Recent increase in the variety of services provided on the Internet causes more and more data unique to the service users to be managed by a server device of a service provider. For example, on-line shopping sites using the Internet manage information on ordered items and payment with respect to each service user. For example, Japanese Laid-open Patent Publication No. 2006-31478 discloses a technology in which an authentication server apparatus manages the telephone numbers and passwords of service users and a contents server device provides contents, such as music data, only to authorized service users. When a server device that is accessed by service users manages data unique to each service user, user authentication is generally performed using a login name or a password for each service user so that security is ensured.
When the service as described above is used, data is sometimes cached by a terminal device, such as a personal computer that a service user uses, or a server device with which a service provider is provided so as to eliminate time-consuming operations, such as inputting a login name by a service user, and to improve the convenience. Specifically, for example, by caching the login name and the password of the service user for a specific site in the terminal device, the service user can automatically log in only by accessing the site and refer to the service usage history unique to the service user.
However, while the use of a cache can realize highly convenient services, it also causes a problem of weak security of data unique to service users, which is managed by the server device. For example, in an environment in which service users share one terminal device, if the login names and the passwords of the service users have been cached in the terminal device, the login name or the password unique to a service user may be referred to by other service users. Furthermore, other service users may not only refer to the data but also use services that require a charging process.
To prevent such events, service users can choose whether or not to cache data in the terminal device or the server device. However, if a service user chooses to stop caching data, the service user has to input a login name and a password in order to log in each time the service user accesses the server device, which reduces service convenience. In addition, it is considered that who stops caching data is generally only the service users who know the risk of caching data. Thus it is difficult to securely protect service users who use services without considering a cache, such as beginner users of personal computer.