Software acquisition via a network by devices connectable to the internet has recently become popular. Such devices include a great variety of devices from portable terminals such as smartphones to personal computers and onboard terminals for automobiles (such a terminal will be referred to hereinbelow as “client terminal”). The software created by developers is uploaded to a server for dissemination and downloaded to the client terminals automatically by the system or by the user's operation.
Meanwhile, where malicious software or software including a design miss is uploaded to a server, it can cause damage such as operational failure in the client terminal uploaded with such software, or an information leak in the terminal.
Accordingly, methods for performing operational tests of the developed software in an authentication agency and circulating only the software that has passed the tests are used to ensure software security. The invention described in Patent Document 1 relates to an access control method associated with such methods. In this invention, a certification agency generates certification information verifying that the software is secure and transmits the certification information together with the software to the client terminal. The client terminal determines the accessibility of the program on the basis of the certification information. As a result, the software that has not been certified as secure cannot be operated on the client terminal.