{"links":{},"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:02002608","sets":["581:11839:11845"]},"path":["11845"],"owner":"80578","recid":"2002608","title":["携帯電話番号の再利用がSMS認証にもたらすリスクに関する調査"],"pubdate":{"attribute_name":"PubDate","attribute_value":"2025-06-15"},"_buckets":{"deposit":"81243336-5390-4969-b2d1-87f5561e3e6e"},"_deposit":{"id":"2002608","pid":{"type":"depid","value":"2002608","revision_id":0},"owner":"80578","owners":[80578],"status":"published","created_by":80578},"item_title":"携帯電話番号の再利用がSMS認証にもたらすリスクに関する調査","author_link":[],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"携帯電話番号の再利用がSMS認証にもたらすリスクに関する調査","subitem_title_language":"ja"},{"subitem_title":"Study on the Risks Posed to SMS Authentication by Reuse of Mobile Phone Numbers","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"[一般論文（推薦論文）] SMS認証，リスク分析，システムセキュリティ","subitem_subject_scheme":"Other"}]},"item_type_id":"2","publish_date":"2025-06-15","item_2_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"立命館大学大学院情報理工学研究科"},{"subitem_text_value":"立命館大学情報理工学部"}]},"item_2_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Graduate School of Information Science and Engineering, Ritsumeikan University","subitem_text_language":"en"},{"subitem_text_value":"College of Information Science and Engineering, Ritsumeikan University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/2002608/files/IPSJ-JNL6606014.pdf","label":"IPSJ-JNL6606014.pdf"},"date":[{"dateType":"Available","dateValue":"2027-06-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-JNL6606014.pdf","filesize":[{"value":"3.1 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"8"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"22df6e66-4a3a-4ea3-8732-6e75f28346a4","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2025 by the Information Processing Society of Japan"}]},"item_2_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"後藤,貫太"}]},{"creatorNames":[{"creatorName":"上原,哲太郎"}]}]},"item_2_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Kanta Goto","creatorNameLang":"en"}]},{"creatorNames":[{"creatorName":"Tetsutaro Uehara","creatorNameLang":"en"}]}]},"item_2_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN00116647","subitem_source_identifier_type":"NCID"}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_6501","resourcetype":"journal article"}]},"item_2_publisher_15":{"attribute_name":"公開者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"item_2_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"1882-7764","subitem_source_identifier_type":"ISSN"}]},"item_2_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"情報システムやWebサービスに対する個人認証は，パスワードのような記憶による認証が主流であるが，フィッシングによる被害が広がっているため，所有による認証や生体認証などを組み合わせる多要素認証の必要性が広く認知されるようになった．電話回線の所有による認証として機能し，登録済みの携帯電話番号に乱数などを送信して認証するSMS認証は広く利用されている．しかし，携帯電話番号の割当て制度や本人確認の手続きは国によって異なり，その運用によりSMS認証の安全性に影響を及ぼす可能性がある．本研究では日本における携帯電話番号割当て制度に起因する携帯番号の再利用が，SMS認証に与える影響とそのリスクについてシミュレーションを用いて調査し，定量的に評価する．また，評価をもとに，携帯電話番号の再利用が与える脅威への対策の検討と，脅威軽減策の提案をする．シミュレーションの結果，解約された番号のうち50%以上が3年以内に再利用されることが示され，注意喚起を行うなど，5つの脅威軽減策を提案した．","subitem_description_type":"Other"}]},"item_2_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"In information systems and web services, personal authentication relies on knowledge-based methods such as passwords. However, the rise of phishing attacks has highlighted the need for multi-factor authentication, which combines authentication factors such as ownership and biometrics. SMS authentication, which functions through ownership verification by sending random numbers or codes to a registered mobile phone number, is widely used. However, the security of SMS authentication can be affected by the mobile phone numbering systems and identity verification procedures, which vary from country to country. This study investigates the risks of mobile number recycling, arising from the mobile phone number assignment systems in Japan, on the security of SMS authentication. Simulations are used to quantitatively assess these risks. The results of the simulation indicate that more than 50% of canceled numbers are recycled within three years. Based on this evaluation, we propose four threat mitigation strategies, including awareness raising, to address the risks posed by mobile number recycling.","subitem_description_type":"Other"}]},"item_2_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"976","bibliographic_titles":[{"bibliographic_title":"情報処理学会論文誌"}],"bibliographicPageStart":"962","bibliographicIssueDates":{"bibliographicIssueDate":"2025-06-15","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"6","bibliographicVolumeNumber":"66"}]},"relation_version_is_last":true,"item_2_identifier_registration":{"attribute_name":"ID登録","attribute_value_mlt":[{"subitem_identifier_reg_text":"10.20729/0002002608","subitem_identifier_reg_type":"JaLC"}]},"weko_creator_id":"80578"},"created":"2025-06-09T01:12:13.203735+00:00","updated":"2025-06-09T01:12:20.188980+00:00","id":2002608}