참고문헌
- NIST SP 800-30, Risk Management Guide for IT Systems, 2002. 7.
- NIST SP 800-37, Guide for the Security Certification and Accreditation of FIS, 2004. 5.
- NIST SP 800-53A, Guide for Assessing the Security Controls in FIS (second public draft, 2006. 5).
- NIST SP 800-60, Guide for Mapping Types of Information and Information Systems to Security Categories, 2004. 6.
- NIST FIPS 199, Standards for Security Categorization of Federal Information and Information Systems, 2004. 2.
- NIST FIPS 200, Minimum Security Requirements for Federal Information and Information Systems, 2006. 2.
- GSA, "Ensuring secure cloud computing for the Federal Government", 2012. 6.
- GCN, "FedRAMP aims to authorize 3 cloud providers by year's end", 2012. 6.
- ISO/IEC 27001:2005 - Information technology - Security techniques - Information security management systems
- Cloud Security Alliance, Cloud Controls Matrix v1.2, 2011. 8.