diff --git a/controller.png b/controller.png
index 549f490..91f5648 100644
--- a/controller.png
+++ b/controller.png
Binary files differ
diff --git a/controller.pu b/controller.pu
index d652a1a..b81bd25 100644
--- a/controller.pu
+++ b/controller.pu
@@ -1,7 +1,16 @@
 @startuml
 
+[*] --> success : /login
 [*] --> index : /
 
+state success {
+	state "Sign in" as login
+	login : Username
+	login : Password
+}
+login --> index : / [success]
+login --> login : [!success]
+
 state index {
 	state cities
 	cities : *{citycode}
diff --git a/pom.xml b/pom.xml
index 5a6e937..958d5e5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -18,6 +18,21 @@
 		<java.version>11</java.version>
 	</properties>
 	<dependencies>
+        <!-- Security -->
+        <dependency>
+          <groupId>org.springframework.boot</groupId>
+          <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        <dependency>
+          <groupId>org.thymeleaf.extras</groupId>
+          <artifactId>thymeleaf-extras-springsecurity5</artifactId>
+        </dependency>
+        <dependency>
+          <groupId>org.springframework.security</groupId>
+          <artifactId>spring-security-test</artifactId>
+          <scope>test</scope>
+        </dependency>
+        
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-thymeleaf</artifactId>
@@ -26,11 +41,14 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-web</artifactId>
 		</dependency>
+        
+        <!-- lombok -->
         <dependency>
           <groupId>org.projectlombok</groupId>
           <artifactId>lombok</artifactId>
           <optional>true</optional>
         </dependency>
+        
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-devtools</artifactId>
@@ -52,6 +70,28 @@
             <artifactId>spring-boot-starter-validation</artifactId>
         </dependency>
 
+        <!-- dependenciesタグ内に、以下の4つを追加します -->
+        <dependency>
+            <groupId>org.webjars</groupId>
+            <artifactId>datatables</artifactId>
+            <version>1.10.24</version>
+        </dependency>
+        <dependency>
+            <groupId>org.webjars</groupId>
+            <artifactId>datatables-plugins</artifactId>
+            <version>1.10.24</version>
+        </dependency>
+        <dependency>
+            <groupId>org.webjars</groupId>
+            <artifactId>datatables-buttons</artifactId>
+            <version>1.7.0</version>
+        </dependency>
+        <dependency>
+            <groupId>org.webjars</groupId>
+            <artifactId>jszip</artifactId>
+            <version>3.1.0</version>
+        </dependency>
+    
 		<!-- dependenciesタグ内に、以下の4つを追加します -->
 		<dependency>
 			<groupId>org.webjars</groupId>
diff --git a/src/main/java/osm/surveyor/task/config/SecurityConfig.java b/src/main/java/osm/surveyor/task/config/SecurityConfig.java
new file mode 100644
index 0000000..e03eb35
--- /dev/null
+++ b/src/main/java/osm/surveyor/task/config/SecurityConfig.java
@@ -0,0 +1,47 @@
+package osm.surveyor.task.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        // パスワードの暗号化用に、BCrypt（ビー・クリプト）を使用します
+        return new BCryptPasswordEncoder();
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+            // 認証リクエストの設定
+            .authorizeRequests()
+                // 認証の必要があるように設定
+                .anyRequest().authenticated()
+                .and()
+            // フォームベース認証の設定
+            .formLogin();
+    }
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth)
+            throws Exception {
+        auth
+            // メモリ内認証を設定
+            .inMemoryAuthentication()
+            // "user"を追加
+            .withUser("user")
+            // "password"をBCryptで暗号化
+            .password(passwordEncoder().encode("password"))
+             // 権限（ロール）を設定
+            .authorities("ROLE_USER");
+    }
+}
diff --git a/src/main/java/osm/surveyor/task/controller/SecurityController.java b/src/main/java/osm/surveyor/task/controller/SecurityController.java
new file mode 100644
index 0000000..0b61f97
--- /dev/null
+++ b/src/main/java/osm/surveyor/task/controller/SecurityController.java
@@ -0,0 +1,13 @@
+package osm.surveyor.task.controller;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class SecurityController {
+
+    @GetMapping("/login")
+    public String success() {
+        return "success";
+    }
+}
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 95f2f81..707f9fd 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -3,3 +3,5 @@
 spring.datasource.generate-unique-name=false
 spring.h2.console.enabled=true
 spring.jpa.show-sql=true
+
+spring.messages.basename=org/springframework/security/messages
diff --git a/src/main/resources/templates/success.html b/src/main/resources/templates/success.html
new file mode 100644
index 0000000..2a24ba1
--- /dev/null
+++ b/src/main/resources/templates/success.html
@@ -0,0 +1,16 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org">
+<head>
+  <meta charset="UTF-8">
+  <title>Title</title>
+</head>
+<body>
+  <h2>ログイン成功</h2>
+  <a th:href="@{/logout}">ログアウトの確認メッセージへ</a><br>
+  <br>
+
+  <form th:action="@{/logout}" method="post">
+    <button>ログアウトする</button>
+  </form>
+</body>
+</html>