Model - based Ubiquitous Service Architectureにおける利用権動的管理技術

全文

(1)Model-based Ubiquitous Service Architecture ߦ߅ߌࠆ೑↪ᮭേ⊛▤ℂᛛⴚ દ⮮⺈ᖗ␹ᚭ㓷৻਄㊁ᱜᏈἏญᶈ⟵ዊᨋㅘ ੹ᓟ, ޽ࠄࠁࠆ႐ᚲߢᯏེ߿ࠨ࡯ࡆࠬ߇೑↪ߢ߈ࠆ࡙ࡆࠠ࠲ࠬࠦࡦࡇࡘ࡯࠹ࠖࡦࠣⅣႺ߇ᢛ஻ߐࠇ ߡ޿ߊߦᓥ޿, ᓥ᧪ߩࠃ߁ߦ୘ੱ߹ߚߪ⚵❱߇ᯏེ߿ࠨ࡯ࡆࠬࠍᚲ᦭ߔࠆߣ޿߁᭎ᔨߦઍࠊࠅ, ᯏེ ߿ࠨ࡯ࡆࠬࠍ೑↪ߔࠆᮭ೑, ߔߥࠊߜ೑↪ᮭ߇ᔅⷐߦᔕߓߡേ⊛ߦઃਈߐࠇࠆߣ޿߁᭎ᔨ߇ቯ⌕ߔࠆ ߣ੍ᗐߐࠇࠆ. ᚒ‫ߪޘ‬਄⸥ߩࠃ߁ߥ࡙ࡆࠠ࠲ࠬⅣႺታ⃻ߦะߌߚࠕ࡯ࠠ࠹ࠢ࠴ࡖ Model-based Ubiquitous Service Architecture ࠍឭ᩺ߒߡ޿ࠆ. ᧄⓂߢߪ MUSA ߦ߅ߌࠆ೑↪ᮭ᧦ઙ⸥ㅀᣇᑼߦߟ ޿ߡᣢሽߩᮡḰࠕࠢ࠮ࠬ೙ᓮ⸥ㅀ⸒⺆ߢ޽ࠆ XACML (eXtensibleAccess Control Markup Language) ߣߎࠇࠍၮᧄߣߒߚ᧦ઙ್ቯࡕ࠺࡞ߩㆡ↪ᤨߩ໧㗴ὐࠍ᣿ࠄ߆ߦߒ, ೑↪ᮭ▤ℂߦะߌߚᦨㆡߥࡕ࠺ ࡞ߦߟ޿ߡឭ᩺ߔࠆ. Managing permission to use for computing and service resources on MUSA Seigo ITO Masakazu KANBE Masami UENO Hiroyoshi TAKIGUCHI Toru KOBAYASHI. As ubiquitous computing technology (ex. services and resources can use everywhere) increasingly becomes a part of our daily life, we predict a change uses of services and resources from possession to utilization on demand. In this paper we present MUSA, a Model-based Ubiquitous Service Architecture system for managing and circulating permission to use. MUSA operates by dynamic decisioning and collecting permission to use information. We present results of verification that demonstrate the ability of MUSA's decision model to manage permission to use with eXtensible Access Control Markup Language (XACML). 1. 2. ߪߓ߼ߦ ㄭ ᐕ , Ubiquitous Computing 1 , Pervasive. ೑↪ᮭ▤ℂᛛ ▤ℂᛛⴚ. 2.1 ೑↪ᮭ▤ℂᛛⴚߩᔅ ೑↪ᮭ▤ ᛛⴚߩᔅⷐᕈ. Computing, Nomadic Computing ╬, ᭽‫ࠦߥޘ‬. ੹ᓟ, ⺕߽߇ߐ߹ߑ߹ߥ႐ᚲߢ, ᯏེ߿ࠨ࡯ࡆ. ࡦ࠮ࡊ࠻ߩరߦᰴ਎ઍߩᖱႎⅣႺߩ᭴▽ߦะߌ. ࠬ╬ߩࠦࡦࡇࡘ࡯࠹ࠖࡦࠣ⾗Ḯ߇೑↪น⢻ߣߥ. ߚ ⎇ ⓥ ߇ ᵴ ⊒ ߦ ⴕ ࠊ ࠇ ߡ ޿ ࠆ . ଀ ߃ ߫ , Easy. ࠆ࡙ࡆࠠ࠲ࠬⅣႺ߇ታ⃻ߐࠇࠆߦᓥ޿, ᓥ᧪ߩࠃ. Living. 2. (Microsoft), Pervasive Computing. (IBM), Cool Town (SONY),. ߁ߦ୘ੱ߹ߚߪ⚵❱߇ᯏེ߿ࠨ࡯ࡆࠬߦኻߔࠆ. FEEL. ᚲ᦭ᮭࠍขᓧߒ೑↪ߔࠆߣ޿߁᭎ᔨߦઍࠊࠅ, ᯏ. Sentient. ེ߿ࠨ࡯ࡆࠬߦኻߔࠆ೑↪ᮭࠍᔅⷐߦᔕߓߡข. 4 (Hewlett-Packard),. OXYGEN. Computing 6. 3. 5. (MIT),. (AT&T), STONE. 7 (᧲ᄢ),. Smart. ᓧߒ೑↪ߔࠆߣ޿߁᭎ᔨ߇ቯ⌕ߔࠆߣᚒ‫ߪޘ‬⠨. Space 8 (ᘮᄢ)╬, ᄙߊߩࡊࡠࠫࠚࠢ࠻߇ㅴⴕਛ. ߃ࠆ㧔࿑ 1㧕. ଀߃߫, ࡙࡯ࠩߪ಴ᒛవߩࡆ࡞ߦ⸳. ߢ޽ࠅ, ૏⟎ᖱႎ߿ⅣႺᖱႎߥߤߩ࠮ࡦࠨ࡯ߩ⎇. ⟎ߐࠇߡ޿ࠆή✢ LAN ߿౏ⴐ PC ╬ߩ೑↪ᮭࠍ. ⓥ߆ࠄ᭽‫ࠬࠗࡃ࠺ߥޘ‬਄ߢߩࠨ࡯ࡆࠬㅪ៤߹ߢ. ৻ᤨ⊛ߦขᓧߔࠆߎߣߦࠃࠅ, ಴ᒛవߢߩࠦࡦࡇ. ⎇ⓥߩኻ⽎ߪ㕖Ᏹߦᄙጘߦࠊߚߞߡ޿ࠆ. ߎߩࠃ. ࡘ࡯࠹ࠖࡦࠣ⾗Ḯߩ೑↪߇น⢻ߣߥࠆ. ߹ߚ,. ߁ߥ⎇ⓥ߇ታ↪ൻߐࠇࠆߦᓥߞߡ, ࡀ࠶࠻ࡢ࡯ࠢ. 㚞࡮ⓨ᷼ߦ߅޿ߡᤨ㑆ߩ૛⵨߇޽ࠆ႐วߦ, ㆇⴕ. ਄ߦሽ࿷ߔࠆ޽ࠄࠁࠆࠦࡦ࠹ࡦ࠷߿ࠕࡊ࡝ࠤ࡯ ࡚ࠪࡦߣ޿ߞߚࠦࡦࡇࡘ࡯࠹ࠖࡦࠣ⾗Ḯ߿ታ਎ ⇇ߦ߅ߌࠆࡕࡁ߇޿ߟߢ߽ߤߎߢ߽೑↪น⢻ߣ ߥࠅߟߟ޽ࠆ.. ᔅⷐ䈮ᔕ䈛䈩೑↪ᮭ䉕 ขᓧ. B䈘䉖䈱 ᚲ᦭ᯏེ. ೑↪ᮭ. ೑↪⠪=ᚲ᦭⠪. ೑↪ᮭ A䈘䉖䈱 ᚲ᦭ᯏེ. ೑↪⠪=ᚲ᦭⠪. ೑↪ᮭ. NTT ᖱႎᵹㅢࡊ࡜࠶࠻ࡈࠜ࡯ࡓ⎇ⓥᚲ NTT Information Sharing Platform Laboratories. ೑↪⠪=ᚲ᦭⠪ ೑↪ ᚲ᦭⠪. ೑↪⠪㻛ᚲ᦭ ೑↪⠪㻛 ᚲ᦭⠪. ᚲ᦭ᮭ䈱਎⇇. ೑↪ᮭ䈱਎⇇. ࿑1:ᚲ᦭䈎䉌೑↪䈻䈱䊌䊤䉻䉟䊛䉲䊐䊃.

