1. GOST R ISO 7498-99. Informatsionnaya tekhnologiya. Vzaimosvyaz' otkrytykh sistem. Bazovaya etalonnaya model'. Chast' 1: Bazovaya model'. Chast' 2: Arkhitektura zashchity informatsii. Chast' 3: Prisvoenie imeni i adresatsiya. Chast' 4: Osnovy administrativno-go upravleniya.
2. ISO/IEC DTR 10181. Informatsionnye tekhnologii. Vzaimosvyaz' otkrytykh sistem. Osnovy zashchity informatsii dlya otkrytykh sistem. Chast' 1: Obshchee opisanie osnov zashchity informatsii v VOS. Chast' 2: Osnovy autentifikatsii. Chast' 3: Upravlenie dostupom. Chast' 4: Bezotkaznost' polucheniya. Chast' 5: Konfidentsial'nost'. Chast' 6: Tselostnost'. Chast' 7: Osnovy proverki zashchity.
3. Shcherbo, V.K. Standarty vychislitel'nykh setei. Vzaimosvyazi setei: spravochnik / V.K. Shcherbo. - M.: Kudits - obraz, 2000. - 198 s.
4. Underlying Technical Models for Information Technology Security / G. Stoneburner. - NIST Special Publications, 2001.
5. ISO/IEC 17799:2005. Informatsionnye tekhnologii. Upravlenie informatsionnoi bezopasnost'yu.
6. Information technology - Security techniques - Evaluation criteria for IT security - Part 1: Introduction and general model. - ISO/IEC 15408-1:2005, Part 2: Security functional requirements. - ISO/IEC 15408-2:2005, Part 3: Security assurance requirements. - ISO/IEC 15408-3:2005.
7. STB P ISO/MEK 17799-2000/2004. Informatsionnye tekhnologii i bezopasnost'. Pravila upravleniya informatsionnoi bezopasnost'yu.
8. STB 34.101.1-3. Informatsionnye tekhnologii. Metody i sredstva bezopasnosti. Kriterii otsenki bezopasnosti informatsionnykh tekhnologii. Chast' 1: Vvedenie i obshchaya model'. Chast' 2: Funktsional'nye trebovaniya bezopasnosti. Chast' 3: Garantiinye trebovaniya bezopasnosti.
9. ISO/IEC 27001:2005. Informatsionnye tekhnologii. Sredstva bezopasnosti. Menedzh-ment kachestva v oblasti bezopasnosti informatsionnykh sistem.
10. Information technology - Security techniques - Methodology for IT Security Evaluation. - ISO/IEC 18045:2005.
11. Information technology - Security techniques - Security assessment of operational systems. - ISO/IEC 2nd PDTR 19791:2004.
12. Galatenko, V.A. Standarty informatsionnoi bezopasnosti / V.A. Galatenko; pod red. akademika RAN V.B. Betelina. - M.: INTUITRU, 2004. - 328 s.
13. Hearn, J. Does the Common Criteria Paradigm Have a Future / J. Hearn // IEEE Security & Privacy. - 2004, January/February. - R. 64-65.
14. Risk Management Guide for Information Technology Systems. - NIST, Special Publication 800-30.
15. Systems Engineering at MITRE Risk Management - R1, MP96B0000120, September 1998.
16. ISO TR 13335:1996-1998 - 1-5. IT Information technology - Guidelines for the management of IT security - Part 1: Concepts and models for IT security; Part 2: Managing and planning IT security; Part 3: Techniques for the managing of IT security IT; Part 4: Selection of safeguards; Part 5. Management guidance on network security.
17. Simonov, S.V. Tekhnologii i instrumentarii dlya upravleniya riskami / S.V. Simonov // Jet Info. - № 2(117). - 2003. - 32 s.
18. Information technology - System Security Engineering - Capability Maturity Model (SSE-CMM). - ISO/IEC 21827:2002.
19. Glossarii terminov po informatsionnoi bezopasnosti [Elektronnyi resurs]. - Rezhim dostupa: http://www.garlic.com /-lynn/ secure.htm.
20. NCSC-TG-004 (Aqua Book) Glossary of Computer Security Terms (Version 1, 0/21/88) [Electronic resource]. - Mode of access: www.radium.ncsc.mil/tpep/library/rainbow/index.html.
21. Departament of the Nevy Automated Information Systems Security Program, USA [Electronic resource]. - Mode of access: www.cs.nps.navy.mil/curricula/tracks/security/AISGuide navch08.txt.
22. Anishchenko, V.V. Metody otsenki effektivnosti zashchity aktivov v ob"ektakh informatsionnykh tekhnologii / V.V. Anishchenko, A.M. Krishtofik // Informatika. - № 3. - 2004. - S. 95-105.
Email this article 