
蚌ææ©é¢ïŒCAïŒãŸãã¯èªå·±çœ²å蚌ææžããããžã¿ã«èšŒææžãçºè¡ãããã³ã«ãç§å¯ããŒãšå ¬éããŒã®ãã¢ãçæããå¿ èŠããããŸã ã ãã¹ããã©ã¯ãã£ã¹ã«ãããšãç§å¯ããŒã¯ä¿è·ãããŠããå¿ èŠããããŸãã 誰ããåãåã£ãå Žåã蚌ææžã®çš®é¡ã«å¿ããŠãçµç¹ã®èšŒææžãã¢ãã¬ã¹ããŒã«äœ¿çšããŠãã£ãã·ã³ã°ãµã€ããäœæããäŒæ¥ãããã¯ãŒã¯ã§èªåèªèº«ãèªèšŒããããªãã«ãªãããŸããããªãã«ä»£ãã£ãŠã¢ããªã±ãŒã·ã§ã³ãŸãã¯ããã¥ã¡ã³ãã«çœ²åããããæå·åãããã¡ãŒã«ãèªãããšãã§ããŸãã
å€ãã®å Žåãç§å¯ããŒã¯åŸæ¥å¡ã®å人IDïŒãããã£ãŠãçµç¹ã®å人ããŒã¿ã®äžéšïŒã§ãããããç§å¯ããŒãä¿è·ããããšã¯ãçäœèªèšŒæ å ±ã䜿çšããŠæçŽãä¿è·ããããšãšåçã§ãã ããã«ãŒã«æçŽãååŸãããªãã®ã§ããïŒ ç§å¯éµã«ã€ããŠãåãã§ãã
ãã®èšäºã§ã¯ãç§å¯éµãä¿è·ããã³ä¿åããããã®ãªãã·ã§ã³ã«ã€ããŠèª¬æããŸãã åŸã§ãããããã«ããããã®ãªãã·ã§ã³ã¯èšŒææžã®çš®é¡ãšãã®äœ¿çšæ¹æ³ã«ãã£ãŠè¥å¹²ç°ãªãå ŽåããããŸãïŒããšãã°ãSSL / TLS蚌ææžã®æšå¥šäºé ã¯ãšã³ããŠãŒã¶ãŒèšŒææžã®æšå¥šäºé ãšç°ãªããŸãïŒã
OSããã³ãã©ãŠã¶ã®èšŒææž/ããŒã¹ãã¢
äŸïŒWindows蚌ææžã¹ãã¢ãMac OSããŒãã§ãŒã³
äžéšã®ãªãã¬ãŒãã£ã³ã°ã·ã¹ãã ãšãã©ãŠã¶ã«ã¯ã蚌ææžãŸãã¯ããŒã¹ãã¢ããããŸãã ãããã¯ãã³ã³ãã¥ãŒã¿ãŒã®ããŒã«ã«ã«èšŒææžã®äžéšãšããŠç§å¯ããŒãšå ¬éããŒã®ãã¢ãä¿åãããœãããŠã§ã¢ããŒã¿ããŒã¹ã§ãã ãã®ãããªããŒã¹ãã¬ãŒãžã¯éåžžã«äººæ°ããããŸãïŒå€ãã®ã¢ããªã±ãŒã·ã§ã³ã¯ããã§ããŒãããã«èªåçã«æ€çŽ¢ããæ¯å蚌ææžãã¡ã€ã«ãæåã§æå®ããå¿ èŠããªããããããã¯éåžžã«äŸ¿å©ãªãªãã·ã§ã³ã§ãã
ãã®ãªãã·ã§ã³ã®ãã1ã€ã®å©ç¹ã¯ãæ§æãéåžžã«ç°¡åãªããšã§ãã ç§å¯ããŒã®ãšã¯ã¹ããŒããæå¹/ç¡å¹ã«ããä¿¡é Œã§ããä¿è·ïŒèšŒææžã䜿çšãããã³ã«ãã¹ã¯ãŒããå ¥åïŒãæå¹ã«ããç§å¯ããŒããšã¯ã¹ããŒããããå Žåã¯ããã¯ã¢ããã³ããŒãäœæã§ããŸãã ããã«ãWindowsã§ãããã¡ã€ã«ã®ç§»åãæå¹ã«ãããšã蚌ææžããããã¡ã€ã«ã«æ·»ä»ããããã®ãããã¡ã€ã«ã§å¥ã®ã³ã³ãã¥ãŒã¿ãŒã«ãã°ãªã³ãããšãã«äœ¿çšå¯èœã«ãªããŸãã
