JPH11308582A - Data receiving apparatus and method, and data transmitting method - Google Patents

Abstract

(57) [Summary] [PROBLEMS] In a data transmission system using multi-channel and large-capacity data transmission using communication satellites, only a predetermined person can simultaneously receive large-capacity data and various types of data. An object of the present invention is to provide a data receiving device that enables the data receiving device. A data receiving apparatus includes a receiving antenna for receiving signal data distributed via a communication satellite, a coaxial cable, and a descrambled digital signal according to a scrambling process performed on the signal data. A data acquisition device 32 for extracting predetermined data from the digital signal;
A data decryption device 33 having a decryption function of decrypting digital data acquired by the data acquisition function with an encryption key and a decryption key management function of managing the decryption key; and a reception device for outputting the data decrypted by the data decryption device to the outside. And a data output I / F device 35.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a data receiving apparatus and method for transmitting and receiving data using a satellite communication path, and a data transmitting method.

[0002]

2. Description of the Related Art Recently, for example, MPEG2 (Moving Pic), which has been adopted as a coding method for images in current broadcasting, HDTV, AV equipment, etc., by a compression technique for moving images or the like.
ture Experts Group Phase 2) has brought digital multi-channels and reduced cost per channel compared to conventional analog broadcasting. This means that services such as data broadcasting as well as video and audio can be provided. The broadcasting according to the MPEG2 system has been adopted as multi-channel digital broadcasting using a communication satellite, and is becoming more and more popular.

For example, in the above-mentioned multi-channel digital broadcasting, the high-speed transfer speed of a satellite, for example, 27 MHz
In the case of a z transponder, various data broadcasts utilizing a maximum of 30 Mbps are implemented. Here, the data broadcasting includes, for example, a music service, a game service, a magazine information service, and an Internet (WWW) service.

[0004]

By the way, it has been proposed that a predetermined person, for example, only a contractor receive data distributed using the above-mentioned communication satellite.
Such a data distribution method is considered to be adopted, for example, when the data provider wants to transmit data only to the contractor, or when the receiving user wants to distribute as unique information. In this case, a security mechanism at the individual level is always required.

As means for distributing data while maintaining the secret at the individual level, there is cited distribution data encryption. However, considering the use of communication satellites, high-speed data transfer at a maximum speed of 30 Mbps is considered. Therefore, the data being received on the receiving side must be decrypted at high speed in real time.

Further, it is considered that a situation may arise in which a plurality of (for example, a plurality of types, a plurality of programs) of the confidential data must be received at the same time, and even in such a case, A mechanism for decoding in real time is required.

As described above, it is considered that various functions such as a decoding function are required to receive data distributed by various data broadcasting services. It can be said that performing the above process provides a data receiving apparatus that can withstand the request and efficiently process data.

In addition, general-purpose support for various data broadcasting or data communication services which will be started in the future, for example, current and future general-purpose receiving terminals (I
It is also important to easily connect to RD (Interactive Receiver Decorder).

SUMMARY OF THE INVENTION The present invention has been made in view of the above-mentioned circumstances, and in a data transmission system using a communication satellite for performing multi-channel and large-capacity data transfer, only a predetermined person has a large-capacity data. And a data receiving apparatus and method capable of simultaneously receiving various types of data,
And to provide a data transmission method.

[0010]

SUMMARY OF THE INVENTION In order to solve the above-mentioned problems, a data receiving apparatus according to the present invention is provided with a receiving means for receiving signal data distributed via a satellite communication path, and a data receiving apparatus for receiving signal data. Descrambler for extracting a digital signal by descrambling according to the scramble processing, data acquisition means for extracting predetermined data from the digital signal, and decryption for decrypting the encrypted data acquired by the data acquisition means with an encryption key. Means, an encryption key storage means for storing the encryption key, and an output means for outputting the data decrypted by the decryption means to the outside.

[0011] The data receiving apparatus having the above-mentioned configuration performs descrambling by the descrambling means on the scrambled signal data received via the satellite communication path by the receiving means, and extracts it as digital data. Then, from the digital data,
The predetermined data is taken out by the data acquisition means.

Then, the data receiving device decrypts the encrypted data obtained by the data obtaining means by using the encryption key by the decrypting means. Further, the data receiving device outputs the data thus decoded to the outside by the output means.

[0013] Thus, the data receiving apparatus can take in only the information transmitted to the data receiving apparatus from the scrambled and transmitted signal as meaningful information.

[0014] In order to solve the above-mentioned problems, a data receiving method according to the present invention provides a receiving step of receiving signal data distributed via a satellite communication path and a scrambling process performed on the signal data. A descrambling step of descrambling to extract a digital signal, a data acquisition step of extracting predetermined data from the digital signal, and an encryption key stored in the encryption key storage means. And an output step of outputting the data decoded by the decoding step to the outside.

In the data receiving method, the scrambled signal data received via the satellite communication path in the receiving step is subjected to a descrambling process in a descrambling step to be converted into digital data, and the digital data is extracted. , Predetermined data is extracted in a data acquisition step.

In the data receiving method, the encrypted data obtained in the data obtaining step is decrypted using the encryption key in the decrypting step. Further, the data receiving device outputs the data thus decoded to the outside in an output step.

According to this data receiving method, it is possible to capture only information transmitted from a signal transmitted after being scrambled to a data receiving apparatus as meaningful information.

Further, in order to solve the above-mentioned problems, the data transmission method according to the present invention performs an encryption process on data distributed via a satellite communication path using an encryption key, and performs a process for encrypting the encrypted data. A data encryption step of adding distribution destination information, and a process of scrambling video / audio information with respect to the data encrypted using the encryption key and the distribution destination information added to the encrypted data. It has a scramble processing step of performing scramble processing by the same processing, and a data transmission step of transmitting various data subjected to scramble processing to the satellite communication path.

According to this data transmission method, in a data encryption step, data to be distributed via a satellite communication path is encrypted using an encryption key, and distribution destination information of the encrypted data is added to the data to be scrambled. Depending on the processing step,
The data and information are subjected to a scrambling process used for scrambling the video and audio information, and the scrambled data is transmitted on the satellite communication path in a data transmission step.

On the data receiving side to which data is distributed by this data transmission method, encrypted information is extracted from the scrambled and transmitted signal based on the destination information, and the extracted encrypted information is extracted. Decrypted data using the encryption key.

