최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기情報保護學會誌 = KIISC review, v.32 no.5, 2022년, pp.7 - 14
최윤성 (고려대학교 소프트웨어 보안 연구소)
NIST, "Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations", NIST SP 800-161r1, pp. 1-3, May 2022.
Kasperkey, "Managing the trend of growing IT complexity", IT security economics report, p.9, 2021.
Gartner, 7 Top Trends in Cybersecurity for 2022 from https://www.gartner.com/en/articles/7-top-tr ends-in-cybersecurity-for-2022, April 2022.
이태준, 이희조, 박춘식, "소프트웨어 보안 관점에서 본 미국 사이버보안 행정명령과 우리의 대응 방안", KISA Report, Vol. 12, p.3, 2021.
NTIA, "Roles and Benefits for SBOM Across the Supply Chain", 2019.
The White House, Enhancing the Security of the Software Supply Chain to Deliver a Secure Government Experience from https://www.whitehouse.gov/omb/briefing-room/2022/09/14/enhancing-the-security-of-the-software-supply-chain-to-deliver-a-secure-government-experience/, Sept. 2022.
A. M. Pitney et al., "A Systematic Review of 2021 Microsoft Exchange Data Breach Exploiting Multiple Vulnerabilities", 2022 7th Int'l Conference on Smart and Sustainable Technologies, pp. 1-3, 2022.
N. Kshetri, "Economics of Supply Chain Cyberattacks", IEEE Computer Society, pp. 1-2, June 2022.
BleepingComputer, Hundreds of networks re- portedly hacked in Codecov supply-chain attack from https://www.bleepingcomputer.com/news/security/hundreds-of-networks-reportedly-hacked-in-codecov-supply-chain-attack/, April 2022.
BBC, US fuel pipeline hackers did not mean to create problems from https://www.bbc.com/news/business-57050690, May 2021.
Infosecurity Group, North Korean Lazarus Group Hacked Energy Providers Worldwide from https://www.infosecurity-magazine.com/news/lazarus-group-hacked-energy/, Sept. 2022.
NTIA, Software Component Transparency from https://www.ntia.gov/SoftwareTransparency
US Cyber Safety Review Board, "Review of the December 2021 Log4j Event", pp. 3-6, July 2022.
US Chamber of Commerce, "Software Bill of Materials Elements and Considerations", June 2021.
NTIA, "SBOM Options and Decision Points", April 2021.
OASIS, Common Security Advisory Framework (CSAF) from https://oasis-open.github.io/csaf-documentation/
https://secvisogram.github.io/
OWASP Foundation, "Software Component Verification Standard(SCVS) v1.0", June 2020.
https://en.wikipedia.org/wiki/ICANN
Linux Foundation, "The Open Source Software Security Mobilization Plan", May 2022.
B. Behlendorf, "Deep Dive into the OpenSSF Mobilization Plan", Open Source Summit Europe - OpenSSF Day, Sept. 2022.
IMDRF, "Draft, Principles and Practices for Software Bill of Materials for Medical Device Cybersecurity" from https://www.imdrf.org/con-sultations/principles-and-practices-soft-ware-bill-materials-medical-device-cybersecurity, International Medical Device Regulation Forum, 2022.
ESF, "Securing the Software Supply Chain - Recommended Practices Guide for Developers", US Enduring Security Framework, pp. 26-27, Aug. 2022.
OMB, "Enhancing the Security of the Software Supply Chain through Secure Software Development Practices - MEMORANDUM FOR THE HEADS OF EXECUTIVE DEPARTMENTS AND AGENCIES", M-22-18, US Office of Management and Budget, Sept. 2022.
OpenSSF, Outcomes from Open Source Software Security Summit in Japan from https://openssf.org/blog/2022/08/24/outcomes-from-open-source-software-security-summit-in-japan/
*원문 PDF 파일 및 링크정보가 존재하지 않을 경우 KISTI DDS 시스템에서 제공하는 원문복사서비스를 사용할 수 있습니다.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.