(2) ࠴ࠤ࠶࠻ࠍ଻ᜬߔࠆ࡙࡯ࠩߦߪ৻ᤨ⊛ߦ࠺ࠖࠬ. ߎߩ೑↪ᮭߪᮭ೑߇ⴕ૶ߐࠇࠆ㓙ߩࡊࡠࡈࠔࠗ. ࡊ࡟ࠗ߿࠲࡯ࡒ࠽࡞ߢߩ Web 㑛ⷩࠍ⸵นߔࠆߣ. ࡞߿ⅣႺᖱႎߩ⁁ᘒߦᔕߓߡ, ࡙࡯ࠩ߇⸵นߐ. ޿ߞߚ೑↪ࠪ࡯ࡦ߇⠨߃ࠄࠇࠆ. ᚒ‫ࠍࠇߎߪޘ‬. ࠇࠆⴕὑ߇ᄌࠊࠆ. ߎߩ଀ߢߪᣂᐙ✢ߩਸ਼ゞ₸. ‫ޟ‬ᚲ᦭߆ࠄ೑↪߳ߩࡄ࡜࠳ࠗࡓࠪࡈ࠻‫ߣޠ‬๭ࠎߢ. ߩ⁁ᘒߦᔕߓߡ೑↪ᮭߩⴕ૶นุ߇ᄌൻߒߡ޿. ޿ࠆ. ߎࠇࠄ೑↪ᮭ▤ℂᛛⴚߩ⹜ߺߣߒߡᤓᐕᐲ,. ࠆ.. ‫ޟ‬೑↪ᮭု⋥⛔วࠪࠬ࠹ࡓ9‫ߡ޿ߟߦޠ‬ᬌ⸛ߣ⹜૞. ೑↪ᮭߩ⚵ߺวࠊߖ ߺวࠊߖ x ೑↪ᮭߩ. ࠍⴕ޿, ࠦࡦࡇࡘ࡯࠹ࠖࡦࠣ⾗Ḯߩേ⊛ߥ೑↪ࠍ. ᔅⷐߦᔕߓߡ୘೎ߩ೑↪ᮭࠍขᓧߒߘࠇࠄࠍ. ⴕ߁㓙ߩⷐઙߣߒߡ‫ޟ‬Join & Use, Exclusive. ⚵ߺวࠊߖࠆߎߣߦࠃࠆࠕ࠼ࡎ࠶ࠢߥㅪ៤ࠨ࡯. Access Control‫ࠍޠ‬᣿ࠄ߆ߦߒߡ߈ߚ. ⃻࿷, ᚒ‫ޘ‬. ࡆࠬᯏ⢻. ଀߃߫‫ߦ⊛ᤨ৻ޟ‬಴ᒛవߩળ⼏ቶࠍ. ߪ‫ޟ‬ᚲ᦭߆ࠄ೑↪߳ߩࡄ࡜࠳ࠗࡓࠪࡈ࠻‫ߩ߳ޠ‬ᵹ. ೑↪ߔࠆ႐วߦ, ળ⼏ቶߩ೑↪ߣ޿߁೑↪ᮭߦ. ࠇ ࠍ ⿠ ߎ ߔ ߎ ߣ ࠍ ⋡ ⊛ ߣ ߒ , Model-Based. ߪ, ஻߃ઃߌ⸘▚ᯏ೑↪ߩߚ߼ߩ೑↪ᮭ, ࡊࡠ. Ubiquitous Service Architecture. ࠫࠚࠢ࠲ߩ೑↪ᮭ, ࡊ࡝ࡦ࠲ߩ೑↪ᮭߣ޿ߞߚ. 1013 . (MUSA). ߘࠇߙࠇߩࡕࡁࠍ೑↪ߔࠆߚ߼ߩ೑↪ᮭ߿, ળ. ࠍឭ᩺ߒᬌ⸛ࠍㅴ߼ߡ޿ࠆ. ᣢሽߩ೑↪ᮭ೑▤ℂ ᮭ೑▤ℂࠪࠬ࠹ࡓ ࠬ࠹ࡓ 2.2 ᣢሽߩ೑. ⼏ቶߩ೑↪ጁᱧෳᾖ, ળ⼏ቶߩࠬ࠻࡟࡯ࠫࠨ࡯. ࡀ࠶࠻ࡢ࡯ࠢ਄ߦሽ࿷ߔࠆࠦࡦࡇࡘ࡯࠹ࠖࡦ. ࡆࠬ, ળ⼏ቶߩή✢ LAN ೑↪ߣ޿ߞߚߘࠇߙ. ࠣ⾗Ḯ߿, ታ਎⇇ߦ߅ߌࠆ⾗Ḯߩ೑↪ᮭࠍᵹㅢߐ. ࠇߩࠨ࡯ࡆࠬࠍ೑↪ߔࠆߚ߼ߩ೑↪ᮭ߇฽߹ࠇ. ߖࠆ೑↪ᮭ▤ℂߩߚ߼ߩᣢሽ㑐ㅪࠪࠬ࠹ࡓߣߒ. ߡ޿ࠆ. ‫ߚߞ޿ߣޠ‬೑↪ᮭߩ᳓ᐔ⛔วߩ଀߇޽. ߡ, Flex. Ticket11(NTT)߿. Light. Holder12(NEC). ߇޽ࠆ. ߎࠇࠄߩࠪࠬ࠹ࡓߪਥߦએਅߩᯏ⢻ࠍታ. ࠆ. x ࡙ࡆࠠ࠲ ࡙ࡆࠠ࠲ࠬ⾗Ḯߩ▤ ⾗Ḯߩ▤ℂ ࡀ࠶࠻ࡢ࡯ࠢ, ࠦࡦ࠹ࡦ࠷, ࠕࡊ࡝ࠤ࡯࡚ࠪ. ⃻ߒߡ޿ࠆ. x ৻ᗧᕈࠍ ৻ᗧᕈࠍᜬߟᮭ೑ߩ ߟᮭ೑ߩ▤ℂၮ⋚ᯏ ℂၮ⋚ᯏ⢻. ࡦߣ޿ߞߚࠦࡦࡇࡘ࡯࠹ࠖࡦࠣ⾗Ḯߦ㑐ߔࠆ೑. , ᮭ೑ቯ⟵ᖱႎ߿ዻᕈቯ. ↪ᮭ▤ℂߛߌߢߪߥߊ, ታ㓙ߩ‛ℂ⊛ߥࡕࡁ߿. ⟵ᖱႎࠍઃਈߒߡ೑↪ߔࠆߚ߼ߩᮭ೑▤ℂၮ⋚. ࡅ࠻ߣߩࠗࡦ࠲࡜࡚ࠢࠪࡦᣇᑼ߿ᬌ⍮ᣇᑼࠍ฽. ᯏ⢻. ଀߃߫‫ ࠻࡯ࠨࡦࠦޟ‬C Ꮸߩ࠴ࠤ࠶࠻‫ޠ‬ ‫ޟ‬േ. ߼ߚ, ࡙ࡆࠠ࠲ࠬ⾗Ḯ▤ℂߩߚ߼ߩ౒ㅢࡈ࡟࡯. ‛࿦౉႐ߩߚ߼ߩ࠴ࠤ࠶࠻‫․ߩ╬ޠ‬ቯߩᗧ๧ࠍ. ࡓࡢ࡯ࠢᯏ⢻. ৻ᗧᕈࠍ߽ߟᮭ೑ࠍ. ᜬߟᮭ೑ࠍቯ⟵ߒ▤ℂ㨯೑↪ߔࠆ. x ៤Ꮺ࠺ࡃࠗࠬߦࠃࠆ ៤Ꮺ࠺ࡃ ࠬߦࠃࠆᮭ೑ᵹㅢᯏ ೑ᵹㅢᯏ⢻ IC ࠞ࡯࠼߿៤Ꮺ㔚⹤ߥߤߦ㔚ሶ⊛ߥᮭ೑ࠍ ᩰ⚊ߒ, ࡙࡯ࠩ߇ᮭ೑ࠍᜬߜᱠ߈, ߐ߹ߑ߹႐ ᚲߢᮭ೑ࠍⴕ૶ߢ߈ࠆᯏ⢻.. ߎߩࠃ߁ߥᯏ⢻ࠍᗐቯߒߡ, ⃻࿷ᚒ‫߇ޘ‬㐿⊒ߒߡ ޿ࠆࠪࠬ࠹ࡓ, MUSA ߦߟ޿ߡ⺑᣿ߔࠆ. 2.3 MUSA MUSA. 13. (Model-based Ubiquitous Service. Architecture)ߣߪ, ࡙࡯ࠩ, ࠦࡦࡇࡘ࡯࠹ࠖࡦࠣ. ߎࠇࠄᣢሽߩ೑↪ᮭ▤ℂࠪࠬ࠹ࡓ߇ឭଏߔࠆᯏ. ⾗Ḯ, ࡕࡁ, ߘߩઁⅣႺᖱႎ╬ߩࡊࡠࡈࠔࠗ࡞ᖱ. ⢻ߦട߃ߡ, ᚒ‫ߪޘ‬ᰴߩᯏ⢻ࠍᗐቯߒߡ޿ࠆ.. ႎߩ⁁ᘒߦᔕߓߡ, ⾗Ḯ೑↪ᮭߩⴕ૶್ቯࠍേ⊛. ᔕߓߚᮭ೑ x ⅣႺ߿࡙࡯ࠩߩ⁁ᘒ ⅣႺ߿࡙ ࠩߩ⁁ᘒߦᔕߓߚᮭ. ߦⴕ޿, ᮭ೑ࠍ▤ℂߔࠆ, ೑↪ᮭ▤ℂߩߚ߼ߩࠕ. ೑↪ᮭ▤ℂࡊ࡜࠶࠻ࡈࠜ࡯ࡓߦࠃࠅ⊒ⴕߐࠇ. ࡯ࠠ࠹ࠢ࠴ࡖߢ޽ࠆ. MUSA ߢߪ Web ࠨ࡯ࡆࠬ,. ߚᮭ೑߇, ⴕ૶ߐࠇࠆ㓙ߩⅣႺᖱႎ, ࡙࡯ࠩᖱ. ࠦࡦ࠹ࡦ࠷, ࠕࡊ࡝ࠤ࡯࡚ࠪࡦ, ࡀ࠶࠻ࡢ࡯ࠢߣ. ႎ, ߘߩઁ࠺ࡃࠗࠬߩᖱႎߩᄌൻߦᔕߓߡ, ೑. ޿ߞߚᓥ᧪ߩࠦࡦࡇࡘ࡯࠹ࠖࡦࠣ⾗Ḯ೑↪ᮭ▤. ↪น⢻ߥᮭ೑ߩ▸࿐߇േ⊛ߦᄌൻߒ, ߘࠇࠄࠍ. ℂߛߌߢߪߥߊ, RFID ╬ࠍᵴ↪ߒታ਎⇇ߩࡕࡁ,. ೙ᓮߔࠆᯏ⢻. ଀߃߫ᣂᐙ✢ߩ⥄↱Ꮸߩ೑↪ᮭ. ࡅ࠻߽฽߼ߚ࡙ࡆࠠ࠲ࠬⅣႺߦ߅ߌࠆ೑↪ᮭ▤. ࠍ଀ߦ⠨߃ࠆߣ‫↱⥄ޟ‬Ꮸߩ೑↪ᮭߪ, ਸ਼ゞ₸߇. ℂ߽ᗐቯߒߡ޿ࠆ.. 100%એਅߩ႐ว, ᒰ⹥ᣂᐙ✢ߩ⥄↱Ꮸߦਸ਼ゞ. ℂߩߚ߼ߩࠕ࡯ࠠ࠹ࠢ࠴ࡖߢ޽ࠆߚ߼ᮭ೑ࠍ▤. ߔࠆߎߣ߇಴᧪ࠆ߇, 100%એ਄ߩ႐วߪᒰ⹥ゞ. ℂߔࠆ޽ࠄࠁࠆ႐㕙ߢ೑↪ߔࠆߎߣ߇ߢ߈ࠆ. ࿑. ਔߦਸ਼ゞߔࠆߎߣߪ಴᧪ߕ, ઁߩ೉ゞߢ೑↪ᮭ. 2 ߪ MUSA ߇ኻ⽎ߣߔࠆ೑↪ᮭ▤ℂߩ᭎ⷐ࿑ߢ. ࠍⴕ૶ߒߥߌࠇ߫ߥࠄߥ޿. ‫ࠆߥߣ଀߁޿ߣޠ‬.. ޽ࠆ. ࿑ 2 ߦ߅޿ߡ࡙࡯ࠩߪࡀ࠶࠻ࡢ࡯ࠢ, ࠦࡦ. MUSA ߪ᳢↪⊛ߥ೑↪ᮭ▤.

(3) 䊝䊉䊶䊍䊃䉕฽䉃䊡䊎䉨䉺䉴ⅣႺ䈱೑↪ᮭ▤ℂ. ࠗࡦ࠲࡜࡚ࠢࠪࡦ߿, ታ㓙ߩࡕࡁߩត⍮ᣇᑼࠍ. 䉮䊮䊏䊠䊷䊁䉞䊮䉫⾗Ḯ䈱೑↪ᮭ▤ℂ. ฽߼ߚࡕࡁ▤ℂᣇᑼ. ਄⸥⺖㗴ߩ߁ߜ, ᧄⓂߢߪ‫ޟ‬೑↪᧦ઙ⸥ㅀᣇᑼ‫ޠ‬ ‫ޟ‬೑↪᧦ઙ್ቯᣇᑼ‫ࠍޠ‬ኻ⽎ߣߔࠆ. ࡕࡁ▤ℂᣇ. 䊈䉾䊃䊪䊷䉪 NW. ᑼߦߟ޿ߡߪ, RFID ᛛⴚ↪ߩㆡ↪ࠍᗐቯߔࠆ.. ೑↪ᮭ 䉮䊮䊁䊮䉿䋨ᖱႎ䋩. 3. ೑↪ᮭ 䉝䊒䊥䉬䊷䉲䊢䊮. 䊝䊉. ೑↪ᮭ▤ ೑↪ᮭ▤ℂߦ߅ߌࠆ ߦ߅ߌࠆ೑↪᧦ઙ⸥ ↪᧦ઙ⸥ㅀ ᚒ‫ߪޘ‬೑↪ᮭߩ೑↪᧦ઙ್ቯߩߚ߼ߩᨒ⚵ߺ. 䊍䊃. ߣߒߡ, ࠕࠢ࠮ࠬ೙ᓮ⸥ㅀߩᮡḰ઀᭽ߢ޽ࠆ eXtensible Access Control Markup Language. ࿑2䋺MUSA䈏ኻ⽎䈫䈜䉎೑↪ᮭ▤ℂ. ࠹ࡦ࠷, ࠕࡊ࡝ࠤ࡯࡚ࠪࡦߣ޿ߞߚࠦࡦࡇࡘ࡯࠹ ࠖࡦࠣ⾗Ḯ, ࡕࡁ╬ߩ೑↪ࠍⴕ߁႐วߪᔅⷐߦᔕ ߓߡ೑↪ᮭࠍขᓧߔࠆ. ଀߃߫ࡕࡁߩ೑↪ᮭࠍⴕ ૶ߔࠆ㓙ߦߪ, ᯏེߦၒ߼ㄟ߹ࠇߚ⹺⸽↪ߩ࠮ࠠ ࡘࠕ IC ࠴࠶ࡊߦࠃࠆᯏེࡊࡠࡈࠔࠗ࡞ᖱႎ, ࡙ ࡯ࠩߩᱜᒰᕈࠍ଻⸽ߔࠆ IC ࠞ࡯࠼ߦࠃࠆ࡙࡯ࠩ ࡊࡠࡈࠔࠗ࡞ᖱႎ, ߘߩઁⅣႺᖱႎ, ߘࠇߙࠇࠍ ೑↪ߒᯏེ⹺⸽, ࡙࡯ࠩ⹺⸽, ೑↪ᮭⴕ૶್ቯࠍ ⴕ߁. MUSA ߦ߅ߌࠆ೑↪ᮭⴕ૶್ቯࡕ࠺࡞ࠍ⴫ߒ ߚ߽ߩ߇࿑ 3 ߢ޽ࠆ. ೑↪ᮭߩਛߩ೑↪ᮭ᧦ઙㇱ ߩ᧦ઙᖱႎߦᓥ޿೑↪ᮭߩⴕ૶ᤨߦ, േ⊛ߦ೑↪ ್ቯࠍⴕ߁. MUSA ߦ߅޿ߡ 2.2 ▵ߩⷐ᳞᧦ઙᯏ ⢻ࠍታ⃻ߔࠆ㓙ߩ⺖㗴ߣߒߡએਅߩ߽ߩ߇᜼ߍ ࠄࠇࠆ. ⅣႺᖱႎ. (XACML)ㆡ↪ࠍᗐቯߒߡ޿ࠆ. XACML ߪ 2003 ᐕ 2 ᦬ߦᮡḰൻ࿅૕ OASYS ߩᮡḰߣߒߡ൘๔ߐ ࠇߡ߅ࠅ, ࿑ 4 ߩࠃ߁ߦᣢሽᮡḰᛛⴚߣ㕖Ᏹߦᷓ ޿㑐ଥ߇޽ࠆ. ߹ߚ, XACML ߪⶄ㔀ߥ᧦ઙ್ᢿ ࠍኈᤃߦታ⃻ߢ߈᜛ᒛᕈ߽㜞޿. ଀߃߫, ㅢᏱ OS ߥߤ߇ឭଏߒߡ޿ࠆࠕࠢ࠮ࠬ೙ᓮߢߪ࡙࡯ࠩ ߿ࠣ࡞࡯ࡊߦኻߒߡ⺒ߺ࡮ᦠ߈࡮ታⴕߩ⸵น࡮ਇ ⸵น⒟ᐲߩ೙ᓮߩߺߢ޽ࠆߩߦኻߒ XACML ߢ ߪ᧦ઙ್ቯߦ↪޿ࠆⷐ⚛ߩᜰቯ߿, ⷐ⚛ߩ୯ࠍᲧ セߔࠆṶ▚ᣇᴺ, ኻ⽎േ૞ߥߤࠍࡐ࡝ࠪߣߒߡ⸥ ㅀߒᜰቯߔࠆߎߣ߇಴᧪ࠆ. ߎߩߚ߼ MUSA ߩ ࠃ߁ߦࡊࡠࡈࠔࠗ࡞ߩ⁁ᘒߦᔕߓߡߐ߹ߑ߹ߥ ᧦ઙ್ቯࠍⴕ߁ᨒ⚵ߺߦ㕖Ᏹߦㆡߒߡ޿ࠆߚ߼ XACML ࠍណ↪ߒߚ. ೑↪ᮭߦ㑐ߔࠆ᧦ઙ್ቯㇱ ࠍ XACML ߢ⸥ㅀߒߚ႐วߩ଀ࠍ࿑ 5 ߦ␜ߔ. .net Passport. LDAP. ⅣႺ䊒䊨䊐䉜䉟䊦. Liberty Alliance. ┵ᧃ䊒䊨䊐䉜䉟䊦. ೑↪. 䊒䊨䊐䉜䉟䊦䊒䊨䊐䉜䉟䊦䊡䊷䉱䊒䊨䊐䉜䉟䊦 ┵ᧃ䈱೑↪ᮭ ೑↪ᮭ. 䊡䊷䉱. MUSA ᧦ઙ್ቯ ᯏ᭴. ್ቯ ⚿ᨐ. ┵ᧃ. XAuth S2ML. ೨り. SAML. ⹺⸽䊶ዻᕈᖱႎ䇮䉝䉪䉶䉴೙ᓮᖱ ႎ䉕વ㆐䈜䉎䈢䉄䈱䊒䊨䊃䉮䊦. ੕䈇䈮ㅪ៤䈚䈩೑↪䈜䉎䈖䈫䉕ᗐቯ. XACML. 2003ᐕOASYS൘๔. XACL. 2000ᐕIBM䈏㐿⊒ XACML䈱೨り. ೑↪ᮭ᭴ᚑ᭎ⷐ ฦ⒳IDㇱ (೑↪ᮭID䇮⊒ⴕ⠪ID╬) ೑↪ᮭ᧦ઙㇱ ᥧภ㑐ㅪㇱ䋨㎛╬䋩 ⟑ฬ. ⟑ฬኻ⽎㗔ၞ. ࿑3䋺೑↪ᮭⴕ૶䊝䊂䊦䈫೑↪ᮭ᭴ᚑ࿑. x ೑↪᧦ઙ⸥ㅀᣇᑼ. ࿑4䋺XACML䈫㑐ㅪᛛⴚ ઁߩઍ⴫⊛ߥᮭ೑⸥ㅀ㑐ㅪߩᨒ⚵ߺߣߒߡߪ. ೑↪᧦ઙ㧔೑↪ᮭ㧕ߦ㑐ߔࠆ⛔৻⊛ߥ⸥ㅀᣇ. IETF ߢ ᮡ Ḱ ൻ ߐ ࠇ ߡ ޿ ࠆ VTS 14 㧔 Voucher. ᑼ.. Trading System㧕߇޽ࠆ. VTS ߢߪ୘‫ߩޘ‬ଔ୯ᵹ. x ೑↪᧦ઙ್ቯᣇᑼ. ㅢࠪࠬ࠹ࡓ⁛⥄ߩࡊࡠ࠻ࠦ࡞ࠍ㓝⭁ߒߡ⛔৻ߒ. ޽ࠄࠁࠆ႐ᚲߦ߅޿ߡ೑↪ᮭ߇ⴕ૶ߐࠇࠆน. ߚ API ࠍቯ⟵ߒ, ਥߦ GVL 㧔Generic Voucher. ⢻ᕈߩ޽ࠆ೑↪ᮭ▤ℂࠪࠬ࠹ࡓߦ߅ߌࠆ೑↪᧦. Language㧕ߦࠃࠆᮭ೑⥄りߩᖱႎߩ⸥ㅀᣇᑼߣ. ઙ್ቯᣇᑼ.. ᮭ೑ᵹㅢߩࡊࡠ࠻ࠦ࡞ߦߟ޿ߡᷓߊᬌ⸛ߐࠇߡ. x ࡕࡁ▤ℂᣇᑼ. ޿ࠆ. ߒ߆ߒ, MUSA ߩࠃ߁ߥࡊࡠࡈࠔࠗ࡞ࡌ࡯. ೑↪ᮭ߇ⴕ૶ߐࠇࠆࡕࡁߦߟ޿ߡ, ࡕࡁߣߩ. ࠬߦࠃࠆ೑↪ᮭ᧦ઙ್ቯࠍⴕ߁႐ว, ᧦ઙ್ቯᑼ.

