Upgrade to Pro — share decks privately, control downloads, hide ads and more …

NIST SP800-63C (rev.4) Federation & Assertions ...

NIST SP800-63C (rev.4) Federation & Assertions - OpenID BizDay #16

Nov Matake

March 16, 2023
Tweet

More Decks by Nov Matake

Other Decks in Technology

Transcript

  1. Verifier ͔Β Relying Party (RP) ʹରͯ͠ૹ ΒΕΔ, Subscriber ͷ Identity

    ৘ใΛؚΜͩ Statement. Assertion ͸ݕূࡁ Attribute Λ ؚΉ͜ͱ΋͋Δ. Assertion
  2. Subscriber ͷ Identity ʹؔ͢Δ Verifier ͷ Assertion Λ৴པͯ͠, Transaction ॲཧ΍৘

    ใ·ͨ͸γεςϜ΁ͷΞΫηεΛڐՄͨ͠Γ ͢Δओମ. Relying Party (RP)
  3. RP ͕ Subscriber ϨίʔυΛ RP ࣗ਎ͷϩʔΧϧʹ อଘ͢Δͷ͸Ұൠతͳ͜ͱͰ, ͜Ε͸ RP Subscriber

    Account ͱݺ͹ΕΔ. RP Subscriber Account ʹ͸, RP ʹ͓͍ͯ Subscriber ͕࣋ͭ Access ݖݶ΍, Subscriber ͷ Identity Attribute ͷΩϟογϡͳͲ͕ ؚ·ΕΔ. RP Subscriber Account
  4. Federation Protocol ʹ͓͍ͯఏࣔ͞Εͨ Assertion ͕, ͦ ΕΛൃߦͨ͠ಛఆͷ IdP Λ௥੻ՄೳͰ͋Γ, ͦͷؔ܎ੑΛ

    Digital Signature ΍ MAC ͳͲͷ҉߸࿦తϝΧχζϜʹΑ ΓݕূՄೳͰ͋Δ͜ͱ. ·ͨ RP ʹΑͬͯ౰֘ Assertion ͕վม͞ΕͨΓِ଄͞Ε͍ͯͳ͍͜ͱΛݕূͰ͖Δ͜ͱ. ͜Ε͸શͯͷ FAL ʹ͓͍ͯٻΊΒΕΔཁ݅Ͱ͋Δ. Cryptographic Verifiability
  5. Federation Protocol ʹ͓͍ͯఏࣔ͞Εͨ Assertion ͕, ಛఆͷ RP ʹ޲͚ͨ΋ͷͰ͋ Γ, ౰֘

    RP ͕౰֘ Assertion ͷ Audience Λ ݕূՄೳͰ͋Δ͜ͱ. ͜Ε͸શͯͷ FAL ʹ͓ ͍ͯٻΊΒΕΔཁ݅Ͱ͋Δ. Audience Restriction
  6. IdP ͱ RP ͕, ૒ํͱ΋ʹ, ౰֘ Subscriber Λ౰֘ RP ʹϩάΠϯͤ͞ΔͨΊʹ౰֘

    Federation Transaction ʹࢀՃ͢Δ͜ͱʹ߹ҙ͢Δ͜ͱ. ͜Ε͸྆ύʔςΟʔ ؒͷࣄલͷ੩తͳ߹ҙʹΑΔ͜ͱ΋͋Δ͠, ౰֘઀ଓ Λ࣋ͬͯ҉໧తʹ߹ҙͨ͠ͱΈͳ͞ΕΔ͜ͱ΋͋Δ. Trust Agreement
  7. Trust Agreement Ͱ͸, ҎԼͷύϥϝʔλΛཱ֬͢Δ͜ͱͱ͢Δ (SHALL). w *E1͕31ʹରͯ͠։ࣔͰ͖Δ"UUSJCVUFͷϦετ w *E1͕"TTFSUJPOΛੜ੒Ͱ͖Δ4VCTDSJCFS"DDPVOUͷ฼ूஂ w

