Before using a Raspberry PI, we note a security study. Before security study, we summarize the internet. We will update this in cooperation with the related organizations. TOPPERS/SSP, TOPPERS/ECNL and other open source are introduced. IPA security books are introduced and added some missing information on the research map web.
5. タ通信入門解説,ソフトリサーチセンタ
ー, 1994
[43] 無線 LAN 技術講座, 松下温, 重野寛, ソフトリサーチセンタ,
1994
[44] Wi-Fi Alliance, https://www.wi-fi.org
[45] 802.11 無線ネットワーク管理, Matthew Gast, オライリージャパ
ン, 2003
[46] i モード Java プログラミング - スタンドアロン・アプリケーシ
ョン編, アスキー書籍編集部, アスキー, 2001
[47] iPhone/iPad ゲーム開発ガイド Objective-C で作る 2D/3D ゲーム,
Paul Zirkle, Joe Hogue, オライリージャパン, 2010
[48] FPGA マガジン No.5 Linux/Android×FPGA, Interface 編集部, CQ
出版, 2014
[49] ARCNET tutorial, https://www.ccontrols.com/pdf/Tutorial.pdf
[50] ローカルエリアネットワークイーサネット概説, 上谷晃弘,丸
善,1989
[51] ユーザーのための工場防爆設備ガイド, 労働安全衛生総合研究
所技術指針,
JNIOSH-TR-NO.44, 2012, ISSN1882-2703,
https://www.jniosh.go.jp/publication/doc/
tr/ TR_No44.pdf
[52] 昇降・搬送用機械を対象とした基本安全技術の検討, 岡部康平
ら,
労働安全衛生 3 総合研究所特別研究報 JNIOSH-SRR-NO.43, 2013,
ISSN1882-2703
https://www.jniosh.go.jp/publication/doc/srr/SRR-No43-2-3.pdf
[53]第三次産業で使用される機械設備の基本安全技術に関する研究,
梅崎重雄ら,
労働安全衛生総合研究所特別研究報 JNIOSH-SRR-NO.43, 2013,
ISSN1882-2703
https://www.jniosh.go.jp/publication/doc/srr/SRR-No43-2-0.pdf
[54] 各種電波利用機器の電波が植込み型医療機器等へ及ぼす影響を
防 止 す る た め の 指 針 , 総 務 省 , 2016,
http://www.tele.soumu.go.jp/j/sys/ele/medical/chis/
[55] 知っていますか?「植込み型医療機器」をより安心して使用す
るためにできること, 総務省, 2016, 同上
[56] USB Implementers Forum, http://www.usb.org/home
[57] 組み込み機器への USB ホスト実装技法―パソコン用 USB 周辺
機器を組み込みマイコン
から自在に使いこなす, インターフェース編集部, CQ 出版, 2008
[58] USB ターゲット機器開発のすべて―各種 USB コントローラの使
い方と基本ソフトウェアの作成法, インターフェース編集部,
CQ 出版, 2005
[59] Raspberry PI3model B,
https://www.raspberrypi.org/products/raspberry–pi-3- model-b/, 2016
[60] RFC4251, The Secure Shell (SSH) Protocol Architecture, 2006
[61] SSH, The Secure Shell: The Definitive Guide: The Definitive Guide,
Daniel J.
