Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
権限について考える
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
bmf_san
June 22, 2024
Programming
2
140
権限について考える
bmf_san
June 22, 2024
Tweet
Share
More Decks by bmf_san
See All by bmf_san
桃太郎で始めるRego入門‐今日から使えるRegoの基本編
bmf_san
0
36
完璧を求めない意思決定-アクセス制御基盤における制約との向き合い方
bmf_san
5
17k
AAPについて調べてみた
bmf_san
0
79
レーダーをつくる
bmf_san
0
54
契約テストとPactについて
bmf_san
0
98
5分でわかるSLO
bmf_san
2
150
自作HTTPルーターから新しいServeMuxへ
bmf_san
3
1.8k
古くなってしまったPHPフレームワークとPHPのバージョンアップ戦略
bmf_san
1
460
アジャイルワークショップ
bmf_san
0
180
Other Decks in Programming
See All in Programming
Unicodeどうしてる? PHPから見たUnicode対応と他言語での対応についてのお伺い
youkidearitai
PRO
1
1k
AI Schema Enrichment for your Oracle AI Database
thatjeffsmith
0
220
AIエージェントの設計で注意するべきポイント6選
har1101
7
3.4k
AtCoder Conference 2025
shindannin
0
1k
ZJIT: The Ruby 4 JIT Compiler / Ruby Release 30th Anniversary Party
k0kubun
1
390
例外処理とどう使い分ける?Result型を使ったエラー設計 #burikaigi
kajitack
16
5.9k
AI時代のキャリアプラン「技術の引力」からの脱出と「問い」へのいざない / tech-gravity
minodriven
17
5.7k
.NET Conf 2025 の興味のあるセッ ションを復習した / dotnet conf 2025 quick recap for backend engineer
tomohisa
0
130
AIと一緒にレガシーに向き合ってみた
nyafunta9858
0
120
AIエージェント、”どう作るか”で差は出るか? / AI Agents: Does the "How" Make a Difference?
rkaga
4
2k
FOSDEM 2026: STUNMESH-go: Building P2P WireGuard Mesh Without Self-Hosted Infrastructure
tjjh89017
0
130
Oxlintはいいぞ
yug1224
5
1.2k
Featured
See All Featured
Large-scale JavaScript Application Architecture
addyosmani
515
110k
Building the Perfect Custom Keyboard
takai
2
680
Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)
konakalab
0
350
What’s in a name? Adding method to the madness
productmarketing
PRO
24
3.9k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
122
21k
The State of eCommerce SEO: How to Win in Today's Products SERPs - #SEOweek
aleyda
2
9.5k
Building Flexible Design Systems
yeseniaperezcruz
330
40k
How to Ace a Technical Interview
jacobian
281
24k
