Abstract: The present invention discloses a system and methods for biometric security using hand geometry recognition biometrics in a transponder-reader system. The biometric security system also includes a hand geometry scan sensor that detects biometric samples and a device for verifying biometric samples. In one embodiment, the biometric security system includes a transponder configured with a hand geometry scan sensor. In another embodiment, the system includes a reader configured with a hand geometry scan sensor. In yet another embodiment, the present invention discloses methods for proffering and processing hand geometry scan samples to facilitate authorization of transactions.

Abstract: In accordance with a broad aspect, a method is provided to securely configure a computing device. A configuration indication is received into the computing device, including receiving a digital signature generated based on the configuration indication. Generation of the digital signature accounts for a unique identifier nominally associated with the computing device. The received configuration indication is verified to be authentic including processing the unique identifier, the received configuration indication and the received digital signature. The computing device is operated or interoperated with in accordance with the received configuration indication. In one example, a service interoperates with the computing device. For example, the computing device may be a portable media player, and the service may provide media to the computing device based on a capacity indication of the configuration indication.

Abstract: A cellular phone company closes a contract with a user to the effect that the cellular phone company collects a predetermined basic charge from the user together with a communication charge. When the user intends to print out a contents, the user sends authentication information given to him/her to a contents server from his/her cellular phone. The contents server authenticates the user based on the authentication information, and sends contents data for browsing to the user's cellular phone, if authentication is successful. The user's cellular phone sends print request information to a printer. The printer acquires corresponding contents data for print-out from the contents server in accordance with the print request information, and prints out the contents. The cellular phone company collects the basic charge and the communication charge from the user based on the contract.

Abstract: A system and method for enabling broadcast programs to be copied once only by consumer recorders includes writing a unique media identification on each blank disk to which content is to copied in a read-only area of the disk before it is initially recorded. Also, a one-way key management media key block is written to the disk. A content key is derived by combining a media key, derived from the media key block, with the media identification. Additionally, to facilitate copying the content one time only, an exchange key is established between the recorder and a sender such as a satellite receiver or a disk player that is associated with the recorder, and the exchange key is modified with one or more special numbers representing control commands including copy once and copy no more. The modified exchange key is then encrypted using the content key to render an encrypted modified exchange key, and the encrypted modified exchange key is then hashed with a nonce to render a bus content key.

Abstract: A method for authorizing a computer program having a number of features for use with a product includes: receiving license data generated using a first key, the license data specifying a unique identifier associated with the product and specifying at least one feature authorized for use with the product; using a second key associated with the first key, obtaining the unique identifier from the license data; retrieving a product identifier from the product; determining whether the unique identifier corresponds to the product identifier; and based on the determination, authorizing use of the at least one feature with the product.

Abstract: A system includes a managing center transmitting a data stream encrypted by control words included in control messages. The data stream is received by at least one user unit linked to a security module identified by a unique address. The security module contains a credit which is deducted according to the consumption of data from the stream. The security module can deduct the credit of an amount related to a product or an amount related to a duration, this amount and/or this duration being defined in the control message or in a management message. The user transmits to the managing center an identifier identifying the unique address and a value code representing an amount of credit to reload, the managing center dealing with and checking the value code and transmitting an encrypted message having the unique address and the amount to reload the credit with, to the security module.

Abstract: Included are systems and methods for data authentication. At least one embodiment of a system includes a secure processor configured as a physically secure environment, the secure processor further configured to receive a control word from a headend, the secure processor further configured to encrypt the received control word using a first encryption key. Other embodiments of a system includes a transport processor configured to receive the encrypted control word, the transport processor further configured to decrypt the received control word using a first decryption key, wherein the first decryption key is compatible with the first encryption key.

Abstract: Movement of a living object is measured by a movement sensor carried by one living object at a time for forming one measurement signal per one living object. The measurement signal is compared with a predetermined reference signal which may be measured from a known living object in a similar way. A recognition operation is performed based on the comparison between the measurement signal and the predetermined reference signal, the recognition operation resulting in recognition or non-recognition.

