Submit Search
Upload
ID連携概要 - OpenID TechNight vol.13
•
14 likes
•
37,215 views
Nov Matake
Follow
ここで話したスライド。 https://openid.doorkeeper.jp/events/29487
Read less
Read more
Technology
Report
Share
Report
Share
1 of 29
Download now
Download to read offline
Recommended
Full stack security
Full stack security
DPC Consulting Ltd
An Introduction to OpenID
An Introduction to OpenID
Max Manders
OpenID Connect 1.0 Explained
OpenID Connect 1.0 Explained
Eugene Siow
Mit 2014 introduction to open id connect and o-auth 2
Mit 2014 introduction to open id connect and o-auth 2
Justin Richer
Getting Started with FIDO2
Getting Started with FIDO2
FIDO Alliance
Securing Single-Page Applications with OAuth 2.0
Securing Single-Page Applications with OAuth 2.0
Prabath Siriwardena
Authentication and Authorization Architecture in the MEAN Stack
Authentication and Authorization Architecture in the MEAN Stack
FITC
OAuth for your API - The Big Picture
OAuth for your API - The Big Picture
Apigee | Google Cloud
Recommended
Full stack security
Full stack security
DPC Consulting Ltd
An Introduction to OpenID
An Introduction to OpenID
Max Manders
OpenID Connect 1.0 Explained
OpenID Connect 1.0 Explained
Eugene Siow
Mit 2014 introduction to open id connect and o-auth 2
Mit 2014 introduction to open id connect and o-auth 2
Justin Richer
Getting Started with FIDO2
Getting Started with FIDO2
FIDO Alliance
Securing Single-Page Applications with OAuth 2.0
Securing Single-Page Applications with OAuth 2.0
Prabath Siriwardena
Authentication and Authorization Architecture in the MEAN Stack
Authentication and Authorization Architecture in the MEAN Stack
FITC
OAuth for your API - The Big Picture
OAuth for your API - The Big Picture
Apigee | Google Cloud
OpenId Connect Protocol
OpenId Connect Protocol
Michael Furman
Securing your APIs with OAuth, OpenID, and OpenID Connect
Securing your APIs with OAuth, OpenID, and OpenID Connect
Manish Pandit
CIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in Action
CloudIDSummit
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId Connect
Saran Doraiswamy
OAuth2 and Spring Security
OAuth2 and Spring Security
Orest Ivasiv
QA Fest 2019. Диана Пинчук. Тестирование аутентификации и авторизации (AuthN ...
QA Fest 2019. Диана Пинчук. Тестирование аутентификации и авторизации (AuthN ...
QAFest
Webauthn Tutorial
Webauthn Tutorial
FIDO Alliance
The Client is not always right! How to secure OAuth authentication from your...
The Client is not always right! How to secure OAuth authentication from your...
Mike Schwartz
CIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID Connect
CloudIDSummit
Authorization and Authentication using IdentityServer4
Authorization and Authentication using IdentityServer4
Aaron Ralls
Microservices Manchester: Security, Microservces and Vault by Nicki Watt
Microservices Manchester: Security, Microservces and Vault by Nicki Watt
OpenCredo
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for Beginners
Salesforce Developers
Protecting web APIs with OAuth 2.0
Protecting web APIs with OAuth 2.0
Vladimir Dzhuvinov
Securing APIs using OAuth 2.0
Securing APIs using OAuth 2.0
Adam Lewis
Implementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking Site
David Keener
Understanding OpenID
Understanding OpenID
Prabath Siriwardena
Spring security oauth2
Spring security oauth2
axykim00
In graph we trust: Microservices, GraphQL and security challenges
In graph we trust: Microservices, GraphQL and security challenges
Mohammed A. Imran
Php security common 2011
Php security common 2011
10n Software, LLC
OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?
