Ȩ > Ç¥ÁØÈ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ
Ç¥ÁعøÈ£ | TTAS.KO-10.0073/R1 | ±¸Ç¥ÁعøÈ£ | |
---|---|---|---|
Á¦°³Á¤ÀÏ | 2006-12-27 | ÃÑÆäÀÌÁö | 72 |
ÇѱÛÇ¥Áظí | ¾ÈÀüÇÑ ¼ÒÇÁÆ®¿þ¾î ¿î¿ëÀ» À§ÇÑ Áöħ | ||
¿µ¹®Ç¥Áظí | Guideline for Secure Operation of Software | ||
Çѱ۳»¿ë¿ä¾à | Åë½Å¸Á½Ã½ºÅÛÀÌ °³¹æÈ, ±¹Á¦ÈµÇ¾î °¨¿¡ µû¶ó °¢Á¾ ³×Æ®¿öÅ© À§Çù¿ä¼Ò°¡ Áõ°¡ÇÏ°í ÀÖÀ¸¸ç, ¹°¸®Àû º¸¾È ÅëÁ¦¸¸À¸·Î´Â ÀÌ·¯ÇÑ ³×Æ®¿öÅ© À§Çù¿ä¼Ò¿¡ ´ëóÇϴµ¥ ÇѰ踦 º¸¿©¿Ô´Ù. µû¶ó¼ º¸´Ù Àû±ØÀûÀÌ°í ¿Ïº®ÇÑ ½Ã½ºÅÛ º¸¾ÈÀ» À§Çؼ´Â ¼ÒÇÁÆ®¿þ¾î¿¡ ÀÇÇÑ º¸¾È ÅëÁ¦°¡ ÀÌ·ç¾îÁ®¾ß ÇÑ´Ù. ¼ÒÇÁÆ®¿þ¾î º¸¾ÈÀ̶õ ³×Æ®¿öÅ©¿¡¼ ¿î¿ëµÇ´Â ¼ÒÇÁÆ®¿þ¾î¿¡ º¸¾È±â´ÉÀ» ±¸ÇöÇÏ¿© ºÒ¹ýÀûÀÎ ½Ã½ºÅÛ Á¢±ÙÀ̳ª »ç¿ëÀ» ¹æÁöÇÏ´Â °ÍÀ» ¸»ÇÑ´Ù.
±×·¯³ª ÀÌ·¯ÇÑ º¸¾È ±â´ÉÀ» ¾î¶² ÇüÅ·Π±¸ÇöÇϸç ÀÌ¿¡ ´ëÇÑ °ü¸®´Â ¾î¶² ¹æ¹ýÀ¸·Î ÇÒ °ÍÀΰ¡¸¦ ¼¼úÇÑ º¸¾È ÅëÁ¦°¡ ¿ì¼±ÀûÀ¸·Î ¼ö¸³µÇ¾î¾ß ÇÑ´Ù. º¸¾È ÅëÁ¦´Â °¢ Á¶Á÷ÀÇ Àü»êȯ°æ°ú Ãë±ÞÇÏ´Â Á¤º¸ÀÇ Áß¿äµµ¿¡ µû¶ó »ó´çÈ÷ ´Ù¸¦ ¼ö ÀÖ´Ù. µû¶ó¼ °¢ Á¶Á÷¿¡¼ ¼ÒÇÁÆ®¿þ¾î º¸¾È´ëÃ¥À» ¼ö¸³ÇÏ°íÀÚ ÇÒ °æ¿ì, °í·ÁÇÏ¿©¾ß ÇÒ º¸¾È»çÇ׵鿡 ´ëÇÑ ÁöħÀÌ ÇÊ¿äÇÏ´Ù. º» Áöħ¼´Â ¼ÒÇÁÆ®¿þ¾î º¸¾È¿¡ ÀÖ¾î ¿ä±¸µÇ´Â º¸¾È±â´É°ú º¸¾È ÅëÁ¦µéÀ» Ç׸ñº°·Î ¼¼ºÎÀûÀ¸·Î Á¦½ÃÇÏ¿´À¸¸ç, °¢ ±â°üÀÇ º¸¾È°ü¸®´ëÃ¥ ¼ö¸³ ½Ã ±âÁØÀÌ µÇµµ·Ï ÇÑ´Ù. |
||
¿µ¹®³»¿ë¿ä¾à | As the network systems are more open and globalizing, various network threats are increased and it has the limits against network threats with only physical security controls. So for more complete system security, the security control by software must be established. Software security is to apply security functions into software that is operated in network and then to prevent system from the unauthorized and illegal accesses and/or usages. But before the implementation and management of these security functions, the security control that introduces the way to apply must be established in advance. Security control can be very different according to each organization plan. So when each organization is planning to establish software security countermeasures, it is needed that the guideline related to security functions to be considered.
This standard introduces the detailed facts about the security functions and security controls that are required in software security and can be guideline when security management countermeasures are established at each organization. |
||
±¹Á¦Ç¥ÁØ | |||
°ü·ÃÆÄÀÏ | TTAS.KO-10.0073_R1.pdf |