    31͕ϦΫΤετ͢Δ"UUSJCVUFͷϦετ *E1͕31ʹରͯ͠։ࣔͰ ͖ΔϦετͷαϒηοτ  w 31͕ϦΫΤετ͢Δ֤"UUSJCVUFʹ͍ͭͯͦͷར༻໨త w 4VCTDSJCFS"UUSJCVUFͷ։ࣔʹ͔͔Δҙࢥܾఆͷ੹຿Λෛ͏ "VUIPSJ[FE1BSUZ w 4VCTDSJCFS͕31ʹ։ࣔ͞ΕΔ"UUSJCVUFʹ͍ͭͯ஌Δखஈ w *E1͕ఏڙ͠͏ΔY"- w 31͕ඞཁͱ͢ΔY"-
  8. IdP ͱ RP ͕૬ޓʹࣗ਎ͷࣝผࢠͱΩʔϚςϦΞ ϧΛަ׵͠, ͦΕҎ߱ͷ Federation Transaction ಺Ͱ Assertion

    ΍ Artifact ͷ Verification ʹ༻͍ Δ͜ͱ͕Ͱ͖ΔΑ͏ʹ͢Δ͜ͱ. Registration
  9. Assertion ͕ͦΕ୯ମͰ RP ʹ (Bearer Assertion ͱͯ͠) ఏࣔ͞ΕͨΓ, Subscriber ͕ఏࣔ͢Δ

    Authenticator ͱඥ͚ͮͨܗͰఏ ࣔ͞ΕͨΓ͢Δ͜ͱ. Presentation
  10. Back-channel Presentation Front-channel Presentation Bearer Assertion v.s. Assertion w/ Bound

    Authenticator …is defined as “Binding” not “Presentation”
  11. '"- *OKFDUJPO1SPUFDUJPO 5SVTU"HSFFNFOU 3FHJTUSBUJPO 1SFTFOUBUJPO  3FDPNNFOEFE %ZOBNJDPS4UBUJD %ZOBNJDPS4UBUJD #FBSFS"TTFSUJPO

     3FRVJSFE 4UBUJD %ZOBNJDPS4UBUJD #FBSFS"TTFSUJPO  3FRVJSFE 4UBUJD 4UBUJD "TTFSUJPOBOE#PVOE "VUIFOUJDBUPS Federation Assurance Level (FAL)
  12. FAL1 Ͱ͸, IdP ͕ੜ੒͢Δ Assertion ͸ Sec. 6 ͷίΞͱͳΔཁ݅Λ ຬͨ͞Ͷ͹ͳΒͳ͍

    (SHALL). ͜ΕΒͷཁ݅ʹ͸, IdP ͕ Approved Cryptography Λ༻͍ͯ Assertion ͷ಺༰ʹॺ໊Λࢪ͢͜ͱʹΑΔ, Attacker ͔Βͷ Assertion վม͓Αͼِ଄ʹର͢Δอޢࡦؚ͕·Ε Δ. RP ͸, Sec. 6 ʹ͋ΔΑ͏ʹ, Assertion Λड͚औͬͨࡍ͸ͦͷى ݯ΍ Integrity (׬શੑ) Λݕূ͠, ͦΕ͕ظ଴ͨ͠ग़ॴΛىݯͱͨ͠ ΋ͷͰ͋Δ͜ͱΛอূͤͶ͹ͳΒͳ͍ (SHALL).
  13. શͯͷ Assertion ʹ͸ҎԼͷ Attribute ΛؚΊΔ΋ͷͱ͢Δ (SHALL). 1. Subject Identi fi

