December 2021
Intermediate to advanced
256 pages
3h 46m
Japanese
Content preview from マスタリングOkta ―IDaaS設計と運用
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
4章AMFA(Adaptive Multi-FactorAuthentication)によるセキュリティ向上
二要素認証(2FA)および多要素認証(MFA)は、ユーザとデータのセキュリティを確保するための機能であり、多くの企業で利用が拡大している。2FAとMFAは同義ではなく、二要素から多要素へと機能強化が図られている。いずれにしても、ユーザは単一の認証要素を用いるのではなく、状況に応じて、ユーザ名とパスワードなどの知識要素、物理的なカードやデバイス上のソフトトークンといった所持要素、生体認証などの生体要素を組み合わせて、自身が誰であるかの確認を求められることとなる。本章では、この領域でのOktaの機能について紹介しつつ、AMFAを用いた際に利用できる高度なMFA機能についても言及する。次のテーマに沿って説明していこう。
- 認証要素の種類
- MFAの基本設定
- コンテキストベースのアクセス管理
- アプリケーションに特化したポリシーの作成
- ユーザによるMFAの登録
- MFAによるVPNのセキュア化
4.1 認証要素の種類
まずは、Oktaで利用可能な認証要素の確認から始めよう。Oktaでは、次に示す3つの要素を利用できる。
- 知識要素(Knowledge Factor)
- 所持要素(Possession Factor)
- 生体要素(Biometric factor)
これらについて、詳細を見ていこう。
4.1.1 知識要素
知識要素とは、記憶が必要な要素である。まず挙げられるのはパスワードであり、Oktaにはパスワードを要件に準拠させるための各種設定がある。ついで、Oktaはセキュリティ質問を知識要素として用いることができる。これは、「3章 SSO(Single Sign-On)によるユーザ利便性向上」で説明した、セルフサービスでパスワードの再設定やアンロックを行う機能で用いられるセキュリティ質問とは別のものである。 ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.