Abstract: A method and a system for access authentication. A shared services resource includes a second factor authentication module. At least one network resource each include a first factor authentication module. A trusted computing base communicates with the shared services and the at least one network resource through a pipe. An assertion may be obtained on a trusted computing base for accessing at least one network resource. At least one of the at least one network resource may be accessed with the trusted computing base when the assertion has been obtained by the trusted computing base and is valid.

Abstract: A content reproduction system that allow the user to rent or purchase any desired contents for reproduction without depending on a predetermined type of information of the user. The content reproduction system includes: a recording medium storing a license ticket including an encrypted master key; and a reproduction apparatus that receives from the user a request for a selected content and the information of the selected content, acquires distribution content information corresponding to the selected content, stores it in association with the license ticket into the recording medium. When reproducing the content, the reproduction apparatus generates a content using an encrypted content decryption key and an encrypted content that are contained in the distribution content information, and using a master decryption key information corresponding to the distribution content information, and reproduces the generated content.

Abstract: A system that distributes content access data which provides rights management data indicating a right of a user to reproduce and/or copy the distributed content. The system includes an applications device including a trusted player for receiving, reproducing and/or copying the content, and a smart card access device for accessing a smart card, such as a Subscriber Identity Module (SIM), which is uniquely associated with the user. A trusted server communicates the content access data to the smart card via a communications network by encrypting the content access data using an encryption key pre-stored on the smart card and known to the trusted server. A facility is thus provided for cost effectively distributing content and managing rights in the content using security facilities inherent in the smart card.

Abstract: The hash extension technique used to generate an ECGA may be used to increase the strength of one-way hash functions and/or decrease the number of bits in any situation where some external requirement limits the number of hash bits, and that limit is below what is (or may be in the future) considered secure against brute-force attacks. For example, to decrease the length of human entered security codes (and maintain the same security), and/or to increase the strength of a human entered security code (and maintain the length of the security code), the security code may be generated and/or authenticated using an extended hash method.

Abstract: Embodiments of the system may utilize a Knowledge Broadcasting System for specifying content metadata and locating Internet documents. In this instance embodiments of the invention comprise an improved manner of specifying the content of an Internet document in such a way that the users of the system are able to retrieve relevant Internet documents. This is accomplished using a three-tiered search engine where the first-tier is denoted as a category search, the second tier is denoted as a context search, and the third-tier is denoted as a keyword search. At each step relevant information is filtered out and the focus of the search is narrowed. In the general search, the user narrows the focus of the search by selecting a hierarchical definition.

Abstract: A memory stores a hash value of content management data. When an IEEE1394 interface authenticates a personal computer connected thereto via a network, the IEEE1394 transmits content management data to the personal computer while receiving a hash data of the content management data from the personal computer. The IEEE1394 interface then determines whether the received hash value of the content management data matches the stored hash value of the content management data. This arrangement prevents the unauthorized copying of content data, and limits the number of uses of the content data.

Abstract: One embodiment of the invention relates to a management method for conditional access data processing by at least three decoders associated to a subscriber. These decoders include activation/deactivation means for conditional access data processing and local communication means structured to allow communication between the subscribers' decoders. This method comprises a reception step, a determination step, and a comparison step. In addition conditional access data processing by said first decoder (STB) is deactivated if the latter has not received messages from the required number of different decoders. Another embodiment of the invention relates to a decoder that allows the implementation of the method according to the invention and characterized in that it includes local communication means (10) structured to transmit messages to other decoders and to receive messages originating from said other decoders, and processing means for messages received by said local communication means (10).

Abstract: The objective of the present invention is to propose an accounting method of the consumption of transmitted services per time unit to a decoder in a system implementing a content encrypted by control words, the latter being modified according to a period named crypto-period. This method consists in verifying if the time-current (TC) is comprised in a time variable (Rdate) representative of the authorisation time of use of the service and, if this is the case, decrypting and returning the control words to the decoder, and if it is not the case, debiting an amount (CT) corresponding to a time of use (AT) and recharging the time variable (Rdate) with a corresponding time.

Abstract: Systems and methods of mitigating attacks, such as Denial of Service (DoS) attacks, in a communications network are presented. Source addresses of packets received at network devices are monitored in relation to known reliable addresses stored in a decision engine. If the source address, as stored in a source table, is known as being legitimate the packets are placed in a high priority queue for transmission at the highest rate. Packets with an unknown address are placed in a lower priority queue, the source address stored in a different source table, and the packet is serviced at a lower rate. Packets that become known to be legitimate are moved from the unknown table to the table from which high priority queues are serviced. In this way, an attacker that employs spoofing techniques is prevented from overtaxing network resources.

