JP2011223364A - Moving image security authentication system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To allow a distributor to confirm and guarantee to a user that a moving image content contributed to a site on a network is an original content.SOLUTION: A moving image security authentication system includes a Dsec authentication server which collates request source authentication information included in an authentication request with previously registered request source authentication information and outputs an electronic certificate when they match each other, a Dsec encoder which inputs an original moving image content, requests an authentication request for the contents from the Dsec authentication server, and outputs as an original moving image content with a Dsec authentication ID a content generated by adding the electronic certificate output from the server to the original content, and a Dsec decoder which outputs the separated original moving image content as it is when the moving image content is the original moving image content with the Dsec authentication ID.

Description

  The present invention relates to a moving image security authentication system that guarantees a user of moving image content that the generated moving image content is an original content. Here, the original content is the content created by the creator as an original (a piece of information that is recorded on a storage medium and transmitted through a transmission medium, which is viewed by a person, that is, a video, a still image, music, text, or the like. Content that does not contain duplicates, quotations, plagiarism, falsification, etc. from content created by others and does not contain viruses or illegal content.

  Video that is distributed on the Internet today (in this invention, “digitalized video information” is simply expressed as “video”) is not only a product that is distributed and distributed for free by video distribution service providers. It is an effective advertising, advertising and publicity tool for various companies, government offices and organizations. In addition, with the emergence of services that store, share, and distribute videos on the Internet, such as YouTube, videos created by individuals can be stored, shared, and distributed widely on the Internet. For government agencies, organizations, and individuals, content is becoming more familiar as a powerful means of transmitting information.

  However, there are two problems to consider when distributing content (not limited to moving images) over the Internet. First, in the process of distributing content to authorized users, how to prevent unauthorized use by a third party and properly protect the rights (copyright) of the content creator, Second, the content posted to the content storage / sharing / distribution service / site for the purpose of distribution is the original content, that is, the content created by the contributor as the original and created by the other It is how the distributor confirms and guarantees to the user that the content does not contain any duplication, quotation, plagiarization, falsification, etc., and does not contain viruses or illegal contents.

  As a means for solving the first problem, a digital rights management (DRM) technique is known. In DRM technology, on the content delivery side, metadata (information related to the content data) that is essential to the playback of the content data is created separately from the content data itself such as video and music. Pass the metadata to specific users only. A user who does not have key metadata cannot reproduce the content data even if it is acquired. This metadata is created so as to uniquely correspond to the personal computer (PC) that reproduces the content data and its user, so that unauthorized reproduction, copying, citation, It becomes possible to prevent theft and tampering.

  DRM technology is based on the premise that the content distributed by the content distributor is the original content, and a third party illegally plays, copies, This technology prevents citation, theft, and alteration. Therefore, the DRM technology can be effectively applied to a content distribution service that distributes only the content confirmed as the original content, such as a paid distribution service for movies and TV broadcasts. Is used.

  The second issue to consider when distributing content over the Internet, that is, how the distributor confirms and uses that the content posted to the content storage / sharing / distribution site for the purpose of distribution is the original content In the past, there has been no effective solution to the question of whether or not to guarantee to the user.

  For this reason, as seen in video storage, sharing, and distribution services that are currently in commercial use, video content that is created and posted by an unspecified number of individuals for distribution to an unspecified number of users is an original content. In addition, regardless of the intention of the contributor, if it contains duplicates, quotations, plagiarism, falsification, etc. from other original content, the video storage / sharing / distribution service provider confirms such posted content It is not easy to eliminate them. As a result, non-original content, possibly embedded content such as viruses or illegal content is distributed on the Internet through video storage / sharing / distribution services. DRM technology is also ineffective for the distribution of content that is not original content.

  The conventional video storage / sharing / distribution service on the Internet has the above-mentioned second problem. Therefore, copyright owners of original contents, such as movie companies and TV broadcasters, can store, share, and distribute videos. If the site of the service is constantly patroled manually and if content that infringes its copyright is discovered, the operator of the site is warned to delete the content, or the operator himself / herself patrols for the relevant content, It was cumbersome, costly to delete, and had to rely on incomplete measures.

  In addition, video operators, Internet service providers (ISPs) that provide video storage / sharing / distribution services are not only at risk of receiving the above warning from copyright holders, but also have viruses embedded in some cases. There was also a risk of distributing illegal content and illegal content to an unspecified number of users.