Oliver Pfaff
OpenID Connect 入門 〜コンシューマーにおけるID連携のトレンド〜
OpenID Connect 入門 〜コンシューマーにおけるID連携のトレンド〜
Masaru Kurahayashi
今更聞けないOAuth2.0
今更聞けないOAuth2.0
Takahiro Sato
More Related Content
What's hot
OpenId Connect Protocol
OpenId Connect Protocol
Michael Furman
Securing your APIs with OAuth, OpenID, and OpenID Connect
Securing your APIs with OAuth, OpenID, and OpenID Connect
Manish Pandit
CIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in Action
CloudIDSummit
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId Connect
Saran Doraiswamy
OAuth2 and Spring Security
OAuth2 and Spring Security
Orest Ivasiv
QA Fest 2019. Диана Пинчук. Тестирование аутентификации и авторизации (AuthN ...
QA Fest 2019. Диана Пинчук. Тестирование аутентификации и авторизации (AuthN ...
QAFest
Webauthn Tutorial
Webauthn Tutorial
FIDO Alliance
The Client is not always right! How to secure OAuth authentication from your...
The Client is not always right! How to secure OAuth authentication from your...
Mike Schwartz
CIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID Connect
CloudIDSummit
Authorization and Authentication using IdentityServer4
Authorization and Authentication using IdentityServer4
Aaron Ralls
Microservices Manchester: Security, Microservces and Vault by Nicki Watt
Microservices Manchester: Security, Microservces and Vault by Nicki Watt
OpenCredo
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for Beginners
Salesforce Developers
Protecting web APIs with OAuth 2.0
Protecting web APIs with OAuth 2.0
Vladimir Dzhuvinov
Securing APIs using OAuth 2.0
Securing APIs using OAuth 2.0
Adam Lewis
Implementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking Site
David Keener
Understanding OpenID
Understanding OpenID
Prabath Siriwardena
Spring security oauth2
Spring security oauth2
axykim00
In graph we trust: Microservices, GraphQL and security challenges
In graph we trust: Microservices, GraphQL and security challenges
Mohammed A. Imran
Php security common 2011
Php security common 2011
10n Software, LLC
OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?
Oliver Pfaff
What's hot
(20)
OpenId Connect Protocol
OpenId Connect Protocol
Securing your APIs with OAuth, OpenID, and OpenID Connect
Securing your APIs with OAuth, OpenID, and OpenID Connect
CIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in Action
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId Connect
OAuth2 and Spring Security
OAuth2 and Spring Security
QA Fest 2019. Диана Пинчук. Тестирование аутентификации и авторизации (AuthN ...
QA Fest 2019. Диана Пинчук. Тестирование аутентификации и авторизации (AuthN ...
Webauthn Tutorial
Webauthn Tutorial
The Client is not always right! How to secure OAuth authentication from your...
The Client is not always right! How to secure OAuth authentication from your...
CIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID Connect
Authorization and Authentication using IdentityServer4
Authorization and Authentication using IdentityServer4
Microservices Manchester: Security, Microservces and Vault by Nicki Watt
Microservices Manchester: Security, Microservces and Vault by Nicki Watt
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for Beginners
Protecting web APIs with OAuth 2.0
Protecting web APIs with OAuth 2.0
Securing APIs using OAuth 2.0
Securing APIs using OAuth 2.0
Implementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking Site
Understanding OpenID
Understanding OpenID
Spring security oauth2
Spring security oauth2
In graph we trust: Microservices, GraphQL and security challenges
In graph we trust: Microservices, GraphQL and security challenges
Php security common 2011
Php security common 2011
OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?