Abstract: A decryption processing unit decrypts encrypted content data using a license key Kc. When an elapsed time after reception of the license key (Kc) does not exceed a hold time at a time of the license key (Kc) included in reproduction control information (ACp), reproduction of encrypted content data continues. When the elapsed time exceeds the hold time at a time, the license key (Kc) is discarded, and a reproduction control unit again obtains a license key (Kc) from a memory card. Discarding and reobtaining license key (Kc) continues until an allowable output count of license key (Kc) from the memory card becomes zero. As a result, a reproduction time of encrypted content data can be controlled safely.

Abstract: An information recording medium, such as an optical disk or the like, is provided for recording at least copyrighted content information and cipher key information. A part of the content information is scrambled and recorded in the information recording medium, and the scrambled and recorded part of the content information is obtained through scrambling using scramble key information, which is obtained by converting the cipher key information by the use of a non-scrambled part of the content information. The information recording medium has a recording area divided into a plurality of sectors. A plurality of data which the content information is divided into is recorded in the sectors. The non-scrambled part of the content information includes copy control information and a part of the content information that changes sector by sector.

Abstract: An exchange system for intangible goods comprises a first user system, a second user system, a registry system, a clearinghouse system and a hash module coupled for communication with each other. The first and second user systems includes a content module for acting as a repository for intangible goods, a pricing module for setting the price of intangible goods, a transaction generator module for creating transactions between seller and buyer, and a transaction log module for recording any transaction in which the user system participates. These systems are used to consummate transactions with other users for exchanging intangible goods. As part of each transaction, the user and the transaction must be entered or registered in the registry system. The registry system comprises an account module and a transaction log module for maintaining the anonymity of the sellers and buyers.

Abstract: A method of transmitting contents, which are to be received at a reception side where a portion of the contents is previewed while the contents are not accessible for playing other than for a preview purpose, includes the steps of encrypting the contents by a first encryption key, generating information indicative of an elapsed time of the contents that indicates a relationship between positions on a time axis of the contents representing an amount of time that passes as the contents are played and a time count that accrues as a preview time when the contents are previewed, encrypting the first encryption key and the information indicative of an elapsed time of the contents by a second encryption key, thereby generating first encrypted information, encrypting the second encryption key and content-usage control information by a third encryption key, thereby generating second encrypted information, the content-usage control information indicating usage of the contents on the reception side, and transmitting the

Abstract: An information recording apparatus has a content encryption section which encrypts content information with an encryption key and outputs encrypted content information, a control section which identifies an already moved area in the content information and generates a reproduction enable condition containing reproducible area information indicating a movable area, a hash arithmetic device which executes hash calculation for the reproduction enable condition and stores an arithmetic result in a register, and a hard disk drive which records the encrypted content information output from the encryption section and the reproduction enable condition. Even content information that remains after interruption during movement can be moved.

Abstract: A system and method for enabling broadcast programs to be copied once only by consumer recorders includes writing a unique media identification on each blank disk to which content is to copied in a read-only area of the disk before it is initially recorded. Also, a one-way key management media key block is written to the disk. A content key is derived by combining a media key, derived from the media key block, with the media identification. Additionally, to facilitate copying the content one time only, an exchange key is established between the recorder and a sender such as a satellite receiver or a disk player that is associated with the recorder, and the exchange key is modified with one or more special numbers representing control commands including copy once and copy no more. The modified exchange key is then encrypted using the content key to render an encrypted modified exchange key, and the encrypted modified exchange key is then hashed with a nonce to render a bus content key.

Abstract: The present invention provides a data processing apparatus and method for managing processor configuration data. The data processing apparatus comprises a processor operable in a plurality of modes and a plurality of domains, said plurality of domains comprising a secure domain and a non-secure domain, said plurality of modes including at least one non-secure mode being a mode in the non-secure domain, at least one secure mode being a mode in the secure domain, and a monitor mode. The processor is operable such that when executing a program in a secure mode the program has access to secure data which is not accessible when said processor is operating in a non-secure mode.

