22 2
ii
20 10 iii
iv
1...1 1.1....1 1.2....2 1.3....3 2...10 2.1....10 2.1.1....10 2.1.1.1.... 11 2.1.1.2....13 2.1.2....16 2.1.3....18 2.1.3.1....18 2.1.3.2....21 2.1.3.3....22 2.2....25 3...29 3.1....29 3.1.1....29 3.1.2....37 3.1.2.1. STORK QAA...37 3.1.2.2. OMB M-04-04 NIST SP800-63...39 3.1.2.3. ITU-T X.eaa Entity Authentication Assurance ISO/IEC 29115...41 3.2....42 3.2.1....42 3.2.2....44 3.3....45 3.3.1....46 3.3.1.1....46 3.3.1.2....47 3.3.1.3....48 3.3.2....49 3.3.2.1....49 3.3.2.2....50 3.3.3....51 4...52 4.1....53 4.2....54 v
4.2.1....55 4.2.2....56 4.2.3....56 4.2.4....56 4.2.5....56 4.2.6....57 4.2.7....57 4.3....57 4.3.1....58 4.3.2....58 4.3.3....60 4.4. ID...61 5...63 5.1....63 5.1.1....63 5.1.2....63 5.2....65 5.2.1....65 5.2.2....67 5.3....69 5.3.1....69 5.3.2....70 5.4....74 6...76 6.1....76 6.2....76 6.3....78 vi
vii
viii
1 1.1. 20 12 IT 20092011 100100 201372 14 800 1% 165 5 71 15 21 20 1 1 8 1.1 1
IT 1.2 1.2. 21 2 3 21 23 3 2
1.3. 20 10 CIO IT 3
1 1 2009 7 1 CIO 4
1.1 201017 201121 egov 201212 21126 21227 21323 21518 21715 21831 10 21105 11 211118 5
2009 6 IT 2009 3 CIO CIO CIO IS 6
7
8 DB DB
PKI 1990 2000 9
2 2.1. 2.1.1. 10
2.1.1.1. 20 2 20 76.5 50.6 19 43 20 45.4 36.9 ID ID ID 2 20 http://www.soumu.go.jp/main_content/000031924.pdf 11
2.1 7 25 20 417,578,403 211,196,651 50.6% 45.4% 72% ID20 66.07% 23 12.90% 20 ID 19 0.55%0.51% 20 12.13%15.11% 12
2.2 2.1.1.2. 47 2.2 47 20 12 21 1 45 13
20 25 20 16 2.3 3 47 39 7 32 14
15 2.4 2.5
2.1.2. 3 2.3 Web 21 1 23 21 1 28 6 21 1 16 21 1 30 15 21 1 16 21 1 30 15 21 1 20 21 1 30 11 3 http://www.kantei.go.jp/jp/singi/it2/ithyouka/houkoku/2008/den_huzoku2.pdf 16
2.6 IC 68.6 25.8 23.8 IC 63.1 30.2 28.0 17
56.2 38.9 26.626.6 2.1.3. 2.1.1 2.1.2 2.1.3.1. 13 4 18
20 57 27 web 2.7 6 29 19 21 3 113 4 94 1 4 19 23 20 23 19 19 20 5 19
21 4 5 2.8 ID 55ID ID ID 20 5 http://www.soumu.go.jp/main_sosiki/kenkyu/kojin_kakudai/index.html 20
2.4 Web ID 0% 20% 40% 60% 80% 100% 8.5% 55.0% 21.4% 5.9% 4.5% 4.7% 1 23 69 1 45 10 2.9 2.1.3.2. 21
2.1.3.3. 6 S39.5.12 228 4 6 228 1 ) 22
2.10 2 3 23
31 1862 7 UNCITAL 3 4 7 24
2.2. 20 6 e 8 IT 8 e http://www.kantei.go.jp/jp/singi/it2/nextg/pdf/grandhonbun.pdf 25
26 ID ID
IT IT 27
28
3 3.1. 1990 2000 3.1.1. 199912EU2001 7 Qualified Certificate(Advanced Signature)(Qualified Signature)3.1 CENEuropean Committee for StandardizationETSIEuropean Telecommunications Standard Institute EU200811 eid 20093 2010 29
2012eIDSTORK 3.1 EU Qualified SignatureQS Qualified CertificateQC Advanced SignatureAS Simple SignatureSS EU 9 20029Registration and Authentication OMB M-04-04Authentication for e-government Best Practice Framework Australian Government e-authentication Framework (AGAF) web IDABC 10 9 1998 OMB ID PIN http://www.whitehouse.gov/omb/fedreg_gpea2/ 10 Interoperable Delivery of pan-european egovernment Services to Public Administrations, 30
Authentication Policy LoALevels of Assurance 2007 6 OECD ITU-T ISO 2001 13 4 2007 Businesses and Citizens 2004 4 EU i2010 31
32 2010 2005 2000 IT 1990 2000
3.2 33
IC ID ID 34
1999 IC OTP TUPAS OTP EU Tupas Tupas Tupas SSL 11 TUPAS certification service, Service description and guidelines Version 2.2 https://myacc.tut.fi/tupas/docs/tupas_v22_eng.pdf 35
