To improve usability and to manage security information safely by allowing a general user to only perform the same operation at any time even when using a different service.

An acting program 22 which performs security management is incorporated in a client PC 20 and security policies are downloaded by services to absorb differences of the policies. The general user combines a smart card for high-safety authentication, biological authentication, or a plurality of authenticating methods and then the acting program carries out necessary security processes such as ciphering 14, password inputs 11 and 12, electronic signing 13 for all services instead. Further, a security policy is distributed from a server to the client and the acting program guides or forces the setting of a proper password, alteration of the password, key update, acquisition of a certificate, etc.