Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Security-JAWS-Speciality-Study

 Security-JAWS-Speciality-Study

Security-JAWS 第18回で発表した、
「対策本発売記念!  AWS認定セキュリティ合格のコツ(前編)」
AWS認定セキュリティ専門知識の勉强のポイントです。

Takuro SASAKI

August 29, 2020
Tweet

More Decks by Takuro SASAKI

Other Decks in Technology

Transcript

  1. ରࡦຊൃചه೦
    "84ೝఆηΩϡϦςΟ߹֨ͷίπ
    લฤ

    /3*ωοτίϜגࣜձࣾɹ
    ࠤʑ໦୓࿠

    4FDVSJUZ+"84ୈճ
    #secjaws

    View full-size slide

  2. ࠤʑ໦୓࿠
    CMPHIUUQTCMPHUBLVSPTOFU
    5XJUUFS!ELGK
    ࣗݾ঺հ #secjaws

    View full-size slide

  3. +BQBO"1/"NCBTTBEPS
    બग़͞Ε·ͨ͠
    ࣗݾ঺հ #secjaws

    View full-size slide

  4. ೝఆηΩϡϦςΟࢼݧͷରࡦຊ
    ཁ఺੔ཧ͔Β߈ུ͢Δ
    ʰ"84ೝఆηΩϡϦςΟઐ໳஌ࣝʱ
    IUUQTBN[OUP1,4D(
    "84ೝఆηΩϡϦςΟઐ໳஌ࣝͷษڧͷ࢓ํͱ
    "84ͷηΩϡϦςΟͷΨΠυϒοΫͱͯࣥ͠චʢͨͭ͠΋Γʣ
    #secjaws

    View full-size slide

  5. ࠓ೔࿩͢಺༰
    "84ͷηΩϡϦςΟͷߟ͑ํͱೝఆࢼݧ
    "84ʹ͓͚Δ̏ͭͷηΩϡϦςΟͷ࣠
    ॏ఺ڧԽྖҬ
    #secjaws

    View full-size slide

  6. ຊ೔ͷΰʔϧ
    "84ͷηΩϡϦςΟͬͯɺ͜͏͍͏͜ͱ΍ΔΜͩΑͱ
    ಉ྅ʹ࿩ͤΔΑ͏ʹͳΔ
    㱺ਓʹઆ໌͢Δͷ͕ɺཧղ΁ͷૣಓʂʂ
    *".ϕετϓϥΫςΟεʹ͍ͭͯϏσΦͰઆ໌͢Δ
    *".ͰͷηΩϡϦςΟͷϕετϓϥΫςΟε
    IUUQTEPDTBXTBNB[PODPNKB@KQ*".MBUFTU6TFS(VJEFCFTUQSBDUJDFTIUNM
    #secjaws

    View full-size slide

  7. "84ͷηΩϡϦςΟͱೝఆࢼݧ

    View full-size slide

  8. "84ೝఆηΩϡϦςΟɹઐ໳஌ࣝ
    ιϦϡʔγϣϯΞʔΩςΫτͱͷҧ͍
    ιϦϡʔγϣϯ
    ΞʔΩςΫτ
    ηΩϡϦςΟ
    ઐ໳஌ࣝ
    ͲͷΑ͏ʹ࡞Δͷ͔ʁ
    ͲͷΑ͏ʹ҆શΛ
    ֬อ͢Δͷ͔ʁ
    #secjaws

    View full-size slide

  9. ࢼݧൣғͱ഑఺
    ߲൪ ෼໺ ׂ߹
    ΠϯγσϯτରԠ
    ϩάͱ؂ࢹ

    ΠϯϑϥετϥΫνϟͷ
    ηΩϡϦςΟ

    *%͓ΑͼΞΫηε؅ཧ
    σʔλอޢ
    ॏ఺߲໨
    #secjaws

    View full-size slide

  10. "84ͱηΩϡϦςΟ
    ͍Ζ͍Ζ΍Δ͜ͱ͕ଟͯ͘ɺ
    ΍΍͍͜͠ͱࢥͬͨ͜ͱ͋Γ·ͤΜ͔
    શମ૾Λ೺Ѳ͢ΔͨΊʹɺͬ͘͟Γͱ
    ෼ྨͯ͠Έ·͠ΐ͏
    #secjaws

    View full-size slide

  11. ڊਓͷݞͷ্ʹཱͭ
    Ұ͔Βશ෦ࣗ෼Ͱߟ͑Δͱେม
    ϑϨʔϜϫʔΫʹ৐ͬͯɺ࠷খݶͷ࿑ྗͰ
    ·ͣ͸ఆੴΛ֮͑ͯɺਅࣅΔ͜ͱ͔Β࢝ΊΔ
    #secjaws

    View full-size slide

  12. /*45αΠόʔηΩϡϦςΟϑϨʔϜϫʔΫ
    ෼ྨ ΧςΰϦʔ
    ಛఆ
    ʢ*EFOUJGZʣ
    ɾࢿ࢈؅ཧ
    ɾϏδωε؀ڥ
    ɾΨόφϯε
    ɾϦεΫΞηεϝϯτɺϦεΫΞηεϝϯτ؅ཧ
    ɾαϓϥΠνΣʔϯϦεΫϚωδϝϯτ
    ๷ޚ
    ʢ1SPUFDUʣ
    ɾΞΫηε੍ޚ
    ɾҙࣝ޲্͓ΑͼτϨʔχϯά
    ɾσʔληΩϡϦςΟ
    ɾ৘ใΛอޢ͢ΔͨΊͷϓϩηε͓Αͼखॱ
    ɾอक
    ɾอޢٕज़
    ݕ஌
    ʢ%FUFDUʣ
    ɾҟৗͱΠϕϯτ
    ɾηΩϡϦςΟͷܧଓతͳϞχλϦϯά
    ɾݕ஌ϓϩηε
    ରԠ
    ʢ3FTQPOEʣ
    ɾରԠܭըͷ࡞੒
    ɾίϛϡχέʔγϣϯ
    ɾ෼ੳ
    ɾ௿ݮ
    ෮چ
    ʢ3FDPWFSʣ
    ɾ෮چܭըͷ࡞੒
    ɾվળ
    ɾίϛχέʔγϣϯ
    IPA CSFίΞ
    https://www.ipa.go.jp/files/000071204.pdf