[0021]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, embodiments of a data receiving apparatus according to the present invention will be described in detail with reference to the drawings. This embodiment is applied to a data receiving apparatus capable of receiving data distributed together with a television broadcast in a so-called broadcast-type data transmission system that performs television broadcast or the like using a communication satellite. It is.

As shown in FIG. 1, the data transmission system includes an information provider 2 for providing data to be delivered to a contractor 4 in the data transmission system 1 and an information provider 2
Service provider 3 that is a transmission path provider that transmits data provided by the service provider 3 to a predetermined contractor 4, and each contractor to whom data is distributed from the service manager 3 according to a contract between the service manager 3 and the service provider 3. 4A, 4B, ..., 4
N, a data receiving apparatus 10, a communication satellite 5 used for transferring data from the service management company 3 to the contractor 4, and a wired communication path 1 such as a public telephone line and a dedicated line.
0 and the Internet 7 for providing various information. The data transmission system 1 having such a configuration has, for example, a system configuration basically similar to that of the current CS digital satellite broadcasting.

In the data transmission system 1 configured as described above, the contractors 4A, 4B,.
A service of distributing requested information via the communication satellite 5 on the Internet or the like is received.

The information provider 2 provides various data to a contractor 4 who has concluded a contract.
A plurality of information providers 2a, 2b holding various information,
.., 2z. This information provider 2
a, 2b,..., 2z are contractors 4A, 4B,.
・ The information requested by 4N is provided by the service management company 3
The information is distributed to the contractor 4 who has requested the information.

The Internet 7 provides various information via a communication line such as a so-called public telephone line, and the contractors 4A, 4B,... Is an information providing service that can be accessed according to a contract. For example, newspaper information, magazine information, music information, shopping information, Internet WWW (World Wide Web) information, etc. are provided to the subscribers 4A, 4B,.
A, 4B,..., 4N can browse and operate various information on the Internet with a computer or the like.

The service management company 3 collects various information handled and transmitted by the information providers 2a, 2b,..., 2z, and sends the information to the contractor 7 via the communication satellite 5 or the wired communication path 6. Has been delivered. The service management company 3 has a transmission antenna 12 to transmit data to the communication satellite 5. The above communication satellite 5
, The service management company 3 can distribute a large amount of data in one direction, for example, 30
Data transfer by high-speed data transfer of Mpps is enabled. On the other hand, the service management company 3
, 4N, the contractors 4A, 4B,.
Although data can be transmitted and received in both directions, the data transfer is smaller than that using the communication satellite 5.

Here, when the service management company 3 distributes the collected various information to the subscribers 4A, 4B,..., 4N via the communication satellite 5, the service operation company 3 uses the satellite communication path 5. Is not a free format of the service management company 3,
It employs a format similar to that used for satellite television broadcasting. For example, the service management company 3 converts the information into a format that conforms to a standard such as the current DVB (Digital Video Broadcasting) standard adopted for satellite broadcasting operated in Europe, Japan, and the like. Various information collected from the communication satellite 2 and the like is transmitted to the communication satellite 5. The above contractors 4A, 4B, ..., 4N
Has a data receiving device built in the computer 13. For example, each contractor 4A, 4B,.
Receives the provision of the data receiving device when the service management company 3 is contracted.

As shown in FIG. 2, the data receiving apparatus according to the embodiment of the present invention includes a receiving antenna 8 for receiving a signal transmitted on satellite communication,
And a signal processing unit 9 for processing the received signal. The data receiving apparatus 10 can receive not only video and audio services targeted for distribution in current BS television broadcasting, CS television broadcasting, and the like, but also information that can be handled by the computer 13. It is configured to be. The data receiving device 10 is, for example, configured as a board type built in a computer that is currently widely used, and is configured such that a coaxial cable 31 from a receiving antenna 8 is connected to a signal processing unit 9 built in the computer 13. It has a structure.

In the data transmission system 1 having such a configuration, as described above, the contractor 4 operates the WWW of the Internet 7 by the service operating company 3.
Information can be browsed, whereby the contractors 4A, 4B,..., 4N receive interactive services such as requesting distribution of various information existing on the Internet 7. Can be. That is, the data transmission system 1 is a system configured to enable the above-mentioned interactive service in addition to the use of the communication satellite 5 other than the current BS television broadcast or CS television broadcast. This allows the contractor 4 to browse the Internet 10 and obtain desired information via the communication satellite 5 when there is desired information.

For example, when trying to obtain information requested by an individual using the communication satellite 5 in this way, security management is naturally required as in the case of the wired communication path 6. In other words, in the two-way manner between the information provider and the information receiver (contractor) as in the case of the wired communication path 6, the information to be transmitted / received cannot be acquired or meaningless by other persons. Confidentiality management is required to ensure that the information is secure.

That is, as described above, if data is to be distributed using the communication satellite 5, for example, at a certain time on the communication satellite path, the subscriber 4 A, such as the current BS television broadcast, is placed. , 4B,..., 4N, as well as information only for one of the contractors, for example, contractor 4A, is transmitted. Even in such a case, the BS television broadcast from the communication satellite 5 is transmitted to the subscribers 4A, 4B,.
・ Requires confidentiality management so that all 4N users can receive information, while only certain contractors (individuals or organizations) can receive information provided by the information provider to which they have contracted. You. That is, with regard to the above-mentioned BS television broadcasting, while all of the subscribers 4A, 4B,..., 4N can receive the information, only the subscriber 4A transmits the information requested by the subscriber 4A. Information obtained as meaningful information, and a contractor 4 that is another contractor who does not request any such information.
B,..., 4N are required to receive the delivered information as meaningless signals and to perform confidentiality management that cannot be permanently obtained as meaningful information.

The information retrieval performed by the request from the contractor 4 is as follows. That is,
The subscribers 4A, 4B,..., 4N browse the WWW information on the Internet 7 at any given time, and if there is desired information in the information and the information is desired, the data receiving device From a computer with a built-in 10 via a wired communication path 6 by a modem, Ethernet, or the like,
An information request command is transmitted to the service management company 3. The service management company 3 receiving the request for the specific information from the specific contractor 4 accesses the Internet 7 or accesses the information provider 2 depending on the type of the information and transmits the information of the specific request from the contractor 4. obtain. Then, the service management company 3 performs data transmission to the communication satellite 5 by converting the obtained specific information into a form that only the contractor can receive.