    er: Assertion ͕ࢦࣔ͢͠౰ࣄऀ (i.e., Subscriber) ͷࣝผࢠ 2. Issuer Identi fi er: Assertion ൃߦऀ (i.e., IdP) ͷࣝผࢠ 3. Audience Identi fi er: Assertion Λར༻͢Δ͜ͱ͕૝ఆ͞Εͨ౰ࣄऀ (i.e., RP) ͷࣝผࢠ 4. Issuance Time: IdP ͕ Assertion Λൃߦͨ࣌͠ࠁΛࣔ͢λΠϜελϯϓ 5. Validity Time Window: ͦͷظؒΛ௒͑ͯ RP ͕ Subscriber Λ Authentication ͢Δ໨తͰ Assertion Λ༗ޮͳ΋ͷͱͯ͠ड͚ೖΕΔ͜ͱ ͷͳ͍ (SHALL NOT) Α͏ࣔ͢ظؒ. ͜Ε͸௨ৗ Assertion ͷ༗ޮظݶλΠϜελϯϓͱ͍͏ܗͰ Issuance λΠϜελϯϓͱͱ΋ʹ఻͑Β ΕΔ. 6. Assertion Identi fi er: ౰֘ Assertion ΛҰҙʹࣝผ͢Δ஋Ͱ, ߈ܸऀ͕Ҏલͷ Assertion Λ Replay ͢Δ͜ͱΛ๷ࢭ͢Δ໨తͰར༻͞ΕΔ. 7. Signature: Digital Signature ͳ͍͠͸ Message Authentication Code (MAC). IdP ʹඥ͍ͮͨ伴ͷࣝผࢠ΍ Public Key ΛؚΈ, Assertion શମΛΧόʔ͢Δ΋ͷ. 8. Authentication Time: IdP ͕࠷ޙʹ (ՄೳͰ͋Ε͹) ௚઀ Authentication ΠϕϯτΛ௨ͯ͡ Subscriber ͷଘࡏ֬ೝΛߦͬͨ࣌ࠁΛࣔ͢λΠ Ϝελϯϓ. 9. IAL: Assertion ͕ࢦࣔ͢͠ Subscriber Account ͷ IAL Λࣔ͢஋, ͳ͍͠͸͍͔ͳΔ IAL ΋໌ݴ͞Εͳ͍͜ͱΛࣔ͢஋. 10. AAL: IdP ͕ Subscriber Λ Authenticate ͨ͠ࡍͷ AAL Λࣔ͢஋, ͳ͍͠͸͍͔ͳΔ AAL ΋໌ݴ͞Εͳ͍͜ͱΛࣔ͢஋. 11. FAL: Assertion ͕ࢦࣔ͢͠ Federation ϓϩηεʹ͓͍ͯ IdP ͕ҙਤ͢Δ FAL Λࣔ͢஋.
  14. '"-ʹ͓͚Δ"TTFSUJPO͸શͯ ಛఆͷ31 ܈ ʹର͢Δ "VEJFODF3FTUSJDUJPO͕ࢪ͞Εͳ͚Ε͹ͳΒͣ 4)"-- 31 ͕౰֘"TTFSUJPOͷ"VEJFODFʹࣗ਎ؚ͕·Ε͍ͯΔ͜ͱΛ֬ೝ ͤͶ͹ͳΒͳ͍ 4)"--

    *E1͸ "QQSPWFE$SZQUPHSBQIZʹ ΑΔॺ໊ٴͼݤΛ༻͍ͯ౰֘"TTFSUJPOΛอޢ͠ ౰֘31ΛؚΉ શͯͷ"TTFSUJPOॴ༗ऀ͕*E1ʹͳΓ͢·͢͜ͱ͕Ͱ͖ͳ͍Α͏ ʹͤͶ͹ͳΒͳ͍ 4)"--  தུ
  15. FAL2 Ͱ͸ Assertion ͸ Attacker ʹΑΔ Injection Attack ͔Βڧݻʹ อޢ͞ΕΔඞཁ͕͋Δ

