최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기情報保護學會論文誌 = Journal of the Korea Institute of Information Security and Cryptology, v.30 no.6, 2020년, pp.1189 - 1206
민성현 (강원대학교) , 손경호 (강원대학교)
Recently, ICT companies do not directly design, develop, produce, operate, maintain, and dispose of products and services, but are outsourced or outsourced companies are increasingly in charge. Attacks arising from this are also increasing due to difficulties in managing vulnerabilities for products...
KISA, "Cyber Threat Trend Report", Jul. 2018
Hyo-hyeon Son, Kwang-jun Kim and Man-hee Lee, "US supply chain securit y management system analysis.", Journal of the Korea Institute of Informati on Security & Cryptology, 29(5), pp. 1089-1097, Oct. 2019
MITRE, "Supply Chain Attack Framew ork and Attack Patterns", Dec. 2013
Office of the Under Secretary of Defense for Acquisition & Sustainment, "Supply Chain Attack Pattern : Framework and Catalog", 2014
MITRE, 'Supply Chain Attacks and Resiliency Mitigations.", Oct. 2017
National Institute of Standards and Technology, "Framework for Improving Critical Infrastructure Cybersecurity. version 1.0" , Feb. 2014
National Institute of Standards and Technology, "Framework for Improving Critical Infrastructure Cybersecurity. version 1.1" , Apr. 2018
National Institute of Standards and Technology," Supply Chain Risk Management Practices for Federal Information Systems and Organizations" Special Publication 800-161, Apr. 2015
National Institute of Standards and Technology, "Notional Supply Chain Risk Management Practices for Federal Information Systems" IR 7622, Oct. 2012
National Institute of Standards and Technology, "Managing Information Security Risk Organization, Mission, and Information System View" Special Publication 800-39, Mar. 2011
National Institute of Standards and Technology, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations" Special Publication 800-171 revision 2, Feb. 2020
National Institute of Standards and Technology, "Minimum Security Requirements for Federal Information and Information Systems" Federal Information Processing Standards Publication 200, Mar. 2006
National Institute of Standards and Technology, "Security and Privacy Controls for Federal Information Systems and Organizations" Special Publication 800-53, Apr. 2013
National Institute of Standards and Technology, "Assessing Security Requirements for Controlled Unclassified Information" Special Publication 800-171A, Jun. 2018
European Cyber Security Organisation, "Overview of existing Cybersecurity standards and certification schemes v2", Dec. 2017
International Standard, - Information security for supplier relationships - Part 1: Overview and concepts", ISO/IEC 27036-1, Apr. 2014
International Standard, - Information security for supplier relationships - Part 2: Requirements", ISO/IEC 27036-2, Aug. 2014
International Standard, - Information security for supplier relationships - Part 3: Guidelines for information and communication technology supply chain security", ISO/IEC 27036-3, Nov. 2013
International Standard, - Information security for supplier relationships - Part 4: Guidelines for security of cloud services", ISO/IEC 27036-4, Oct. 2016
International Standard, "Information technology - (O-TTPS) - Mitigating maliciously tainted and counterfeit products - Part 1: Requirements and recommendations", ISO/IEC 20243-1, Feb. 2018
International Standard, "Information technology - Mitigating maliciously tainted and counterfeit products - Part 2: Assessment procedures for the O-TTPS and ISO/IEC 20243-1:2018", ISO/IEC 20243-2, Jan. 2018
Office of the Under Secretary of Defens e for Acquisition & Sustainment, "DFA RS 252.204-7012 Defense Industrial Base Compliance Information", Nov. 2011
European Cyber Security Organisation, "European Cyber Security Certification A Meta-Scheme Approach v1.0", Dec. 2017
National Institute of Standards and Technology, "Workshop Brief on Cyber SCRM Standards Mapping"
National Institute of Standards and Technology, "National Institute of Standards and Technology, "Workshop Brief on Cyber SCRM Standards Mapping(Draft)" , IR 8276, Feb. 2020
https://www.ncsc.gov.uk/collection/supply-chain-security/principles-supply-chain-security
UK Cabinet Office, "Supplier Assurance Framework: Good Practice Guide", May.2018
*원문 PDF 파일 및 링크정보가 존재하지 않을 경우 KISTI DDS 시스템에서 제공하는 원문복사서비스를 사용할 수 있습니다.
Free Access. 출판사/학술단체 등이 허락한 무료 공개 사이트를 통해 자유로운 이용이 가능한 논문
※ AI-Helper는 부적절한 답변을 할 수 있습니다.