JP2010041432A - Data processor, authentication remote controller, data processing system, data processor control method, authentication remote controller control method, control program and computer-readable recording medium with the program recorded thereon - Google Patents

Abstract

A malfunction caused by exceeding a processing capacity is prevented.
An authentication signal transmission / reception unit for receiving authentication permission information indicating that authentication required for data processing has been obtained from an authentication remote operation device used for authentication among a plurality of authentication remote operation devices; When the signal transmission / reception unit 107 receives the authentication permission information, the authentication signal transmission / reception unit 107 and processing capability for notifying a plurality of authentication remote control devices of notification information indicating that the data permitted by the authentication permission information is being processed An information transmission unit 108 is provided.
[Selection] Figure 1

Description

  The present invention relates to a data processing apparatus, an authentication remote operation apparatus, a data processing system, a data processing apparatus control method, an authentication, and a data processing apparatus for notifying an authentication remote operation apparatus that data permitted by authentication is being processed by the data processing apparatus. The present invention relates to a remote operation device control method, a control program, and a computer-readable recording medium on which the program is recorded.

  The spread of portable terminals in recent years is remarkable. In addition, financial transactions and shopping using mobile terminals are becoming possible. In addition, remote operation using a mobile terminal has been realized, such as making it possible to make a reservation recording setting for a video recording device in the home from the outside by using the mobile terminal.

  This is because the portable terminal includes a personal identification number authentication system that is highly safe and convenient and simple. That is, the mobile terminal achieves a high user authentication and security level using a USIM (universal subscriber identity module, IC card).

  In addition to a communication unit that performs communication using a conventional mobile phone network, there is also a hybrid terminal that includes a communication unit that performs communication using a wireless local area network (LAN), BlueTooth, infrared rays, or the like.

  Since wireless communication is extremely easy to intercept, it is necessary to encrypt the transmitted packet so that the contents cannot be known to the interceptor. Also, encryption technology is used for authentication. As encryption technology, wireless LAN WEP (Wired Equivalent Privacy) and 3GPP (third generation partnership project) “KASUMI”, a standard encryption method like WCDMA (wideband code division multiple access), device authentication and encryption key exchange There are AKE (Authentication and Key Exchange). These are used in combination with other technologies. Furthermore, there is an IWLAN (industrial wireless local area network) as a technology for connecting to the Internet using the high security of a portable terminal.

  In addition, the use of the Internet by personal computers continues to spread with the spread of broadband lines such as ADSL (asymmetric digital subscriber line) and FTTH (fiber to the home). And it has become possible to receive services connected to broadband lines even in recent home devices, particularly video devices.

  The video equipment is not limited to receiving broadcast programs, for example, viewing stored content, CD (compact disc), DVD (digital versatile disc), Blu-ray Disc, HD-DVD (high definition-dvd). The content acquired by various methods such as viewing content recorded on a package medium such as), viewing content distributed via a cable or a network, and the like can be viewed.

  In viewing content by such video equipment, when pay content is viewed, user authentication and billing are performed via the Internet using a network interface provided in the video equipment.

  Patent Document 1 describes a hybrid wireless terminal including two interfaces, an interface for accessing a wireless communication network and an interface for short-range wireless access. This hybrid terminal performs user authentication by transmitting information including user authentication information in the wireless communication network to the service terminal via short-range communication, and performs a commercial transaction when the authentication is normally completed.

  Patent Document 2 describes an interface device that enables communication between a first terminal and a network based on authentication data received from a wireless terminal.

Furthermore, cited document 3 describes a communication device that maintains and displays the state of the authentication operation and the encryption operation.
JP 2002-58066 A (published on February 22, 2002) Special table 2003-501973 (announced on January 14, 2003) JP 2004-297814 A (released on October 21, 2004)

  However, Patent Documents 1, 2, and 3 do not describe a case where there are a plurality of portable terminals used for authentication. Therefore, for example, the following occurs when there are a plurality of portable terminals that can be used to perform necessary authentication for data received by a certain data receiving apparatus, and the data receiving apparatus can be remotely controlled by the plurality of portable terminals. The inventions described in Patent Documents 1, 2, and 3 cannot cope with such harmful effects.

  That is, if each of the plurality of mobile terminals independently performs remote control on the data receiving device, the processing capability of the data receiving device may be exceeded.

  Therefore, when the data receiving apparatus is performing authentication processing using one of the plurality of mobile terminals, or when receiving data permitted to be received by authentication, the data receiving apparatus can be remotely controlled by another mobile terminal. By performing the control, authentication processing and data reception may be interrupted.

  For example, when the user A views content that requires authentication on the video device C in the home, when the user A performs authentication using the mobile terminal A and downloads the content data A, the user B By instructing the video device C to view the content data B using the mobile terminal B, the download of the content data A may be interrupted or stopped.

  The present invention has been made in view of the above problems, and an object of the present invention is to realize a data processing apparatus and the like that can prevent a malfunction caused by exceeding the processing capability of the data processing apparatus.

  In order to solve the above problems, a data processing apparatus according to the present invention has a function of performing authentication necessary for data processing performed in the data processing apparatus with an external authentication apparatus using a communication function, and A data processing device capable of communicating with a plurality of authentication remote operation devices having a function of remotely operating the data processing device, and the data processing from the authentication remote operation device used for authentication among the plurality of authentication remote operation devices Authentication permission information receiving means for receiving authentication permission information indicating that the authentication required for authentication is obtained, and processing of data permitted by the authentication permission information when the authentication permission information receiving means receives the authentication permission information. And a notification information transmitting means for notifying the plurality of authentication remote control devices of notification information indicating that the authentication is being performed.

  The data processing device control method according to the present invention includes a function for performing authentication required for data processing performed in the data processing device with an external authentication device using a communication function, and the data processing. A method for controlling a data processing device capable of communicating with a plurality of authentication remote operation devices having a function of remotely operating the device, the data processing from the authentication remote operation device used for authentication among the plurality of authentication remote operation devices Authentication permission information reception step for receiving authentication permission information indicating that the authentication required for the authentication has been obtained, and processing of data permitted by the authentication permission information upon reception of the authentication permission information in the authentication permission information reception step And a notification information transmission step of notifying the plurality of authentication remote control devices of notification information indicating that the information is being performed.

  According to the above configuration and method, when the authentication permission information is received, the authentication remote operation device is notified that the data permitted by the authentication permission information is being processed.

  Thereby, the authentication remote operation device that is not used for authentication can be recognized that the authentication is performed by another authentication remote operation device and the data processing is performed by the data processing device. Thus, for example, when an authentication remote operation device that is not used for authentication recognizes that the data processing device is performing authentication and data processing by another authentication remote operation device, the data processing device is operated. If it does not, the malfunction of the data processing device due to exceeding the processing capability of the data processing device can be prevented.

  According to said structure, the content of authentication permission information and notification information is displayed on a display part. Therefore, the user can recognize the content of the authentication permission information and the content of the notification information. As a result, there is an error that the processing is interrupted or stopped because the user directly operates the data processing apparatus even though the authentication processing has already been performed and the data permitted by the authentication permission information has been processed. The operation can be prevented.

  In the data processing device according to the present invention, the notification information indicates the processing capability remaining in the data processing device when the data processing device is processing the data permitted by the authentication permission information. It is preferable to include the remaining processing capacity information shown.

  According to the above configuration, when the authentication permission information is received, the processing capability of the data permitted by the authentication permission information is being processed, and the remaining processing capability information indicating the processing capability remaining in the data processing device is: The authentication remote operation device other than the authentication remote operation device used for authentication is notified.

  As a result, the authentication remote operation device that is not used for authentication is authenticated by another authentication remote operation device, and the data processing is performed by the data processing device. You can recognize whether it is.