As described above, the distribution to the subscriber 4 via the communication satellite 5 is performed by the BS television broadcast and the request as in the related art. Next, a data creation operation based on a predetermined data format for launching on a satellite communication path in the data transmission system 1 will be described.
This will be described with reference to FIG. In this example, the data creation operation will be described in five stages. Note that the data format is
This will be described as a DVB (Digital Video Broadcasting) standard.

First, as data operation <1>, information 21 ₁ ,..., 21 _n ,.
_{n + m} is the service management company 3 in the form of so-called raw data
Will be delivered to Here, information 21 ₁ ,..., 21 _n distributed from the information provider 2 to the service management company 3.
, 21 _{n + m} are, as described above, contractors 4A, 4B,
.., 4N, or information requested by one contractor. That is, as described above, for example, the video information of the BS television broadcast for the subscribers 4A, 4B,..., 4N or the information requested by the one subscriber to the Internet. And
The service management company 3 obtains, from the information provider 2 or the Internet 7, information to be delivered to each contractor as additional information, thereby obtaining the information 21 received from the information provider 2.
_{1, ···, 21 n, ···} , it is possible to know whether the information destined for any contractor 21 _{n + m.} For example, the above-mentioned various information is distributed to the service management company 3 by standardizing it with an IP (Internet Protocol). That is, the information 21 ₁ ,..., 21 _{n ,.}
Is stored, and the header portion of the IP packet (hereinafter referred to as IP
It is called the header part. ), Address information is stored in each contractor to whom the information is to be distributed. For example, in the IP header section, as shown in FIG. 4, a destination address is stored in an IP address 74, and a source address is stored in an IP address 73.

Next, as data operation <2>, information 21 ₁ ,..., 21 _n,.
.., 21 _{n + m} is a MAC (Media Access Control) defined as a data format on a satellite communication path.
ol) Convert to frame. Here, by forming the MAC frame, data transmission control on the communication satellite path is possible. The MAC framing, the information 21 ₁ as a transmission _{target, ···, 21 n, ···,} 21 n + m is stored in the data packet P _D, the data packet P _D
Is added with a MAC header H _MAC in which transmission control information is stored.

Here, the above information is, as described above,
The destination is determined in advance.
₁ is information requested by the contractor 4A, and the above information 21 _n
Is the information requested by all the subscribers 4A, 4B,..., 4N, and the information 21 _{n + m} is information for the subscriber 4B. Then, the data packet P _D is now, the encryption process is performed by the encryption key. That is, the information 21 ₁ ,..., 21 _n ,.
_{n + m} is encrypted. The encryption process using an encryption key refers to encrypting predetermined information using an encryption key. Then, the information encrypted by the encryption key is released by the decryption key corresponding to the encryption key and can be read. Here, the decryption key is held by each contractor by the data receiving device 10.

That is, the service management company 3 holds the encryption key possessed only by each contractor, and transmits the information to be distributed only to the predetermined contractor distributed from the information provider 2 to the contract requesting the distribution. Encryption using an encryption key corresponding to the decryption key held by the user. The information 21 ₁ for subscribers 4A performs an encryption process using the encryption key corresponding to the decryption key contractor 4A holds, also, all the subscribers 4A, 4B, · · ·, 4N The above information 21 _n for
The encryption processing is performed using the encryption key corresponding to the decryption key held by all of the contractors 4A, 4B,..., 4N, and the information 21 _{n + m} for the contractor 4B is Contractor 4
The encryption process is performed using the encryption key corresponding to the decryption key of B.

As described above, by using different encryption keys according to the contractor who has requested the information, the decryption keys held by the respective contractors are different from each other. The information encrypted by the encryption key and distributed cannot be decrypted by the decryption key held by another contractor. Note that the decryption key of each contractor is transmitted from the service management company 3. For example, security is achieved by periodically performing the transmission.

The MAC header H _MAC stores an address indicating a destination of a contractor to whom the information is to be transmitted, and a control code indicating whether or not the information is encrypted. The MAC header H _MAC is a portion that is not subjected to the encryption process using the encryption key, and each of the data receiving devices 10 on the receiving side refers to the MAC header H _MAC without the necessity of decryption using the decryption key. Therefore, it is determined whether the data is addressed to itself. For example, as shown in FIG. 5, the MAC header 70 has an 8-bit SSID.
(Server System ID) and 24-bit UDB (User D
epend Block) 1 and UDB 2 of 32 bits, for a total of 64 bits. In particular, the UD of the MAC header 70
In B2, an IP address of a distribution destination similar to the transmission destination IP address written in the IP header is written. By using the IP address of the distribution destination stored in the MAC header 70, the receiving side can know whether or not the data packet is addressed to itself by simply reading it out by hardware.

As the data operation <3>, the MAC frame generated by the data operation <2> is
MPEG2 (Moving Pic) for distribution over satellite channels
tureExperts Group Phase 2) Data streaming is performed according to the standard. By the streaming according to the MPEG2 standard, the MAC frames 23 ₁ ,..., 23 _n,.
.., 23 _{n + m} are added with an MPEG2 header H _MPEG and a footer F.

Here, the MPEG2 stream 23 ₁ ,.
.., 23 _{n + m} are data streams defined by a data format called, for example, a private section (Private Section), and a standard format is defined by MPEG2. The MPEG2 header H _MPEG stores control information such as the vendor ID of the service management company 3 and the length of one MPEG2 stream. The footer F is a control code for knowing whether or not information has been normally delivered without any loss of some bits on the satellite communication path on the receiving side, and is, for example, a CRC (Cyclic Redundancy Chunk).
eck). By adding this CRC code, the receiving side performs a CRC calculation on the received MPEG2 stream from the beginning,
Only when the calculation result up to the end of the stream matches the value of the added footer F, the received MPEG
It becomes possible to recognize that two streams have been successfully received.

Then, as the data operation <4>, the respective MPEG2 streams 23 ₁ ,..., 23 _n ,..., 23 _{n + m} generated by the data operation <3> are distributed on the satellite communication path. In accordance with the above DVB rules, M
A TS packet (transport stream packet) is formed by PEG2.

By the above TS packetization, each MPEG2
Stream _{23 1, ···, 23 n,} ···, 23
_{n + m} is divided into TS packets _PTS and stored as a plurality of payload data portions, and a 4-byte TS header _HTS is added to each TS packet _PTS .

