10.

Gyazo


!

Twitter
Gyazo

使

/

SPT @
2011

?
by

Security visualizaton
Gyazo

使

USB
,
CAPTCHA

+
+?

Web
()



/

使

?
Gyazo

Basic
Digest

Basic (Apache)
.htaccess
AuthUserFile /home/masui/.htpasswd
AuthGroupFile /dev/null
AuthName "Password Required"
AuthType Basic
require user masui
htpasswd

Digest (Apache)
.htaccess
AuthType Digest
AuthName "member only"
AuthDigestDomain /server/script/digest/
AuthDigestFile /home/masui/.htdigest
require user masui
htdigest
ID

<center>
<input type="password" style="font-size:30pt;"><br>
<span style="font-size:24pt;"><input type="password" style="font-size:20pt;"></span>
</center>
HTTPS

Cookie

Web
PKI (Public Key Infrastructure)
PGP (Pretty Good Privacy)

c.f.

PKI
使
(Certificate Authority)

(pk), (sk)
pkskskpk
Epk
Dsk
m == Dsk(Epk(x))
pk

ssh
ssh-keygen
id_dsa.pub id_rsa.pub
id_dsa id_rsa

: ssh
% ssh-keygen

SSL
Secure Sockets Layer
Transport Layer Security(TLS)
1994Netscape
https://(url)


/




/
e.g.

使

()


2?

使

Web
FlickrAPI
TypeKey
API
livedoor Auth
JugemKeyAPI
Facebook OAuth

Flicker
Flicker




/
OpenID
OAath

(SSO)

(Authentication)
(Authorization)

ID

Authentication
IDACL

URLID
Web
()

OpenID
OPOpenID Provider
()
RPRelying Party
OpenID ()
OpenID

OpenID

OpenID

OpenID

vox.com
http://pitecan.com/ ID
<html>
<head>
<link rel="openid.server"
 href="http://www.vox.com/services/openid/server">
<link rel="openid.delegate"
 href="http://<font color=yellow>masui477</font>.vox.com/">
ZoooomrOpenID
vox
IDZoooomr

OpenID
OpenID Directory
Zoooomr

OpenID使
ID
ID/
/


2007
(Authorization)
e.g. TwitterAPI

(e.g. smart.fm)(e.g. Google)
...
0. ConsumerService ProviderOAuth
1. UserConsumerService Provider
2. ConsumerService ProviderRequest Token
3. ConsumerUserService ProviderConsumerRequest TokenURL Parameter
4. UserService ProviderConsumerService ProviderRequest Token
5. Service ProviderUserConsumerService ProviderRequest TokenURL
6. ConsumerService ProviderRequest TokenAccess Token
7. Consumer6)Token</span><br>

OAuth


OpenID vs OAuth

!
使?
?
使


c.f.
=
=

PKI?


()

()

()
使


1Password
LastPass
Just1Key
SuperGenPass

SMS

使
使

etc.



?

vol.47, no.5 (2006)

Draw-A-Secret (DAS)

DéjàVu


Gyazo

LockTile


PassPoints

OpenID


GATESCEME

Recall-a-Story

MARASIM







Gyazo

: EpisoPass


EpisoPass


使

?
?
?
?
OpenID?

使
使

ssh

c.f. s/key
/
ssh
?

/

Gyazo
Cambridge
(2016)


: Pico

AndroidPico
Gyazo.com