GraphQLの誤解/rethinking-graphql
sonatard
74
11k
Getting science done with accelerated Python computing platforms
jacobtomlinson
1
110
Why Our Code Smells
bkeepers
PRO
340
58k
Believing is Seeing
oripsolob
1
48
Transcript
ݖݶʹ͍ͭͯߟ͑Δ @bmf_san 2024.6.28
Who am Iʁ • Kenta Takeuchi • @bmf_san • bmf-san
• https://bmf-tech.com/
͢͜ͱ • ݖݶઃܭͱ͖߹͏ͱ͖ʹߟ͑ͦ͏ͳ͜ͱ
ݖݶͱ • γεςϜʹ͓͚Δݖݶͱɺ ʮϢʔβʔͷߦಈΛಛఆͷϧʔϧʹैͬͯ ੍ݶ͢Δʯ͜ͱ • ex. ΞΫηεݖݶɺૢ࡞ݖݶɺγεςϜϦ ιʔεͷར༻ݖݶ etc…
ݖݶΛߏ͢Δཁૉ • ୭͕ʢPrincipalʣ • ԿʹʢResourceʣ • ԿΛʢActionʣ • ڐՄ͢Δ͔ʢAllowʣ •
ڐՄ͠ͳ͍͔ʢDenyʣ
ݖݶઃܭͷख๏ • ACLʢAccess Control Listʣ • Ϣʔβʔ͝ͱʹݖݶΛઃఆ • ݖݶϦετͰཧ •
RBACʢRole Based Access Controlʣ • ϢʔβʔʹϩʔϧΛׂΓͯɺϩʔϧʹݖݶΛׂΓͯΔ • ABACʢAttribute Based Access Controlʣ • ϢʔβʔɺϦιʔεɺڥͳͲͷଐੑʹج͍ͮͯݖݶΛઃఆ
ݖݶઃܭͷ؍ • ݖݶͷద༻ൣғ • ݖݶͷ੍ޚର • ݖݶͷ੍ • ݖݶద༻ͷϨΠϠʔ •
ཧऀݖݶͷऔΓѻ͍ • ݖݶཧͷӡ༻ϑϩʔ
ݖݶઃܭͷ؍ • ݖݶͷద༻ൣғ • ݖݶ͕ద༻͞ΕΔൣғʢείʔϓʣ • ػೳతൣғ • σʔλతൣғ
ݖݶઃܭͷ؍ • ݖݶͷ੍ޚର • ݖݶ͕ద༻͞ΕΔج४ • ίϯςϯπ • ίϯςΩετ •
࣌ؒ
ݖݶઃܭͷ؍ • ݖݶͷ੍ • ݖݶؒͷؔੑ • ݖݶͷ༏ઌݖݶؒͷґଘؔͳͲ
ݖݶઃܭͷ؍ • ݖݶద༻ͷϨΠϠʔ • ݖݶ͕ద༻͞ΕΔϨΠϠʔ • ΞϓϦέʔγϣϯɺDBɺωοτϫʔ ΫɺOSͳͲ
ݖݶઃܭͷ؍ • ཧऀݖݶͷऔΓѻ͍ • ηΩϡϦςΟϦεΫʹ݁͢Δ • ࠷খݖݶͷݪଇɺݖݶׂɺࠪϩάɺ ۓٸ࣌ͷΦϖϨʔγϣϯඋͳͲϦεΫ ؍ͷߟྀ
ݖݶઃܭͷ؍ • ݖݶཧͷӡ༻ϑϩʔ • దʹݖݶ͕ཧ͞ΕΔͨΊӡ༻ϑϩʔ • ࠷খݖݶͷݪଇɺࠪɺҰݩཧͳͲ
ݖݶͱγεςϜಛੑ • ߏಛੑ • ֦ுੑ • ӡ༻ಛੑ • εέʔϥϏϦςΟ •
৴པੑ • ԣஅతಛੑ • ηΩϡϦςΟ
ݖݶͱγεςϜಛੑ • ֦ுੑ • ݖݶΛॊೈʹ֦ுͰ͖Δ͔Ͳ͏͔ • ૿ͨ͠ΓɺݮΒͨ͠Γɺׂͨ͠Γ • ϢʔβʔͷۀϑϩʔʹӨڹ͢Δ
ݖݶͱγεςϜಛੑ • εέʔϥϏϦςΟ • ॊೈͳݖݶઃܭͰ͋Δ΄ͲγεςϜͷෳࡶੑ σʔλྔͷ૿Ճ༧ଌ͞ΕΔ • Ϣʔβʔݖݶ͕ઢܗʹ૿Ճͨ͠߹ͷ ΩϟύγςΟϓϥϯχϯά •
εέʔϦϯά͍͔͢͠
ݖݶͱγεςϜಛੑ • ৴པੑ • ݖݶͷՃมߋ͕طଘͷݖݶʹѱӨڹ Λٴ΅͞ͳ͍Α͏ʹ͢Δ • ݖݶؒͷؔੑ͕ෳࡶͳ΄ͲࣄނΓ͢ ͍͔͠Εͳ͍
ݖݶͱγεςϜಛੑ • ηΩϡϦςΟ • ࠷খݖݶͷݪଇΛकΔɺര෩ܘΛখ͞ ͘͢ΔɺۓٸΦϖϨʔγϣϯͷඋͳͲઃ ܭӡ༻্ͷΛ͢Δ
ϕετϓϥΫςΟε͕Γ͍ͨʂ
ݖݶΛͬͱΔ • ࢀߟจݙ΄ͱΜͲͳ͍ͷͰࣄྫΛړΔ • άάΔͱΩʔϫʔυ৭ʑݟ͔ͭΔ͕ɺ”ݖ ݶ”ͱ͍͏ݴ༿͕Χόʔ͢ΔྖҬ͍ͷͰ পΔ • γεςϜͷཁ݅ʹ߹Θͤͯʮ΅͘ͷ͔Μ͕͑Δ ͍ͭ͞Αͷ͚Μ͛ΜʯΛࡧ͍͔ͯ͘͠͠ͳ͍
͓ΘΓ
Appendix • ݖݶཧͷઃܭʹ͍ͭͯௐͯΈͨ • https://bmf-tech.com/posts/ݖݶཧͷઃ ܭʹ͍ͭͯௐͯΈͨ
bmf_san
youkidearitai
thatjeffsmith
har1101
shindannin
k0kubun
kajitack
minodriven
tomohisa
nyafunta9858
rkaga
tjjh89017
yug1224
addyosmani
takai
konakalab
productmarketing
panda_program
aleyda
yeseniaperezcruz
jacobian
sonatard
jacobtomlinson
bkeepers
oripsolob
