1 |
Gartner, "Now is the time for security at application level", http://www.gartner.com/id=487227, Dec., 2005.
|
2 |
David Rice, Geekonomics: The Real Cost of Insecure Software, Addison- Wesley Professional, 2007.
|
3 |
Benefits of the SDL, Microsoft, www.microsoft. com/security/sdl/about/benefits.aspx
|
4 |
Bola Rotibi, The Business Value of Software Static Analysis, Macehiter Ward-Dutton Limited. August, 2008
|
5 |
행정기관 및 공공기관 정보시스템 구축.운영 지침 개정, 행정자치부고시 제2013-36호, 2013
|
6 |
Common Weakness Enumeration (CWE), http://cwe.mitre.org/
|
7 |
2010 OWASP (The Open Web Application Secu rity Project) Top 10, https://www.owasp.org/index.php/Top_10_2013-Top_10
|
8 |
2011 CWE/SANS Top 25 Most Dangerous Software Errors, http://cwe.mitre.org/top25/
|
9 |
Common Weakness Scoring System (CWSS), http://cwe.mitre.org/cwss/
|
10 |
Common Vulnerabilities and Exposures (CVE), http://cve.mitre.org
|
11 |
National Vulnerability Database, http://nvd.nist.gov/home.cfm
|
12 |
OSVDB:Open Sourced Vunerability Database, http://osvdb.org
|
13 |
CNVD: China National Vulnerablity Database, http://www.cnvd.org.cn
|
14 |
Common Vulnerability Scoring System (CVSSSIG), http://www.first.org/cvss
|
15 |
안준선, 방지호, 이은영, "소프트웨어 보안약점의 중요도에 대한 정량 평가 기준 연구", 정보보호학회논문지, 19권6호, pp.1407-1417, June, 2012년.
|
16 |
취약점신고-S/W 신규 보안 취약점 신고 포상제, https://www.krcert.or.kr/kor/consult/consult_04.jsp, 한국인터넷진흥원 인터넷침해대응센터
|
17 |
K. Tsipenyuk , B. Chess and G. McGraw "Seven Pernicious Kingdoms: A Taxonomy of Software Security Errors", IEEE Sec. & Privacy, vol. 3, no. 6, pp.81-84 2005
DOI
|