Browse > Article

전자정부 응용 개발을 위한 시큐어 코딩 가이드  

Han, Kyungsook (한국산업기술대학교 컴퓨터공학부)
Pyo, Changwoo (홍익대학교 컴퓨터공학과)
Publication Information
Review of KIISC / v.25, no.1, 2015 , pp. 18-25 More about this Journal
Keywords
Citations & Related Records
연도 인용수 순위
  • Reference
1 "Common Vulnerabilities and Exposures," http://cve.mitre.org/
2 "Common Weakness Enumeration," http://cwe.mitre.org/
3 Gray McGraw, "Software Security: Building Security in," Addison-Wesley, 2006
4 "CERT," http://www.cert.org/
5 Ivan Arce, Elias Levy, "The rising threat of vulnerabilities due to integer errors," Security & Privacy, IEEE, 2003. 8
6 Alef One, "Smashing The Stack For Fun And Profit," Phrack Magazine, Vol. 7, No. 49. 1996
7 행정안전부, "전자정부 소프트웨어 개발.운영자를 위한 소프트웨어 개발보안 가이드," 행정안전부, 2012. 5
8 행정안전부, "정보시스템 구축 운영 지침(행정안전부고시 제2011-36호)," 행정안전부, 2012. 9
9 "고려대, '소프트웨어 개발보안 연구센터,' 선정," http://www.newswire.co.kr/newsRead.php?no=624730
10 "Red Hat Bugzilla,", https://bugzilla.redhat.com/
11 "Coverity Prevent," http://www.coverity.com/
12 "HP Fortify Static Code Analyzer," http://www8.hp.com/us/en/software-solutions/static-code-analysis-sast/
13 "Klockwork," http://www.klockwork.com/
14 "LDRA Software Technology," http://www.ldra.com/
15 "CodeSonar," http://www.grammatech.com/codesonar
16 "Sparrow," http://www.fasoo.com/site/fasoo/sourcecodeanalysis/sparrow.do
17 "SecurityPrism," http://www.gtone.co.kr/main/ag/sp.php
18 "ROSE compiler infrastructure," http://rosecompiler.org/
19 "Splint-Secure Programming Lint," http://www.splint.org/
20 "CppCheck," http://cppcheck.sourceforge.net/
21 "Clang Static Analyzer," http://clang-analyzer.llvm.org/
22 "PMD," http://pmd.sourceforge,net/
23 "Findbugs," http://findbugs.sourceforge,net/
24 Godefroid, Patrice, Michael Y. Levin, and David A. Molnar. "Automated Whitebox Fuzz Testing." PLDI'08, Tucson, USA, July 2008
25 방지호, 하란, "소프트웨어 보안약점 기반의 오픈소스 보안약점 진단도구 분석," 한국정보과학회 2013 한국컴퓨터종합학술대회, 2013. 6
26 "ISO/IEC TS 17961:2013 Information technology --Programming languages, their environments and system software interfaces -- C secure coding rules," http://www.iso.org/iso/
27 "NIST SAMATE," http://samate.nist.gov/