Barrett, Richard E. Silverman, O'Reilly, 2001
[62] Applied Cryptography: Protocols, Algorithms, and Source Code in C,
Bruce
Schneier, John Wiley & Sons, 1996
[63] OpenSSH セキュリティ管理ガイド, 新山祐介, 春山征吾, 秀和シ
ステム,
2001
[64] SAMBA, https://www.samba.org
[65] SAMBA で GO×2!, 太田俊哉, 浜野賢一朗, 加藤浩, 秀和システ
ム, 2000
[66] ソフトイーサ Web サイト, https://www.softether.jp
[67]SoftEther 活用ガイド, 登 大遊・池嶋 俊・村上 和美, 株式会社 ア
スキー, 2004
[68] RFC4301, Security Architecture for the Internet Protocol, IETF,
2005
[69] RFC7146, Securing Block Storage Protocols over IP: RFC3723
Requirements Update for IPsec v3,IETF ,2014
[70] IPSec Securing VPNs, Carlton R. Davis, Osborn, 2001
[71] RFC2821, Simple Mail Transfer Protocol, 2001
[72] sendmail システム管理, ブライアン コステールス, オライリ
ー・ジャパン,1997
[73] LINUX ネットワーク管理, Olaf Kirch, オライリー・ジャパン,
1996
[74] RFC1081, Post Office Protocol - Version 3, 1998
[75] RFC1730, INTERNET MESSAGE ACCESS PROTOCOL -
VERSION 4,1994
[76] RFC2616, Hypertext Transfer Protocol - HTTP/1.1, 1999
[77] サーバ構築の実際がわかる Apache[実践]運用/管理, 鶴長鎮一,
技術評論社, 2012
[78] HTML 4.01 Specification,
W3C,1999,https://www.w3.org/TR/html401/
[79] HTML 5.1, W3C, 2016,
https://www.w3.org/TR/2016/REC-html51-20161101/
[80] (無料電話サポート付)できるホームページ・ビルダー21, 広野忠
敏, インプレ, 2016
[81] RaspberryPi3+Node-RED によるネットワークデバイスの構築,⻫斉
藤直希,2017
http://researchmap.jp/mu64fv6cz-46465/#_46465
[82] ハッキングツールプログラム大全, 金床, DATA HOUSE, 2002
[83] Linux 版 クラッカー迎撃完全ガイド―本物のハッカーが語るク
ラッキング
の手口と対策, Anonymous, インプレス, 2000
[84] コンピュータネットワークの政治学, 英司郎, 電気通信協会,
1994
[85] 科 学 の 四 分 類 と 確 率 分 布 , 小 川 清 , SWEST18, 2016,
https://www.slideshare.net/kaizenjapan/ss-65852140
[86] プロトコル言語, 水野忠則, カットシステム, 1994
[87] コンピュータプロトコルの設計法―正しいプロトコルの設計と
検証へ導く
総合解説書, ジェラード・J.ホルツマン, カットシステム, 1994
[88] オンラインネットワークの構造設計 最適化ネットワークの理
論と手法,
国友義久, 近代科学社, 1978
[89] TCP/IP による PC ネットワーク管理, Craig Hunt, 1997
[90] インタネット QoS, Paul Ferguson, Geoff Huston, Ohmsha, 2000
[91] ネットワークトラブルシューティングツール, Joseph D. Sloan, O’
Reilly,
2002
[92] ISO/IEC 9899:2011 Information technology - Programming languages
- C, ISO, 2011
[93] ISO/IEC 9899:2011/Cor 1:2012, 2pages,
https://www.iso.org/obp/ui/#iso:std:iso-iec:9899:ed-3:v1:cor:1:v1:en
[94] B.W.カーニハン,D.M.リッチー著,石田晴久(訳:1989)プログラミ
ング言語C、共立出版
[95] GCC: Gnu Compiler Collection, https://gcc.gnu.org/
[96] LLVM, The LLVM CompilerInfrastructure, http://llvm.org/
[97] The Motor Industry Software Reliability
Association(1994):Development Guidelines for Vehicle Base
Software,ISBN 0952415607
[98] The Motor Industry Software Reliability Association(1998):Guidelines
for THE USE Of The language IN Vehicle Based Software ISBN
0952415690
[99] Guidelines for the use of the C language in critical systems, 2013,
ISBN 9781906400-11-8 PDF
[100] JSAE(2002):JASO/TP-01001 自動車用ソフトウェアの開発ガイ
ドライン,社団法人自動車技術会
[101] JSAE(2002):JASO/TP-01002 自動車用C言語利用のガイドライ
ン、社団法人自動車技術会
[102] CERT C Coding Standard, SEI, 2017,
https://www.securecoding.cert.org/confluence/display/c/SEI+CERT+
C+Coding+Standard
[103] CERT C セキュアコーディングスタンダード, Robert C. Seacord,
アスキー・メディアワークス, 2009
104] ISO/IEC TS 17961 Information technology - Programming languages,
their environments and system software interfaces - C secure coding
rules
[105] STARC RTL 設計スタイルガイド verilog-HDL 編, HDLab, 2011
[106] STARC RTL 設計スタイルガイド
VHDL 編, HDLab, 2011
[107] STARC RTL 設計スタイルガイド を「こう使おう」Verilog-HDL
版 , 小 川 清 , 2013, https://
www.slideshare.net/kaizenjapan/starc-verilog-hdl2013d-16795634
[108] IEC 61882:2016 Hazard Analysis and Operability
studies, IEC, 2016
[109] 安全分析において HAZOP,FMEA,FTA の組み合わせによるリス
クアセスメントの進め方の検討, 小川明秀,小川清, 安全工学シ
ンポジウム 2015,
https://www.slideshare.net/kaizenjapan/hazopogawa2015
[110] ENGINEERING A SAFER WORLD Systems,Thinking Applied to
Safety, Nancy G. Leveson,2012,
https://mitpress.mit.edu/books/engineering-safer-world
[111] はじめての STAMP/STPA ~システム思考に基づく新しい安全
性 解 析 手 法 , IPA, 2016,
http://www.ipa.go.jp/sec/reports/20160428.html
[112] Visual Studio, https://www.microsoft.com/ja-jp/dev
[113] Turbo C 初級プログラミング, 河西 朝雄,技術評論社, 1987
[114] JAVA, https://java.com/ja/
[115] Visual j++ 6.0 en action, Stephen R.Davis, Microsoft Press, 1996
[116] 基礎からわかる TCP/IP Java ネットワークプログラミング, 小
高知宏, オーム社, 1999
[117] 基礎からわかる TCP/IP アナライザ作成とパケット解析―
Linux/FreeBSD 対応, 小高知宏, オーム社, 2001
[118] 基礎からわかる TCP/IP セキュリティ実験―Linux/FreeBSD の対
応, 寺田真敏, オーム社, 2000
[119] 入門 Python 3, Bill Lubanovic, オライリージャパン, 2015
[120] Python チュートリアル 第 3 版, Guido van Rossum, オライリー
