Browse > Article

보안관리 및 위험분석을 위한 분류체계, 평가기준 및 평가스케일의 조사연구  

최상수 (한남대학교 컴퓨터공학과)
방영환 (한남대학교 컴퓨터공학과)
최성자 (한남대학교 컴퓨터공학과)
이강수 (한남대학교 정보통신멀티미디어공학부)
Publication Information
Review of KIISC / v.13, no.3, 2003 , pp. 38-49 More about this Journal
Keywords
Citations & Related Records
연도 인용수 순위
  • Reference
1 IT-Software product evaluation, Part 6. Documentation for evaluation modules /
[] / ISO/IEC 14598-6
2 /
[ SSE-CMM ] / Project, Systems Security Engineering Capability Maturity Model(SSE-CMM) - Model Description Document
3 Simplified Risk Analysis Guideline /
[] / NISTIR-4387
4 A Practical Approach to Risk Assessment /
[ M.Timms ] / Compsec Computer Security Conference'90
5 1부, IT보안 개념 및 모델(1996), 2부 보안관리 및 계획(1997) /
[] / ISO/IEC TR 13335
6 위험 분석 도구 기초기술 개발에 관한 연구 /
[ 김정덕(외) ] / ETRI 연구보고서
7 /
[ European Community ] / Information Technology Security Evaluation Criteria (ITSEM)(Ver. 1.0)
8 /
[ British Standards Institution(BSI) ] / BS-7799
9 /
[ Barry Boehm(et al.) ] / COCOMO 2.0 Software Cost Estimation Model
10 /
[ European Community ] / Information Technology Security Evaluation Criteria (ITSEC)(Ver. 1.2)
11 Security Self-Assessment Guide for Information Technology Systems /
[ M.Swanson ] / NIST-SP-800-26
12 Information Security Risk Assessment - Practices of Leading Organizations /
[ GAO ] / Case Study 3 , GAO/AIMD-00-33
13 정보시스템 보안을 위한 위험분석 소프트웨어 개발 /
[ 송관호(외) ] / 한국전산원 연구보고서
14 Risk Management Guide for Information Technology Systems /
[ NIST ] / NIST-SP-800-30
15 Data-driven Security: How to Target, Focus and Justify the Security Program /
[ C.Hamilton ] / 28'th Annual Computer Security Conference & Exhibition
16 IT-Software product evaluation - Quality characteristics and guidelines for their use /
[] / ISO/IEC-9126
17 /
[ CRAMM ] / A Practitioner's View of CRAMM
18 IT-Software product evaluation. Part 5. Precess for evaluation /
[] / ISO/IEC 14598-5
19 /
[] / 소프트웨어사업대가의 기준(2003)
20 Risk Management Guide for Information Technology System /
[ G.Stonebumer(et el.) ] / NIST-SP-800-30
21 국내외 정보보호 모델에 관한 연구 /
[ 이강신,김학범,이홍섭 ] / 정보보호학회지
22 정보통신망 침입차단시스템 평가기준 · 평가지침서 /
[] / 정보통신부고시 1998-19호
23 /
[ A.Furretta;A.Wolf(ed.) ] / Software Process
24 The Foundations of Risk Management /
[ D.Peeples ] / 20'th National Information Security Conference
25 Risk Assessment for Large Heterogeneous Systems /
[ J.Freeman(et al.) ] / 13'rd Computer Application Conference
26 정보시스템 위험분석 모델에 관한 연구 /
[ 이병만;윤정원;박승규 ] / WISC-97
27 /
[ B.Boehm ] / Software Engineering Economics
28 공공정보시스템 보안을 위한 위험분석 표준 - 개념과 모델 /
[ TTAS ] / TTAS.KO-12.007.
29 보안관리를 위한 위협, 자산, 취약성의 분류 체계 /
[ 김기윤;나관식;김종석 ] / 정보보호학회지
30 /
[ Z.Ruthber(et al.) ] / Guide to Auditing for Controls and Security: A System Development Lifecycle Approach
31 /
[ DoD ] / Department of Defense Trusted Computer System Evaluation Criteria(TCSEC)
32 Guidelines for Automatic Data Processing Risk Analysis /
[] / FIPS-65
33 OCATVE Criteria, Version 2.0 /
[ OCATVE ] / Carnegie Mellon Software Engineering Institute(2001.12) OCATVE Method Implementation Guide Version 2.0
34 전산망 보안을 위한 위험관리 지침서 /
[ 정보통신부 ] / KICO.KO-10.0047
35 /
[ Bundesamt fur Sicherheit in der Informationstechnik ] / IT Baseline Protect Manual - Standard security safeguards
36 IT-Software product evaluation, Part 1. General overview /
[] / ISO/IEC 14598-1
37 Common Criteria for Information Technology Security Evaluation /
[ CC ] / Version 2.1, CCIMB-99-031
38 An Open Framework for Risk Management /
[ R.Craft(et al.) ] / 21'st National Information System Security Conference
39 시만텍사의 Expert 4.1 소개 /
[] / 1회 서울정보보안기술 국제컨퍼런스
40 Information Security Risk Assessment - Practices of Leading Organizations /
[ GAO ] / Case Study 1 , GAO/AIMD-00-33
41 /
[ Canadian System Security Centre ] / The Canadian Trusted Computer Product Evaluation Criteria (CTCPED)(Ver.3e.)
42 /
[ W.Royce ] / Software Project Management - Unified Framework
43 선진국 정보보호시스템의 평가제도에 관한 연구 /
[ 이강수 ] / KISA 보고서
44 /
[ CIAO/VAF ] / Vulnerability Assessment Framework 1.1
45 Specifications for Guideline for The Analysis Local Area Network Security /
[] / FIPS-191
46 Risk Analysis and Assessment /
[ Will Ozier ] / Information Security Management Handbook(4th Ed.)
47 /
[ CSE ] / A Guide to Security Risk Management for IT Systems
48 3부 IT 보안관리 지침(1998) , 5부 네트워크 연결관리 지침(2000) /
[] / ISO/IEC TR 13335
49 /
[ S.Vallabhaneni ] / Auditiong Computer Security - A Manual with Case Studies
50 /
[ A.Finkelstein(ed.)(et al.) ] / Software Process Modeling and Technology
51 Simplified Risk Analysis Guideline /
[] / NISTIR-4325
52 /
[ CVE ] / Common Vulnerability and Exposure
53 Common Evaluation Methodology /
[ CEM ] / Version 1.0 CEM-99/0.45