ãã®ãªãã·ã§ã³ãéžæããå Žåã¯ãããã€ãã®åŽé¢ãèæ ®ããå¿ èŠããããŸãã ãŸããç§å¯ããŒããšã¯ã¹ããŒãäžå¯ãšããŠããŒã¯ããå Žåã§ããäžéšã®ãŠãŒãã£ãªãã£ã¯ãã®ä¿è·ããã€ãã¹ã§ããŸãïŒã€ãŸãããšã¯ã¹ããŒãã§ããªãããšã¯ä¿èšŒãããŸããïŒã ããã«ã誰ããããªãã®ã¢ã«ãŠã³ãã§åããŠããŠã匷åãªç§å¯ããŒä¿è·ïŒèšŒææžã䜿çšãããšãã®ãã¹ã¯ãŒãïŒããªã³ã«ããªãã£ãå Žåã圌ãã¯ããªãã®èšŒææžã䜿çšã§ããŸãã æåŸã«ãç§å¯éµããšã¯ã¹ããŒãå¯èœãšããŠããŒã¯ãããŠããå Žåãã³ã³ãã¥ãŒã¿ãŒã®èª°ããããããšã¯ã¹ããŒãã§ããŸãã ç§å¯éµä¿è·ãæå¹ã«ããŠããå Žåã§ãããšã¯ã¹ããŒãæã«ãã¹ã¯ãŒãã¯èŠæ±ãããŸããã
æåŸã«ãChromeãšIEã¯Windows蚌ææžã¹ãã¢ã䜿çšããŸãããFirefoxã¯ç¬èªã®èšŒææžã¹ãã¢ïŒMozillaããïŒãæã£ãŠããŸãã ã€ãŸãã蚌ææžãWindowsã¹ãã¢ã«ã€ã³ããŒããããšãChromeãšIEã¯èªåçã«ãããèŠã€ããŸãããFirefoxã¯ãããèŠã€ããããŸããã
å žåçãªã¢ããªã±ãŒã·ã§ã³ïŒ
- ããžã¿ã«çœ²åãããã¢ããªã±ãŒã·ã§ã³ïŒAdobe AcrobatãMicrosoft OutlookãOfficeãªã©ã¯ãWindows蚌ææžã¹ãã¢[ã«ã¹ã¿ã ]ã«ã¢ã¯ã»ã¹ããŸãïŒã
- Microsoft IISãµãŒããŒã¯ãWindows蚌ææžã¹ãã¢ïŒã³ã³ãã¥ãŒã¿ãŒã«å ±éïŒã§SSL蚌ææžãæ¢ããŠããŸãã
- ã¯ã©ã€ã¢ã³ãïŒãŠãŒã¶ãŒãŸãã¯ã³ã³ãã¥ãŒã¿ãŒïŒã®èªèšŒã¯ãèšå®ã«å¿ããŠãã»ãšãã©ã®å ŽåWindows蚌ææžã¹ãã¢ã«ã¢ã¯ã»ã¹ããŸãã
- Windowsã§ã®ã³ãŒãã®çœ²åïŒã¢ããªã±ãŒã·ã§ã³ãšãã©ã€ããŒïŒã
.Pfxããã³.jksãã¡ã€ã«ïŒããŒã¹ãã¢ïŒ
PKCSïŒ12ãã¡ã€ã«ïŒ.pfxãŸãã¯.p12ïŒããã³.jks *ïŒJava KeytoolããŒã«ã§äœæïŒã«ã¯ãç§å¯éµãšå ¬ééµãå«ãŸããŠããŸãã OSããã©ãŠã¶ã®ããŒã«ã«ã¹ãã¬ãŒãžãšã¯ç°ãªãããããã®ãã¡ã€ã«ã¯ãªã¢ãŒããµãŒããŒãå«ãã»ãŒã©ãã«ã§ãé 眮ã§ããåžžã«ãã¹ã¯ãŒãã§ä¿è·ãããŸãïŒã€ãŸããç§å¯ããŒã䜿çšãããã³ã«ãã¹ã¯ãŒããå ¥åããå¿ èŠããããŸãïŒã ãã1ã€ã®é åçãªæ©èœïŒãããã¯åãªããã¡ã€ã«ã§ããããã蚌ææžã䜿çšããå¿ èŠãããè€æ°ã®ãŠãŒã¶ãŒã«ç°¡åã«ã³ããŒãéä¿¡ã§ããŸãã
