WO2003091862A1 - Dispositif serveur et systeme de gestion de programme - Google Patents
Dispositif serveur et systeme de gestion de programme Download PDFInfo
- Publication number
- WO2003091862A1 WO2003091862A1 PCT/JP2003/004808 JP0304808W WO03091862A1 WO 2003091862 A1 WO2003091862 A1 WO 2003091862A1 JP 0304808 W JP0304808 W JP 0304808W WO 03091862 A1 WO03091862 A1 WO 03091862A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- program
- information
- information processing
- terminal
- processing terminal
- Prior art date
Links
- 230000010365 information processing Effects 0.000 claims abstract description 253
- 238000009826 distribution Methods 0.000 claims abstract description 169
- 238000000034 method Methods 0.000 claims description 36
- 238000012795 verification Methods 0.000 claims description 12
- 230000004044 response Effects 0.000 claims 5
- 238000012545 processing Methods 0.000 abstract description 21
- 238000013500 data storage Methods 0.000 abstract description 15
- 230000006854 communication Effects 0.000 abstract description 12
- 238000004891 communication Methods 0.000 abstract description 11
- 238000010586 diagram Methods 0.000 description 30
- 230000007717 exclusion Effects 0.000 description 9
- 238000007726 management method Methods 0.000 description 5
- 230000005540 biological transmission Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000002411 adverse Effects 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000008030 elimination Effects 0.000 description 1
- 238000003379 elimination reaction Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000001681 protective effect Effects 0.000 description 1
- 238000010926 purge Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F1/00—Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/61—Installation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
Definitions
- the present invention relates to a server device that distributes a program operating on an information processing terminal, and a program management system including the server device and the information processing terminal, and more particularly to a technology for eliminating an information processing terminal that attempts to use an illegal program. . Background art
- FIG. 20 is an explanatory diagram of a method of verifying the legitimacy of a program using this electronic signature.
- the program issuer 200 0 sends the public key 2 0 0 1 to the certification authority (CA: Certification Authority) which is a third party organization that confirms the identity of the program issuance and guarantees it. After that, the Certification Authority 2 0 0 0 verifies and examines the identity of the program issuer 2 0 0 0. If the certificate authority 2 0 1 0 determines that the program issuer 2 0 0 0 can be trusted, the program issuer 2 0 0 0 public key 2 0 0 1 against the CA private key 2 0 1 2 electronically Issue a signed certificate 2 0 0 3. The certificate 2 0 0 3 contains information identifying the identity of the public key holder, and the certificate authority 2 0 1 0 guarantees the identity of the public key holder. Then, the certificate authority 2 0 1 0 sends the public key certificate 2 0 0 3 to the program issuer 2 0 0 0.
- CA Certification Authority
- the program issuer 2002 electronically signs the program distributed to the user 2 0 2 0 0 with its own private key 2 0 0 2 and the public key certificate 2 0 0 3 and the signed program Distribute 2 0 0 4
- the user 2 0 2 0 obtains the CA public key 2 0 1 1 from the certificate authority 2 0 1 0 and uses the CA public key 2 0 1 1 to sign the program issuer's public key certificate 2 0 0 3 Verify. If the signature verification is successful, the signature of the signed program 2 0 0 4 is verified using the public key 2 0 0 1 contained in the public key certificate 2 0 0 3. If this signature is correctly verified, it can be verified that the distributed program is a program distributed from program publisher 2000 and has not been tampered with.
- the electronic signature of the program issuer 200 0 is added to the program to guarantee the program's legitimacy, and the user 2 0 2 0 obtains the acquired program 2 0 2 It can be verified that 1 is legitimately distributed from Program Issuer 200 00.
- a program distribution device when distributing a program, the validity of the distribution can be judged based on the difference between the number of copies of the program and the number of permitted copies, and it is possible to physically prevent unlimited distribution from being performed.
- a distribution device is disclosed that allows the user to physically adhere to the usage contract for copying (see, for example, Japanese Examined Patent Publication No. 6-872 20).
- the program distribution device can be a program distribution device that stores the distribution destination of the information processing device for each program and distributes a program based on the number of permitted copies and the number of copies.
- a method for identifying the user is required to charge the user.
- the program or information distributed with the program may include unique information such as an ID or key assigned to each user. In this case, by assigning unique information to each user, and managing the unique information on the server device side of the program distribution source, when the user misbehaves, the user can be specified based on the unique information. It becomes possible.
- FIG. 21 is a reference diagram of a program management system between a conventional information processing terminal 2101 and server devices 2102 and 2103.
- the server device 2 0 3 for application data and the server device 2 0 2 0 for programs are shown separately.
- the information processing terminal 2101 downloads, for example, favorite music data from the server device 2102 serving as a program distribution source and acquires a playable music player program. It is assumed that the music player program includes specific information "0 1 0 1". To ensure safe distribution of the program, the communication path is encrypted using Secure Socket Layer (SSL) to prevent hacking such as eavesdropping.
- SSL Secure Socket Layer
- the music data acquisition request to which the unique information “0 1 0 1” is attached from the information processing terminal 2 0 1 Is sent to the server device 2 0 3 for the application.
- the server device 2 0 3 3 has an invalidation list (CRL: certificate revocation list) for removing an information processing terminal on which an unauthorized music player program is executed, and the information processing terminal 2 1 Since the unique information “0 1 0 1” sent according to the music data acquisition request from 0 1 is described in the CRL, the music data is sent to the information processing terminal 2 1 0 1 Do not If no unique information is described in the CRL, the requested music data is sent to the information processing terminal 2101.
- CRL certificate revocation list
- the information processing terminal 2 10 1 intended to be illegally used using the CRL is excluded. Is possible.
- the electronic signature is added to the data downloaded to the information processing terminal 2101 from the server device 2202 and the like and the information processing terminal 2201 performs signature verification.
- the information processing terminal 2201 performs signature verification.
- the program distribution device is for each program distribution request. Check the ⁇ D of the distribution destination device and distribute the program according to the number of copies permitted, and do not prevent unauthorized use of the program.
- the information processing terminal 2 may be used. Even when the server attempts to acquire data illegally and the data acquisition is excluded as an illegal terminal by the CRL of the server device 203, the information processing terminal The user can download another specific information from the server device 2102 and update the program's specific information to the new specific information, thereby avoiding the server device's elimination using CRL. There is a problem that it becomes possible to The present invention has been made in view of the above problems, and in a server device that is a program distribution source, an unauthorized information processing terminal excluded by a list using unique information can provide new unique information.
- the first object is to provide a server device that prevents acquisition and avoidance of exclusion. Another object of the present invention is to reduce the processing load on the server device in program distribution to an information processing terminal.
- the request for acquisition of new unique information from the unauthorized information processing terminal is excluded and the program in the information processing terminal is incorrect.
- the purpose is to provide a program management system that can be prevented from use. Disclosure of the invention
- a server apparatus is connected to an information processing terminal holding a terminal ID that can not be rewritten from the outside via a network, and a program operated on the information processing terminal.
- a server device that holds a table that holds a table indicating the association between a previously distributed program and a terminal ID; referring to the table, the information processing terminal transmits the terminal ID by referring to the table And determining means for determining whether the distribution of the program with respect to the accompanying program acquisition request is successful or not.
- the program distributed from the server apparatus according to the present invention to the information processing terminal includes a program main body operating on the information processing terminal and program specific information which is unique information used for the program main body.
- the determining unit determines whether the terminal ID given to the program acquisition request is recorded in the table. Of the program itself is determined to be distributed to the information processing terminal, and when the terminal ID is not described in the table, the terminal ID is associated with the program specific information. And adding to the tape, and determining that the program body and the program specific information are to be distributed to the information processing terminal.
- the server apparatus can prevent new acquisition of program specific information corresponding to a program previously distributed by the information processing terminal, and acquires new program specific information to avoid exclusion. It is possible to reliably prevent the fraudulent acts of the information processing terminal.
- a program management system is connected to an information processing terminal holding a terminal ID that can not be rewritten from the outside, and the information processing terminal via a network.
