JP2005339179A - Billing method and system for P2P file sharing system using usage control technology - Google Patents

Abstract

[PROBLEMS] To use paid resources using user authentication tickets, and to control the use of the original provider as much as possible even after providing the resources. Provided is a billing system for a P2P file sharing system to which a usage control technology can be set and which can set flexible usage control information.
The network has a billing server that issues a receipt resource that accepts online payments from general consumers via the network and guarantees that the resources specified in return can be used in a specified manner. The user who knows the outline of the paid resource and the usage fee by means of the method acquires the receipt resource by online payment, and the provider peer verifies it and provides the paid resource and illegally reuses the receipt resource. Rewrite or delete the receipt resource to prevent it.
[Selection] Figure 1

Description

  The present invention relates to a billing system for a P2P file sharing system to which a usage control technology is applied for file sharing.

  When using conventional P2P file sharing software or P2P groupware as a P2P file sharing system, simple access such as restricting access and restricting access according to the line speed when sharing files Only the restrictions are realized, and for the usage control after downloading, the encapsulated (encrypted) file incorporating the DRM (Digital Rights Management) technology is distributed in addition to the P2P file sharing software that performs the simple usage control described above. Only a thing is implement | achieved (for example, refer patent document 1). In addition, the specification of conditions using the file name as a key is the mainstream for searching, and there was no mechanism for guaranteeing the reliability of the content in advance.

In addition, the following three methods have been mainly adopted as a billing system for the P2P file sharing system.
(1) <Paid membership system>
A method that allows only paying members to access peers with files provided.
(2) <Paid decryption key method>
A method of obtaining a paid decryption key for decrypting the encrypted file via P2P or by other means after downloading the encrypted file.
(3) <DRM method>
A method in which encapsulated (encrypted) files incorporating DRM (Digital Rights Management) technology are distributed, and charging is required at the time of download and use after download.

JP 2003-256597 A

  Only the usage restrictions based on the identity verification of the requesting user and specific attribute information as in the conventional file sharing system can realize only uniform usage control, and the usage method is changed for each individual. Use control with a high degree of freedom, such as changing the permission result for each operation, is not realized. Therefore, not only simple usage restrictions, but also advanced usage control means such as specifying application operations corresponding to various conditions such as the status of the requester and the type of usage request, and executing application operations according to the situation. It is desirable to improve convenience by taking the measures.

  In addition, with conventional file sharing software, there is basically no flexible usage constraint based on the intention of the provider for files that have been removed from the provider's hands, which may cause anxiety to the provider. There is sex. Furthermore, when distributing an encapsulated (encrypted) file incorporating the DRM technique, the republisher cannot additionally set usage control other than the usage control guaranteed by the DRM, so that the convenience for the republisher is low. Therefore, when transferring a file or a copy thereof or a derivative thereof, the provider (side device) sets usage control information for the transferred item by the provider (side device) and uses the transferred item on the user side device. In addition to the usage control information newly set by the provider, it is desirable that the usage control based on the usage control information by the provider is surely performed, and the provider's sense of security is enhanced.

  As a search condition specification method, partial match search for a specific attribute called file name is performed, but the search conditions that can be set are limited, and various information is used as an operation to compensate for the shortcomings. A method of adopting a long file name is adopted, and the naming method is different for each provider, is not uniform, and has a limit. Therefore, it is possible to set detailed search conditions by setting not only the specific attribute of the file name but also the attributes such as the keyword and the file type, and also the content itself that is the contents of the file. It is preferable to improve the accuracy with which a user can obtain a desired file.

  In addition, as described above, since information can only be obtained from the file name, etc., as described above, it is not known whether the file is safe until it is acquired and the contents are confirmed. Is likely to have. For this reason, it is necessary for a third-party organization to guarantee the contents and to accept only resources with such contents permanently, to reduce the user's trouble of confirmation, and to increase the sense of security.

  Further, in the conventional file sharing method, identity authentication is performed by a user ID or public key certificate at a peer, and methods other than using a public key certificate use a user ID that is managed independently, and are locally Yes, management cost is high. Therefore, we have expanded the corresponding authentication methods by introducing a mechanism that can handle not only conventional public key certificates but also identity certificates (user authentication tickets) by trusted third parties, and users and providers. There is also a need to improve convenience.

  Further, the conventional file sharing method does not have a mechanism for guaranteeing a series of operations, and is somewhat inconvenient for users and providers. For this reason, for example, when an operation fails during a series of operations, it is preferable to provide a mechanism for invalidating the operations up to that point to improve the convenience of the user and the provider.

  Further, in the above-mentioned <paid membership system> as a conventional billing system, it is difficult to consider an operation model for temporary use, and it is difficult for individuals to provide paid files easily. For this purpose, a receipt resource that can be set to a short validity period (a resource is an information object composed of (electronic data) content and meta information indicating its attributes, from electronic files to programs, devices, and network resources) It is desirable to make a paid file available using a proof of identity (user authentication ticket) by a trusted third party.

  Further, in the above-mentioned <paid decryption key method> as a charging system, after the decryption key is obtained, the use control cannot be performed or only a certain use control can be performed. The price of can only be basically constant. Therefore, it is preferable that after the provision, the usage control can be performed in such a manner as to keep the intention of the original provider as much as possible, and different usage fees can be set even if the usage method is different even for the same file.