Here, the packets 24 ₁ , 24 ₂ , 24 composed of the TS packet P _TS and the TS header H _{TS are} described.
_{3 MPE, ···, 24 K-} 2, 24 K1, 24 K1 is configured as a fixed-length 88-byte, here, it is stored
Since the G2 stream is large, it is a plurality of TS packets.

The above is TS header H _TS, and control data for subsequent after the header data is stored, specifically, control data or contract data following after the header has been delivered from the service management company 3 A code indicating the identification of the information requested by the user 4, or its TS packet P
A control code indicating whether the _TS is divided into the beginning or the middle of the divided MPEG2 stream is stored. As described above, the identification of whether or not the control data is distributed from the service operating company 3 by the TS header _{HTS is} performed by the service operating company 3 transmitting the control data to the data receiving apparatus 10 receiving the data. This is because they may be sent.

Then, in data operation 5, the packets 24 ₁ , 24 ₂ , 24 ₃ ,
.., 24 _K-2 , 24 _K-1 , and 24 _K are modulations required for distribution on a satellite communication path, for example, QPSK (Quadrutu
re PSK) Modulated and scrambled packets 25
₁ , 25 ₂ , 25 ₃ ,..., 25 _K-2 , 25 _K-1 , 25 _K are transmitted to the communication satellite 5.

As described above, in the data transmission system 1, the data creation operation based on the predetermined data format is performed, and the data transmission to the communication satellite 5 is performed.

Next, processing on the data receiving device 10 side of data generated as described above and transmitted on the satellite communication path by the communication satellite 5 will be described.

As shown in FIG. 2, the data receiving apparatus 10 includes a receiving antenna 8 and a coaxial cable 31 which constitute receiving means for receiving signal data distributed via the communication satellite 5, and the receiving means. A satellite data capture device 32 having a descrambling function for extracting a digital signal by descrambling according to the scrambling process applied to the signal data, a data acquisition function for extracting predetermined data from the digital signal, A data decryption device 33 having a decryption function of decrypting digital data acquired by the acquisition function with an encryption key and a decryption key management function of managing the decryption key; and an output unit for outputting data decrypted by the data decryption device to the outside. And a reception data output I / F device 35 to be configured. Here, the signal processing unit 9 is constituted by the satellite data acquisition device 32, the data decoding processing device 33, the data input device 38, the reception data output I / F device 35, and the overall control device 34.

Further, the data receiving device 10 outputs the data received from the general-purpose satellite broadcast receiving terminal 39.
A data input device 38 serving as an interface with the
Overall control device 3 for controlling the entire data receiving device 10
4 is provided.

The data receiving device 10 is connected to a computer internal bus 36, and transmits and receives various data to and from the computer internal CPU 37 via the computer internal bus 36.

Here, the general-purpose satellite broadcast receiving terminal 39 connected to the data receiving apparatus 10 is, for example, a BS television broadcast receiving terminal as described above.

Hereinafter, each unit constituting the data receiving apparatus 10 will be described.

The receiving antenna 30 constitutes a receiving means for taking the data on the satellite communication path into the data receiving device 10. The data received by the receiving antenna 30 is input to the main body of the data receiving device 10 via the coaxial cable 31. Here, the input data is IF signal data, and the IF signal data is the same as the data distributed to each contractor, ie,
All information other than the information requested by the contractor who has received the IF signal data is also included. For example, the IF signal data is control information for a data receiving terminal or information addressed to another contractor.

The satellite data capturing device 32 converts the input IF signal data into TTL (Time to Liv) data.
e) a device for converting digital data into levels,
It is configured to perform minimum processing essential for digital satellite broadcast reception, such as D conversion and signal synchronization. The satellite data capturing device 32 performs descrambling processing on the input data, and
Rebuild the MPEG2 stream from the packet P _TS, M
It is output as digital data in the form of a PEG2 stream. The MPEG2 stream output from the data capturing device 32 is input to the data decoding device 33.

The data decoding device 33 receives the input MPE
It is configured to perform decoding processing on the G2 stream. The data decoding device 33 compares the MAC address (destination address) in the MPEG2 stream with the MAC address specified by the general control device 34, and the comparison result matches, and the stream is encrypted. In this case, decoding processing is performed on the MPEG2 stream. On the other hand, the data decoding device 33
If there is no match with the MAC address in the MPEG2 stream just received, the received M
Discard the PEG2 stream. This data decoding device 3
Reference numeral 3 performs decryption processing of data encrypted in real time, thereby realizing high-speed decryption of a large amount of data.

The MPEG2 stream decoded by the data decoding device 33 has the MPEG
When the two headers H _MPEG and the MAC header H _MAC are removed, they are output to the reception data output I / F device 35.

The reception data output I / F device 35 is configured as an interface between the data reception device 10 and the computer 13. This received data output I
The / F device 35 outputs the successfully decoded data packet to the computer internal bus 36. Note that the reception data output I / F device 35 has logic for keeping the protocol of the computer internal bus 36 in which the data reception device 10 is built.

The overall control device 34 is configured to monitor and manage the entire data receiving device 10.
For example, specifically, a control command from an application of the computer 13 to which the data receiving device 10 is connected and data for controlling the data receiving device 10 included in the received data are interpreted, and the data receiving device 10 is interpreted. 10 to monitor and manage the entire system.

The general-purpose satellite broadcast receiving terminal 39 is, for example, a receiving terminal for satellite television broadcasting.
It is used for existing BS television broadcasting and CS television broadcasting. As described above, the service management company 3 transmits various information distributed from the information provider 2 together with the BS television broadcast and the like as processed data on a satellite communication path. , The BS television broadcast and data transmitted together with the BS television broadcast are also inputted.

The data receiving apparatus 10 has a connection I / F (not shown) as an interface with the general-purpose satellite broadcast receiving terminal 39, whereby data can be input from the general-purpose satellite broadcast receiving terminal 39 connected thereto. It is possible.

As described above, the general-purpose satellite broadcast receiving terminal 3
9 has the connection I / F as an interface with the reception antenna 8.
Even if it does not have such a function, it is possible to input data from the general-purpose satellite broadcast receiving terminal 39, and it is possible to have versatility in the future. In this case, as described above, there is no data output from the satellite data acquisition device 32 to the data decoding device 33, and the data input device 38
Is input to the data decoding device 33 from

The data receiving apparatus 10 is configured in detail as shown in FIG. Processing of data received using the data receiving apparatus 10 shown in FIG. 6 will be described in detail. Here, the contractor 4A
Will be described.

