¡Ö¥Ñ¥¹¥ï¡¼¥É¤ò»æ¤Ë½ñ¤¯´ÉÍýÊýË¡¤Ï°Õ³°¤È°ÂÁ´¡×¡Ö¥Ñ¥¹¥ï¡¼¥É¤ÎÄê´üŪ¤ÊÊѹ¹¤Ï´í¸±¡×¡Öµ¹æ¤ä¿ô»ú¤Îº®ºß¤òµÁ̳ÉÕ¤±¤ë¤Î¤ÏNG¡×¤Ê¤ÉÃΤäƤª¤¯¤Ù¤¥Ñ¥¹¥ï¡¼¥ÉÃμ±
¥Ñ¥¹¥ï¡¼¥É¤Î°ÂÁ´¤Ê´ÉÍýÊýË¡¤È¤·¤Æ¡ÖÄê´üŪ¤Ë¥Ñ¥¹¥ï¡¼¥É¤òÊѹ¹¤¹¤ë¡×¡Ö¾¿Í¤Ë¥Ñ¥¹¥ï¡¼¥É¤òºîÀ®¤µ¤»¤ëºÝ¤Ëµ¹æ¤ä¿ô»ú¤òº®ºß¤µ¤»¤ë¤è¤¦¤Ëµá¤á¤ë¡×¤È¤¤¤Ã¤¿¥Î¥¦¥Ï¥¦¤ò¼ÂÁ©¤·¤Æ¤¤¤ë¿Í¤Ï¿¤¤¤Ï¤º¡£¤·¤«¤·¡¢¤³¤ì¤é¤Î´ÉÍýÊýË¡¤Ï¼Â¤Ï¥»¥¥å¥ê¥Æ¥£¥ê¥¹¥¯¤Î¹â¤¤¤â¤Î¤Ç¡¢Æâ³Õ¥µ¥¤¥Ð¡¼¥»¥¥å¥ê¥Æ¥£¥»¥ó¥¿¡¼(NISC)¤ä¥¢¥á¥ê¥«¹ñΩɸ½àµ»½Ñ¸¦µæ½ê(NIST)¤Î¥¬¥¤¥É¥é¥¤¥ó¤Ç¤ÏÈó¿ä¾©¤È¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Î°ÂÁ´¡¦°Â¿´¥Ï¥ó¥É¥Ö¥Ã¥¯ Ver5.00 Âè6¾Ï
NIST Releases Second Public Draft of Digital Identity Guidelines for Final Review | NIST
https://www.nist.gov/news-events/news/2024/08/nist-releases-second-public-draft-digital-identity-guidelines-final-review
¢¡¥Ñ¥¹¥ï¡¼¥É¤ÎÄê´üŪ¤ÊÊѹ¹¤Ï´í¸±
°ìÀÎÁ°¤Î¾ðÊ󶵰é¤Ç¤Ï¡Ö¥Ñ¥¹¥ï¡¼¥É¤ÎÄê´üŪ¤ÊÊѹ¹¡×¤¬¿ä¾©¤µ¤ì¤ë¤³¤È¤¬¤¢¤ê¤Þ¤·¤¿¤¬¡¢µ»öºîÀ®»þÅÀ¤Ç¤Ï¤à¤·¤í´í¸±¤Ê´·¹Ô¤È¤µ¤ì¤Æ¤¤¤Þ¤¹¡£NISC¤¬¸ø³«¤·¤Æ¤¤¤ë¡Ö¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Î°ÂÁ´¡¦°Â¿´¥Ï¥ó¥É¥Ö¥Ã¥¯¡×¤Ë¤è¤ë¤È¡¢¥Ñ¥¹¥ï¡¼¥É¤ÎÄê´üŪ¤ÊÊѹ¹¤Ï¡Ö¥Ñ¥¹¥ï¡¼¥É¤Îñ½ã²½¤ä¥ï¥ó¥Ñ¥¿¡¼¥ó²½¡×¡ÖÊ£¿ô¥µ¡¼¥Ó¥¹¤Ç¤ÎƱ°ì¥Ñ¥¹¥ï¡¼¥É¤Î»È¤¤²ó¤·¡×¤È¤¤¤Ã¤¿¥ê¥¹¥¯¤ò¾·¤¯¤È¤Î¤³¤È¡£