(4) ࠍࡐ࡝ࠪߣߒߡኈᤃߦ⸥ㅀߢ߈ࠆ XACML ߇ࠃ. ߦߪ޿ߊߟ߆ߩ⺖㗴߇޽ࠆ. XACML ߇ᗐቯߒߡ. ࠅᅷᒰߢ޽ࠆߣ⠨߃ߚߚ߼੹࿁ߪ XACML ࠍ↪. ޿ࠆࠕࠢ࠮ࠬ೙ᓮࡕ࠺࡞ߢߪ, ਥߦ Web ࠨ࡯ࡃ. ޿ߚ.. ਄ߩ⾗Ḯߦኻߔࠆࠕࠢ࠮ࠬ೙ᓮࠍ⋡⊛ߣߒߡ߅. <?xml version="1.0" encoding="UTF-8"?> <Policy PolicyId="urn:pflab:scdrm:xacml:policy:test:T001“ RuleCombiningAlgId="urn:oasis:xacml:1.0:rule-combining-algorithm:deny-overrides"> <Description>೑↪ᮭ䈱⸥ㅀ଀</Description> <Target> <Subject>ኻ⽎ਥ૕䈱ᜰቯ</Subject> ೑↪ᮭ䈱 <Resource>ኻ⽎⾗Ḯ䈱ᜰቯ</Resource> ኻ⽎䉕ᜰቯ <Action>ኻ⽎േ૞䈱ᜰቯ</Action> </Target> <Condition>േ૞ਥ૕䊶ኻ⽎⾗Ḯ䊶ኻ⽎േ૞એᄖ䈱ⅣႺᖱႎ╬䈱᧦ઙ⸥ㅀ</Condition> <Rule RuleId="urn:pflab:xacml:test:0001:rule" Effect="Permit"> <Target>䊦䊷䊦1䈮㑐䈜䉎േ૞ਥ૕䊶ኻ⽎⾗Ḯ䊶ኻ⽎േ૞䈱ᜰቯ</Target> ೑↪ᮭ䈮㑐䊶䊶䊶䋨䊦䊷䊦䋱䈮㑐䈜䉎್ቯ䊨䉳䉾䉪䊶ኻ⽎ⷐ⚛䊶Ṷ▚ᣇᴺ╬䈱ᜰቯ䋩䊶䊶䊶䊶䊶䈜䉎᧦ઙ್ቯ </Rule> 䈱䊨䉳䉾䉪䉕 <Rule RuleId="urn:pflab:xacml:test:0002:rule" Effect=“Deny"> ᜰቯ <Target>䊦䊷䊦2䈮㑐䈜䉎േ૞ਥ૕䊶ኻ⽎⾗Ḯ䊶ኻ⽎േ૞䈱ᜰቯ</Target> 䊶䊶䊶䊶䊶䋨䊦䊷䊦䋱䈮㑐䈜䉎್ቯ䊨䉳䉾䉪䊶ኻ⽎ⷐ⚛䊶Ṷ▚ᣇᴺ╬䈱ᜰቯ䋩䊶䊶䊶䊶䊶 </Rule> </Policy>. ࿑5䋺XACML䈮䉋䉎೑↪ᮭ⸥ㅀ. XACML. 15 16. (eXtensible. Access. Control. Markup Language)ߣߪ, ࡀ࠶࠻ࡢ࡯ࠢ਄ߩᄙ᭽ ߥ⾗Ḯߦኻߔࠆᨵエߢ᜛ᒛᕈߩ޽ࠆࡐ࡝ࠪ⸥ㅀ ઀᭽╬ࠍቯ߼ߚ XML ࠲ࠣ࠮࠶࠻ߢ޽ࠆ. XACML ߩࡕ࠺࡞ߪએਅߩേ૞ਥ૕ࠃࠅ᭴ᚑߐࠇࠆ. x PDP (Policy Decision Point) ቯ߼ࠄࠇߚࡐ࡝ࠪߦᓥ޿. , ␜ߐࠇߚࠕࠢ࠮ࠬ. ⷐ᳞߇ᱜߒ޿ᮭ㒢ࠍᜬߟ߽ߩ߆ࠍ್ᢿࠍߒ, ࠕ ࠢ࠮ࠬⷐ᳞ߦኻߔࠆ⸵นਇ⸵นࠍ್ᢿߔࠆਥ૕ x PEP (Policy Enforcement Point) . ⴕ߁ࠢ࡜ࠗࠕࡦ࠻߇᣿⏕ߦಽ߆ࠇߡ޿ࠆࡕ࠺࡞ ߢ޽ࠆ. ࠢ࡜ࠗࠕࡦ࠻ߪ࡙࡯ࠩᖱႎ╬ߩࡊࡠࡈࠔ ࠗ࡞ᖱႎࠍ࡙࡯ࠩ߆ࠄขᓧߒ, ࠨ࡯ࡃ਄ߦሽ࿷ߔ ࠆ⾗Ḯ߳ߩⷐ᳞ࠍࡊࡠࡈࠔࠗ࡞ᖱႎߣߣ߽ߦ࡝ ࠢࠛࠬ࠻ᢥߣߒߡㅍାߔࠆ. ࠨ࡯ࡃ஥ߢߪࠢ࡜ࠗ ࠕࡦ࠻ࠃࠅฃାߒߚ࡝ࠢࠛࠬ࠻ᢥߣ⥄り߇଻ᜬ ߔࠆࡐ࡝ࠪᢥࠍ⹏ଔߒ್ቯ⚿ᨐࠍ㄰ାߔࠆ. 4. 3.1 XACML ߩ᭎ⷐ . ࠅ, ࠕࠢ࠮ࠬ೙ᓮࠍⴕ߁ࠨ࡯ࡃߣࠕࠢ࠮ࠬⷐ᳞ࠍ. ࠕࠢ࠮ࠬⷐ᳞⠪߆ࠄߩࠕࠢ࠮ࠬⷐ᳞ࠍฃߌߡ PDP ߦኻ⽎࡝࠰࡯ࠬ߳ߩࠕࠢ࠮್ࠬᢿࠍଐ㗬 ߒ, PDP ߇್ቯߒߚ⚿ᨐߦᔕߓߡࠕࠢ࠮ࠬ೙ᓮ ࠍታⴕߔࠆਥ૕. ೑↪ᮭᵹㅢ ೑↪ᮭᵹㅢߦ߅ߌࠆ೑ ߦ߅ߌࠆ೑↪ᮭ᧦ઙ್ ↪ᮭ᧦ઙ್ቯᣇᑼߣ ቯᣇᑼߣ ⺖㗴. ᚒ‫߇ޘ‬ᗐቯߔࠆ೑↪ᮭ▤ℂࠪࠬ࠹ࡓߪ , ߤߎ ߢ߽࡙࡯ࠩ߇⒖േߔࠆవ‫ߢޘ‬, ࠦ࠹ࡦ࠷࡮ࠕࡊ࡝ ࠤ࡯࡚ࠪࡦߣ޿ߞߚࠦࡦࡇࡘ࡯࠹ࠖࡦࠣ⾗Ḯ, ࠨ࡯ࡆࠬ, ࡀ࠶࠻ࡢ࡯ࠢ, ࡕࡁࠍ೑↪ߢ߈ࠆ࡙ࡆ ࠠ࠲ࠬⅣႺࠍᗐቯߒߡ߅ࠅ, ೑↪ᮭ᧦ઙ್ቯߪ ࠨ࡯ࡃ਄ߛߌߣߪ㒢ࠄߕ޽ࠄࠁࠆࡠ࡯ࠞ࡞┵ᧃ ਄ߢⴕࠊࠇࠆ. ޽ࠆ⒟ᐲᱜᒰᕈ߇଻⸽ߐࠇߡ޿ ࠆࠨ࡯ࡃߣ㆑޿ోߡߩࡠ࡯ࠞ࡞┵ᧃ਄ߢߩ᧦ઙ ್ቯߪෂ㒾ߢ޽ࠆ. ߎߩࠃ߁ߦ೑↪ᮭ▤ℂࠪࠬ ࠹ࡓߦ߅޿ߡߪ, ┵ᧃ࡮ࠨ࡯ࡃ໧ࠊߕ޽ࠄࠁࠆ႐ ᚲߢ೑↪ᮭ᧦ઙ್ቯࠍⴕ߁ߩߢ, ᧦ઙ್ቯߩߚ ߼ߩⅣႺᖱႎ߿୘ੱᖱႎ╬ߩࡊࡠࡈࠔࠗ࡞ᖱႎ ߇┵ᧃ╬߳᛽಴ߐࠇࠆߩߪࡊ࡜ࠗࡃࠪ࡯଻⼔਄ ᅢ߹ߒߊߥ޿.. x PAP (Policy Administration Point) ࡝࠰࡯ࠬߦኻߔࠆࡐ࡝ࠪ߿ࡐ࡝ࠪ࠮࠶࠻ࠍ↢ ᚑߒ PDP ߳ឭଏߔࠆਥ૕. 