    View full-size slide

  13. "848FMM—"SDIJUFDUFEϑϨʔϜϫʔΫ
    ப ઃܭݪଇ
    ӡ༻্ͷ
    ༏लੑ
    ɾӡ༻Λίʔυͱͯ͠ӡ༻
    ɾఆظతʹɺখن໛ͳɺݩʹ໭͢͜ͱ͕Ͱ͖ΔมߋΛద༻͢Δ
    ɾӡ༻खॱΛఆظతʹվળ͢Δ
    ɾো֐Λ༧૝͢Δ
    ɾ͋ΒΏΔӡ༻্ͷো֐͔ΒֶͿ
    ηΩϡϦςΟ
    ɾڧݻͳೝূج൫ͷ࣮૷
    ɾτϨαϏϦςΟʔͷ࣮ݱ
    ɾશϨΠϠʔ΁ͷηΩϡϦςΟͷద༻
    ɾηΩϡϦςΟͷϕετϓϥΫςΟεͷࣗಈԽ
    ɾ఻ૹத͓Αͼอ؅தͷσʔλอޢ
    ɾσʔλʹਓͷखΛೖΕͳ͍
    ɾηΩϡϦςΟΠϕϯτ΁ͷඋ͑
    ৴པੑ
    ɾো֐͔Βࣗಈతʹ෮چ͢Δ
    ɾ෮چखॱΛςετ͢Δ
    ɾਫฏํ޲ʹεέʔϧͯ͠ू߹తͳϫʔΫϩʔυͷՄ༻ੑΛߴΊΔ
    ɾΩϟύγςΟʔΛײʹཔΒͳ͍
    ɾࣗಈԽͰมߋΛ؅ཧ͢Δ
    ύϑΥʔϚϯεޮ཰
    ɾߴ౓ͳςΫϊϩδʔΛ୭Ͱ΋࢖͑ΔΑ͏ʹ͢Δ
    ɾ͢෼Ͱάϩʔόϧʹల։͢Δ
    ɾαʔόʔϨεΞʔΩςΫνϟΛ࢓༷͢Δ
    ɾΑΓසൟʹ࣮ݧ͢Δ
    ɾϝΧχΧϧγϯύγʔΛߟྀ͢Δ
    ίετ࠷దԽ
    ɾΫϥ΢υͷࡒ຿؅ཧͷӡ༻
    ɾফඅϞσϧΛಋೖ͢Δ
    ɾશମతͳޮ཰Λଌఆ͢Δ
    ɾඅ༻Λ෼ੳ͠ɺؼ݁ͤ͞Δ
    AWS Well-Architected ϑϨʔϜϫʔΫ
    https://aws.amazon.com/jp/architecture/well-architected/

    View full-size slide

  14. "848FMM—"SDIJUFDUFEϑϨʔϜϫʔΫ
    ப ઃܭݪଇ
    ӡ༻্ͷ
    ༏लੑ
    ɾӡ༻Λίʔυͱͯ͠ӡ༻
    ɾఆظతʹɺখن໛ͳɺݩʹ໭͢͜ͱ͕Ͱ͖ΔมߋΛద༻͢Δ
    ɾӡ༻खॱΛఆظతʹվળ͢Δ
    ɾো֐Λ༧૝͢Δ
    ɾ͋ΒΏΔӡ༻্ͷো֐͔ΒֶͿ
    ηΩϡϦςΟ
    ɾڧݻͳೝূج൫ͷ࣮૷
    ɾτϨαϏϦςΟʔͷ࣮ݱ
    ɾશϨΠϠʔ΁ͷηΩϡϦςΟͷద༻
    ɾηΩϡϦςΟͷϕετϓϥΫςΟεͷࣗಈԽ
    ɾ఻ૹத͓Αͼอ؅தͷσʔλอޢ
    ɾσʔλʹਓͷखΛೖΕͳ͍
    ɾηΩϡϦςΟΠϕϯτ΁ͷඋ͑
    ৴པੑ
    ɾো֐͔Βࣗಈతʹ෮چ͢Δ
    ɾ෮چखॱΛςετ͢Δ
    ɾਫฏํ޲ʹεέʔϧͯ͠ू߹తͳϫʔΫϩʔυͷՄ༻ੑΛߴΊΔ
    ɾΩϟύγςΟʔΛײʹཔΒͳ͍
    ɾࣗಈԽͰมߋΛ؅ཧ͢Δ
    ύϑΥʔϚϯεޮ཰
    ɾߴ౓ͳςΫϊϩδʔΛ୭Ͱ΋࢖͑ΔΑ͏ʹ͢Δ
    ɾ͢෼Ͱάϩʔόϧʹల։͢Δ
    ɾαʔόʔϨεΞʔΩςΫνϟΛ࢓༷͢Δ
    ɾΑΓසൟʹ࣮ݧ͢Δ
    ɾϝΧχΧϧγϯύγʔΛߟྀ͢Δ
    ίετ࠷దԽ
    ɾΫϥ΢υͷࡒ຿؅ཧͷӡ༻
    ɾফඅϞσϧΛಋೖ͢Δ
    ɾશମతͳޮ཰Λଌఆ͢Δ
    ɾඅ༻Λ෼ੳ͠ɺؼ݁ͤ͞Δ
    AWS Well-Architected ϑϨʔϜϫʔΫ
    https://aws.amazon.com/jp/architecture/well-architected/
    "84ͷϑϨʔϜϫʔΫʹԊͬͯઃܭ͞Ε͍ͯ
    Δɻߟ͑ํΛཧղ͍ͯ͠ΔͱɺͦΕʹԊͬͨ
    ղ౴ΛબͿͱਖ਼ղʹͳΔ͜ͱ΋͋Δɻ

