Abstract: A secret information server 300 on a network 10 and a client apparatus 100 constitute an authentication information generating system. The secret information server 300 has a function to confirm the validity of a user in accordance with user identification information received from the client apparatus 100 and a function to hold the secret information database of each user and to send the secret information database of a user whose validity has been confirmed to the client apparatus 100 of the user. The client apparatus 100 has a main memory 120 having a domain A where an application or a main OS is executed and a domain B which has a program execution environment mutually independent of that for the domain A. The secret information database received from the secret information server 300 is saved in the domain B, and authentication information is generated by using the secret information database.

Abstract: A secret information server 300 on a network 10 and a client apparatus 100 constitute an authentication information generating system. The secret information server 300 has a function to confirm the validity of a user in accordance with user identification information received from the client apparatus 100 and a function to hold the secret information database of each user and to send the secret information database of a user whose validity has been confirmed to the client apparatus 100 of the user. The client apparatus 100 has a main memory 120 having a domain A where an application or a main OS is executed and a domain B which has a program execution environment mutually independent of that for the domain A. The secret information database received from the secret information server 300 is saved in the domain B, and authentication information is generated by using the secret information database.

Abstract: An address allocated to a user by an authentication server is used as an IP address of a packet which is transmitted from a user terminal, preventing an illicit use if the IP address were eavesdropped. An authentication server 100 performs an authentication of a user based on a user authentication information which is transmitted from the user terminal, and upon a successful authentication, allocates an address to the user terminal, and issues a ticket containing the address to be returned to the user terminal. The user terminal sets up the address contained in the ticket as a source address, and transmits the ticket to the application server 300, requesting a session to be established. After verifying that the ticket is authentic, the server 300 stores the ticket and establishes a session with the user terminal. The user terminal transmits a service request packet containing the source address to the server 300 utilizing the session.