ãªã¢ãŒããµãŒããŒã«ãã¡ã€ã«ãä¿åããå Žåã¯ãç¹ã«ãã¡ã€ã«ãžã®ã¢ã¯ã»ã¹ãå¶éãããã泚æããŠãã ããã 誰ããã¢ã¯ã»ã¹ãååŸããå Žåããã®èšŒææžã䜿çšã§ããŸãã åæ§ã«ããããã®ãã¡ã€ã«ã®ç°¡åãªã³ããŒãšé åžã«ã¯ç¹ã«æ³šæããå¿ èŠããããŸãã ããã¯éåžžã«äŸ¿å©ã§ãããæ»æè ãããŒã¹ãã¢ãžã®ã¢ã¯ã»ã¹æš©ãååŸããå Žåãç°¡åã«ã³ããŒãäœæã§ããŸãã ã³ããŒããããã¡ã€ã«ãå¹ççã«äœ¿çšããã«ã¯ãç§å¯éµã®ãã¹ã¯ãŒããå¿ èŠã§ãã ããã¯ã倧æåãæ°åãç¹æ®æåãå«ã15æå以äžã®åŒ·åãªãã¹ã¯ãŒãã䜿çšãããã1ã€ã®çç±ã§ãã ãã®ã¹ãã¬ãŒãžãªãã·ã§ã³ã§èæ ®ãã¹ãç¹ããã1ã€ãããŸãããšã³ããŠãŒã¶ãŒã¯ããã¡ã€ã«ã®å Žæãšããã¡ã€ã«ãæ£ããæ ŒçŽãããŠãããã©ããã«é¢ããŠãããå€ãã®è²¬ä»»ãè² ããŸãã
æå·åæ©åšãŸãã¯WindowsããŒã¹ãã¢ïŒäžèšãåç §ïŒã䜿çšã§ããªãããïŒã³ã³ãã¥ãŒã¿ãŒã«ããŒã¹ãã¢ãã¡ã€ã«ãé 眮ããã ãã§ãªãïŒã»ãã¥ãªãã£ãé«ãããå Žåã¯ããã®ãã¡ã€ã«ãå®å šãªå Žæã«ããUSBãã©ãã·ã¥ãã©ã€ãã«æžã蟌ãããšãã§ããŸãã ãã¡ãããããã§ã¯ããçšåºŠã®å©äŸ¿æ§ã倱ãããããã眲åãé »ç¹ã«äœ¿çšããå¿ èŠãããå Žåã¯ãã¢ã¯ã»ã¹ã容æã«ããããã«ãã¡ã€ã«ãããŒã«ã«ã«ä¿åããããšããå§ãããŸãã
å žåçãªã¢ããªã±ãŒã·ã§ã³ïŒ
- WindowsãŸãã¯Javaã³ãŒããžã®çœ²åã
- FDA ESGããã³IRS IDESã¯ã.pfxã䜿çšããŠç±³åœæ¿åºæ©é¢ãšå®å šã«éä¿¡ããŸãã
- äžéšã®WebãµãŒããŒïŒApache TomcatãŸãã¯Jbossãªã©ïŒã
*泚ïŒJava ã¯æè¿ ãããã©ã«ãã®ããŒã¹ãã¢ã¿ã€ããšããŠJKSããPKCSïŒ12ã«ç§»è¡ããŸããã
æå·åããŒã¯ã³ãšã¹ããŒãã«ãŒã

å ã»ã©è§Šããããã«ãç§å¯éµãå¥ã®æ©åšã«ä¿åããããšã§ã»ãã¥ãªãã£ã匷åã§ããŸãã ãã ããæå·åããŒã¯ã³ãŸãã¯ã¹ããŒãã«ãŒããšæšæºãã©ãã·ã¥ãã©ã€ãã®äœ¿çšã«ã¯å€§ããªéãããããŸãã æå·åæ©åšã®å ŽåãããŒã¯æ©åšèªäœã§çæããããšã¯ã¹ããŒããããŸããã ç§å¯ããŒãããã€ã¹ããé¢ããããšã¯ãªããããéšå€è ãã¢ã¯ã»ã¹ããŠäŸµå®³ããããšã¯å°é£ã§ãã