  Therefore, an authentication remote operation device that is not used for authentication can prevent malfunction caused by exceeding the processing capability of the data processing device by performing an operation within a range not exceeding the processing capability of the data processing device.

  In the data processing device according to the present invention, when the notification information transmitting means receives a notification information notification request from an authentication remote operation device other than the authentication remote operation device used for authentication among the plurality of authentication remote operation devices, Notification information may be notified to the authentication remote operation device.

  According to the above configuration, the notification information transmission unit notifies the authentication remote device of the notification information after receiving a notification information notification request from the authentication remote operation device.

  Thereby, the authentication remote operation device can recognize that the data processing device is processing the data permitted by the authentication only when operating the data processing device. Therefore, the number of times that the data processing device notifies the notification information can be reduced, and the notification information can be transmitted while reducing the load on the data processing device.

  In the data processing device according to the present invention, the notification information transmitting means may sequentially notify the notification information according to a preset priority order with respect to the plurality of authentication remote control devices.

  According to said structure, a notification information transmission means notifies notification information to an authentication remote operation apparatus in order according to the preset priority.

  Therefore, if the priority of the authentication remote operation device that is highly likely to operate the data processing device is set higher, the notification information is notified to the authentication remote operation device earlier, and before the notification information is notified. When the authentication remote operation device operates the data processing device, it is possible to prevent the data processing device from malfunctioning.

  In the data processing device according to the present invention, the notification information transmitting unit may notify the notification information to an authentication remote control device that can be connected wirelessly.

  The effects described above can also be achieved when the data processing device and the authentication remote control device are connected wirelessly.

  In the data processing device according to the present invention, when the plurality of authentication remote operation devices are connected wirelessly, the authentication remote operation device used for authentication is changed from the authentication remote operation device used for authentication to the notification information. Notification information transmission instructing means for transmitting a notification information transmission instruction signal to be notified to the authentication remote operation device may be provided.

  According to the above configuration, when the plurality of authentication remote operation devices are connected wirelessly, the notification information is removed from the authentication remote operation device used for authentication, except for the authentication remote operation device used for authentication. Notify the operating device.

  Thus, the data processing apparatus only transmits an instruction to the authentication remote operation apparatus used for authentication, and the notification information is transmitted to the authentication remote operation apparatus connected wirelessly. Therefore, it is possible to make the authentication remote operation device excluding the authentication remote operation device used for authentication recognize that the data processing device is performing the processing permitted by the authentication while reducing the load on the data processing device.

  The effects described above can also be achieved when the data processing device and the authentication remote control device are connected by any one of wireless LAN, Bluetooth, UWB, ZigBee, WiMAX, cellular system, and infrared communication.

  The above-described effects can be achieved even if the data to be processed is any of broadcast content, content recorded on a recording medium, and content downloaded from a network in the data processing apparatus.

  The above-described effects can be achieved even if the data processing apparatus is any one of a telephone, an audio device, a personal computer, a television receiver, an HDD recorder, a DVD recorder, an HD-DVD recorder, a Blu-ray recorder, or a VCR. Can do.

  In order to solve the above problems, an authentication remote operation device according to the present invention has a function of performing authentication required for data processing performed in a data processing device capable of communication with an external authentication device using a communication function. And an authentication remote operation device having a function of remotely operating the data processing device, wherein the data processing device is authorized by the authentication by an authentication remote operation device different from the device itself. Notification information receiving means for receiving notification information indicating that data processing is being performed, and operation restriction means for restricting operations on the data processing device when the notification information receiving means receives the notification information. It is characterized by having.

  The authentication remote operation device control method according to the present invention includes a function for performing authentication necessary for data processing performed in a communicable data processing device with an external authentication device using a communication function, and A method of controlling an authentication remote operation device having a function of remotely operating the data processing device, wherein the data processing device is permitted by the authentication by an authentication remote operation device different from the own device. A notification information receiving step for receiving notification information indicating that data processing is being performed; and an operation limiting step for limiting an operation to the data processing device when the notification information is received in the notification information receiving step. It is characterized by that.

  According to the above configuration and method, when notification information indicating that processing of data permitted by authentication by an authentication remote operation device different from the device itself is received, operations on the data processing device are limited. .

  As a result, the data processing device exceeds the processing capability of the data processing device by operating from the authentication remote operation device even though the processing capability is not remaining during processing of the data permitted by the authentication, and the data It is possible to prevent the processing device from malfunctioning.

  In the authentication remote operation device according to the present invention, when there is another authentication remote operation device capable of wireless communication, the data processing device requests the notification information to be transmitted to the other authentication remote operation device. A request signal receiving means for receiving a notification information transmission request signal; and a notification information transmitting means for transmitting the notification information to the other authentication remote control device when the request signal receiving means receives the notification information transmission request signal. It may be provided.

  According to the above configuration, the authentication remote operation device that has received the notification information transmission request signal from the data processing device transmits the notification information to another authentication remote operation device that can communicate wirelessly.

  Accordingly, the authentication remote operation device can receive the notification information from the authentication remote operation device that has received the notification information transmission request signal from the data processing device, even if the notification information is not directly notified from the data processing device.

  In the authentication remote operation device according to the present invention, when there is another authentication remote operation device capable of wireless communication, authentication information indicating that the data processing device is performing authentication necessary for data processing by the own device is provided. An authentication information transmitting means for transmitting to the other authentication remote operation device may be provided.

  According to said structure, the authentication currently performed with the own apparatus is transmitted to the other authentication remote operation apparatus which is not authenticating.

  Thereby, the authentication remote operation device that has not performed authentication can recognize that the authentication is performed without directly receiving notification information from the data processing device.

  The effects described above can be achieved even in a portable terminal including an IC card that stores individual information used for authentication by the authentication remote operation device.

  The above-described effect can be achieved even in a data processing system including the data processing device and the authentication remote control device.

  The data processing device and the authentication remote operation device may be realized by a computer. In this case, the data processing device and the authentication remote operation device are operated by causing the computer to operate as each means. The data processing device realized by a computer, the control program for the authentication remote operation device, and a computer-readable recording medium on which the control program is recorded also fall within the scope of the present invention.

  As described above, the data processing apparatus according to the present invention includes authentication permission information indicating that authentication required for data processing has been obtained from the authentication remote operation apparatus used for authentication among the plurality of authentication remote operation apparatuses. When the authentication permission information receiving means and the authentication permission information receiving means receive the authentication permission information, notification information indicating that processing of data permitted by the authentication permission information is being performed is sent to the plurality of authentications. Notification information transmitting means for notifying the remote control device.

  The data processing device control method according to the present invention also includes authentication permission information indicating that authentication required for data processing has been obtained from an authentication remote operation device used for authentication among a plurality of authentication remote operation devices. When the authentication permission information is received in the received authentication permission information receiving step and the authentication permission information receiving step, notification information indicating that processing of data permitted by the authentication permission information is being performed is sent to the plurality of authentications. A notification information transmission step of notifying the remote control device.

  Thereby, the authentication remote operation device that is not used for authentication can be recognized that the authentication is performed by another authentication remote operation device and the data processing is performed by the data processing device. Thus, for example, when an authentication remote operation device that is not used for authentication recognizes that the data processing device is performing authentication and data processing by another authentication remote operation device, the data processing device is operated. If it does not, the malfunction of the data processing device due to exceeding the processing capability of the data processing device can be prevented.

  Further, the authentication remote operation device according to the present invention indicates from the data processing device that the data processing device is processing data permitted by authentication by an authentication remote operation device different from the self device. A notification information receiving means for receiving notification information and an operation restriction means for restricting an operation to the data processing device when the notification information receiving means receives the notification information.