Abstract: The present invention discloses a system and methods for biometric security using keystroke scan biometrics in a smartcard-reader system. The biometric security system also includes a keystroke scan sensor that detects biometric samples and a device for verifying biometric samples. In one embodiment, the biometric security system includes a smartcard configured with a keystroke scan sensor. In another embodiment, the system includes a reader configured with a keystroke scan sensor. In yet another embodiment, the present invention discloses methods for proffering and processing keystroke scan samples to facilitate authorization of transactions.

Abstract: A method of transmitting a content to a reception side includes the steps of encrypting the content by use of a scramble key that varies with time, encrypting scramble-key-associated information that includes at least the scramble key and usage-control information, the usage-control information indicative of usage of the content on the reception side, and transmitting the encrypted content and the encrypted scramble-key-associated information to the reception side.

Abstract: A method for transferring at least one data record from an external data source into a processor unit, e.g., and a suitably designed processor unit are described. In such a method for transcribing at least one data record from the external data source to a processor unit, the at least one data record is transmitted from the external data source together with additional information to a buffer memory of the process unit. A check of the admissibility of using the at least one data record is performed on the basis of the additional information. A blocking signal is generated when the check reveals that use of the at least one data record is not allowed. The at least one data record is then deleted from the buffer memory. An enable signal is generated when the use of the at least one data record is allowed. The additional information includes an identifier assigned individually to the processor unit, with the validity check being performed in the processor unit.

Abstract: The invention, an electronic book selection and delivery system, is a new way to distribute books and other textual information to bookstores, libraries and consumers. The primary components of the system are a subsystem for placing text in a video signal format and a subsystem for receiving and selecting text that is placed in the video signal format. The system configuration for consumer use contains additional components and optional features that enhance the system, namely: (1) an operation center, (2) a video distribution system, (3) a home subsystem, including reception, selection, viewing, transacting and transmission capabilities, and (4) a billing and collection system. The operation center and/or video distribution points perform the functions of manipulation of text data, security and coding of text, cataloging of books, messaging center, and uplink functions.

Abstract: A wide-area emergency information management system includes a broadcasting entity (10) and delivers content to authorized receiver clients (20), such as PC's, laptops, wireless devices, etc. The specific content (26), which can include voice, text, video or any other information content related to a planned response to a given crisis or emergency such as enemy attack or natural disaster, is prepared in advance (28), tailored to the class of recipient receiver client and/or user (44), securely downloaded (32,36) and stored locally in a secure cache (21). In response to a small control file from a centralized emergency management authority, the receiver client system accesses the cache (21), decrypts the content (26), and delivers it to the end user.

Abstract: A digital data file encryption apparatus and method, where a digital data server identifies the user and supplies an encrypted digital data file to the user in accordance with the identified result. A personal computer decrypts the encrypted digital data file supplied from the digital data server and reproduces the decrypted digital data file or re-encrypts it using an encryption key. The encryption key is generated on the basis of an identification number of a data storage medium or digital data playing device. A digital data playing device stores the re-encrypted digital data file downloaded from the personal computer in the data storage medium and decrypts the stored digital data file using the encryption key to reproduce it. A first internal key is added to the identification number to convert the identification number into the encryption key, which is then encrypted according to an encryption algorithm based on a second internal key.

Abstract: An information processing apparatus has a detection unit to detect a recording medium and initiates a program read from the recording medium detected by the detection unit. In the information processing apparatus, an operation check unit performs an operation check of the recording medium detected by the detection unit. An authentication check unit performs an authentication check of the recording medium detected by the detection unit. An error notification unit notifies an operator of an error of the recording medium if at least one of a result of the operation check and a result of the authentication check is an error.

Abstract: The invention relates to a method of managing files. In this invention, a method of managing a file stored in an external memory device of a computer having an application that starts when it is read by the computer consists of a step of accepting an instruction for starting up the application, and a step of automatically deleting the application program from the external memory device when the started application terminates. This file managing method can automatically delete the application program from the external memory device when the started application terminates.

Abstract: A software audit system is provided in conjunction with an anti-virus system. A computer virus scan request received by the anti-virus system (16) is used to trigger an audit data generator (18) to generate audit data. The audit data generator (18) may also serve to ban certain computer programs from execution and monitor the concurrent usage of other computer programs.

