A system including a service providing web server and a user terminal is known. The service providing web server retains set authentication information and a target web page as a web page and publishes the target web page on a network. The user terminal displays the target web page on its display unit. The target web page includes an authentication information input field, and the user terminal, in order to receive a predetermined service, inputs input authentication information into the authentication information input field and transmits it as transmission authentication information. When the transmission authentication information agrees with the set authentication information, the service providing web server provides a predetermined service to the user terminal.
Before transmitting the input authentication information inputted into the authentication information input field as the transmission authentication information, the user terminal judges safety based on a blacklist (refer to, for example, Japanese Laid Open Patent Application (JP-P2007-226608A)). A harmful URL (Uniform Resource Locator) identifying a harmful web page is registered in the blacklist. When a target URL identifying a target web page displayed on the display unit agrees with the harmful URL, the user terminal cancels the transmission of the input authentication information inputted into the authentication information input field.
However, there is a case that the target web page displayed on the display unit is a harmful web page but the target URL is not registered as a harmful URL in the blacklist. In this case, the user terminal does not hit any URL when using the blacklist. That is, the target URL identifying the target web page displayed on the display unit does not agree with any harmful URL. For this reason, the user terminal transmits, to the harmful web page, the input authentication information inputted into the authentication information input field as the transmission authentication information. As described above, the user terminal imprudently transmits the authentication information of a user, and thus safety of the authentication information is not secured.
On the other hand, it can be considered to use a whitelist provided by a third party. However, it is difficult to judge whether the third party is truly trustworthy and there is a limitation in checking innumerable number of web pages.
As described above, a system is desired which can secure higher safety of authentication information in compared with a system using a blacklist (or whitelist).
Japanese Laid Open Patent Application (JP-P2007-226608A) discloses a site management system. The site management system includes: database means for registering a web site judged as an inappropriate access target; web site access means for accessing the web site registered in the database means via communication circuits; and database update means for deleting the web site as the target of the access from the database means based on the result of the access.