Ç¥ÁØÈ­ Âü¿©¾È³»

TTAÀÇ Ç¥ÁØÇöȲ

Ȩ > Ç¥ÁØÈ­ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ

Ç¥ÁعøÈ£ TTAE.IT-X.1544 ±¸Ç¥ÁعøÈ£
Á¦°³Á¤ÀÏ 2017-12-13 ÃÑÆäÀÌÁö 18
ÇѱÛÇ¥ÁØ¸í »çÀ̹ö °ø°Ý ÆÐÅÏ ¸ñ·Ï ¹× ºÐ·ù
¿µ¹®Ç¥Áظí Common Attack Pattern Enumeration and Classification
Çѱ۳»¿ë¿ä¾à ÁÖ¿ä ³»¿ëÀ¸·Î´Â ÀϹÝÀûÀÎ °ø°Ý ÆÐÅÏ ¸ñ·Ï ¹× ºÐ·ù (CAPEC)À» ÀÌ¿ëÇÏ¿© º¸¾È Å×½ºÆ®¸¦ Çϱâ À§ÇÑ »çÀü Áغñ ¹× ±â´É Å×½ºÆ®¿¡ ´ëÇÑ ¿ä±¸»çÇ×À» ¼³¸íÇÑ´Ù, ¶ÇÇÑ, CAPECÀÇ È£È¯¼º, ¹öÀü °ü¸®, º¸°í¼­ ÀÛ¼º¿¡ °ü·ÃÇÏ¿© ¼³¸íÇÑ´Ù. ºÎ·Ï A¿¡¼­´Â À¯Çüº° ¿ä±¸»çÇ×À¸·Î µµ±¸ »ç¿ëÀÇ ¿ä±¸»çÇ×, º¸¾È ¼­ºñ½ºÀÇ ¿ä±¸»çÇ×À» ¼³¸íÇÏ°í, ºÎ·Ï B¿¡¼­´Â ÀüÀÚ ¹®¼­ Æ÷¸Ë°ú GUI ¼³°è¿¡ ´ëÇÑ ¿ä±¸»çÇ×À» ¼³¸íÇÑ´Ù. ÀÌ Ç¥ÁØÀº ¹Ì±¹ MITRE ¿¬±¸±â°ü¿¡¼­ 2012³â 8¿ù 30ÀÏ¿¡ ¹ßÇ¥ÇÑ CAPEC ¹öÀü 1.0À» ±â¹ÝÀ¸·Î °³¹ßµÇ¾úÀ¸¸ç, °ü·Ã »çÀÌÆ®´Â
https://capec.mitre.org/compatible/requirements_v1.0.html ÀÌ´Ù.
¿µ¹®³»¿ë¿ä¾à The main content of the standard is to explain the requirements for preparation and functional testing for a security test by using a common attack pattern list and classification (CAPEC). It also describes the context of compatibility CAPEC, version management, and documents. Appendix A describes the tool requirements, the security service requirements by using type-specific requirements, Appendix B describes the requirements for the electronic document format and the GUI design.
±¹Á¦Ç¥ÁØ
°ü·ÃÆÄÀÏ TTAE.IT-X.1544.pdf TTAE.IT-X.1544.pdf            

ÀÌÀü
»ç¹°ÀÎÅÍ³Ý È¯°æ¿¡¼­ µµ¸ÞÀÎ °£ ¿¬µ¿ º¸¾È ¿ä±¸ »çÇ×
´ÙÀ½
°³ÀÎÀÎÁõ¿ë ½ÉÀüµµ ¹× ±¤¿ëÀû¸ÆÆÄ Æ¯Â¡Á¡ µ¥ÀÌÅÍ ±³È¯ Æ÷¸Ë