JP2002190795A - Information terminal and information terminal system - Google Patents

Abstract

(57) [Summary] [PROBLEMS] To temporarily share digital content data among a plurality of terminals while preventing unauthorized copying of digital content. An encrypted digital content, a key used for decrypting the encrypted digital content, and a copy condition file are transmitted from a first terminal to a second terminal. The second terminal decrypts the digital content with reference to the received copy condition file, and deletes the key used for decryption after the decryption processing is completed.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a portable terminal provided with communication means, and realizes data sharing between a plurality of portable terminals.

[0002]

2. Description of the Related Art As conventional digital contents, there are contents having various security attributes, such as contents whose copying is freely permitted and contents whose copyrights are managed. With respect to the content whose copyright is managed, copy protection is applied and copy management is strict, and users are not allowed to copy freely.

[0003]

Although copying of digital contents cannot be permitted without limitation, if copying is completely prohibited, it is inconvenient if, for example, it is desired to refer to contents data in an inner circle at a conference or the like. If you want to see the content at a meeting or the like, it is difficult for multiple people to see the screen of the mobile device, but it may not be enough to copy the content data to all members until you pay the copyright fee,
It is inconvenient to completely prohibit copying.

An object of the present invention is to realize temporary content data sharing between a plurality of portable terminals while preventing unauthorized use.

[0005]

In order to achieve the above-mentioned object, the present invention provides an information terminal provided with a communication means and an external storage means storing a key for decrypting the information. When referring to the encrypted data, the key for decrypting the encryption recorded in the external storage means is temporarily copied to the storage means of the information terminal, and the data is decrypted only once using the copied key. .

[0006] When referring to a plurality of portable terminals, the key of the original content is copied to the storage means of each information terminal, and each user is allowed to copy the key of the copied content, for example, only once, for two hours. See

[0007]

Embodiments of the present invention will be described below with reference to the drawings. The same reference numerals in the drawings of the respective embodiments denote the same or corresponding components, and a duplicate description will be omitted.

FIG. 1 is a block diagram of a first embodiment of a data sharing system as an information terminal system according to the present invention. As shown in FIG. 1, the data sharing system according to the first embodiment of the present invention includes an information terminal 100 and an IC card 120 as an external storage unit, and includes a terminal 100, a display unit 101, a storage unit 102, and a file list 103. , Control means 1
04, a communication unit 105, an input unit 106, an ICCR / W 107, and a copy management unit 108. The IC card 120 includes a key storage unit 121.

The key recorded on the IC card 120 is used for decrypting the encrypted data, for example, when reading the encrypted content data. IC card 12
Since reading a key from 0 requires authentication, only a person who knows the password can read the key.

In this embodiment, an IC card is used as the external storage means, but other storage means may be used.

Next, a flow for reading the encrypted data in the terminal 100 will be described with reference to FIG. It should be noted that the flow in FIG.
It is a flow of the terminal user who has a card. Steps
In 201, the user operates the terminal displayed on the display unit 101.
From the file list 103 stored in the storage unit 102 in the storage unit 100, a file of the content data to be referred to is selected.

Next, in step 202, the copy management means 108 of the terminal 100 refers to the security attribute of the file selected by the user.

In step 203, the copy management means 108 of the terminal 100 checks whether or not a key is necessary for decrypting the content data selected by the user.

If a key is required, in step 204, the control means 104 or the copy management means 108 of the terminal 100
Represents the key recorded in the IC card 120 in the storage unit 10 of the terminal 100.
Duplicate to 2. That is, the key recorded on the IC card 120 is read out and stored in the storage unit 102 to duplicate the key (copy the key).

In step 205, the copy management means 108 of the terminal 100 performs a decryption process of the digital content data using the key copied to the storage means 102 of the terminal 100.

In step 206, the copy management means 108 of the terminal 100 executes the
The key is deleted from the storage unit 102 of the terminal 100.

In step 207, the control means 104 or the copy management means 10 displays the content data on the display means 101.

In step 203, if a key is not required for decrypting the content data, step 207
The control unit 104 or the copy management unit displays the content data on the display unit 101.

Although the description has been given of the case where the key of the storage unit in the terminal device is deleted, the configuration may be such that the encryption key stored in the IC card is retained as it is. Also, the terminal device
When the encryption key is duplicated in the storage means 102 of step 100 (step 2
04) or when deleting the encryption key from the storage means of the terminal (step 206), or by storing that the content has been reproduced on the terminal device side, and prohibiting the copying of the encryption key again, or Alternatively, the same content may not be reproduced again using the encryption key stored in the IC card, for example, by storing the fact that the encryption key has already been copied in the IC card.

FIG. 3 shows a flow for copying digital content stored in the storage means 102 of the terminal 100 to another terminal 100.

In step 301, a user having original content data selects content data to be copied from the file list 103 in the terminal 100 displayed on the display means 101.

In step 302, the user inputs copy conditions for the content data using the input means 106.

