We have developed an Application Execution Control System (traditional system) which provides individual application environments on each educational PC by controlling its execution. The traditional system uses a hash value of the execution file to control target application. If the execution file is falsified, a rule already set gets invalid. In addition, the traditional system has a function to set rules for multiple application at once. However, it cannot handle multiple groups at once. In order to solve these problems, this paper proposes a control method using digital certificates. It supports strict control and flexible group management by using hierarchical structure of digital certificates.