4.1 ೑↪ᮭ▤ ೑↪ᮭ▤ℂߩ᧦ઙ್ ߩ᧦ઙ್ቯࠕ࡯ࠠ࠹ ࠕ࡯ࠠ࠹ࠢ࠴ࡖ 4.1.1 ᧦ઙ್ቯ ᧦ઙ್ቯࠕ࡯ࠠ࠹ࠢ ࡯ࠠ࠹ࠢ࠴ࡖߩⷐઙ ࡖߩⷐઙ ࿑ 6 ߦ␜ߒߚᓥ᧪ࠕ࡯ࠠ࠹ࠢ࠴ࡖߩ႐ว, ࠨ࡯. x PIP (Policy Information Point) ࡝࠰࡯ࠬ߿࡝ࠢࠛࠬ࠻ਥ૕╬ߦ㑐ߔࠆዻᕈᖱ ႎࠍឭଏߔࠆਥ૕. ࡃ਄ߢ᧦ઙ್ቯࠍⴕ߁ߚ߼ࠨ࡯ࡃ߽ߒߊߪ┵ᧃ ߳ࡊࡠࡈࠔࠗ࡞ᖱႎ╬ࠍㅍାߔࠆᔅⷐ߇޽ࠆ. ೨ ㅀߩ⺖㗴ࠍ⠨ᘦߔࠆߣ, ೑↪ᮭ▤ℂߦ߅ߌࠆ೑↪ ᮭ᧦ઙ್ቯߪ, ࡙࡯ࠩ߿┵ᧃߦ㑐ߔࠆࡊࡠࡈࠔࠗ. 㽴䊥䉪䉣䉴䊃. 㽳䉝䉪䉶䉴ⷐ᳞. PEP. 㽷್ቯ. 㽵ዻᕈᖱႎⷐ᳞. PDP. PIP. ࡞ᖱႎࠍᛒ߁ߩߢ, ਇᔅⷐߥਥ૕߳ᖱႎࠍឭଏߔ ࠆߎߣߥߊ, ࡙࡯ࠩ߇଻ᜬߔࠆ⠴࠲ࡦࡄ㗔ၞߢ᧦. 㽶ዻᕈᖱႎㅍା. 㽸್ቯ⚿ᨐ. ઙ್ቯ╬ߩಣℂࠍⴕ߁ߎߣ߇ᦸ߹ߒ޿. ೑↪ᮭ▤. 䊡䊷䉱䊑䊤䉡䉱╬. 㽲䊘䊥䉲ㅍା. PAP. Web䉰䊷䊋. ℂߦ߅޿ߡ࡙࡯ࠩߪߐ߹ߑ߹ߥ႐ᚲߦ⒖േߒߡ, ⒖േߒߚవ‫ߢࡦࠗ࡜ࡦࠝߪߚ߹࡞ࠞ࡯ࡠߢޘ‬೑. ࿑6:Webᢥᦠ䈮䈍䈔䉎XACML䉝䉪䉶䉴೙ᓮ䊐䊨䊷. ↪ᮭࠍⴕ૶ߔࠆ. ߎߩߚ߼น៝ᕈ߇㜞ߊࡂ࡯࠼࠙. ߎࠇࠄߩേ૞ਥ૕ߩၮᧄേ૞ߩ࠺࡯࠲ࡈࡠ࡯. ࠚࠕ⠴࠲ࡦࡄᯏ⢻ࠍᜬߟ IC ࠞ࡯࠼߿ MOPSS17ࠞ. ߇࿑ 6 ߢ޽ࠆ. XACML ߩၮᧄ⊛ߥᨒ⚵ߺࠍ,. ࡯࠼╬ߩਛߦ೑↪ᮭ᧦ઙ್ቯ↪ߩࡕࠫࡘ࡯࡞ࠍ. ᚒ‫߇ޘ‬ᗐቯߒߡ޿ࠆ೑↪ᮭᵹㅢ߳ㆡ↪ߒߚ႐ว. ㈩⟎ߒߚ೑↪ᮭ᧦ઙ್ቯࡕ࠺࡞ࠍឭ᩺ߔࠆ..

(5) 4.1.2 ឭ᩺ࡕ࠺ ឭ᩺ࡕ࠺࡞. 4.1.3 ೑↪ᮭ᧦ ೑↪ᮭ᧦ઙ್ቯࡕ࠺ ್ቯࡕ࠺࡞. ࿑ 7 ߪ IC-Chip ਄ߢ೑↪ᮭ᧦ઙ್ቯࠍⴕ߁ࡕ࠺. ឭ᩺ࡕ࠺࡞ࠍ฽߻ᣢሽ೑↪ᮭ᧦ઙ್ቯࡕ࠺࡞ࠍ. ࡞ߩ᭎ⷐ࿑ߢ޽ࠆ. ၮᧄࠕࠗ࠺ࠕߪ◲ẖߥ߽ߩߢ. એਅߦ␜ߔ. ࡕ࠺࡞ߣߒߡߪ, ߤߩਥ૕߇೑↪ᮭ. ޽ࠅ‫ޟ‬೑↪ᮭ᧦ઙ್ቯߩߚ߼ߩⷐ⚛ᖱႎߪᔅⷐߩ. ߩ᧦ઙ್ቯࠍⴕ߁߆ߦࠃࠅಽ㘃ࠍⴕ޿, ‫ࡃ࡯ࠨޟ‬. ߥ޿႐วߪ, ၮᧄ⊛ߦ⠴࠲ࡦࡄ㗔ၞߩᄖㇱ߳಴ߐ. ್ቯࡕ࠺࡞‫ޠ‬ ‫್ᧃ┵ޟ‬ቯࡕ࠺࡞‫ޟޠ‬IC-Chip ್ቯࡕ. ߥ ޿ ‫ ࠆ ޽ ߢ ߩ ߽ ߁ ޿ ߣ ޠ‬. ࿑ 7 ߢ ߪ Rights. ࠺࡞‫ߩޠ‬㧟⒳㘃ߩࡕ࠺࡞ߦಽ㘃ߔࠆߎߣ߇಴᧪ࠆ.. Management Point (RMP) ᯏ᭴ࠍㅊടߒߡ޿ࠆ.. x ࡕ࠺࡞ 1㧦ࠨ࡯ࡃ್ቯࡕ࠺࡞. RMP ߪߘࠇߙࠇߩ⠴࠲ࡦࡄ㗔ၞߢ್ᢿߒߥߌࠇ. ࡙࡯ࠩ߇଻ᜬߔࠆ IC ࠞ࡯࠼߆ࠄ࡙࡯ࠩߦ㑐ߔ. ߫޿ߌߥ޿᧦ઙࠍ⸃ᨆߒ, ್ᢿߐࠇࠆߴ߈႐ᚲ߳. ࠆࡊࡠࡈࠔࠗ࡞ᖱႎ, ᯏེ߆ࠄᯏེߦ㑐ߔࠆࡊࡠ. ࡝ࠢࠛࠬ࠻ࠍ࠺ࠖࠬࡄ࠶࠴ߔࠆ. ߘߩᓟ, ฦ. ࡈࠔࠗ࡞ᖱႎࠍขᓧߒ, ࡀ࠶࠻ࡢ࡯ࠢࠍ੺ߒߡࠨ. RMP ࠃࠅ㄰ାߐࠇߚ್ᢿ⚿ᨐࠍ⛔วߒᦨ⚳⊛ߥ. ࡯ࡃ஥ߦㅍାߔࠆ. ฦਥ૕ࠃࠅㅍାߐࠇߚࡊࡠࡈ. ᧦ઙ್ቯࠍⴕ߁ᯏ᭴ߢ޽ࠆ. ၮᧄࡈࡠ࡯ߪએਅߩ. ࠔࠗ࡞ᖱႎߣ೑↪ᮭߩ᧦ઙᖱႎࠍరߦࠨ࡯ࡃ஥. ࠃ߁ߦߥࠆ.. ߢ೑↪ᮭߩ᧦ઙ್ቯࠍⴕ޿, ೑↪ᮭߩⴕ૶น್ุ. Ԙ࡙࡯ࠩߪ࿕᦭ AP㧔PEP㧕߆ࠄ࡝ࠢࠛࠬ࠻ࠍ. ᢿࠍⴕ߁ࡕ࠺࡞. 㧔࿑ 8㧕.. RMP ߳ㅍାߔࠆ. ԙ RMP ߪ࡙࡯ࠩߩࠞ࡯࠼ౝߢ್ᢿߔࠆߴ߈᧦ ઙߦߟ޿ߡߪࠞ࡯࠼ౝߢߩ್ᢿࠍ PDP ߳ଐ. 䊒䊨䊐䉜䉟䊦ㅍା. IC䉦䊷䊄 ೑↪ᮭ. Profile. 䊡䊷䉱. 㗬ߔࠆ. Ԛ RMP ߪઁߩ⠴࠲ࡦࡄ㗔ၞߢ್ᢿߐࠇࠆ᧦ઙ ߦߟ޿ߡߪઁߩ RMP ߳࠺ࠖࠬࡄ࠶࠴ߒ, ㄰ ାߐࠇࠆ್ቯ⚿ᨐࠍ⛔วߔࠆ. ԛోߡߩ RMP ߩ್ቯ⚿ᨐߦࠃࠅᦨ⚳⊛ߥ೑↪ ᧦ઙ್ቯ⚿ᨐࠍ PEP ߦ㄰ାߔࠆ.. Rights Management Point. 㽲䊥䉪䉣䉴䊃 ࿕᦭AP. 㽵 ✚ว್ቯ ⚿ᨐ. PIP. 䈠䈱ઁ 䊒䊨䊐䉜䉟䊦 AP. PDP. ળຬ⸽ 䊒䊨䊐䉜䉟䊦 AP. PAP. 䉰䊷䊋. ᯏེ. x ࡕ࠺࡞ 2㧦┵ᧃ್ቯࡕ࠺࡞ ࡙࡯ࠩߩࡊࡠࡈࠔࠗ࡞ᖱႎ , ᯏེߩࡊࡠࡈࠔࠗ ࡞ᖱႎࠍ IC ࠞ࡯࠼ߣᯏེ߆ࠄߘࠇߙࠇขᓧߒ, ࠨ࡯ࡆࠬࠍታⴕߔࠆ┵ᧃ਄ߦㅍାߔࠆ. ࠨ࡯ࡆࠬ ߩ᧦ઙ್ቯࠍⴕ޿, ೑↪ᮭߩⴕ૶น್ุᢿࠍⴕ߁ ࡕ࠺࡞. 㧔࿑ 9㧕. ೑↪ᮭ AP. Profile. RMP ᧦ઙ್ቯ PDP. Profile. Rights Management Point. 