20054
4ITA7PPT+AIDARC
1. 27
[2003]272003826
-
-
-
1... ...
2
3... ... ... ...
2
ABC
Advisory typically released
3
ITITA
ITAOA
ITA-
ITA-
ITA-
ITA
4
/
VPN
VPNIDSIT
VPNIDSIT
5
7()
7M1:
M2:
M3:
M4:
M5:
M6:
M7:
7M1: M2: M3: M4: M5: PDRM6: M7: PDCA
M1: --AST/--PPT--
--PPTPeopleProcessTechnology
M2: ITA
M3: - CIAConfidentiality Integrity Availability
7ConfidentialityIntegrityAvailabilityAuthenticityNon-ReputationAccountabilityControllability7FocusExecutionCost-effectiveTime-boundAdaptiveCoherenceCompliance
M4: BS7799ISO1333512-ISMC
BS7799/ISO17799 Part I: Code of practice for information security managementPart II: Specification for information security management
BS7799 / ISO 17799Code of practice for information security management
12
M5: PDR
M6:
Riskthe chance of something happening that will have an impact upon objectives. It is measured in terms of consequences and likelihood.
-AS/NZS 4360:1999
ISO13335
10
3
AS/NZS 4360
/-
M7: PDCA
7M1: M2: M3: M4: M5: PDRM6: M7: PDCA
6
-
2002912
365
ITBPM
SP800
NISTCanadian HandbookPart I Introduction and OverviewPart II Management SafeguardsPart III Operational SafeguardsPart IV Technical SafeguardsIdentification and AuthenticationLogical Access ControlAudit Trails Cryptography
NIST SP 800-53
-
27
27
27
27
VPNIDSIT
IDSSANScannerIPSPKI
NIDSHIDSAFMSLinuxWebkeeperIMS
C-SAS
MSS
VPN
SSE-CMMSystem Security Engineering Capability Majority Model Performed Informally Planned and Tracked Well Defined Quantitatively Controlled Continuously Improving
4ITA7PPT+AIDARC
77+7 BS7799127Control(BSI)IT components, NIST800800