ä»ãã»ãã¥ãªãã£ã¯ãå人ã ãã§ãªãäŒæ¥ã«ãšã£ãŠãæéèŠèª²é¡ã®äžã€ã§ããç¹ã«ãæ å ±æµåºãäžæ£ã¢ã¯ã»ã¹ã®äºé²çãšããŠãå€èŠçŽ èªèšŒïŒMFA: Multi-Factor AuthenticationïŒã®éèŠæ§ãå¢ããŠããŸããæ¬èšäºã§ã¯ãMFAã®æŠèŠããã®éèŠæ§ããããŠå®è£ æ¹æ³ã«ã€ããŠè©³ãã解説ããŸãã
MFAãšã¯ïŒ
MFAã¯ãå©çšè ãæ¬äººã§ããããšã確èªããããã®ã»ãã¥ãªãã£æ段ã§ããIDãšãã¹ã¯ãŒãã ãã§ãªããè€æ°ã®èªèšŒæ¹æ³ãçµã¿åãããããšã§ãã»ãã¥ãªãã£ã匷åããŸãã以äžã®3ã€ã®èŠçŽ ã®ãã¡2ã€ãçµã¿åãããããšãäžè¬çã§ãã2ã€ã®èŠçŽ ãçµã¿åãããå Žåã«ã¯ã2FA (Two-Factor Authentication) ãšåŒã°ããããšããããŸãã
Something you know - ç¥èïŒãã¹ã¯ãŒããPINïŒ
Something you have - ææïŒã»ãã¥ãªãã£ã«ãŒããã¹ããŒããã©ã³ïŒ
Something you are - çäœïŒæçŽãé¡èªèšŒïŒ
MFAã®éèŠæ§ãšã¡ãªãã
MFAã®å°å ¥ã«ããããã¹ã¯ãŒããæŒæŽ©ããŠããŸã£ãå Žåã§ããæªæã®ãã第3è ã«ããäžæ£ã¢ã¯ã»ã¹ã®ãªã¹ã¯ãå€§å¹ ã«è»œæžããããšãã§ããŸããç¹ã«äŒæ¥ã«ãããŠã¯ãåŸæ¥å¡äžäººäžäººã®ã»ãã¥ãªãã£æèãçµç¹å šäœã®ã»ãã¥ãªãã£èæ§ãå·Šå³ãããããMFAã¯æ¥µããŠéèŠãªå¯ŸçãšãããŸãã
MFAãå°å ¥ããããšã«ãã£ãŠã以äžã®ã¡ãªãããåŸãããŸãã
äžæ£ã¢ã¯ã»ã¹ã®é²æ¢ïŒMFAã®å°å ¥ã«ããäžæ£ã¢ã¯ã»ã¹ã®ãªã¹ã¯ãå€§å¹ ã«æžå°ããŸãããã¹ã¯ãŒããæŒæŽ©ããå Žåã§ããè¿œå ã®èªèšŒèŠçŽ ããªããã°ã¢ã«ãŠã³ãã«ã¢ã¯ã»ã¹ã§ããªããããã»ãã¥ãªãã£ãåäžããŸãã
æ å ±æŒæŽ©ãªã¹ã¯ã®è»œæžïŒ MFAã«ãããæ©å¯ããŒã¿ãžã®ã¢ã¯ã»ã¹ãå³æ Œã«å¶åŸ¡ã§ããããã«ãªããäŒæ¥å ã®éèŠãªæ å ±ãå€éšã«æŒãããªã¹ã¯ã軜æžããŸãããªã¢ãŒãã¯ãŒã¯ã®å¢å ã«äŒŽããé©åãªã»ãã¥ãªãã£å¯Ÿçãäžå¯æ¬ ãšãªã£ãŠããŸãã
å©çšè ã®ä¿¡é Œæ§ã®åäžïŒ 顧客ãåŸæ¥å¡ã¯ãã»ãã¥ãªãã£ã匷åãããããšã§ããµãŒãã¹ãã·ã¹ãã ã®å©çšã«å®å¿æãæã€ããšãã§ããŸããããã«ãããé·æçã«ã¯ãŠãŒã¶ãŒæºè¶³åºŠã®åäžããã©ã³ãã€ã¡ãŒãžã®åŒ·åã«å¯äžããŸãã
æ³ä»€éµå®ãšã¬ããã³ã¹ã®åŒ·åïŒ å€ãã®åœãå°åã§ãããŒã¿ä¿è·ã«é¢ããæ³åŸãèŠå¶ã匷åãããŠããŸããMFAãå°å ¥ããããšã§ããããã®æ³ä»€ãèŠå¶ãžã®éµå®ã容æã«ãªããäŒæ¥ã¬ããã³ã¹ã匷åãããŸãã
MFAã®å®è£ æ¹æ³
MFAã®å®è£ ã«ã¯æ§ã ãªæ¹æ³ããããŸãããããã§ã¯ãã®äžããäžè¬çãªå®è£ æ¹æ³ã玹ä»ããŸãã
1. èªèšŒã¢ããªã®å©çš
Google AuthenticatorãAuthyãªã©ã®èªèšŒã¢ããªãå©çšããæ¹æ³ã§ãã
èšå®: ãŠãŒã¶ãã¢ããªãã¹ããŒããã©ã³ã«ã€ã³ã¹ããŒã«ããã¢ããªã察象ã®ã¢ã«ãŠã³ãã«ãªã³ã¯ãããããã«ãQRã³ãŒããã¹ãã£ã³ããŸãã
