参考資料

ゼロトラストアーキテクチャ適用方針: ゼロトラストアーキテクチャ 適用方針 (digital.go.jp)

DS-211 常時リスク診断・対処（CRSA）アーキテクチャ: 常時リスク診断・対処（CRSA）システムアーキテクチャ (digital.go.jp)

[FK92] Ferraiolo, D.F. & Kuhn, D.R. (October 1992). "Role-Based Access Control" (PDF). 15th National Computer Security Conference: 554–563.

SP 800-162, Guide to ABAC Definition and Considerations | CSRC (nist.gov)

SP 800-205, Attribute Considerations for Access Control Systems | CSRC (nist.gov)

SP 800-207, Zero Trust Architecture | CSRC (nist.gov)

ISO/IEC 29146 Information technology – Security techniques – A framework for access management

OpenID Connect: Core Final: OpenID Connect Core 1.0 incorporating errata set 1

OpenID Connect for Identity Assurance: OpenID Connect for Identity Assurance 1.0

OpenID Connect: Shared Signals Framework: Software Grant and Contribution License Agreement | OpenID