  Furthermore, in the <DRM system> as a conventional billing system, XrML or the like is used as a usage control information description language, and flexible usage control cannot be performed. For this reason, it is desired to be able to set flexible usage control information.

  Therefore, the present inventors first realized use control with a high degree of freedom including secondary use in Japanese Patent Application No. 2004-156690 filed on the same day, and improved the acquisition accuracy of desirable resources in the search. In order to improve the security of the provider and improve the convenience of the user and the provider, the information resources to be shared are treated as resources in a unified manner, and they are shared using P2P technology. Accepts any resource usage request such as copy acquisition (download) or search using meta information and part of content as a key, evaluates the related policy, performs the obtained application operation, and responds to the usage request We proposed a P2P file sharing system that applies usage control technology to return the user to the peer on the user side.

  In view of the above points, the present invention lowers the threshold of entry when an individual provides a paid file, and can perform usage control in a manner that protects the original provider's intention as much as possible after providing the file. It is an object of the present invention to provide a charging method and system for a P2P file sharing system to which a usage fee can be set and flexible usage control can be performed depending on the situation.

  In order to achieve the above object, the invention described in claim 1 is a charging method in a P2P file sharing system in which peers connected to a network share resources between them, and in particular, an electronic file or the like Information providers are treated as resources in a unified manner, and the provider's peer accepts resource usage requests such as retrieval of copies, meta-information, and searches using part of the content as keys. If the user authentication ticket as a certificate guaranteed by the user is attached, the validity is verified, the policy is evaluated using the information of the ticket, the application operation is performed, and the response result to the use request In a charging method for a P2P file sharing system to which usage control technology is applied, which is returned to the usage requesting party peer, from a general consumer via a network The network has a billing server that issues a receipt resource that accepts online deposits and guarantees that the resources specified in return can be used in the specified method. The user obtains the receipt resource by online payment, the provider peer verifies it, provides the paid resource, and rewrites or deletes the receipt resource to prevent unauthorized reuse of the receipt resource. The usage control technology-applied P2P file sharing system charging method is characterized by the above.

The invention according to claim 2 is the method according to claim 1, wherein the receipt resource includes the following elements:
(A) Target resource (b) Permitted use method (permitted use type)
(C) Valid period (d) Remaining valid number (can be omitted)
(E) User ID (user ID of the paired user authentication ticket)
(F) Issuer's signature (g) Provider ID (Only the provider with this user ID or the issuer with the publisher ID can rewrite / delete the receipt resource),
Etc., and (a) to (d) are characterized by having a plurality of sets.

  Further, the invention according to claim 3 is the method according to claim 1 or 2, wherein as a measure for preventing unauthorized reuse of the receipt resource, rewriting of the receipt resource (rewriting of the remaining effective number of rewrites, rewriting of the valid period) , Rewriting or deleting the license usage method) or deleting the receipt resource.

Moreover, invention of Claim 4 is a method as described in any one of Claims 1-3, The said method is:
The user uses the peer on the user side to obtain the usage fee and summary information for the paid resource in advance and decides which resource to purchase based on the advance information. Paying with the user authentication ticket attached, receiving the payment at the billing server, verifying the user authentication ticket and confirming the payment, creating a receipt resource, and the created receipt A step of returning a certificate resource, a step of receiving the user-side peer, a step of making a usage request by attaching the user authentication ticket to the user-side peer based on a user request from the UI, and providing In order to perform the policy evaluation based on the usage request, the peer on the receipt side references and verifies the contents of the receipt resource. It includes a step of rewriting or deleting a receipt resource so as not to be reused illegally in performing an application operation including permission of use request, responding the result, and a step of receiving the result by the user peer. And

  The invention according to claim 5 is the method according to any one of claims 1 to 4, wherein a fee is charged when a user authentication ticket with an expiration date set is issued, and the use of a specific resource is charged. It is characterized in that it cannot be used without a user authentication ticket.

  The invention according to claim 6 is the method according to claim 5, wherein the user uses the user-side peer to acquire in advance the usage fee and summary information of the paid resource, and the user-side peer. A step of performing user authentication request and payment to the user authentication server from the user, a step of accepting them by the user authentication server, performing identity authentication and payment confirmation, and creating a user authentication ticket and issuing the created user authentication ticket A user-side peer receiving a user authentication ticket, a user-side peer attaching a user authentication ticket based on a user request from the UI, and a provider-side peer Accepts it, performs policy evaluation based on the usage request, verifies the user authentication ticket, performs application operations including permission for the usage request, and returns the result. A step of answers, the user-side peer, characterized in that it comprises the step of receiving it.

  The invention according to claim 7 is a usage control in which a plurality of peers, a user authentication server, and a billing server are connected via a network, and the peers share resources among them and realize usage control based on a policy. A charging system for a technology-applied P2P file sharing system, in which a user authentication server issues a user identity authentication and a user authentication ticket (and verifies a user authentication ticket), and the charging server receives a user authentication from a user peer Receipts for receipt of payments, confirmation of payment details, receipt resources that allow the use of specific resources, and payment resource provider peers to check receipt resource contents, provision of paid resources, and prevention of unauthorized reuse The present invention relates to a billing system for a P2P file sharing system to which a usage control technology is applied, characterized by rewriting / deleting document resources.