ジャパン, 2016
[121] ゼロから作る Deep Learning ―Python で学ぶディープラーニン
グの理論と実装, 斎藤康毅, オライリージャパン,2016
[122]ゼロから作る Deep Learning 勉強会, 斉藤直希, 2016[300]ISO/IEC
7064:2003 Information technology - Security techniques - Check character
systems
[301]ISO/IEC 7813:2006 Information technology - Identification cards -
Financial transaction cards
[302]ISO 9564-1:2011 Financial services - Personal Identification Number
(PIN) management and security - Part 1: Basic principles and requirements
for PINs in card-based systems
[303]ISO/IEC 9796-2:2010 Information technology - Security techniques -
Digital signature schemes giving message recovery - Part 2: Integer
factorization based mechanisms
[304]ISO/IEC 9796-3:2006 Information technology - Security techniques -
Digital signature schemes giving message recovery - Part 3: Discrete
logarithm based mechanisms
[305]ISO/IEC 9797-1:2011 Information technology - Security techniques -
Message Authentication Codes (MACs) - Part 1: Mechanisms using a block
cipher
[306]ISO/IEC 9797-2:2011 Information technology - Security techniques -
Message Authentication Codes (MACs) - Part 2: Mechanisms using a
dedicated hash-function
[307]ISO/IEC 9797-3:2011 Information technology - Security techniques -
Message Authentication Codes (MACs) - Part 3: Mechanisms using a
universal hash-function
[308]ISO/IEC 9798-1:2010 Information technology - Security techniques -
Entity authentication - Part 1: General
[309]ISO/IEC 9798-2:2008 Information technology - Security techniques -
Entity authentication - Part 2: Mechanisms using symmetric encipherment
algorithms
[310]ISO/IEC 9798-3:1998 Information technology - Security techniques -
Entity authentication - Part 3: Mechanisms using digital signature
techniques
[311]ISO/IEC 9798-4:1999 Information technology - Security techniques -
6. Entity authentication - Part 4: Mechanisms using a cryptographic check
function
[312]ISO/IEC 9798-5:2009 Information technology - Security techniques -
Entity authentication - Part 5: Mechanisms using zero-knowledge
techniques
[313]ISO/IEC 9798-6:2010 Information technology - Security techniques -
Entity authentication - Part 6: Mechanisms using manual data transfer
[314]ISO/IEC 10116:2006 Information technology - Security techniques -
Modes of operation for an n-bit block cipher
[315]ISO/IEC 10118-1:2016 Information technology - Security techniques -
Hash-functions - Part 1: General
[316]ISO/IEC 10118-2:2010 Information technology - Security techniques -
Hash-functions - Part 2: Hash-functions using an n-bit block cipher
[317]ISO/IEC 10118-3:2004 Information technology - Security techniques -
Hash-functions - Part 3: Dedicated hash-functions
[318]ISO/IEC 10118-4:1998 Information technology - Security techniques -
Hash-functions - Part 4: Hash-functions using modular arithmetic
[319]ISO/IEC 11770-1:2010 Information technology - Security techniques -
Key management - Part 1: Framework
[320]ISO/IEC 11770-2:2008 Information technology - Security techniques -
Key management - Part 2: Mechanisms using symmetric techniques
[321]ISO/IEC 11770-4:2006 Information technology - Security techniques -
Key management - Part 4: Mechanisms based on weak secrets
[322]ISO/IEC 11770-5:2011 Information technology - Security techniques -
Key management - Part 5: Group key management
[323]ISO/IEC 11770-6:2016 Information technology - Security techniques -
Key management - Part 6: Key derivation
[324]ISO/IEC 11889-1:2015 Information technology - Trusted platform
module library - Part 1: Architecture
[325]ISO/IEC 13888-1:2009 Information technology - Security techniques -
Non-repudiation - Part 1: General
[326]ISO/IEC 13888-2:2010 Information technology - Security techniques -
Non-repudiation - Part 2: Mechanisms using symmetric techniques
[327]ISO/IEC 13888-3:2009 Information technology - Security techniques -
Non-repudiation - Part 3: Mechanisms using asymmetric techniques
[328]ISO/IEC TR 14516:2002 Information technology - Security
techniques - Guidelines for the use and management of Trusted Third Party
services
[329]ISO/IEC 14888-1:2008 Information technology - Security techniques -
Digital signatures with appendix - Part 1: General
[330]ISO/IEC 14888-2:2008 Information technology - Security techniques -