    View full-size slide

  15. ϑϨʔϜϫʔΫʹԊͬͯ
    ઃܭ͞Ε͍ͯΔ͔Λߟ͑Δ

    View full-size slide

  16. ϑϨʔϜϫʔΫʹ౰ͯ͸ΊͯΈΔͱʁ
    Lambda
    Systems Manager Automation
    CloudFormation
    Organizations SCP
    IAM
    SNS
    Config
    CloudWatch
    Inspector
    Macie
    GuardDuty
    Shield
    Firewall Manager
    WAF
    VPC
    ༧๷ ๷ޚ ݕ஌ ରԠ ෮چ
    ௨஌
    ࣗಈԽ
    Lambda
    CloudWatch
    ௐࠪ
    CloudWatch
    CloudTrail
    ౷߹
    Security Hub
    #secjaws

    View full-size slide

  17. ΞʔΩςΫνϟʔผʹݟͯΈΔͱ
    Shield
    WAF
    CloudFront
    ELB
    ߈ܸରࡦ ର৅Ϧιʔε
    NACL
    Security
    Group
    ωοτϫʔΫ๷ޚ ର৅Ϧιʔε
    ELB EC2
    RDS
    KMS
    σʔλอޢ ର৅Ϧιʔε
    EC2
    RDS
    S3
    %%P4߈ܸ
    ΞϓϦέʔγϣϯ
    ߈ܸ
    ෆਖ਼
    ωοτϫʔΫ
    ΞΫηε
    ෆਖ਼
    ɹσʔλΞΫηε
    Inspector
    Systems
    Manager
    αʔόʔ؅ཧ
    Security Hub CloudTrail CloudWatch
    GuardDuty Config VPC
    Flow logs
    ՄࢹԽɾϞχλϦϯά
    ௨஌
    ௨஌
    SNS
    ௨஌
    ӡ༻୲౰
    ؂ࢹ
    ɾશϨΠϠʔ΁ͷηΩϡϦςΟͷద༻
    ɾτϨαϏϦςΟʔͷ࣮ݱ
    #secjaws

    View full-size slide

  18. γεςϜͷϨΠϠʔผʹ౰ͯ͸ΊΔͱ
    Ϛωδϝϯτ
    ίϯιʔϧ
    71$Ծ૝ઐ༗ྖҬ
    &$04ྖҬ
    ϩʔΧϧσΟεΫ
    3%4σʔλϕʔε
    4ετϨʔδ
    $MPVE8BUDI؂ࢹ
    %JSFDU$POOFDU/8
    ηΩϡϦςΟͷରԠྫʢ๷ޚʣ
    ݕ஌ͷରԠྫ
    (VBSE%VUZ
    $POUSPM5PXFS
    4FDVSJUZ)VC
    'JSFXBMM.BOBHFS
    .BDJF
    5SVTUFE"EWJTPS
    ɾ"84ΞΧ΢ϯτɿར༻੍ݶ
    ɾ*".Ϣʔβɿૢ࡞ݖݶͱ઀ଓݩ੍ݶ
    ɹར༻ՄೳϦιʔεʹର͢ΔΞΫηείϯτϩʔϧɺଟཁૉೝূͷಋೖ
    ɾຊ൪؀ڥɺ։ൃ؀ڥͱ͍ͬͨ؀ڥ୯ҐͰ71$ͷ෼཭
    ɾαϒωοτ୯ҐͰͷ௨৴੍ޚɺϧʔςΟϯάઃఆ
    ɾ71$ϑϩʔϩάͷऔಘ
    ɾ4FDVSJUZ(SPVQʹΑΔαʔόؒ௨৴੍ޚ
    ɾ4ZTUFNT.BOBHFS౳Λར༻ͯ͠ͷɺαʔόঢ়ଶͷ೺ѲͱҰׅύον౰ͯ
    ɾαʔόͷϩάΠϯ؅ཧͷ࢓૊Έͱɺϩάू໿ͷ࢓૊Έͷಋೖ
    ɾ҉߸ԽΦϓγϣϯʹΑΔσΟεΫશମͷ҉߸Խ
    $MPVE5SBJMʹΑΔ
    "84ૢ࡞ཤྺ
    τϥϑΟοΫϩά
    ֤छΞϓϦέʔγϣϯϩά
    04ϩάΠϯཤྺ
    %#؂ࠪϩά
    "84αʔϏε֤छʹΑΔ
    ϩάɾΞϥʔτ
    ݕࠪ͢Δ΂͖ϩά
    ɾઐ༻ઢʢ%9ʣ΍71/Λར༻ͨ͠ܦ࿏҆શͷ֬อ
    ɾ5SBOTJU(BUFXBZΛར༻ͨ͠71$ɾܦ࿏ͷ؅ཧ
    ɾܦ࿏ͷ৑௕ԽʹΑΔࣄۀܧଓੑͷ֬อ
    ɾDBMSͷػೳʹΑΔςʔϒϧશମʢදྖҬʣͷ҉߸Խ
    ɾDBʹର͢ΔΞΫηεݖݶͷ؅ཧ
    ɾ҉߸ԽΦϓγϣϯʹΑΔετϨʔδશମͷ҉߸Խ
    ɾΫϥΠΞϯταΠυ͸҉߸ԽΩʔʹΑΓσʔλΛอޢ
    ɾCloudWatchʹΑΔAWSͷ؂ࢹͱɺӡ༻؂ࢹιϑτ΢ΣΞΛར༻ͨ͠αʔ
    ϏεɺΞϓϦέʔγϣϯ؂ࢹͷซ༻
    *OTQFDUPS
    "84ͷར༻ঢ়گͷ؂ࠪ
    "84ΞΧ΢ϯτͷઃఆͱΨόφϯε
    ηΩϡϦςΟʔΞϥʔτͷू໿ͱݕ஌ɾରԠ
    "84ͷෆਖ਼ར༻ͷݕ஌
    04ɺΞϓϦͷηΩϡϦςΟධՁ
    'JSFXBMMͷҰݩ؅ཧͱݕ஌ɾରԠ
    4಺ͷػີ৘ใͷݕग़ɺ෼ྨɺอޢ
    0SHBOJ[BUJPOT
    #secjaws

