{"links":{},"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00074884","sets":["6164:6165:6462:6463"]},"path":["6463"],"owner":"5","recid":"74884","title":["訴訟リスクを考慮した情報セキュリティ対策選定方式に関する検討"],"pubdate":{"attribute_name":"公開日","attribute_value":"2009-10-19"},"_buckets":{"deposit":"6e5ab2be-f8eb-441c-951b-206dac710c2d"},"_deposit":{"id":"74884","pid":{"type":"depid","value":"74884","revision_id":0},"owners":[5],"status":"published","created_by":5},"item_title":"訴訟リスクを考慮した情報セキュリティ対策選定方式に関する検討","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"訴訟リスクを考慮した情報セキュリティ対策選定方式に関する検討"},{"subitem_title":"A case study of a security measure selection scheme with consideration of potential lawsuit","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"ディジタルフォレンジクス","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2009-10-19","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"静岡大学大学院情報学研究科"},{"subitem_text_value":"NTT情報流通プラットホーム研究所"},{"subitem_text_value":"創価大学大学院工学研究科"},{"subitem_text_value":"東京電機大学未来科学部"},{"subitem_text_value":"静岡大学創造科学技術大学院"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Graduate School of Informatics,Shizuoka University","subitem_text_language":"en"},{"subitem_text_value":"NTT Information Sharing Platform Laboratories","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Engineering,Soka University","subitem_text_language":"en"},{"subitem_text_value":" School of Science and Technology for Future Life,Tokyo Denki University","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Science and Technology,Shizuoka University","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/74884/files/IPSJ-CSS2009E13.pdf"},"date":[{"dateType":"Available","dateValue":"2011-10-19"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-CSS2009E13.pdf","filesize":[{"value":"284.9 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"2c6cdca4-e104-4e83-bce1-3c1a39d36aa4","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2009 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"臼井, 佑真"},{"creatorName":"山本, 匠"},{"creatorName":"間形, 文彦"},{"creatorName":"勅使河原, 可海"},{"creatorName":"佐々木, 良一"},{"creatorName":"西垣, 正勝"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Yuma, Usui","creatorNameLang":"en"},{"creatorName":"Takumi, Yamamoto","creatorNameLang":"en"},{"creatorName":"Fumihiko, Magata","creatorNameLang":"en"},{"creatorName":"Yoshimi, Teshigawara","creatorNameLang":"en"},{"creatorName":"Ryoichi, Sasaki","creatorNameLang":"en"},{"creatorName":"Masakatsu, Nishigaki","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"セキュリティインシデントが生じなければ訴訟も起きないため，企業や組織のセキュリティ対策としてはまず，ファイアウォールやデータの暗号化等の既存のISMS 対策を適切に実施することが肝要である．しかし，現実には完全な対策は存在しない．このため，インシデントの発生，またそれに係る訴訟が発生した際に備えて，システム稼動ログやユーザの操作ログの保管といった DF(Digital Forensics) 対策も併用する必要がある．本稿では，ISMS 対策と DF 対策の両者について，費用対効果を見込んだ上でセキュリティ対策の選定を最適化する方式を提案し，ケーススタディを用いてその有効性に関する検討を行う．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Incidents on ITC systems will result in lawsuits. Needless to say, information security countermeasures (firewall, data encryption and so on) are essential; if we could protect our system against any security threats including viruses and hackers, incidents such as information leakage due to illegal accesses and/or service suspension due to denial-of-service attack will not occur. However, there could be no perfect countermeasures. Therefore, companies and organizations need to be prepared for litigation. That is, digital forensic countermeasures (management of a variety of system event logs) should be applied with information security countermeasures together. This paper proposes an approach to formulate an optimization problem to select both security and forensics countermeasures that maximizes cost-effectiveness.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"6","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2009　(CSS2009) 論文集"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2011-10-12","bibliographicIssueDateType":"Issued"},"bibliographicVolumeNumber":"2009"}]},"relation_version_is_last":true,"weko_creator_id":"5"},"created":"2025-01-18T23:32:14.347734+00:00","updated":"2025-01-21T21:26:40.876655+00:00","id":74884}