- An information processing terminal is a program management system including a server device that holds a program that operates on the information processing terminal, wherein the information processing terminal, when requesting acquisition of the program, acquires the program with the terminal ID assigned.
- a determination means for determining the propriety of distribution grams characterized Rukoto.
- the present invention can not only be realized as the above-described server apparatus, but also the program distribution using the program management system between the server apparatus and the information processing terminal or the means provided in the server apparatus as steps. It can also be realized as a method.
- this program distribution method can be realized as a program that realizes it on a computer etc. It goes without saying that it can be distributed via recording media such as, etc. and transmission media such as communication networks.
- FIG. 1 shows a configuration diagram of an information processing terminal and a server apparatus according to the first embodiment.
- FIG. 2 is a configuration diagram of the entire program transmitted from the server device to the information processing terminal according to the first embodiment.
- Figure 3 (a) shows an example of the information stored in the program header.
- Figure 3 (b) shows an example of the information stored in the program.
- Figure 4 (a) shows an example of the information stored in the unique information header.
- Figure 4 (b) shows an example of the information stored in the program specific information.
- FIG. 5 is a diagram showing an operation procedure in a program updating system performed between an information processing terminal and a server device.
- FIG. 6 is a diagram showing an example of information storage of the unique information distribution history held in the unique information distribution history holding unit.
- FIG. 7 is a flowchart showing a program distribution procedure in the server device.
- FIG. 8 is an overall view showing a program management system using the server apparatus according to the first embodiment.
- FIG. 9 is a diagram showing another data structure included in the program header and the program according to the first embodiment.
- FIG. 2 is a diagram showing a data structure.
- FIG. 11 shows a configuration diagram of an information processing terminal and a server apparatus according to Embodiment 2 of the present invention.
- FIG. 12 (a) is a diagram showing an example of information included in the unique information distribution history according to the second embodiment.
- FIG. 12 (b) is a diagram showing an example of information included in the program Z specific information correspondence table according to the second embodiment.
- FIG. 13 is a flowchart showing the program distribution procedure in the server device.
- FIG. 14 is a block diagram of an information processing terminal and a server apparatus according to the third embodiment.
- FIG. 15 is a diagram showing an example of information storage of distribution number information according to the third embodiment.
- FIG. 16 is a flowchart showing the program distribution procedure in the server device.
- FIG. 17 shows a configuration diagram of an information processing terminal and a server apparatus according to the fourth embodiment.
- FIG. 18 (a) is a diagram showing an example of data stored in the distribution number information according to the fourth embodiment.
- FIG. 18 (b) is a diagram showing an example of data stored in the program unique information correspondence table according to the fourth embodiment.
- FIG. 19 is a flowchart showing the program distribution procedure in the server device.
- FIG. 20 is an explanatory diagram of a conventional method of verifying the legitimacy of a program using an electronic signature.
- Figure 21 shows the program management between the conventional information processing terminal and the server It is a reference drawing of a system.
- FIG. 1 shows a configuration diagram of an information processing terminal 100 and a server apparatus 120 according to Embodiment 1 of the present invention.
- the information processing terminal 100 is a terminal device that uses a program used for electronic commerce, content distribution, etc. acquired from the server device 120.
- the information processing terminal 100 uses the CPU 101, RAMI 02, and the encryption of programs and data.
- encryption processing unit 1 0 3 that performs decryption processing, communication processing unit 1 0 4 that communicates with server device 1 2 0 0, program storage unit 1 0 5 that stores programs, CA public key etc It comprises a data storage unit 106 for storing information without information, and a secret information storage unit 10 for storing information that needs to be concealed, such as a secret key.
- the program storage unit 105 stores the program 116 operating on C PU 101.
- the data storage unit 106 stores the data used by the information processing terminal 100 that do not need to be particularly concealed, and the ID and version of the program stored in the information processing terminal 100. Stores program management information 1 0 8 and CA public key 1 0 9 that are management information of stored programs such as numbers.
- the secret information storage unit 107 stores information that needs to be concealed in the information processing terminal 100, and the terminal unique key 110, which is a key different for each information processing terminal, information Terminal secret, which is one of different public key pairs for each processing terminal A key 1 11 1, program specific information 1 12 such as a unique key used by a program, and a terminal public key certificate 1 1 3 which is the other of a public key pair different for each information processing terminal is stored.
- the terminal public key certificate 1 1 3 is an ID that uniquely identifies the information processing terminal 1 0 0.
- the terminal ID 1 1 4 and the terminal public key certificate 1 1 3 CA signature 1 1 Contains 5
- the server apparatus 120 is an apparatus for distributing a program requested from the information processing terminal 100, and the CPU 1201, RAMI 22, encryption of programs and data, etc.
- Cryptographic processing unit 1 2 3 that performs decryption processing
- communication processing unit 1 2 4 that communicates with information processing terminal 1 0 0 0, data storage unit 1 2 that stores information that does not need to be concealed, such as CA public key 5.
- a distribution information storage unit 126 storing information such as a program to be distributed to the information processing terminal 100, and a unique information distribution history holding unit 140.
- the server apparatus 120 is characterized by including a unique information distribution history holding unit 140.
- the unique information distribution history holding unit 140 holds a unique information distribution history 600 for managing the history of program specific information of the program distributed to the information processing terminal 100.
- a data storage unit 125 is an area for storing information used by the server device 120.
- the server secret key 127 which is one of the public key pairs, and the server public key certificate, which is the other of the public key pairs.
- Document 1 2 8 and CA Public Key 1 2 9 are stored.
- Server public key certificate 1 2 8 contains server ID 1 3 0 which is an ID uniquely identifying the server, and CA signature 1 3 1 added by CA to the server public key certificate.
- the distribution information storage unit 1 2 6 is an area for storing information to be distributed to the information processing terminal 1 0 0 by the server device 1 2 0.
- the program header 3 0 0, program 3 1 0, unique information header 4 0 0, and program specific information 4 2 0 are stored. Note that the program that is this distribution information
- a diagram of the entire ram is shown in Figure 2 below.
- this CA signature guarantees that the distribution information is distributed from a valid distribution source.
- FIG. 2 is a configuration diagram of an entire program 200 transmitted from the server device 120 according to the first embodiment to the information processing terminal 100 side.
- the entire program 200 is information stored in the distribution information storage unit 1 2 6 of the server apparatus 120.
- the program header 300, the program 3 1 0, the unique It consists of an information header 400 and program specific information 420.
- the present invention is characterized in that the whole program 200 is separated into a program 3 10 and program specific information 4 2 0, and further divided into a header part and a data part. .
- FIGS. 3 (a) and 3 (b) are diagrams showing an example of information stored in the program header 300 and the program 310.
- the program header 300 contains information on the program 310 and contains the following information.
- Program ID (3 0 1) indicating whether the information corresponds to 0.
- Corresponding Program 3 1 0 version number (3 0 2).
- Corresponding program 3 1 0 program size (3 0 3).
- the corresponding program 3 1 0 hash value (3 0 4).
- the CA signature (3 0 5) for the entire program header 300 containing the information from (1) to (4 ') above.
- a C A signature (3 11) for the program 3 10 is added to the program 3 10.
- the program header 300 and the program 310 include the CA signatures 3 0 5 and 3 1 1, the program header in the information processing terminal 100 0 is distributed from a valid distribution source in the program. It is possible to verify that it is a thing.
- FIGS. 4 (a) and 4 (b) are diagrams showing an example of information stored in the specific information header 400 and the program specific information 420.
- FIG. 4 (a) and 4 (b) are diagrams showing an example of information stored in the specific information header 400 and the program specific information 420.
- the specific information header 400 contains information about program specific information 420 and contains the following information.
- Specific information header 4 0 Program specific information ID (4 0 1) indicating which program specific information 4 2 0 the information stored in corresponds to.
- Corresponding program specific information 4 2 0 Program 3 1 0 program ID (4 0 2).
- Corresponding program specific information 4 2 0 The number of specific information stored in (0 0 3).
- Corresponding program specific information 4 2 0 Total size (4 0 4).