泚ïŒæ¢ã«ä»¥åã«çæãããïŒã€ãŸããããŒã¯ã³èªäœã§ã¯ãªãïŒç§å¯ããŒãããã«ä¿è·ããå Žåã¯ã.pfxãã¡ã€ã«ãããŒã¯ã³ã«ã€ã³ããŒãããŠãããå ã®.pfxãåé€ã§ããŸãã
ããŒã¯ã³ã䜿çšãããšã蚌ææžã䜿çšãããã³ã«ãã¹ã¯ãŒããå ¥åããå¿ èŠããããŸãã ããã¯ã誰ããããªãã®ããŒã¯ã³ãåãåã£ãŠãããã¹ã¯ãŒããå¿ èŠã§ããããšãæå³ããŸãã ããŒãããŒã¯ã³ã«ä¿åãããšãè€æ°ã®ã³ããŒãäœæããŠãšã¯ã¹ããŒã/ã€ã³ããŒãããã»ã¹ãå®è¡ããªããŠããè€æ°ã®ã³ã³ãã¥ãŒã¿ãŒã§åã蚌ææžãå®å šã«äœ¿çšã§ããŸãã æå·æ©åšã¯ ãäžéšã®æ¥çããã³æ¿åºã®èŠå¶ã«å¿ èŠãªFIPSã«æºæ ããŠããŸãã
ãã¡ãããéžæããå Žåã¯ãä»ã«ãèæ ®ãã¹ãèæ ®äºé ããããŸãã ããŒã¯ã³ã管çããè¿œå ã®å°é£ã«å ããŠã蚌ææžã䜿çšãããã³ã«ãã¹ã¯ãŒããå ¥åããå¿ èŠãããããããã®ãªãã·ã§ã³ã¯èªåã¢ã»ã³ããªã§ã¯æ©èœããªãå ŽåããããŸãã ãŸããç§å¯ããŒã¯ãšã¯ã¹ããŒããããªãããïŒè¿œå ã®ã»ãã¥ãªãã£ããªãããïŒã蚌ææžãããã¯ã¢ããããæ¹æ³ããããŸããã æåŸã«ãäžéšã®ã·ããªãªã§ã¯ããã®ã¹ãã¬ãŒãžãªãã·ã§ã³ã¯åçŽã«äžå¯èœã§ãã ããšãã°ãç¹æ®ãªããã€ã¹ãããŒã¯ã³ãŸãã¯ã¹ããŒãã«ãŒãããµããŒãããŠããªãå Žåã ãŸãã¯ãåŸæ¥å¡ãã³ã³ãã¥ãŒã¿ãŒã«ç©ççã«ã¢ã¯ã»ã¹ã§ããªããããªã¢ãŒã端æ«ããäœæ¥ããç¶æ³ã
å žåçãªã¢ããªã±ãŒã·ã§ã³ïŒ
ååãšããŠãOS /ãã©ãŠã¶ãŒã®ã¹ãã¬ãŒãžçšã«ãªã¹ããããŠãããã¹ãŠã®ãŠãŒã¹ã±ãŒã¹ïŒããã¥ã¡ã³ããšã³ãŒãã®çœ²åãã¯ã©ã€ã¢ã³ãèªèšŒãWindows IISïŒã¯ãé©åãªãã©ã€ããŒãããå Žåãæå·ããŒã¯ã³ãŸãã¯ã¹ããŒãã«ãŒãããµããŒãããŸãã ãã ããããã¯åžžã«å®çšçã§ã¯ãããŸããïŒããšãã°ãWebãµãŒããŒãã³ãŒãã«çœ²åããããã®èªåãã«ãã·ã¹ãã ã§ã¯ã眲åãé©çšãããã³ã«ãã¹ã¯ãŒããå¿ èŠã«ãªããŸãïŒã
èŠå¶é å®ã¯ãæå·ããŒã¯ã³ã䜿çšããäž»ãªçç±ã®1ã€ã§ãã