  Also, in the method for controlling an authentication remote operation device according to the present invention, from the data processing device, the data processing device performs processing of data permitted by authentication by an authentication remote operation device different from the own device. A notification information receiving step for receiving notification information indicating the effect, and an operation limiting step for limiting an operation to the data processing device when the notification information is received in the notification information receiving step.

  As a result, the data processing device exceeds the processing capability of the data processing device by operating from the authentication remote operation device even though the processing capability is not remaining during processing of the data permitted by the authentication, and the data It is possible to prevent the processing device from malfunctioning.

[Embodiment 1]
One embodiment of the present invention will be described below with reference to FIGS.

  FIG. 1 is a block diagram of a video apparatus (data processing apparatus) 100 according to the present embodiment. FIG. 2 is a block diagram of portable terminal (authentication remote operation device) 200 according to the present embodiment. FIG. 3 is an explanatory diagram showing a data receiving system (data processing system) 300 including the video device 100 and the mobile terminal 200 according to the present embodiment.

  As shown in FIG. 3, in the data receiving system 300, when authentication is required for data received by the video apparatus 100, authentication can be performed using the mobile terminal 200 (200 </ b> A, 200 </ b> B). In addition, the mobile terminal 200 (200A, 200B) can remotely control the video apparatus 100.

(Configuration of video apparatus 100)
As shown in FIG. 1, the video apparatus 100 includes a user interface unit 101, an authentication necessity determination unit 102, antennas 103, 112, and 114, a radio unit 104, an operation signal reception unit 105, a data information transmission unit 106, and an authentication signal transmission / reception. Unit (authentication permission information receiving unit, notification information transmitting unit) 107, processing capability information transmitting unit (notification information transmitting unit) 108, serial communication terminal 109, serial communication interface 110, display unit 111, tuners 113 and 115, data processing unit 116, video processing unit 117, audio processing unit 118, storage unit 119, main control unit 120, LAN (local area network) interface unit 121, LAN terminal 122, AV (audio-visual) interface unit 123, AV terminal 124, authentication Encryption / copy protection control unit 125, B-CAS (B-conditional acces s system) 126, HDD (hard disk drive) drive control unit 127, HDD drive 128, DVD (digital versatile disk) drive control unit 129, DVD drive 130, and power supply unit 131.

  The video apparatus 100 can receive a plurality of broadcast waves, and can view and record the received content. It is also possible to download content data from a network, view package media content such as a DVD, and write content data to a writable DVD media.

  The user interface unit 101 receives an instruction from the user for the video apparatus 100. Then, data indicating the received content is transmitted to the main control unit 120. Examples of the user interface unit 101 include a front panel operation switch and a remote controller.

  For example, when receiving an instruction to record the received content on the HDD drive 128, the user interface unit 101 transmits data indicating the received content to the main control unit 120. Then, main controller 120 transmits the content data received from antenna 112 to HDD drive controller 127. Then, the HDD drive control unit 127 writes the received content data to the HDD drive 128.

  Further, when the user interface unit 101 receives an instruction to write the received content to a writable DVD medium (recording medium) set in the DVD drive 130, the user interface unit 101 sends data indicating the received content to the main control unit 120. Send. Then, main controller 120 transmits the content data received from antenna 112 to DVD drive controller 129. Then, the DVD drive control unit 129 controls the DVD drive 315 to write the received content data to the writable DVD medium.

  The authentication necessity determination unit 102 determines whether the data received by the video apparatus 100 is data that requires authentication. This is determined, for example, by notification that the target data is data received via the LAN interface unit 121 and that authentication is required from the server transmitting the data. Note that the storage unit 119 may store a table in which data is associated with necessity of authentication, and may make a determination with reference to the table.

  The antenna 103 is an antenna that enables wireless communication between the video apparatus 100 and the mobile terminal 200. As this wireless communication, wireless LAN, BlueTooth, infrared rays, WiMAX (worldwide interoperability for microwave access), ZigBee, and the like can be considered.

  The wireless unit 104 transmits data received from the data information transmission unit 106, the authentication signal transmission / reception unit 107, and the processing capability information transmission unit 108 to the portable terminal 200 via the antenna 103. Further, data received from the portable terminal 200 via the antenna 103 is transmitted to the operation signal receiving unit 105 and the authentication signal transmitting / receiving unit 107.

  The operation signal receiving unit 105 receives an operation signal via the wireless unit 104 and transmits data indicating the content of the operation to the main control unit 120.

  For example, when remote control of the video apparatus 100 is performed by the mobile terminal 200, the operation signal receiving unit 105 receives an operation signal from the mobile terminal 200 via the wireless unit 104.

  The data information transmission unit 106 transmits the information received from the main control unit 120 and indicating the content data that can be reproduced in the video apparatus 100 to the portable terminal 200 via the wireless unit 104.

  If the data received by the video apparatus 100 requires authentication, the authentication signal transmission / reception unit 107 transmits an authentication request signal requesting the mobile terminal 200 to perform authentication processing. Further, the authentication signal transmission / reception unit 107 receives the authentication permission information received from the authentication device by the mobile terminal 200 from the mobile terminal 200.

  The processing capability information transmission unit 108 transmits data indicating the remaining processing capability of the video apparatus 100 to the portable terminal 200 via the wireless unit 104.

  The remaining processing capacity refers to the processing capacity remaining at that time. The processing capability refers to the communication capability and content data processing capability that the video apparatus 100 has. For example, when the video apparatus 100 is an HDD recorder, the number of tuners (analog tuner, terrestrial / BS / CS digital tuner, etc.) or the number of MPEG2 encoders. Note that a commercially available recorder has a processing capability capable of simultaneous recording of analog broadcasting and digital broadcasting, and simultaneous recording of terrestrial digital and BS or CS digital broadcasting.

  When performing communication, the communication capability varies depending on the number and speed of channels of the communication port. Furthermore, in the system as a whole, the processing capability varies depending on the calculation capability of a central processing unit (CPU) and a digital signal processor (DSP).

  The serial communication terminal 109 is a terminal for serial communication between the video apparatus 100 and the mobile terminal 200.

  The serial communication interface 110 transmits data having the same content as the wireless unit 104 to the mobile terminal 200 via the serial communication terminal 109.

  As a result, communication between the video apparatus 100 and the portable terminal 200 can be performed not only by wireless communication via the wireless unit 104 but also by wired communication via the serial communication interface 110. Note that the communication between the video apparatus 100 and the portable terminal 200 may be performed only by serial communication instead of wireless communication.

  The display unit 111 displays the operation state of the video apparatus 100 and the authentication state using the mobile terminal 200. Examples of the display unit 111 include a device capable of displaying a character figure such as a fluorescent display tube and an LCD (liquid crystal display), and a light emitting device such as an LED (light emitting diode).

  In addition, the display unit 111 displays that the mobile terminal 200 is used for authentication and processing associated therewith. When there are a plurality of mobile terminals 200, a display that can recognize each mobile terminal 200 among the plurality of mobile terminals 200 is performed. For example, a plurality of LEDs are provided, and a display capable of recognizing each portable terminal 200 is performed by turning on one LED, turning on two LEDs, changing a blinking pattern, or the like.

  The antennas 112 and 114 receive broadcast radio waves and transmit them to the tuners 113 and 115. The tuners 113 and 115 select a channel from the received broadcast radio wave. Then, the selected channel is transmitted to the data processing unit 116 as received data.

  Accordingly, the video apparatus 100 includes a first content acquisition unit configured by the antenna 112 and the tuner 113 and a second content acquisition unit configured by the antenna 114 and the tuner 115, and receives two broadcast radio waves. It is possible.

  The first content acquisition unit and the second content acquisition unit can operate simultaneously. Also, simultaneous writing to the HDD drive 128 and selective simultaneous writing to the HDD drive 128 and the DVD drive 130 are possible.