- Corresponding program specific information 4 20 A specific information sub-header (4 0 5) indicating information on individual specific information included in 0.
- the number of unique information subheaders 405 is equal to the number (1 to n) of individual pieces of unique information included in program specific information 420.
- the specific information subheader 4 0 5 is a program specific information sub ID 4 1 1 which is an ID for identifying each specific information, and the support of each specific information. It is composed of the information 4 1 2
- the program specific information 420 also includes a plurality of program specific information (4 2 1) and a CA signature (4 2 2) for the entire program specific information. For this reason, since the unique information header 400 and the program specific information 420 both include the CA signature (4 0 6 and 4 2 2), the information processing terminal 1 0 0 has the unique information header 4 0 0, the program. It is possible to verify that the unique information 4 20 is distributed from a valid distributor.
- the information processing terminal 100 first makes a header acquisition request to check the free space. Further, in the server device 120, the information processing terminal 100 for illegal use of the program can be excluded by referring to the unique information distribution history 600 from the unique information distribution history holding unit 140. It becomes possible.
- the information processing terminal 100 makes a connection with the server device 120 by means of SS L (S 501).
- the server device 120 acquires the terminal ID of the information processing terminal 100.
- SS L is a mechanism that encrypts and transmits data using a public key encryption method and a secret key encryption method together in order to transmit and receive data safely between two points.
- SSL since a valid key is shared only in the session called session key, all data transmission / reception between the information processing terminal 100 and server apparatus 120 shown in FIG. It shall be performed by encrypted data using session key.
- the information processing terminal 100 requests the server device 120 to acquire a header by specifying the program ID of the program 310 to be acquired (S502).
- the server device 120 has a unique information distribution history holding unit 14 Confirm the correspondence between the terminal ID and the program specific information ID according to the specific information distribution history 6 0 0 held in 0. That is, it is checked whether the unique information 1 D has already been distributed to the information processing terminal 100.
- the server apparatus 120 that has received the header acquisition request is sent to the program stored in the distribution information storage unit 126. Send 0 0 to the information processing terminal 1 0 0 (S 5 0 3).
- the information processing terminal 100 receiving the program header 3 0 0 from the server device 1 2 0 uses the CA public key 1 0 9 stored in the data storage unit 1 0 6, the program header 3 0 Verify the CA signature contained in 0 (S504). As a result, the information processing terminal 100 verifies that the information in the program header is information distributed from a legitimate distribution source that has not been tampered with.
- the program header 300 contains information about the program, such as the program ID of the program, the version number 302, the size 303, and the program hash value 304.
- the information processing terminal 100 compares the above information with the program ID, version information, and free capacity information described in the program management information 1 0 8 stored in the data storage unit 1 0 6, Check whether the program to be updated 3 1 0 is correctly distributed from the server device 1 2 0 or if there is free space for storing the program 3 1 0 (S 5 0 4). Therefore, the information processing terminal 100 according to the first embodiment prevents such an adverse effect that the program can not be acquired while the program 310 is down.
- the server device 120 transmits the unique information header 400 stored in the distribution information storage unit 126 to the information processing terminal 100 (S550).
- the information processing terminal 1 0 0 that has received the unique information header 4 0 0 from the service device 1 2 0 is the CA public key 1 0 stored in the data storage unit 1 0 6
- the information processing terminal 100 verifies that the unique information header 400 is not falsified and is information distributed from a valid distribution source.
- the unique information header 400 is distributed with a program specific information ID 4 0 1 that identifies the program specific information 4 2 0 as desired, the program ID 4 0 2 of the program related to the program specific information, and the program specific information Information about the program specific information 4 2 0, such as the number of specific information 4 0 3 and the size 4 0 4 contained in the information to be stored.
- the program ID and free space information described in the program management information 1 0 8 stored in the part 1 0 6 are compared, and the program specific information 4 0 regarding the program 3 1 0 to be updated is correct. Whether it is distributed from the device 120 or there is free space for storing the program specific information 4 20 is checked before the down of the program 3 10 (S506).
- the information processing terminal 100 determines that the program 3 1 0 and the program specific information 4 2 0 can be obtained, the information processing terminal 1 0 makes a program acquisition request by designating the program ID to the server device 1 2 0 S 5 0 7).
- the server apparatus 120 having received the program acquisition request transmits the program 310 stored in the distribution information storage unit 126 to the information processing terminal 100 (S580).
- the information processing terminal 100 which has received the program 3 1 0 from the server device 1 2 0 is included in the program 3 1 0 using the CA public key 1 0 9 stored in the data storage unit 1 0 6 Verify the current CA signature (S509). As a result, the information processing terminal 100 verifies that the program 310 has not been tampered with and is information distributed from a valid distribution source.
- the terminal unique key 1 1 0 stored in the secret information storage unit 1 0 7 encrypts the acquired program 3 1 0 And store it in the program storage unit 1 0 5 (S 5 0 9).
- the program storage location, program ID, purge number, etc. are stored in the program management information 108 to manage the program.
- the program 1 1 6 stored in the program storage unit 1 0 5 is decrypted using the terminal unique key 1 1 0 to calculate a hash value.
- the calculated value is compared with the hash value stored in the program header 300 to confirm that the program is stored correctly (S510).
- the information processing terminal 100 designates the program ID to the server device 120 and makes a program specific information acquisition request (S 51 1).
- the server device 120 transmits the program specific information 4 20 stored in the distribution information storage unit 1 2 6 to the information processing terminal 1 0 0 (S 5 1 2).
- the information processing terminal 100 that has received the program specific information 4 2 0 from the server device 1 2 0 uses the CA public key 1 0 9 stored in the data storage unit 1 0 6 to obtain the program specific information 4 2 Verify the CA signature contained in 0 (S 51 3). As a result, the information processing terminal 100 verifies that the program specific information has not been altered and is information distributed from a valid distribution source. If the legitimacy of the acquired data can be verified, the acquired program specific information is stored in the confidential information storage unit 1 0 7 (S 5 1 3).
- the information processing terminal 100 makes a header acquisition request to check whether the free space for storing the program 310 exists or not. It is possible to download the program more safely.
- program 3 10 and program Unique information 4 2 0 hash value is calculated, and the calculated hash value is compared with the hash value stored in the program header 3 0 0 and the program specific information header 4 0 0. It is also conceivable to confirm that it is.
- FIG. 6 is a diagram showing an example of information storage of the unique information distribution history 600 held in the unique information distribution history holding unit 140.
- the server device 120 distributes the table in which the program unique information 420 corresponding to the program distributed to the information processing terminal 100 and the terminal ID of the information processing terminal 100 are recorded to the unique information It is assumed that the history 6 0 0.
- the server device 120 has a terminal ID 6001, which is an ID for identifying the information processing terminal 100 that has distributed the program unique information 420, and an ID for identifying the distributed program unique information 420.
- the program specific information ID 602 is stored in the unique information distribution history holding unit 140. Also, as necessary, the last distribution date 6 0 3 indicating the date and time of last distribution of the program specific information 4 2 0 is stored in the specific information distribution history 6 0 0.
- server apparatus 1 20 has distributed 5 pieces of program specific information 4 2 0 to information processing terminal 1 0 0, and a combination of each terminal ID 6 0 1 and program specific information ID 6 0 2 (Terminal ID.
- Program specific information ID) (0 0 0 1, 0 0 0 1), (0 0 0 2, 0 0 0 2), (0 0 1 0, 0 0 0 3), ( 0 0 1 5, 0 0 0 4), and (0 0 2 0, 0 0 0 5).
- FIG. 7 is a flowchart showing the distribution procedure of the program 310 in the server device 120.
- the server apparatus 120 receives a program distribution request from the information processing terminal 100 (S701).
- server device 120 acquires the terminal ID of information processing terminal 100 included in the received program distribution request, and (S702) Search the terminal ID acquired for the unique information distribution history 600 (S703), and whether or not the same information ID is stored in the unique information distribution history 600 Make a judgment of (S 7 0 4).
- the server device 120 If the same terminal ID is stored in the unique information distribution history 600 (Y in S704), the server device 120 has already stored the program-specific information in the information processing terminal 100. Since 0 has been distributed, only program 3 1 0 is sent and the process is terminated (S 7 0 8).
