{"created":"2025-01-19T00:59:57.854294+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00194942","sets":["1164:6389:9696:9719"]},"path":["9719"],"owner":"44499","recid":"194942","title":["セキュリティフレームワークに基づいた情報セキュリティに関連するガイドラインの内容提示の手法の提案と評価"],"pubdate":{"attribute_name":"公開日","attribute_value":"2019-02-28"},"_buckets":{"deposit":"bc7ae873-f0ca-4c5f-bb87-3d0d4d2e2378"},"_deposit":{"id":"194942","pid":{"type":"depid","value":"194942","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"セキュリティフレームワークに基づいた情報セキュリティに関連するガイドラインの内容提示の手法の提案と評価","author_link":["462852","462853"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"セキュリティフレームワークに基づいた情報セキュリティに関連するガイドラインの内容提示の手法の提案と評価"},{"subitem_title":"Proposal to visualize a content of information security guideline based on pre-provided three security frameworks","subitem_title_language":"en"}]},"item_type_id":"4","publish_date":"2019-02-28","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"筑波大学"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"University of Tsukuba","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/194942/files/IPSJ-SPT19032016.pdf","label":"IPSJ-SPT19032016.pdf"},"date":[{"dateType":"Available","dateValue":"2021-02-28"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-SPT19032016.pdf","filesize":[{"value":"1.1 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"c2edf1a3-deb8-4201-8abb-5e908c5b0b7f","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2019 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"尾崎, 敏司"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Satoshi, Ozaki","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12628305","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8671","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"2012 年に独立法人情報処理推進機構により提示された 「情報キュリティ人材の育成に関する基礎調査」 と 2014 年のその追加調査によると，約 8.1 万人の情報セキュリティの人材不足が指摘されており，現在もその育成は課題となり続けている．自己学習の起点になると考えられるガイドラインは多く公開されているが，これらのガイドラインがセキュリティ業務のどの部分に該当するのか初学者が把握するのは難しい．尾崎の 「情報セキュリティに関連するガイドラインの内容提示の手法の提案とその評価」 において，米国国立標準技術研究所の公開している Cybersecurity  Framework を基に，Term Frequency-Inverse Document Frequency (tf-idf) による特徴ベクトルを用いて，ガイドラインの文書内容を体系的に可視化する手法の提案がなされている．本研究では，この先行研究の提案手法を，ISO/IEC 27001 の規格と，Council on Cybersecurity の Critical Security Controls を用いて，それぞれ実施し，質的コーディングの結果と比較することでその評価を行った．これにより先行研究がフレームワークに大きく依存せずに適用可能なことを確認した．また，各フレームワークについての関係性と検証の結果を基にどのフレームワークを用いて文書内容を提示するのが適当か検討した．","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"8","bibliographic_titles":[{"bibliographic_title":"研究報告セキュリティ心理学とトラスト（SPT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2019-02-28","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"16","bibliographicVolumeNumber":"2019-SPT-32"}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"id":194942,"updated":"2025-01-19T23:16:43.433693+00:00","links":{}}