    (SHALL). ͜ͷཁ݅Λຬͨͨ͢Ίʹ͸, Assertion ͸ (தུ) Back-Channel Ͱఏࣔ͞ΕΔ΂͖Ͱ͋Δ (SHOULD). ͜ͷఏࣔ ํ๏Ͱ͸, RP ͸ϫϯλΠϜͳ Assertion Reference Λ༻͍ͯ IdP ͔Β ௚઀ Assertion Λऔಘ͢Δ. ैͬͯ Attacker ͸֎෦ΞΫηεϙΠϯτΛ ௨ͯ͡ Assertion Λ Inject ͢Δ͜ͱ͸Ͱ͖ͳ͍. Sec. 7.2 ͷΑ͏ͳ Front-Channel ʹΑΔఏࣔͰ͸, RP ͸௥Ճͷ Injection Protection Λ࣮ ૷͠ͳ͚Ε͹ͳΒͳ͍ (SHALL).
  16. FAL2 Ͱ͸, IdP-RP ؒͷ Trust Agreement ͸ Static ʹཱ֬͞Εͳ͚Ε ͹ͳΒͳ͍

    (SHALL). ͜Εʹ͸ RP ʹఏࣔՄೳͳ Attribute ٴͼͦͷར ༻໨తͷ੍ݶͷཱ֬΋ؚΉ. Trust Agreement ͸ IdP-RP ͷೋऀؒͰ֬ ཱ͢Δ͜ͱ΋Ͱ͖Δ͠ (MAY), ଟऀؒͰͷ Federation ύʔτφʔγοϓ Λհཱͯ֬͢͠Δ͜ͱ΋Ͱ͖Δ (MAY). RPͱ IdP ͕࣮ߦ࣌ʹཱ֬ࡁͷ Trust Agreement Λূ໌ՄೳͰ͋Ε͹, Registration ͸ Dynamic Ͱ΋ Α͍ (MAY). ͦͷΑ͏ͳূ໌ํ๏͸ Federation Protocol ʹΑΓଟ༷Ͱ ͋Δ͕, Software Attestation ͷఏࣔ΍ Trusted Domain ্ͷ URL ͷ؅ ཧݖݶΛূ໌͢Δ͜ͱͳͲ͕ྫͱͯ͠ڍ͛ΒΕΔ.
  17. FAL3 Ͱ͸ Subscriber ͸ Assertion ʹՃ͑ͯ Authenticator Λ Direct ʹ

    RP ʹఏࣔ͢Δ͜ͱͰ Authenticate ͤͶ͹ͳΒͳ͍ (SHALL). ͜͜ Ͱ༻͍ΒΕΔ Authenticator ͸ Bound Authenticator ͱ΋ݺ͹Ε, Sec. 6.1.2 ʹޙड़͞ΕΔ. (தུ) ͳ͓, Subscriber ͕ Bound Authenticator Λ༻͍ͯ Authenticate ͠, RP ͕౰֘ Authenticator ͕ ਖ਼͘͠౰֘ Assertion ͕ࣔ͢ RP Subscriber Account ʹඥ͍͍ͮͯΔ ͜ͱΛݕূ͢Δ·Ͱ, FAL3 ͕ୡ੒͞ΕΔ͜ͱ͸ͳ͍.
  18. FAL3 Ͱ͸, IdP-RP ؒͷ Trust Agreement ͓Αͼ Registration ͸ Static

    ʹཱ֬͞Εͳ͚Ε͹ͳΒͳ͍ (SHALL). શ౰ࣄऀʹͱͬͯ, ࣝผ ʹ༻͍ΒΕΔΩʔϚςϦΞϧ͓Αͼ Federation ύϥϝʔλ (RP ʹૹ৴ ͞ΕΔ Attribute ϦετΛؚΉ) ͸, Federation ʹΑΔ Authentication ϓϩηε࣮ࢪલʹݻఆ͞Ε͍ͯͳ͚Ε͹ͳΒͳ͍ (SHALL). Federation ʹΑΔ Authentication ϓϩηεͷதͰૹ৴͢Δ߲໨Λ͞Βʹ੍ݶ͢Δ ৔߹ʹ͸, ಈతʹܾఆ͕ͳ͞Εͯ΋Α͍ (MAY). (e.g., Trust Agreement Ͱ߹ҙ͞Εͨύϥϝʔλʹ͸ؚ·Ε͍ͯΔ΋ͷͷ Email Address Λ։ࣔͨ͘͠ͳ͍৔߹ͳͲ)
  19. IdP ͸ RP ʹఏڙͨ͠ Subscriber Account ͷ Attribute ʹߋ৽͕ ͋ͬͨ৔߹,