- the server device 120 when the same terminal ID is not stored in the unique information distribution history 600 (N in S704), the server device 120 newly adds program unique information to the information processing terminal 100. 4 2 0 is assigned (S 7 0 5), and the newly assigned program specific information 4 2 0 is added with the correspondence of terminal ID 6 0 1 and program specific information ID 6 0 2 and specific information distributed. Update history 6 0 0 (S 7 0 6). Then, the server device 120 transmits the program specific information 4 20 to the information processing terminal 1 0 0, transmits the program 3 1 0 to the information processing terminal 1 0 0, and ends the processing (S 70) 8).
- server apparatus 120 by distributing and managing program specific information using specific information distribution history 600 in server apparatus 120, multiple program specific information 420 can be distributed to one information processing terminal 100. Be sure to prevent doing so. As a result, the server apparatus 120 is already recognized as an illegal terminal using CRL unique information 420 by the CRL etc., and a new program specific to the information processing terminal 100 is excluded. Information 4 2 0 will not be assigned. Therefore, it is possible to prevent the fraudulent act of the information processing terminal 100 for acquiring new program specific information 420 to avoid exclusion.
- FIG. 8 is an overall view showing a program management system using the server apparatus 120 according to the first embodiment.
- the server device for program 120a transmits a program corresponding to the program acquisition request to the information processing terminal 100.
- the server apparatus 1 20 0 b transmits an application used for a program operated on the information processing terminal 100 to the information processing terminal 100.
- the program specific information of the program held by the information processing terminal 100 is “0 1 0 1”
- new program specific information is used in order to avoid the exclusion of the CRL 800.
- the communication channel is made an encrypted communication channel using SSL.
- the server apparatus 12 O b has an invalid program revocation list (CRL) 800 using program specific information, and is added to the acquisition request from the information processing terminal 100. Since the program specific information “0 1 0 1” is described in the CRL 800, the unauthorized data processing terminal is excluded by not transmitting the application data.
- the server device 1 20 0 b sends application data to the information processing terminal 1 0 0.
- a CA signature is added to the data downloaded from the server device 120 a etc., and the information processing terminal 100 verifies the signature, whereby the download data is falsified or replaced on the communication path. , Prevent eavesdropping etc.
- Program-specific information "The user of the information processing terminal 100 whose J. 0 1 0 1 J is described in CRL 800 can obtain new alternative program-specific information and use it for a program to avoid exclusion by CRL.
- the server apparatus 120a according to the present invention relates to the program previously distributed in the unique information distribution history holding unit 140, and the terminal ID of the information processing terminal 100 [0 1 0 2]. It has the unique information distribution history 600 where "" and the program specific information ID "0 1 0 1" are recorded. Then, when a new program specific information acquisition request is issued from the information processing terminal 100 to the server device 120a, the server device 120a is added to the program specific information acquisition request.
- the terminal ID “0 1 0 2” is listed in the unique information distribution history 600, and if it is described, the distribution of program specific information is prohibited and only the program itself is Distribution to the information processing terminal 100.
- the terminal ID and the program unique are added to the unique information distribution history 600, and the program and program unique information are distributed to the information processing terminal 100.
- the server device 120a does not distribute to the information processing terminal 100 again, and the main body of the program may be distributed twice or more. This is because the program specific information has been invalidated by the CRL 800, so the user of the information processing terminal 100 who intends to use it illegally attempts new application data unless the program specific information is updated. It is because it excludes acquiring.
- FIG. 9 is a view showing another data structure included in the program header 9 0 0 and the program 9 1 0 according to the first embodiment.
- the difference between Fig. 9 and Fig. 3 is that program 9 10 does not have CA signature 3 1 1 added.
- Program header 9 0 0 contains information about program 9 1 0
- the program header 9 0 0 is obtained from the server device 1 2 0 and the program header 9 0 Verify the CA signature 9 0 5 attached to 0 0.
- the information processing terminal 100 verifies that the program header 900 is not falsified and is information distributed from a valid distribution source.
- the program hash value 9 0 4 stored in the program header 9 0 0 is used for the validity verification of the program 9 1 0, and the CA signature 9 0 5 is added only to the program 9 0 0.
- information processing terminal 1 0 0 detects a combination error by calculating the hash value of the program. It becomes possible.
- by not performing the CA signature of program 910 it is not necessary to pass program 901 to the certification authority to perform the CA signature.
- FIG. 10 is a diagram showing another data structure included in the specific information header 1 0 0 0 and the program specific information 1 0 2 0 using FIG.
- the difference between Fig. 10 and Fig. 4 is that the unique information header 1 0 0 0 has the program specific information hash value 1 0 0 5 and adds the 0 8 signature 4 2 2 to the program specific information 1 0 2 0 It is a point not to do.
- the unique information header 1 0 0 0 is for storing information related to program specific information 1 0 2 0, and the program unique information ID 1 which is information similar to the information stored in the above-mentioned unique information header 4 0 0 0 0 1, program ID 1 0 0 2, number of unique information 1 0 0 3, size of entire program specific information 1 0 0 4, hash value of entire program specific information 1 0 0 5, unique information subheader 1 0 0 6 and the CA signature 1007 for the entire unique information header.
- the information processing terminal 100 calculates the hash value of the program specific information 1 0 2 0 and calculates the hash value and the hash value of the program specific information stored in the specific information header 1 0 0 0 Verify that the program specific information 1 0 2 0 is not falsified or information distributed from a valid distribution source by comparing with 1 0 0 5 to confirm that they match. Is possible.
- the server apparatus 120 when the server apparatus 120 according to the first embodiment includes the unique information distribution history holding unit 140, the server apparatus 120 can be realized by the information processing terminal 100. It is possible to prevent new acquisition of program specific information corresponding to the previously distributed program. Therefore, it is possible to realize a secure download by avoiding fraudulent acts such as hacking of the information processing terminal 100 for acquiring new program specific information 420 and avoiding exclusion.
- a secure flash memory etc. that can only access the program acquired from the server device 1 20 from the terminal 10 0 only from the inside
- the server device By encrypting with the terminal unique key 1 1 0 recorded in the server, the server device does not require processing for encrypting the program with the unique key of the information processing terminal as in the prior art. It becomes possible to reduce the burden of program encryption processing in the apparatus 120.
- the information processing terminal 100 is different for each information processing terminal 100 by decrypting with a terminal unique key 110 after program storage and performing verification with a plaintext program hash value. It becomes possible to judge the success or failure of program storage without being aware of the encryption by the terminal unique key 110.
- the server apparatus 120 separately creates the whole program into a program 310 and program specific information 420 separately. Therefore, the server device 120 manages a plurality of relatively small program specific information 420 having a capacity different from one another in each information processing terminal 100, and information common to all information processing terminals 100 By managing only one program 310 with a large capacity, the capacity of the distribution information managed by the server apparatus 120 can be significantly reduced, and thus the burden of information management can be reduced. It becomes possible.
- the program specific information 1 0 2 0 hash value 1 0 0 5 is stored in the specific information header 1 0 0 0, and the CA signature only in the specific information header 1 0 0 0 0
- program specific information 1 0 2 0 It is possible to obtain the effect of
- the combination of the unique information header 1 0 0 0 and the program specific information 1 0 2 0 is illegally changed, it is possible to calculate the hash value of the program specific information 1 0 2 0 in the information processing terminal 1 0 0 It also becomes possible to detect combinations of anomalies.
- the format of the unique information distribution history 600 stored in the unique information distribution history holding unit 140 described in the first embodiment is only an example, and the last distribution date 6 0 3 may be deleted. , Other information may be added.
- the distribution of program specific information 420 is denied to the terminal ID 600 described in the specific information distribution history 600, unless unauthorized acquisition is made, The program specific information 420 already distributed may be distributed again to the information processing terminal 100 having the terminal ID 600.
- the request from information processing terminal 100 is either a program distribution request involving distribution of a program or a program specific information distribution request not involving distribution of a program. it can.