Viewers also liked
OpenID Connect 入門 〜コンシューマーにおけるID連携のトレンド〜
OpenID Connect 入門 〜コンシューマーにおけるID連携のトレンド〜
Masaru Kurahayashi
今更聞けないOAuth2.0
今更聞けないOAuth2.0
Takahiro Sato
OAuth認証について
OAuth認証について
Yoshifumi Sato
なぜOpenID Connectが必要となったのか、その歴史的背景
なぜOpenID Connectが必要となったのか、その歴史的背景
Tatsuo Kudo
ID連携のあるとき~、ないとき~ #エンプラ編
ID連携のあるとき~、ないとき~ #エンプラ編
Takashi Yahata
OpenID ConnectとSCIMの標準化動向
OpenID ConnectとSCIMの標準化動向
Tatsuo Kudo
エンタープライズITでのOpenID Connect利用ガイドライン
エンタープライズITでのOpenID Connect利用ガイドライン
Tatsuo Kudo
Viewers also liked
(7)
OpenID Connect 入門 〜コンシューマーにおけるID連携のトレンド〜
OpenID Connect 入門 〜コンシューマーにおけるID連携のトレンド〜
今更聞けないOAuth2.0
今更聞けないOAuth2.0
OAuth認証について
OAuth認証について
なぜOpenID Connectが必要となったのか、その歴史的背景
なぜOpenID Connectが必要となったのか、その歴史的背景
ID連携のあるとき~、ないとき~ #エンプラ編
ID連携のあるとき~、ないとき~ #エンプラ編
OpenID ConnectとSCIMの標準化動向
OpenID ConnectとSCIMの標準化動向
エンタープライズITでのOpenID Connect利用ガイドライン
エンタープライズITでのOpenID Connect利用ガイドライン
More from Nov Matake
#idcon vol.29 - #fidcon WebAuthn, Next Stage
#idcon vol.29 - #fidcon WebAuthn, Next Stage
Nov Matake
FedCM - OpenID TechNight vol.19
FedCM - OpenID TechNight vol.19
Nov Matake
Safari (ITP) & Chrome (SameSite=Lax as default) が Federation に与える影響 - OpenID ...
Safari (ITP) & Chrome (SameSite=Lax as default) が Federation に与える影響 - OpenID ...
Nov Matake
Sign in with Apple
Sign in with Apple
Nov Matake
FIDO @ LINE - #idcon vol.24
FIDO @ LINE - #idcon vol.24
Nov Matake
W3C Web Authentication - #idcon vol.24
W3C Web Authentication - #idcon vol.24
Nov Matake
NIST SP 800-63C - Federation and Assertions (FINAL)
NIST SP 800-63C - Federation and Assertions (FINAL)
Nov Matake
OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016
OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016
Nov Matake
NIST SP 800-63C #idcon vol.22
NIST SP 800-63C #idcon vol.22
Nov Matake
NIST SP 800-63-3 #idcon vol.22
NIST SP 800-63-3 #idcon vol.22
Nov Matake
ID連携入門 (実習編) - Security Camp 2016
ID連携入門 (実習編) - Security Camp 2016
Nov Matake
ミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idcon
ミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idcon
Nov Matake
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
Nov Matake
FIDO alliance #idcon vol.18
FIDO alliance #idcon vol.18
Nov Matake
OpenID Connect 101 @ OpenID TechNight vol.11
OpenID Connect 101 @ OpenID TechNight vol.11
Nov Matake
池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014
池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014
Nov Matake
OAuth認証再考からのOpenID Connect #devlove
OAuth認証再考からのOpenID Connect #devlove
Nov Matake
ID & IT 2013 - OpenID Connect Hands-on
ID & IT 2013 - OpenID Connect Hands-on
Nov Matake
JWT Translation #technight
JWT Translation #technight
Nov Matake
MIT-KIT Intro at #idcon sattelite
MIT-KIT Intro at #idcon sattelite
Nov Matake
More from Nov Matake
(20)
#idcon vol.29 - #fidcon WebAuthn, Next Stage
#idcon vol.29 - #fidcon WebAuthn, Next Stage
FedCM - OpenID TechNight vol.19
FedCM - OpenID TechNight vol.19
Safari (ITP) & Chrome (SameSite=Lax as default) が Federation に与える影響 - OpenID ...
Safari (ITP) & Chrome (SameSite=Lax as default) が Federation に与える影響 - OpenID ...