3.3 IDABC; Study on Mutual Recognition of esignatures 134 1,058 4846 823 551 918 532 UN e-gov08 13 24 16 15 IC IC IC 2002 2003 1999 2004 2003 2002 1999 12 105 09 850 08 1790 (08) 10 134 09 230 09 24 09 80% 80% 37% 1% 24% 26 5% 10 1015 ecard 48 ID ID ID ID ID i-pin sourcepin (ecard) USB 2010 OTP ID 3 SSN 1990 OTP TUPAS 300 ID 36
3.1.2. STORK project 3.1.2.1. STORK 12 QAA ID LoALevels of Assurance STORK EU 12 Secure identity across borders linked: EU EU i2010 eid 2010 eid NPO 29 13 STORK D2.3 Quality authenticator scheme http://www.eid-stork.eu/index.php?option=com_processes&itemid=&act=streamdocument&d id=577 37
STORK 2009 3 Quality authenticator scheme EU STORK QAAQuality Authentication Assurance 3.4 STORK QAA 3.4 STORK QAA 3.5 STORK QAA PIN PIN PIN PIN EU EU STORK QAA IDABC 2007 12 Proposal for a multi-level authentication mechanism 14 NIST 1455 5 http://ec.europa.eu/idabc/servlets/doc?id=29622 38
EU STORK QAA 3.6 STORK QAA QAA QAA QAA QAA OTP ID ID PIN IC 3.1.2.2. OMB M-04-04 NIST SP800-63 OMB M-04-04 2003 12 OMBLoA Levels of Assurance 39
OMB M-04-04 NIST Special Publication 800-63 40
OMB M-04-04 NIST Special Publication 800-63-1 OMB M-04-042004 9 NIST 2009 7 CIO ICAM Trust Framework Provider Adoption ProcessTFPAP Kantara InitiativeOpenID FoundationInfoCard FoundationInCommon Federation 3.1.2.3. ITU-T X.eaa Entity Authentication Assurance ISO/IEC 29115 ISOITU 2010 ISO/IEC 29115 Information Technology-Security techniques-entity authentication assurance /ITU-T X.eaa Entity Authentication Assurance X.eaa NIST SP800-63 41
3.2. 3.2.1. 42
PC ID PC OTP 43
3.2.2. ID OTP SSL EVSSL 15 15 EVSSL SSL 44
FFIEC 2005 10 Authentication in an Internet Banking Environment 2006 3.3. 45
DB DB 3.3.1. 3.3.1.1. DNA ID IC USB CDATM 46
3.3.1.2. OTP OTP OTP OTP PIN OTP OTP OTP OTP OTP OTP 47
3.3.1.3. Cognometric Locimetric Drawmetric Cognometric Locimetric Cognometric 48
3.3.2. 3.3.2.1. RSA XML XML SAMLSecurity Assertion Markup Language Web Service -* XML XML DSig, XML-DSig, XML-SigEU 1999/93/EC 49
XAdES XML Advanced Electronic Signature 3.3.2.2. e NICT 50
3.3.3. SSO OpenID Foundation OpenID Liberty Alliance Project SAMLThe Information Card Foundation InformationCard Kantara Initiative SAMLWS-*OpenID 51
4 1990 2000 16 16 52
53 4.1. ID ID/PW DB
4.2. 54
4.1 4.2.1. 17 21 7 1 3.4 6 7 http://www.kantei.go.jp/jp/singi/it2/guide/index.html 55
4.2.2. 4.2.3. ID 4.2.4. 4.2.5. 56
4.2.6. 4.2.7. ID ID 4.3. 57
4.3.1. ID 18 4.3.2. 18 58
59
4.3.3. or 4.5 60
61 4.4. ID 4.6 ID 4.6 ID 4.7 ID ID () ID ()
ID ID ID ID 62
5 5.1. 5.1.1. 5.1.2. 5.1 5.2 63
64 5.3 SAML OpenID SAMLOpenID
5.2. 5.2.1. FIPS199 65
5.1 5.2 66
5.2.2. 5.3 5.3 5.4 67
5.4 68
5.3. 5.3.1. SSL/TLS 5.6 5.5 69
70 5.3.2. 4 5.4
1 2 71
() (2) ID (3) () (2) (3) (4) 2 2 72
2 73
5.4. 5.5 74
CIO 5.5 75
6 6.1. X.509 key usage 6.2. 76
2003 15 CIO 19 IT EAEnterprise Architecture 2009 21 8 IT ID CC IC ISO/IEC15408 IC LSI 19 2003 15 7 17 CIO2004 16 6 14 77
Certification() Authentication 6.3. e-gov ID ID SSO ID ID 78
1
2
3
4
, 2, 45, 3, 42, 6, 36 5
, 21, 26, 0, 26 6
, 2, 45, 25, 20 7
, 3, 17, 0, 20 8
, 3, 44, 1, 43, 20, 24 9
, 0, 47, 23, 24, 25, 22 10
, 8, 39, 0, 39 11
, 0, 47, 14, 33 12
, 0, 47, 6, 41, 22, 25 13
, 24, 23, 6, 17 14
, 4, 43, 3, 40 15
, 0, 47, 2, 45 16
, 13, 34, 2, 45, 19, 28 17
, 1, 46, 4, 42 18
19