  Furthermore, for users who receive content from the video storage / sharing / distribution service, if the received content includes copying / quoting / stealing / tampering from the original content, the user can simply play it back. There is a possibility of infringing the copyright of the original content regardless of its own intention, and there is also a risk of inadvertent reproduction of content embedded with viruses or illegal content.

JP 2009-268028 A Special table 2008-523524

  The present invention has been made in view of the above-mentioned second problem in the conventional moving image storage / sharing / distribution service, and the moving image content posted to the content storage / sharing / distribution site on the network is the original content. In other words, how the distributor creates that the poster is an original, does not include copying, quoting, stealing, falsification, etc. from content created by others and does not include virus embedding or illegal content By solving the second problem of confirming and guaranteeing to the user, it is possible to provide a moving image storage / sharing / distribution service that provides moving image content that the user can view with confidence.

  As a means for solving this problem, the video security authentication system of the present invention is connected to a network, and the request source authentication information included in the authentication request is collated with the registered request source authentication information registered in advance, and the two match. If so, a Dsec authentication server that outputs an electronic certificate certified in advance as an authentication response to the request source, and the original video content are input, an authentication request for the original video content is requested to the Dsec authentication server, A Dsec encoder that outputs the original moving image content with the electronic certificate output as an authentication response of the Dsec authentication server to the network as an original moving image content with a Dsec authentication ID, and inputs the moving image content from the network , The entered motion If the content is the original moving image content with the Dsec authentication ID, it is separated into the electronic certificate and the original moving image content, and the separated electronic certificate is output and the information is displayed on the GUI (Graphical User Interface). A Dsec decoder that outputs the original video content that is displayed and separated as it is, and outputs warning information if the input video content is not the original video content with the Dsec authentication ID and displays it on the GUI.

  The network to which the video security authentication system of the present invention is connected is typically the Internet, but is not limited thereto. For example, a WAN (Wide) such as a company, a public office, or an organization that is independently constructed on the Internet. It may be a closed IP network such as an area network (LAN) or a local area network (LAN), or a wide area IP network constructed and provided by a communication carrier.

  By means of the present invention, in the video storage / sharing / distribution service via the Internet, the video content posted for the purpose of distribution to the video content storage / sharing / distribution site is created as the original content, that is, the original by the poster, etc. The distributor confirms that the content does not contain any duplicates, quotations, plagiarism, falsification, etc. from the content created by the subscriber, and does not contain virus embedding or illegal content, and can guarantee the user. Therefore, it is possible to realize a video storage / sharing / distribution service that provides video content that users can view with confidence.

It is a figure which shows the structure of the moving image security authentication system by the means of this invention. It is a figure explaining the example of 1 structure of the Dsec encoder 111 in the structure of this invention of FIG. It is a figure explaining the other structural example of the Dsec encoder 111 in the structure of this invention. It is a figure explaining the example of 1 structure of the Dsec decoder 112 in the structure of this invention of FIG. It is a figure explaining the other structural example of the Dsec decoder 112 in the structure of this invention of FIG. It is a figure explaining the example of 1 structure and the basic operation | movement 600 of the Dsec authentication server 110 in the structure of this invention. It is a figure which shows Example 1 of the moving image security authentication system of this invention. It is a figure which shows Example 2 of the moving image security authentication system of this invention. It is a figure which shows Example 3 of the moving image security authentication system of this invention. It is a figure which shows Example 4 of the moving image security authentication system of this invention.

Hereinafter, the present invention will be described in detail with reference to the drawings.
FIG. 1 is a diagram showing the configuration of a video security authentication system according to the means of the present invention. The moving image security authentication system shown in FIG. 1 is connected to the network 100 and compares the request source authentication information 102 included in the authentication request 101 with the registered request source authentication information 103 registered in advance. The Dsec authentication server 110 that outputs the electronic certificate 104 that has been certified in advance to the request source and the original moving image content 105 are input, and the authentication request 101 for the input original moving image content 105 is requested to the Dsec authentication server 110. Ds which outputs the electronic certificate 104 output as an authentication response of the Dsec authentication server 110 to the original video content 105 as a Dsec authentication ID to the network 100 as the original video content 106 with a Dsec authentication ID c. The moving image content 107 is input from the encoder 111 and the network 100. If the input moving image content 107 is the original moving image content 106 with the Dsec authentication ID, it is converted into the electronic certificate 104 and the original moving image content 105. Separating, outputting the separated electronic certificate 104 and displaying the information on a GUI (Graphical User Interface, not shown), and outputting the separated original moving image content 105 as it is, If the input moving image content 107 is not the original moving image content with Dsec authentication ID 106, a Dsec decoder 112 that outputs warning information 109 and displays it on the GUI is included.