- CA / Browserãã©ãŒã©ã ã§æšå¥šãããŠããExtended ValidationïŒEVïŒã³ãŒããžã®çœ²åãå¿ é ã§ãã
- CA Security Councilã®æå°èŠä»¶ã«æºæ ããæšæºã³ãŒã眲åã«æšå¥šãããŸãã èªèšŒå±ã¯ã蚌ææžãçºè¡ããããã®äž»èŠãªãªãã·ã§ã³ãšããŠæå·åæ©åšãæšå¥šããå¿ èŠããããŸãã æå·åæ©åšãçºè¡ãããŠããªãå Žåãã¯ã©ã€ã¢ã³ãã¯ãäžéšã®åãå€ãå¯èœãªæ©åšïŒçœ²ååŸã«åé€ãããïŒã«ç§å¯éµãä¿æããããšã«åæããå¿ èŠããããŸãã
- Adobeæ¿èªæžã¿ä¿¡é Œãªã¹ãïŒAATLïŒã®èŠä»¶ã«åŸã£ãŠãããžã¿ã«çœ²åããã³Adobeããã°ã©ã ã§ã®ä¿¡é Œç¶æ ã®ååŸã«å¿ èŠã§ãã
- FDAã®CFR 21ããŒã11ãåã ã®åœã®ããžã¿ã«çœ²åèŠä»¶ãªã©ã®æ¥çã«ãŒã«ã¯ãææè ã®ã¿ãææããç§å¯ããŒã瀺ããŠããããšããããããŸãã æå·æ©åšã®ã¹ãã¬ãŒãžã¯ãããã®èŠä»¶ãæºãããŠããŸãã
ããŒããŠã§ã¢æå·åã¢ãžã¥ãŒã«ïŒHSMïŒ

HSMã¯å¥ã®ããŒããŠã§ã¢ããŒã¹ãã¬ãŒãžãœãªã¥ãŒã·ã§ã³ã§ããç¹ã«ãåã ã®ããŒã¯ã³ã«äŸåããããªãå Žåããè² æ ã倧ããããå Žåã¯ããã§ãã ããŒã¯ã³ã¯æåå ¥åãŸãã¯åã ã®ã¢ããªã±ãŒã·ã§ã³ïŒããšãã°ãå°éã®ããã¥ã¡ã³ããŸãã¯ã³ãŒããžã®çœ²åãVPNãŸãã¯ãã®ä»ã®ãããã¯ãŒã¯ã§ã®èªèšŒïŒã«éç¹ã眮ããŠããŸãããHSMã¯APIãæäŸããèªååãããã¯ãŒã¯ãããŒãšèªååãããã¢ã»ã³ããªããµããŒãããŸãã ãŸããFIPSèŠä»¶ã«æºæ ããŠãããéåžžã¯ããŒã¯ã³ãããé«ãè©äŸ¡ãæäŸããŸãã
åŸæ¥ãHSMã¯ããŒã«ã«ã®ç©çããã€ã¹ã§ãããåºæ¬çãªèŠä»¶ãšSLAã管çããã³æäŸããããã«é©æ ŒãªãªãœãŒã¹ãå¿ èŠã§ãã HSMãµãŒãã¹ã¯é«äŸ¡ã§æéããããå Žåããããéå»ã«ã¯ãã®æè¡ã®æ®åã劚ããŠããŸããã 幞ããªããšã«ãè¿å¹Žããªã³ãã¬ãã¹ã¡ã³ããã³ã¹ãå¿ èŠãšããã«ãªã³ãã¬ãã¹HSMã®å€ãã®å©ç¹ãæäŸããHSMã¯ã©ãŠãã¢ãžã¥ãŒã«ãç»å ŽããŸããã
ããšãã°ãMicrosoft Azureã¯ã©ãŠãã®äœ¿ãæ £ããKey VaultãµãŒãã¹ã¯ãMicrosoftã®ã¯ã©ãŠãHSMã«æå·åããŒãä¿åããŸãã ç¬èªã®HSMãè³Œå ¥ããŠç®¡çããäœè£ã®ãªãå°èŠæš¡ãªçµç¹ãããå Žåãããã¯GlobalSignãªã©ã®å ¬çèªèšŒæ©é¢ãšçµ±åããåªãããœãªã¥ãŒã·ã§ã³ã§ãã