    RP ʹγάφϧΛૹΔ΂͖Ͱ͋Δ (SHOULD). ͜Ε͸, Sec. 5.7 ͷ Shared Signaling ΍ Sec. 5.4.3 ͷ Provisioning API Λ ར༻ͨ͠Γ, Assertion ʹγάφϧΛؚΊͯఏڙ͢ΔͳͲͷํ๏Ͱ࣮ ݱՄೳͰ͋Δ.
  20. IdP ͸ Subscriber Account ͕ Terminate ͞ΕͨΓ Subscriber Account ͕࣋ͭ

    RP ΁ͷ Access ͕ແޮԽ͞Εͨ৔߹, RP ʹγάφ ϧΛૹΔ΂͖Ͱ͋Δ (SHOULD). (தུ) ͜ͷγάφϧΛड͚औͬͨ৔ ߹, RP ͸ RP Subscriber Account Λ Terminate ͤ͞, RP Subscriber Account ʹؔ࿈͢Δશͯͷ personal information Λ࡟ আͤͶ͹ͳΒͳ͍ (SHALL). ͨͩ͠؂ࠪ΍ηΩϡϦςΟ໨తͰඞཁ ͱ͞ΕΔ৔߹Λআ͘.
  21. *E1͸4VCTDSJCFS"DDPVOUʹҎԼͷΑ͏ͳมߋ͕ੜͨ͡ࡍ γάφϧ ΛૹΔ͜ͱ͕Ͱ͖Δ .":  • "DDPVOU͕5FSNJOBUF͞Εͨ • "DDPVOU͕৵֐͞ΕͨڪΕ͕͋Δ •

    'FEFSBUFE*EFOUJ fi FSҎ֎ͷࣝผࢠ &NBJM"EESFTT $FSUJ fi DBUF $/౳ Λ͸͡Ίͱ͢Δ"DDPVOUͷ"UUSJCVUFʹมߋ͕ੜͨ͡ • "DDPVOUʹద༻͞Ε͏Δ*"- ""-ͳ͍͠͸'"-ͷൣғʹมߋ͕ੜ ͨ͡
  22. ͕࣌ؒܦա͢ΔʹͭΕ, IdP ͔ΒΞΫηεͰ͖ͳ͘ͳͬͨ RP Subscriber Account ͕஝ੵ͞Ε͍ͯ͘Մೳੑ͕͋Δ. ͜Ε͸ RP Subscriber

    Account ʹ Personal Information Λอ࣋͢ΔϦεΫΛ RP ʹ΋ͨΒ͢. ಛʹ Just-in-time Provisioning ϞσϧͰ͸, Sec. 5.7 ͷ Shared Signaling ʹΑΓ IdP ͔Β Subscriber Account ͕ Terminate ͞Εͨͱ͍͏γάφϧΛૹΔ͜ͱ͕Ͱ͖ͳ͍. ͜ͷΑ͏ͳ ৚݅ԼͰ͸, RP ͸࣌ؒϕʔεͷϝΧχζϜΛ΋͍ͪͯҰఆ࣌ؒΞΫ ηεͷͳ͍ (ྫ͑͹, ࠷ऴΞΫηε͔Β120೔ͳͲ) RP Subscriber Account Λಛఆ͠ Terminate ͤ͞Δ΂͖Ͱ͋Δ (SHOULD).
  23. ͜ͷΑ͏ͳΠϯΞΫςΟϒͳ Account Λॲཧ͢Δࡍ, RP ͸ՄೳͰ͋ Ε͹อཹதͷ Account ͷ Terminate ʹ͍ͭͯ