  FIG. 2 is a diagram for explaining a configuration example of the Dsec encoder 111 in the configuration of the present invention shown in FIG. The Dsec encoder 111 is typically a device that creates original moving image content such as a PC, a video camera, and a mobile phone terminal with a video camera of a poster who wants to post moving image content to a moving image storage / sharing / distribution service. It is implemented as application software that runs on an OS (Operation System, basic software).

  In FIG. 2, when the original video content 105 is input, the Dsec encoder 111 sends an authentication request 101 for the original video content 105 to the Dsec authentication server 110 through the network 100 and is output as an authentication response of the Dsec authentication server 110. The result obtained by adding 104 to the original moving image content 105 as the Dsec authentication ID 201 is output as the original moving image content with Dsec authentication ID 106 and is loaded on the network 100.

  FIG. 3 is a diagram for explaining another configuration example of the Dsec encoder 111 in the configuration of the present invention. In FIG. 3, when the original video content 105 is input, the Dsec encoder 111 sends an authentication request 101 for the original video content 105 to the Dsec authentication server 110 through the network 100, and an electronic certificate output as an authentication response of the Dsec authentication server 110. 104 and the calculation result 301 of the CRC (Cyclic Redundancy Check) code for the original moving image content 105 are set according to a predetermined embedding rule 302 as a Dsec authentication ID 303 and added to the original moving image content 105. Output as the original moving image content 106 with Dsec authentication ID and put on the network 100.

  The configuration example of FIG. 3 is an extension of the configuration of FIG. 2, in which the calculation result 301 of the CRC code for the original moving image content 105 is embedded according to a predetermined embedding rule 302 in addition to the electronic certificate 104. The Dsec authentication ID 303 is different from the configuration example of FIG. The CRC code calculation result 301 for the original moving image content 105 is added so that when the original moving image content 105 is erroneous or altered during network transmission, the receiving side can detect it. The Dsec authentication ID embedding rule 302 is for preventing theft or tampering during network transmission by not using the digital certificate 104 and the CRC code calculation result 301 as they are as the Dsec authentication ID. It is sufficient if the rules are predetermined between the Dsec encoder and the Dsec decoder, such as data arrangement conversion. By using a Dsec encoder having this configuration and a Dsec decoder (described later) corresponding to the Dsec encoder, a moving image with higher safety than when using the Dsec encoder having the configuration shown in FIG. 2 and the corresponding Dsec decoder (described later). A security authentication system can be realized.

  FIG. 4 is a diagram for explaining a configuration example of the Dsec decoder 112 in the configuration of the present invention shown in FIG. The Dsec decoder 112 is implemented as browser plug-in type information display software that operates on the OS of an apparatus that reproduces or stores original moving image content.

  In FIG. 4, a Dsec decoder 112 is a Dsec decoder that operates in correspondence with the Dsec encoder having the configuration shown in FIG. 2. The moving image content 107 is input from the network 100, and the input moving image content 107 is the original moving image content with Dsec authentication ID. In step 401, if it is an original moving image content with a Dsec authentication ID, in step 402, it is separated into a Dsec authentication ID, that is, the electronic certificate 104 and the original moving image content 105, and the separated electronic certificate The document 104 is output and the information is displayed on a GUI (Graphical User Interface, not shown), and the separated original moving image content 105 is output as it is, and the input moving image content is displayed. If the content 107 is not the original moving image content with the Dsec authentication ID, the warning information 109 is created and output in step 403 and displayed on the GUI. The separation of the Dsec authentication ID and the original moving image content in step 402 can be easily performed by, for example, determining the length of the Dsec authentication ID in advance.

  FIG. 5 is a diagram for explaining another configuration example of the Dsec decoder 112 in the configuration of the present invention shown in FIG. In FIG. 5, a Dsec decoder 112 is a Dsec decoder that operates in correspondence with the Dsec encoder having the configuration shown in FIG. 3. The video content 107 is input from the network 100, and the input video content 107 is an original video content with a Dsec authentication ID. In step 501, if it is an original moving image content with a Dsec authentication ID, it is separated into an original moving image content 504 and a Dsec authentication ID 505 in step 502 and determined in advance with the Dsec encoder having the configuration of FIG. The Dsec authentication ID 505 is separated into the transmission side CRC code calculation result 508 and the electronic certificate 104 in accordance with the embedded rule 302, and the separated electronic certificate 104 is output as it is, and the information is displayed on the GUI (Graphical User Interface (not shown in the figure) is displayed and the CRC code of the separated original video content 504 is calculated in step 507. If the result and the transmission side CRC code calculation result 508 match in step 509, the original It is determined that the moving image content 504 is the same as the original moving image content 105 output by the Dsec encoder having the configuration shown in FIG. 3 and is output as it is. If they do not match, warning information 511 is generated and output in step 510. In step 501, if the input moving image content 107 is not the original moving image content with Dsec authentication ID, the warning information 109 is created and output in step 503 and displayed on the GUI.

