JP2009157675A - Content delivery method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a content delivery method for use of a user who can go in and out a management area accessible to a server, in which a content is browsable when needed while reducing, when a terminal is lost, the risk of information leak by browsing of the content by a third person. <P>SOLUTION: When the content is delivered from the server to the terminal, a preset browsing period is delivered together to the terminal, and when the period is expired, the content is automatically deleted. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a system for distributing content from a server to a terminal.

  As described in Patent Documents 1, 2, 3, and 4, a system for distributing information from a server to a terminal has been proposed. For example, Patent Document 1 proposes a method in which a server transmits information to a terminal in response to a request from the terminal. Patent Document 2 proposes a method in which a terminal acquires schedule data for information distribution prepared in a server and downloads server contents from the terminal according to the schedule. Patent Document 3 proposes a method of distributing information according to the area where the terminal exists. Patent Document 4 transmits information distribution desired time and field from the terminal to the server, and based on this, the server transmits the information to the terminal. A method for distributing information to the Internet has been proposed.

JP2004-13779 JP2002-202927 JP2002-132820 JP2001-22672

  However, in the case of broadcast-type push distribution as described in Patent Document 1, 3 or 4 above, as shown in FIG. 5 (a), content is distributed regardless of the user. The desired content cannot be acquired. Further, in the on-demand type conventional method of requesting the server for a content distribution schedule as described in Patent Document 1 or 2 and acquiring the content from the terminal, the terminal is configured as shown in FIG. If used illegally, it becomes a security hole. For this reason, methods such as a personal identification number, password, and biometric authentication for personal authentication of a user are known, but new defense measures against leakage of the password and forgery of the authentication method are required.

  The present invention is outside a management area server (content distribution server) in the area where entry / exit is managed, a terminal connected to the management area server via the network, or an entry / exit management area. A content delivery system and a content delivery method having a receiving device, a content delivery server and a receiving device as a server, wherein the server in the management area includes a first content storage area for storing content data, and a content data receiving device A first schedule storage area for storing schedule data relating to distribution to the receiving device, and data setting means for specifying the content data to be distributed to the receiving device and setting the schedule data. A second content storage area for storing content data received from A second schedule storage area for storing the schedule data, and a schedule for deleting the content data stored in the second content storage area when the browsing end date of the content data set in the schedule data by the data setting means is exceeded Management means.

  The present invention provides a content distribution method intended for use by users who can enter and exit within a management area accessible to a server. By the above method, the server once in a management area such as a building of a company or an organization. Since a desired content is stored and can be browsed for a preset period by a predetermined terminal, there is a safe content distribution system that cannot be browsed even if it is lost or operated by an unauthorized user outside the set period It becomes possible.

  Embodiments of the present invention will be described with reference to the drawings.

  FIG. 1 shows a block diagram of an embodiment of the present invention. Reference numeral 101 in FIG. 1 denotes a management area, which is an area where entrance / exit management is performed, such as a building of a company or an organization, in which a server 102 and a PC 103 are placed. The content distribution system of the present invention is mainly intended for use by users who can enter the management area. On the other hand, reference numeral 104 denotes a portable terminal such as a mobile PC, a mobile phone, or a digital camera that can be used inside or outside the management area, and a fixed terminal, and can be connected to the server 102 via a wired or wireless network. The terminal may be provided with general access restrictions such as a password, but the contents set to be browsed and distributed to the terminal by the terminal are set by the server.

  The PC 103 stores content 110 that the user wants to display on the terminal 104 and can transfer it from the PC to the server 102. Here, the content includes all electronic data such as images, moving images, sounds, graphics, sentences, and statistical data.

  The server 102 stores data 111 transferred from the PC 103, information 112 related to a schedule for distributing the content to the terminal, and policy 113 data related to security at the time of distribution. The schedule information 112 and the policy 113 will be described in detail with reference to FIGS. 3 and 4, respectively. Further, the server is provided with a data setting program 114 for setting these data, a data transmission program 115 for transmitting data such as contents, schedules, and policies to the terminal, and an access management program 116 for managing access from the terminal. Yes.