Digital signatures with appendix - Part 2: Integer factorization based
mechanisms
[331]ISO/IEC 14888-3:2016 Information technology - Security techniques -
Digital signatures with appendix - Part 3: Discrete logarithm based
mechanisms
[332]ISO/IEC 15408-1:2009 Information technology - Security techniques -
Evaluation criteria for IT security - Part 1: Introduction and general model
[333]ISO/IEC 15408-2:2008 Information technology - Security techniques -
Evaluation criteria for IT security - Part 2: Security functional components
[334]ISO/IEC 15408-3:2008 Information technology - Security techniques -
Evaluation criteria for IT security - Part 3: Security assurance components
[335]ISO/IEC TR 15443-1:2012 Information technology - Security
techniques - Security assurance framework - Part 1: Introduction and
concepts
[336]ISO/IEC TR 15443-2:2012 Information technology - Security
techniques - Security assurance framework - Part 2: Analysis
[337]ISO/IEC 15444-8:2007 Information technology - JPEG 2000 image
coding system: Secure JPEG 2000
[338]ISO/IEC TR 15446:2009 Information technology - Security
techniques - Guide for the production of Protection Profiles and Security
Targets
[339]ISO/IEC 15816:2002 Information technology - Security techniques -
Security information objects for access control
[340]ISO/IEC 15945:2002 Information technology - Security techniques -
Specification of TTP services to support the application of digital signatures
[341]ISO/IEC 15946-1:2016 Information technology - Security techniques -
Cryptographic techniques based on elliptic curves - Part 1: General
[342]ISO/IEC 15946-5:2009 Information technology - Security techniques -
Cryptographic techniques based on elliptic curves - Part 5: Elliptic curve
generation
[343]ISO/IEC 17825:2016 Information technology - Security techniques -
Testing methods for the mitigation of non-invasive attack classes against
cryptographic modules
[344]ISO/IEC 18014-1:2008 Information technology - Security techniques -
Time-stamping services - Part 1: Framework
[345]ISO/IEC 18014-2:2009 Information technology - Security techniques -
Time-stamping services - Part 2: Mechanisms producing independent
tokens
[346]ISO/IEC 18014-3:2009 Information technology - Security techniques -
Time-stamping services - Part 3: Mechanisms producing linked tokens
[347]ISO/IEC 18014-4:2015 Information technology - Security techniques -
Time-stamping services - Part 4: Traceability of time sources
[348]ISO/IEC 18031:2011 Information technology - Security techniques -
Random bit generation
[349]ISO/IEC 18033-1:2015 Information technology - Security techniques -
Encryption algorithms - Part 1: General
[350]ISO/IEC 18033-3:2010 Information technology - Security techniques -
Encryption algorithms - Part 3: Block ciphers
[351]ISO/IEC 18033-4:2011 Information technology - Security techniques -
Encryption algorithms - Part 4: Stream ciphers
[352]ISO/IEC 18033-5:2015 Information technology - Security techniques -
Encryption algorithms - Part 5: Identity-based ciphers
[353]ISO/IEC 18045:2008 Information technology - Security techniques -
Methodology for IT security evaluation
[354]ISO/IEC 18367:2016 Information technology - Security techniques -
Cryptographic algorithms and security mechanisms conformance testing
[355]ISO/IEC 18370-1:2016 Information technology - Security techniques -
Blind digital signatures - Part 1: General
[356]ISO/IEC 18370-2:2016 Information technology - Security techniques -
Blind digital signatures - Part 2: Discrete logarithm based mechanisms
[357]ISO/IEC 19592-1:2016 Information technology - Security techniques -
Secret sharing - Part 1: General
[358]ISO/IEC 19790:2012 Information technology - Security techniques -
Security requirements for cryptographic modules
[359]ISO/IEC TR 19791:2010 Information technology - Security
techniques - Security assessment of operational systems
[360]ISO/IEC 19772:2009 Information technology - Security techniques -
Authenticated encryption
[361]ISO/IEC 19792:2009 Information technology - Security techniques -
Security evaluation of biometrics
[362]ISO/IEC 19794-7:2014 Information technology - Biometric data
interchange formats - Part 7: Signature/sign time series data
[363]ISO/IEC TR 20004:2015 Information technology - Security
techniques - Refining software vulnerability analysis under ISO/IEC 15408