  The invention according to claim 8 is the charging system according to claim 7, wherein the user authentication server manages a user information management unit for managing user information such as a user ID and a password, and a user authentication request from a peer. After receiving and confirming the identity, a user authentication unit that returns a user authentication ticket and a user authentication ticket verification unit that receives a verification request for the validity of a user authentication ticket from a peer and returns a verification result are provided. Features.

  The invention of claim 9 is the accounting system according to claim 7, wherein the accounting server accepts the payment from the peer, takes out the user ID from the attached user authentication ticket, and issues the receipt resource. Certificate resource issuing unit, billing information management unit storing information necessary for confirmation of payment such as paid resource fee table, accepting payment from peer, verifying validity of attached user authentication ticket and It is characterized by comprising a deposit confirmation unit for confirming the validity of the deposit contents based on the information managed by the billing information management unit.

  In the invention of claim 10, a plurality of peers and a user authentication server including a billing server are connected via a network, and the peers share resources between them to realize usage control based on a policy. A charging system for a P2P file sharing system to which usage control technology is applied, in which the user authentication server including the charging server accepts payment from a user-side peer, confirms the contents of payment, and identifies the user after confirming payment P2P file using application control technology, characterized in that the user authentication ticket is issued (and the user authentication ticket is verified), and the pay resource provider peer provides the pay resource to the specific user authentication ticket holder In the billing system for shared systems.

  The invention of claim 11 is the charging system according to claim 10, wherein the user authentication server manages a user information management unit that manages user information such as a user ID and a password, and a user authentication request from a peer. After receiving and confirming the identity, the user authentication unit that returns the user authentication ticket, the user authentication ticket verification unit that receives the verification request for the validity of the user authentication ticket from the peer, and returns the verification result, the fee-based resource fee table, etc. The billing information management unit storing information necessary for confirmation of payment and the receipt of payment from the peer are verified, the validity of the attached user authentication ticket is verified, and the information managed by the billing information management unit is And a billing server having a deposit confirmation unit for confirming the validity of the deposit contents.

  According to the present invention described above, the P2P file is obtained by uniformly handling the information resources to be used and controlled in the form of resources, and incorporating the usage control using the usage control information having a high degree of freedom called the policy into the P2P file sharing. In sharing, flexible usage control can be realized.

  Further, by automatically performing resource operations necessary for policy evaluation for performing usage control, the range of usage control can be expanded and linked with other services via such resources.

  In addition, a resource policy is attached at the time of transfer of a resource or a copy or derivative thereof, and the resource policy is preferentially evaluated when the resource is reused. In addition, it is possible to add usage control based on the transferee's intention by setting a new peer policy when using / disclosing the transferred resource. .

  In addition, meta information and content can be used as parameters for search targets and search condition formulas, and searchers can search for desirable resources without lengthening resource names by performing searches based on detailed conditions. The resulting possibility can be increased.

  Furthermore, by introducing a content authentication server, a user who obtains a resource or a copy of the resource can store them with relative ease. Further, if necessary, it is possible to provide an opportunity to perform content verification at the time of content registration or to charge at the time of registration / verification.

  In addition, by leaving the user authentication to a third party organization, the cost of user management on each peer can be reduced, and there is a degree of freedom to handle various types of user authentication tickets. It can be easily incorporated into a large-scale system having a server.

  Furthermore, by introducing a transaction and a rollback, it is possible to handle a plurality of operations as a series of operations in usage control, and it is possible to more easily realize complicated usage control.

  The present invention provides a mechanism for charging a usage control technology-applied P2P file sharing system that is differentiated from other P2P file sharing systems.

  In addition, by introducing a receipt resource or user authentication ticket that can be set to a short validity period, it provides a mechanism that allows users to easily use paid resources without a long-term usage contract such as system registration. The threshold for entry when individuals provide paid resources can be reduced.

  Since it is based on the P2P file sharing system to which usage control technology is applied, flexible usage control setting can be made possible when paying resources are used.

  Furthermore, a mechanism for protecting the intentions of the original provider and the intermediate provider even after provision of paid resources is maintained, and back margin billing after provision is also possible. Also, even with the same resource, different usage charges can be set depending on the usage method and the situation at the time of use.

  The present invention will be described below with reference to the drawings.

  FIG. 1 is a sequence diagram for explaining the principle of a charging method for a P2P file sharing system to which a usage control technique is applied according to the present invention.

  In the present invention, first, a peer used by a user (hereinafter referred to as a user-side peer) issues a prior information acquisition request for requesting a usage fee or summary information of a resource for which usage is charged (step S01; it is a search). There are various types such as specifying a peer and making an inquiry), and a peer having a resource that is requested to use (hereinafter referred to as a provider-side peer) accepts the request (step S02). The policy evaluation is performed, the application operation in the obtained application operation list is executed, the result is returned (step S03), and the user-side peer receives it (step S04).

  Next, after deciding which resource to purchase based on the obtained prior information, the user attaches a user authentication ticket to the accounting server and pays (step S05), and the accounting server accepts the payment ( Step S06), verifying the user authentication ticket and confirming payment (Step S07), creating a receipt resource (Step S08), returning the created receipt resource to the user peer (Step S09), and using it The party-side peer receives it (step S010).