    Subscriber ʹे෼ͳ ௨஌Λߦ͏͜ͱͱ͠, εέδϡʔϧ͞Εͨ Terminate ͷલʹ Subscriber ʹ Account Λ࠶ΞΫςΟϕʔτ͢ΔΦϓγϣϯΛఏڙ ͢Δ͜ͱͱ͢Δ (SHALL). Terminate Λߦ͏ࡍ͸, RP ͸ RP Subscriber Account ʹؔ࿈͢Δશͯͷ Personal Information Λ࡟ আ͢Δ͜ͱͱ͢Δ (SHALL). ͨͩ͠؂ࠪ΍ηΩϡϦςΟ໨తͰඞཁ ͱ͞ΕΔ৔߹Λআ͘.
  24. 1. Assertion Identifier 2. Signed Assertion 3. Encrypted Assertion 4.

    Audience Restriction 5. Pairwise Pseudonymous Identifiers
  25. Assertion ʹ Personally Identifiable Information ؚ͕·Ε͔ͭ Assertion ͕ϒϥ΢βͳͲͷதؒऀʹऔΓѻΘΕΔ৔߹, Federation Protocol

    ͸ Assertion Λ҉߸Խ͠ Assertion ʹؚ·ΕΔηϯγςΟϒ ͳ৘ใΛ༧ظͤ͵౰ࣄऀʹ࿙Ӯ͠ͳ͍Α͏อޢ͠ͳ͚Ε͹ͳΒͳ͍ (SHALL).
  26. ঢ়گʹΑͬͯ͸, ڞ௨ͷࣝผࢠΛ༻͍ͯෳ਺ͷ RP ʹ·͕ͨͬͯ Subscriber Account ΛϦϯΫ͢Δ͜ͱΛ๷͍͗ͨ৔߹͕͋Δ. Pairwise Pseudonymous Identifier

    (PPI) ͸, IdP ͕୯Ұͷ Subscriber Account ʹؔͯ͠ҟͳΔ RP ʹҟͳΔ Federated Identifier Λఏڙ͢Δ ͜ͱΛՄೳʹ͢Δ. ͜ΕʹΑΓҟͳΔ RP ͕ڞ๳ͯ͠ Federated Identifier Λ༻͍ͯ Subscriber ΛτϥοΫ͢Δ͜ͱΛ๷ࢭͰ͖Δ. * Pairwise Pseudonymous Identifier = PPI, not PPID
  27. 'FEFSBUJPO5ISFBUT "UUBDLT આ໌ ۩ମྫ "TTFSUJPO.BOVGBDUVSF PS.PEJGJDBUJPO "UUBDLFS͕"TTFSUJPOΛِ଄͢Δ ৵֐͞Εͨ*E1͕ ਖ਼͘͠"VUIFOUJDBUF͞Ε͍ͯͳ͍$MBJNBOUͷ*EFOUJUZΛ ओு͢Δ

