• Tidak ada hasil yang ditemukan

(1)DEVELOPMENT OF APPLICATION SECURITY ST ANDARD Page 100 of 128 Irwin Lawrencius REFERENCES Abi-Antoun, M arwan et al

N/A
N/A
Info
Unduh - Bebas
Protected

Academic year: 2023

Membagikan "(1)DEVELOPMENT OF APPLICATION SECURITY ST ANDARD Page 100 of 128 Irwin Lawrencius REFERENCES Abi-Antoun, M arwan et al"

Copied!
4
0
0

Memuat.... (Lihat teks lengkap sekarang)

Unduh sekarang ( 4 Halaman )

Teks penuh

(1)

DEVELOPMENT OF APPLICATION SECURITY ST ANDARD Page 100 of 128

Irwin Lawrencius REFERENCES

Abi-Antoun, M arwan et al. “Checking Threat M odeling Data Flow Diagrams for Implementation Conformance and Security.” ACM New York, 2007, 393–96.

AERA, APA, NCM E. “Standard for educational psychological testing.” Washington, 2002.

AERA, APA, NCM E. “Editorial policies regarding statistical significance testing:

Three suggested reforms.” Educational Researcher, 25(2), 26-30. 2002.

Andress, Amanda. Surviving Security - How to Integrate People, Process, and Technology. Second Edition. Auerbach Publications, 2004.

Andress, Jason. The Basics of Information Security: Understanding the Fundamentals of Infosec in Theory and Practice. Syngress Pub, 2011.

Barbeau et al. “Detecting Impersonation Attacks in Future Wireless and M obile Networks.” SVLNCS, vol. 13, no. 29 (2005).

Baskerville, Richard, and Trevor Wood-Harper. “Diversity in Information Systems Action Research M ethod.” European Journal of Information System 7, no. 2 (1998):

90–107.

Boyce, Carolyn, and Palena Neale. Conducting In-Depth Interviews: A Guide for Designing and Conducting In-Depth Interviews for Evaluation Input. 2006th ed. Vol.

2. Pathfinder International, n.d.

BSI. “BSI-Standard 100-1: Information Security M anagement Systems (ISM S),” 2010.

Bulgurcu et al. “Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness.” MIS Quarterly, vol.

34, no. 3 (2010): 523–A7.

Burns, Steven F. “Threat M odeling: A Process to Ensure Application Security.” SANS Reading Room, 2005.

Calder, Allan, and Steve Walkins. IT Governance: A Manager’s Guide to Data Security and ISO 27001/ISO27002. Fourth Edition. Kogan Page, 2008.

Calder, Allan, and Steve Walkins. Information Security Risk Management for ISO27001/ISO27002. Fourth Edition. IT Governance Ltd, 2010

CVSS, “CVSS v3.0 Specification Document.” Accessed January 6, 2016.

https://www.first.org/cvss/specification-document.

Eliot & Associates. Guidelines for Conducting a Focus Group. 2005

(2)

DEVELOPMENT OF APPLICATION SECURITY ST ANDARD Page 101 of 128

Irwin Lawrencius Fischer, Stanley. “Consumers and M obile Financial Services 2015.” Board of Governors of The Federal Reserve System, 2015.

Gupta, Suvajit, and Joel Winstead. “Using Attack Graphs to Design Systems.” IEEE Security & Privacy vol. 5, no. 4 (2007): 80–83.

IBM , “Attack Trees: It’s a Jungle Out There | IBM Cloud.” Accessed January 6, 2016.

http://websphere.sys-con.com/node/43842.

IEC/ISO Guide 73:2009 – International Organization for Standardization and International Electrotechnical Commission, 2005.

IEC/ISO 27034:2015 – International Organization for Standardization and International Electrotechnical Commision, 2015.

ISACA, “Principles for Information Security Practitioners.” Accessed January 6, 2016, http://www.isaca.org/knowledge-center/standards/documents/principles-for-info-sec- practitioners-overview.pdf

Kim, David, and M ichael Solomon. Fundamentals of Information Systems Security.

Jones & Bartlett Learning Pub, 2010.

Knapp, Eric. Industrial Network Security. Syngress Pub, 2011.

Kohnfelder, and Praerit Garg. “The Threats to Our Product: M icrosoft Interface.”

Microsoft, 1999. http://blogs.msdn.com/sdl/attachment/9887486.

Laaksonen, Elina, and M arko Niemimaa. “Information Security Policies: A Frames of Reference Perspective.” Lulea University of Technology, 2011.