Abstract: In one embodiment, a content license is created that defines parameters for accessing a piece of digital content. A first logical expression in the content license defines a plurality of playback devices that are authorized to access the piece of digital content. A second logical expression in the content license defines at least one time interval when the plurality of playback devices are authorized to access the piece of digital content. The content license is used to access the piece of digital content.

Abstract: A contents database 114 memorizes the discriminating information for discriminating contents and the temporal information as to the time of content duplication associated with the discriminating information. A recording program 113 acquires the discriminating information of contents to be duplicated and duplicates the contents in association with the acquired discriminating information and with the temporal information memorized in the contents database 114. This substantially prohibits duplication in large quantities without significantly impairing the interests of a user.

Abstract: A memory stores a hash value of content management data. When an IEEE1394 interface authenticates a personal computer connected thereto via a network, the IEEE1394 transmits content management data to the personal computer while receiving a hash data of the content management data from the personal computer. The IEEE1394 interface then determines whether the received hash value of the content management data matches the stored hash value of the content management data. This arrangement prevents the unauthorized copying of content data, and limits the number of uses of the content data.

Abstract: A method relating to recording transmitted digital data in which transmitted digital information is encrypted by a recording encryption key. The recording encryption key is stored by a recording means on a recording support medium. Further, the recording encryption key is characterized in that an equivalent of the recording encryption key is encrypted by a recording transport key, which is also stored on the support medium with the encrypted information.

Abstract: A high-speed dubbing unit 10 for dubbing digital data from an optical disk 15 to a hard disk 16 at a high speed is connected via a public telephone line to a payment imposing unit 20. A control unit 13 is provided for generating in its basic data generator 13B basic data for imposing the payment from at least data indicative of the user identification and data indicative of the speed for recording the data read out from the optical disk 15 into the hard disk 16 and transmitting the basic data to the payment imposing unit 20. The payment imposing unit 20 performs the imposing of the payment according to the basic data received from the control unit 13 and transmits data indicative of the completion of imposing the payment to the control unit 13. In response to the data indicative of the completion of the payment, the control unit 13 directs the high-speed dubbing unit 10 to start recording the data read out from the optical disk 15 into the hard disk 16.

Abstract: A terminal device, a memory module and a system for and method of distributing electronic content. A content provider stores a number of multimedia files. A first integrated circuit card interface receives a host integrated circuit card containing first authorization information, and a second integrated circuit card interface receives a user integrated circuit card containing second authorization information. An input device permits selection of one or more multimedia files from the stored of multimedia files. A control unit is responsive to insertion into the second integrated circuit card interface of a user interface card containing second authorization information compatible with the first authorization information contained in a host integrated circuit card inserted in the first integrated circuit card interface to actuate an output device to provide the content of multimedia files selected by the input device.

Abstract: The Digital Video Authenticator (DVA) addresses law enforcement concerns for a means to authenticate digital video (DV) so that it will be admissible and trusted as evidence in court. The DVA is a peripheral device attached to a commercial digital video recording device whose purpose is to generate and record authentication data simultaneously as DV is recorded by the video recording device. Verification of the authenticity of a DV sample will be accomplished using non-real-time software tools. The DVA system and method reads digital video (DV) data from a digital video recording device; parses the DV data into elements representing video, audio, control and timing data; and creates digital signatures that can be used to validate the original DV tape. The combination of secure digital signatures and repeatability of the DV data stored on tape provides the basis for proving the original video has not been modified.

Abstract: An image processing apparatus capable of preventing a copy protect function of a video or other contents signal from being disabled. An encoder encodes a contents signal from a DVD reproduction unit. A copy protect circuit performs copy protect processing on the encoded signal and outputs it. The copy protect circuit is controlled by control data input from CPU via an I2C_IF circuit. At this time, verification data from the CPU is stored in, and then read from registers in the I2C_IF circuit. Then, the CPU verifies the destination of transmission of the control data.