  The data processing unit 116 separates the received data into video data and audio data. The video data is transmitted to the video processing unit 117, and the audio data is transmitted to the audio processing unit 118.

  The video processing unit 117 processes the received video data into data that can be reproduced by the video device 100 and transmits the data to the main control unit 120. In addition, the audio processing unit 118 processes the received audio data into data that can be reproduced by the video apparatus 100 and transmits the data to the main control unit 120.

  The storage unit 119 stores a program for controlling the video apparatus 100, data received by the video apparatus 100, and information associated therewith. An example of the storage unit 119 is a flash memory, for example.

  The main control unit 120 controls the entire video apparatus 100. The program for the main control unit 120 is stored in the storage unit 119.

  The LAN interface unit 121 transmits and receives data to and from the LAN connected via the LAN terminal 122. For example, the LAN interface unit 121 is connected to the Internet via the LAN terminal 122, and can download content data from a server providing content services and receive data by a video on demand method.

  In the video apparatus 100, the content data received from the LAN interface unit 121 can be written to the HDD drive 128 or a recording medium set in the DVD drive 130.

  Note that the processing by the first content acquisition unit and the second content acquisition unit and the reception of content data by the LAN interface unit 121 can be processed simultaneously according to the processing capability of the video apparatus 100. .

  The AV interface unit 123 transmits and receives video data and audio data via the AV terminal 124. For example, if connected to a display device such as a television via the AV terminal 124, the transmitted video data is displayed and the audio data is reproduced. The data transmitted / received via the AV terminal 124 may be a digital signal such as HDMI (high definition multimedia interface) or an analog signal such as a video signal.

  The authentication / encryption / copy protection control unit 125 controls authentication, encryption, and copy protection of data received and reproduced by the video apparatus 100.

  For example, when the content data received by the video apparatus 100 is determined to be data that requires authentication for reception and the authentication necessity determination unit 102 determines that the authentication / encryption / copy protection control unit 125 receives the data. The authentication signal transmission / reception unit 107 is instructed via the main control unit 120 to transmit a signal for causing the portable terminal 200 to perform an authentication process for performing the authentication process.

  If the received content data is copy protected for copyright protection, the copy protection is canceled or changed. Further, the authentication / encryption / copy protection control unit 125 can superimpose information related to authentication / encryption / copy protection on the video signal and the audio signal.

  Here, an example of copy protection will be described. All BS broadcasts and terrestrial digital television broadcasts in Japan employ a copy control called “copy once”. This means that once a digital broadcast is recorded, dubbing with a digital connection is not possible from there. The method used in this digital connection is “iLink (registered trademark)”, and a supplementary rule of DTCP (digital transmission content protection) for iLink is applied thereto.

  The main elemental technologies that make up DTCP are (1) device authentication and key exchange (AKE), (2) content encryption, (3) copy control information (Copy Control Information, CCI), ( 4) There are four system update messages (System Renewability Messages, SRMs). In the case of DTCP, the content transmission side is called a source device (Source Device), and the reception side is called a sink device (Sink Device). There are two types of AKE, “complete authentication” and “restricted authentication”, and an incompatible device cannot be authenticated.

  The flow of DTCP processing up to content distribution is shown below. First, a content stream with EMI (Encryption Mode Indicator) information is received (step 1). Next, a corresponding authentication method is requested based on the EMI information (step 2). If authenticated, authentication and encryption key exchange are performed (step 3). Finally, the content is distributed (step 4).

  The copy control information is included in the header of the packet as 2-bit data called EMI. There are four types of EMI.

  In addition, content that uses copy control called "Copy Once" will be copied once, and the copy control information will be changed from "Copy one generation" to "No more copies", and no more digital copies can be made. .

  In the video apparatus 100, the authentication / encryption / copy protection control unit 125 can support the above-described DTCP.

  Further, the authentication / encryption / copy protection control unit 125 not only performs the above-described control but also restricts writing to a writable package medium (DVD-R / RW, BD, HD-DVD, etc.), writing frequency limit, and copy limit. Control corresponding to various services, such as managed copy control such as providing a key for releasing viewing restrictions, is possible.

  The B-CAS 126 is for authenticating the video apparatus 100 in digital broadcasting.

  The HDD drive control unit 127 controls the HDD drive 128. Specifically, the content data is written to the HDD drive 128, and the content data written to the HDD drive 128 is read.

  The DVD drive control unit 129 controls the DVD drive 130. Specifically, the DVD drive 130 is caused to write content data to a recording medium set in the DVD drive 130 and read the content data written to the recording medium.

  Then, by the HDD drive control unit 127 or the DVD drive control unit 129, the video apparatus 100 reads and reproduces the content data written in the HDD drive 128 and the content data written in the recording medium set in the DVD drive 130. It is also possible.

  The power supply unit 131 supplies power to each block of the video apparatus 100.

(Configuration of mobile terminal 200)
Next, as illustrated in FIG. 2, the mobile terminal 200 includes a 3G (3rd generation) antenna 201, a 3G-RF (radio frequency) unit 202, a 3G analog baseband unit 203, a 3G digital baseband unit 204, and 3G communication processing. Unit 205, WLAN (wireless LAN) antenna 206, WLAN-RF unit 207, WLAN analog baseband unit 208, WLAN digital baseband unit 209, WLAN communication processing unit 210, serial communication terminal 211, serial communication interface unit 212, serial communication Processing unit 213, video device processing unit (notification information receiving unit, operation restriction unit) 214, user interface unit 215, storage unit 216, main control unit 217, encryption / authentication processing unit 218, USIM 219, display interface unit 220, display Unit 221, audio processing unit 222, The configuration includes a speaker 223, a receiver 224, a notification unit 225, and a power supply unit 226.

  The mobile terminal 200 is a hybrid terminal provided with a wireless LAN communication function in addition to a communication function with a mobile phone network.

  The 3G antenna 201 receives a radio wave from a base station of the mobile phone communication network and transmits it to the 3G-RF unit 202. Further, the signal received from the 3G-RF unit 202 is radiated as a transmission radio wave.

  The 3G-RF unit 202 performs frequency band limitation and low-noise amplification on the radio wave of the mobile phone communication network base station transmitted from the 3G antenna 201, and transmits the received RF signal to the 3G analog baseband unit 203. . The 3G-RF unit 202 amplifies the power of the signal received from the 3G analog baseband unit 203 and transmits the amplified signal to the 3G antenna 201.

  The 3G analog baseband unit 203 performs direct conversion on the received RF signal received from the 3G-RF unit 202 and converts the received RF signal into a received baseband signal. Then, the converted reception baseband signal is transmitted to the 3G digital baseband unit 204. The 3G analog baseband unit 203 performs direct conversion on the signal received from the 3G digital baseband unit 204 and converts the signal into a transmission RF signal. The converted transmission RF signal is transmitted to the 3G-RF unit 202.

  The 3G digital baseband unit 204 digitally demodulates the received baseband signal received from the 3G analog baseband unit 203 and transmits the demodulated baseband signal to the 3G communication processing unit 205. The 3G digital baseband unit 204 digitally modulates the transmission digital signal received from the 3G communication processing unit 205 and transmits the digital modulation to the 3G analog baseband unit 203.

  The 3G communication processing unit 205 performs packet frame operation and communication control on the signal received from the 3G digital baseband unit 204 and transmits the signal to the main control unit 217. Further, the 3G communication processing unit 205 performs a packet frame operation on the transmission data received from the main control unit 217 and transmits it to the 3G digital baseband unit 204 as a transmission digital signal.

  The WLAN antenna 206 receives WLAN radio waves and transmits them to the WLAN-RF unit 207. The WLAN antenna 206 radiates the transmission RF signal received from the WLAN-RF unit 207 as a transmission radio wave.