¢¡¥Ñ¥¹¥ï¡¼¥É¤Ï»æ¤Ë½ñ¤¯´ÉÍýÊýË¡¤Ï°Õ³°¤È°ÂÁ´
NISC¤Ï¡¢¥Ñ¥¹¥ï¡¼¥É¤Î°ÂÁ´¤Ê´ÉÍýÊýË¡¤È¤·¤Æ¡ÖʪÍýŪ¤Ê»æ¤Î¥Î¡¼¥È¤Ë½ñ¤¤¤ÆÊݴɡס֥¹¥Þ¡¼¥È¥Õ¥©¥óÍѤΥѥ¹¥ï¡¼¥É´ÉÍý¥¢¥×¥ê¤ËµÏ¿¡×¤È¤¤¤¦ÊýË¡¤ò¿ä¾©¤·¤Æ¤¤¤Þ¤¹¡£
ʪÍýŪ¤Ê»æ¤Î¥Î¡¼¥È¤Ï¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ¤¹¤ë¤³¤È¤¬ÉÔ²Äǽ¤Ç¤¢¤ê¡¢¥µ¥¤¥Ð¡¼¹¶·â¤òËɤ°¤³¤È¤¬²Äǽ¡£¤µ¤é¤Ë¡¢»æ¤ËµÏ¿¤µ¤ì¤¿¥Ñ¥¹¥ï¡¼¥É¤òÅð¤à¤Ë¤Ï¡Ö¸½¼ÂÀ¤³¦¤Ç¤ÎÀàÅð¹Ô°Ù¡×¤È¤¤¤¦ÊªÍýŪ¤Ê¹ÔÆ°¤òµ¯¤³¤¹É¬Íפ¬¤¢¤ë¤¿¤á¥ê¥¹¥¯¤òºÇ¾®¸Â¤ËÍÞ¤¨¤é¤ì¤Þ¤¹¡£
¥Ñ¥¹¥ï¡¼¥É´ÉÍý¥¢¥×¥ê¤ÏPC¸þ¤±¤Î¤â¤Î¤â¸ºß¤·¤Æ¤¤¤Þ¤¹¤¬¡¢NISC¤Ï¡Ö¥¹¥Þ¡¼¥È¥Õ¥©¥ó¤Î¥»¥¥å¥ê¥Æ¥£¤Ï½½Ê¬¤Ë¹â¤¯À߷פµ¤ì¤Æ¤¤¤ë¡×¤È¤¤¤¦Íýͳ¤Ç¥¹¥Þ¡¼¥È¥Õ¥©¥ó¸þ¤±¥¢¥×¥ê¤ÎÍøÍѤò¿ä¾©¤·¤Æ¤¤¤Þ¤¹¡£¤¿¤À¤·¡¢¥¢¥×¥ê¤Î¥Ç¡¼¥¿´ÉÍýÊýË¡¤Ë¤Ïµ¤¤òÇÛ¤ëɬÍפ¬¤¢¤ê¡¢¡Ö¥Ñ¥¹¥ï¡¼¥É¤ò¥¯¥é¥¦¥É¤ËÊݸ¤¹¤ë¥¢¥×¥ê¡×¤è¤ê¤â¡Ö¥Ñ¥¹¥ï¡¼¥É¤ò¥¹¥Þ¡¼¥È¥Õ¥©¥óÆâÉô¤ËÊݸ¤¹¤ë¥¢¥×¥ê¡×¤òÍ¥Àè¤Ù¤¤È¤Î¤³¤È¡£
¤Ê¤ª¡¢Edge¤äChrome¤Ê¤É¿¤¯¤Î¥¦¥§¥Ö¥Ö¥é¥¦¥¶¤Ë¤Ï¡Ö¥Ñ¥¹¥ï¡¼¥É¤òÊݸ¤·¤Æ¼«Æ°ÆþÎϤ¹¤ëµ¡Ç½¡×¤¬ÅëºÜ¤µ¤ì¤Æ¤¤¤Þ¤¹¤¬¡¢NISC¤Ï¡ÖÎ¥ÀÊ»þ¤Ë¾¿Í¤Ë¥Ñ¥¹¥ï¡¼¥É¤òÍøÍѤµ¤ì¤ë¡×¡Ö¥Ñ¥½¥³¥ó¤ò¥¯¥é¥Ã¥¥ó¥°¤µ¤ì¤¿ºÝ¤Ëº¬¤³¤½¤®Åð¤Þ¤ì¤ë¡×¤È¤¤¤¦´í¸±À¤«¤é¥Ö¥é¥¦¥¶¤Î¥Ñ¥¹¥ï¡¼¥ÉÊݸµ¡Ç½¤ò»È¤ï¤Ê¤¤¤è¤¦¤Ë¸Æ¤Ó¤«¤±¤Æ¤¤¤Þ¤¹¡£
¢¡µ¹æ¤ä¿ô»ú¤Îº®ºß¤òµÁ̳ÉÕ¤±¤ë¤Î¤ÏNG