  FIG. 6 is a diagram for explaining a configuration example of the Dsec authentication server 110 and its basic operation 600 in the configuration of the present invention, which is performed in advance by an original video content contributor (user of the video security authentication system of the present invention) 601. This is shown together with a user registration procedure 602.

  The Dsec authentication server 110 in FIG. 6 is a web application that runs on the OS of a server or a device such as a PC that is managed and operated by an operator of the network 100 such as an Internet service provider (ISP) or a communication carrier. Implemented as software. The physical installation location of the Dsec authentication server 110 may be anywhere as long as it is connected to the network, and even if it is placed on the business site of a provider that performs ISP or video storage / sharing / distribution services. It may be placed on the business site of a certified business operator that is outsourced by a different business operator.

  In FIG. 6, a person (user) 601 who intends to post original video content to a video storage / sharing / distribution service using the video security authentication system of the present invention first requests user registration from the Dsec authentication server 110. (603). For example, an ID and a password are used for user registration, but this is not sufficient to prevent spoofing by a third party. Therefore, the user performs personal authentication by a public certification authority 604 as shown in FIG. It is desirable to obtain it in advance as 605 and use it as authentication information for user registration.

  It is desirable for the Dsec authentication server 110 to receive authentication (electronic certificate) from the public certification authority 604 in advance in order to prevent spoofing when performing authentication (issue of an electronic certificate) for a poster's original video content. (607).

  When receiving the registration request 603 from the user (601) of the Dsec authentication server, the Dsec authentication server 110 confirms the authentication information including the user's personal authentication (electronic certificate 605) and registers it as a user (step 606). ), And stores the authentication information as registered request source authentication information 103. The Dsec authentication server 110 can then send the Dsec encoder 111 to the user 601 via the network 100 in step 608.

  In FIG. 6, the Dsec authentication server 110 receives an authentication request 101 from the video poster 601 from the network 100, and in step 609, registered request source authentication information in which the request source authentication information 102 included in the authentication request 101 is registered in advance. If the two match, the registered requester authentication information 103 registered in advance for the requesting video poster 601 is issued / stored as an electronic certificate in step 610 and authenticated in step 611. The response 104 is output and sent to the video poster 601.

  FIG. 7 is a diagram showing Example 1 of the video security authentication system of the present invention, which is an example of realizing a storage / sharing / distribution service of original video content using the video security authentication system of the present invention. In the first embodiment, the video security authentication system is an original composed of a Dsec authentication server 700, an original video content contributor 703, an original video content storage / sharing / distribution company (service provider) 704, and an original video content viewer 705. Used in the video content storage / sharing / distribution system, the Dsec encoder is distributed from the Dsec authentication server 700 to the original video content contributor 703, and the original video content storage / sharing / distribution operator 704 and the original video content are distributed from the Dsec authentication server 700. The Dsec decoder is distributed to the viewer 705.

  As the user registration step 701 in the first embodiment, the Dsec authentication server 700, under the approval of the public certification authority 702, is an original video content contributor 703, an original video content storage / sharing / distribution company (service provider). ) 704 and the original moving image content viewer 705 are registered as users (706), the Dsec encoder is distributed to the contributor 703, and the Dsec decoder is distributed to the service provider 704 and the viewer 705. Although FIG. 7 shows one poster 703 and one viewer 705, there may be a plurality of each.

  The basic operation step 707 in the original moving image content storage / sharing / distribution service of the first embodiment is as follows. First, the original video content contributor 703 makes an authentication request to the Dsec authentication server 700, and receives the electronic certificate 708 for the contributor 703 as a response. The contributor 703 adds the electronic certificate 708 to the original moving image content 709 created by the contributor in the Dsec encoder 710 to obtain an original moving image content with a Dsec authentication ID, and uploads (posts) it to the service provider 704. . The service provider 704 confirms the electronic certificate of the contributor by the Dsec decoder 711. If it is correct, the service provider 704 stores the uploaded original video content with the Dsec authentication ID (step 712) and responds to the request from the viewer 705. The downloaded original moving image content with Dsec authentication ID is downloaded to the viewer 705 (step 713). If not correct, the warning information is displayed on the GUI, and the taken moving image content is discarded (step 714). The viewer 705 confirms the electronic certificate of the poster added to the downloaded original video content with the Dsec authentication ID by the Dsec decoder 715, and if correct, separates and plays the original video content (step 716). If not, the alarm information is displayed on the GUI, the alarm information is transmitted to the service provider, and the taken moving image content is discarded (step 717).