  The terminal 104 stores data 120 such as content, schedule, and policy transmitted from the server 102, and a program 121 such as a data reception program 122 and a schedule management program 123. The schedule management program 123 includes a content display program 124, a content decryption program 125, a browsing log transmission program 126, an unauthorized access history transmission program 127, a content editing program 128, a content editing log transmission program 129, a position information acquisition / transmission program 130, The schedule change program 131 and the data deletion program 132 are configured. These schedule management programs will be described in detail with reference to FIG.

  Next, the flow of the content distribution system will be described with reference to the processing of the server 102 and the terminal 104 with reference to FIG. First, in the data setting program 114 of the server, among the contents transferred from the PC 103 in 201, the contents to be distributed to the terminal are set, and the schedule such as the date and time to be distributed is set in 202. The schedule will be described in detail with reference to FIG. Furthermore, a policy regarding security at the time of distribution in 203 is set. The policy will be described in detail with reference to FIG.

  Next, in the server data transmission program 115 and the terminal data reception program 122, the following processing is performed. First, it waits until the transmission date and time set at 204 (305 in FIG. 3). On the other hand, the terminal inquires whether communication with the server is possible at 209 and repeats until it is possible. Before the transmission date and time, the server notifies the terminal that communication is not possible. When the time is the transmission date and time, the server notifies the terminal that communication with the terminal is possible at 205, and transmits the schedule to the terminal at 206. The schedule is received at. Similarly, the policy is transmitted at 207 and the policy is received at 211. Also, the content is transmitted at 208, and the content is received at 212.

  Next, the terminal schedule management program 123 and the server access management program 116 perform the following processing. First, it waits until the browsing start date and time (306 in FIG. 3) set in the schedule in 213. Since the transmission date and time and browsing start date and time can be set individually, even if it is assumed that the terminal is placed in a location where the network connection environment is not sufficient at the browsing start date and time, the network connection environment is sufficient. By setting the date and time when it is expected to be placed as the transmission date and time, the content can be smoothly transferred to the terminal. If the content encryption flag (403 in FIG. 4) of the policy is true at 214, the content is decrypted. The decrypted content is protected so that it cannot be moved, copied or printed. In 215, the following processing from 216 to 222 is repeated as necessary. At 216, the content is displayed on a display device attached to or connected to the terminal. In 217, when the policy browsing log transmission flag (404 in FIG. 4) is true, the browsing status is transmitted to the server. At this time, if communication with the server is not established, a process of canceling the display may be added. In 218, when the unauthorized access history transmission flag (405 in FIG. 4) of the policy is true, the access history is transmitted to the server when there is unauthorized access such as access to an unauthorized file. This process makes it possible to monitor on the server side whether a malicious third party has illegally accessed when the terminal is lost. If the policy content editing flag (406 in FIG. 4) is true in 219, the content can be edited. Convenience can be improved when it is desired to modify content when browsing. If the policy content edit log transmission flag (407 in FIG. 4) is true at 220, the log with the edited content is transmitted to the server. By placing the editing data log on the server, it is possible to restore the editing work and update the content when the user returns to the management area. In 221, if the policy position information transmission flag (408 in FIG. 4) is true, information obtained from a position information acquisition device such as GPS is transmitted to the server. Even if the terminal is lost, it is possible to monitor where the terminal is located on the server and to estimate the risk of content leakage. Also in this case, when communication with the server is not established, a process of canceling the display may be added. Further, if the obtained position information is outside the area (308, 309, 310 in FIG. 3) described in the schedule data, the content may not be displayed. Alternatively, the content may be forcibly deleted. In 222, when the schedule change flags (409, 410, 411 in FIG. 4) such as policy transmission date / time, browsing start date / time, and browsing end date / time are true, they are changed. The viewing end date and time can be postponed if necessary to increase convenience, and when browsing is no longer necessary, the browsing end date and time can be advanced to increase safety. If the browsing end date and time has passed, data stored in the terminal such as content, schedule, and policy is deleted in 223. With the above processing, the content exists in the terminal from the transmission date and time to the browsing end date and time, and the browsing is possible from the browsing start date and time to the browsing end date and time. Even if the terminal is lost, if the date and time of the loss is outside this period, the content will not be viewed by a third party, and security can be maintained. On the other hand, the access management program 116 receives the log from the terminal at 224 and automatically or manually determines whether the terminal is used normally or illegally at 225. A data deletion command is transmitted to the terminal, and the terminal can delete the data even during the browsing possible period.