The received IF signal data 101 received by the receiving antenna 8 is based on information 21 requested by the contractor 4.
_1, ..., consists 21 _n, ..., and 21 n + _m, other data, for example, the data constituting the above BS television broadcasting, for example, Ya control information of the data receiving apparatus 10 , Data including information addressed to other contractors. Here, as shown in the data operation <6> shown in FIG. 7, the IF signal data is composed of scrambled packets 25 ₁ , 25 ₂ , 25 ₃ ,..., 25 _K-2 , 2
_5K-1 and _25K .

The IF signal data 101 is subjected to the minimum necessary processing for digital satellite broadcast reception, such as AD conversion and signal synchronization descrambling, by the satellite data capturing device 34. It is output as a TS packet 102 and input to the MPEG2 stream recovery device 51. That is, here
As shown in FIG. 7, as data operation <7>, packets 24 ₁ , 24 ₂ , 24 ₃ ,..., 24 _K−2 , 2
4 perform _K-1, 24 _K scrambling process.

The above MPEG2 stream recovery device 51
Is configured to perform a recovery operation on an MPEG2 stream divided as TS packets 102 on the transmission side. The recovery work of the MPEG2 stream performed by the MPEG2 stream recovery device 51 is performed by using the TS packet 1
By referring to the beginning control code in the TS header H _TS of 02 detects the beginning of the MPEG2 stream is divided, and generates a single MPEG2 stream 103. That is, as shown in FIG. 7, as the data operation <8>, the MPEG2 stream 23 ₁ ,.
, 23 _n ,..., 23 _{n + m} are generated. This MPEG
MPEG2 recovered by the two-stream recovery device 51
The stream 103 is an MPEG2 stream inspection device 5
2 is input.

The MPEG2 stream inspection device 52
The PEG2 stream 102 is configured to perform two operations, namely, an operation of checking whether noise on the satellite communication path is generated on the satellite communication path, and a filtering (sorting) operation of the MPEG2 stream 102.

The inspection of the occurrence of noise on the satellite communication path performed by the MPEG2 stream inspection device 52 is performed by the MPE.
This is performed using the CRC value attached to the footer F of the G2 stream 103. That is, the MPEG2 stream inspection device 52 outputs the input MPEG2 stream 1
03 is calculated from the beginning to the end of MPEG3, and the CRC value calculated up to the end is compared with the CRC value attached to the footer F of the MPEG2 stream 103 on the transmission side. Only when there is a packet, it is determined that the packet has been transmitted without error. Here, the MPEG2 stream 104 subjected to the determination processing is sent to the MPEG2 stream discarding device 53. Here, the CRC calculation is based on the input MP
Since the processing is performed until the end of the EG2 stream 103, the data is stored in the data temporary storage device 54 until the determination is determined.

The MPEG2 stream discarding device 53
The discard processing is performed on the MPEG-2 stream in which the calculation error has occurred due to the RC. Specifically, the stream discard command 106 sent from the MPEG2 stream inspection device 52 discards the MPEG2 stream corresponding to the stream discard command 106. Then, the fact that there is an MPEG2 stream discarded due to a CRC calculation error is reported to the general control device 34 as discarding.

The MPEG2 stream inspection device 52
The filtering of the MPEG2 stream performed by the
It examines whether the PEG2 stream 103 is the information requested by the contractor 4A who is the owner of the data receiving apparatus 10 and, if necessary, the subsequent MPEG2 stream discarding apparatus 5
3, and the processing of discarding the MPEG2 stream 103 is performed on the spot if unnecessary.

More specifically, the MPEG2 stream inspection device 52 determines the destination address stored in the MAC header H _MAC in the MAC frame in the MPEG2 stream and the data receiving device 10 itself set by the general control device 34. Compares with the address held at that time and outputs the MPEG2 stream to the MPEG2 stream discarding device 53 only when it is determined that the stream is the MPEG2 stream to be received. Usually, there are several kinds of addresses at the same time, and the MPEG2 stream destined for other addresses is discarded by the MPEG2 stream inspection device 52.

Therefore, the MPEG2 stream that has not been discarded by the above two operations performed by the MPEG2 stream inspection device 52 is data that has been normally transmitted to itself without error, that is, the stream to be received by itself. It is. The own address set by the overall control device 34 may change with time.

As described above, an unencrypted MAC
By confirming the destination address stored in the header H _MAC , the information to which the MAC header H _MAC is added can be transmitted to itself without using unnecessary processing such as decoding. It can be instantaneously determined whether or not. This allows subsequent incoming MPEG2 streams to be processed without delay.

The MPEG2 stream inspection device 52
Is output to the data temporary storage device 54 as data of the MPEG2 stream 104 obtained by removing the header H _MPEG and the footer F from the input MPEG2 stream 103. That is, as shown in FIG. 2, as the data operation 9, the MPEG2 streams 22 ₁ ,.
2 _n ,..., 22 _{n + m} are output to the data temporary storage device 5.

The MPEG2 stream 107 without footer F output from the temporary data storage device 54 and passed through the MPEG2 stream discarding device 53 without being discarded is input to the decryption key searching device 55.

The decryption key search device 55 receives the input M
It is configured to search for an encryption key for the PEG2 stream 107. Specifically, the decryption key search device 55
Searches for and sets a decryption key necessary for decryption in real time for each data packet (block) by looking at the header information at the head of the encrypted data for the user. That is, the decryption key search device 55 looks at the control bit in the MAC header H _MAC in the MPEG2 stream 107 indicating whether or not encryption has been applied, and checks the MPE that has just been input.
Information 21 ₁ ,..., 21 _n , in the G2 stream 107
,..., 21 _{n + m} are subjected to encryption processing, and based on this, a search for a decryption key in the decryption key storage unit 56 is performed.