and ISO/IEC 18045
[364]ISO/IEC 20008-1:2013 Information technology - Security techniques -
Anonymous digital signatures - Part 1: General
[365]ISO/IEC 20008-2:2013 Information technology - Security techniques -
Anonymous digital signatures - Part 2: Mechanisms using a group public
key
[366]ISO/IEC 20009-1:2013 Information technology - Security techniques -
Anonymous entity authentication - Part 1: General
[367]ISO/IEC 20009-2:2013 Information technology - Security techniques -
Anonymous entity authentication - Part 2: Mechanisms based on signatures
using a group public key
[368]ISO 20301:2014 Health informatics - Health cards - General
characteristics
[369]ISO 20302:2014 Health informatics - Health cards - Numbering
system and registration procedure for issuer identifiers
[370]ISO/IEC 21827:2008 Information technology - Security techniques -
Systems Security Engineering - Capability Maturity Model®
(SSE-CMM®)
[371]ISO 24534-4:2010 Automatic vehicle and equipment identification -
Electronic registration identification (ERI) for vehicles - Part 4: Secure
communications using asymmetrical techniques
[372]ISO 24534-5:2011 Intelligent transport systems - Automatic vehicle
and equipment identification - Electronic Registration Identification (ERI)
for vehicles - Part 5: Secure communications using symmetrical techniques
[373]ISO/IEC 24745:2011 Information technology - Security techniques -
Biometric information protection
[374]ISO/IEC 24759:2014 Information technology - Security techniques -
Test requirements for cryptographic modules
[375]ISO/IEC 24760-1:2011 Information technology - Security techniques -
A framework for identity management - Part 1: Terminology and concepts
[376]ISO/IEC 24760-2:2015 Information technology - Security techniques -
A framework for identity management - Part 2: Reference architecture and
requirements
[377]ISO/IEC 24760-3:2016 Information technology - Security techniques -
A framework for identity management - Part 3: Practice
[378]ISO/IEC 24761:2009 Information technology - Security techniques -
Authentication context for biometrics
[379]ISO/IEC 25024:2015 Systems and software engineering - Systems and
software Quality Requirements and Evaluation (SQuaRE) - Measurement
of data quality
[380]ISO 26429-6:2008 Digital cinema (D-cinema) packaging - Part 6:
MXF track file essence encryption
[381]ISO/IEC 27000:2016 Information technology - Security techniques -
Information security management systems - Overview and vocabulary
[382]ISO/IEC 27001:2013 Information technology - Security techniques -
Information security management systems - Requirements
[383]ISO/IEC 27001:2013/Cor 1:2014
[384]ISO/IEC 27001:2013/Cor 2:2015
[385]ISO/IEC 27002:2013 Information technology - Security techniques -
Code of practice for information security controls
[386]ISO/IEC 27002:2013/Cor 2:2015
[387]ISO/IEC 27003:2010 Information technology - Security techniques -
Information security management system implementation guidance
[388]ISO/IEC 27004:2016 Information technology - Security techniques -
Information security management - Monitoring, measurement, analysis and
evaluation
[389]ISO/IEC 27005:2011 Information technology - Security techniques -
Information security risk management
[390]ISO/IEC 27006:2015 Information technology - Security techniques -
Requirements for bodies providing audit and certification of information
security management systems
7. [391]ISO/IEC 27007:2011 Information technology - Security techniques -
Guidelines for information security management systems auditing
[392]ISO/IEC TR 27008:2011 Information technology - Security
techniques - Guidelines for auditors on information security controls
[393]ISO/IEC 27009:2016 Information technology - Security techniques -
Sector-specific application of ISO/IEC 27001 - Requirements
[394]ISO/IEC 27010:2015 Information technology - Security techniques -
Information security management for inter-sector and inter-organizational
communications
[395]ISO/IEC 27011:2016 Information technology - Security techniques -
Code of practice for Information security controls based on ISO/IEC 27002
for telecommunications organizations
[396]ISO/IEC 27013:2015 Information technology - Security techniques -
Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC
20000-1
[397]ISO/IEC 27014:2013 Information technology - Security techniques -
Governance of information security
[398]ISO/IEC TR 27015:2012 Information technology - Security
techniques - Information security management guidelines for financial
services
[399]ISO/IEC TR 27016:2014 Information technology - Security
techniques - Information security management - Organizational economics
[400]ISO/IEC 27017:2015 Information technology - Security techniques -
Code of practice for information security controls based on ISO/IEC 27002
for cloud services
[401]ISO/IEC 27018:2014 Information technology - Security techniques -
Code of practice for protection of personally identifiable information (PII)
in public clouds acting as PII processors
[402]ISO/IEC TR 27019:2013 Information technology - Security
techniques - Information security management guidelines based on
ISO/IEC 27002 for process control systems specific to the energy utility
industry
[403]ISO/IEC TR 27023:2015 Information technology - Security
techniques - Mapping the revised editions of ISO/IEC 27001 and ISO/IEC
27002
[404]ISO/IEC 27031:2011 Information technology - Security techniques -
Guidelines for information and communication technology readiness for
business continuity
[405]ISO/IEC 27032:20120 Information technology - Security techniques -
Guidelines for cybersecurity
[406]ISO/IEC 27033-2:2012 Information technology - Security techniques -
Network security - Part 2: Guidelines for the design and implementation of
network security
[407]ISO/IEC 27033-3:2010 Information technology - Security techniques -
Network security - Part 3: Reference networking scenarios - Threats, design
techniques and control issues
[408]ISO/IEC 27033-4:2014 Information technology - Security techniques -
Network security - Part 4: Securing communications between networks
using security gateways
[409]ISO/IEC 27033-5:2013 Information technology - Security techniques -
Network security - Part 5: Securing communications across networks using
Virtual Private Networks (VPNs)
[410]ISO/IEC 27033-6:2016 Information technology - Security techniques -
Network security - Part 6: Securing wireless IP network access
[411]ISO/IEC 27034-1:2011 Information technology - Security techniques -
Application security - Part 1: Overview and concepts
[412]ISO/IEC 27034-2:2015 Information technology - Security techniques -
Application security - Part 2: Organization normative framework
[413]ISO/IEC 27034-6:2016 Information technology - Security techniques -
Application security - Part 6: Case studies
[414]ISO/IEC 27035-1:2016 Information technology - Security techniques -
Information security incident management - Part 1: Principles of incident
management
[415]ISO/IEC 27035-2:2016 Information technology - Security techniques -
Information security incident management - Part 2: Guidelines to plan and
prepare for incident response
[416]ISO/IEC 27036-2:2014 Information technology - Security techniques -
Information security for supplier relationships - Part 2: Requirements
[417]ISO/IEC 27036-3:2013 Information technology - Security techniques -
Information security for supplier relationships - Part 3: Guidelines for
information and communication technology supply chain security
[418]ISO/IEC 27036-4:2016 Information technology - Security techniques -
Information security for supplier relationships - Part 4: Guidelines for
security of cloud services
[419]ISO/IEC 27037:2012 Information technology - Security techniques -
Guidelines for identification, collection, acquisition and preservation of
digital evidence
[420]ISO/IEC 27038:2014 Information technology - Security techniques -
Specification for digital redaction
[421]ISO/IEC 27039:2015 Information technology - Security techniques -
Selection, deployment and operations of intrusion detection and prevention
systems (IDPS)
[422]ISO/IEC 27040:2015 Information technology - Security techniques -
Storage security
[423]ISO/IEC 27041:2015 Information technology - Security techniques -
Guidance on assuring suitability and adequacy of incident investigative
method
[424]ISO/IEC 27042:2015 Information technology - Security techniques -
Guidelines for the analysis and interpretation of digital evidence
[425]ISO/IEC 27043:2015 Information technology - Security techniques -