Abstract: The encoded contents of a piece of delivered information is accompanied by an applicable time data indicating a specific time period for authorizing a particular mode of utilization. When a request for utilizing the contents is issued in an information utilization apparatus, it determines if the current time agrees with the time authorizing the requested utilization by referring to the time data annexed to the encoded contents. If the request is acceptable at the current time, a set of processing steps is carried out for decoding the encoded contents and other necessary operations. Thus, an information access control method can be adapted to have flexibility in setting charges and access requirements for the contents of information that can change the value and the mode of utilization with time.

Abstract: Techniques are described for enabling authentication and/or key agreement between communications network stations and service networks. The techniques described include the negotiation and use of a cryptographic primitive shared between a service network and a home environment of a station. The techniques described also feature a key usage indicator, such as a sequence number, maintained by the service network and a station. Comparison of the key usage indicators can, for example, permit efficient authentication of the service network.

Abstract: A data player for reading contents encrypted by a decoding key from a digital medium, and playing the encrypted contents by using the decoding key which is stored in a key storage unit, comprises: a key obtaining unit for performing mutual authentication with the key storage unit to obtain the decoding key stored in the key storage unit; a key holding unit for holding the decoding key; a playback state obtaining unit for monitoring the playback state of the digital medium; and a contents decoding unit for decoding the encrypted contents by using the decoding key. The decoding key is obtained by the key obtaining unit and stored in the key holding unit, and the encrypted contents read from the digital medium is decoded with the decoding key by the contents decoding unit to play the contents. The decoding key stored in the key holding unit is discarded according to the playback state of the digital medium which is obtained by the playback state obtaining unit.

Abstract: An object of the invention is to provide a transmitting system of which data is difficult to be tapped and which is suitable for flexibly determining a watching and listening fee. In order to achieve the object, there is provided a combination of a transmitting method comprising steps of, transmitting encoded data which has been encoded, to a receiving side, changing the encoding in a predetermined unit, and performing recording according to requirement, from the receiving side of information concerning decoding of the encoded data, and a receiving method comprising steps of, receiving the encoded data which has been encoded, from a transmitting side, requiring the information concerning the decoding of the encoded data, to the transmitting side, and decoding the encoded data by using the obtained information concerning the decoding.

Abstract: A secure electronic content system and method is provided. The system includes a controller including an interface component, a host system coupled to the controller, the host system configured to present content under predetermined conditions, the host system operable with a navigation protocol, the host system further including a system manager operable with an associations component configured to be at least partially run by the host system, a translator configured to provide meanings and generate commands within the host system at least a first digital rights management (DRM) component configured to provide encoding and access rules for the content; and a file system component including a file system application programming interface (API) configured to provide a logical interface between a plurality of components.

Abstract: A method for controlling access to digital information is performed based on a plurality of decryption keys sent by the information provider. A first type of decryption key instructs a user's host system to reproduce the digital information in accordance with a first level of reproduction quality degradation. Additional keys may specify other degradation levels. The quality of the digital information may be degraded based on a time condition or a use condition. Alternatively, only a portion of the information may be made viewable by a user. In order to obtain full and unrestricted access, the user must obtain a type of decryption key from the provider which removes all previous limitations on reproduction quality degradation.

Abstract: The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node.

Abstract: A flexible product distribution and payment system for computer network based electronic commerce is disclosed. Primary content data is made available to customers through a detachable local storage medium, such as a DVD or CD-ROM disc, or over a network connection. The primary content is capable of being accessed and played back through a computer or game console at the customer site. The primary content distribution may comprise a superset of content that is intended to be used by the customer. The customer is allowed to view and access the encoded primary content, and is charged only for the primary content that is used. Content that is encoded on the medium but that is not used by the customer remains on the medium but is not charged. A content database and customer database maintained at the primary customer site maintain records of products ordered and used by the customer, as well as identification and use patterns associated with the user.

Abstract: Fee imposition system and method for application software, in which a software providing corporation can collect the fee without fail and charge a fair fee to a customer, and thereby the customer can use the application software with a paying method easy to estimate. The fee imposition system includes a server machine installed in a management center for managing the software, a client machine installed in a customer's office and connected with the server machine through a communication means, a ticket issue unit for issuing a ticket file on the basis of a predetermined fee schedule, and a data copy/writing unit for copying data corresponding to the information designated by the ticket file from a data source memory unit and recording the copied data on a data target memory unit.