㽴䈠䉏䈡䉏䈱IC䉦䊷䊄䈻䈱᧦ઙ ್ቯଐ㗬䈫್ቯ⚿ᨐ䈱⛔ว. Rights Management Point. PIP PDP. ┵ᧃ. NW. ᯏེ. 䉰䊷䊋. x ࡕ࠺࡞ 3㧦IC-Chip ್ቯࡕ࠺࡞. PDP PIP. ┵ᧃ. 䊡䊷䉱. ࿑9 ┵ᧃ್ቯ䊝䊂䊦. 䊈䉾䊃䊪䊷䉪. PAP. IC䉦䊷䊄. ᯏ᭴. ೑↪ᮭ. PAP. Proxy. ⠴䉺䊮䊌㗔ၞ. ࿑8 䉰䊷䊋್ቯ䊝䊂䊦. IC䉦䊷䊄 Proxy. ᧦ઙ್ቯ ᯏ᭴ PIP. NW. ࠍታⴕߔࠆ┵ᧃ਄ߢ, ೑↪ᮭߩᖱႎࠍၮߦ೑↪ᮭ. 㽳䉦䊷䊄ౝ䈪䈱᧦ઙ್ቯ. PEP. ೑↪ᮭ᧦ઙ ್ቯ. PDP. Profile. ┵ᧃ䊒䊨䊐䉜䉟䊦 AP. IC䉦䊷䊄䋨䉶䉨䊠䉝䉼䉾䊒䋩. ࿑7 ೑↪ᮭ▤ℂ䈮䈍䈔䉎᧦ઙ್ቯ䉝䊷䉨䊁䉪䉼䊞. ᧦ઙ್ቯߩߚ߼ߩ࡙࡯ࠩߩࡊࡠࡈࠔࠗ࡞ᖱႎ ߿ᯏེߩࡊࡠࡈࠔࠗ࡞ᖱႎߪ┵ᧃ࡮ࠨ࡯ࡃ਄ߦㅍ. ߎߩࠃ߁ߦ┵ᧃ߳ⷐ⚛ᖱႎࠍ᛽಴ߖߕ, ࡂ࡯࠼. ାߖߕ, ࡊࡠࡈࠔࠗ࡞ࠍ଻ᜬߔࠆߘࠇߙࠇਥ૕਄. ࠙ࠚࠕ⠴࠲ࡦࡄⵝ⟎ౝߦߡᔅⷐߥಣℂࠍቢ⚿ߐ. ߢ᧦ઙ್ቯࠍⴕ߁. ฦਥ૕㑆ߢߪ᧦ઙ್ቯ⚿ᨐߩ. ߖಣℂ⚿ᨐߩߺࠍ⠴࠲ࡦࡄ࠺ࡃࠗࠬࠃࠅ㄰ାߔ. ߺߩㅢାࠍⴕ޿, ್ቯ⚿ᨐࠍ⛔วߒ೑↪ᮭߩⴕ૶. ࠆߣ޿߁᭴ᚑߩᣢሽࠪࠬ࠹ࡓߣߒߡߪ‫ޟ‬ᜰ⚉⹺⸽. น್ุᢿࠍⴕ߁ࡕ࠺࡞. 㧔࿑ 10㧕. ߩಣℂࠍ IC ࠞ࡯࠼ౝߢⴕ޿ᾖว್ቯ⚿ᨐߩߺࠍ ㄰ାߔࠆࠪࠬ࠹ࡓ18‫ޠ‬ ‫ࠞࠕࠖ࠺ࡔ࠴࡞ࡑࠕࡘࠠ࠮ޟ‬. Profile. ࡯࠼19㧔ࠤ࡯࠲ࠗ de ࡒࡘ࡯ࠫ࠶ࠢࠨ࡯ࡆࠬ↪ࠦ. ೑↪ᮭ. ࡦ࠹ࡦ࠷ᩰ⚊ࡂ࡯࠼࠙ࠚࠕ㧕‫߇ߤߥޠ‬ሽ࿷ߒߡ޿ ࠆ߇, ೑↪ᮭ▤ℂߩⷰὐ߆ࠄⴕߞߡ޿ࠆ߽ߩߪ⍮ ࠄࠇߡ޿ߥ޿.. PAP ᧦ઙ್ቯ ᯏ᭴ 䊡䊷䉱. Profile. ᧦ઙ್ቯ RMP PDP ᯏ᭴. ್ቯ⚿ᨐ Request䊶Response. NW ᯏེ. ࿑10 IC-Chip ್ቯ䊝䊂䊦. 䉰䊷䊋.

(6) 5. ߇࡙࡯ࠩᡰេߩⷰὐ߆ࠄ㊀ⷐߢ޽ࠆ. ߎߩࠃ߁ߥ. ⹏ଔ. ߎߣࠍ⠨ᘦߒߚ႐ว XACML ࡄ࡯ࠨ߇ᜬߟ⸃ᨆ. 5.1 ೑↪ᮭ᧦ઙ್ቯࡕ࠺ ೑↪ᮭ᧦ ್ቯࡕ࠺࡞ߩᲧセ ߩᲧセ 4.1.3 ▵ߦߡಽ㘃ࠍ߅ߎߥߞߚࠨ࡯ࡃߢ೑↪ᮭ ᧦ઙ್ቯࠍⴕ߁ࡕ࠺࡞ 1㧔࿑ 8㧕, ┵ᧃߢ᧦ઙ್. ⚿ᨐߩᗧ๧ᖱႎࠍឭ␜ߔࠆߎߣ߇ᔅⷐߢ޽ࠆ. 6. ߹ߣ߼. ቯࠍⴕ߁ࡕ࠺࡞ 2㧔࿑ 9㧕, IC-Chip ਄ߢ᧦ઙ್ቯ. ᧄⓂߢߪ, ೑↪ᮭᵹㅢߦ߅ߌࠆ೑↪ᮭ᧦ઙ್ቯ. ࠍⴕ߁ࡕ࠺࡞ 3㧔࿑ 10㧕ߦኻߒߡᲧセ⹏ଔࠍⴕ. ᣇᑼߦߟ޿ߡߩᣢሽࡕ࠺࡞ߣߩᲧセ࡮ᬌ⸛ࠍⴕ޿,. ߞߚ㧔࿑ 11㧕. ࠝࡦ࡜ࠗࡦߢߩ೑↪ᮭ᧦ઙ್ቯߪ. ⃻࿷ߩታⵝ⁁ᴫߦߟ޿ߡㅀߴߚ. ੹ᓟߩ੍ቯߣߒ. ߤߩࡕ࠺࡞ߢ߽ⴕ߁ߎߣ߇น⢻ߢ޽ࠆ. ࠝࡈ࡜. ߡ, IC ࠞ࡯࠼਄ߩ᧦ઙ್ቯᯏ᭴ߦߟ޿ߡ, ࡂ࡯࠼. ࠗࡦߦ߅ߌࠆ᧦ઙ್ቯߦߟ޿ߡߪࡕ࠺࡞㧝ߢߪ. ࠙ࠚࠕ⊛೙⚂╬ࠍ⠨ᘦߒߥ߇ࠄ࿑ 10 ߩࡕ࠺࡞ߩ. ᧦ઙ್ቯࠍోߡࠨ࡯ࡃߢᜂߞߡ޿ࠆߚ߼ⴕ߁ߎ. ታⵝࠍⴕ߁੍ቯߢ޽ࠆ.. ߣ߇಴᧪ߥ޿. ᧦ઙ್ቯߩಣℂㅦᐲᕈ⢻ߣታⴕ. ෳ⠨ᢥ₂. ࡔࡕ࡝ኈ㊂ߦ㑐ߒߡߪࡕ࠺࡞㧝ࡕ࠺࡞㧞߇ PC ਄ߢⴕ߁ߩߦኻߒࡕ࠺࡞㧟ߢߪ IC-Chip ਄ߢⴕ ߁ߚ߼ઁߩࡕ࠺࡞ࠃࠅᕈ⢻㕙ߢഠࠆ. ࡊࡠࡈࠔ ࠗ࡞ᖱႎߩ଻⼔ߦ㑐ߒߡࡕ࠺࡞㧟ߪ೑↪ᮭ᧦ઙ ್ቯߩߚ߼ߩⷐ⚛ᖱႎࠍᄖㇱ߳಴ߐߥ޿. ߎߩ ߚ߼ࡊࡠࡈࠔࠗ࡞଻⼔ߦ㑐ߒߡ᦭ലߢ޽ࠆ. ⴫11 : ฦ䊝䊂䊦䈱Ყセ䊝䊂䊦1 (࿑6). 䊝䊂䊦2 䋨࿑9䋩. 䉰䊷䊋್ቯ䊝䊂䊦. ┵ᧃ್ቯ䊝䊂䊦. 䊝䊂䊦3(࿑7) IC-Chip್ቯ䊝䊂䊦. 䉥䊮䊤䉟䊮᧦ઙ್ቯ. 䂾. 䂾. 䂾. 䉥䊐䊤䉟䊮᧦ઙ್ቯ. 㬍. 䂾. 䂾. ᧦ઙ್ቯ䈱ಣℂㅦ ᐲᕈ⢻. 䂾. 䂾. 䂦. ታⴕ䊜䊝䊥ኈ㊂. 䂾. 䂾. 䂦. 䊒䊨䊐䉜䉟䊦଻⼔. 䂦. 䂦. 䂾. ৻ర್ቯ. 䉣䊥䉝್ቯ. ୘೎್ቯ. 䂾. 䂾. 