摘要 |
<p>Authentication can be provided without the construction of a system in which a device to be authorized that provides a service issues a direct authentication request to an authorization device. A verification device receives an authorization verification request from a device to be authorized which has received a service request from a user. An enquiry is made to the device to be authorized for authorization information held by the device to be authorized, and the authorization information received in response to the enquiry is acquired. The acquired authorization information is transmitted to an authorization device, and verification is requested regarding whether or not the transmitted authorization information is authorization information which has been authorized by the transmission destination authorization device. The verification result is received from the authorization device, and the received verification result is submitted to the user. Information used for authenticating the user is not included in the service request from the user.</p> |