¥Ñ¥¹¥ï¡¼¥É¤Î°ÂÁ´¤Ê´ÉÍýÊýË¡¤È¤·¤Æ¡ÖÄê´üŪ¤Ë¥Ñ¥¹¥ï¡¼¥É¤òÊѹ¹¤¹¤ë¡×¡Ö¾¿Í¤Ë¥Ñ¥¹¥ï¡¼¥É¤òºîÀ®¤µ¤»¤ëºÝ¤Ëµ­¹æ¤ä¿ô»ú¤òº®ºß¤µ¤»¤ë¤è¤¦¤Ëµá¤á¤ë¡×¤È¤¤¤Ã¤¿¥Î¥¦¥Ï¥¦¤ò¼ÂÁ©¤·¤Æ¤¤¤ë¿Í¤Ï¿¤¤¤Ï¤º¡£¤·¤«¤·¡¢¤³¤ì¤é¤Î´ÉÍýÊýË¡¤Ï¼Â¤Ï¥»¥­¥å¥ê¥Æ¥£¥ê¥¹¥¯¤Î¹â¤¤¤â¤Î¤Ç¡¢Æâ³Õ¥µ¥¤¥Ð¡¼¥»¥­¥å¥ê¥Æ¥£¥»¥ó¥¿¡¼(NISC)¤ä¥¢¥á¥ê¥«¹ñΩɸ½àµ»½Ñ¸¦µæ½ê(NIST)¤Î¥¬¥¤¥É¥é¥¤¥ó¤Ç¤ÏÈó¿ä¾©¤È¤µ¤ì¤Æ¤¤¤Þ¤¹¡£

¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Î°ÂÁ´¡¦°Â¿´¥Ï¥ó¥É¥Ö¥Ã¥¯ Ver5.00 Âè6¾Ï

(PDF¥Õ¥¡¥¤¥ë)https://security-portal.nisc.go.jp/guidance/pdf/handbook/handbook-06.pdf

NIST Releases Second Public Draft of Digital Identity Guidelines for Final Review | NIST

https://www.nist.gov/news-events/news/2024/08/nist-releases-second-public-draft-digital-identity-guidelines-final-review

¢¡¥Ñ¥¹¥ï¡¼¥É¤ÎÄê´üŪ¤ÊÊѹ¹¤Ï´í¸±

°ìÀÎÁ°¤Î¾ðÊ󶵰é¤Ç¤Ï¡Ö¥Ñ¥¹¥ï¡¼¥É¤ÎÄê´üŪ¤ÊÊѹ¹¡×¤¬¿ä¾©¤µ¤ì¤ë¤³¤È¤¬¤¢¤ê¤Þ¤·¤¿¤¬¡¢µ­»öºîÀ®»þÅÀ¤Ç¤Ï¤à¤·¤í´í¸±¤Ê´·¹Ô¤È¤µ¤ì¤Æ¤¤¤Þ¤¹¡£NISC¤¬¸ø³«¤·¤Æ¤¤¤ë¡Ö¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Î°ÂÁ´¡¦°Â¿´¥Ï¥ó¥É¥Ö¥Ã¥¯¡×¤Ë¤è¤ë¤È¡¢¥Ñ¥¹¥ï¡¼¥É¤ÎÄê´üŪ¤ÊÊѹ¹¤Ï¡Ö¥Ñ¥¹¥ï¡¼¥É¤Îñ½ã²½¤ä¥ï¥ó¥Ñ¥¿¡¼¥ó²½¡×¡ÖÊ£¿ô¥µ¡¼¥Ó¥¹¤Ç¤ÎƱ°ì¥Ñ¥¹¥ï¡¼¥É¤Î»È¤¤²ó¤·¡×¤È¤¤¤Ã¤¿¥ê¥¹¥¯¤ò¾·¤¯¤È¤Î¤³¤È¡£

¢¡¥Ñ¥¹¥ï¡¼¥É¤Ï»æ¤Ë½ñ¤¯´ÉÍýÊýË¡¤Ï°Õ³°¤È°ÂÁ´

NISC¤Ï¡¢¥Ñ¥¹¥ï¡¼¥É¤Î°ÂÁ´¤Ê´ÉÍýÊýË¡¤È¤·¤Æ¡ÖʪÍýŪ¤Ê»æ¤Î¥Î¡¼¥È¤Ë½ñ¤¤¤ÆÊݴɡס֥¹¥Þ¡¼¥È¥Õ¥©¥óÍѤΥѥ¹¥ï¡¼¥É´ÉÍý¥¢¥×¥ê¤Ëµ­Ï¿¡×¤È¤¤¤¦ÊýË¡¤ò¿ä¾©¤·¤Æ¤¤¤Þ¤¹¡£