  The WLAN-RF unit 207 performs frequency band limitation and low-noise amplification on the WLAN radio wave received by the WLAN antenna 206, and transmits it to the WLAN analog baseband unit 208 as a received RF signal. Further, the WLAN-RF unit 207 amplifies the power of the transmission RF signal received from the WLAN analog baseband unit 208 and transmits it to the WLAN antenna 206.

  The WLAN analog baseband unit 208 performs direct conversion on the received RF signal received from the WLAN-RF unit 207 and converts the received RF signal into a received baseband signal. Then, the converted reception baseband signal is transmitted to the WLAN digital baseband unit 209. Also, the WLAN analog baseband unit 208 performs direct conversion on the transmission digital signal received from the WLAN digital baseband unit 209 and converts it into a transmission RF signal. The converted transmission RF signal is transmitted to the WLAN-RF unit 207.

  The WLAN digital baseband unit 209 digitally demodulates the received baseband signal received from the WLAN analog baseband unit 208 and transmits it to the WLAN communication processing unit 210. Also, the WLAN digital baseband unit 209 performs digital modulation on the transmission digital signal received from the WLAN communication processing unit 210 and transmits the digital modulation to the WLAN analog baseband unit 208.

  The WLAN communication processing unit 210 performs packet frame operation and communication control on the signal received from the WLAN digital baseband unit 209 and transmits the packet frame operation and communication control to the main control unit 217. Also, the WLAN communication processing unit 210 performs a packet frame operation on the transmission data received from the main control unit 217, and transmits it to the WLAN analog baseband unit 208 as a transmission digital signal.

  The serial communication terminal 211 is a terminal for performing serial communication with other devices capable of serial communication. The serial communication terminal 211 transmits the received data to the serial communication interface unit 212, and transmits the data received from the serial communication interface unit 212 to an external device that is performing serial communication with the mobile terminal 200.

  The serial communication interface unit 212 is an interface for receiving data from an external device performing serial communication with the mobile terminal 200 and for transmitting data to the external device.

  The video device processing unit 214 processes the instruction to the video device 100 received from the user by the user interface unit 215, and transmits data indicating the content of the instruction from the WLAN antenna 206 or the serial communication terminal 211. The video device processing unit 214 processes instruction data from the video device 100 received via the WLAN antenna 206 or the serial communication terminal 211.

  The user interface unit 215 receives an instruction from the user, and transmits data indicating the received content to the main control unit 217. The user interface unit 215 is configured with, for example, a numeric keypad or an arrow key, and can input character information including a telephone number and an e-mail.

  The storage unit 216 stores a program for operating the mobile terminal 200, various setting values, user data, content data, and the like. The storage unit 216 does not need to be one, and a plurality of storage units 216 may be provided depending on the application, and some of them may be detachable. Examples of the storage unit 216 include flash memory and SDRAM (synchronous dynamic random access memory).

  The main control unit 217 performs overall processing of the mobile terminal 200. A program for performing this processing is stored in the storage unit 216.

  The encryption / authentication processing unit 218 performs authentication and encryption using the USIM 219 on data transmitted / received in the mobile terminal 200.

  The USIM 219 is a subscriber identification module that records user telephone numbers and contracted mobile phone carrier information (solid recognition information), etc., and is an EEPROM (electrically erasable and programmable read-only memory) or CPU. This is an IC card in which (central processing unit) is incorporated. By attaching the USIM card to the portable terminal 200, the telephone number of the portable terminal 200 becomes the telephone number recorded in the USIM card, and communication with other portable terminals becomes possible.

  The display interface unit 220 is an interface that connects the display unit 221 of the mobile terminal 200. The display interface unit 220 may be connected to an external television and transmit a television signal.

  The display unit 221 displays character image information in the mobile terminal 200. In addition, the display unit 221 can display, for example, that the video apparatus 100 received by the mobile terminal 200 is performing authentication and processing associated therewith using the other mobile terminal 200. The display unit 221 may be any display device that can display character image information. Examples of the display unit 221 include an LCD (liquid crystal display) and an EL (electroluminescence) display. The display unit 221 may not only display character image information but also function as a touch panel type user interface.

  The audio processing unit 222 is connected to the speaker 223 and the receiver 224, amplifies the received audio signal, and drives the speaker 223. Also, the voice processing unit 222 converts the voice received via the receiver 224 into an electrical signal, performs digital encoding, packetizes it, and transmits it to the main control unit 217.

  The notification unit 225 notifies the user of the state of the mobile terminal 200 and the occurrence of an event. Examples of the notification unit 225 include an LED and a ringer.

  The power supply unit 226 includes a battery and a control unit, and supplies power to the entire mobile terminal 200.

  The mobile terminal 200 is a hybrid terminal capable of communication with a mobile phone network and wireless LAN communication. However, the wireless LAN communication is not limited to this, and may be, for example, Bluetooth, infrared, WiMAX, or the like. Good.

  Here, a procedure in which the mobile terminal 200 connects to a mobile phone network using the built-in USIM 219, connects to a service provided by a communication carrier, and performs normal voice / data communication will be described.

  The mobile terminal 200 performs wireless access with a nearby base station and performs location registration and subscriber identification authentication by communicating with the core network. Here, the individual information and encryption information of USIM 219 are used. As a result, authentication in the mobile phone network becomes strong. When the authentication is completed, the mobile terminal 200 can perform voice / data communication with the mobile phone network. If necessary, service user authentication is performed.

(Configuration of data receiving system 300)
Next, as shown in FIG. 3, the data receiving system 300 is a system including the video device 100 and two portable terminals 200 </ b> A and 200 </ b> B. The mobile terminal 200 </ b> A and the mobile terminal 200 </ b> B have the same configuration as the mobile terminal 200, and are different in the solid recognition information stored in the USIM 219. Here, USIM 219 provided in portable terminal 200A is referred to as USIM 219A, and USIM 219 provided in portable terminal 200B is referred to as USIM 219B. Here, two cases are shown for the portable terminal 200, but the number is not limited to this, and the number of the portable terminals 200 is not particularly limited.

  The video apparatus 100 is connected to the Internet 301 and can communicate with the mobile terminals 200A and 200B by wireless communication (proximity wireless communication). The mobile terminals 200A and 200B are connected to the mobile phone network 302 by performing wireless communication with a base station (not shown) of the mobile phone network (3GPP network) 302.

  The mobile phone network 302 and the Internet 301 are also connected to each other.

  In the present embodiment, authentication required when the video apparatus 100 implements the service A (in this case, download of the content A) implemented on the Internet 301 is performed using the mobile terminal 200A. Then, the video device 100 notifies the mobile terminal 200B of the reduced processing capability due to the authentication and the download associated therewith using the mobile terminal 200A. The detailed processing flow will be described later.

(Flow of processing for registering portable terminal 200 in video apparatus 100)
Next, the flow of processing for registering the mobile terminal 200 in the video apparatus 100 will be described with reference to FIGS. FIG. 4 is a flowchart showing a flow of processing in which the video apparatus 100 registers the mobile terminal 200. FIG. 5 is a flowchart illustrating a process flow in which the mobile terminal 200 registers the mobile terminal 200 in the video apparatus 100.

  In the present embodiment, the video apparatus 100 registers the mobile terminal 200 that can be used for authentication in the video apparatus 100 before using a service that requires authentication.

  The service is a general term for a system including a content server connected to the Internet, a user authentication server, and a program. Specifically, VOD (Video on Demand), download of video / audio data, download of DVD image data, download of programs and game contents, download of contents such as music data, jacket photos, and the like. Moreover, you may be charged with these downloads.

  First, the flow of processing in which the video apparatus 100 registers the mobile terminal 200 in the video apparatus 100 will be described.

  As a premise, it is assumed that the service contracted by the mobile terminal 200 is a service A. Here, the contract includes authentication, billing, and approval processing for the service A using the solid recognition information stored in the USIM included in the mobile terminal 200.