    View full-size slide

  19. ༧๷త౷੍ͱൃݟత౷੍
    ηΩϡϦςΟͷϕετϓϥΫςΟεͷҰͭ
    0SHBOJ[BUJPO6OJU
    Automation
    AWS Systems Manager
    AWS Config
    Rule
    ઃఆෆඋΛ
    ݕ஌
    म෮ࢦࣔ
    ༧๷త౷੍
    ൃݟత౷੍
    SCP
    AWS Organizations
    SCPΛར༻ͯ͠
    ΞΧ΢ϯτશମʹ
    ېࢭࣄ߲ͷઃఆ
    AWSΞΧ΢ϯτ
    IAM User
    ྫʣ
    SPPUϢʔβʔͷΞΫηεΩʔͷ
    ࡞੒Λېࢭ͢Δ
    ྫʣ
    *".Ϣʔβʔͷ.'"͕༗ޮʹ
    ͳ͍ͬͯΔ͔νΣοΫ͢Δ
    Ұ࣌తʹ
    IAMϢʔβʔͷ
    ແޮԽ
    #secjaws

    View full-size slide

  20. ͜ͷลΛҙࣝ͠ͳ͕Β
    ઃఆΛࣗ෼Ͱ΍Δͱ
    ഒཧղ͕ਐΉ

    View full-size slide

  21. ΋͏গ͠ղΓ΍͘͢͢ΔͨΊʹ
    "84্ͷγεςϜΛ෼ղ

    View full-size slide

  22. "84ͱηΩϡϦςΟ
    "84ͷηΩϡϦςΟ͸̏ͭͷ࣠Ͱߟ͑Δ
    ᶃ"84಺ʹߏஙͨ͠ωοτϫʔΫͱαʔόʔͷηΩϡϦςΟ
    ᶄ"84ૢ࡞ʹؔ͢Δݖݶʢ*".ʣ
    ᶅηΩϡϦςΟΛҡ࣋؅ཧ͢ΔͨΊͷ"84αʔϏε
    AWS Management
    Console
    Role
    VPC
    AWS Cloud
    Subnet
    Internet gateway
    Amazon Simple Storage
    Service (S3)
    VPN gateway
    Endpoints
    User
    ૢ࡞ݖݶ
    Instance Instance Instance
    AWS Lambda
    Role


    AWS Command Line
    Interface
    AWS Config AWS Systems Manager
    AWS Service Catalog AWS Trusted Advisor AWS CloudTrail

    ηΩϡϦςΟΛҡ࣋
    ؅ཧ͢ΔαʔϏε
    #secjaws

    View full-size slide

  23. ᶃ"84಺ʹߏஙͨ͠ωοτϫʔΫͱ
    αʔόʔͷηΩϡϦςΟ
    ੹೚ڞ༗Ϟσϧͷ੺࿮ͷ෦෼
    ઃܭͷߟ͑ํ͸ΦϯϓϨͱେ͖͘ҧΘͳ͍͕ɺઃఆͷ࢓
    ํ͸"84ͷྲّྀʹै͏ඞཁ͕͋Δ
    IUUQTBXTBNB[PODPNKQDPNQMJBODFTIBSFESFTQPOTJCJMJUZNPEFM
    #secjaws

    View full-size slide

  24. ᶄ"84ͷૢ࡞ʹؔ͢Δݖݶʢ*".ʣ
    "84ͷηΩϡϦςΟͷத֩ͷҰͭ
    ͲΜͳʹωοτϫʔΫ΍αʔόʔͷηΩϡϦςΟΛڧݻʹ
    ͍ͯͯ͠΋ɺ"84Λ௚઀ૢ࡞͞ΕΔͱ͕݀։͚ΒΕΔ
    "84ͷബ͍ຊɹ*".ͷϚχΞοΫͳ࿩
    IUUQTCPPUIQNKBJUFNT
    #secjaws