¥¦¥§¥Ö¥µ¡¼¥Ó¥¹¤Ê¤É¤Î¥Ñ¥¹¥ï¡¼¥ÉºîÀ®²èÌ̤Ǥϡֵ¹æ¤ä¿ô»ú¤ò1ʸ»ú°Ê¾å»È¤Ã¤Æ¤¯¤À¤µ¤¤¡×¤È¤¤¤Ã¤¿¾ò·ï¤¬ÀßÄꤵ¤ì¤Æ¤¤¤ë¤³¤È¤¬Â¿¤¯¤¢¤ê¤Þ¤¹¡£¤·¤«¤·¡¢NIST¤¬¸ø³«¤·¤¿¡Ö¥Ç¥¸¥¿¥ëID¥¬¥¤¥É¥é¥¤¥ó²þÄûÂè4ÈÇ(SP 800-63-4)¡×¤Ç¤Ï¡¢µ¹æ¤ä¿ô»ú¤òº®ºß¤µ¤»¤ë¾ò·ïÉÕ¤±¤¬¥ê¥¹¥¯¤Ë¤Ê¤êÆÀ¤ë¤³¤È¤¬¼¨¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
NIST¤Ë¤è¤ë¤È¡¢Âçʸ»ú¤äµ¹æ¤ä¿ô»ú¤òº®ºß¤µ¤»¤ë¾ò·ïÉÕ¤±¤¬²Ý¤µ¤ì¤¿¾ì¹ç¡¢¥æ¡¼¥¶¡¼¤Ï¡Öpassword¡×¤ò¡ÖPassword¡×¡ÖPassword1¡×¡ÖPassword1!¡×¤È¤¤¤Ã¤¿Í½Â¬²Äǽ¤Ê¤â¤Î¤ËÊѹ¹¤¹¤ë²ÄǽÀ¤¬¹â¤¤¤È¤Î¤³¤È¡£¤³¤Î¤¿¤á¡¢¹¶·â¼Ô¤Ë¤È¤Ã¤Æ¤Ïͽ¬¤Ç¤¤ë¥Ñ¥¹¥ï¡¼¥É¤ò¼½ñ¹¶·âÍѤΥǡ¼¥¿¥Ù¡¼¥¹¤ËÅÐÏ¿¤·¤Æ¤ª¤¯¤À¤±¤Ç°ÂÁ´Âкö¤òÆÍÇˤǤ¤Æ¤·¤Þ¤¤¤Þ¤¹¡£
¤Þ¤¿¡¢¥æ¡¼¥¶¡¼¤¬°ÂÁ´À¤ò¹Íθ¤·¤Æ¡ÖÈó¾ï¤ËÊ£»¨¤Ê¥Ñ¥¹¥ï¡¼¥É¡×¤ò¹Í¤¨¤¿¾ì¹ç¤Ç¤â¡ÖÊ£»¨¤Ê¥Ñ¥¹¥ï¡¼¥É¤ò³Ð¤¨¤é¤ì¤Ê¤¤¤¿¤á¡¢ÅÅ»ÒŪ¤Ë°ÂÁ´¤Ç¤Ê¤¤¾ì½ê¤ËÊݴɤ¹¤ë¡×¤È¤¤¤¦¹ÔÆ°¤ò°ú¤µ¯¤³¤·¤Æ¤·¤Þ¤¦¤È¤Î¤³¤È¡£
¢¡¥Ñ¥¹¥ï¡¼¥É¤ÏŤ¤Êý¤¬¤¤¤¤
NIST¤Ï¥¦¥§¥Ö¥µ¡¼¥Ó¥¹¤Ê¤É¤Î´ÉÍý¼Ô¤ËÂФ·¤Æ¡Ö¥Ñ¥¹¥ï¡¼¥É¤Îʸ»ú¿ô¤ÎºÇÄãÃͤϡ¢¾¯¤Ê¤¯¤È¤â8ʸ»ú°Ê¾å¤ËÀßÄꤷ¤Ê¤±¤ì¤Ð¤Ê¤é¤Ê¤¤¡×¤ÈÄó¸À¡£¤µ¤é¤Ë¡¢¡Ö¥Ñ¥¹¥ï¡¼¥É¤Îʸ»ú¿ô¤ÎºÇÄãÃͤϡ¢²Äǽ¤Ê¤é¤Ð15ʸ»ú°Ê¾å¤ËÀßÄꤹ¤ë¤Ù¤¡×¤È¤â½Ò¤Ù¤Æ¤¤¤Þ¤¹¡£²Ã¤¨¤Æ¡¢NIST¤Î¥¬¥¤¥É¥é¥¤¥ó¤Ë¤Ï¡Ö¥Ñ¥¹¥ï¡¼¥É¤Îʸ»ú¿ô¤ÎºÇÂçÃͤϡ¢²Äǽ¤Ê¤é¤Ð64ʸ»ú°Ê¾å¤Ë¤¹¤ë¤Ù¤¤Ç¤¢¤ë¡×¤È¤âµºÜ¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