Incident investigation principles and processes
[426]ISO/IEC 27050-1:2016 Information technology - Security techniques -
Electronic discovery - Part 1: Overview and concepts
[427]ISO 27799:2016 Health informatics - Information security
management in health using ISO/IEC 27002
[428]ISO/IEC 29100:2011 Information technology - Security techniques -
Privacy framework
[429]ISO/IEC 29101:2013 Information technology - Security techniques -
Privacy architecture framework
[430]ISO/IEC 29115 Information technology - Security techniques -
Privacy capability assessment model
[431]ISO/IEC 29115:2013 Information technology - Security techniques -
Entity authentication assurance framework
[432]ISO/IEC 29128:2011 Information technology - Security techniques -
Verification of cryptographic protocols
[433]ISO/IEC 29146:2016 Information technology - Security techniques -
A framework for access management
[434]ISO/IEC 29147:2014 Information technology - Security techniques -
Vulnerability disclosure
[435]ISO/IEC TR 29149:2012 Information technology - Security
techniques - Best practices for the provision and use of time-stamping
services
[436]ISO/IEC 29150:2011 Information technology - Security techniques -
Signcryption
[437]ISO/IEC 29167-1:2014 Information technology - Automatic
identification and data capture techniques - Part 1: Security services for
RFID air interfaces
[438]ISO/IEC 29167-10:2015 Information technology - Automatic
identification and data capture techniques - Part 10: Crypto suite AES-128
security services for air interface communications
[439]ISO/IEC 29167-11:2014 Information technology - Automatic
identification and data capture techniques - Part 11: Crypto suite
PRESENT-80 security services for air interface communications
[440]ISO/IEC 29167-12:2015 Information technology - Automatic
identification and data capture techniques - Part 12: Crypto suite ECC-DH
security services for air interface communications
[441]ISO/IEC 29167-13:2015 Information technology - Automatic
identification and data capture techniques - Part 13: Crypto suite
Grain-128A security services for air interface communications
[442]ISO/IEC 29167-14:2015 Information technology - Automatic
identification and data capture techniques - Part 14: Crypto suite AES OFB
security services for air interface communications
[443]ISO/IEC 29167-17:2015 Information technology - Automatic
identification and data capture techniques - Part 17: Crypto suite cryptoGPS
security services for air interface communications
[444]ISO/IEC 29167-19:2016 Information technology - Automatic
identification and data capture techniques - Part 19: Crypto suite RAMON
security services for air interface communications
[445]ISO/IEC 29191:2012 Information technology - Security techniques -
Requirements for partially anonymous, partially unlinkable authentication.
[446]ISO/IEC 29192-1:2012 Information technology - Security techniques -
Lightweight cryptography - Part 1: General
[447]ISO/IEC 29192-2:2012 Information technology - Security techniques -
Lightweight cryptography - Part 2: Block ciphers
[448]ISO/IEC 29192-3:2012 Information technology - Security techniques -
Lightweight cryptography - Part 3: Stream ciphers
[449]ISO/IEC 29192-4:2013 Information technology - Security techniques -
Lightweight cryptography - Part 4: Mechanisms using asymmetric
techniques
[450]ISO/IEC 29192-5:2016 Information technology - Security techniques -
Lightweight cryptography - Part 5: Hash-functions
[451]ISO/IEC 30111:2013 Information technology - Security techniques -
Vulnerability handling processes
[452]IEC 62243, 2012 Artificial Intelligence Exchange and Service Tie to
All Test Environments (AI-ESTATE)
[453]IEC/TR 80001-2-3:2012 Application of risk management for
IT-networks incorporating medical devices - Part 2-3: Guidance for
wireless networks
[454]IEC/TR 80001-2-5:2014 Application of risk management for
IT-networks incorporating medical devices - Part 2-5: Application guidance
- Guidance for distributed alarm systems
:
略号(由来を示すだけの場合有)
AAA: authentication, authorization, and accounting
AES: Advanced Encryption Standard
ANSI: American National Standards Institute
AOC:
ARCNET: Attached Resource Computer NETwork
Autosar: AUTomotive Open System Architecture
ASV: Approved Scanning Vendor.”