    View full-size slide

  25. ᶅηΩϡϦςΟΛҡ࣋؅ཧ͢Δ
    ɹͨΊͷ"84αʔϏε
    "84ಠࣗͷ෦෼
    ར༻͠ͳͯ͘΋γεςϜΛηΩϡΞͳঢ়ଶΛҡ࣋Ͱ͖Δ͕ɺ
    ্ख͘׆༻͢ΔͱࣗྗͰ΍ΔΑΓഒָʹͳΔ
    "84ͷബ͍ຊᶘΞΧ΢ϯτηΩϡϦςΟͷϕʔγοΫηΦϦʔ
    IUUQTCPPUIQNKBJUFNT
    #secjaws

    View full-size slide

  26. ॏ఺ڧԽྖҬ

    View full-size slide

  27. ࢼݧൣғͱ഑఺ʢ࠶ܝʣ
    ߲൪ ෼໺ ׂ߹
    ΠϯγσϯτରԠ
    ϩάͱ؂ࢹ

    ΠϯϑϥετϥΫνϟͷ
    ηΩϡϦςΟ

    *%͓ΑͼΞΫηε؅ཧ
    σʔλอޢ
    ॏ఺߲໨
    #secjaws

    View full-size slide

  28. *".Λཧղ͢Δ
    "84ʹ͓͚Δ*%͓ΑͼΞΫηε؅ཧͷத৺͸*".
    ओཁػೳ͸ػೳͷΈͳͷͰɺಘҙ෼໺ʹ͢Δͱ༗ར
    #secjaws

    "NB[PO%ZOBNP%#ςʔϒϧ͔Β߲໨Λऔಘ͢Δ৽͍͠"84-BNCEBؔ਺ΛηΩϡϦςΟΤϯδχΞ͕ςετͨ͠
    ࡍɺ͜ͷؔ਺͕σʔλΛ"NB[PO$MPVE8BUDI-PHTʹϩΪϯά͍ͯ͠ͳ͍͜ͱʹؾ෇͖·ͨ͠ɻ
    ͜ͷ-BNCEBؔ਺ʹΑͬͯ୅ߦ͞ΕΔϩʔϧʹɺ࣍ͷϙϦγʔׂ͕Γ౰ͯΒΕ͍ͯ·ͨ͠ɻ
    \
    7FSTJPO
    4UBUFNFOU<
    \
    4JE%ZOBNP
    "DUJPO<
    EZOBNPEC(FU*UFN
    >
    &⒎FDU"MMPX
    3FTPVSDF
    ^
    ^
    ͜ͷؔ਺͕ద੾ʹϩΪϯάͰ͖ΔΑ͏ʹ͢Δʹ͸ɺͲͷ࠷খݖݶϙϦγʔΛ௥Ճ͢Ε͹Α͍Ͱ͔͢ɻ
    αϯϓϧ໰୊ΑΓҾ༻

    View full-size slide

  29. *".Λཧղ͢Δ
    #secjaws
    "

    \
    4JE-PHHJOH
    3FTPVSDF
    "DUJPO<
    MPHT
    >
    &⒎FDU"MMPX
    ^
    #

    \
    4JE-PHHJOH
    3FTPVSDF
    "DUJPO<
    MPHT$SFBUF-PH4USFBN
    >
    &⒎FDU"MMPX
    ^
    $

    \
    4JE-PHHJOH
    3FTPVSDF
    "DUJPO<
    MPHT$SFBUF-PH(SPVQ
    MPHT$SFBUF-PH4USFBN
    MPHT1VU-PH&WFOUT
    >
    &⒎FDU"MMPX
    ^
    %

    \
    4JE-PHHJOH
    3FTPVSDF
    "DUJPO<
    MPHT$SFBUF-PH(SPVQ
    MPHT$SFBUF-PH4USFBN
    MPHT%FMFUF-PH(SPVQ
    MPHT%FMFUF-PH4USFBN
    MPHTHFU-PH&WFOUT
    MPHT1VU-PH&WFOUT
    >
    &⒎FDU"MMPX
    ^

    View full-size slide

  30. *".Λཧղ͢Δ
    #secjaws
    "

    \
    4JE-PHHJOH
    3FTPVSDF
    "DUJPO<
    MPHT
    >
    &⒎FDU"MMPX
    ^
    #

    \
    4JE-PHHJOH
    3FTPVSDF
    "DUJPO<
    MPHT$SFBUF-PH4USFBN
    >
    &⒎FDU"MMPX
    ^
    $

    \
    4JE-PHHJOH
    3FTPVSDF
    "DUJPO<
    MPHT$SFBUF-PH(SPVQ
    MPHT$SFBUF-PH4USFBN
    MPHT1VU-PH&WFOUT
    >
    &⒎FDU"MMPX
    ^
    %

    \
    4JE-PHHJOH
    3FTPVSDF
    "DUJPO<
    MPHT$SFBUF-PH(SPVQ
    MPHT$SFBUF-PH4USFBN
    MPHT%FMFUF-PH(SPVQ
    MPHT%FMFUF-PH4USFBN
    MPHTHFU-PH&WFOUT
    MPHT1VU-PH&WFOUT
    >
    &⒎FDU"MMPX
    ^

    View full-size slide

  31. ,.4Λ࢖ͬͨݤ؅ཧͱ҉߸Խ
    σʔλอޢ͸ɺॏ఺෼໺
    ҉߸Խͷख๏ʹ͍ͭͯͷཧղ͕ॏཁɻ·ͨܦ࿏ͷ҉߸Խͱ
    ͷ߹ٕͤͳͲ΋ཧղ͓ͯ͘͠
    #secjaws

