1 |
IT-Software product evaluation, Part 6. Documentation for evaluation modules
/
[] /
ISO/IEC 14598-6
|
2 |
/
[
SSE-CMM
] /
Project, Systems Security Engineering Capability Maturity Model(SSE-CMM) - Model Description Document
|
3 |
Simplified Risk Analysis Guideline
/
[] /
NISTIR-4387
|
4 |
A Practical Approach to Risk Assessment
/
[
M.Timms
] /
Compsec Computer Security Conference'90
|
5 |
1부, IT보안 개념 및 모델(1996), 2부 보안관리 및 계획(1997)
/
[] /
ISO/IEC TR 13335
|
6 |
위험 분석 도구 기초기술 개발에 관한 연구
/
[
김정덕(외)
] /
ETRI 연구보고서
|
7 |
/
[
European Community
] /
Information Technology Security Evaluation Criteria (ITSEM)(Ver. 1.0)
|
8 |
/
[
Barry Boehm(et al.)
] /
COCOMO 2.0 Software Cost Estimation Model
|
9 |
/
[
British Standards Institution(BSI)
] /
BS-7799
|
10 |
/
[
European Community
] /
Information Technology Security Evaluation Criteria (ITSEC)(Ver. 1.2)
|
11 |
Security Self-Assessment Guide for Information Technology Systems
/
[
M.Swanson
] /
NIST-SP-800-26
|
12 |
정보시스템 보안을 위한 위험분석 소프트웨어 개발
/
[
송관호(외)
] /
한국전산원 연구보고서
|
13 |
/
[
CRAMM
] /
A Practitioner's View of CRAMM
|
14 |
IT-Software product evaluation. Part 5. Precess for evaluation
/
[] /
ISO/IEC 14598-5
|
15 |
/
[] /
소프트웨어사업대가의 기준(2003)
|
16 |
Information Security Risk Assessment - Practices of Leading Organizations
/
[
GAO
] /
Case Study 3 , GAO/AIMD-00-33
|
17 |
정보통신망 침입차단시스템 평가기준 · 평가지침서
/
[] /
정보통신부고시 1998-19호
|
18 |
/
[
A.Furretta;A.Wolf(ed.)
] /
Software Process
|
19 |
Risk Management Guide for Information Technology Systems
/
[
NIST
] /
NIST-SP-800-30
|
20 |
Data-driven Security: How to Target, Focus and Justify the Security Program
/
[
C.Hamilton
] /
28'th Annual Computer Security Conference & Exhibition
|
21 |
IT-Software product evaluation - Quality characteristics and guidelines for their use
/
[] /
ISO/IEC-9126
|
22 |
Risk Management Guide for Information Technology System
/
[
G.Stonebumer(et el.)
] /
NIST-SP-800-30
|
23 |
정보시스템 위험분석 모델에 관한 연구
/
[
이병만;윤정원;박승규
] /
WISC-97
|
24 |
공공정보시스템 보안을 위한 위험분석 표준 - 개념과 모델
/
[
TTAS
] /
TTAS.KO-12.007.
|
25 |
국내외 정보보호 모델에 관한 연구
/
[
이강신,김학범,이홍섭
] /
정보보호학회지
|
26 |
The Foundations of Risk Management
/
[
D.Peeples
] /
20'th National Information Security Conference
|
27 |
Risk Assessment for Large Heterogeneous Systems
/
[
J.Freeman(et al.)
] /
13'rd Computer Application Conference
|
28 |
/
[
B.Boehm
] /
Software Engineering Economics
|
29 |
보안관리를 위한 위협, 자산, 취약성의 분류 체계
/
[
김기윤;나관식;김종석
] /
정보보호학회지
|
30 |
/
[
Z.Ruthber(et al.)
] /
Guide to Auditing for Controls and Security: A System Development Lifecycle Approach
|
31 |
/
[
DoD
] /
Department of Defense Trusted Computer System Evaluation Criteria(TCSEC)
|
32 |
/
[
Canadian System Security Centre
] /
The Canadian Trusted Computer Product Evaluation Criteria (CTCPED)(Ver.3e.)
|
33 |
선진국 정보보호시스템의 평가제도에 관한 연구
/
[
이강수
] /
KISA 보고서
|
34 |
/
[
CIAO/VAF
] /
Vulnerability Assessment Framework 1.1
|
35 |
Guidelines for Automatic Data Processing Risk Analysis
/
[] /
FIPS-65
|
36 |
OCATVE Criteria, Version 2.0
/
[
OCATVE
] /
Carnegie Mellon Software Engineering Institute(2001.12) OCATVE Method Implementation Guide Version 2.0
|
37 |
전산망 보안을 위한 위험관리 지침서
/
[
정보통신부
] /
KICO.KO-10.0047
|
38 |
/
[
Bundesamt fur Sicherheit in der Informationstechnik
] /
IT Baseline Protect Manual - Standard security safeguards
|
39 |
IT-Software product evaluation, Part 1. General overview
/
[] /
ISO/IEC 14598-1
|
40 |
Common Criteria for Information Technology Security Evaluation
/
[
CC
] /
Version 2.1, CCIMB-99-031
|
41 |
An Open Framework for Risk Management
/
[
R.Craft(et al.)
] /
21'st National Information System Security Conference
|
42 |
시만텍사의 Expert 4.1 소개
/
[] /
1회 서울정보보안기술 국제컨퍼런스
|
43 |
Information Security Risk Assessment - Practices of Leading Organizations
/
[
GAO
] /
Case Study 1 , GAO/AIMD-00-33
|
44 |
Specifications for Guideline for The Analysis Local Area Network Security
/
[] /
FIPS-191
|
45 |
Risk Analysis and Assessment
/
[
Will Ozier
] /
Information Security Management Handbook(4th Ed.)
|
46 |
3부 IT 보안관리 지침(1998) , 5부 네트워크 연결관리 지침(2000)
/
[] /
ISO/IEC TR 13335
|
47 |
/
[
S.Vallabhaneni
] /
Auditiong Computer Security - A Manual with Case Studies
|
48 |
/
[
W.Royce
] /
Software Project Management - Unified Framework
|
49 |
/
[
CSE
] /
A Guide to Security Risk Management for IT Systems
|
50 |
/
[
A.Finkelstein(ed.)(et al.)
] /
Software Process Modeling and Technology
|
51 |
Common Evaluation Methodology
/
[
CEM
] /
Version 1.0 CEM-99/0.45
|
52 |
Simplified Risk Analysis Guideline
/
[] /
NISTIR-4325
|
53 |
/
[
CVE
] /
Common Vulnerability and Exposure
|