ʪÍýŪ¤Ê»æ¤Î¥Î¡¼¥È¤Ï¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ¤¹¤ë¤³¤È¤¬ÉÔ²Äǽ¤Ç¤¢¤ê¡¢¥µ¥¤¥Ð¡¼¹¶·â¤òËɤ°¤³¤È¤¬²Äǽ¡£¤µ¤é¤Ë¡¢»æ¤Ëµ­Ï¿¤µ¤ì¤¿¥Ñ¥¹¥ï¡¼¥É¤òÅð¤à¤Ë¤Ï¡Ö¸½¼ÂÀ¤³¦¤Ç¤ÎÀàÅð¹Ô°Ù¡×¤È¤¤¤¦ÊªÍýŪ¤Ê¹ÔÆ°¤òµ¯¤³¤¹É¬Íפ¬¤¢¤ë¤¿¤á¥ê¥¹¥¯¤òºÇ¾®¸Â¤ËÍÞ¤¨¤é¤ì¤Þ¤¹¡£

¥Ñ¥¹¥ï¡¼¥É´ÉÍý¥¢¥×¥ê¤ÏPC¸þ¤±¤Î¤â¤Î¤â¸ºß¤·¤Æ¤¤¤Þ¤¹¤¬¡¢NISC¤Ï¡Ö¥¹¥Þ¡¼¥È¥Õ¥©¥ó¤Î¥»¥­¥å¥ê¥Æ¥£¤Ï½½Ê¬¤Ë¹â¤¯À߷פµ¤ì¤Æ¤¤¤ë¡×¤È¤¤¤¦Íýͳ¤Ç¥¹¥Þ¡¼¥È¥Õ¥©¥ó¸þ¤±¥¢¥×¥ê¤ÎÍøÍѤò¿ä¾©¤·¤Æ¤¤¤Þ¤¹¡£¤¿¤À¤·¡¢¥¢¥×¥ê¤Î¥Ç¡¼¥¿´ÉÍýÊýË¡¤Ë¤Ïµ¤¤òÇÛ¤ëɬÍפ¬¤¢¤ê¡¢¡Ö¥Ñ¥¹¥ï¡¼¥É¤ò¥¯¥é¥¦¥É¤ËÊݸ¤¹¤ë¥¢¥×¥ê¡×¤è¤ê¤â¡Ö¥Ñ¥¹¥ï¡¼¥É¤ò¥¹¥Þ¡¼¥È¥Õ¥©¥óÆâÉô¤ËÊݸ¤¹¤ë¥¢¥×¥ê¡×¤òÍ¥Àè¤Ù¤­¤È¤Î¤³¤È¡£



¤Ê¤ª¡¢Edge¤äChrome¤Ê¤É¿¤¯¤Î¥¦¥§¥Ö¥Ö¥é¥¦¥¶¤Ë¤Ï¡Ö¥Ñ¥¹¥ï¡¼¥É¤òÊݸ¤·¤Æ¼«Æ°ÆþÎϤ¹¤ëµ¡Ç½¡×¤¬ÅëºÜ¤µ¤ì¤Æ¤¤¤Þ¤¹¤¬¡¢NISC¤Ï¡ÖÎ¥ÀÊ»þ¤Ë¾¿Í¤Ë¥Ñ¥¹¥ï¡¼¥É¤òÍøÍѤµ¤ì¤ë¡×¡Ö¥Ñ¥½¥³¥ó¤ò¥¯¥é¥Ã¥­¥ó¥°¤µ¤ì¤¿ºÝ¤Ëº¬¤³¤½¤®Åð¤Þ¤ì¤ë¡×¤È¤¤¤¦´í¸±À­¤«¤é¥Ö¥é¥¦¥¶¤Î¥Ñ¥¹¥ï¡¼¥ÉÊݸµ¡Ç½¤ò»È¤ï¤Ê¤¤¤è¤¦¤Ë¸Æ¤Ó¤«¤±¤Æ¤¤¤Þ¤¹¡£