    ͋Δاۀ͕ࣾ಺Ϋϥ΢υηΩϡϦςΟϙϦγʔʹ͓͍ͯɺࣾ಺ͷ71$ʙ,.4ؒͷ௨৴͸͢΂ͯ"84಺Ͱߦ͍ɺ
    ύϒϦοΫαʔϏεΤϯυϙΠϯτΛ࢖༻ͯ͠͸ͳΒͳ͍ͱఆΊ͍ͯ·͢ɻ
    ࠷΋࣮֬ʹ͜ͷཁ݅Λຬͨ͢ʹ͸ɺͲ͏͢Ε͹Α͍Ͱ͔͢ ͭબ୒͍ͯͩ͘͠͞
    ɻ
    "
    BXTTPVSDF7QDF৚݅Λɺࣾ಺ͷ71$ΤϯυϙΠϯτ*%Λࢀর͍ͯ͠Δ"84,.4ΩʔϙϦγʔʹ௥Ճ
    ͢Δɻ
    #
    71$Πϯλʔωοτήʔτ΢ΣΠΛ71$͔Β࡟আ͠ɺԾ૝ϓϥΠϕʔτήʔτ΢ΣΠΛ71$ʹ௥Ճ͢Δ͜
    ͱʹΑΓɺύϒϦοΫΠϯλʔωοτʹ௚઀઀ଓͰ͖ͳ͍Α͏ʹ͢Δɻ
    $
    "84,.4ʹର͢Δ71$ΤϯυϙΠϯτΛ࡞੒͠ɺϓϥΠϕʔτ%/4Λ༗ޮԽ͢Δɻ
    %
    ,.4ͷΩʔΠϯϙʔτػೳΛ࢖༻ͯ͠ɺ"84,.4ΩʔΛ71/্ͰηΩϡΞʹసૹ͢Δɻ
    &
    BXT4PVSDF*Q৚݅Λ"84,.4ΩʔϙϦγʔʹ௥Ճ͢Δɻ
    αϯϓϧ໰୊ΑΓҾ༻

    View full-size slide

  32. ,.4Λ࢖ͬͨݤ؅ཧͱ҉߸Խ
    σʔλอޢ͸ɺॏ఺෼໺
    ҉߸Խͷख๏ʹ͍ͭͯͷཧղ͕ॏཁɻ·ͨܦ࿏ͷ҉߸Խͱ
    ͷ߹ٕͤͳͲ΋ཧղ͓ͯ͘͠
    #secjaws

    ͋Δاۀ͕ࣾ಺Ϋϥ΢υηΩϡϦςΟϙϦγʔʹ͓͍ͯɺࣾ಺ͷ71$ʙ,.4ؒͷ௨৴͸͢΂ͯ"84಺Ͱߦ͍ɺ
    ύϒϦοΫαʔϏεΤϯυϙΠϯτΛ࢖༻ͯ͠͸ͳΒͳ͍ͱఆΊ͍ͯ·͢ɻ
    ࠷΋࣮֬ʹ͜ͷཁ݅Λຬͨ͢ʹ͸ɺͲ͏͢Ε͹Α͍Ͱ͔͢ ͭબ୒͍ͯͩ͘͠͞
    ɻ
    "
    BXTTPVSDF7QDF৚݅Λɺࣾ಺ͷ71$ΤϯυϙΠϯτ*%Λࢀর͍ͯ͠Δ"84,.4ΩʔϙϦγʔʹ௥Ճ
    ͢Δɻ
    #
    71$Πϯλʔωοτήʔτ΢ΣΠΛ71$͔Β࡟আ͠ɺԾ૝ϓϥΠϕʔτήʔτ΢ΣΠΛ71$ʹ௥Ճ͢Δ͜
    ͱʹΑΓɺύϒϦοΫΠϯλʔωοτʹ௚઀઀ଓͰ͖ͳ͍Α͏ʹ͢Δɻ
    $
    "84,.4ʹର͢Δ71$ΤϯυϙΠϯτΛ࡞੒͠ɺϓϥΠϕʔτ%/4Λ༗ޮԽ͢Δɻ
    %
    ,.4ͷΩʔΠϯϙʔτػೳΛ࢖༻ͯ͠ɺ"84,.4ΩʔΛ71/্ͰηΩϡΞʹసૹ͢Δɻ
    &
    BXT4PVSDF*Q৚݅Λ"84,.4ΩʔϙϦγʔʹ௥Ճ͢Δɻ
    αϯϓϧ໰୊ΑΓҾ༻

    View full-size slide

  33. ,.4Λ࢖ͬͨݤ؅ཧͱ҉߸Խ
    σʔλอޢ͸ɺॏ఺෼໺
    ҉߸Խͷख๏ʹ͍ͭͯͷཧղ͕ॏཁɻ·ͨܦ࿏ͷ҉߸Խͱ
    ͷ߹ٕͤͳͲ΋ཧղ͓ͯ͘͠
    #secjaws

