SW 개발보안을 위한 보안약점 표준목록 연구
|
|
Ahn, Joonseon
(한국항공대학교 항공전자정보공학부)
Lee, Eunyoung (동덕여자대학교 컴퓨터과학과) Chang, Byeong-Mo (숙명여자대학교 컴퓨터과학부) |
| 1 | Gartner, "Now is the time for security at application level", http://www.gartner.com/id=487227, Dec., 2005. |
| 2 | David Rice, Geekonomics: The Real Cost of Insecure Software, Addison- Wesley Professional, 2007. |
| 3 | Benefits of the SDL, Microsoft, www.microsoft. com/security/sdl/about/benefits.aspx |
| 4 | Bola Rotibi, The Business Value of Software Static Analysis, Macehiter Ward-Dutton Limited. August, 2008 |
| 5 | 행정기관 및 공공기관 정보시스템 구축.운영 지침 개정, 행정자치부고시 제2013-36호, 2013 |
| 6 | Common Weakness Enumeration (CWE), http://cwe.mitre.org/ |
| 7 | 2010 OWASP (The Open Web Application Secu rity Project) Top 10, https://www.owasp.org/index.php/Top_10_2013-Top_10 |
| 8 | 2011 CWE/SANS Top 25 Most Dangerous Software Errors, http://cwe.mitre.org/top25/ |
| 9 | Common Weakness Scoring System (CWSS), http://cwe.mitre.org/cwss/ |
| 10 | Common Vulnerabilities and Exposures (CVE), http://cve.mitre.org |
| 11 | National Vulnerability Database, http://nvd.nist.gov/home.cfm |
| 12 | OSVDB:Open Sourced Vunerability Database, http://osvdb.org |
| 13 | CNVD: China National Vulnerablity Database, http://www.cnvd.org.cn |
| 14 | Common Vulnerability Scoring System (CVSSSIG), http://www.first.org/cvss |
| 15 | 안준선, 방지호, 이은영, "소프트웨어 보안약점의 중요도에 대한 정량 평가 기준 연구", 정보보호학회논문지, 19권6호, pp.1407-1417, June, 2012년. |
| 16 | 취약점신고-S/W 신규 보안 취약점 신고 포상제, https://www.krcert.or.kr/kor/consult/consult_04.jsp, 한국인터넷진흥원 인터넷침해대응센터 |
| 17 | K. Tsipenyuk , B. Chess and G. McGraw "Seven Pernicious Kingdoms: A Taxonomy of Software Security Errors", IEEE Sec. & Privacy, vol. 3, no. 6, pp.81-84 2005 DOI |
 |
Korea Institute of Science and Technology Information
Gwahangno, Yuseong-gu, Daejeon, 305-806, Korea TEL : +82-42-869-1752
Copyright (c) 2009 KISTI. All Rights Reserved. For more information mail to
webmaster