  According to the original video content storage / sharing / distribution service of the first embodiment, the service provider 704 confirms by the Dsec decoder 711 whether or not the poster of the uploaded video content is a user registered in the Dsec authentication server. Because it is possible, posted video content by contributors who are not registered in the Dsec authentication server, in other words, the creator is unknown, so there is a risk of duplication, quotation, theft, tampering with other original content, viruses or illegal It is easy to automatically exclude content that may contain content without exception, and it is inevitable for conventional video content storage / sharing / distribution service providers to manually monitor and delete the content Can save enormous effort and cost. This also directly improves the reliability and security of service providers.

  Further, according to the original video content storage / sharing / distribution service of the first embodiment, all the video content to be stored / shared / distributed is an original video content that can be specified as a registrant to the Dsec authentication server. The viewer 705 can enjoy safe viewing without fear of copyright infringement or virus infection.

  Furthermore, according to the original video content storage / sharing / distribution service of the first embodiment, even if a video content that infringes the copyright of another original video content is posted falsely as the original video content, the copyright holder can easily You can identify the contributor and take action.

  FIG. 8 is a diagram showing a second embodiment of the video security authentication system of the present invention, a video camera connected to a home network (home LAN), home network equipment such as AV equipment and white goods, and the Internet. This is an example of realizing the original video content storage / sharing / distribution service using the video security authentication system of the present invention between the Dsec authentication server and the original video content storage / sharing / distribution company.

  8, the video security authentication system of the present invention includes an original video content storage / sharing / distribution company 801 on the Internet 800, a Dsec authentication server 802 on the Internet 800, a Dsec encoder and a Dsec decoder. A personal video camera 804 that is mounted in advance and connected to the Internet 800 via the home network 803, and a home network device 805 that is mounted in advance with a Dsec decoder and connected to the home network 803.

  In the second embodiment of FIG. 8, the video camera 804 requests and obtains a pre-authenticated electronic certificate 806 from the Dsec authentication server 802, stores it in step 807, and stores it in the home network 803 via the home network 803. Distribute to device 805 (for example, digital video player), and Dsec decoder built in home network device 805 receives original video content with Dsec authentication from original video content storage / share / distribution provider (service provider) 801 It can be so. The original moving image content shot by the video camera 804 (step 808) is passed to the built-in Dsec encoder (810) by the upload command (step 809) of the video camera 804 to become the original moving image content with Dsec authentication ID. It is sent to the original video content storage / sharing / distribution provider 801 via the home network 803 and the Internet 800 (step 811). The original moving image content storage / sharing / distribution company 801 confirms the sender of the received moving image content with the Dsec decoder 812 and stores it as the original moving image content with Dsec authentication ID (step 813). The photographer of the original video content downloads the stored original video content with the Dsec authentication ID from the video camera 804 or the home network device 805 (for example, a digital video player) to the original video content storage / sharing / distribution company 801. Can be downloaded (steps 814 and 815) and played back. Note that the original video content storage / sharing / distribution company 801 publicly stores the received original video content with a Dsec authentication ID as a video without a Dsec authentication ID according to the photographer's intention (step 816), and has a Dsec decoder. An unspecified number of general viewers may be able to view (step 817).

  FIG. 9 is a diagram showing a third embodiment of the video security authentication system of the present invention, in which a Dsec encoder and a Dsec decoder are mounted in advance and a cellular phone terminal with a video camera (including a multifunctional portable terminal with a video camera) having an Internet connection function. ) 900, a Dsec authentication server 903 on the Internet 902, and a video storage / sharing / distribution company 910 that configures the video security authentication system of the present invention to realize a storage / sharing / distribution service for original video content It is.