    "UUBDLFS͕طଘ"TTFSUJPOΛվ͟Μ͢ Δ ৵֐͞Εͨ1SPYZ͕"VUIFOUJDBUJPO"TTFSUJPOͷ""-Λมߋ͢Δ "TTFSUJPO%JTDMPTVSF "TTFSUJPO͕SEQBSUZʹ࿙Ӯ͢Δ /FUXPSL؂ࢹΛ௨ͯ͡4VCTDSJCFSͷ"EESFTTPG3FDPSE͕෦֎ऀʹ࿙Ӯ͢Δ "TTFSUJPO3FQVEJBUJPO CZUIF*E1 *E1͕ࣄޙʹͳͬͯ5SBOTBDUJPOʹॺ໊͠ ͍ͯͳ͍ͱओு͢Δ Ϣʔβʔ͕31ʹ͓͍ͯෆਖ਼ͳΫϨδοτΧʔυऔҾΛߦͬͨࡍ *E1͕ࣗ਎͸Ϣʔ βʔΛϩάΠϯ͍ͤͯ͞ͳ͍ͱओு͢Δ "TTFSUJPO3FQVEJBUJPO CZUIF4VCTDSJCFS 4VCTDSJCFS͕5SBOTBDUJPOΛ࣮ߦͯ͠ ͍ͳ͍ͱओு͢Δ Ϣʔβʔಉҙ FH ܖ໿ ͕ཤߦෆೳʹͳΔ "TTFSUJPO3FEJSFDU "TTFSUJPO͕૝ఆ͞Ε͍ͯͳ͍ίϯςΩε τͰར༻͞ΕΔ ৵֐͞ΕͨϢʔβʔΤʔδΣϯτ͕"TTFSUJPOΛ"UUBDLFSʹૹ৴͠ "UUBDLFS ͕ͦΕΛผͷ৔ॴͰར༻͢Δ "TTFSUJPO3FVTF "TTFSUJPO͕ಉ͡31ʹରͯ͠ෳ਺ճར༻ ͞ΕΔ ๣ड͞Εͨ"TTFSUJPOΛར༻ͯ͠"UUBDLFS͕ࣗ਎ͷ4FTTJPOΛ"VUIFOUJDBUF ͢Δ "TTFSUJPO4VCTUJUVUJPO "UUBDLFS͕ҟͳΔ4VCTDSJCFS޲͚ͷ "TTFSUJPOΛར༻͢Δ *E1ͱ31ͷؒͰ4FTTJPO)JKBDLJOH"UUBDL͕੒ཱ͢Δ
  28. 'FEFSBUJPO5ISFBU"UUBDL 5ISFBU.JUJHBUJPO.FDIBOJTNT /PSNBUJWF 3FGFSFODF T "TTFSUJPO.BOVGBDUVSFPS .PEJGJDBUJPO *E1͕҉߸࿦తʹ"TTFSUJPOʹॺ໊͠ 31͕ͦΕΛݕূ͢Δ 

     "TTFSUJPOͷૹ৴ʹ*E1Λ"VUIFOUJDBUF͢Δ"VUIFOUJDBUFE1SPUFDUFE$IBOOFMΛར༻͢Δ   "TTFSUJPOʹਪଌෆՄೳͰϥϯμϜͳࣝผࢠΛؚΊΔ  "TTFSUJPO%JTDMPTVSF "TTFSUJPOͷૹ৴ʹ31Λ"VUIFOUJDBUF͢Δ"VUIFOUJDBUFE1SPUFDUFE$IBOOFMΛར༻͢Δ   "TTFSUJPOΛಛఆͷ31ʹ޲͚ͯ҉߸Խ͢Δ ૒ํ޲ͷ"VUIFOUJDBUFE1SPUFDUFE$IBOOFMΛ༻͍ͯ ୡ੒Մೳ  "TTFSUJPO3FQVEJBUJPOCZ UIF*E1 *E1͕/POSFQVEJBUJPO ൱ೝ๷ࢭ Λαϙʔτ͢ΔݤΛ༻͍ͯ҉߸࿦తʹ"TTFSUJPOʹॺ໊͠ 31͕ͦ ΕΛݕূ͢Δ  "TTFSUJPO3FQVEJBUJPOCZ UIF4VCTDSJCFS #PVOE"VUIFOUJDBUPSʹඥͮ͘"TTFSUJPOΛൃߦ͠ #PVOE"VUIFOUJDBUPSͷอ࣋ূ໌ʹΑΓ 4VCTDSJCFS͕31ʹؔ༩͍ͯ͠Δ͜ͱΛݕূ͢Δ  "TTFSUJPO3FEJSFDU "TTFSUJPOൃߦઌͷ31 l"VEJFODFz ͷ*EFOUJUZΛ"TTFSUJPOʹؚΊ 31͕ͦΕΛݕূ͢Δ    "TTFSUJPO3FVTF ୹͍༗ޮظؒͱڞʹൃߦ೔࣌Λ"TTFSUJPOͷॺ໊ର৅ίϯςϯπͱؚͯ͠Ί 31͕ͦΕΛݕূ͢Δ    31͸Ұఆͷઃఆظؒ಺ʹར༻͞Εͨ"TTFSUJPOΛ௥੻͠ ౰֘"TTFSUJPO͕ෳ਺ճΓ༻͞Ε͍ͯͳ͍͜ͱ Λอূ͢Δ  "TTFSUJPO4VCTUJUVUJPO "TTFSUJPO͕"TTFSUJPOཁٻ΁ͷࢀর΍31ͷϦΫΤετʹ҉߸࿦తʹඥ͚ͮΒΕͨͳΜΒ͔ͷ/PODF ΛؚΉ͜ͱΛอূ͢Δ  "TTFSUJPOΛϦΫΤετͱಉ͡"VUIFOUJDBUFE1SPUFDUFE$IBOOFMΛհͯ͠ૹ৴͢Δ#BDL$IBOOFM Ϟσϧ౳͕͜Εʹ͋ͨΔ 
  29. 1. Minimizing Tracking and Profiling 2. Notice and Consent 3.