  First, the user interface unit 101 accepts whether information necessary for registration of the mobile terminal 200 is manually input (S401).

  In the case of manual input, the user interface unit 101 accepts input of information on the portable terminal 200 (S402). If there is another portable terminal 200 to be registered (YES in S403), the user interface unit 101 accepts registration of the portable terminal 200. On the other hand, if there is no mobile terminal 200 to be registered (NO in S403), the authentication device registration unit 132 determines whether there are a plurality of registered mobile terminals 200 (S408), and there are a plurality of registered mobile terminals 200. If there is (YES in S408), the priority order used for authentication in the portable terminal 200 is determined (S409).

  The priority order can be determined based on the service contracted by the mobile terminal 200 or in the registered order.

  Then, the registration process ends. If there are not a plurality of registered mobile terminals 200 (NO in S408), the registration process is terminated.

  On the other hand, if not manually input, the authentication device registration unit 132 searches for a portable terminal 200 that can be connected via the wireless unit 104 (S404). The search for the portable terminal 200 is performed using a conventional method in WLAN. In addition to the WLAN, a conventional method based on BlueTooth may be used.

  And if the authentication apparatus registration part 132 discovers the portable terminal 200 which can be connected, it will connect the video apparatus 100 and the said portable terminal 200 (S405). Next, the authentication device registration unit 132 acquires the solid recognition information stored in the USIM 219 of the connected mobile terminal 200 and the information of the service A with which the mobile terminal 200 is contracted via the wireless unit 104, The data is stored in the storage unit 119 (S406).

  Thereafter, the authentication device registration unit 132 searches for another connectable mobile terminal 200 (S407). If there is another connectable mobile terminal 200 (YES in S407), the authentication apparatus registration unit 132 connects to the mobile terminal 200. (S405). On the other hand, if there is no other connectable portable terminal 200 (NO in S407), the process proceeds to S408, and the subsequent processing flow is the same.

  Note that after registering the mobile terminal 200 in the video apparatus 100, the mobile terminal 200 may communicate with the service A via the mobile phone network 302. At this time, the video apparatus 100 may confirm the authentication of the service A by communicating with the service A via the LAN interface unit 121. Further, authentication may be confirmed among the video apparatus 100, the mobile terminal 200, and the service A.

  Next, a flow of processing in which the mobile terminal 200 registers the mobile terminal 200 in the video device 100 will be described.

  First, the user interface unit 215 receives an instruction to register the mobile terminal 200 in the video apparatus 100 (S501).

  Next, the video device processing unit 214 connects the mobile device 200 and the video device 100 via the WLAN-RF unit 207 (S502). Then, the video device processing unit 214 transmits the individual recognition information stored in the USIM 219 and the information on the service A with which the mobile terminal 200 is contracted via the WLAN antenna 206 (S503).

  The video apparatus 100 that has received the solid recognition information or the like from the portable terminal 200 registers the received solid recognition information or the like (S504).

  Thereafter, the authentication device registration unit 132 determines whether there are a plurality of registered mobile terminals 200 (S505). If there are a plurality of registered mobile terminals 200 (YES in S505), The priority order used for authentication is determined (S506). Then, the registration process ends. If there are not a plurality of registered mobile terminals 200 (NO in S505), the registration process is terminated.

(Processing flow when the video apparatus 100 is operated and authentication is performed using the portable terminal 200)
Next, a processing flow when the video apparatus 100 is operated and authentication is performed using the mobile terminal 200 will be described with reference to FIG. FIG. 6 is a flowchart showing a processing flow when the video device 100 is operated and authentication is performed using the mobile terminal 200.

  First, the user interface unit 101 receives a service selected by the user (S601).

  Next, the authentication necessity determination unit 102 determines whether the selected service requires authentication (S602). This is performed by accessing a server providing the selected service via the LAN interface unit 121 and acquiring the necessity of authentication from the server. Note that the determination as to whether authentication is necessary may be performed by storing a table in which the service and the necessity of authentication are associated with each other in the storage unit 119 and referring to the table.

  If it is determined that the selected service requires authentication (YES in S602), the authentication necessity determination unit 102 determines the mobile terminal 200 used for authentication (S603). This is performed by referring to the table in which the table in which the service is associated with the portable terminal 200 that can be used for authentication of the service is stored in the storage unit 119. Moreover, when the some portable terminal 200 can be used for authentication, it determines based on the priority mentioned above.

  When the mobile terminal 200 used for authentication is determined, the authentication necessity determination unit 102 tries to connect the video apparatus 100 and the mobile terminal 200 via the wireless unit 104 (S604). If the connection is possible (YES in S604), the authentication signal transmission / reception unit 107 transmits an authentication request signal to the mobile terminal 200 so as to perform an authentication process (S606). On the other hand, if the connection is impossible (NO in S604), the authentication necessity determination unit 102 changes the mobile terminal 200 used for authentication (S605). Then, the process proceeds to S604.

  The mobile terminal 200 that has received the authentication request signal performs an authentication process with the server that provides the selected service (S607). If the authentication is successful, the portable terminal 200 transmits the authentication permission information received from the server to the video apparatus 100 (S608).

  Note that the authentication permission information may be transmitted directly from the server to the video apparatus 100 via the Internet 301. In this case, the video apparatus 100 may transmit the received authentication permission information to the mobile terminal 200. Further, the existence permission time may be set in the authentication permission information, and the authentication permission information may disappear or be invalidated as time elapses. Further, when the use of the service is terminated, the authentication permission information may be deleted or invalidated.

  The video apparatus 100 that has received the authentication permission information uses the selected service (S609). Then, the processing capability information transmission unit 108 searches for other connectable mobile terminals 200 (S610). If there is another portable terminal 200 that can be connected (YES in S610), the processing capability information transmission unit 108 can connect the remaining processing capability information (notification information) indicating the remaining processing capability of the video apparatus 100. (S611). Then, the process ends.

  On the other hand, if there is no other portable terminal 200 that can be connected (NO in S610), the process ends. If the selected service does not require authentication (NO in S602), the process ends.

(Flow of processing when authentication is performed by operating the video apparatus 100 from the portable terminal 200)
Next, with reference to FIG. 7, a flow of processing when authentication is performed by operating the video device 100 from the mobile terminal 200 will be described. FIG. 7 is a flowchart illustrating a processing flow when authentication is performed by operating the video apparatus 100 from the mobile terminal 200.

  First, the mobile terminal 200 is connected to the video apparatus 100 according to an instruction received by the user interface unit 215 (S701). Then, the portable terminal 200 acquires service information stored in the video device 100 (S702).

  Then, the mobile terminal 200 displays the acquired service information on the display unit 221. In addition, when displaying service information, you may display so that the service which contracted with the portable terminal 200 can be selected preferentially.

  Next, the mobile terminal 200 receives the service selected by the user interface unit 215 (S703). After that, since it is the same as S602 of FIG. 6, description is abbreviate | omitted.

(Processing flow of the mobile terminal 200 after acquiring the remaining processing capacity information)
Next, a processing flow of the mobile terminal 200 after acquiring the remaining processing capability information will be described with reference to FIG. FIG. 8 is a flowchart showing a process flow of the mobile terminal 200 after acquiring the remaining processing capacity information.

  When the portable terminal 200 receives the remaining processing capability information from the video device 100 (S801), the video device processing unit 214 determines whether or not the video device 100 can be operated (S802). This may include a signal indicating that the remaining processing capability information is inoperable, and may be determined from this signal. The threshold value of the remaining processing capability is stored in the mobile terminal 200, and reception is possible. The determination may be made based on whether the remaining processing capacity information is below this threshold.