å©ç¹: ã€ã³ã¿ãŒãããæ¥ç¶ããªããŠãåäœããã»ãã¥ãªãã£ãé«ãã
ãã¡ãªãã: ãŠãŒã¶ãããã€ã¹ãçŽå€±ãããšã¢ã¯ã»ã¹ãé£ãããªãå¯èœæ§ãããã
2. çäœèªèšŒã®æŽ»çš
ã¹ããŒããã©ã³ãPCã«å èµãããŠããæçŽèªèšŒãé¡èªèšŒæ©èœãå©çšããŸãã
èšå®: çäœèªèšŒïŒæçŽãé¡èªèšŒïŒãèšå®ããã«ã¯ã察å¿ããããã€ã¹ãšãœãããŠã§ã¢ãå¿ èŠã§ããçŸåšè²©å£²ãããŠããå€ãã®ã¹ããŒããã©ã³ãPCã¯ããã®æ©èœãæšæºã§ãµããŒãããŠããŸãã
å©ç¹: ãŠãŒã¶ãã¬ã³ããªãŒã§ãè¿œå ã®ããŒããŠã§ã¢ããã¹ã¯ãŒããå¿ èŠãšããªãã
ãã¡ãªãã: äžéšã®ãŠãŒã¶ããã©ã€ãã·ãŒã®æžå¿µãæã€å¯èœæ§ãããããŸããå šãŠã®ããã€ã¹ãçäœèªèšŒããµããŒãããŠããããã§ã¯ãªãã
3. ã»ãã¥ãªãã£ããŒã®å°å ¥
ç©ççãªã»ãã¥ãªãã£ããŒãçšããŠèªèšŒãè¡ãæ¹æ³ã§ãã
èšå®: USBã»ãã¥ãªãã£ããŒãå©çšããã«ã¯ããããããç©çããŒãè³Œå ¥ããããã§ãŠãŒã¶ã«é åžãã察å¿ããããŒãã«æ¿å ¥ããŠã»ããã¢ããããã»ã¹ãå®äºãããŸãã
å©ç¹: é«ãã»ãã¥ãªãã£ã¬ãã«ã®æäŸ
ãã¡ãªãã: ããŒã®çŽå€±ãç Žæã®ãªã¹ã¯ããããã³ã¹ãããããã
4. SMSãŸãã¯ã¡ãŒã«ã«ããèªèšŒ
SMSãã¡ãŒã«ã§ã³ãŒããåä¿¡ããŠèªèšŒãè¡ãæ¹æ³ã§ãã
èšå®: ãŠãŒã¶ãŒã¯æºåž¯é»è©±çªå·ãã¡ãŒã«ã¢ãã¬ã¹ãç»é²ããèªèšŒã³ãŒãã®åä¿¡ãèš±å¯ããŸãã
å©ç¹: è¿œå ã®ã»ããã¢ãããã»ãŒäžèŠã§ãå©çšè ã«ãšã£ãŠã¯æ軜ã
ãã¡ãªãã: SIMã¹ã¯ããæ»æãã¡ãŒã«ã®çèŽã«ãã£ãŠæ¯èŒçç°¡åã«ã³ãŒããçãŸãããªã¹ã¯ãããã
äŒæ¥ã«ãããMFAå°å ¥ã®ã¹ããã
äŒæ¥ã§MFAãå°å ¥ããéã«ã¯ã以äžã®ã¹ããããèžãããšãäžè¬çã§ãã
ããŒãºã®åæ: MFAå°å ¥ã®å¿ èŠæ§ã確èªããé©åãªèªèšŒæ¹æ³ãéžå®ããŸãã
ããªã·ãŒã®çå®: MFAã®å©çšããªã·ãŒãçå®ããåŸæ¥å¡ã«åšç¥ããŸãã
ç°å¢ã®æŽå: å¿ èŠãªã·ã¹ãã ãããŒã«ãæºåããéçšç°å¢ãæŽåããŸãã
æè²ãšãã¬ãŒãã³ã°: MFAã®æ£ããå©çšæ¹æ³ã«ã€ããŠåŸæ¥å¡ã«æè²ã»ãã¬ãŒãã³ã°ãæœããŸãã
è©äŸ¡ãšãã£ãŒãããã¯: MFAã®å¹æãè©äŸ¡ããå¿ èŠã«å¿ããŠæ¹åçãæ€èšããŸãã
ãŸãšã
MFAã¯ãçŸä»£ã®èªèšŒã»ãã¥ãªãã£ã«ãããŠåºç€ãšãªãèŠçŽ ã§ããå人æ å ±ã®ä¿è·ããäŒæ¥ã®è²ŽéãªããŒã¿ãå®ãããã«ãMFAã®ç解ãšå°å ¥ãäžå¯æ¬ ãšãããŸãã
å®å šã§ä¿¡é Œæ§ã®é«ãç°å¢ã®æ§ç¯ã«åããŠãMFAã®å©çšãæ€èšããŸãããïŒ
IIJã¢ã¡ãªã«ã§ã¯ãå æ¬çãªã»ãã¥ãªãã£ãœãªã¥ãŒã·ã§ã³ã®æäŸãšãšãã«ã³ã³ãµã«ããŒã·ã§ã³ãå®æœããŠãããŸãã
èªç€Ÿã®ã»ãã¥ãªãã£ã«äžå®ããããçŸåšã®å®è£ ã§ååãªã®ãç¥ããããMFAãå°å ¥ããããããæ¹ãããããªãããªã©ããæ°è»œã«ãã¡ããããåãåãããã ããã