1 |
B. Boehm, 'Software Engineering Economics,' PrenticeHall, 1981
|
2 |
CC, Common Criteria for Information Technology Security Evaluation, Version 2.1, CCIMB-99-031, August, 1999
|
3 |
ISO/IEC PDTR 15446, 'Information technology-Security techniques-Guide for the production of protection profiles and security targets,' Draft, April, 2000
|
4 |
ISO/IEC-9126 'IT-Software product evaluation-Quality characteristics and guidelines for their use, December, 1991
|
5 |
ISO/IEC 14598, 'IT-Software product evaluation, Part 1, 1997, Part 5, 1997., Part 6, 1997
|
6 |
D. Peeples, 'The Foundations of Risk Management,' 20'th NISSC, pp.577-602, May, 1997
|
7 |
CSE, 'A Guide to Security Risk Management for IT Systems,' Government of Canada, Communications Security Establishment(CSE),' 1996
|
8 |
김정덕(외), '위험 분석 도구 기초기술 개발에 관한 연구', ETRI 연구보고서, 2001
|
9 |
CRAMM, 'A Practitioner's View of CRAMM.'
|
10 |
A. Pagnoni, Project Engineering Computer oriented Planning and Operational Decision Making, Springer-Verlag, 1990
|
11 |
W. Royce, 'Software Project Management-Unified Framework,' Addison Wesley, 1998
|
12 |
ISO/IEC TR 13335-1, 2, 3, IT 보안 개념 및 모델, 1996, IT 보안 관리 및 계획, 1997, IT 보안 관리 기법, 1998
|
13 |
British Standards Institution(BSI), BS-7799, 1999
|
14 |
R. Macmillan, Site Security Policy Development, http://www.auscert.org.au/Information/Auscert_info/Papers/Site_Security_Policy_Development.txt
|
15 |
Alan Robiette, Developing an Information Security Policy, JISC Committee on Authentication and Security, February, 2001
|
16 |
TTAS, '공공정보시스템 보안을 위한 위험분석 표준 - 개념과 모델', TTAS.KO-12.0007, 1998
|
17 |
박순태, 보호프로파일 개발을 위한 위험분석, 정보보호뉴스, 정보보호뉴스, 2000.8 외 다수의 정보보호뉴스 수록자료
|
18 |
NIST, 'Risk Management Guide for Information Technology Systems,' NIST-SP-800-30, October, 2001
|
19 |
Will Ozier, 'Risk Analysis and Assessment,' Information Security Management Handbookt-(4th Ed.), CRC Press, 2000
|
20 |
OCTAVE, 'OCATVE Criteria, Version 2.0,' Carnegie Mellon Software Engineering Institute, OCATVE Method Implementation Guide Version 2.0, OCTAVE, June, 2001
|
21 |
송관호(외), '정보시스템 보안을 위한 위험분석 소프트웨어 개발', 한국전산원 연구보고서, 1997
|
22 |
NIST, 'A Introduction to Computer Security: The NIST Handbook,' pub., 800-12, 1991
|
23 |
이광형, 오길록, Fuzzy이론 및 응용, 홍릉과학출판사, 1991
|