ACCESS CONTROL SYSTEM, DEVICE, AND PROGRAM

摘要

Each of the embodiments of the present invention relieves a service provider of the burden of managing personal information. A group administration organization device 10 admits a user device to an authorized group by request and sends authority permission information to the user device 20 . The user device 20 holds the authority permission information received from the group administration organization device 10 and, on access, sends authority proof information created from the authority permission information using a group signature scheme to a service provider device 30 as requested by it. The service provider device 30 , upon being accessed, requests the authority proof information and verifies the authority proof information received from the user device in accordance with the request on the basis of the group signature scheme. When the verification result indicates validity, the service provider device provides a service. Thus, there is no need for the service provider to manage personal information of the user because the user device proves to the service provider device using the group signature scheme that it belongs to the authorized group.