  Next, the format of schedule data will be described with reference to FIG. 301 is an ID of a terminal that receives content, and 302 is an ID of a server that distributes content, and is used in the data transmission program 115 and the data reception program 122 of FIG. 303 is the content ID, 304 is the ID of the security policy data group defined in FIG. 4, 305 is the data transmission date, 306 is the content browsing start date, 307 is the browsing end date, 308 to 309 is the content browsing available These are areas (latitude, longitude, range), and these are set in the management area by the data setting program 114 of FIG.

  Next, the format of policy data will be described with reference to FIG. The policy is determined in view of the sensitivity handled by the information sender, and each flag is set. 401 is the policy ID associated with 304 in FIG. 3, 402 is the confidentiality, and based on this, the security management operation may be performed. 403 is a flag indicating whether the content is encrypted and transmitted to the terminal, 404 is a flag indicating whether the browsing log is transmitted from the terminal to the server, and 405 is whether the history of unauthorized access is transmitted to the server. Flag, 406 is a flag indicating whether or not the transmitted content can be edited, 407 is a flag indicating whether or not a log when content is edited is transmitted to the server, and 408 is whether or not terminal location information is transmitted to the server 409, 410, 411 are flags indicating whether or not to allow changes in schedules such as transmission date / time, browsing start date / time, browsing end date / time by terminal operation, 412 receives a data deletion signal from the server, content, etc. This flag indicates whether to delete the data. These policy data are mainly used in the schedule management program 123 of FIG.

  Another embodiment of the present invention will be described with reference to FIGS.

  Reference numerals 101, 102, and 103 in FIG. 6 denote management areas, servers, and PCs similar to those described in FIG. Reference numeral 604 denotes a server outside the management area, which includes data 120 and a program 121 as provided in the terminal 104 of FIG. However, the content editing program, the content editing log transmission program, the position information acquisition / transmission program, and the schedule change program are not included. Reference numeral 605 denotes a terminal connected to the server 604 outside the management area.

FIG. 7 shows a flowchart of the content distribution system. Communication similar to the flow described in FIG. 2 is performed not between the server and the terminal, but between the server in the management area and the server outside the management area. Further, the schedule management program 723 for servers outside the management area communicates with a content display program 750 such as an Internet browser provided in the terminal 605 to display the content. In other words, when the terminal access reception 716 of the schedule management program 723 receives a signal from the content request 751 of the content display program 750 and determines that the access is appropriate, the content transmission 719 transmits the corresponding content to the terminal. Then, the content is displayed on the terminal display or the like by the content display 752 on the terminal side.
By using the above method, information can be accessed from any terminal while maintaining security by passing through a server outside the management area where the content is temporarily stored.

  In business and academic electronic presentations, content can be distributed from the server to the terminal without unauthorized access by a third party.

It is a figure which shows the outline | summary of one Example of this invention. It is a figure explaining the flow of the content delivery system of one Example of this invention. It is a figure explaining the schedule data format of one Example of this invention. It is a figure explaining the policy data format of one Example of this invention. It is a figure explaining a prior art. It is a figure which shows the outline | summary of another Example of this invention. It is a figure explaining the flow of the content delivery system of another Example of this invention.