  If the video device 100 cannot be operated (NO in S802), the video device processing unit 214 prevents the video device 100 from being operated (S803). Then, the process ends. On the other hand, if the operation on the video apparatus 100 is possible (YES in S802), the process ends. Note that the processing in S803 may be such that after the requested processing and the remaining processing capacity are compared to determine that the operation is impossible, the video device 100 cannot be operated. .

  As described above, in the present embodiment, in the system that can perform authentication using the mobile terminal 200 when authentication is required for a service (content data reception, reproduction, etc.) used in the video apparatus 100, It is possible to prevent malfunction of the video apparatus 100 due to overlapping operations on the video apparatus 100 between the portable terminals 200.

  In the reception and reproduction of data in the video apparatus 100, authentication and encryption are deeply involved from the viewpoint of copyright protection and network security. Then, if user authentication is performed using the same authentication / encryption means (for example, SSL (Secure Socket Layer)) as a PC connected to the Internet, and content is viewed or downloaded, there is a possibility of eavesdropping And is less secure than mobile phone networks. On the other hand, in the authentication, if a mobile phone network mechanism using USIM is used, safety can be improved.

[Embodiment 2]
The following will describe another embodiment of the present invention with reference to FIGS. For convenience of explanation, members having the same functions as those shown in the first embodiment are given the same reference numerals, and explanation thereof is omitted.

  FIG. 9 is an explanatory diagram showing a configuration of a data receiving system 900 according to the present embodiment. FIG. 10 is a block diagram of the video apparatus 901 according to the present embodiment. FIG. 11 is a block diagram of portable terminal 902 according to the present embodiment.

  Note that the mobile terminal 902A and the mobile terminal 902B have the same configuration as the mobile terminal 902, and only the solid recognition information stored in the USIM 219 is different. Here, the USIM included in the mobile terminal 902A is referred to as USIM 919A, and the USIM included in the mobile terminal 902B is referred to as USIM 919B.

  The present embodiment is different from the above embodiment in that the mobile terminal 902A and the mobile terminal 902B can perform close proximity wireless communication (configures a personal area network), and the video apparatus 901. The mobile terminal 902A transmits notification information to the mobile terminal 902B in response to the instruction.

  The video apparatus 901 includes a notification information transmission instruction unit (notification information transmission instruction means) 133 in addition to the configuration of the video apparatus 100. When receiving the authentication permission information from the mobile terminal 902A, the notification information transmission instruction unit 133 instructs the mobile terminal 902A to transmit the notification information to the mobile terminal 902B.

  In addition to the configuration of the mobile terminal 200, the mobile terminal 902 includes a notification information processing unit (request signal reception unit, notification information transmission unit, authentication information transmission unit) 227. The notification information processing unit 227 transmits the notification information to the other portable terminal 902 when instructed to transmit the notification information from the notification information transmission instruction unit 133 of the video device 901.

  Here, the notification information is information indicating that the video apparatus 901 is performing authentication and accompanying processing.

  Next, the flow of processing in the present embodiment will be described with reference to FIG. FIG. 12 is a flowchart illustrating a processing flow when the video device 901 is operated and authentication is performed using the mobile terminal 902A. Here, a case where the video apparatus 100 is operated and authentication is performed using the mobile terminal 902A will be described, but the case where the operation is performed from the mobile terminal 902A (or 902B) is also applicable.

  Steps up to S608 are the same as those in FIG. The video device 901 that has received the authentication permission information instructs the notification information transmission instruction unit 133 to transmit the notification information to the portable terminal 902B to the portable terminal 902A (S1201).

  In the portable terminal 902A instructed to transmit the notification information, the notification information processing unit 227 transmits the notification information to the portable terminal 902B (S1202).

  Note that the number of mobile terminals 902 constituting the personal network is not limited to two, and any number of mobile terminals 902 may exist. When there are three or more portable terminals 902, the portable terminal 902 instructed to transmit the notification information from the video device 901 transmits the notification information to all other portable terminals 902 constituting the personal network. To do.

  In addition, when the video device 901 and the plurality of mobile terminals 902 form a personal network, the mobile device 902 that can be used for authentication by the video device 901 is registered in either of the personal network instead of the own device. It may be stored in the apparatus. Further, it may be stored in a server on the Internet.

  The present invention is not limited to the above-described embodiments, and various modifications are possible within the scope shown in the claims, and embodiments obtained by appropriately combining technical means disclosed in different embodiments. Is also included in the technical scope of the present invention.

  Finally, each block of the video device 100 and the portable terminal 200, particularly the authentication necessity determination unit 102, the operation signal reception unit 105, the data information transmission unit 106, the authentication signal transmission / reception unit 107, the processing capability information transmission unit 108, and the data processing unit 116, video processing unit 117, audio processing unit 118, main control unit 120, authentication / encryption / copy protection control unit 125, HDD drive control unit 127, DVD drive control unit 129, authentication device registration unit 132, notification information transmission instruction Unit 133, 3G communication processing unit 205, WLAN communication processing unit 210, video device processing unit 214, main control unit 217, encryption / authentication processing unit 218, audio processing unit 222, and notification information processing unit 227, hardware logic Or may be realized by software using a CPU as follows.

  In other words, the video device 100 and the mobile terminal 200 include a CPU that executes instructions of a control program that realizes each function, a ROM (read only memory) that stores the program, a RAM (random access memory) that expands the program, A storage device (recording medium) such as a memory for storing the program and various data is provided. The object of the present invention is to record the program code (execution format program, intermediate code program, source program) of the control program for the video device 100 and the portable terminal 200, which are software that realizes the above-described functions, in a computer-readable manner. This can also be achieved by supplying the recording medium to the video device 100 and the portable terminal 200 and reading and executing the program code recorded on the recording medium by the computer (or CPU or MPU).

  Examples of the recording medium include tapes such as magnetic tapes and cassette tapes, magnetic disks such as floppy (registered trademark) disks / hard disks, and disks including optical disks such as CD-ROM / MO / MD / DVD / CD-R. Card system such as IC card, IC card (including memory card) / optical card, or semiconductor memory system such as mask ROM / EPROM / EEPROM / flash ROM.

  Further, the video apparatus 100 and the portable terminal 200 may be configured to be connectable to a communication network, and the program code may be supplied via the communication network. The communication network is not particularly limited. For example, the Internet, intranet, extranet, LAN, ISDN, VAN, CATV communication network, virtual private network, telephone line network, mobile communication network, satellite communication. A net or the like is available. In addition, the transmission medium constituting the communication network is not particularly limited. For example, in the case of wired communication such as IEEE 1394, USB, power line carrier, cable TV line, telephone line, and ADSL line, infrared rays such as IrDA and remote control, Bluetooth, It can also be used with radio such as 802.11 radio, HDR, mobile phone network, satellite line, and terrestrial digital network. The present invention can also be realized in the form of a computer data signal embedded in a carrier wave in which the program code is embodied by electronic transmission.

(Other configurations)
The above data device authenticates using information on the IC card, so that a network communication means for communicating by connecting to a communication network and a mobile device for communicating with an external data terminal device (STB, DVD recorder, etc.) -By providing a portable terminal device provided with communication means between data terminals, a plurality of content acquisition means, and a communication means between portable and data terminals with the portable terminal device, and performing authentication corresponding to each of the plurality of content acquisition means. In a data terminal device capable of acquiring content, a configuration that can be used as an authentication unit necessary for content acquisition by communicating information related to authentication work performed by the mobile terminal device by the data communication terminal communication unit It is good.

  In the remote authentication system, information related to remote authentication by another mobile terminal may be displayed.

  In the remote authentication system, the mobile terminal device may be configured to acquire and display information related to remote authentication by another mobile terminal using a communication unit between mobile and data terminals.

  The data device and the mobile terminal device may be configured to use a character graphic display device as means for displaying information related to remote authentication in the remote authentication system.

