References
- 김종기, 전진환, "컴퓨터 바이러스 통제를 위한 보안행위의도 모형", 정보화정책, 제13 권, 제3호, 2006, pp. 174-196.
- 대한상공회의소, "국내기업의 산업기밀유출 실태조사, 대한상공회의소," 2006. 7.
- 이필중, 문희철, "패스워드 시스템의 보안에 관한 고찰," 한국통신정보보호학회지, 제1권, 제1호, 1991, pp. 109-118.
- 장명희, "인터넷 쇼핑몰에서 신뢰와 지각된 위험이 태도 및 구매의도에 미치는 영향," 정보시스템연구, 제14권, 제1호, 2005, pp. 227-249.
- 전정훈, "누가 당신의 비밀번호를 빼간다면," 한겨레경제주간지, 2007. 7. 23.
- 정경수, 김기영, 박종필, "패스워드 이용과 관한 실증분석: 대학과 종합병원을 중심으로," 한국경영정보학회, 제30권, 제1호, 2001, pp. 143-157.
- 차윤숙, 정문상, "유비쿼터스 특성요인이 모바일 서비스의 사용의도에 미치는 영향," 정보시스템연구, 제16권, 제2호, 2007, pp. 69-91.
- 한국정보보호진흥원, 정보보호 뉴스, 2월호, 2007, pp. 12-14.
- Adams, A., & M. Sasse, "Users are not the Enemy," Communications of the ACM, Vol. 42, No. 12, 1999, pp. 41-46.
- Ajzen, I., & M. Fishbein, Understanding Attitudes and Predicting Social Behavior. Prentice-Hall, Inc., Englewood Cliffs: New Jersey, 1980.
- Anderson, J., "An Approach for Confirmatory Measurement and Structural Equation Modeling of Organizational Properties," Management Science, Vol. 33, No. 4, 1987, pp. 525-541. https://doi.org/10.1287/mnsc.33.4.525
- Anderson, J., & D. Gerbing, "Structural Equation Modeling in Practice: A Review and Recommended Two-Step Approach," Psychological Bulletin, Vol. 103, No. 4, 1988, pp. 411-423. https://doi.org/10.1037/0033-2909.103.3.411
- Baskerville, R., "Risk Analysis: An Interpretive Feasibility Tool in Justifying Information System Security," European Journal of Information Systems, Vol. 1, No. 2, 1991, pp.121-130. https://doi.org/10.1057/ejis.1991.20
- Bagozzi, R., & Y. Yi, "On the Evaluation of Structural Equation Models," Journal of the Academy of Marketing Science, Vol. 16, No. 1, 1988, pp.74-97. https://doi.org/10.1007/BF02723327
- CCTA, CRAMM User Guide. Central Computer and Telecommunications Agency, 2001.
- CMU/SEI, Operationally Critical Threat, Asset, Vulnerability Evaluation (OCTAVE) Framework, Ver. 1.0, CMU/SEI-99-TR-017. Carnegie Mellon University/Software Engineering Institute, 1999.
- CSE, Guide to Security Risk Management for IT Systems, Government of Canada, Communications Security Establishment, 1996.
- Davis, F., R. Bagozzi, & P. Warchaw, "User Acceptance of computer Technology: A Comparison of Two Theoretical Models," Management Science, Vol. 35, No. 8, 1989, pp. 982-1003. https://doi.org/10.1287/mnsc.35.8.982
- Eloff, M., & S. Solms, "Information Security Management: A Hierarchical Framework for Various Approaches," Computers & Security, Vol. 19, No. 3, 2000, pp. 243-356. https://doi.org/10.1016/S0167-4048(00)88613-7
- Finne, T., "A Conceptual Framework for Information Security Management," Computers & Security, Vol. 17, No. 4, 1998, pp. 303-307. https://doi.org/10.1016/S0167-4048(98)80010-2
- Fornell, C., & D. Larcker, "Evaluating Structural Equation Models with Unobservable Variables and Measurement Error," Journal of Marketing Research, Vol. 18, No. 1, 1981, pp. 39-50. https://doi.org/10.2307/3151312
- Garver, M., & J. Mentzer, "Logistics Research Methods: Employing Structural Equation Modeling to Test for Construct Validity," Journal of Business Logistics, Vol. 20, No. 1, 1999, pp. 33-57.
- Gefen, D., "Assessing Unidimensionality through LISREL: An Explanation and Example," Communications of the Association for Information Systems, Vol. 12, No. 2, 2003, pp. 23-47.
- Gehringer, E., "Choosing Passwords: Security and Human Factors," Proceedings of the 2002 IEEE International Symposium on Technology and Society, June, 2002, pp. 369-373.
- Gilbert, I., "Risk Analysis: Concepts and Tools," Datapro Reports on Information Security, 1991, pp. 101-112.
- Hair, J., R. Anderson, W. Black, & R. Tatham, Multivariate Data Analysis(5th eds.), Prentice Hall, 1998.
- ISO/IEC, IT 보안관리를 위한 지침- 제3부: IT 보 안관리를 위한 기술, KS X ISO/IEC TR 13335-3, 2005a.
- ISO/IEC, Information Technology-Security Techniques-Code of Practice for Informations Security Management, ISO/IEC 17799, 2005b.
- Ives, B., K. Walsh, & H. Schneider, "The Domino Effect of Password Reuse," Communications to the ACM, Vol 47, No. 4, 2004, pp. 75-78.
- Juang, W., "Efficient Password Authenticated Key Agreement Using Smart Cards," Computers & Security, Vol. 23, No. 2, 2004, pp. 167-173. https://doi.org/10.1016/j.cose.2003.11.005
- Loch, K., H. Carr, & M. Warkentin, "Threats to Information System: Today's Reality, Yesterday's Understanding," MIS Quarterly, Vol 16, No. 2, 1992, pp. 173-186. https://doi.org/10.2307/249574
- Martinson, W., Passwords: A Survey on Usage and Policy, Masters Thesis, Air Force Institute of Technology, 2005.
- NIST, Risk Management Guide for Information Technology Systems, Special Publication 800-30, 2001.
- O'Gorman, L., A. Bagga, & J. Bentley, "Query-Directed Passwords," Computers & Security, Vol. 24, No. 7, 2005, pp. 546-560. https://doi.org/10.1016/j.cose.2005.06.006
- Rainer, R., C. Snyder., & H. Carr, "Risk Analysis for Information Technology," Journal of Management Information System, Vol. 8, No. 1, 1991, pp. 129-147.
- Segars, A., "Assessing the Unidimensionality of Measurement: A Paradigm and Illustration Within the Context of Information Systems," Omega, Vol. 25, No. 1, 1997, pp. 107-121. https://doi.org/10.1016/S0305-0483(96)00051-5
- Tregear, J., "Risk Assessment," Information Security Technical Report, Vol. 6, No. 3, 2001, pp. 19-27. https://doi.org/10.1016/S1363-4127(01)00304-1
- Wakefield, R., "Network Security and Password Policies," The CPA Journal, June, 2004, pp. 7-8.
- Yan, J., Blackwell, A., Anderson, R., & A. Grant, The Memorability and Security of Passwords - Some Empirical Results, Cambridge University Computer Laboratory, 2000.
- Yapp, P, "Passwords: Use and Abuse," Computer Fraud & Security, Vol. 2001, No. 9, 2001, pp. 14-16.
- Zviran, M., & W. Haga, "Password Security: An Empirical Study," Journal of Management Information Systems, Vol. 15, No. 4, 1999, pp. 161-485.
- CERT/CC, http://www.cert.org/tech_tips/passwd_file_protection.html, 2002.