- encrypted data is transmitted and received between the information processing terminal 100 and the server apparatus 120 using SSL.
- SSL Secure Sockets
- the data storage unit 106 and the program storage unit 105 are separate but may be the same storage unit. Also, although the terminal public key certificate 1 1 3 is stored in the secret information storage unit 1 0 7, it may be stored in the data storage unit 1 0 6.
- server device 120 creates program header 300, unique information header 400, separately from program 320, and program specific information 420.
- the program 3 1 0 and the program header 3 0 0, the program specific information 4 2 0 and the specific information header 4 0 0 are regarded as one piece of information, and only the header portion is cut out prior to distribution from the server device 120. It may be transmitted to the information processing terminal 100.
- program 310 program specific information
- encryption is further performed using a key different from the session key, and the key is added to the program header 3 0 0, unique information header 4 It may be distributed by including it in 0 0.
- the point described as a hash value in the first embodiment may be that an existing hash algorithm such as SHA-1 or MD 5 may be used as a hash algorithm, or a unique algorithm may be used. It is also good.
- a tamper detection method may be used using a method such as Q: tsum. Also, when distributing a program that does not require different information for each information processing terminal 100, there is no need to distribute program specific information.
- FIG. 11 shows a configuration diagram of an information processing terminal 1 100 according to a second embodiment of the present invention and a protective device 1 120.
- the point different from the first embodiment is that the server device 1 120 holds the program specific information correspondence table holding unit 1 150.
- the program unique information correspondence table holding unit 1 1 5 0 is a program information indicating correspondence between a program unique information ID for uniquely identifying program unique information and a program ID for uniquely identifying a program using program unique information. It is a storage unit that holds the unique information correspondence table 1 2 1 0.
- FIGS. 12 (a) and (b) are diagrams showing an example of information included in the unique information distribution history 1200 and the program unique information correspondence table 1201 according to the second embodiment.
- the unique information distribution history holding unit 1 1 4 0 differs from the unique information distribution history 6 0 0 in the first embodiment described above in that the program ID 1 2 0 2 that identifies the program corresponding to the distributed program unique information is used. Management of the attached unique information Distribution history 1 2 0 0 Note that the unique information distribution history is stored in 1 2 0 0 The terminal IDs 1 2 0 1, program specific information ID 1 2 0 3, and the final distribution date 1 2 0 4 are the same as in FIG.
- server device 1 1 2 0 has distributed 5 pieces of program specific information ID 1 2 0 3 to information processing terminal 1 1 0 0, each terminal ID 1 2
- the program / specific information correspondence table holding unit 1 1 5 0 is the program / specific information correspondence table 1 2 1 0, the program ID 1 2 1 1 of the program managed by the server device 1 1 2 0, Stores the correspondence with the program specific information ID 1 2 1 2 that identifies the program specific information used by each program.
- the server device 1 1 2 0 manages a program whose program ID is 0 0 0 1 and the program specific information ID is 0 0 0 1 as program specific information used by that program. It manages program specific information up to 1000. Similarly, a program with a program ID of 0 0 0 2 and program specific information used by that program are managed with program specific information of 1 0 0 1 to 2 0 0 0. In addition, in the program specific information correspondence table 1120, it is distributed at the start of the next program specific information distribution to prevent redistribution of the program specific information distributed to the information processing terminal 1 0 0 0. Stores distribution start ID 1 2 1 3 which is program specific information to be done.
- the program ID is new to the program 0 0 0 1
- server device 1 1 2 0 assigns program specific information of program specific information ID 0 1 2 3.
- program-specific information is newly assigned to a program having a program ID of 0, 02, 0, the server device 1 1 2 0 indicates that program-specific information of program-specific information ID 1 4 2 3 is assigned. ing.
- the server device 1 120 corresponds to the program ID for the program distribution request specifying the program ID from the information processing terminal 1 10 0 using this program specific information correspondence table 1 20 0 Program specific information will be distributed.
- FIG. Figure 13 is a flowchart showing the program distribution procedure on server device 120.
- the server apparatus 1 120 receives a program distribution request from the information processing terminal 1 1 0 0 (S 1 3 0 1).
- This program distribution request specifies program ID.
- the server device 1 120 obtains the terminal ID of the information processing terminal 1 100 and the program ID from the received program distribution request (S 1 3 0 2). Then, search the terminal ID and program ID acquired for the unique information distribution history 1200 (S1303), the same information as the unique information distribution history 1200 0 1 0 0 The same terminal ID and the same program ⁇ D history Check whether or not is stored (S1304).
- server device 1 1 2 0 is the programo unique information correspondence table Based on the information on the distribution start ID stored in 1 2 1 0, program specific information 1 1 3 5 is newly assigned to the information processing terminal 1 1 0 0 (S 1 3 0 5).
- the server device 1 120 relates to the program / specific information correspondence table 1 2 1 stored in the program specific information correspondence table holding unit 1 1 5 0 regarding the newly assigned program specific information 1 1 3 5 Refer to 0 and update the value of distribution start ID 1 2 1 3 (S 1 3 0 6). Also, the correspondence between the terminal ID and the program specific information ID is added to the specific information distribution history 1 200 for the newly allocated program specific information 1 1 3 5 (S 1 3 0 7). Then, the server device 1 120 sends the program specific information 1 1 3 5 to the information processing terminal 1 1 0 0 (S 1 3 0 8), sends the program 1 1 3 3 and ends the processing ( S 1 3 0 9).
- the server device 1 120 includes the unique information distribution history holding unit 1 140 and the program unique information correspondence table holding unit 1 150, and the unique information
- the server device 1 120 includes the unique information distribution history holding unit 1 140 and the program unique information correspondence table holding unit 1 150, and the unique information
- the unique information By managing distribution of program specific information by using distribution history 120 and program / specific information correspondence table 120, it is possible to execute the same program operating on one information processing terminal 1 100. Prevent distribution of multiple program specific information 1 1 3 5 Therefore, it is possible to prevent the information processing terminal 1 100 for acquiring new program specific information 1 13 5 to avoid exclusion from acquiring new program specific information 1 1 35. Become.
- the server apparatus 1 120 includes a download target program and an information processing terminal 1 10 0 on which the program operates. Is stored in the program-specific information correspondence table 1 2 1 0 and the distribution of program-specific information 1 1 3 5 is managed on a program-by-program basis, so that the program-specific information 1 1 3 5 can be distributed for each program. It is possible to judge. Therefore, the server apparatus 1 120 can prevent the program from being distributed to the information processing terminals 1 1 0 0 not to be operated with reference to the program / specific information correspondence table 1 2 1 0.
- the data storage unit 1 10 6 and the program storage unit 1 1 0 5 are separate, they may be the same storage unit.
- the format of the unique information distribution history 1200 shown in the second embodiment is an example, and the final distribution date 1204 may be deleted, or other information may be added.
- the format of the program specific information correspondence table 1201 is also an example, and the distribution start ID 12013 may be managed in another format. For example, by providing a table that stores all program specific information IDs, and providing a flag that identifies whether each program specific information ID has been assigned, the distribution status of program specific information 1 1 3 5 You may manage
- the information processing terminal 100 can be a program distribution request involving the distribution of a program or a program specific information distribution request not involving the distribution of a program.
- FIG. 14 is a block diagram of an information processing terminal 1 400 according to the third embodiment and a server apparatus 1 240.
- the difference between the first embodiment and the second embodiment described above is that the server device 1420 has a distribution frequency information holding unit 1. It is a point having 4 40.
- the distribution number information holding unit 1 4 4 0 is a distribution number information for managing the number of times the program specific information 1 4 3 5 has been distributed from the server device 1 4 2 0 to the same information processing terminal 1 4 0 0 It is a hard disk that holds 1 500.
- FIG. 15 is a diagram showing an example of information storage of distribution number information 1 500 according to the third embodiment.
- Distribution number information 1 5 0 0 contains the program specific information 1 4 3 5 Information processing terminal 1 4 0 0 ID that identifies the terminal ID 1 5 0 1, Number counter 1 5 0 2 is stored.