  Based on the user request from the UI, the user-side peer attaches a user authentication ticket and makes a use request (step S011). The provider-side peer accepts the request (step S012), and the policy based on the use request. Refer to and verify the contents of the receipt resource for evaluation (in conjunction with verification of the user authentication ticket), and rewrite the receipt resource so that it is not reused illegally when performing application operations including permission for use requests Or it deletes and responds with a result (step S013), and a user side peer receives it (step S014).

The present invention realizes the use of a specific resource by obtaining a receipt resource by making payment for the use of a specific resource to a charging server based on information obtained in advance. The issued receipt resource includes, for example, the following elements. In addition, (a)-(d) may have multiple sets.
(A) Target resource (b) Permitted use method (permitted use type)
(C) Valid period (d) Remaining valid number (can be omitted)
(E) User ID (user ID of the paired user authentication ticket)
(F) Issuer's signature (g) Provider ID (Only the provider having this user ID or the issuer having the issuer ID can rewrite / delete the receipt resource).

In addition, in the case of a system in which transactions are realized, rewriting and deleting receipt resources can be rolled back, and the provider can do the following to prevent unauthorized reuse of receipt resources when providing resources: Shall.
(1) Renewal of receipt resource 1) Renewal of remaining effective number 2) Renewal of validity period 3) Rewrite / deletion of license usage method (2) Deletion of receipt resource

  When downloading (acquiring a copy from a remote peer), a resource policy is usually attached. Therefore, the intention of the current provider is kept to a minimum against what he wants to reject, and the original provider and previous providers It is also possible to set a back margin for the (relayer) (may be distributed by a billing server charged on behalf of the agent). In addition, when re-publishing the downloaded resource, the re-provider can set a separate peer policy.

  There is no need for a single accounting server, and a plurality of accounting servers may be mixed. The communication protocol between the peer and the billing server is not limited to the P2P protocol. In addition, it is strongly recommended that the communication path is encrypted in terms of security.

  FIG. 2 shows the principle of another charging method of the present invention in which charging is performed when a user authentication ticket with an expiration date set is issued, and a specific resource cannot be used without the paid user authentication ticket. It is a figure for demonstrating.

  In this billing method, the user first obtains prior information by some means and registers the user information in the user authentication server, and then makes a user authentication request and payment from the user peer to the user authentication server (step S21). The user authentication server accepts them (step S22), performs identity authentication and payment confirmation (step S23), creates a user authentication ticket (step S24), issues the created user authentication ticket (step S25), and uses it The party peer receives it (step S26).

  Next, based on the user request from the UI, the user-side peer makes a use request with the user authentication ticket attached (step S27), and the provider-side peer accepts it (step S28), and based on the use request In performing policy evaluation, the user authentication ticket is verified, an application operation including permission for use request is performed, the result is returned (step S29), and the user peer receives it (step S30).

  In the accounting method of FIG. 2, the user pays to the user authentication server, the user is authenticated, acquires a user authentication ticket with an expiration date, etc., and holds the user authentication ticket. Only those who are able to use a specific resource can use it.

  It is assumed that a valid period is specified in the user authentication ticket, but an indefinite period is allowed as a special case.

  There is no need for a single user authentication server, and a plurality of user authentication servers may be mixed. The communication protocol between the peer and the user authentication server is not limited to the P2P protocol. In addition, it is strongly recommended that the communication path is encrypted in terms of security.

FIG. 3 shows the configuration of a billing system for the P2P file sharing system to which the usage control technology is applied according to the present invention.
This system is based on the assumption that a plurality of peers 1000, a user authentication server 1002, and a billing server 1003 are operating via a network. The content authentication server 1001 may be on a network. The peers 1000 share resources between them and realize usage control based on the policy. The content authentication server 1001 receives registration of content information, manages the content information, and responds to a confirmation request as to whether or not the specified content has been registered. The user authentication server 1002 performs user identity authentication, issues a user authentication ticket, and may confirm the validity of the user authentication ticket. The billing server 1003 accepts the payment, confirms the contents, and issues a receipt resource that permits the use of the specific resource.

  The user performs a search or the like at the user peer 1000, determines a resource to be used and its usage type, acquires the usage amount information, performs user authentication using the user authentication server 1002, and then charges. Deposit money to the server 1003, receive a receipt resource, attach a user authentication ticket, send a usage request to the provider peer 1000 having the resource to be used, and the provider peer authenticates the receipt resource to the user The application is verified together with the ticket, and the application operation including the requested use operation is executed after the receipt resource is rewritten or deleted so that it cannot be illegally reused, and the result is returned.

  The user authentication server 1002 includes a user information management unit 110, a user authentication unit 120, and a user authentication ticket verification unit 130. The user information management unit 110 manages user information used for authentication such as a user ID and password, and the user authentication unit 120 accepts a user authentication request from the peer 1000, confirms the identity, and returns a user authentication ticket.

  The user authentication ticket verification unit 130 receives a request for verifying the validity of the user authentication ticket from the peer 1000 and returns a verification result. A part or all of the user authentication ticket verification unit 130 may exist on the peer 1000 side. If there is a part, it means that the user authentication ticket is verified in cooperation with the peer 1000.

