id連携概要 - openid technight vol.13
TRANSCRIPT
ID
Nov Matake
NOV MATAKE• Security Engineer, GREE Inc.
• Evangelist, OpenID Foundation Japan
• Interested in..
• Digital Identity
• Privacy
• Security
ENTITY & IDENTITY• EXGEN Networks
• ID&IT 2015
• OIDF EIWG
• 185 cm
• 50 ( )
•
•
Entity ( ) Identity ( ) 1 Entity Identity
Identity
AUTHENTICATION
Entity Identity
AUTHENTICATION
OK
AUTHORIZATION
20
ACCESS CONTROL
Authentication +
Authorization +
Audit (logging)
IDENTITY PROOFING
Identity ( )
IDENTITY PROOFING
SMS
IDENTITY PROOFING
IDENTITY PROOFING
Identity Proofing “ ”
proof
ID ?
• Facebook Disqus
• Disqus
• Facebook? ?
• Disqus Facebook
• Entity <=> Facebook Identity <=> Disqus Identity
• Entity <=> Disqus Identity
• UID 12345 Disqus 19:15
• Disqus
•
•
• Facebook UID 12345 @nov
• Facebook Disqus
• Disqus
• Authorization
• ( , , etc.)
• Disqus
ID = +
• IDP : Identity Provider
• +
• RP : Relying Party
• + IdP /
• Disqus
ID
CVR
•
•
• IdP
• RP
• ID
• 100 Services => 100 Passwords
• ID
• IdP x 1 + RP x 99 => 1 Password
•
–Eric Sachs, Google
“ 100
”
PROOFED ATTRIBUTES
(SMS / Call)
:
ID
?• IdP RP ?
• nickname ?
• Authorization ?
• ? ?
• ID
RP• OAuth 1.0 / OAuth 2.0 / OpenID Connect IdP
• OAuth 1.0/2.0 IdP
• Server-Side App Native App Native App Backend JS App
•