  In Example 3 of FIG. 9, the mobile phone terminal with video camera 900 requests and obtains a pre-authenticated electronic certificate 901 from the Dsec authentication server 903 via the Internet 902 (step 904). Since the mobile phone terminal with video camera 900 can easily download and use dedicated application software, various application software using the video security authentication system can be downloaded to the mobile phone terminal with video camera 900 ( Step 905) Save (Step 906) and can be used. The original moving image content photographed by the mobile phone terminal with video camera 900 (step 907) is transferred to the built-in Dsec encoder (909) by the upload command (step 908) of the mobile phone terminal with video camera 900 and Dsec. The original moving image content with the authentication ID is sent to the original moving image content storage / sharing / distribution company 910 via the Internet 902 (step 911). The original moving image content storage / sharing / distribution company 910 confirms the sender of the received moving image content with the Dsec decoder 912 and stores it as the original moving image content with Dsec authentication ID (step 913). The photographer of the original moving image content requests and obtains the original moving image content storage / sharing / distribution provider 910 from the mobile phone with video camera 900 to download the stored original moving image content with the Dsec authentication ID (step 914). ), Can be played. In accordance with the intention of the photographer, the original video content storage / sharing / distribution company 910 publicly stores the received original video content with Dsec authentication ID as a video without Dsec authentication (step 915), and stores it in the Dsec decoder. An unspecified number of general viewers who do not have can view (step 916).

  FIG. 10 is a diagram showing a video security authentication system according to a fourth embodiment of the present invention. A surveillance video camera 1000 having a Dsec encoder mounted in advance and having an Internet connection function, a Dsec authentication server 1003 on the Internet 1002, and a real-time monitoring service. The video security authentication system of the present invention is configured between the operator 1010 and a real-time monitoring service subscriber terminal 1015 (PC, portable terminal, etc.) that has a Dsec decoder mounted in advance and has an Internet connection function, thereby realizing a real-time video monitoring service This is an example.

  Real-time video monitoring service provides service subscribers with real-time or year / month / date / hour / minute / second or location of video recorded by surveillance video cameras installed on roads, streets, vehicles, public facilities, companies, and homes. It is a service that adds and distributes this information and is particularly useful for crime prevention and disaster prevention and is widely used. By applying the video security authentication system to this service, service subscribers (for example, public utilities, police, facility managers, companies, and individuals) can obtain safe and reliable video information.

  In the fourth embodiment shown in FIG. 10, the surveillance video camera 1000 requests the Dsec authentication server 1003 via the Internet 1002 to obtain and stores a digital certificate 1001 that has been authenticated in advance (step 1004). The monitoring video camera 1000 can download (step 1005), save (step 1006), and use various application software using the video security authentication system. The original moving image content shot by the monitoring video camera 1000 (step 1007) is passed to the built-in Dsec encoder (1009) by the upload command (step 1008) of the monitoring video camera 1000, and is supplied with the Dsec authentication ID. The video content is sent to the real-time video monitoring service provider 1010 via the Internet 1002 (step 1011). The real-time video monitoring service provider 1010 confirms the sender of the received video content with the Dsec decoder 1012 and stores it as the original video content with Dsec authentication ID (step 1013). The real-time monitoring service subscriber 1015 requests the real-time monitoring service provider 1010 to download the stored original video content with Dsec authentication ID (step 1014), and after confirming the photographer with the Dsec decoder (step 1014) 1016) and playback (1017).

  Since the DRM technology described at the beginning is a technology for preventing a content distributor from being illegally used by a third party in the process of distributing the content to its legitimate users, this technology is applied to the video security authentication system of the present invention. Then, the original moving image content authenticated by the moving image security authentication system of the present invention can be distributed to the user without being used illegally during the distribution.

  For example, in the fourth embodiment of the video security authentication system of the present invention shown in FIG. 10, the step 1011 of uploading the original video content from the monitoring video camera 1000 to the real-time monitoring service provider 1010 and the real-time monitoring service from the real-time monitoring service provider 1010 By using DRM technology in step 1014 for downloading original video content to the subscriber 1015, it becomes possible to transmit the safe and reliable monitoring video information to the user without being illegally used by others, and high reliability. Real-time video surveillance service with high security and high secrecy can be realized. In addition, videos that previously had no evidence will have evidence.

  As described above in detail, according to the video security authentication system of the present invention, video content posted for the purpose of distribution to a content storage / sharing / distribution site on the network is created as original content, that is, the original is created by the poster In addition, the distributor confirms that the content does not include copying, quoting, stealing, falsification, etc. from content created by others and does not include virus embedding or illegal content, and guarantees the user Therefore, it is possible to provide a moving image storage / sharing / distribution service that provides moving image contents that the user can view with confidence.

