政府調達令和8年5月21日
大阪大学における全学IT認証基盤システム等の導入に関する公告
出典:官報発行サイトの掲載情報を加工しています。AI 抽出や OCR に誤りが含まれる可能性があるため、 重要な確認は公式原文を基準にしてください。
抽出された基本情報
本文と原文の対照
まず左側の本文を読み、必要な箇所だけ原文ページで確認できる構成です。
← 同日の官報に戻る
原文対照の表示オプション
大阪大学における全学IT認証基盤システム等の導入に関する公告
本文はAI抽出です。左の段落を選ぶと、右側の官報原文画像で該当箇所を照合できます。
6 Summary
(1) Classification of the products to be procured: 14
(2) Nature and quantity of the products to be rent : OUID System 1 Set
(3) Type of the procurement : products to be rent
(4) Basic requirements of the procurement :
A. This system consists of an Integrated ID Authentication System and an Integrated ID Management System.
B. The Integrated ID authentication infrastructure shall have the following functions.
B-1. Single Sign-On (SSO) Functions
a. A single sign-on function compliant with OASIS-SAML 2.0 and OIDC for services (web applications) that support authentication/authorization federation, including SPs participating in academic authentication federations.
b. A portal site that lists links to systems that support single sign-on, and a user guideline web page that includes FAQs and other information.
c. A single logout function that, when a user logs out from a federated SP/RP, logs the user out from all federated SPs/RPs.
B-2. Authentication Functions
a. Authentication functions including: password plus multi-factor authentication using a secondary factor with an ID or email address as the username; passkey authentication; certificate authentication; and social account authentication.
b. A function that allows users to change their passwords and secondary authentication methods by themselves.
c. If authentication is not possible due to a forgotten password, etc., functions including: online password reset/reconfiguration by the user using a recovery email address and a My Number Card; a temporary secondary-authentication bypass function when secondary authentication cannot be performed; and a user self-service password reset function.
d. A function to maintain authentication sessions between users and between SPs/RPs for a specified period of time.
B-3. Authentication Information Management Functions
a. A function to retain, for each ID, the attributes received via federation from the Integrated ID management infrastructure.
b. A function to send to an SP/RP the attributes held by the ID linked to the username, using the username specified by the user at the time of authentication as the key.
c. A function to control which SPs/RPs can be used according to the attribute information held by the ID used for authentication.
B-4. Administrator Functions
a. A function that allows administrators to add, modify, and delete SPs/RPs to be federated for authentication.
b. A function to acquire user's authentication logs and allow administrators to view them.
c. A function that allows administrators to reset user's authentication information.
C. The Integrated ID management infrastructure shall have the following functions.
C-1. ID Management Functions
a. A function to assign each user a unique ID within the University's systems.
b. A function to manage role-specific information separately from user information when a user holds multiple positions (Role ID function).
c. A function to manage attribute information linked to IDs and Role IDs, and in response to inquiries keyed by username, return the attributes held by one of the multiple Role IDs possessed by a user.
C-2. Data Import Functions
a. A function to automatically or manually import data (CSV) provided from source systems that serve as the origin of user information and register users. There are multiple source systems, and the key information differs depending on the system.
b. A function to generate attribute information linked to IDs based on generation rules at the time of data import.
c. A function to identify candidates that may refer to the same person when information for one user is registered in duplicate in the database at the time of data import (candidate record linkage function).
d. If an administrator determines that entries in the record-linkage candidate list refer to the same person, a function to overwrite the user information while keeping role information separated.
C-3. Master Data Management Functions
a. For master data of attribute information to be granted to users (e.g., department master, position master), a function that allows administrators to register and update it via CSV import.
C-4. Workflow Application Functions
a. For users not included in the source systems, a function whereby designated staff apply for ID issuance and administrators approve it, thereby issuing, changing, or revoking IDs.
b. A function that allows administrators and designated staff to search past applications.
c. A function to grant application privileges to designated staff.
読み込み中...
テキスト領域
選択中
非公開 (PII)