ããã¥ã¡ã³ãã«çœ²åãããªãã·ã§ã³ãæ€èšããŠããå Žåãæè¿ãæ°ããããžã¿ã«çœ²åãµãŒãã¹ãéå§ããŸãããããã¯ãç§å¯éµã«ãHSMã¯ã©ãŠãã¹ãã¬ãŒãžã䜿çšããŸãã æ°ãããµãŒãã¹ããã¹ãŠã®åŸæ¥å¡ã®åã ã®çœ²åããµããŒãããããšã¯æ³šç®ã«å€ããŸãã ãããŸã§ãã»ãšãã©ã®HSM眲åãœãªã¥ãŒã·ã§ã³ã¯ãéšéãŸãã¯çµç¹ã¬ãã«ïŒç°¿èšãããŒã±ãã£ã³ã°ã財åãªã©ïŒã®èå¥åã®ã¿ããµããŒãããå人ïŒãžã§ã³ããŒãªã©ïŒã¯ãµããŒãããŠããŸããã§ããã ãããã£ãŠãåã ã®åŸæ¥å¡ã®ã¬ãã«ã§äœæ¥ããã«ã¯ãçµç¹ã¯ããŒã¯ã³ã€ã³ãã©ã¹ãã©ã¯ãã£ãå±éããå¿ èŠããããŸãããããã¯ãäžèšã®ããã«è² æ ã倧ããå ŽåããããŸãã ãã®æ°ãããµãŒãã¹ã«ãããåã ã®åŸæ¥å¡ã®ããžã¿ã«çœ²åãå®è£ ãããHSMãåå¥ã«ç®¡çããå¿ èŠããªããªããŸãïŒåŸæ¥å¡ãããŒã¯ã³ã倱ããªã¹ã¯ããªããªããŸãïŒã
å žåçãªã¢ããªã±ãŒã·ã§ã³ïŒ
- 倧éã®ææžãŸãã¯ã³ãŒãã®çœ²åã
- SSLïŒãµãŒããŒæ§æã«äŸåïŒã
- ç¬èªã®CAïŒã«ãŒãCAãäžäœCAãRFC 3161ã¿ã€ã ã¹ã¿ã³ããµãŒããŒïŒããªãã©ã€ã³ãŸãã¯ãªã³ã©ã€ã³ã§éçšããããã®CAã®ã€ã³ãã©ã¹ãã©ã¯ãã£ïŒéåžžãã«ãŒãCAã¯ãªãã©ã€ã³ã§åäœããŸãïŒã
å°æ¥ã®éµä¿ç®¡æ¹æ³
é·å¹Žäœ¿çšãããŠããäž»ãªãªãã·ã§ã³ãæ€èšããŸããã ããããããŒã¹ãã¬ãŒãžãå«ãæ å ±ã»ãã¥ãªãã£ã®äžçã§ã¯ãIoTã®åœ±é¿ãåããªããã®ã¯ãªãããã§ãããããæ°ãããªãã·ã§ã³ãéçºãããŠããŸãã
èªèšŒãšå®å šãªããŒã¿äº€æãå¿ èŠãšãããããã¯ãŒã¯ã«æ¥ç¶ããããã€ã¹ãå¢ããã«ã€ããŠãå€ãã®éçºè ãšã¡ãŒã«ãŒãPKIããŒã¹ã®ãœãªã¥ãŒã·ã§ã³ã«æ³šç®ããŠããŸãã 次ã«ãããã¯ç§å¯éµãä¿è·ããããã®æ°ããèæ ®äºé ãèŠä»¶ãããã³æè¡ã«ã€ãªãããŸãã 以äžã¯ããã®åéã§èŠããã2ã€ã®åŸåã§ãã
ãã©ã¹ããããã©ãããã©ãŒã ã¢ãžã¥ãŒã«ïŒTPMïŒ