- program specific information 1 4 3 5 is distributed once to information processing terminals 1 4 0 0 with terminal IDs 0 0 0 1 and 0 0 0 2 and the terminal ID 0 0 0 It is shown that the program specific information 1 4 3 5 is not distributed to the information processing terminal 1 4 0 0 of 3.
- FIG. 16 is a flowchart showing a program distribution procedure in the server device 140.
- the server apparatus 1420 receives a program distribution request from the information processing terminal 1400 (S1660).
- the server device 1402 acquires the terminal ID of the information processing terminal 1400 included in the program distribution request received in S1601 (S1602).
- the server apparatus 140 searches for the terminal ID acquired in S 1602 using the distribution number information 1 500 stored in the distribution number information holding unit 1 40 0, and Get the value (S1603). In addition, it is determined whether or not the value of the acquired frequency counter is equal to or more than a specified value (S 1 6 0 4).
- the server device 1 4 2 0 is for the information processing terminal 1 4 0 0 Since the program has already distributed the program specific information 1 4 3 5 more than the specified number of times, only the program 1 4 3 3 is transmitted and the processing is terminated (S 1 6 0 8).
- the server device 1420 is newly added to the information processing terminal 1400 with program specific information 1 Assign 4 3 5 (S 1 6 0 5).
- the server device 140 adds the value of the number counter of distribution number information 1 500 stored in the distribution number information holding unit 1 4 0 (S 1 0 6).
- the server device 1420 transmits the program specific information 1435 to the information processing terminal 1400 (S1607), transmits the program 1433 and terminates the processing ( S 1 6 0 8).
- the server apparatus 1 420 includes the distribution number information holding unit 1 4 4 0 and uses the distribution number information 1 5 0 0 to obtain the program specific information 1 4 3 5 By performing distribution management, it is possible to prevent distribution of program specific information 1 4 3 5 of the specified value or more to one information processing terminal 1 400.
- the server device 1 240 uses the information contained in the program specific information 1 4 35. By newly assigning program specific information 1 4 3 5 to information processing terminal 1 4 0 0 that has been recognized as an unauthorized terminal and has been excluded, it becomes possible to prevent the unauthorized terminal from avoiding exclusion. .
- program specific information 1 for the user who purchases the program again instead of the illegal purpose such as the failure of the hard disk 1 4 3 5 It becomes possible to redistribute and newly distribute.
- the data storage unit 1406 and the program storage unit 1405 are separate but may be the same storage unit.
- the format of the distribution number information 1 500 shown in mode 3 is an example, and other information may be added.
- the request from the information processing terminal 140 can be a program distribution request involving distribution of a program or a program specific information distribution request not involving a distribution request of a program.
- FIG. 17 shows a configuration diagram of an information processing terminal 1 700 according to the fourth embodiment and a server device 1 720.
- the point different from the above-mentioned third embodiment is that the server device 1 720 holds the program / specific information correspondence table holding unit 1 7 0.
- the program specific information correspondence table holding unit 1 7 5 0 is a storage unit similar to the program specific information correspondence table holding unit 1 1 5 0 described in FIG.
- FIGS. 18 (a) and 18 (b) are diagrams showing an example of data stored in distribution number information 1 8 0 0 and program / specific information correspondence table 1 8 1 0 according to the fourth embodiment.
- Distribution number information 1 8 0 0 is the program ID 1 8 0 1 of the distributed program, information processing terminal 1 7 3 5 distributed information terminal 1 7 0 0 terminal 1 D 1 8 0 2, program specific information Stores the counter 1 8 0 3 that indicates the number of times of distribution.
- the difference from the distribution number information 1 500 in the third embodiment is that a program ID 1 180 1 for identifying a program that uses program specific information is added.
- Distribution number information 1 8 0 0 is program specific information 1 7 3 5 used by the program with program ID 0 0 0 1 and information processing terminal 1 7 0 0 with terminal ID 0 0 0 1, 0 0 0 2 Distributes once, and indicates that program specific information 1 7 3 5 is not distributed to information processing terminal 1 7 0 0 whose terminal ID is 0 0 0 3.
- program specific information 1 7 3 5 used by a program with program ⁇ D 0 0 0 2 and information about a terminal ID 0 0 0 1
- the program Z specific information correspondence table 1 8 1 0 is the same as the program / specific information correspondence table 1 2 1 0 in FIG. 12 described above, and the detailed description will be omitted.
- FIG. 19 is a flow chart showing the program distribution procedure in the server device 170.
- the server device 1702 receives a program distribution request from the information processing terminal 1700 (S 1 190 1).
- This program distribution request includes the program ID of the program requested to be acquired by the information processing terminal 1700.
- the support device 17020 obtains the terminal ID and program ID of the information processing terminal 1700 included in the program distribution request received in S1901 (S1902) .
- the server device 1702 searches the distribution number information 1800 for the terminal ID and program ID acquired in S1902 and acquires the value of the number counter (S1903) ). Next, it is judged whether or not the value of the obtained number counter is equal to or more than a specified value (S 1 9 0 4).
- the server device 1 720 when the value of the acquired number counter is equal to or more than the specified value (Y in S 194), the server device 1 720 has already received the program specific information 1 7 0 to the information processing terminal 1 7 0 0. Since 3 5 is distributed more than the specified number of times, only program 1 7 3 3 is sent and the process ends (S 1 9 0 9).
- the server device 1 7 2 0 is stored in the program / specific information correspondence table 1 8 1 0
- the program specific information 1 7 3 5 is newly allocated to the information processing terminal 1 7 0 0 based on the information of the distribution start ID (S 1 9 0 5).
- server device 1702 relates to the program specific information correspondence table 1 8 1 0 regarding the program specific information 1 7 3 5 newly assigned in S 1 0 5 5 Update (S1 9 0 6).
- the value of the number counter stored in the distribution number information 1 8 0 0 is added (S 1 9 0 7), and the program specific information 1 7 3 5 is transmitted to the information processing terminal 1 7 0 0 (S 1 9 0 8) Send program 1 7 3 3 and complete the process (S 1 9 0 9).
- the server apparatus 1 720 includes the distribution number information holding unit 1 7 4 0 and the program / specific information correspondence table holding unit 1 7 5 0.
- the distribution number information 1800 held in the program and the program / specific information correspondence table 1 8 1 0 are used to manage program specific information 1 7 3 5 to manage one information processing terminal 1 7 0
- the server device 1702 determines whether the program specific information 1735 can be distributed for each program by managing the distribution of program specific information in units of programs. It becomes possible.
- the data storage unit 1 7 0 6 and the program storage unit 1 7 0 5 are separate but may be the same storage unit.
- the format of the distribution number information 1 800 shown in the fourth embodiment is an example, and other information may be added.
- the format of the program specific information correspondence table 1 8 1 0 is also an example, and may be managed in another format.
- the request from the information processing terminal 700 can be a program distribution request involving distribution of a program or a program specific information distribution request not involving distribution of a program.
- the server apparatus can prevent the new acquisition of program specific information corresponding to the program previously distributed by the information processing terminal by having the specific information distribution history holding unit. As a result, it is possible to reliably prevent fraudulent acts of information processing terminals that acquire new program specific information and try to avoid exclusion.
- the information processing terminal according to the present invention can reduce the burden of program encryption processing in the server device by encrypting the program acquired from the server device with the terminal unique key. Furthermore, since the server apparatus according to the present invention separates the entire program into programs and program specific information and prepares them individually, the server apparatus has a relatively large amount of information which becomes different information in each information processing terminal. It is possible to manage a plurality of small program specific information and manage only one large program having a large amount of information common to all information processing terminals, thereby reducing the volume of distribution information managed by the server device. , It will be possible to reduce the burden of information management.
- the whole program distributed from the server apparatus according to the present invention to the information processing terminal includes the program main body operating on the information processing terminal, the program header, the program specific information, and the unique intelligence header.
- the program main body operating on the information processing terminal includes the program header, the program specific information, and the unique intelligence header.
- a server apparatus and a program management system are a personal computer having a communication function, a server apparatus that distributes a program to an information processing terminal such as a mobile phone via a network, and the server apparatus and information processing It is useful as a program management system between terminals.