Explanation of symbols

101 ... Management area 102 ... Server 103 ... PC
104 ... terminal 110 ... content 111 ... content 112 ... schedule 113 ... policy 114 ... data setting program 115 ... data transmission program 116 ... access management program 120 ... Data 121 ... Program 122 ... Data reception program 123 ... Schedule management program 124 ... Content display program 125 ... Content decryption program 126 ... Browsing log transmission program 127 ... Unauthorized access history Transmission program 128... Content editing program 129... Content editing log transmission program 130... Location information acquisition / transmission program 131... Schedule change program 132. Contents setting 202 ... Schedule setting 203 ... Policy setting 204 ... Wait until transmission date and time 205 ... Communication with terminal 206 ... Schedule transmission 207 ... Policy transmission 208 ... Content transmission 209 ... Communication inquiry 210 to server 210 ... Schedule reception 211 ... Policy reception 212 ... Content reception 213 ... Waiting until browsing start date / time 214 ... Content decryption 215 ... Repeated until browsing end date / time 216 ... content display 217 ... browsing log transmission 218 ... unauthorized access history transmission 219 ... content editing 220 ... edit log transmission 221 ... position information transmission 222 ... schedule change 223 ... Data deletion 224 ··· log reception 225 ··· unauthorized access determination 226 · Data Delete command 301 ... terminal ID
302 ... Server ID
303 ... Content ID
304 ... Policy ID
305 ... Transmission date / time 306 ... Browsing start date / time 307 ... Browsing end date / time 308 ... Browsing area: Latitude 309 ... Browsing area: Longitude 310 ... Browsing area: Range 401・ Policy ID
402 ... Sensitivity 403 ... Content encryption 404 ... Browsing log transmission 405 ... Unauthorized access history transmission 406 ... Content editing 407 ... Content editing log transmission 408 ... Location information transmission 409 ... Schedule change: Transmission date / time 410 ... Schedule change: Browsing start date / time 411 ... Schedule change: Browsing end date / time 412 ... Reception of data deletion signal 604 ... Server 605 outside management area ... Terminal 705 ... Program 716 for communicating with server outside management area ... Program 719 for receiving terminal access ... Program 750 for sending content to terminal ... Content display program 751 ... Content request program 752 ... -Content display program.

Claims (27)