In step 303, the copy management means 108 of the terminal 100 checks whether the copy condition satisfies the security attribute. If you are satisfied,
In step 304, the copy management unit 108 of the 100 confirms terminal-to-terminal authentication between the copy source terminal 100 and the copy destination terminal 100. Authentication in this case refers to, for example, confirmation of a communication destination using a terminal ID, a password, or the like.

FIG. 4 shows security attribute data.
Security attribute data corresponds to the file name,
Indicates the security attributes of the file such as "copy free" and "encryption key". “Copy free” indicates that the file can be freely copied. “With encryption key”
Indicates that an encryption key is required for reading data because the file is encrypted.

Next, in step 305, the copy management means 108 of the terminal 100 transmits the content data, the encryption key and the copy condition file to the storage means 102 of the copy destination terminal 100. At this time, history information indicating that the information has been recorded on the copy destination terminal 100 may be stored in a destination history storage unit (not shown) of the source terminal 100. By storing the copy destination terminal, copy management can be performed.

At step 306, the copy destination terminal 100
The copy management means 108 decrypts the digital content using the key received together with the content data with reference to the copy condition file.

In step 307, the copy destination terminal 100
After the content data is decrypted, the copy management means 108 deletes the key stored in the storage means 102.

In step 308, the copy destination terminal 100
The control means 104 or copy management means 108 displays the decrypted digital content on the display means 101.

Next, a screen transition of the terminal 100 when the content data is copied to another terminal 100 will be described with reference to FIG.

FIG. 4 shows security attribute data of the content data. For example, A. Since the security attribute of the content data named FILE is copy-free, it indicates that the content data can be freely copied to another terminal 100. B. Since the security attribute of the file named FILE is copy-free and "with encryption key", it indicates that the file is in an encrypted format. C.I. The security attribute of the file named FILE indicates that the file cannot be copied and is in an encrypted format. Although not shown in the figure, content data with various other security attributes, such as buying rights, may be handled. Note that data that cannot be shown to others may have attribute data indicating that the data is secret data. In the case of such secret data,
It is assumed that the copy management means performs copying only to another terminal to which copying is permitted. Also, the number of times the decrypted data is displayed at the copy destination, the time, whether or not printing is possible, the password required when decrypting the copied data, the terminal ID of the copy destination, and the data of the characteristics of the copy destination storage means may be attribute data. Good.

Next, referring to FIG.
When copying the content data of 0 to another terminal 100,
A screen transition displayed by the terminal 100 will be described.

First, on the file list 103 screen, the user selects a file to be copied.

For example, if the user sets B. When FILE is selected, the control means 104 of the terminal 100 displays a screen for inputting copy conditions on the display means 101. For example, B. FIL
Assuming that the content data, which is a file named E, is copied to a terminal having a terminal ID of “00273”,
Set the password as “****” and set other file attributes. RWX uses R (read), W
Indicates the attribute of whether (write) and X (execute) are possible.

When the user selects a file to be copied, the control means 104 of the terminal 100 checks the security attribute of the content data. If the selected file cannot be copied, the control means 104 "The security attribute of the selected file cannot be copied". At the same time,
A means for copying digital content that cannot be copied at present, such as “copying is possible if a copyright fee is paid”, may be presented. If the selected file is a confidential file, the display means 101 displays "whether or not to permit copying?", And the user inputs permission or non-permission through the input means 106, and copies according to the permission. Is determined.

In the present embodiment, the key life is determined as the copy condition. However, the number of times data can be copied, the time limit data that can be displayed on the display means 101, and other data are copied. May be determined. As the password, not only a password that can be used many times, but also a password that is valid only once may be used. Further, as the other copy conditions, detailed information such as whether or not the duplicated data can be re-copied and whether or not printing can be performed may be defined.

Next, the flow in the copy destination terminal will be described with reference to FIG.

A description will be given of a flow in the terminal that has received the copy of the content data and the key and the copy condition file.

In step 601, the control means 104 of the copy destination terminal receives the copy of the content data, the key, and the copy condition file via the communication means 105.

In step 602, the terminal presents the received copy conditions to the display means 101, and the user inputs a password using the input means 106.

In step 603, if the passwords match, in step 604, the copy management means 1
08 decrypts the key data. If the passwords entered by the user do not match, in step 608 the copy management means deletes the content data and the key data.

Next, in step 605, the copy management means 108 decrypts the content data using the key decrypted in step 604.

Next, in step 606, after the decryption processing of the content data is completed, the copy management means 108 deletes the key stored in the storage means, and in step 607, the control means 104 or the copy management means 108 decrypts the key. The digital content is displayed on the display means.

In this embodiment, information such as the copy destination terminal ID and the password is specified as the copy condition. May be used for authentication.

In this embodiment, at least the key data of the received data is deleted after the data decryption is completed at the copy destination terminal. However, when recording the data in advance, the power of the DRAM, the SRAM, etc. is turned off. May be stored in a storage means having a characteristic that the data disappears. Also,
A means for the user to select the storage means may be further provided, or the information may be automatically recorded in the volatile storage means.