  The accounting server 1003 includes a payment confirmation unit 140, a receipt issue unit 150, and an accounting information management unit 160. The payment confirmation unit 140 accepts the payment from the peer, verifies the validity of the attached user authentication ticket, and confirms the validity of the payment contents based on the information stored in the charging information management unit 160.

  The receipt issuing unit 150 extracts a user ID from the attached user authentication ticket, creates a receipt resource, and issues it.

  The billing information management unit 160 stores information necessary for confirmation of payment, such as a fee table for paid resources. The charged information may be managed.

  FIG. 4 shows a variation of the system of FIG. This system is based on the assumption that a user authentication server 1002 including a plurality of peers 1000 and an accounting server 1003 is operating via a network. The content authentication server 1001 may be on a network. The peer 1000 and the content authentication server 1001 have been described in the previous section. The user authentication server 1002 includes the accounting server 1003, authenticates the identity of the user for a fee, issues a user authentication ticket for using the paid resource, and confirms the validity of the user authentication ticket. May be. The billing server 1003 accepts payment and confirms the contents.

  The user performs a search or the like at the user-side peer 1000, determines a resource to be used and its usage type, acquires information such as the usage amount, and the user authentication server 1002 (actually a billing server included in the user) 1003), sends the use request to the provider peer 1000 having the resource to be used with the received user authentication ticket attached, the provider peer verifies the user authentication ticket, and performs the requested use operation. Performs the apply operation that contains it, and responds with the result.

  The user information management unit 110, the user authentication ticket verification unit 130, the payment confirmation unit 140, and the charging information management unit 160 are as described in the previous section. The user authentication unit 120 accepts a user authentication request and payment from the peer 1000, confirms the identity, confirms payment using the accounting server 1003, and returns a user authentication ticket.

[Example]
Embodiments of the present invention will be described below with reference to the drawings.

  As an example, an example in which a certain resource can be downloaded only once using a receipt resource is given as an example 1, and an example in which a certain resource can be downloaded using a paid user authentication ticket that is valid for a certain period of time is given as an example 2. . In the following example, each resource address is expressed in a tree structure, and pibot: // <peer name> / hoo / bar /. . . It shall be expressed in the form of The peer name is a globally unique ID. In the following example, the local peer name is localPeer and the remote peer name is remotePeer. / hoo / bar means that the resource name of the parent resource of the resource having the resource name bar (resource having the lower resource set as the content) is hoo.

(1) [Example 1]
Hereinafter, this example will be described with reference to FIGS. 5, 6, 7, 8, 9, and 11 to 14.

  FIG. 5 shows a sequence according to the first embodiment of the present invention, FIG. 6 shows a detailed sequence of the paid resource list search execution of the sequence in FIG. 5, and FIG. 7 shows details of receipt resource receipt of the sequence in FIG. FIG. 8 shows a detailed sequence of a subquery in the policy evaluation of the paid resource of the sequence in FIG. 5, and FIG. 9 shows a detailed sequence of execution of the application operation for the download request of the paid resource of the sequence in FIG. FIG. 11 shows the resources used in one embodiment of the present invention, and FIG. 12 shows the peer policy used in the local peer in one embodiment of the present invention. FIG. 13 shows the peer policy used in the remote peer in one embodiment of the present invention. FIG. 14 shows information managed by the accounting information management unit 160 of the accounting server 1003.

  After user authentication and user authentication ticket acquisition, the user accesses the local peer and sets the keyword (“jagatara”) and mime-type (“video / mpeg”) as search conditions via the UI. Search for paid resource list (showing resource name, summary description and usage fee of licensed resource that matches search condition and approved as a result of policy evaluation) according to P2P file sharing middleware implementation A search request is issued to the target peer (step S1001). A search request is usually emitted to a plurality of peers. Hereinafter, a remote peer that is one of search targets and has a download target resource will be described. The remote peer that is the search target accepts the search request (step S1002), executes the search (detailed in step S1003, (* 3)), and returns a search result list (summary explanation and usage fee as a response to the search request). Response) (step S1004), and the local peer receives it (step S1005).

  Next, the user accesses the local peer, specifies the usage resource address (pibot: //remotePeer/tango.mpg) and usage method (one download) to the billing server via the UI, and charges 100 yen for the usage fee. Payment is made online with the user authentication ticket attached (step S1006), and the billing server accepts the payment (step S1007). After verifying the validity of the user authentication ticket, the billing information management unit 160 shown in FIG. In step S1008, the receipt resource is created (step S1009) by confirming that the deposit has been made correctly by referring to the information of item number C1 among the information managed in step S1008. (Step S1010), and the user-side peer receives it (detailed in step S1011 (* 4)).

  Based on the user request from the UI, the user-side peer makes a download request for pibot: //remotePeer/tango.mpg with the user authentication ticket and the receipt resource address attached (step S1012). The peer accepts the request (step S1013), evaluates the policy of item number R2 in FIG. 13 including the subquery (detailed in (* 5)) from the firing conditional expression, and from one application operation of “permission”. Is obtained (step S1014), the first application operation “permission” is extracted from the application operation list (step S1015), the extraction result is determined (step S1016), and the extraction is successful. It is determined whether the application operation is a local operation and policy evaluation is necessary (step S1017). ”Operation, in this case detailed in (* 6) (step S1018), the next application operation is extracted from the application operation list (step S1015), the extraction result is determined (step S1016), and the extraction fails Therefore, a response is returned to the user (step S1019), and the user peer receives it (step S1020).