  In the remote authentication system, a light emitting device device may be used as means for displaying information related to remote authentication.

  The remote authentication system may be configured to include means capable of outputting information related to remote authentication as video output.

  The remote authentication system may be configured to display different remote authentication displays on the mobile terminal that performs remote authentication.

  Further, the remote authentication system may be configured to perform different remote authentication displays on the data terminals that perform remote authentication.

  The remote authentication system may be configured to perform remote authentication display that is the same or correlated with a portable terminal that performs remote authentication and a data terminal.

  Since it is possible to notify a device that is not used for authentication that processing of data permitted by authentication is performed, a data processing device that can communicate with a plurality of authentication devices and is operated from the authentication device, For example, content data that requires authentication can be played back, and the required authentication is suitable for a video playback device that uses one of a plurality of other authentication devices.

BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1, showing an embodiment of the present invention, is a block diagram illustrating a main configuration of a video apparatus. It is a block diagram which shows the said embodiment and shows the principal part structure of a portable terminal. It is an explanatory view showing the above-mentioned embodiment and showing a configuration of a data receiving system. 5 is a flowchart showing a flow of processing in which the video device registers a mobile terminal 200 in the embodiment. In the said embodiment, a portable terminal is a flowchart which shows the flow of the process which registers a self-terminal with an imaging | video device. In the said embodiment, it is a flowchart which shows the flow of a process in the case of operating a video device and authenticating using a portable terminal. It is a flowchart which shows the flow of a process in the case of authenticating by operating a video device from a portable terminal. In the said embodiment, it is a flowchart which shows the flow of a process in the portable terminal after acquiring residual processing capability information. It is explanatory drawing which shows other embodiment of this invention, and shows the structure of a data reception system. It is a block diagram which shows the said other embodiment and shows the principal part structure of a video apparatus. It is a block diagram which shows the said other embodiment and shows the principal part structure of a portable terminal. In the other embodiment, it is a flowchart showing a flow of processing when the video device is operated and authentication is performed using a portable terminal.

Explanation of symbols

100 Video equipment (data processing equipment)
107 Authentication signal transmitting / receiving unit (authentication permission information receiving means, notification information transmitting means)
108 processing capacity information transmission unit (notification information transmission means)
133 Notification information transmission instruction section (notification information transmission instruction means)
200 Mobile terminal (authentication remote control device)
214 Video device processing unit (notification information receiving means, operation restricting means)
227 Notification information processing unit (request signal receiving means, notification information transmitting means, authentication information transmitting means)
300 Data reception system (data processing system)

Claims (19)

A plurality of authentication remote operation devices having a function of performing authentication necessary for data processing performed in the data processing device with an external authentication device using a communication function, and a function of remotely operating the data processing device A data processing device capable of communicating with
Authentication permission information receiving means for receiving authentication permission information indicating that authentication necessary for data processing has been obtained from the authentication remote operation device used for authentication among the plurality of authentication remote operation devices;
When the authentication permission information receiving means receives the authentication permission information, notification information is transmitted to notify the plurality of authentication remote control devices of notification information indicating that processing of data permitted by the authentication permission information is being performed. And a data processing apparatus.   The data processing apparatus according to claim 1, further comprising a display unit that displays contents of the authentication permission information and the notification information.   The notification information includes residual processing capability information indicating processing capability remaining in the data processing device when the data processing device is processing data permitted by the authentication permission information. The data processing apparatus according to claim 1 or 2, characterized in that   When the notification information transmission means receives a notification information notification request from an authentication remote operation device other than the authentication remote operation device used for authentication among the plurality of authentication remote operation devices, the notification information transmission means sends the notification information to the authentication remote operation device. The data processing apparatus according to any one of claims 1 to 3, wherein notification is performed.   5. The notification information transmitting unit according to claim 1, wherein the notification information transmission unit sequentially notifies the plurality of authentication remote operation devices of the notification information in accordance with a preset priority order. Data processing equipment.   The data processing device according to claim 1, wherein the notification information transmitting unit notifies the notification information to an authentication remote operation device that can be connected wirelessly. When the plurality of authentication remote control devices are connected wirelessly,
Provided with a notification information transmission instruction means for transmitting a notification information transmission instruction signal for notifying an authentication remote operation apparatus excluding the authentication remote operation apparatus used for authentication from the authentication remote operation apparatus used for authentication. The data processing apparatus according to any one of claims 1 to 6.   The wireless communication is any one of a wireless local area network (LAN), Bluetooth (registered trademark), UWB (ultra wideband), ZigBee (registered trademark), WiMAX, cellular system, and infrared communication. The data processing apparatus described in 1.   9. The data processing apparatus according to claim 1, wherein the data to be processed is any one of broadcast content, content recorded on a recording medium, and content downloaded from a network.   Data processing devices include telephones, audio equipment, personal computers, television receivers, HDD (hard disk drive) recorders, DVD (digital versatile disc) recorders, HD-DVD (high definition-DVD) recorders, Blu-rays (registered) The data processing apparatus according to any one of claims 1 to 9, wherein the data processing apparatus is either a trademark (trademark) recorder or a VCR (video cassette recorder). Authentication remote operation device having a function of performing authentication necessary for data processing performed in a data processing device capable of communication with an external authentication device using a communication function, and a function of remotely operating the data processing device Because
Notification information receiving means for receiving notification information indicating that the data processing device is processing data permitted by authentication by an authentication remote operation device different from the data processing device from the data processing device;
An authentication remote operation device comprising: an operation restriction unit for restricting an operation to the data processing device when the notification information reception unit receives the notification information. If there is another authentication remote control device that can communicate wirelessly,
Request signal receiving means for receiving a notification information transmission request signal for requesting transmission of the notification information from the data processing device to the other authentication remote control device;
The said request signal receiving means is provided with the notification information transmission means which transmits the said notification information to said other authentication remote operation apparatus, if a notification information transmission request signal is received. Authentication remote control device. If there is another authentication remote control device that can communicate wirelessly,
An authentication information transmitting means for transmitting authentication information indicating that the data processing apparatus performs authentication necessary for data processing by itself to the other authentication remote operation apparatus. The authentication remote control device according to 11.   The authentication remote operation device according to any one of claims 11 to 13, wherein the authentication remote operation device is a mobile terminal including an IC card storing individual information used for authentication.   A data processing system comprising: the data processing device according to any one of claims 1 to 10; and the authentication remote control device according to any one of claims 11 to 14.   A control program for operating at least one of the data processing device according to any one of claims 1 to 10 and the authentication remote operation device according to any one of claims 11 to 14, comprising: a computer; Is a control program for functioning the above as each means.   The computer-readable recording medium which recorded the control program of Claim 16. A plurality of authentication remote operation devices having a function of performing authentication necessary for data processing performed in the data processing device with an external authentication device using a communication function, and a function of remotely operating the data processing device A method of controlling a data processing apparatus capable of communicating with
An authentication permission information receiving step for receiving authentication permission information indicating that authentication required for data processing is obtained from the authentication remote operation device used for authentication among the plurality of authentication remote operation devices;
When the authentication permission information is received in the authentication permission information receiving step, notification information is transmitted to notify the plurality of authentication remote control devices of notification information indicating that the data permitted by the authentication permission information is being processed. And a method for controlling the data processing apparatus. Authentication remote operation device having a function of performing authentication necessary for data processing performed in a data processing device capable of communication with an external authentication device using a communication function, and a function of remotely operating the data processing device Control method,
A notification information receiving step for receiving notification information indicating that the data processing device is processing data permitted by authentication by an authentication remote operation device different from the data processing device from the data processing device;
An authentication remote operation device control method comprising: an operation restriction step of restricting an operation to the data processing device when the notification information is received in the notification information reception step.

Images