menu

Supported client environment

It corresponds to the following Web browser environment.

-Use IE11, Microsoft Edge, Firefox (latest), Google Chrome (latest) running on Windows (8.1,10).

-Use Firefox (latest) and Google Chrome (latest) running on Apple OS X (10.11.X).

* Apple OS + Safari, which does not accept cookies by default, is not supported.

-OS standard Safari running on iOS / iPad OS (latest)

-OS standard Chrome running on Android (latest)

-Environment other than browser (dedicated client application etc.) is not supported.

 

※ When using multi-factor authentication, it corresponds to the client environment described in "How to use / register / delete authentication factors".

Supported System

It corresponds to the following linked SP.

Online storage system (Nextcloud Web + dedicated app)
・Mailing list system (Sympa)
Remote Meeting System (Cisco Webex Meeting)
・Microsoft 365
・Adobe Creative Cloud (License for personal devices, management of license for VDI (Windows))
・Email service system (WebMail)
・VPN service system (BIG-IP APM)
・ID management system (function for UIDM users)
・IdP system for SSO (OpenAM user function)

Corresponding authentication factor

• The need for multi-factor authentication

 In recent years, password leaks have occurred frequently in various places, and there are many cases of information leaks.

 In JAIST, user's e-mail and various services can be used by user name and password authentication (one-step authentication), and information leakage may occur due to password leakage.

 Therefore, in order to prevent information leakage due to password leakage, we will perform multi-factor authentication for available services.

• What is multi-factor authentication

 It refers to the function that adds another step check function to authentication with user name and password.

 As another check function, there are multiple authentication factors shown below.

• Reference page

 不正ログイン対策特集ページ(IPA 情報処理推進機構)

 不正ログイン対策特集ページ「多要素認証の設定」について(IPA 情報処理推進機構)

It corresponds to the following authentication factors.

・ID / password authentication

OTP(TOTP) authentication ※ Pre-setting required

  A time-based one-time password (TOTP) authentication method. (6 digit number, new one is generated every 30 seconds)

FIDO2 authentication (WebAuthn+CTAP) ※ Pre-setting required

  FIDO2 is a passwordless authentication standard established by the FIDO Alliance.

  An authentication method that registers the authentication protocol between the "authentication device", "web browser", and "RP server" as a FIDO2 device and does not use a password to authenticate the web application.

 ・Windows Desktop SSO認証  ※ Pre-setting Not required、Only available from JAIST Cloud Desktop

  An authentication method in which a user who logs on to a domain on a Windows terminal joined to an Active Directory domain authenticates an application on a Web browser.

PKI client certificate authentication ※ Pre-setting required

  An authentication method that authenticates with a PKI client certificate installed in the Web browser of the user's terminal.