Abstract: A mechanism for access control based on remote procedure calls is established whereby server management costs for the processing associated with the authentication of client access rights and the provision of requested resources can be reduced by distributing these costs among clients. A first client, which has an access right to a server via a network, can issue a remote procedure call to the server. The first client can also communicate with a second client, which doesn't have an access right to the server. The first client requests the server to issue a token, which is a data set for permitting the second client a limited access to the server, and subsequently the token prepared by the server is transmitted to the second client. The second client originally has no access rights relative to the server. However, if the second client transmits a remote procedure call using the received token, limited access is granted.

Abstract: The fact that electronic content on a network has been opened for perusal by the public is proven, and the probative force required to demonstrate the openness or the lack of alteration of electronic content can be increased. Upon the receipt of a service request from a user who desires to prove that electronic content has been opened for perusal by the public, a service provider preferably selects, from a registered member group, multiple witnesses or certificate generators, and issues certificate generation requests to the selected witnesses or certificate generators. Electronic signatures of the witnesses or the certificate generators are provided for the certificates, to each of which the service provider adds his or her electronic signature, and the certificates are transmitted to the user.

Abstract: An aspect of the present invention is to easily verify data integrity in data transmission and reception by means of an ad-hoc radio connection. A requester and requested end of an establishment of a cipher communication path are defined as source A and destination B, respectively. A predetermined verification data generation algorithm ID1 is arranged in advance between source A and destination B. Source A sends its own public key Kp to destination B, and at the same time generates verification data Xp based on Kp using ID1 and outputs Xp to its own verification image display section. On the other hand, destination B receives data Kx that is transmitted from source A as Kp, then generates verification data Xx based on Kx using ID1 and outputs Xx to its own verification image display section. A verifier determines that data integrity is secured if Xp and Xx displayed in the verification image display sections of source A and destination B match.