  The storage of pibot: //remotePeer/tango.mpg after accepting the response is the same as step S1011 (detailed in (* 4)) except for the storage destination, and the description is omitted.

(* 3) <Perform paid resource list search>
A detailed sequence of the paid resource list search execution in the sequence shown in FIG. 5 will be described with reference to FIG.

  After the search target peer executes a search for the resource it has (step S1501), one candidate resource is extracted from the obtained search result candidate list (step S1502), the extraction result is determined (step S1503), and the extraction is successful. Therefore, the policy of the item number R1 in FIG. 13 is evaluated from the firing conditional expression, an applied operation list consisting of one “permitted” applied operation is acquired (step S1504), and the first from the applied operation list. Application operation “permission” is extracted (step S1505), and the extraction result is determined (step S1506). Since the extraction is successful, it is determined whether the application operation requires local operation and policy evaluation (step S1507). Since there is no need for policy evaluation, the “permission” operation is performed. In addition to the resource name, an outline description of the meta information and a usage fee are also acquired so that they can be returned as a response (step S1508), and the next application operation is extracted from the application operation list. An attempt is made (step S1505), the extraction result is determined (step S1506), and the extraction has failed. Therefore, one next candidate resource is to be extracted from the search result candidate list (step S1502), and the extraction result is determined (step S1503). ) Since the retrieval has failed, the process ends.

(* 4) <Receipt receipt of receipt resource>
FIG. 7 shows a detailed sequence of receipt resource reception in the sequence shown in FIG.

  The user-side peer receives the receipt resource from the billing server (step S1601), the resource registration is the storage destination resource (pibot: // localPeer / receipt; the storage destination is specified by the configuration file, but the user's Dynamic and explicit specification is possible; in this example, it is assumed that the above value is specified in the configuration file), so that it conforms to the content update operation request of the storage resource. The policy of the item number L1 in FIG. 12 is evaluated from the firing conditional expression, an applied operation list consisting of one “permitted” applied operation is acquired (step S1602), and the first applied operation “permitted” from the applied operation list. ”Is extracted (step S1603), the extraction result is determined (step S1604), and the extraction operation is successful. Determines whether a local operation and policy evaluation is necessary (step S1605). Since it is a local operation but policy evaluation is not necessary, the operation is “permitted”. In this case, pibot: //localPeer/receipt/receipt01.cer (resource name is Basically, resource registration (specified by the billing server or the user-side peer) is executed (step S1606), the next application operation is extracted from the application operation list (step 1603), and the extraction result is determined (step S1604). ), And the process ends because the retrieval has failed.

  A billing server attaches a resource policy that the receipt resource can only be rewritten / deleted by the provider, so that the user who received the receipt resource cannot perform fraud such as rewriting the receipt resource. It can also be. However, in that case, it is necessary to attach a user authentication ticket having the provider ID to the rewrite / delete request by the provider.

(* 5) <Sub-query in policy evaluation of paid resources>
The detailed sequence of the subquery in the policy evaluation of the paid resource in the sequence shown in FIG. 5 will be described with reference to FIG.

  In evaluating the policy of item number R2 in FIG. 13, the validity of the user authentication ticket is verified, and the receipt resource is verified using the user ID of the user authentication ticket (pibot: // localPeer / receipt / Therefore, the remote peer attaches the user authentication ticket of the user-side peer user (user) attached to the original usage request, and pibot: // Request the content reference of pibot: //localPeer/receipt/receipt01.cer to the peer (= local peer) having localPeer / receipt / receipt01.cer (step S1701), and pibot: // localPeer / receipt / receipt01. The peer having cer (local peer) accepts the request (step S1702), and from the firing condition formula, the policy of item number L2 in FIG. 12 (not explicitly set in the sequence of FIG. 5; default policy Or the parent resource's peer policy is inherited) and the validity of the user authentication ticket is verified, and the user is the user of the user peer. The application operation list including the application operation “permission” is acquired (step S1703), the application operation “permission” for one day is extracted from the application operation list (step S1704), the extraction result is determined (step S1705), and the extraction is successful. Therefore, it is determined whether the application operation is a local operation and policy evaluation is necessary (step S1706), and although it is a local operation, policy evaluation is not required, so a “permission” operation, in this case, content reference is executed (step S1706). S1707), an attempt is made to extract the next application operation from the application operation list (step S1704). The result is determined (step S1705), and since the retrieval has failed, a response is returned to the use request source peer (= remote peer) (step S1708), and the use request source peer (= remote peer) receives it, and pibot: // localPeer The content value of /receipt/receipt01.cer is acquired (step S1709).

(* 6) <Applying operation for paid resource download request>
FIG. 9 is used to show a detailed sequence of execution of an application operation for a paid resource download request in the sequence shown in FIG.

