{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00209583","sets":["1164:6389:10492:10493"]},"path":["10493"],"owner":"44499","recid":"209583","title":["セキュリティ知識を必要としないリスクアセスメントツールの開発"],"pubdate":{"attribute_name":"公開日","attribute_value":"2021-02-22"},"_buckets":{"deposit":"444c54c5-2e17-4818-952e-7878a4b0a999"},"_deposit":{"id":"209583","pid":{"type":"depid","value":"209583","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"セキュリティ知識を必要としないリスクアセスメントツールの開発","author_link":["528628","528626","528627","528629","528630"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"セキュリティ知識を必要としないリスクアセスメントツールの開発"},{"subitem_title":"Development of the Risk Assessment Tool for System Administrators without Security Knowledge","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"SPT","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2021-02-22","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"佐賀大学"},{"subitem_text_value":"佐賀大学"},{"subitem_text_value":"近畿大学"},{"subitem_text_value":"岐阜大学"},{"subitem_text_value":"神戸大学"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Saga University","subitem_text_language":"en"},{"subitem_text_value":"Saga University","subitem_text_language":"en"},{"subitem_text_value":"Kinki Uniersity","subitem_text_language":"en"},{"subitem_text_value":"Gifu Uniersity","subitem_text_language":"en"},{"subitem_text_value":"Kobe Uniersity","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/209583/files/IPSJ-SPT21041046.pdf","label":"IPSJ-SPT21041046.pdf"},"date":[{"dateType":"Available","dateValue":"2023-02-22"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-SPT21041046.pdf","filesize":[{"value":"1.2 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"b2272729-b0c3-48b6-80d3-777aea6c48dd","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2021 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"中原, 加寸美"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"廣友, 雅徳"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"福田, 洋治"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"毛利, 公美"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"白石, 善明"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12628305","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8671","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"近年の調査でリスクアセスメントを行っていない事業所は過半数であることが報告されている．リスクアセスメントを行うには専門的な知識が必要であり，調査や分析に時間を要する．リスクアセスメントを実施していない理由として，十分な知識を持った人材がいない，実施方法がわからないといった理由が挙げられている．本稿では，リスクアセスメントを行う際に必要な専門知識を使わず，組織の情報資産や情報システムの管理情報を入力するだけでリスクアセスメントを行えるツールを開発する．さらに，そのリスクアセスメントツールを利用する例題を作成し，その例題を利用することでリスクアセスメントの実施方法がわからないという問題を解決することを試みる．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"In a recent investigation, it is reported that most organizations do not carry out risk assessment. Security knowledge is necessary and needs time for an investigation, analysis to perform risk assessment. The reasons are “There are not human resources with enough knowledge”, “A method to investigate is not identified.” In this paper, we develop a tool which only inputs information of assets and the information system of the organization, and can carry out risk assessment without security knowledge. Furthermore, we make an example that uses the risk assessment tool, and try to solve the problem of how to carry out the risk assessment.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"7","bibliographic_titles":[{"bibliographic_title":"研究報告セキュリティ心理学とトラスト（SPT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2021-02-22","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"46","bibliographicVolumeNumber":"2021-SPT-41"}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"id":209583,"updated":"2025-01-19T18:28:19.308077+00:00","links":{},"created":"2025-01-19T01:10:53.009693+00:00"}