References
- IEEE Conceptual Model for Computer Security Risk Analysis Bodeau, A.
- Common Criteria for Information Technology Security Evaluation, CCIB-98-028, Version 2.0 Common Criteria Implementation Board
- 9th Annual Canadian Information Technology Security Symposium Threat Assessments Addressing the Unknown in Risk Management John F. Clayton
- The Canadian Trusted Computer Product Evaluation Criteria, Version 3.0e Canadian System Security Centre
- A Guide to Risk Management Framework for Information Technology Systems Communications Security Establishment
- FIPS Pub 65, Guidelines for Automated Data Processing Risk Analysis U. S. Department of Commerce/NBS
- CSC-STD-001-83 Trusted Computer System Evaluation Criteria Department of Defense Standard
- Technical rationale behind CSC-STD-003-85: Computer security requirements, Guidance for applying the DOD TCSEC in specific environments, CSC-STD-004-85 Department of Defense
- Proceedings of the 17th National Computer Security Conference The Security-Specific Eight Stage Risk Assessment Methodology Drake, Morse
- Information Technology Security Evaluation Criteria(ITSEC), Version 1.2 (Provisional) Harmonised Criteria of France, Germany, the Netherlands, and the United Kingdom
- Guidelines for the Management of IT Security, TR 13335 ISO/IEC JTC1
- Federal Criteria for Information Technology Security(Version 1.0) National Institute of Standards and Technology and National Security Agency
- Computer System and Network Security White;Fisch;Pooch
- 정보통신망침입차단 시스템평가기준 정보통신부
- 대기행렬이론 이호우