¢¡µ­¹æ¤ä¿ô»ú¤Îº®ºß¤òµÁ̳ÉÕ¤±¤ë¤Î¤ÏNG

¥¦¥§¥Ö¥µ¡¼¥Ó¥¹¤Ê¤É¤Î¥Ñ¥¹¥ï¡¼¥ÉºîÀ®²èÌ̤Ǥϡֵ­¹æ¤ä¿ô»ú¤ò1ʸ»ú°Ê¾å»È¤Ã¤Æ¤¯¤À¤µ¤¤¡×¤È¤¤¤Ã¤¿¾ò·ï¤¬ÀßÄꤵ¤ì¤Æ¤¤¤ë¤³¤È¤¬Â¿¤¯¤¢¤ê¤Þ¤¹¡£¤·¤«¤·¡¢NIST¤¬¸ø³«¤·¤¿¡Ö¥Ç¥¸¥¿¥ëID¥¬¥¤¥É¥é¥¤¥ó²þÄûÂè4ÈÇ(SP 800-63-4)¡×¤Ç¤Ï¡¢µ­¹æ¤ä¿ô»ú¤òº®ºß¤µ¤»¤ë¾ò·ïÉÕ¤±¤¬¥ê¥¹¥¯¤Ë¤Ê¤êÆÀ¤ë¤³¤È¤¬¼¨¤µ¤ì¤Æ¤¤¤Þ¤¹¡£

NIST¤Ë¤è¤ë¤È¡¢Âçʸ»ú¤äµ­¹æ¤ä¿ô»ú¤òº®ºß¤µ¤»¤ë¾ò·ïÉÕ¤±¤¬²Ý¤µ¤ì¤¿¾ì¹ç¡¢¥æ¡¼¥¶¡¼¤Ï¡Öpassword¡×¤ò¡ÖPassword¡×¡ÖPassword1¡×¡ÖPassword1!¡×¤È¤¤¤Ã¤¿Í½Â¬²Äǽ¤Ê¤â¤Î¤ËÊѹ¹¤¹¤ë²ÄǽÀ­¤¬¹â¤¤¤È¤Î¤³¤È¡£¤³¤Î¤¿¤á¡¢¹¶·â¼Ô¤Ë¤È¤Ã¤Æ¤Ïͽ¬¤Ç¤­¤ë¥Ñ¥¹¥ï¡¼¥É¤ò¼­½ñ¹¶·âÍѤΥǡ¼¥¿¥Ù¡¼¥¹¤ËÅÐÏ¿¤·¤Æ¤ª¤¯¤À¤±¤Ç°ÂÁ´Âкö¤òÆÍÇˤǤ­¤Æ¤·¤Þ¤¤¤Þ¤¹¡£

¤Þ¤¿¡¢¥æ¡¼¥¶¡¼¤¬°ÂÁ´À­¤ò¹Íθ¤·¤Æ¡ÖÈó¾ï¤ËÊ£»¨¤Ê¥Ñ¥¹¥ï¡¼¥É¡×¤ò¹Í¤¨¤¿¾ì¹ç¤Ç¤â¡ÖÊ£»¨¤Ê¥Ñ¥¹¥ï¡¼¥É¤ò³Ð¤¨¤é¤ì¤Ê¤¤¤¿¤á¡¢ÅÅ»ÒŪ¤Ë°ÂÁ´¤Ç¤Ê¤¤¾ì½ê¤ËÊݴɤ¹¤ë¡×¤È¤¤¤¦¹ÔÆ°¤ò°ú¤­µ¯¤³¤·¤Æ¤·¤Þ¤¦¤È¤Î¤³¤È¡£

¢¡¥Ñ¥¹¥ï¡¼¥É¤ÏŤ¤Êý¤¬¤¤¤¤

NIST¤Ï¥¦¥§¥Ö¥µ¡¼¥Ó¥¹¤Ê¤É¤Î´ÉÍý¼Ô¤ËÂФ·¤Æ¡Ö¥Ñ¥¹¥ï¡¼¥É¤Îʸ»ú¿ô¤ÎºÇÄãÃͤϡ¢¾¯¤Ê¤¯¤È¤â8ʸ»ú°Ê¾å¤ËÀßÄꤷ¤Ê¤±¤ì¤Ð¤Ê¤é¤Ê¤¤¡×¤ÈÄó¸À¡£¤µ¤é¤Ë¡¢¡Ö¥Ñ¥¹¥ï¡¼¥É¤Îʸ»ú¿ô¤ÎºÇÄãÃͤϡ¢²Äǽ¤Ê¤é¤Ð15ʸ»ú°Ê¾å¤ËÀßÄꤹ¤ë¤Ù¤­¡×¤È¤â½Ò¤Ù¤Æ¤¤¤Þ¤¹¡£²Ã¤¨¤Æ¡¢NIST¤Î¥¬¥¤¥É¥é¥¤¥ó¤Ë¤Ï¡Ö¥Ñ¥¹¥ï¡¼¥É¤Îʸ»ú¿ô¤ÎºÇÂçÃͤϡ¢²Äǽ¤Ê¤é¤Ð64ʸ»ú°Ê¾å¤Ë¤¹¤ë¤Ù¤­¤Ç¤¢¤ë¡×¤È¤âµ­ºÜ¤µ¤ì¤Æ¤¤¤Þ¤¹¡£