Sign in with Apple
Sign in with Apple
FIDO @ LINE - #idcon vol.24
FIDO @ LINE - #idcon vol.24
W3C Web Authentication - #idcon vol.24
W3C Web Authentication - #idcon vol.24
NIST SP 800-63C - Federation and Assertions (FINAL)
NIST SP 800-63C - Federation and Assertions (FINAL)
OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016
OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016
NIST SP 800-63C #idcon vol.22
NIST SP 800-63C #idcon vol.22
NIST SP 800-63-3 #idcon vol.22
NIST SP 800-63-3 #idcon vol.22
ID連携入門 (実習編) - Security Camp 2016
ID連携入門 (実習編) - Security Camp 2016
ミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idcon
ミスコンとプライバシー ~ IdentityDuck誕生秘話 ~ #idcon
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
FIDO alliance #idcon vol.18
FIDO alliance #idcon vol.18
OpenID Connect 101 @ OpenID TechNight vol.11
OpenID Connect 101 @ OpenID TechNight vol.11
池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014
池澤あやかと学ぼう!: はじめてのOAuthとOpenID Connect - JICS 2014
OAuth認証再考からのOpenID Connect #devlove
OAuth認証再考からのOpenID Connect #devlove
ID & IT 2013 - OpenID Connect Hands-on
ID & IT 2013 - OpenID Connect Hands-on
JWT Translation #technight
JWT Translation #technight
MIT-KIT Intro at #idcon sattelite
MIT-KIT Intro at #idcon sattelite
Recently uploaded
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
ThousandEyes
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
shyamraj55
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
BookNet Canada
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Ridwan Fadjar
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
naman860154
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
naman860154
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
gurkirankumar98700
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The Digital Insurer
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
Results
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
HampshireHUG
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Maria Levchenko
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
Pooja Nehwal
Recently uploaded
(20)
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
ID連携概要 - OpenID TechNight vol.13
1.
ID Nov Matake
2.
NOV MATAKE • Security
Engineer, GREE Inc. • Evangelist, OpenID Foundation Japan • Interested in.. • Digital Identity • Privacy • Security
3.
4.
ENTITY & IDENTITY •
EXGEN Networks • ID&IT 2015 • OIDF EIWG • 185 cm • 50 ( ) • •
5.
Entity ( ) Identity
( ) 1 Entity Identity Identity
6.
AUTHENTICATION Entity Identity
7.
AUTHENTICATION OK
8.
AUTHORIZATION 20
9.
ACCESS CONTROL Authentication + Authorization + Audit (logging)
10.
IDENTITY PROOFING Identity (
)
11.
IDENTITY PROOFING SMS
12.
IDENTITY PROOFING
13.
IDENTITY PROOFING Identity Proofing “
” proof
14.
15.
ID ?
16.
17.
• Facebook • Facebook
Disqus • Disqus • Facebook? ? • Disqus Facebook • Entity <=> Facebook Identity <=> Disqus Identity • Entity <=> Disqus Identity
18.
• Facebook • UID
12345 Disqus 19:15 • Disqus • Facebook • • • Facebook UID 12345 @nov
19.
• Facebook Disqus •
Disqus • Email • Authorization • ( , , etc.) • Disqus
20.
ID = +
21.
• IDP :
Identity Provider • + • Facebook • RP : Relying Party • + IdP / • Disqus
22.
ID
23.
CVR • • • IdP
24.
• RP • ID •
100 Services => 100 Passwords • ID • IdP x 1 + RP x 99 => 1 Password •
25.
–Eric Sachs, Google “ 100 ”
26.
PROOFED ATTRIBUTES (SMS /
Call) :
27.
ID
28.
? • IdP RP
? • nickname ? • Authorization ? • ? ? • ID
29.
RP • OAuth 1.0
/ OAuth 2.0 / OpenID Connect IdP • OAuth 1.0/2.0 IdP • Server-Side App Native App Native App Backend JS App •
Download now