  In the above description, the video security authentication system of the present invention has been described as a system that authenticates the distributor of original video content, but the original content that is the target of storage, sharing, and distribution is not limited to video only. Alternatively, it may include original still image content, original sound content, original text content, or a combination thereof.

  The moving image security authentication system of the present invention enables moving image storage / sharing / distribution services that provide moving image contents that can be viewed with peace of mind by the user, and therefore has great utility value for network managers / operators and ISPs. Furthermore, it is effective in preventing content copyright infringement on the network and can protect the rights of the copyright holder.

100 network 101 authentication request 102 request source authentication information 103 registered request source authentication information 104 electronic certificate 105 original moving image content 106 original moving image content with Dsec authentication ID 107 moving image content 109 warning information 110 Dsec authentication server 111 Dsec encoder 112 Dsec decoder 201 Dsec authentication ID
301 CRC code calculation result 302 Embedding rule 303 Dsec authentication ID
401 Step 402 Step 403 Step 501 Step 502 Step 503 Step 504 Original video content 505 Dsec authentication ID 505
507 Step 508 Transmitting CRC code calculation result 509 Step 510 Step 511 Warning information 600 Basic operation of Dsec authentication server 110 601 Original video content contributor 602 User registration procedure 603 Step 604 Public certificate authority 605 Electronic certificate 606 Step 607 Step 607
608 Step 609 Step 610 Step 611 Step 700 Dsec Authentication Server 701 User Registration Step 702 Public Certification Body 703 User Registration Step 704 Original Video Content Storage / Share / Distributor 705 Original Video Content Viewer 706 Step 707 Basic Operation Step 708 Electronic certificate 709 Original video content 710 Dsec encoder 711 Dsec decoder 712 Step 713 Step 714 Step 715 Dsec decoder 716 Step 717 Step 800 Internet 801 Original video content storage / sharing / distribution provider 802 Dsec authentication server 803 Home network 804 Personal use Video camera 805 Home network equipment 8 6 Electronic Certificate 807 Step 808 Step 809 Step 810 Dsec Encoder 811 Step 812 Dsec Decoder 813 Step 814 Step 815 Step 816 Step 817 Step 900 Mobile Phone Terminal with Video Camera 901 Electronic Certificate 902 Internet 903 Dsec Authentication Server 904 Step 905 Step 906 Step 907 Step 908 Step 909 Dsec encoder 910 Original video content storage / sharing / distribution provider 911 Step 912 Dsec decoder 913 Step 914 Step 915 Step 916 Step 1000 Surveillance video camera 1001 Electronic certificate 1002 Internet 1003 Dsec authentication server 1004 Step 1005 1006 Step 1007 Step 1008 Step 1009 DSEC encoder 1010 real-time moving monitoring service provider 1011 step 1012 DSEC decoder 1013 step 1014 step 1015 real-time monitoring service subscriber 1016 step 1017 step

Claims (17)