¢¡¡Ö¥Ñ¥¹¥ï¡¼¥É¤Î¥Ò¥ó¥È¡×¤Ï¼ÂÁõ¤·¤Æ¤Ï¤Ê¤é¤Ê¤¤

¥¦¥§¥Ö¥µ¥¤¥È¤ÎÃæ¤Ë¤Ï¡¢¥æ¡¼¥¶¡¼¤¬¥Ñ¥¹¥ï¡¼¥É¤ò˺¤ì¤Æ¤·¤Þ¤Ã¤¿¤È¤­¤Î¤¿¤á¤Ë¥Ñ¥¹¥ï¡¼¥ÉÆþÎÏÍó¤Ë¡Ö¥Ñ¥¹¥ï¡¼¥É¤Î¥Ò¥ó¥È¡×¤òɽ¼¨¤¹¤ë¤â¤Î¤â¤¢¤ê¤Þ¤¹¡£¤·¤«¤·¡¢NIST¤Ï¥»¥­¥å¥ê¥Æ¥£¾å¤Î·üÇ°¤«¤é¡Ö¥Ñ¥¹¥ï¡¼¥É¤Î¥Ò¥ó¥È¡×¤ò¼ÂÁõ¤·¤Ê¤¤¤è¤¦¤Ëµá¤á¤Æ¤¤¤Þ¤¹¡£

¢¡¡ÖÈëÌ©¤Î¼ÁÌä¡×¤Ï¼ÂÁõ¤·¤Æ¤Ï¤Ê¤é¤Ê¤¤

¥Ñ¥¹¥ï¡¼¥ÉÊѹ¹»þ¤ÎËܿͳÎǧ¤Î¤¿¤á¤Ë¡ÖÈëÌ©¤Î¼ÁÌä¡×¤ÎÀßÄê¤òµá¤á¤ë¥¦¥§¥Ö¥µ¥¤¥È¤â¤¢¤ê¤Þ¤¹¤¬¡¢NIST¤Ï¡ÖÈëÌ©¤Î¼ÁÌä¡×¤Î¼ÂÁõ¤â¼è¤ê¤ä¤á¤ë¤è¤¦¤ËÄó¸À¤·¤Æ¤¤¤Þ¤¹¡£

¢¡¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Î°ÂÁ´¡¦°Â¿´¥Ï¥ó¥É¥Ö¥Ã¥¯

NISC¤¬¸ø³«¤·¤Æ¤¤¤ë¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Î°ÂÁ´¡¦°Â¿´¥Ï¥ó¥É¥Ö¥Ã¥¯¤Ë¤Ï¡¢¥Ñ¥¹¥ï¡¼¥É¤Î´ÉÍýÊýË¡°Ê³°¤Ë¤â¥µ¥¤¥Ð¡¼¥»¥­¥å¥ê¥Æ¥£¤Î´ðÁÃÃ챤äSNS¤Î°ÂÁ´¤Ê»È¤¤Êý¤Ê¤É¤Î¾ðÊ󤬵­¤µ¤ì¤Æ¤¤¤Þ¤¹¡£¥Ï¥ó¥É¥Ö¥Ã¥¯¤Ï°Ê²¼¤Î¥ê¥ó¥¯Àè¤Ç̵ÎÁ¸ø³«¤µ¤ì¤Æ¤¤¤Þ¤¹¡£

¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Î°ÂÁ´¡¦°Â¿´¥Ï¥ó¥É¥Ö¥Ã¥¯ - NISC

https://security-portal.nisc.go.jp/guidance/handbook.html



¤Þ¤¿¡¢NIST¤¬2024ǯ8·î¤Ë¸ø³«¤·¤¿¡Ö¥Ç¥¸¥¿¥ëID¥¬¥¤¥É¥é¥¤¥ó²þÄûÂè4ÈÇ(SP 800-63-4)¡×¤Ï¡¢°Ê²¼¤Î¥ê¥ó¥¯Àè¤ÇÆɤá¤Þ¤¹¡£

NIST Special Publication 800-63B

https://pages.nist.gov/800-63-4/sp800-63b.html