Here, when it is confirmed that the encryption processing has not been performed, an instruction not to decrypt the decryption device 58 at the subsequent stage is sent together with the MPE not subjected to the encryption processing.
The G2 stream is output from the decryption key search device 55.
The MPEG2 stream output to the decoding device 58 is obtained by removing the MPEG2 header H _MPEG and the MAC header H _MAC that have been added so far, and leaving the information 21 ₁ ,..., 21 _n,. ... are output as data packets P _D of 21 _{n + m.} That is, as shown in the data operation 10 shown in FIG. 2, the information 21 ₁ ,.
, 21 _n ,..., 21 _{n + m} are output as data packets.

When it is confirmed that the encryption process has been performed, the decryption key search device 55 stores the decryption key in the decryption key storage 56 based on the destination address in the MAC header H _MAC in the MPEG2 stream 107. Instruction 10 for requesting decryption key
Give 9

The decryption key storage unit 56 stores a decryption key for decrypting data permitted to be received by a contractor holding the data receiving device 10 at a certain time. The decryption key storage unit 56 is configured by, for example, a memory.

The decryption key storage unit 56 can store a plurality of decryption keys, and these decryption keys are managed by the overall control device 56. The decryption key storage unit 56 uses the decryption key request instruction 109 to
The corresponding decryption key is output to the decryption key search device 55. For example, the decryption key storage unit 56 includes at least a session key that may be changed at any time and a master key that is permanently stored.

Here, the session key is a decryption key transmitted from a specific service operating company for decrypting information, and is usually used for each day, every hour, every file,
It is supposed to change sequentially for each service. Also,
The master key is, for example, a decryption key unique to the data receiving device, and is used, for example, to decrypt the session key. Therefore, in such a case, the session key is first decrypted with the master key, and then the encrypted information is decrypted with the session key. By doing so, confidentiality of information can be improved.

The decryption key stored in the decryption key storage unit 56 is set by the key setting unit 57. For example, the key setting unit 57 stores the distributed decryption key in the decryption key storage unit 56.
And a decryption key can be set in the decryption key storage unit 56. For example, the key setting unit 57 sends the distributed decryption key from the internal bus 36 of the computer.
It can be obtained via the reception data output I / F device 35 and under the control of the overall control device 34, the decryption key storage 56
Set to. For example, the decryption key storage unit 5
The decryption key set to 6 is the session key.
Further, the key setting unit 57 can set a key in the decryption key storage unit 56 based on an ID or the like input at the time of factory shipment. For example, the decryption key set to factory shipment in this way is used as at least a part of the master key.

The decryption key search device 55 outputs to the decryption device 58 the decryption key sent to and received from the decryption key storage unit 54 and the MPEG2 stream 108 for which the encryption processing is to be canceled by the decryption key. The MPEG2 stream output from the decryption key retrieval device 55 has the MPEG2 header H _MPEG and the MAC header H _MAC that have been added so far removed, and the information 21 ₁ ,.
1 _n ,..., 21 _{n + m} , that is, the data packet P _D
And input to the decoding device 58.

[0084] In the case where a decryption key for decrypting the data packet P _D to the decryption key retrieval device 55 is a MPEG2 stream received is not present in the decryption key storage unit 56, the decryption key retrieval device 55 , Its MPEG2
Since it is impossible to decode the stream, the MPEG2 stream is discarded. If the MPEG2 stream is discarded because the decryption key is not held in this way, the general control device 3
Report to 4.

[0085] decoder 58, decoded by the decoding key received from the key retrieval device 55, the decoding of the data packet P _D input together with the decryption key, that is, configured so as to release the encryption process. That is, the decryption device 5
8 is a data packet P encrypted by the decryption key
Performs decoding on _D, thereby, as shown in the data manipulation of the 7 <10>, can be obtained only subscribers 4A and transferred information 21 ₁ and the information 21 has _n for all subscribers .

As described above, the decryption key search device 5
5 also outputs an unencrypted data packet to the decryption device 58. Therefore, the decryption device 58
When such a data packet is input, there is no need to perform decryption using a decryption key. Output to

The decryption device 58 has a capability of receiving and processing a decryption key update input for each input data packet. Thereby, even if a certain contractor 4 holds a plurality of decryption keys at the same time, it is possible to cope with it. In addition, in response to a command from the decryption key search device 55, the decryption device 58 can switch various initial values and a plurality of encryption modes for each data packet.

The decoding device 58 outputs the data packet 111 for which decoding has been completed or the data packet 111 which does not need to be decoded to the post-decoding processing unit / packet discarding device 59 in the subsequent stage.

As described above, by configuring the decryption key storage unit 56, the decryption key search device 55 and the decryption device 58 as hardware for decrypting the encrypted information, the encryption is performed in real time. It is possible to realize a decoding process of the obtained information.

The post-decoding processing unit / packet discarding device 59
It is checked whether or not the data packet 111 has been correctly decoded by the decoding device 58. Note that the data packet 111
Is an IP packet used as a general-purpose Internet packet, and is a post-decoding processing unit / packet discarding device 59
Checks whether or not decoding was successful, and calculates the header checksum in the header of the IP packet.
This is performed mainly using the code inside the P packet.

Here, if it is confirmed that the decoding has been performed normally, the post-decoding processing unit / packet discarding device 59 is used.
Outputs only the data packet 112 to the subsequent data temporary storage device 60. When it is confirmed that the decoding has not been performed normally, the post-decoding processing unit / packet discarding device 59 discards the data packet and reports the fact to the overall control device 34.

The data packet 112 stored in the temporary data storage device 60 is transmitted to the computer internal bus 3 via the reception data output I / F device 35.
6 is input.

The data receiving apparatus 10 shown in FIG.
The data input device 38 of the general-purpose satellite broadcast receiving terminal connection I / F 61 and the general-purpose satellite broadcast reception terminal connection I / F shown in FIG.
62. Here, the general-purpose satellite broadcast receiving terminal connection I / F 61 is a digital data interface based on so-called TTL, and the general-purpose satellite broadcast receiving terminal connection I / F 62 is a so-called IEEE 139.
4 is an interface standardized by I.4.