  The provider-side peer (= remote peer) prepares to copy the requested pibot: //remotePeer/tango.mpg and pass it to the user-side peer in response (step S1801), and illegally reuse receipt resources. To prevent pibot: //localPeer/receipt/receipt01.cer (step S1802), the user peer (= local peer) accepts it (step S1803), and fire conditions 12 evaluates the policy of item number L2 in FIG. 12 (not explicitly set in the sequence of FIG. 5; assumed to have been set by applying the default policy or inheriting the parent policy of the parent resource, etc.) Since the user is the provider after verifying the legitimacy of the application, an application operation list consisting of one application operation “permission” is acquired (step S1804). The first application operation “permitted” is extracted from the application operation list (step S1805), the extraction result is determined (step S1806), and since the extraction is successful, it is determined whether the application operation requires local operation and policy evaluation. However, since the policy evaluation is not necessary although it is a local operation, a “permission” operation, in this case, a resource deletion, is executed (step S1808), and an attempt is made to extract the next application operation from the application operation list (step S1805). The retrieval result is judged (step S1806), and since the retrieval has failed, a response is returned to the usage request source peer (= remote peer) (step S1809), and the usage request source peer (= remote peer) receives it (step S1809). S1810).

(2) [Example 2]
Hereinafter, this example will be described with reference to FIG. 10, FIG. 11, FIG. 13, and FIG.
FIG. 10 shows the sequence in the second embodiment of the present invention, FIG. 11 shows the resources used in one embodiment of the present invention, and FIG. 13 shows the peer policy used in the remote peer in the one laughter embodiment of the present invention. Show. FIG. 14 shows information managed by the accounting information management unit 160 of the accounting server 1003.

  The user uses the above-mentioned paid resource list search variants, etc., to use the resource (pibot: //remotePeer/goggle.mp3) and the usage fee (100 yen) based on the usage type (download) and the user required for use After acquiring ID (jagatara_goggle) information and registering in advance so that a user authentication ticket can be obtained at any time by paying the user authentication server, the local peer is accessed and the user is accessed via the UI. Attach the resource address, the type of use, and the information necessary for identity authentication to the authentication server, pay the usage fee of 100 yen online and request authentication (step S2001), and the user authentication server issues the payment and authentication request. Acceptance (step S2002), information of item number C2 among the information managed by the billing information management unit 160 shown in FIG. It is confirmed that the payment has been made correctly by referring to the information, and personal authentication is performed based on information registered in advance (step S2003), and a user authentication ticket in which an expiration date is set is created (step S2004). The user authentication ticket thus created is issued (step S2005), and the user-side peer receives it (step S2006).

Next, based on the user request from the UI, the user-side peer attaches a user authentication ticket and makes a download request for pibot: //remotePeer/goggle.mp3 (step S2007). Acceptance (step S2008), evaluate the policy of item number R3 in FIG. 13 from the firing conditional expression, verify the validity of the user authentication ticket, and the user ID of the user is jagatara_goggle. Is obtained (step S2009), the first application operation “permitted” is extracted from the application operation list (step S2010), the extraction result is determined (step S2011), and the extraction is successful. Therefore, it is determined whether the application operation is a local operation and a policy evaluation is necessary (step S2012). Since no evaluation is necessary, a “permission” operation, in this case, a copy for download (copy acquisition) is executed (step S2013), an attempt is made to extract the next application operation from the application operation list (step S2010), and the extraction result is determined. (Step S2011), since the retrieval has failed, a response including a copy of pibot: //remotePeer/goggle.mp3 is returned to the user side peer (Step S2014), and the user side peer receives it (Step S2015). .
The storage of pibot: //remotePeer/goggle.mp3 after accepting a response is the same as step S1011 (detailed in (* 4) above) in FIG.

  The method based on FIG. 1 and FIG. 2 is stored in a storage medium such as a magnetic disk (floppy (registered trademark) disk, hard disk (CD-ROM, DVD, etc.), semiconductor memory, etc. as a program that can be executed by a computer. And can be distributed.

It is a sequence diagram for demonstrating the principle of this invention. It is a sequence diagram for demonstrating the principle of the modification of this invention. It is a block diagram which shows the system configuration | structure of this invention. It is a block diagram which shows the modification of the system configuration | structure of this invention. It is a sequence diagram in one example of the present invention. FIG. 6 is a detailed sequence diagram of a paid resource list search execution of the sequence in FIG. 5. It is a detailed sequence diagram of receipt resource receipt of the sequence in FIG. FIG. 6 is a detailed sequence diagram of a subquery in policy evaluation of a paid resource in the sequence in FIG. 5. FIG. 6 is a detailed sequence diagram of execution of an application operation in response to a charge resource download request in the sequence in FIG. 5. It is a sequence diagram in other examples of the present invention. It is a figure for showing the resource used in the Example of this invention. It is a figure for showing the peer policy used by the local peer in the Example of this invention. It is a figure for showing the peer policy used by the remote peer in the Example of this invention. It is a figure for showing the information for accounting managed by the accounting server in the Example of this invention.

