An application of a client includes a proof data generation device, a command generation device, and a command issuing device. A command and proof data are sent to a server from the application of the client, and a command management device of the server receives them. A proof data verification device verifies the access right of a user to the application on the basis of the proof data, and enables a data storage device to be accessed in accordance with the command, if the verification is successful. The data storage device, used instead of a commonly used hard disk drive, includes a phase change type optical memory or a phase separation type optical memory to execute write once recording. Thus, the access to the data storage device is flexibly controlled.