In recent years, usage of service that is so-called SNS (Social Networking service) represented by Facebook (registered mark), Twitter (registered mark) and others has been globally expanded, and the services have been widely recognized as effective tools for communication means. Accordingly, it is considered that, for example, these services are used for not only an individual but also utilization as a communication tool for a company or others within and outside the company.
Here, so-called Single Sign-On (SSO) technique is cited as a system used in such a situation that an employee of the company or others uses both of the in-house system of the company and the external SNS service. In the SSO, a plurality of systems or servers for which the user authentication is required can be accessed by performing authentication (for example, authentication on the in-house system of the company) once without individually performing an authentication procedure. As a method of achieving this system, a method not requiring the authentication procedure on each server or others by the user again is taken, the method being achieved by, for example, performing communication between the servers using SAML (Security Assertion Markup Language) protocol (described in Non-Patent Document 1) and automatically passing information of an authentication result performed on a certain server while protecting privacy.
Also, for example, Japanese Patent Application Laid-Open Publication No. 2009-93580 (Patent Document 1) describes a user authentication system provided with: a creating unit which creates an appropriate authentication code string and transmits the authentication code string to a client when a request for access from the client to a user authentication device is received; and a determining unit which compares a response code string created by a second server with a response code string created by a first server and determines whether or not the access to the user authentication device is permitted for the client, and describes that the second server does not have or not need to have a user ID for the first server which is a counterpart sharing log-in information, that is, there is no information, except for information provided from the server, specifying whom on the first server a user on the second server is, so that the service is provided to a user whose identity is certified to some extent without requiring the registration of individual information by which the individual can be specified to some extent.