TPMã¯ãããèªäœã¯æ°ãããã®ã§ã¯ãããŸããããç§å¯éµã®ä¿è·ã«ãŸããŸã䜿çšãããŠããŸãã ãã©ã¹ããããã©ãããã©ãŒã ã¢ãžã¥ãŒã«ã䜿çšããŠãã«ãŒãããŒãæ ŒçŽïŒãŸãã¯è»¢éïŒããã¢ããªã±ãŒã·ã§ã³ã«ãã£ãŠäœæãããè¿œå ããŒãä¿è·ã§ããŸãã ã¢ããªã±ãŒã·ã§ã³ããŒã¯TPMãªãã§ã¯äœ¿çšã§ããªããããã©ãããããããµãŒããŒãIoTããã€ã¹ã¡ãŒã«ãŒãªã©ã®ãšã³ããã€ã³ãã«ãšã£ãŠéåžžã«äŸ¿å©ãªèªèšŒæ¹æ³ã§ãã å€ãã®ã©ãããããã«ã¯ãã§ã«TPMãæèŒãããŠããŸããããããŸã§ã®ãšããããã®ãã¯ãããžãŒã¯äŒæ¥éšéã§ã¯ããŸãåºã䜿çšãããŠããŸããã ãã ããIoTã®äžçã§ã¯ãããã€ã¹ãããŒããŠã§ã¢ã®ä¿¡é Œã®ã«ãŒããšããŠå®å šã«èå¥ããããã«ãã䜿çšãããŸã ã
IoTã¯ãå€ãã®å¿åã§å¯Ÿè©±ããããã€ã¹ããããã«ãŒãã¡ãã»ãŒãžãååããããããã€ã¹ã«ãªãããŸãããšã容æã«ããåé¡ãåŒãèµ·ãããŸããã çç£æ®µéã§TPMã¢ãžã¥ãŒã«ãå°å ¥ãããæå·åããŒãä¿è·ãããããããã€ã¹ã確å®ã«èå¥ã§ããŸãã
å®åäžã«ãç§å¯éµãšå ¬ééµã®ãã¢ãçæãããŸãã å ¬ééµã¯èªèšŒå±ã«éä¿¡ãããããžã¿ã«èšŒææžã«çœ²åããŠçºè¡ãããŸãã ç§å¯éµãããã€ã¹ããé¢ããããšã¯ãããŸããã ãããã«ä¿åããããšã¯ã¹ããŒã/ã³ããŒ/ç Žå£ããããšã¯ã§ããŸããã ããã§ã蚌ææžã¯ããã€ã¹ã®ãã¹ããŒãã«ãªããä¿è·ãããç§å¯ããŒãä¿¡é Œã®ããŒããŠã§ã¢ã«ãŒãã圢æããŸãã
ã€ã³ãã£ããªã³ãšå¯æ¥ã«é£æºããŠãPKIããŒã¹ã®ããã€ã¹èå¥ãšTPMããŒã¹ã®ä¿¡é Œã®æ ¹ãçµã¿åãããIoTãœãªã¥ãŒã·ã§ã³ãéçºããŠããŸãã 詳现ã«ã€ããŠã¯ãæŠå¿µå®èšŒãInfineonã®GlobalSignããã³OPTIGA TPM蚌ææžã¯ã©ãŠããµãŒãã¹ã«ããå®å šãªèªèšŒãšæ©åšç®¡çããã芧ãã ããã
ç©ççã«è€è£œäžå¯èœãªé¢æ°ïŒPUFïŒ
Physically Nonclonable Feature TechnologyïŒPUFïŒã¯ãããŒä¿è·ã«ããããã©ãã€ã ã·ããã§ãã ããŒãïŒç©ççãªæ»æã®ç¢ºçã§ïŒä¿åãã代ããã«ãç¹å®ã®ãããã®SRAMéçã¡ã¢ãªã®åºæã®ç©çããããã£ããçæãããé»æºããªã³ã«ãªã£ããšãã«ã®ã¿ååšããŸãã ã€ãŸããç§å¯ããŒã®ä¿¡é Œæ§ã®é«ãã¹ãã¬ãŒãžã®ä»£ããã«ãåãããŒãïŒããã€ã¹ãã¯ã©ãã·ã¥ãããŸã§ïŒãªã³ããã³ãã§äœåºŠã埩å ãããŸãã ãã®ããŒã¯ãäžä»£ããããã®ã·ãªã³ã³æ§é ã«åºæã®å¶åŸ¡äžèœãªä¹±ãã䜿çšãããããäžæã§ããããšãä¿èšŒãããŠããŸãã