If the request source authentication information included in the authentication request is connected to the network and checked against the registered request source authentication information registered in advance, and the two match, an electronic certificate previously certified for the request source is obtained as an authentication response. An output Dsec authentication server;
An original video content is input, an authentication request for the original video content is requested to the Dsec authentication server, and the electronic certificate output as an authentication response of the Dsec authentication server is added to the original video content. A Dsec encoder that outputs to the network as original video content with an authentication ID;
When moving image content is input from the network, and the input moving image content is the original moving image content with the Dsec authentication ID, it is separated into the electronic certificate and the original moving image content, and the separated electronic certificate is Output and display the information on a GUI (Graphical User Interface) and output the separated original video content as it is, and output warning information if the input video content is not the original video content with the Dsec authentication ID A Dsec decoder to be displayed on the GUI,
A video security authentication system comprising: In the video security authentication system according to claim 1,
A moving image security authentication system characterized in that a network to be connected is any one of the Internet, a WAN constructed on the Internet, a wide area IP network, and a closed area IP network. In the video security authentication system according to claim 2,
A video security authentication system, wherein the Dsec encoder is implemented as application software that operates on an OS (Operation System, basic software) of an apparatus that creates original video content. In the video security authentication system according to claim 2,
When the Dsec encoder inputs the original video content, an authentication request for the original video content is sent to the Dsec authentication server via the network, and an electronic certificate output as an authentication response of the Dsec authentication server is added to the original video content as a Dsec authentication ID. The video security authentication system is characterized in that the output is output as an original video content with a Dsec authentication ID. In the video security authentication system according to claim 2,
When the Dsec encoder inputs the original video content, an authentication request for the original video content is sent to the Dsec authentication server through the network, and an electronic certificate output as an authentication response of the Dsec authentication server, and CRC (Cyclic Redundancy) for the original video content (Check) code calculation result obtained by embedding in accordance with a predetermined embedding rule is set as a Dsec authentication ID, and the result added to the original moving image content is output as an original moving image content with Dsec authentication ID. Video security authentication system. In the video security authentication system according to claim 2,
A video security authentication system, wherein the Dsec decoder is implemented as browser plug-in type information display software that operates on an OS of an apparatus that reproduces or stores original video content. In the video security authentication system according to claim 2,
The Dsec decoder is a Dsec decoder that operates in correspondence with the Dsec encoder of claim 4, inputs moving image content from a network, determines whether the input moving image content is an original moving image content with a Dsec authentication ID, If it is an original moving image content with a Dsec authentication ID, it is separated into the Dsec authentication ID, that is, an electronic certificate and the original moving image content, and the separated electronic certificate is output to display the information on the GUI. In addition, the separated original moving image content is output as it is, and if the input moving image content is not the original moving image content with the Dsec authentication ID, warning information is generated and output and displayed on the GUI. Video security certification system In the video security authentication system according to claim 2,
The Dsec decoder is a Dsec decoder that operates in accordance with the Dsec encoder of claim 5, inputs video content from a network, determines whether the input video content is original video content with a Dsec authentication ID, If it is an original moving image content with a Dsec authentication ID, the original moving image content is separated into an original moving image content and a Dsec authentication ID, and the Dsec authentication ID is sent to the transmitting side CRC according to a predetermined embedding rule with the Dsec encoder of claim 5. The code calculation result and the electronic certificate are separated, the separated certificate is output as it is, the information is displayed on the GUI, the CRC code of the separated original video content is calculated, and the result and transmission If the side CRC code calculation results match, the separation is performed. The original moving image content is determined to be the same as the original moving image content output by the Dsec encoder of claim 5 and is output as it is. If the input moving image content is not the original moving image content with the Dsec authentication ID, warning information is generated and output. A moving image security authentication system, characterized in that it is displayed on a GUI. In the video security authentication system according to claim 2,
The Dsec authentication server is connected to the network and compares the request source authentication information included in the authentication request with the registered request source authentication information registered in advance. A video security authentication system that issues, stores, and outputs a digital certificate. In the video security authentication system according to claim 9,
A video security authentication system, wherein a Dsec authentication server is implemented as web application software that operates on an OS of an apparatus managed and operated by an operator of the network. In the video security authentication system according to claim 9,
A video security authentication system in which a Dsec authentication server receives authentication (electronic certificate) from a public certificate authority in advance. In the video security authentication system according to any one of claims 1 to 11,
Used in an original video content storage / sharing / distribution system comprising a Dsec authentication server, original video content contributor, original video content storage / sharing / distribution operator and original video content viewer, and from the Dsec authentication server to the original A Dsec encoder is distributed to a video content contributor, and a Dsec decoder is distributed from the Dsec authentication server to the original video content storage / sharing / distribution business operator and the original video content viewer. . In the video security authentication system according to claim 12,
A video security authentication system comprising a plurality of original video content contributors and a plurality of original video content viewers. In the video security authentication system according to any one of claims 1 to 11,
An original video content storage / sharing / distribution company on the Internet, a Dsec authentication server on the Internet, a personal video camera mounted with a Dsec encoder and Dsec decoder in advance and connected to the Internet via a home network, and a Dsec decoder A video security authentication system, characterized in that it is used in an original video content storage / sharing / distribution system that is implemented in advance and configured by a home network device connected to the home network. In the video security authentication system according to any one of claims 1 to 11,
Multi-function mobile terminal with video camera that has a Dsec encoder and Dsec decoder preinstalled and has an Internet connection function, and a Dsec authentication server and Dsec decoder on the Internet preinstalled to store, share, and distribute original video content on the Internet A video security authentication system characterized by being used in a system for storing, sharing, and distributing original video content. In the video security authentication system according to any one of claims 1 to 11,
A video camera for monitoring with a Dsec encoder pre-installed and having an Internet connection function, a Dsec authentication server and a real-time monitoring service provider on the Internet, and a real-time monitoring service subscriber terminal with a Dsec decoder pre-installed and an Internet connection function A video security authentication system for use in an original video content storage / sharing / distribution system. In the video security authentication system according to any one of claims 1 to 16,
A video security authentication system, wherein the original video content includes original still image content, original sound content, original text content, or a combination thereof.