    ͋Δاۀ͕ࣾ಺Ϋϥ΢υηΩϡϦςΟϙϦγʔʹ͓͍ͯɺࣾ಺ͷ71$ʙ,.4ؒͷ௨৴͸͢΂ͯ"84಺Ͱߦ͍ɺ
    ύϒϦοΫαʔϏεΤϯυϙΠϯτΛ࢖༻ͯ͠͸ͳΒͳ͍ͱఆΊ͍ͯ·͢ɻ
    ࠷΋࣮֬ʹ͜ͷཁ݅Λຬͨ͢ʹ͸ɺͲ͏͢Ε͹Α͍Ͱ͔͢ ͭબ୒͍ͯͩ͘͠͞
    ɻ
    "
    BXTTPVSDF7QDF৚݅Λɺࣾ಺ͷ71$ΤϯυϙΠϯτ*%Λࢀর͍ͯ͠Δ"84,.4ΩʔϙϦγʔʹ௥Ճ
    ͢Δɻ
    #
    71$Πϯλʔωοτήʔτ΢ΣΠΛ71$͔Β࡟আ͠ɺԾ૝ϓϥΠϕʔτήʔτ΢ΣΠΛ71$ʹ௥Ճ͢Δ͜
    ͱʹΑΓɺύϒϦοΫΠϯλʔωοτʹ௚઀઀ଓͰ͖ͳ͍Α͏ʹ͢Δɻ
    $
    "84,.4ʹର͢Δ71$ΤϯυϙΠϯτΛ࡞੒͠ɺϓϥΠϕʔτ%/4Λ༗ޮԽ͢Δɻ
    %
    ,.4ͷΩʔΠϯϙʔτػೳΛ࢖༻ͯ͠ɺ"84,.4ΩʔΛ71/্ͰηΩϡΞʹసૹ͢Δɻ
    &
    BXT4PVSDF*Q৚݅Λ"84,.4ΩʔϙϦγʔʹ௥Ճ͢Δɻ
    αϯϓϧ໰୊ΑΓҾ༻

    View full-size slide

  34. 4ͱͷσʔλอޢ
    σʔλอޢͱܦ࿏҉߸Խʹ͍ͭͯ
    #secjaws

    ͋Δاۀ͕ɺ"NB[PO4্ʹσʔλϨΠΫΛ࡞੒͠Α͏ͱ͍ͯ͠·͢ɻσʔλ͸ɺػີσʔλΛؚΉ਺ඦສݸͷ
    খن໛ϑΝΠϧ͔Β੒Γ·͢ɻηΩϡϦςΟνʔϜ͸ɺ͜ͷΞʔΩςΫνϟʹରͯ࣍͠ͷཁ݅ΛఆΊ͍ͯ·͢ɻ
    wૹ৴தσʔλΛ҉߸Խ͠ͳ͚Ε͹ͳΒͳ͍ɻ
    w֨ೲσʔλΛ҉߸Խ͠ͳ͚Ε͹ͳΒͳ͍ɻ
    wόέοτ͸ϓϥΠϕʔτͰͳ͚Ε͹ͳΒͳ͍ɻόέοτ͕ޡͬͯύϒϦοΫʹͳͬͨ৔߹ɺσʔλ͸ػີѻ
    ͍ͷ··Ͱͳ͚Ε͹ͳΒͳ͍ɻ
    ͜ΕΒͷཁ݅Λຬͨ͢ʹ͸ɺͲ͏͢Ε͹Α͍Ͱ͔͢ ͭબ୒͍ͯͩ͘͠͞
    ɻ
    "
    "NB[PO4όέοτʹରͯ͠"&4҉߸ԽํࣜΛ༗ޮԽ͢Δɻʮ"NB[PO4Ͱ؅ཧ͞ΕΔΩʔΛ࢖༻ͨ͠
    αʔόʔଆ҉߸Խʯ 44&4
    Λ࢖༻͢Δɻ
    #
    4όέοτʹରͯ͠σϑΥϧτͷ҉߸ԽํࣜΛ༗ޮԽ͢Δɻʮ"84,.4Ͱ؅ཧ͞ΕΔΩʔΛ࢖༻ͨ͠αʔ
    όʔଆ҉߸Խʯ 44&,.4
    Λ࢖༻͢Δɻ
    $
    1VU0CKFDUϦΫΤετͷதʹBXT4FDVSF5SBOTQPSUؚ͕·Ε͍ͯͳ͍৔߹ʹڋ൱͢ΔόέοτϙϦ
    γʔΛ௥Ճ͢Δɻ
    %
    BXT4PVSDF*QΛ࢖༻ͯ͠ɺࣾ಺Πϯτϥωοτ͔ΒͷΞοϓϩʔυͱμ΢ϯϩʔυ͚ͩΛڐՄ͢Δόέο
    τϙϦγʔΛ௥Ճ͢Δɻ
    &
    "NB[PO.BDJFΛ༗ޮԽͯ͠ɺσʔλϨΠΫͷ4όέοτΛ؂ࢹ͠ɺόέοτʹมߋ͕Ճ͑ΒΕͨ৔߹ʹର
    ॲ͢Δɻ
    αϯϓϧ໰୊ΑΓҾ༻