Trusted Execution EnvironmentïŒTEEïŒãšçµã¿åãããPUFãã¯ãããžãŒã¯ãäœã³ã¹ãã§çµ±åããããã極ããŠå®å šãªããŒä¿è·ã®ããã®é åçãªãœãªã¥ãŒã·ã§ã³ã§ãã PUFãšPKIã¯ãå æ¬çãªèå¥ãœãªã¥ãŒã·ã§ã³ãæ§æããŸãã
ããŒãããŒã®Intrinsic IDã¯ãSRAM PUFã«åºã¥ãããã®ãããªããŒæºåã·ã¹ãã ãéçºããŸããããã®ã·ã¹ãã ã¯ãåœé ãã³ããŒããä¿è·ãããããŒããŠã§ã¢ã§ä¿è·ãããäžæã®ããã€ã¹èå¥åãçæããŸãã èªå®ãµãŒãã¹ã䜿çšããŠããããã®èå¥åãããžã¿ã«IDã«å€æããPKIæ©èœãè¿œå ããŸãã ãããã£ãŠãåããã€ã¹ã«ã¯ããªãç¶æ ã®ããã€ã¹ã«ä¿åãããŠããªãäžæã®ããŒä¿è·ããŒãã¢ãå²ãåœãŠãããŸãããããã€ã¹ã¯èŠæ±ã«å¿ããŠãã®ããŒãåäœæã§ããŸãã ããã«ãããé»æºããªãã®ããã€ã¹ã«å¯Ÿããæ»æããä¿è·ãããŸãã
å ±åèå¥ãœãªã¥ãŒã·ã§ã³ã®è©³çŽ°
IoTããã€ã¹ã«ã€ããŠã¯ãæè¿ã®ãŠã§ãããŒãæ°žç¶çãªSRAM PUF蚌ææžããã€ã¹èå¥åããã芧ãã ããã
ãåãžã®ïŒç§å¯ã®ïŒéµããªãããªãã§ãã ããïŒ
ç§å¯éµã¹ãã¬ãŒãžã¯é»éè¡ã§ãã£ãŠã¯ãªããŸããã æçµçã«ãæ£ãããªãã·ã§ã³ã¯ã誰ãäœã®ããã«èšŒææžã䜿çšããããã©ã®æšæºã«åŸãå¿ èŠãããããäŸ¡æ ŒãçŸåšã®ç°å¢ãããã³å éšãªãœãŒã¹ã«ãã£ãŠç°ãªããŸãã ãã®èšäºãããªãã®æ±ºå®ã«åœ¹ç«ã€ããšãé¡ã£ãŠããŸãã
_______________________________________________________
ããã¢ãŒã·ã§ã³ã°ããŒãã«ãµã€ã³ïŒã¯ã€ã«ãã«ãŒãSSL +ã®ãããšããŠ1幎
1ã€ã®èšŒææžã§ãã¹ãŠã®ãµããã¡ã€ã³ãä¿è·ããŠãã ããïŒ
ã¯ã€ã«ãã«ãŒãSSL蚌ææžã2幎éè³Œå ¥ãããšãæ倧3äžã«ãŒãã«ç¯çŽã§ããŸãïŒ
ããã¢ãŒã·ã§ã³ã³ãŒãïŒWC001HRFR
ãã®ããã¢ãŒã·ã§ã³ã¯ã2018幎6æ15æ¥ãŸã§ã GlobalSignããã°ãµãã¹ã¯ã©ã€ããŒã«å¯ŸããŠæå¹ã§ãã
GlobalSignãããŒãžã£ãŒããé»è©±ã§è¿œå æ å ±ãå ¥æã§ããŸãïŒ+7ïŒ499ïŒ678 2210ãŸãã¯Webãµã€ãã®ãã©ãŒã ã«ããã¢ãŒã·ã§ã³ã³ãŒããèšå ¥ããŠãã ãã ã