Explanation of symbols

110 User information management unit 120 User authentication unit 130 User authentication ticket verification unit 140 Payment confirmation unit 150 Receipt issue unit 160 Accounting information management unit 1000 Peer 1001 Content authentication server 1002 User authentication server 1003 Accounting server

Claims (11)

  A charging method in a P2P file sharing system in which peers connected to a network share resources with each other, in particular, information resources such as electronic files are treated as resources in a unified manner, copy acquisition, meta information and content If the provider peer accepts a resource usage request such as a search with a part of the key as a key, and a user authentication ticket is attached as a certificate that guarantees the requester's identity by a third party, A P2P file to which usage control technology is applied that verifies its validity, evaluates the policy using the ticket information, performs an application operation, and returns the response result to the usage requester peer In the billing method for shared systems, online payments from general consumers are accepted via the network, and the resources specified in return are accepted. If you have a billing server on the network that issues a receipt resource that guarantees that it can be used in a specified way, a user who knows the outline of the paid resource and the usage fee by some means in advance will receive the receipt resource by online payment. P2P is applied to the use control technology, characterized in that the provider peer verifies it, provides the paid resource, and rewrites or deletes the receipt resource to prevent unauthorized reuse of the receipt resource. Billing method for file sharing system. The receipt resource has the following elements:
(A) Target resource (b) Permitted use method (permitted use type)
(C) Valid period (d) Remaining valid number (can be omitted)
(E) User ID (user ID of the paired user authentication ticket)
(F) Issuer's signature (g) Provider ID (Only the provider with this user ID or the issuer with the publisher ID can rewrite / delete the receipt resource),
The accounting method according to claim 1, wherein (a) to (d) are allowed to have a plurality of sets.   As a measure to prevent unauthorized reuse of the receipt resource, rewriting the receipt resource (rewriting the remaining effective number, rewriting the validity period, rewriting or deleting the license usage method) or deleting the receipt resource The charging method according to claim 1 or 2, characterized in that:   The user uses the peer on the user side to obtain the usage fee and summary information for the paid resource in advance and decides which resource to purchase based on the advance information. Paying with the user authentication ticket attached, receiving the payment at the billing server, verifying the user authentication ticket and confirming the payment, creating a receipt resource, and the created receipt A step of returning a certificate resource, a step of receiving the user-side peer, a step of making a usage request by attaching the user authentication ticket to the user-side peer based on a user request from the UI, and providing In order to perform the policy evaluation based on the usage request, the peer on the receipt side references and verifies the contents of the receipt resource. It includes a step of rewriting or deleting a receipt resource so as not to be reused illegally in performing an application operation including permission of use request, responding the result, and a step of receiving the result by the user peer. The charging method according to any one of claims 1 to 3.   5. The method according to claim 1, wherein a fee is charged when a user authentication ticket with an expiration date is issued, and a specific resource cannot be used without the paid user authentication ticket. The billing method described in the section.   A step in which a user uses a user-side peer to obtain usage fee and summary information of a paid resource in advance, a step in which a user-authentication request and payment is made from the user-side peer to a user authentication server, and a user authentication server Accepting them, authenticating the user and confirming payment, creating a user authentication ticket, issuing the created user authentication ticket, receiving the user authentication ticket by the user peer, Based on the user request from the UI, the user-side peer attaches the user authentication ticket and makes a use request, and the provider-side peer accepts the user authentication ticket and performs the policy evaluation based on the use request. Verifying the application, performing an application operation including permission to use the request, responding the result, and receiving the user peer. A charging method according to claim 5, characterized in that it comprises and.   Billing for a P2P file sharing system to which a usage control technology is applied, in which a plurality of peers, a user authentication server, and a billing server are connected via a network, and the peers share resources and realize usage control based on a policy In the system, the user authentication server issues user identity authentication and user authentication ticket issuance (-verification of user authentication ticket), and the billing server accepts payment from the user peer and confirms the payment details Issue a receipt resource that allows the use of a specific resource, and the paid resource provider peer confirms the contents of the receipt resource, provides the paid resource, and rewrites / deletes the receipt resource to prevent unauthorized reuse An accounting system for a P2P file sharing system to which usage control technology is applied.   A user information management unit that manages user information used for authentication such as a user ID and a password, a user authentication unit that accepts a user authentication request from a peer, confirms the identity, and returns a user authentication ticket; The charging system according to claim 7, further comprising: a user authentication ticket verification unit that receives a verification request for the validity of the user authentication ticket from the peer and returns a verification result.   The billing server accepts payment from a peer, takes out a user ID from the attached user authentication ticket and issues the receipt resource, and information necessary for confirmation of payment such as a fee-based resource fee table And a billing information management unit that stores the payment, verifies the validity of the attached user authentication ticket, and verifies the contents of the deposit based on the information managed by the billing information management unit The charging system according to claim 7, further comprising a payment confirmation unit that confirms the payment.   A P2P file sharing system to which usage control technology is applied, in which a plurality of peers and a user authentication server including a billing server are connected via a network, and the peers share resources and realize usage control based on a policy A user authentication server that includes the billing server accepts payment from a user-side peer, confirms payment details, issues a user authentication and user authentication ticket after payment is confirmed ( A charging system for a P2P file sharing system to which a usage control technology is applied, in which a user authentication ticket is verified and a pay resource provider peer provides a pay resource to a specific user authentication ticket holder.   A user information management unit that manages user information used for authentication such as a user ID and a password, a user authentication unit that accepts a user authentication request from a peer, confirms the identity, and returns a user authentication ticket; A user authentication ticket verification unit that accepts a verification request for the validity of the user authentication ticket from the peer and returns the verification result, and a charging information management unit and a peer that store information necessary for confirmation of payment such as a fee-based resource fee table A billing server having a deposit confirmation unit that accepts the deposit from the server, verifies the validity of the attached user authentication ticket, and confirms the validity of the deposit contents based on the information managed by the billing information management unit The charging system according to claim 10, comprising:

Images