{"created":"2025-02-19T10:31:53.435688+00:00","updated":"2025-07-07T04:05:39.828474+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:02000722","sets":["1164:4088:11911:1739958296301"]},"path":["1739958296301"],"owner":"80578","recid":"2000722","title":["デジタル認証アプリサービスAPIの認証認可におけるTEEの活用検討"],"pubdate":{"attribute_name":"PubDate","attribute_value":"2025-02-24"},"_buckets":{"deposit":"c53f822d-1d56-4454-aff1-b3d89e6a0f72"},"_deposit":{"id":"2000722","pid":{"type":"depid","value":"2000722","revision_id":0},"owners":[80578],"status":"published","created_by":80578},"item_title":"デジタル認証アプリサービスAPIの認証認可におけるTEEの活用検討","author_link":[],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"デジタル認証アプリサービスAPIの認証認可におけるTEEの活用検討","subitem_title_language":"ja"},{"subitem_title":"Considering the use of TEE for authentication and authorization of digital authentication app service APIs (","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"IOT","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2025-02-24","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"広島大学先進理工学研究科理工学融合プログラム"},{"subitem_text_value":"広島大学メディアセンター"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/2000722/files/IPSJ-IOT25068036.pdf","label":"IPSJ-IOT25068036.pdf"},"date":[{"dateType":"Available","dateValue":"2027-02-24"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-IOT25068036.pdf","filesize":[{"value":"1.4 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"43"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"e49be02e-d0ea-4ad6-a139-e7198ff89d37","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2025 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"安井,朋輝"}]},{"creatorNames":[{"creatorName":"渡辺,英伸"}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Tomoki Yasui","creatorNameLang":"en"}]},{"creatorNames":[{"creatorName":"Hidenobu Watanabe","creatorNameLang":"en"}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12326962","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8787","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"近年，デジタル庁によるデジタル認証アプリと連携するAPI（デジタル認証アプリサービスAPI）が提供された．このサービスにより，手軽なオンライン本人確認の基盤を推進し，安心・安全なデジタル社会の実現を目指している．一方で，APIのセキュリティ問題が生じており，APIの厳格な認証認可および個人情報の取り扱いが必要不可欠である．本研究では，デジタル認証アプリサービスAPIの認証認可における課題の整理とTEE活用について検討する．TEEとは，プロセッサ内部に安全な実行環境を提供する技術であり，メモリ内の機密データを保護し，信頼できるプログラムの実行を可能にする．TEE内でAPIトークンと利用者の属性情報の取得・検証することで，サーバOSの脆弱性やシステム管理者権限を利用した攻撃などがあった場合でもAPIの不正利用や個人情報の漏洩リスクの低減が期待できる．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"In recent years, the Digital Agency has provided an API （Digital Authentication Application Service API） that integrates with the digital authentication application. This service aims to promote a convenient foundation for online identity verification and realize a safe and secure digital society. However, security issues related to the API have emerged, necessitating strict authentication and authorization as well as proper handling of personal information. This study organizes the challenges in authentication and authorization of the Digital Authentication Application Service API and examines the use of Trusted Execution Environment （TEE）. TEE is a technology that provides a secure execution environment within the processor, protecting sensitive data in memory and enabling the execution of trusted programs. By retrieving and verifying API tokens and user attribute information within the TEE, it is expected to reduce the risk of API misuse and personal information leaks, even in cases where there are vulnerabilities in the server OS or attacks leveraging system administrator privileges.","subitem_description_type":"Other","subitem_description_language":"en"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"8","bibliographic_titles":[{"bibliographic_title":"研究報告インターネットと運用技術（IOT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2025-02-24","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"36","bibliographicVolumeNumber":"2025-IOT-68"}]},"relation_version_is_last":true,"weko_creator_id":"80578"},"id":2000722,"links":{}}