Description
Claims
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/511,751 US7620811B2 (en) | 2002-04-23 | 2003-04-16 | Server device and program management system |
KR10-2004-7001619A KR20040099253A (ko) | 2002-04-23 | 2003-04-16 | 서버 장치 및 프로그램 관리 시스템 |
EP03720908A EP1498798A4 (en) | 2002-04-23 | 2003-04-16 | SERVER DEVICE AND PROGRAM MANAGEMENT SYSTEM |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2002-120430 | 2002-04-23 | ||
JP2002120430 | 2002-04-23 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2003091862A1 true WO2003091862A1 (fr) | 2003-11-06 |
Family
ID=29267370
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2003/004808 WO2003091862A1 (fr) | 2002-04-23 | 2003-04-16 | Dispositif serveur et systeme de gestion de programme |
Country Status (7)
Country | Link |
---|---|
US (1) | US7620811B2 (ja) |
EP (2) | EP2309411A3 (ja) |
JP (1) | JP2009116901A (ja) |
KR (1) | KR20040099253A (ja) |
CN (1) | CN1307503C (ja) |
TW (1) | TW200405709A (ja) |
WO (1) | WO2003091862A1 (ja) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1712992A1 (en) | 2005-04-11 | 2006-10-18 | Sony Ericsson Mobile Communications AB | Updating of data instructions |
Families Citing this family (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4058173B2 (ja) * | 1998-10-09 | 2008-03-05 | キヤノン株式会社 | 情報通信装置、情報通信装置の制御方法及びコンピュータ読み取り可能な記録媒体 |
US7783884B2 (en) * | 2004-04-21 | 2010-08-24 | Panasonic Corporation | Content providing system, information processing device and memory card |
US7577848B2 (en) * | 2005-01-18 | 2009-08-18 | Microsoft Corporation | Systems and methods for validating executable file integrity using partial image hashes |
US8291226B2 (en) * | 2006-02-10 | 2012-10-16 | Qualcomm Incorporated | Method and apparatus for securely booting from an external storage device |
EP2037388A4 (en) * | 2006-07-03 | 2016-12-14 | Panasonic Ip Man Co Ltd | CERTIFICATION DEVICE, VERIFICATION DEVICE, VERIFICATION SYSTEM, COMPUTER PROGRAM, AND INTEGRATED CIRCUIT |
US8683213B2 (en) * | 2007-10-26 | 2014-03-25 | Qualcomm Incorporated | Progressive boot for a wireless device |
US8775790B2 (en) * | 2007-10-30 | 2014-07-08 | Honeywell International Inc. | System and method for providing secure network communications |
JP4752884B2 (ja) * | 2008-08-21 | 2011-08-17 | ソニー株式会社 | 情報処理装置、およびデータ処理方法、並びにプログラム |
US9202015B2 (en) | 2009-12-31 | 2015-12-01 | Intel Corporation | Entering a secured computing environment using multiple authenticated code modules |
JP5449044B2 (ja) * | 2010-06-10 | 2014-03-19 | シャープ株式会社 | サーバ装置、端末装置およびアプリケーション制御システム |
US8983855B1 (en) | 2011-05-16 | 2015-03-17 | Mckesson Financial Holdings | Systems and methods for evaluating adherence to a project control process |
US9594875B2 (en) * | 2011-10-21 | 2017-03-14 | Hospira, Inc. | Medical device update system |
US8650645B1 (en) * | 2012-03-29 | 2014-02-11 | Mckesson Financial Holdings | Systems and methods for protecting proprietary data |
US9954837B2 (en) | 2015-01-07 | 2018-04-24 | Cyph, Inc. | Method of multi-factor authenication during encrypted communications |
WO2016114822A1 (en) * | 2015-01-16 | 2016-07-21 | Cyph Inc. | A system and method of cryprographically signing web applications |
US10491399B2 (en) * | 2015-01-07 | 2019-11-26 | Cyph, Inc. | Cryptographic method for secure communications |
CN107528816B (zh) * | 2016-06-22 | 2021-05-18 | 中兴通讯股份有限公司 | 分布式数据库中id的处理方法、管理系统及服务器 |
JP6861670B2 (ja) * | 2018-07-10 | 2021-04-21 | キヤノン株式会社 | 画像処理装置、その制御方法、及びプログラム |
WO2020053928A1 (ja) * | 2018-09-10 | 2020-03-19 | 三菱電機株式会社 | 空気調和システムおよび空気調和システムのプログラム更新方法 |
JP7318264B2 (ja) * | 2019-03-28 | 2023-08-01 | オムロン株式会社 | コントローラシステム |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH08190529A (ja) * | 1995-01-10 | 1996-07-23 | Fujitsu Ltd | ソフトウェア流通システムにおける識別子管理装置および方法 |
JP2000242491A (ja) * | 1999-02-22 | 2000-09-08 | Matsushita Electric Ind Co Ltd | コンピュータ及びプログラム記録媒体 |
JP2000311083A (ja) * | 1999-04-28 | 2000-11-07 | Casio Comput Co Ltd | 携帯端末装置、データ配布装置、データアクセス方法、及びデータアクセスシステム |
JP2001331232A (ja) | 2000-03-30 | 2001-11-30 | Internatl Business Mach Corp <Ibm> | ライセンス・アプリケーション・インストーラ |
JP2002091772A (ja) * | 2000-09-13 | 2002-03-29 | Nec Corp | ソフトウェア更新装置、ソフトウェア更新システム、その更新方法、及び更新プログラムを記録した記録媒体 |
Family Cites Families (28)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH0290772A (ja) * | 1988-09-27 | 1990-03-30 | Nec Corp | 会議接続における追加呼方法 |
JPH0687220B2 (ja) | 1988-10-31 | 1994-11-02 | 株式会社日立製作所 | プログラム配布装置 |
US5237610A (en) * | 1990-02-01 | 1993-08-17 | Scientific-Atlanta, Inc. | Independent external security module for a digitally upgradeable television signal decoder |
JP2979858B2 (ja) | 1992-09-07 | 1999-11-15 | ブラザー工業株式会社 | 液滴噴射装置 |
JP3717176B2 (ja) * | 1993-09-29 | 2005-11-16 | 株式会社パンプキンハウス | 暗号化/復号装置および方法 |
JPH07295800A (ja) | 1994-04-22 | 1995-11-10 | Advance Co Ltd | ソフトウエアプロテクト方式 |
JP3167527B2 (ja) | 1994-04-28 | 2001-05-21 | 株式会社東芝 | メディア情報配送システム |
JP3727076B2 (ja) * | 1994-08-25 | 2005-12-14 | 富士通株式会社 | プログラム管理方法および装置 |
US6044154A (en) * | 1994-10-31 | 2000-03-28 | Communications Devices, Inc. | Remote generated, device identifier key for use with a dual-key reflexive encryption security system |
JP3946275B2 (ja) * | 1995-01-10 | 2007-07-18 | 富士通株式会社 | リモートインストールシステムおよび方法 |
US5909257A (en) * | 1996-02-27 | 1999-06-01 | Victor Company Of Japan, Ltd. | Apparatus and method of receiving broadcasted digital signal |
US5754651A (en) * | 1996-05-31 | 1998-05-19 | Thomson Consumer Electronics, Inc. | Processing and storage of digital data and program specific information |
US6253027B1 (en) * | 1996-06-17 | 2001-06-26 | Hewlett-Packard Company | System, method and article of manufacture for exchanging software and configuration data over a multichannel, extensible, flexible architecture |
US6119105A (en) * | 1996-06-17 | 2000-09-12 | Verifone, Inc. | System, method and article of manufacture for initiation of software distribution from a point of certificate creation utilizing an extensible, flexible architecture |
JPH10143357A (ja) * | 1996-11-11 | 1998-05-29 | Hitachi Ltd | ソフトウェア管理装置 |
JPH10214297A (ja) * | 1996-11-28 | 1998-08-11 | Fujitsu Ltd | インターネットを利用した会員制サービスシステムおよび方法 |
EP0899955A3 (en) * | 1997-08-27 | 2001-01-31 | Matsushita Electric Industrial Co., Ltd. | Control information generating apparatus for broadcast system |