Then, the general-purpose satellite broadcast receiving terminal connection I / F
The general-purpose satellite broadcast receiving terminal connection I / F 62 and the general-purpose satellite broadcast receiving terminal connection I / F 62 are configured not to operate simultaneously with the satellite data acquisition device 32. As a result, data is received by the satellite data acquisition device 32 via the reception antenna 30.
Alternatively, the data is received by the data receiving apparatus 10 by one of the general-purpose satellite broadcast receiving terminal connection I / F 61 and the general-purpose satellite broadcast reception terminal connection I / F 62. That is, while data is being captured by the satellite data capturing device 32, the general-purpose satellite broadcast receiving terminal connection I / Fs 61, 61 do not operate, and vice versa. For example, as shown in FIG. 8, when satellite television broadcasting is received by the receiving antenna 70 and input to the general-purpose satellite broadcasting receiving terminal 39 via the coaxial cable 71, the satellite data capturing device 32 does not operate. become.

The general-purpose satellite broadcast receiving terminal 39 is a receiving terminal that can receive digital satellite broadcasts such as multi-channel BS television broadcasts.
It is. And, as described above, the service operating company 3
Is configured to be able to receive information transmitted from the.

By the way, as described above, the service operating company 3 that distributes various data using the communication satellite 5 is completely different from the service operating company even if it exists elsewhere. Rather, they are unified. This means that the user
This suggests that information distribution from a plurality of service management companies 3 can be received by one general-purpose satellite broadcast receiving terminal 39 such as the IRD. Therefore, the general-purpose satellite broadcast receiving terminal 39 enables the data receiving apparatus 10 to have a configuration capable of receiving data of a plurality of different destinations. In response to such a case, for example, data input to the general-purpose satellite broadcast receiving terminal 39 is modified in the general-purpose satellite broadcast receiving terminal 39 to perform some kind of data processing, such as processing a primary charge using an IC card. It is also conceivable that a data distribution form that the user wants to input to the data receiving apparatus 10 will appear later.

The above general-purpose satellite broadcast receiving terminal connection I / F 6
1 and 62 are to solve such a situation, that is, the data receiving apparatus 10 can be implemented in any form by configuring the general-purpose satellite broadcast receiving terminal connection I / Fs 61 and 62 as versatile interfaces. Can receive the data distributed. This makes it possible for different service operating companies to coexist with general satellite broadcasting and satellite data broadcasting / communication services. It should be noted that the number of the data receiving apparatuses 10 is not limited to the two types of general-purpose satellite broadcast receiving terminal connection I / Fs 61 and 62 as described above, and the number and the protocol of the interface are appropriately determined.

The overall control device 34 mainly has the following functions in addition to the above-described control.

The overall control unit 34 is provided with the data receiving device 10
It has a function to reset and initialize the whole.

The general control unit 34 has a function of monitoring the state of the entire data receiving apparatus 10 and reporting the information to an application in the computer.

Further, the overall control unit 34 is adapted to use MPEG2
It issues a MAC address control command to the stream checking device 52.

The overall control device 34 has a function of setting a decryption key in the decryption key storage unit 56 by a set command.

The general control unit 34 has a function of receiving a packet discard report from each unit and reporting the discard to an application in the computer.

Further, the overall control device 34 is configured so as to centrally manage all other operations in the data receiving device 10.

As described above, the data receiving apparatus 10 is configured. In the data receiving device 10, the components constituting the signal processing device 9 are formed on one substrate. Thereby, the data receiving apparatus 10 can efficiently execute each function with the same hardware by the function of switching in real time.

As described above, the process of the data receiving device 10 receiving the data distributed by the communication satellite 5 extracting only predetermined information from the received data will be described with reference to FIG. Can be explained as follows.

Basically, the flow of data processing described here is the reverse of the processing procedure described above as data operation <1> to data operation <5> with reference to FIG. However, what should be noted in the data operation on the receiving side is that data may be lost in each block configuring the data receiving apparatus 10 as the data operation <6> proceeds to the data operation <10>. That is. That is, data that has nothing to do with a predetermined contractor, here, for example, the contractor 4A, is discarded.

That is, for example, the subscriber 4A discards data from the received data signals on all satellite communication paths one after another for various reasons by the data receiving device 10 of the subscriber 4A, and finally, Only “information that can be received normally and that should be received only by contractor A” is received in a meaningful form for contractor 4A. Specifically, among all the information on the satellite communication path received by the subscriber 4A, the following plural cases can be considered as data that may be discarded.

In data operation <6>, if noise is present on the satellite communication path and the received data cannot be demodulated normally, the stream is discarded.

In the data operation <7>, T
Only the information requested by a certain contractor is fetched by the identification bit indicating whether it is control data or information in the S header _HTS , and the control data is discarded. In this case, it can be said that the control data is often discarded after being taken in as an instruction to a certain function, rather than being discarded.

Further, as the data operation <8>, MP
If the CRC calculation result of each stream in the MPEG2 footer F of the EG2 stream is different, the MPEG2 stream is discarded as it is. For example, it is considered that the cause of the discarding here is due to noise on the satellite communication path.

In the data operation <9>, since the information is addressed to another subscriber, the packet or stream is not included in the MAC header H _MAC in the MAC frame because there is no destination addressed to itself. Is discarded. Alternatively, the data receiving device is a MAC frame addressed to itself, but does not have a decryption key necessary for decryption due to a reason that the system is not operating normally or there is a key to be decrypted. The packet or the stream is discarded because decoding may fail due to a failure of the decoding device or a peripheral device therein. Thus, the packets that can be discarded in the data operation 9 are the largest.

The data receiving device 10 receives the data from the communication satellite 5, and the decryption key storage / retrieval device 55 instantaneously searches the stored decryption key for the received data which can be changed instantaneously. Has multiple blocks at the same time, such as decoding received data in real time and at high speed, and receiving data output I / F device 35 outputting data at high speed to the outside, so that one user wants to receive only the user himself / herself. Alternatively, it is possible for a certain user to simultaneously receive a large amount of various kinds of satellite reception data with high confidentiality, which the sender wants to distribute only to a specific user, in real time. Furthermore, the data receiving apparatus 10 has general-purpose satellite broadcast receiving terminal connection I / Fs 61 and 62 serving as general-purpose data input interface units in addition to the above-described features, thereby providing flexibility to various current and future satellite broadcast services. Response is possible.

[0114]

According to the data receiving apparatus of the present invention, the scrambled signal data received by the receiving means via the satellite communication path is subjected to the descrambling processing by the descrambling means, and is extracted as digital data. Then, predetermined data can be extracted from the digital data by the data acquisition means. Then, the data receiving device can decrypt the encrypted data acquired by the data acquiring device using the encryption key by the decrypting device, and output the decrypted data to the outside by the output device. it can.