-
CAV – Card Authentication Value (JCB payment cards)
CVC – Card Validation Code (MasterCard payment cards)
CVV – Card Verification Value (Visa and Discover payment cards)
8. CSC – Card Security Code (American Express)
CID – Card Identification Number (American Express and Discover
payment cards)
CAV2 – Card Authentication Value 2 (JCB payment cards)
CVC2 – Card Validation Code 2 (MasterCard payment cards)
CVV2 – Card Verification Value 2 (Visa payment cards)
-
CD: Conpact Disc
CERT: Computer Emergency Response Team
CHD: Card Holder Data
CIFS: Common Internet File System
CIS: Center for Internet Security
DMZ: demilitarized zone.”
CSIRTs: computer security incident response teams
co, com: commercial
DHCP: Dynamic host configuration Protocol
DNS: Domain Name System
DSS: Data Security Standard
DVD: Digital Versatile Disc
ECC: elliptic curve cryptography.”
Echonet: Energy Conservation & Homecare Network
ECNL: Echonet light
FAQ: Frequent Asked Question
FIPS: Federal Information Processing Standards
FTP: file transfer protocol
go, gov: government
GPRS: General Packet Radio Service
GSM: Global System for Mobile Communications
HTTP: HyperText transfer protocol
ID: Identifier
IDS: intrusion detection system
IEC: International Electrotechnical Commission
IETF: Internet Engineering task force
IoT: Internet of Things
IMAP: Internet Message Access Protocol
IP: Internet Protocol
IPA: Information Promotion Agency
IPS: intrusion prevention system.”
IPSec: IP Security
ISBN: International Standard Book Number
ISO: International Organization for Standardization
ISSN: International Standard Serial Number
jp, Japan
LAN: Local Area Network
LDAP: lightweight direct access protocol
LPAR: logical partition
LSB :Linux Standard Base
MAC: message authentication code
MAC Adress: media access control address
MPLS: multi protocol label switching
NAT: Network Address Transfer
NFS: Network File System
NIS: Network Information Service
NIS: National Institute of Standards and Technology
NO: number
NTP: Network Time Protocol
NTT: Nippon Telephone and Telegram
or, org: organization
OS: Operating Systems
OSEK: Open interface for embedded automotive applications
QAD:
QIR: Qualified Integrator or Reseller
QSA: Qualified Security Assessor
PA: Payment Applications
PAN: primary account number
PAT: port address translation
PCI: Payment Card Industry
PDA: personal data assistant
pdf: portable description format
P2PE: Point-to-Point-Encryption
PED: PIN entry device
PIN: personal identification number
POI: Point of Interaction
POP: post office protocol
PTS: PIN Transaction Security
PVV: PIN verification value
RADIUS: remote authentication and dial-in user service
RBAC: role-based access control
RFC: Request for Comment
ROC: report of conformance
ROM: Read Only Memory
POS: point of sale
RSA: Ron Rivest, Adi Shamir, and Len Adleman
SANS: SysAdmin, Audit, Networking and Security
SAQ: Self-Assessment Questionnaire
SCR: Secure Card Reader
SD: Secure Digital Memory Card
SDLC: system development life cycle
sec: Software Reliability Center(Software Engineering Center)
SMTP: simple mail transfer protocol
SNMP: Simple Network Management Protocol
SQL: Structured Query Language
Srr: special research report
√SSC: Security Standard Council
SSH: Secure Shell
SSL: secure sockets
SSP: smallest set profile
SWEST: Summer Workshop on Embedded System Technologies
sys: system
TCP: Transport Control Protocol
TDES: Triple Data Encryption Standard
telnet: telephone network protocol
TLS: transport layer security
TOPPERS: Toyohashi Open Platform for Embedded Real-time Systems
TR: Technical Report
UDP: User Datagram Protocol
URL: Uniform Resource Locator
USB: Universal Serial Bus
V: version
VPN: Virtual Private Network
W3C, The World Wide Web Consortium
WEP: wired equivalent privacy
Wifi: Wireless Fidelity
WOCS: Workshop on Critical Softwere Systems
WPA: WiFi Protected Access
www: world wide web
版履歴
V.0.1 2017.02.07, V.0.2 2017.02.24, V.0.3 2017.3.1