1 |
"Information technology -- Security techniques -- Evaluation criteria for IT security Part 1,2,3," ISO/IEC 15408-1/2/3, 2009.
|
2 |
"Information technology -- Security techniques -- Methodology for IT security evaluation," ISO/IEC 18045, 2005.
|
3 |
CWE, "https://cwe.mitre.org"
|
4 |
CVE, "http://cve.mitre.org"
|
5 |
CAPEC, "http://capec.mitre.org"
|
6 |
Thomas R. Rhodes, Frederick E. Boland Jr, Elizabeth N. Fong, and Michael J. Kass, "Software assurance using structured assurance case models," 7608, NIST Interagency/Internal Report (NISTIR), May 2009.
|
7 |
Ki-Seok Bang, Il-Gon Kim, Ji-Yeon Lee, Jun-Seok Lee, and Jin-Young Choi "Classification criteria and application methodology for evaluating IT security products," Jonornal of Korea Knowledge Information Technology Society, 6(5), pp. 105-112, Nov. 2011.
|