    Data Minimization 4. Agency-Specific Privacy Compliance 5. Blinding in Proxied Federation
  30. [NISTIR 8062] ΑΓ: ݸਓ, ॴ༗ऀ, ࣄۀऀʹ ରͯ͠, PII ͓Αͼ PII

    ʹରͯ͠৘ใγες Ϝ͕ߦ͏ Processing ʹؔ͢Δ৴པੑͷߴ ͍ԾఆΛՄೳͱ͢Δ͜ͱ. Predictability [NISTIR 8062] NIST Internal Report 8062, An Introduction to Privacy Engineering and Risk Management in Federal Systems
  31. [NISTIR 8062] ΑΓ: ݸਓΛಛఆͰ͖Δ৘ใ ͷมߋ, ࡟আ, બ୒తͳ։ࣔΛؚΉ, ͖Ίࡉ ͔͍؅ཧػೳΛఏڙ͢Δ͜ͱ. Manageability

    [NISTIR 8062] NIST Internal Report 8062, An Introduction to Privacy Engineering and Risk Management in Federal Systems
  32. [NISTIR 8062] ΑΓ: γεςϜͷӡ༻্ͷඞ ཁੑΛ௒͑ͯݸਓ·ͨ͸σόΠεʹؔ࿈෇ ͚Δ͜ͱͳ͘ߦΘΕΔ, PII ·ͨ͸Πϕϯτ ͷ Processing.

    Disassociability [NISTIR 8062] NIST Internal Report 8062, An Introduction to Privacy Engineering and Risk Management in Federal Systems
  33. Proxy Type RP knows IdP IdP knows RP Proxy can

    track subscriptions between RP and IdP Proxy can see attributes of Subscriber Non-Blinding Proxy with Attributes Yes Yes Yes Yes Non-Blinding Proxy Yes Yes Yes N/A Double Blind Proxy with Attributes No No Yes Yes Double Blind Proxy No No Yes N/A Triple Blind Proxy with or without Attributes No No No No Blinding in Proxied Federation
  34. Triple Blind Proxy Ͱ͸, Proxy ͸ࣗ਎Λ௨ա͢ΔσʔλΛݟΔ͜ͱ΋ Ͱ͖ͳ͘ͳΔ. Blinding ͷϨϕϧ্͕͕ΔʹͭΕ, ٕज़త͓Αͼӡ༻্

    ͷ࣮૷ෳࡶ౓΋্ঢ͠͏Δ. Proxy ͸ Transaction Λ͍ͣΕ͔ͷଆͷద ੾ͳ౰ࣄऀʹϚοϐϯά͠, Transaction ಺ͷશͯͷ౰ࣄऀͷ伴Λ؅ཧ ͢Δඞཁ͕͋ΔͨΊ, ׬શͳ Triple Blind Proxy ͷ࣮૷͸࣮ࡍʹ͸ඇৗ ʹࠔ೉Ͱ͋Δ.
  35. Q&A