showing a first modification of the data service system of the present embodiment.

FIG. 16 is a diagram showing a second modification of the data service system according to the present embodiment.

[Explanation of symbols]

1 data transmission device, 2 receiving terminal (data receiving device), 3 satellite line, 4 internet, 5
Credit / settlement system, 10 data server, 11 encryption module (data encoder), 12 key management module, 13 data monitor module, 14
Customer management module, 15 decryption module, 1
6 key receiving module, 17 data display request module, 20 content management server, 21
Customer database, 22 content billing setting section, 2
3 Customer authentication / key management module control unit, 24 usage history log collection unit, 25 usage fee accounting processing unit, 26 billing / storage / payment / payment management unit, Ks session key,
Km master key

Claims (18)

[Claims] 1. A billing method for a data transmission system that provides data using a communication line and performs billing corresponding to the data provision, wherein the data is provided in an encrypted form. A charging method for a data transmission system, comprising: managing an encryption key for decrypting an encryption; distributing the encryption key; and managing the charging in accordance with a distribution mode of the encryption key. 2. The charging method for a data transmission system according to claim 1, wherein the encryption key is distributed at least every time a communication path is established. 3. The charging method for a data transmission system according to claim 1, wherein the encryption key is periodically distributed at least during a time when a communication path is established. 4. The charging method for a data transmission system according to claim 2, wherein the number of distributions of said encryption key is managed, and charging is managed according to the number of distributions of said encryption key. 5. The charging method for a data transmission system according to claim 3, wherein the number of distributions of the encryption key is managed, and charging is managed according to the number of distributions of the encryption key. 6. The charging method for a data transmission system according to claim 1, wherein a connection time during which a communication path is established is measured, and charging is managed according to the connection time. 7. The charging method for a data transmission system according to claim 1, wherein a data transmission amount for each communication path is measured, and charging is managed in accordance with the total of the data transmission amounts. 8. The charging method for a data transmission system according to claim 1, wherein the encryption key is made to correspond to the type of data to be transmitted, and charging is managed according to the encryption key according to the data type. 9. The communication line includes a first high-speed data transmission line and a second low-speed data transmission line that is lower than the first data transmission line. 2. The charging method for a data transmission system according to claim 1, wherein the encrypted data is transmitted, and the encryption key is transmitted through the second data transmission path. 10. Providing data using a communication line,
In a charging apparatus of a data transmission system that performs charging corresponding to the data provision, a data providing unit that encrypts and provides the data, management of an encryption key for decrypting the encrypted data and management of the encryption key A charging apparatus for a data transmission system, comprising: key management means for managing distribution of an encryption key; and charging management means for managing the charging in accordance with the distribution mode of the encryption key. 11. The charging apparatus according to claim 10, wherein the key management means distributes the encryption key at least every time a communication path is established. 12. The charging apparatus for a data transmission system according to claim 10, wherein said key management means periodically distributes said encryption key at least during a time when a communication path is established. 13. The method according to claim 11, wherein said key management means manages the number of times of distribution of said encryption key, and said accounting management means manages accounting in accordance with the number of times of distribution of said encryption key. Billing device for data transmission system. 14. The method according to claim 12, wherein said key management means manages the number of distributions of said encryption key, and said accounting management means manages accounting according to the number of distributions of said encryption key. Billing device for data transmission system. 15. The apparatus according to claim 10, further comprising connection time measuring means for measuring a connection time during which a communication path is established, wherein said charging management means manages charging according to said connection time. Billing device for data transmission system. 16. A data transmission amount measuring unit for measuring a data transmission amount for each communication path, wherein the charging management unit manages charging in accordance with the total of the data transmission amount. 2. A charging device for the data transmission system according to 1. 17. The method according to claim 10, wherein said key management means associates said encryption key with a data type to be transmitted, and said accounting management means manages accounting according to an encryption key according to said data type. A charging device for the data transmission system according to claim 1. 18. The communication line comprises a first high-speed data transmission line and a second low-speed data transmission line which is slower than the first data transmission line. 11. The charging apparatus for a data transmission system according to claim 10, wherein the transmitted data is transmitted to the first data transmission path, and the key management means transmits the encryption key to the second data transmission path. .