摘要 |
PROBLEM TO BE SOLVED: To safely transfer object-related authority information between subjects (users) in an object space in which service objects are scattered. SOLUTION: The user information and secret information of a client are shared between a client and a server. A client who transfers authority information generates authority information by weakening authority contents owned by himself or herself, and generates protected authority information which cannot be altered by a third person who does not know the secret information by applying a uni-directional function or ciphered function to a bit column obtained by connecting the generated authority information with the secret information. Thus, it is possible to safely transfer access authority by using the protected authority information. Further, the sever can safely confirm whether the client who issues a request for an object is authorized by analyzing the protected authority information by using the secret information. |