    View full-size slide

  35. 4ͱͷσʔλอޢ
    σʔλอޢͱܦ࿏҉߸Խʹ͍ͭͯ
    #secjaws

    ͋Δاۀ͕ɺ"NB[PO4্ʹσʔλϨΠΫΛ࡞੒͠Α͏ͱ͍ͯ͠·͢ɻσʔλ͸ɺػີσʔλΛؚΉ਺ඦສݸͷ
    খن໛ϑΝΠϧ͔Β੒Γ·͢ɻηΩϡϦςΟνʔϜ͸ɺ͜ͷΞʔΩςΫνϟʹରͯ࣍͠ͷཁ݅ΛఆΊ͍ͯ·͢ɻ
    wૹ৴தσʔλΛ҉߸Խ͠ͳ͚Ε͹ͳΒͳ͍ɻ
    w֨ೲσʔλΛ҉߸Խ͠ͳ͚Ε͹ͳΒͳ͍ɻ
    wόέοτ͸ϓϥΠϕʔτͰͳ͚Ε͹ͳΒͳ͍ɻόέοτ͕ޡͬͯύϒϦοΫʹͳͬͨ৔߹ɺσʔλ͸ػີѻ
    ͍ͷ··Ͱͳ͚Ε͹ͳΒͳ͍ɻ
    ͜ΕΒͷཁ݅Λຬͨ͢ʹ͸ɺͲ͏͢Ε͹Α͍Ͱ͔͢ ͭબ୒͍ͯͩ͘͠͞
    ɻ
    "
    "NB[PO4όέοτʹରͯ͠"&4҉߸ԽํࣜΛ༗ޮԽ͢Δɻʮ"NB[PO4Ͱ؅ཧ͞ΕΔΩʔΛ࢖༻ͨ͠
    αʔόʔଆ҉߸Խʯ 44&4
    Λ࢖༻͢Δɻ
    #
    4όέοτʹରͯ͠σϑΥϧτͷ҉߸ԽํࣜΛ༗ޮԽ͢Δɻʮ"84,.4Ͱ؅ཧ͞ΕΔΩʔΛ࢖༻ͨ͠αʔ
    όʔଆ҉߸Խʯ 44&,.4
    Λ࢖༻͢Δɻ
    $
    1VU0CKFDUϦΫΤετͷதʹBXT4FDVSF5SBOTQPSUؚ͕·Ε͍ͯͳ͍৔߹ʹڋ൱͢ΔόέοτϙϦ
    γʔΛ௥Ճ͢Δɻ
    %
    BXT4PVSDF*QΛ࢖༻ͯ͠ɺࣾ಺Πϯτϥωοτ͔ΒͷΞοϓϩʔυͱμ΢ϯϩʔυ͚ͩΛڐՄ͢Δόέο
    τϙϦγʔΛ௥Ճ͢Δɻ
    &
    "NB[PO.BDJFΛ༗ޮԽͯ͠ɺσʔλϨΠΫͷ4όέοτΛ؂ࢹ͠ɺόέοτʹมߋ͕Ճ͑ΒΕͨ৔߹ʹର
    ॲ͢Δɻ
    αϯϓϧ໰୊ΑΓҾ༻

    View full-size slide

  36. 4ͱͷσʔλอޢ
    σʔλอޢͱܦ࿏҉߸Խʹ͍ͭͯ
    #secjaws

    ͋Δاۀ͕ɺ"NB[PO4্ʹσʔλϨΠΫΛ࡞੒͠Α͏ͱ͍ͯ͠·͢ɻσʔλ͸ɺػີσʔλΛؚΉ਺ඦສݸͷ
    খن໛ϑΝΠϧ͔Β੒Γ·͢ɻηΩϡϦςΟνʔϜ͸ɺ͜ͷΞʔΩςΫνϟʹରͯ࣍͠ͷཁ݅ΛఆΊ͍ͯ·͢ɻ
    wૹ৴தσʔλΛ҉߸Խ͠ͳ͚Ε͹ͳΒͳ͍ɻ
    w֨ೲσʔλΛ҉߸Խ͠ͳ͚Ε͹ͳΒͳ͍ɻ
    wόέοτ͸ϓϥΠϕʔτͰͳ͚Ε͹ͳΒͳ͍ɻόέοτ͕ޡͬͯύϒϦοΫʹͳͬͨ৔߹ɺσʔλ͸ػີѻ
    ͍ͷ··Ͱͳ͚Ε͹ͳΒͳ͍ɻ
    ͜ΕΒͷཁ݅Λຬͨ͢ʹ͸ɺͲ͏͢Ε͹Α͍Ͱ͔͢ ͭબ୒͍ͯͩ͘͠͞
    ɻ
    "
    "NB[PO4όέοτʹରͯ͠"&4҉߸ԽํࣜΛ༗ޮԽ͢Δɻʮ"NB[PO4Ͱ؅ཧ͞ΕΔΩʔΛ࢖༻ͨ͠
    αʔόʔଆ҉߸Խʯ 44&4
    Λ࢖༻͢Δɻ
    #
    4όέοτʹରͯ͠σϑΥϧτͷ҉߸ԽํࣜΛ༗ޮԽ͢Δɻʮ"84,.4Ͱ؅ཧ͞ΕΔΩʔΛ࢖༻ͨ͠αʔ
    όʔଆ҉߸Խʯ 44&,.4
    Λ࢖༻͢Δɻ
    $
    1VU0CKFDUϦΫΤετͷதʹBXT4FDVSF5SBOTQPSUؚ͕·Ε͍ͯͳ͍৔߹ʹڋ൱͢ΔόέοτϙϦ
    γʔΛ௥Ճ͢Δɻ
    %
    BXT4PVSDF*QΛ࢖༻ͯ͠ɺࣾ಺Πϯτϥωοτ͔ΒͷΞοϓϩʔυͱμ΢ϯϩʔυ͚ͩΛڐՄ͢Δόέο
    τϙϦγʔΛ௥Ճ͢Δɻ
    &
    "NB[PO.BDJFΛ༗ޮԽͯ͠ɺσʔλϨΠΫͷ4όέοτΛ؂ࢹ͠ɺόέοτʹมߋ͕Ճ͑ΒΕͨ৔߹ʹର
    ॲ͢Δɻ
    αϯϓϧ໰୊ΑΓҾ༻

    View full-size slide

  37. ࠓ೔࿩ͨ͠ςʔϚ
    "84ͷηΩϡϦςΟͷߟ͑ํͱೝఆࢼݧ
    "84ʹ͓͚Δ̏ͭͷηΩϡϦςΟͷ࣠
    ॏ఺ڧԽྖҬ
    #secjaws

    View full-size slide