id連携概要 - openid technight vol.13

ID

Nov Matake

NOV MATAKE• Security Engineer, GREE Inc.

• Evangelist, OpenID Foundation Japan

• Interested in..

• Digital Identity

• Privacy

• Security

ENTITY & IDENTITY• EXGEN Networks

• ID&IT 2015

• OIDF EIWG

• 185 cm

• 50 ( )

•

•

Entity ( ) Identity ( ) 1 Entity Identity

Identity

AUTHENTICATION

Entity Identity

AUTHENTICATION

OK

AUTHORIZATION

20

ACCESS CONTROL

Authentication +

Authorization +

Audit (logging)

IDENTITY PROOFING

Identity ( )

IDENTITY PROOFING

SMS

IDENTITY PROOFING

IDENTITY PROOFING

Identity Proofing “ ”

proof

• Facebook

• Facebook Disqus

• Disqus

• Facebook? ?

• Disqus Facebook

• Entity <=> Facebook Identity <=> Disqus Identity

• Entity <=> Disqus Identity

• Facebook

• UID 12345 Disqus 19:15

• Disqus

• Facebook

•

•

• Facebook UID 12345 @nov

• Facebook Disqus

• Disqus

• Email

• Authorization

• ( , , etc.)

• Disqus

ID = +

• IDP : Identity Provider

• +

• Facebook

• RP : Relying Party

• + IdP /

• Disqus

CVR

•

•

• IdP

• RP

• ID

• 100 Services => 100 Passwords

• ID

• IdP x 1 + RP x 99 => 1 Password

•

–Eric Sachs, Google

“ 100

”

PROOFED ATTRIBUTES

(SMS / Call)

:

?• IdP RP ?

• nickname ?

• Authorization ?

• ? ?

• ID

RP• OAuth 1.0 / OAuth 2.0 / OpenID Connect IdP

• OAuth 1.0/2.0 IdP

• Server-Side App Native App Native App Backend JS App

•

id連携概要 - openid technight vol.13

Technology