US6134659A (en) * | 1998-01-07 | 2000-10-17 | Sprong; Katherine A. | Controlled usage software |
US6477543B1 (en) | 1998-10-23 | 2002-11-05 | International Business Machines Corporation | Method, apparatus and program storage device for a client and adaptive synchronization and transformation server |
US6615349B1 (en) * | 1999-02-23 | 2003-09-02 | Parsec Sight/Sound, Inc. | System and method for manipulating a computer file and/or program |
FI990461A0 (fi) * | 1999-03-03 | 1999-03-03 | Nokia Mobile Phones Ltd | Menetelmä ohjelmiston lataamiseksi palvelimelta päätelaitteeseen |
US6848047B1 (en) | 1999-04-28 | 2005-01-25 | Casio Computer Co., Ltd. | Security managing system, data distribution apparatus and portable terminal apparatus |
JP2000339153A (ja) * | 1999-05-25 | 2000-12-08 | Nippon Telegr & Teleph Corp <Ntt> | プログラム検証方法及び装置及びプログラム検証プログラムを格納した記憶媒体 |
JP2001320356A (ja) * | 2000-02-29 | 2001-11-16 | Sony Corp | 公開鍵系暗号を使用したデータ通信システムおよびデータ通信システム構築方法 |
US6671724B1 (en) * | 2000-03-21 | 2003-12-30 | Centrisoft Corporation | Software, systems and methods for managing a distributed network |
JP3861559B2 (ja) * | 2000-03-31 | 2006-12-20 | 株式会社日立製作所 | 移動エージェント制御方法 |
KR20040103891A (ko) * | 2002-04-05 | 2004-12-09 | 마쯔시다덴기산교 가부시키가이샤 | 컨텐츠 이용 시스템 |
JP4211306B2 (ja) * | 2002-07-19 | 2009-01-21 | パナソニック株式会社 | 送信装置、及び受信装置 |
-
2003
- 2003-04-16 KR KR10-2004-7001619A patent/KR20040099253A/ko not_active Application Discontinuation
- 2003-04-16 US US10/511,751 patent/US7620811B2/en not_active Expired - Fee Related
- 2003-04-16 EP EP11150810A patent/EP2309411A3/en not_active Withdrawn
- 2003-04-16 WO PCT/JP2003/004808 patent/WO2003091862A1/ja active Application Filing
- 2003-04-16 CN CNB038012782A patent/CN1307503C/zh not_active Expired - Fee Related
- 2003-04-16 EP EP03720908A patent/EP1498798A4/en not_active Withdrawn
- 2003-04-22 TW TW092109393A patent/TW200405709A/zh unknown
-
2009
- 2009-01-16 JP JP2009008249A patent/JP2009116901A/ja active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH08190529A (ja) * | 1995-01-10 | 1996-07-23 | Fujitsu Ltd | ソフトウェア流通システムにおける識別子管理装置および方法 |
US6049670A (en) | 1995-01-10 | 2000-04-11 | Fujitsu Limited | Identifier managing device and method in software distribution system |
JP2000242491A (ja) * | 1999-02-22 | 2000-09-08 | Matsushita Electric Ind Co Ltd | コンピュータ及びプログラム記録媒体 |
JP2000311083A (ja) * | 1999-04-28 | 2000-11-07 | Casio Comput Co Ltd | 携帯端末装置、データ配布装置、データアクセス方法、及びデータアクセスシステム |
JP2001331232A (ja) | 2000-03-30 | 2001-11-30 | Internatl Business Mach Corp <Ibm> | ライセンス・アプリケーション・インストーラ |
JP2002091772A (ja) * | 2000-09-13 | 2002-03-29 | Nec Corp | ソフトウェア更新装置、ソフトウェア更新システム、その更新方法、及び更新プログラムを記録した記録媒体 |
Non-Patent Citations (1)
Title |
---|
See also references of EP1498798A4 |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1712992A1 (en) | 2005-04-11 | 2006-10-18 | Sony Ericsson Mobile Communications AB | Updating of data instructions |
WO2006108788A1 (en) * | 2005-04-11 | 2006-10-19 | Sony Ericsson Mobile Communications Ab | Updating of data instructions |
Also Published As
Publication number | Publication date |
---|---|
US20050251677A1 (en) | 2005-11-10 |
CN1307503C (zh) | 2007-03-28 |
EP1498798A1 (en) | 2005-01-19 |
EP2309411A3 (en) | 2011-06-15 |
JP2009116901A (ja) | 2009-05-28 |
EP2309411A2 (en) | 2011-04-13 |
TW200405709A (en) | 2004-04-01 |
KR20040099253A (ko) | 2004-11-26 |
US7620811B2 (en) | 2009-11-17 |
EP1498798A4 (en) | 2010-04-14 |
CN1568447A (zh) | 2005-01-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9424400B1 (en) | Digital rights management system transfer of content and distribution | |
WO2003091862A1 (fr) | Dispositif serveur et systeme de gestion de programme | |
US9342701B1 (en) | Digital rights management system and methods for provisioning content to an intelligent storage | |
US7325139B2 (en) | Information processing device, method, and program | |
EP1942430B1 (en) | Token Passing Technique for Media Playback Devices | |
US7496756B2 (en) | Content usage-right management system and management method | |
US7310732B2 (en) | Content distribution system authenticating a user based on an identification certificate identified in a secure container | |
US7484246B2 (en) | Content distribution system, content distribution method, information processing apparatus, and program providing medium | |
US7506367B1 (en) | Content management method, and content storage system | |
US7096363B2 (en) | Person identification certificate link system, information processing apparatus, information processing method, and program providing medium | |
JP4675031B2 (ja) | サーバ装置及びプログラム管理システム | |
US20090199303A1 (en) | Ce device management server, method of issuing drm key by using ce device management server, and computer readable recording medium | |
KR20090058736A (ko) | 보안모듈 프로그램을 보호하기 위한 디지털 케이블 시스템및 그 방법 | |
JP2002164880A (ja) | コンテンツ提供サーバ、コンテンツ提供プログラムを記録した記録媒体、コンテンツ配信サーバ、およびコンテンツ配信プログラムを記録した記録媒体 | |
JP2003051816A (ja) | コンテンツ配信システム、コンテンツ配信方法、およびデータ処理装置、データ処理方法、並びにコンピュータ・プログラム | |
JP2000113048A (ja) | コンテンツ受信装置群およびそれに用いるicカード | |
JP2004318448A (ja) | コンテンツ保護機能付き端末装置 | |
JP4809723B2 (ja) | ユーザ認証サーバ、ユーザ管理サーバ、ユーザ端末、ユーザ認証プログラム、ユーザ管理プログラム及びユーザ端末プログラム | |
JP2004303107A (ja) | コンテンツ保護システム及びコンテンツ再生端末 | |
JP2007517289A (ja) | ソフトウェア用のデジタル署名防護 | |
JP2003085048A (ja) | バックアップデータ管理システム、バックアップデータ管理方法、および情報処理装置、並びにコンピュータ・プログラム | |
CN102236753A (zh) | 版权管理方法及系统 | |
JP2003087237A (ja) | コンテンツ利用管理システム、コンテンツ利用管理方法、および情報処理装置、並びにコンピュータ・プログラム | |
JP2003085143A (ja) | パスワード管理システム、パスワード管理方法、および情報処理装置、並びにコンピュータ・プログラム | |
JP2003087236A (ja) | コンテンツ利用回数管理システム、コンテンツ利用回数管理方法、および情報処理装置、並びにコンピュータ・プログラム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): CN KR US |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): DE GB |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 1020047001619 Country of ref document: KR |
|
WWE | Wipo information: entry into national phase |
Ref document number: 20038012782 Country of ref document: CN |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2003720908 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 10511751 Country of ref document: US |
|
WWP | Wipo information: published in national office |
Ref document number: 2003720908 Country of ref document: EP |