M aki, Tony. Enterprise RIsk Management - Integrated Framework. COSO, 2004.

M eier, J.D, and Alex M ackman. “Threat M odeling.” Improving Web Application Security: Threats and Countermeasures, 2003. https://msdn.microsoft.com/en- us/library/ff648644.aspx.

M orana, M arco. “Building Security Into The Software Life Cycle.” Blackhat, 2006.

Nakrem, Are. “M anaging Information Security in Organizations: A Case Study,” 2007.

NIST SP 800-53 – National Institute of Standards and Technology Special Publication, 2013

Onwuegbuzie, A. J. “Qualitative Framework for Collecting and Analyzing Data in Focus Group Research.” International Journal of Qualitative Methods, n.d., 1–21.

OWASP. “OWASP.” The Open Web Application Security Project. Accessed January 6, 2016. https://www.owasp.org/index.php/About_OWASP.

(3)

DEVELOPMENT OF APPLICATION SECURITY ST ANDARD Page 102 of 128

Irwin Lawrencius Pedrosa, Tiago. “In-Depth Interview,” 2014. Accessed January 6, 2016.

http://www.ivm.vu.nl/en/Images/PT8_tcm53-161513.pdf

Peltier, Thomas. Information Security Fundamentals. Second Edition. Auerbach Publications, 2013.

Purcell, James E. “Defining and Understanding Security in the Software Development Life Cycle.” SANS, 2005.

Saini, V., and Q. Duan. “Threat M odeling Using Attack Trees.” Small Coll vol. 23, no.

4 (2008): 124–31.

Sanzgiri, Ameya. “A Comprehensive Threat Assessment Framework for Securing Emerging Technologies,” 2013.

Samani, Raj, Brian Honan, and Jim Reavis. CSA Guide To Cloud Computing:

Implement Cloud Privacy and Security). Syngress Pub, 2015.

Satria, R. “Introduction to Research M ethodology.” Swiss German University, 2014.

Satria, R. “Research Design and M ethodology.” Swiss German University, 2014.

Satria, R. “Qualitative Research and Soft System M ethodology ” Swiss German University, 2014.

Sawer, Barbara. Evaluating for Accountability. Oregon State University Service, 1984.

Sidik, Suyanto. “Dampak Undang-Undang Informasi Dan Transaksi Elekttronik (UU ITE) Terhadap Perubahan Hukum Dan Sosial Dalam M asyarakat.” Jurnal Ilmiah WIDYA 1 (2015).

Sireci, S. G. “On Validity Theory and Test Validation.” Educational Researcher, 36, 477-481. 2007.

Steven, John. “Advanced Threat M odelling.” Cigital Inc, 2009.

Taati, Ali, and Nasser M odiri. “An Approach for Secure Software Development Lifecycle Based on ISO/IEC 27034.” IJOCIT, 2015.

Tashakkori, A. “Handbook of M ixed M ethods in Social & Behavioral Research.” 2003.

Taylor-Powell, Ellen. “Questionnaire Design: Asking Questions with a Purpose.” Texas Agricultural Extension Service, 1998.

Torr, Peter. “Guerilla Threat M odelling.” Threat Modelling, February 22, 2005.

https://blogs.msdn.microsoft.com/ptorr/2005/02/22/guerrilla-threat-modelling-or- threat-modeling-if-youre-american/.

(4)

DEVELOPMENT OF APPLICATION SECURITY ST ANDARD Page 103 of 128

Irwin Lawrencius Weiss, M artin, and M ichael Solomon. Auditing IT Infrastructures for Compliance.

Third Edition. Jones & Bartlett Learning Pub, 2010.

Whitman, M . E., and H. J. M attord. Management of Information Security. Boston, M A:

Course Technology, 2010.

Whitman, M ichael, and Herbert M attord. Principles of Information Security. Fourth Edition. Course Technology, 2012.

Yi, M an Sau. “A Paper on the Promotion of Application Security Awareness.” SANS Reading Room, 2001.

Referensi

Unduh sekarang ( PDF - 4 Halaman - 660.68 KB )

Dokumen terkait

Available at: https://www.brooklynmuseum.org/community/blogosphere the-realities- of-installing-ibeacon-to-scale/ (Accessed: 6 December 2017)

DESIGN AND DEVELOPMENT OF INTERNET OF THINGS BASED MOBILE Page 60 of 107 APPLICATION FOR INDONESIA TOURISM DESTINATION Anthony Widjaja REFERENCES Barapatre, A.. ‘Beacon Mobile