{"created":"2025-01-19T01:24:14.935448+00:00","updated":"2025-01-19T13:03:37.538754+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00224679","sets":["1164:3925:11156:11157"]},"path":["11157"],"owner":"44499","recid":"224679","title":["日米の産業界におけるパブリックおよび自社製のセキュア開発ガイドラインの利用実態調査"],"pubdate":{"attribute_name":"公開日","attribute_value":"2023-02-27"},"_buckets":{"deposit":"25567b8f-553e-4230-ba77-138449245e31"},"_deposit":{"id":"224679","pid":{"type":"depid","value":"224679","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"日米の産業界におけるパブリックおよび自社製のセキュア開発ガイドラインの利用実態調査","author_link":["592983","592979","592982","592976","592981","592980","592977","592978"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"日米の産業界におけるパブリックおよび自社製のセキュア開発ガイドラインの利用実態調査"},{"subitem_title":"A Survey on Public and In-house Secure Development Guidelines in U.S. and Japanese Industries","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"脆弱性管理","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2023-02-27","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"NTT社会情報研究所"},{"subitem_text_value":"情報通信研究機構"},{"subitem_text_value":"NTT社会情報研究所"},{"subitem_text_value":"NTT社会情報研究所"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"NTT Social Informatics Laboratories","subitem_text_language":"en"},{"subitem_text_value":"National Institute of Information and Communications Technology","subitem_text_language":"en"},{"subitem_text_value":"NTT Social Informatics Laboratories","subitem_text_language":"en"},{"subitem_text_value":"NTT Social Informatics Laboratories","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/224679/files/IPSJ-CSEC23100003.pdf","label":"IPSJ-CSEC23100003.pdf"},"date":[{"dateType":"Available","dateValue":"2025-02-27"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-CSEC23100003.pdf","filesize":[{"value":"1.2 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"c849b6b3-bdde-450f-8674-68cd05ceac92","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2023 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"金井, 文宏"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"長谷川, 彩子"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"塩治, 榮太朗"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"秋山, 満昭"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Fumihiro, Kanei","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Ayako, A. Hasegawa","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Eitaro, Shioji","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Mitsuaki, Akiyama","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA11235941","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8655","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"セキュア開発ガイドラインは，開発者に想定すべきリスクや必要なセキュリティ対策，その実装方法を認識させることで，開発段階からソフトウェアのセキュリティを向上させる事に寄与している．本研究では，日米のソフトウェア開発者（アメリカ：N=474，日本：N=396）を対象に，ガイドラインの利用実態と産業界における有用性について調査を実施した．我々は，ほとんどの既存研究が着目していない “自社製” のガイドラインが産業界で広く利用されている事実や，それらとパブリックなガイドラインの利用状況との関係を量的分析により明らかにした．加えて，既存研究で推奨されているガイドラインの運用方法は，小規模なプロジェクトに所属するソフトウェア開発者など，特定の属性を持つ人々にとって実践が困難であることを明らかにした．この結果は，産業の開発現場における組織的な問題を考慮した軽量なガイドラインの運用方法の検討が必要である事を示している．","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"8","bibliographic_titles":[{"bibliographic_title":"研究報告コンピュータセキュリティ（CSEC）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2023-02-27","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"3","bibliographicVolumeNumber":"2023-CSEC-100"}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"id":224679,"links":{}}