Thus, the data receiving apparatus receives a signal that has been scrambled and transmitted in a data transmission system using a communication satellite for multi-channel and large-capacity data transfer, and receives the scrambled signal. Signal can be descrambled, and only information distributed to only the data receiving device can be captured as meaningful information.

In this data receiving method, the scrambled signal data received via the satellite communication path in the receiving step is subjected to a descrambling process in a descrambling step, extracted as digital data, and extracted. Thus, predetermined data can be extracted by the data acquisition step. In the data receiving method, the encrypted data obtained in the data obtaining step is decrypted by using the encryption key in the decrypting step, and the obtained data is output to the outside in the output step. it can.

According to this data receiving method, in a data transmission system using a communication satellite to transfer data in a multi-channel and large capacity, a signal transmitted after being scrambled is received, and the scrambled signal is received. Can be obtained by descrambling, and only information distributed to only the data receiving apparatus can be taken in as meaningful information.

In the data transmission method according to the present invention, in the data encryption step, data to be distributed via the satellite communication path is encrypted using an encryption key, and the destination information of the encrypted data is transmitted. In the scramble processing step, the data and information are subjected to scramble processing used for scrambling video / audio information, and the data transmission step is to transmit the scrambled data to the satellite communication path. it can.

According to this data transmission method, the data receiving side to which the data is distributed extracts encrypted information from the scrambled and transmitted signal based on the destination information. Data can be decrypted using the encryption key. Accordingly, in this data transmission method, in a data transmission system using a communication satellite for multi-channel and large-capacity data transfer, a signal transmitted after being scrambled is received, and the scrambled signal is received. Can be obtained by descrambling, and only information distributed to only a predetermined data receiving device can be taken in as meaningful information.

[Brief description of the drawings]

FIG. 1 is a diagram showing a configuration of a data transmission system including a data receiving device according to an embodiment of the present invention.

FIG. 2 is a block circuit diagram showing a configuration of the data receiving device.

FIG. 3 is a diagram used for explaining an encryption process and a scramble process performed on data to be distributed in the data transmission system.

FIG. 4 is a diagram illustrating an example of the case where data to be distributed is stored in an IP packet,
It is a figure showing a P header.

FIG. 5 is a diagram showing a MAC header that stores information of the IP header when the IP packet is converted into a MAC frame.

FIG. 6 is a block circuit diagram showing a more detailed configuration of the data receiving device.

FIG. 7 is a diagram used for explaining a descamble process and a decoding process performed on distributed data in the data transmission system.

FIG. 8 is a block circuit diagram showing a modification of the data receiving device.

[Explanation of symbols]

1 data transmission system, 30 receiving antenna, 32
Satellite data acquisition device, 33 Data decoding device, 35
Receive data output I / F device, 38 data input device

Claims (16)

[Claims] 1. A data receiving apparatus for receiving signal data distributed via a satellite communication path, comprising: receiving means for receiving signal data distributed via the satellite communication path; Descrambling means for descrambling according to the scrambling process to extract a digital signal; data acquisition means for extracting predetermined data from the digital signal; and decrypting the encrypted data acquired by the data acquisition means with an encryption key. A data receiving apparatus comprising: a decryption unit; an encryption key storage unit that stores the encryption key; and an output unit that outputs data decrypted by the decryption unit to the outside. 2. The data receiving apparatus according to claim 1, wherein the encrypted data decrypted by the encryption key is computer data transmitted to video / audio data. 3. The encrypted data is data that has been divided into a plurality of packets and distributed, and the decryption means decrypts the encrypted data for each of the packets in real time. 3. The data receiving device according to claim 2, wherein: 4. The encryption key storage unit manages a plurality of encryption keys, and the decryption unit exchanges an encryption key for each packet and decrypts the encrypted data. Claim 3
The data receiving device according to the above. 5. The data receiving apparatus according to claim 4, wherein the selection of the encryption key is set externally via a data bus. 6. The data receiving apparatus according to claim 1, wherein said data acquisition means, decoding means and output means are formed on a single board. 7. The data receiving apparatus according to claim 6, wherein said output means is connected to a data bus. 8. The method according to claim 1, wherein the decryption means discards the packet storing the encrypted data to be decrypted when there is no desired encryption key to be used for decrypting the encrypted data. The data receiving apparatus according to claim 1, wherein 9. The decrypting means decrypts the encrypted data using the same encryption key stored in the same encryption key storage as the encryption key held by the transmitting side that transmitted the encrypted data. The data receiving apparatus according to claim 8, wherein 10. The decryption key management means manages two types of keys: a session key that may be changed at any time, and a master key that is permanently managed by the decryption management means. The data receiving apparatus according to claim 1, wherein 11. The data receiving apparatus according to claim 1, wherein said decryption means is capable of changing an encryption method in real time according to a setting from a user. 12. A separate bidirectional data transmission path capable of bidirectional data transmission, separate from the satellite communication path, and the encrypted data is distributed to a distribution source via the bidirectional data transmission path. 2. The data receiving apparatus according to claim 1, comprising the requested data. 13. The data receiving apparatus according to claim 1, further comprising a general-purpose satellite video / audio broadcasting receiving terminal for receiving satellite video / audio broadcasting transmitted by the satellite communication channel. 14. A data receiving method for receiving signal data distributed via a satellite communication path, comprising: a receiving step for receiving signal data distributed via the satellite communication path; A descrambling step of descrambling a digital signal by descrambling in accordance with a scramble process; a data acquisition step of extracting predetermined data from the digital signal; A data receiving method, comprising: a decryption step of decrypting with an encryption key stored in a storage device; and an output step of outputting data decrypted in the decryption step to the outside. 15. A data transmitting apparatus for distributing scrambled video / audio information via a satellite communication path, wherein the data transmitted via the satellite communication path is encrypted using an encryption key. A data encryption step of adding destination information of the encrypted data, and the video / audio information to the data encrypted using the encryption key and the destination information added to the encrypted data. A data transmission method, comprising: a scramble processing step of performing scramble processing by the same processing as the scramble processing; and a data transmission step of transmitting the scrambled various data to the satellite communication path. 16. The data encrypted using the encryption key and distribution destination information added to the encrypted data are divided into a plurality of packets, and the packet is subjected to a scramble process by the scramble processing means. The data transmission method according to claim 15, wherein the data transmission is performed.