Further, in the present embodiment, the received data is temporarily recorded in the copy destination terminal, but it is also possible to display only the decoded data without recording the data.

In the above embodiment, the copy management means and the control means have been described separately. However, the CPU may serve as both the copy management means and the control means.
Alternatively, a program for performing the functions of the copy management unit and the control unit may be stored in a storage unit (not shown), and the CPU may operate according to the program.

[0047]

According to the present invention, unauthorized use can be prevented in an information terminal. Further, temporary data sharing of digital content can be realized between a plurality of information terminals.

[Brief description of the drawings]

FIG. 1 is a block diagram of the system of the present invention.

FIG. 2 is a flowchart for reproducing content data.

FIG. 3 is a flowchart when content data is copied between terminals.

FIG. 4 is an explanatory diagram of security attribute data.

FIG. 5 is a diagram showing a screen transition of a terminal when copying content data.

FIG. 6 is a flowchart of a terminal to which content data has been copied.

[Explanation of symbols]

100 terminal, 101 display means, 102 storage means, 103 file list, 104 control means, 105 communication means, 106 input means, 107 IC card R / W, 108 copy management means, 1
20… IC card

Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat II (Reference) H04L 9/10 H04L 9/00 621A (72) Inventor Mayumi Nakade 292 Yoshida-cho, Totsuka-ku, Yokohama-shi, Kanagawa Pref. Hitachi, Ltd. Digital Media Development Division (72) Inventor Minoru Takami 292, Yoshida-cho, Totsuka-ku, Yokohama-shi, Kanagawa Prefecture Hitachi, Ltd. Digital Media Development Division (72) Inventor Shigeyuki Ito Yoshida-cho, Totsuka-ku, Yokohama-shi, Kanagawa Prefecture 292 F-term (reference) in Digital Media Development Division, Hitachi, Ltd. 5B017 AA07 BA07 CA16 5B082 EA11 5J104 AA01 AA16 EA04 EA16 EA26 NA02 NA05 NA35 NA37 PA02 PA07

Claims (10)

[Claims] 1. An information terminal capable of reading key information stored in an external storage means, which stores encrypted content data, and decrypts the content data stored in the storage means. Copy management means; display means for displaying the decrypted content data; input means for selecting and instructing a desired file from a file list of the content data displayed on the display means; Storing the key information read from the external storage means in the storage means according to the security attribute of the file selected by the input means,
Decrypting the file data using the key information stored in the storage means, displaying the decrypted content data on the display means, and deleting the key information stored in the storage means. Information terminal. 2. The information terminal according to claim 1, further comprising communication means for communicating with another information terminal, wherein a desired file is selected by the input means, and copy conditions of the selected file are input. The communication means so that the copy management means transmits the data of the selected file input by the input means, the copy condition, and the key information stored in the external storage means to the other information terminal. An information terminal for controlling the information terminal. 3. The information terminal according to claim 2, wherein when the data of the selected file is transmitted to the another terminal, history information transmitted to the other information terminal of the transmission destination is stored. An information terminal, comprising: a destination history storage unit. 4. The information terminal according to claim 1, further comprising communication means for receiving data of a selected file, file copy conditions, and key information transmitted from another information terminal, wherein the other information terminal is provided. Record the data received from the storage means, perform decryption of the received file using the received key information based on the received copy conditions, and display the data of the decrypted file on the display means, An information terminal for processing the decrypted file based on the received copy condition. 5. The information terminal according to claim 4, wherein said key information transmitted from said another terminal is stored in volatile storage means. 6. The information terminal according to claim 4, wherein at least one of a terminal ID and a password of the information terminal is used when decoding the received file. . 7. The information terminal according to claim 2, wherein the copy condition includes the number and time of displaying the decrypted data at the copy destination, whether or not the copied data can be re-copied, and the printing. An information terminal including any one of a password necessary for decrypting the copied data, a terminal ID of a copy destination, and data of characteristics of a copy destination storage unit. 8. The information terminal according to claim 1, wherein said external storage means is an IC card or a memory card. 9. An information terminal system having the information terminal according to claim 1 as a first information terminal and a second information terminal, wherein the first information terminal and the second terminal device include an information terminal. Communication means for communicating between the first information terminal, the first information terminal, when a desired file is selected by the input means, and when the copy conditions of the selected file are input, the copy management means, The communication unit controls the communication unit to transmit the data of the selected file input by the input unit, the copy condition, and the key information stored in the external storage unit to a second information terminal, and the second terminal Recording the data received from the first terminal in the storage means, decrypting the received file using the received key information based on the received copy condition, and displaying the data on the display means of the second terminal. table And, wherein the copy management unit of the second terminal, the information terminal system which comprises treating the file after decoding based on the copying conditions. 10. The information terminal system according to claim 9, wherein data of a selected file, file copy conditions, and key information transmitted from said first terminal to said second terminal are transmitted to said first terminal. An information terminal system, which is data that is encrypted and decrypted when received by the second terminal.