¢¡¡Ö¥Ñ¥¹¥ï¡¼¥É¤Î¥Ò¥ó¥È¡×¤Ï¼ÂÁõ¤·¤Æ¤Ï¤Ê¤é¤Ê¤¤
¥¦¥§¥Ö¥µ¥¤¥È¤ÎÃæ¤Ë¤Ï¡¢¥æ¡¼¥¶¡¼¤¬¥Ñ¥¹¥ï¡¼¥É¤ò˺¤ì¤Æ¤·¤Þ¤Ã¤¿¤È¤¤Î¤¿¤á¤Ë¥Ñ¥¹¥ï¡¼¥ÉÆþÎÏÍó¤Ë¡Ö¥Ñ¥¹¥ï¡¼¥É¤Î¥Ò¥ó¥È¡×¤òɽ¼¨¤¹¤ë¤â¤Î¤â¤¢¤ê¤Þ¤¹¡£¤·¤«¤·¡¢NIST¤Ï¥»¥¥å¥ê¥Æ¥£¾å¤Î·üÇ°¤«¤é¡Ö¥Ñ¥¹¥ï¡¼¥É¤Î¥Ò¥ó¥È¡×¤ò¼ÂÁõ¤·¤Ê¤¤¤è¤¦¤Ëµá¤á¤Æ¤¤¤Þ¤¹¡£
¢¡¡ÖÈëÌ©¤Î¼ÁÌä¡×¤Ï¼ÂÁõ¤·¤Æ¤Ï¤Ê¤é¤Ê¤¤
¥Ñ¥¹¥ï¡¼¥ÉÊѹ¹»þ¤ÎËܿͳÎǧ¤Î¤¿¤á¤Ë¡ÖÈëÌ©¤Î¼ÁÌä¡×¤ÎÀßÄê¤òµá¤á¤ë¥¦¥§¥Ö¥µ¥¤¥È¤â¤¢¤ê¤Þ¤¹¤¬¡¢NIST¤Ï¡ÖÈëÌ©¤Î¼ÁÌä¡×¤Î¼ÂÁõ¤â¼è¤ê¤ä¤á¤ë¤è¤¦¤ËÄó¸À¤·¤Æ¤¤¤Þ¤¹¡£
¢¡¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Î°ÂÁ´¡¦°Â¿´¥Ï¥ó¥É¥Ö¥Ã¥¯
NISC¤¬¸ø³«¤·¤Æ¤¤¤ë¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Î°ÂÁ´¡¦°Â¿´¥Ï¥ó¥É¥Ö¥Ã¥¯¤Ë¤Ï¡¢¥Ñ¥¹¥ï¡¼¥É¤Î´ÉÍýÊýË¡°Ê³°¤Ë¤â¥µ¥¤¥Ð¡¼¥»¥¥å¥ê¥Æ¥£¤Î´ðÁÃÃ챤äSNS¤Î°ÂÁ´¤Ê»È¤¤Êý¤Ê¤É¤Î¾ðÊ󤬵¤µ¤ì¤Æ¤¤¤Þ¤¹¡£¥Ï¥ó¥É¥Ö¥Ã¥¯¤Ï°Ê²¼¤Î¥ê¥ó¥¯Àè¤Ç̵ÎÁ¸ø³«¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Î°ÂÁ´¡¦°Â¿´¥Ï¥ó¥É¥Ö¥Ã¥¯ - NISC
https://security-portal.nisc.go.jp/guidance/handbook.html
¤Þ¤¿¡¢NIST¤¬2024ǯ8·î¤Ë¸ø³«¤·¤¿¡Ö¥Ç¥¸¥¿¥ëID¥¬¥¤¥É¥é¥¤¥ó²þÄûÂè4ÈÇ(SP 800-63-4)¡×¤Ï¡¢°Ê²¼¤Î¥ê¥ó¥¯Àè¤ÇÆɤá¤Þ¤¹¡£
NIST Special Publication 800-63B
https://pages.nist.gov/800-63-4/sp800-63b.html