{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00045027","sets":["1164:3925:3951:3953"]},"path":["3953"],"owner":"1","recid":"45027","title":["セキュリティ対策案選択問題のモデル化"],"pubdate":{"attribute_name":"公開日","attribute_value":"2003-07-17"},"_buckets":{"deposit":"2b8ca678-ef38-4bac-b6b3-a090534cc311"},"_deposit":{"id":"45027","pid":{"type":"depid","value":"45027","revision_id":0},"owners":[1],"status":"published","created_by":1},"item_title":"セキュリティ対策案選択問題のモデル化","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"セキュリティ対策案選択問題のモデル化"},{"subitem_title":"A modeling of security measure selection problem","subitem_title_language":"en"}]},"item_type_id":"4","publish_date":"2003-07-17","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"静岡大学大学院情報学研究科"},{"subitem_text_value":"㈱NTTデータセキュリティビジネスユニット"},{"subitem_text_value":"静岡大学情報学部"},{"subitem_text_value":"岩手県立大学ソフトウェア情報学部"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Graduate school of Information, Shizuoka University","subitem_text_language":"en"},{"subitem_text_value":"Security Business Division, NTTData Corp.","subitem_text_language":"en"},{"subitem_text_value":"Faculty of Information, Shizuoka University","subitem_text_language":"en"},{"subitem_text_value":"Faculty of Software and Information Iwate, Prefectural University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/45027/files/IPSJ-CSEC03022035.pdf"},"date":[{"dateType":"Available","dateValue":"2005-07-17"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-CSEC03022035.pdf","filesize":[{"value":"1.5 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"aabdbe62-d33c-454f-99b4-a505996c001a","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2003 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"兵藤, 敏之"},{"creatorName":"中村, 逸一"},{"creatorName":"西垣, 正勝"},{"creatorName":"曽我, 正和"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Toshiyuki, Hyodo","creatorNameLang":"en"},{"creatorName":"Itsukazu, Nakamura","creatorNameLang":"en"},{"creatorName":"Masakatsu, Nishigaki","creatorNameLang":"en"},{"creatorName":"Masakazu, Soga","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA11235941","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"近年，情報セキュリティポリシーを策定，運用する組織等が増えつつある．しかし，守るべき資産に対して最も効果的かつ効率的なセキュリティ対策を選択するための方法論は確立されていない．このため，現在の情報システム開発におけるセキュリティ対策案の選択は設計者や開発者の勘と経験に頼って行われていることがほとんどであり，また，選択されたセキュリティ対策案の妥当性を客観的に証明することもできないというのが現状である．本稿では，資産・脅威・対策案の関係をモデル化し，セキュリティ対策案選択問題を定式化することにより，対策案の最適な組み合わせを理論的に求める手法を導出する．本手法によれば，セキュリティ対策案選択問題は離散最適化問題として定式化される．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Recently, information security management in many organizations is carried out based on a Information Security Policy. However, no effective method of selecting the optimum security measures has established yet. Hence, a security measures selection is now greatly dependent on the knowledge/experience of a system designer, and the objective evaluation of appropriateness of the selected security measures is impossible. To cope with the inconvenience, this paper shows a formulation of problem for selecting security measures.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"256","bibliographic_titles":[{"bibliographic_title":"情報処理学会研究報告コンピュータセキュリティ（CSEC）"}],"bibliographicPageStart":"249","bibliographicIssueDates":{"bibliographicIssueDate":"2003-07-17","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"74(2003-CSEC-022)","bibliographicVolumeNumber":"2003"}]},"relation_version_is_last":true,"weko_creator_id":"1"},"id":45027,"updated":"2025-01-22T10:11:42.027089+00:00","links":{},"created":"2025-01-18T23:11:03.818103+00:00"}