A content distribution system comprising: a server in a management area in an area where entry / exit is managed; and a receiving device connected to the server in the management area via a network,
The in-management area server includes a first content storage area for storing content data;
A first schedule storage area for storing schedule data related to delivery of the content data to the receiving device;
Data setting means for specifying the content data to be distributed to the receiving device and setting the schedule data;
The receiving device has a second content storage area for storing the content data received from the server in the management area and a second schedule storage area for storing the schedule data;
Schedule management means for deleting the content data stored in the second content storage area when the browsing end date and time of the content data set in the schedule data by the data setting means is exceeded. A featured content distribution system.   The content distribution system according to claim 1, wherein the receiving device is a terminal.   2. The server according to claim 1, wherein the receiving device is an out-of-management-area server outside an area where entry / exit is managed, and the out-of-management-area server is connected to a terminal via a network. Content distribution system.   The server in the management area can transmit the data stored in the server in the management area to the receiving device when a predetermined transmission date and time set in the schedule data by the data setting means is exceeded. The content distribution system according to claim 1, further comprising a data transmission unit configured to perform data transmission.   The schedule management means enables browsing of the content data stored in the second content storage area by the terminal when a predetermined browsing start date and time set in the schedule data by the data setting means is exceeded. The content distribution system according to claim 2 or 3, characterized in that:   The schedule management means browses the content data stored in the second content storage area by the terminal when the terminal exists within a predetermined area range set in the schedule data by the data setting means. The content distribution system according to claim 2, wherein:   2. The content distribution according to claim 1, wherein the schedule management unit decrypts the encrypted content data and protects the decrypted content data from being moved, copied or printed. system. The data setting means sets policy data relating to security when delivering the content data to the terminal,
3. The schedule management unit according to claim 2, wherein the schedule management unit determines whether the content data can be edited or the schedule data can be changed by the terminal based on the policy data received from the server in the management area. Content distribution system.   When the server in the management area determines that the terminal is not normally used according to a predetermined determination criterion based on the received log of the terminal, the content data stored in the second content storage area 4. The content distribution system according to claim 2, further comprising access management means for transmitting a deletion command to the terminal. A content delivery method for delivering content data stored in a server in a management area in an area where entry / exit is managed to a terminal,
The management area server specifies the content data to be distributed to the terminal and sets schedule data related to the distribution of the content data to the terminal,
Sending the content data and the schedule data to the terminal;
The terminal receives the content data and the schedule data transmitted from the server in the management area,
A content delivery method, wherein the content data stored in the terminal is deleted when the browsing end date and time of the content data set in the schedule data is exceeded.   The said management area server transmits the data memorize | stored in the said management area server to the said terminal, when the predetermined transmission date set to the said schedule data is exceeded. Content distribution method.   The content delivery method according to claim 10, wherein the content data can be browsed by the terminal when a predetermined browsing start date and time set in the schedule data is exceeded.   The content distribution method according to claim 10, wherein the content data can be browsed by the terminal when the terminal exists within a predetermined area range set in the schedule data.   The terminal is configured to decrypt the encrypted content data received from the server in the management area and protect the decrypted content data from being moved, copied or printed. 10. The content distribution method according to 10. The management area server sets policy data related to security when delivering the content data to the terminal,
Sending the policy data to the terminal;
The content distribution according to claim 10, wherein the terminal determines whether the content data can be edited or the schedule data can be changed by the terminal based on the policy data received from the server in the management area. Method.   The server in the management area issues an instruction to delete the content data stored in the terminal when it is determined that the terminal is not normally used according to a predetermined criterion based on the received log of the terminal. The content delivery method according to claim 10, wherein the content delivery method is transmitted to the terminal. On a server in the area where entry and exit are controlled,
A content storage area for storing content data;
A schedule storage area for storing schedule data relating to distribution of the content data;
Data setting means for specifying the content data to be distributed and setting the schedule data;
Data transmission means for transmitting the content data and the schedule data stored in the server via a network;
The content distribution server, wherein the data setting means sets the schedule data so as to delete the content data of a transmission destination when a predetermined browsing end date and time is exceeded.   The data transmission unit is capable of transmitting data stored in the server when a predetermined transmission date and time set in the schedule data by the data setting unit is exceeded. The content distribution server according to 17.   18. The content distribution server according to claim 17, wherein the data setting unit sets the schedule data so as to enable browsing of the content data of a transmission destination when a predetermined browsing start date and time is exceeded. .   18. The content distribution server according to claim 17, wherein the data setting unit sets the schedule data so that the content data can be browsed only within a predetermined area range.   18. The content distribution server according to claim 17, wherein the data setting unit sets whether or not the content data and the schedule data can be edited or the schedule can be changed at a destination where the content data and the schedule data are distributed.   An access management means for transmitting a content data deletion command to a distribution destination when it is determined that normal access is not made according to a predetermined determination criterion based on a log of the distribution destination of the content data; The content delivery server according to claim 17, wherein The terminal includes a content storage area for storing content data received via a network, and a schedule storage area for storing schedule data relating to distribution of the content data;
A terminal comprising: schedule management means for deleting the content data stored in the content storage area when the browsing end date and time of the content data set in the schedule data is exceeded.   The schedule management means enables browsing of the content data stored in the content storage area when a predetermined browsing start date and time set in the schedule data is exceeded. The listed terminal.   The schedule management means enables browsing of the content data stored in the content storage area when the terminal exists within a predetermined area range set in the schedule data. Item 24. The terminal according to Item 23.   24. The terminal according to claim 23, wherein the schedule management unit decrypts the encrypted content data and protects the decrypted content data from being moved, copied or printed. A policy storage area for storing policy data relating to security of the content data received via the network;
24. The terminal according to claim 23, wherein the schedule management means determines whether the content data can be edited or the schedule can be changed by the terminal based on the policy data.

Images