䂦. ㆡ↪㗔ၞ ⃻Ბ㓏䈪䈱ታ⃻ᕈ. ೑↪ᮭ▤ℂߩߚ߼ߩ ߩߚ߼ߩࡕࠫࡘ࡯࡞ ࠫࡘ࡯࡞ 5.2 ೑↪ᮭ▤ XACML 㑐ㅪߩታⵝߣߒߡ⃻࿷೑↪น⢻ߥࡕࠫ ࡘ ࡯ ࡞ ߪ , Sun Microsystems ߦ ࠃ ࠆ Sun’s XACML Implementation20ߣ Jiffy Software ߇ឭ ଏߔࠆ Jiffy XACML21߇޽ࠆ. ߒ߆ߒ, ߎࠇࠄߩ ታⵝߪߣ߽ߦ PDP ߩㇱಽߒ߆ታⵝߐࠇߡ߅ࠄߕ, PIP, PAP ઁߩㇱಽߦ㑐ߒߡߪឭଏߐࠇߡ޿ߥ޿. ߎࠇࠄߩ PDP ߦኻߒߡࡐ࡝ࠪߣ࡝ࠢࠛࠬ࠻ࠍਈ ߃ߡ᧦ઙ್ቯࠍⴕࠊߖߚ႐ว, ್ቯ⚿ᨐߣߒߡߪ ‫ޟ‬Permit㧔⸵น㧕, Deny㧔ਇ⸵น㧕, NotApplicable 㧔ㆡ↪࡞࡯࡞ߥߒ㧕, Indeterminate㧔ਇ⏕ቯ㧕‫ޠ‬ ߩ޿ߕࠇ߆߇ㆬᛯߐࠇࠆ. Web ߦ߅ߌࠆࠕࠢ࠮ࠬ ೙ᓮߩ႐วߪ, ߎߩ 4 ߟߩ್ቯ⚿ᨐߦࠃࠅ⴫␜࡮ 㕖⴫␜, ታⴕ⸵น, ਇ⸵น╬ߩߺࠍⴕ߃߫ࠃ޿. ߒ߆ߒ, ೑↪ᮭ▤ℂߦ߅޿ߡߪ, Deny ್ቯߩ႐ว ߢ߽, ߤࠎߥℂ↱ߢਇ⸵นߢ޽ࠅ, ᰴߦߤ߁޿߁ ⴕേࠍ⿠ߎߖ߫⸵นߦߥࠆ߆, ࡙࡯ࠩߦ␜ߔߎߣ. Mark Weiser. “The Computer for the 21st Century”, Scientific American 265(3):94-104, September 1991. 2 Easy Living : http://research.microsoft.com/easyliving/ 3 IBM Pervasive Computing : http://www-3.ibm.com/software/pervasive/ 4 Cool Town : http://cooltown.hp.com/cooltownhome/ 5 MIT Project OXYGEN : http://oxygen.lcs.mit.edu/ 6 Sentient Computing Project : http://www.uk.research.att.com/spirit/ 7 Service Synthesizer on the Net(STONE) : http://www.mlab.t.u-tokyo.ac.jp/ 8 Smart Space Lab : http://www.ht.sfc.keio.ac.jp/SSLab/ 9 દ⮮⺈ᖗ, ␹ᚭ㓷৻, ⋥੗㇌ᓆ‫࠲ࠠࡆ࡙ࠬ࡯ࡌ࡞࠺ࡕޟ‬ ࠬࠨ࡯ࡆࠬࠕ࡯ࠠ࠹ࠢ࠴ࡖߦ߅ߌࠆ⾗Ḯ೑↪ᮭ▤ℂᣇ ᑼ‫ޠ‬㔚ሶᖱႎㅢାቇળ, ో࿖ᄢળ, D9-13 , March. 2003. 10 ␹ᚭ㓷৻, દ⮮⺈ᖗ, ⋥੗㇌ᓆ, ዊᨋㅘ.‫࠹࡯ࡘࡇࡦࠦޟ‬ ࠖࡦࠣ⾗Ḯߩ೑↪ᮭ▤ℂᣇᴺߦߟ޿ߡߩᬌ⸛‫ޠ‬㔚ሶᖱႎ ㅢାቇળᛛⴚ⎇ⓥႎ๔, KBSE2002-23, December. 2002. 11 Flex Ticket : http://info.isl.ntt.co.jp/flexticket/ 12 Light Holder : http://www.sw.nec.co.jp/cced/lightholder/ 13 ᐸ㊁ᩕ৻, ␹ᚭ㓷৻, Ἇ㊁ୃ, ጊᧄୃ৻㇢.‫ޟ‬MUSA㧦ࡕ ࠺࡞ࡌ࡯࡙ࠬࡆࠠ࠲ࠬࠨ࡯ࡆࠬࠕ࡯ࠠ࠹ࠢ࠴ࡖ‫ޠ‬㔚ሶᖱ ႎㅢାቇળᛛⴚ⎇ⓥႎ๔, KBSE2001-74, March. 2001. 14 Voucher Trading System (VTS) : http://www.faqs.org/rfcs/rfc3506.html 15 eXtensible Access Control Markup Language (XACML) http://www.oasis-open.org/ 16 Ꮏ⮮㆏ᴦ, ⠀↰⍮ผ.‫ޟ‬᜛ᒛน⢻ࠕࠢ࠮ࠬ೙ᓮࡐ࡝ࠪ࡯ ⸥ㅀ⸒⺆:XACML‫ޠ‬ᥧภߣᖱႎ࠮ࠠࡘ࡝࠹ࠖࠪࡦࡐࠫ࠙ ࡓ, SCIS2003 12B-2, January. 2003. 17 Mobile Passport (MOPASS) : http://www.mopass.info/ 18 IC ࠞ࡯࠼ߣᜰ⚉⹺⸽ᛛⴚࠍ⚵ߺวࠊߖߚ⹺⸽ࠪࠬ࠹ࡓ http://www.nttdata.co.jp/release/2001/0308.html 19 ࠤ࡯࠲ࠗ de ࡒࡘ࡯ࠫ࠶ࠢ : http://www.keitaide-music.org/ 20 Sun’s XACML Implementation : http://sunxacml.sourceforge.net/ 21 Jiffy XACML : http://www.jiffysoftware.com/ 1.

(7)