:22/1
advertisement
22/1
(2010-2006)1
:22/1
2010
(ITU-D)
! "#$% &' (2006 ) 2 (WTDC-06) 34 " ,
56 78 ! 9: (2006 ) 1 1 2 - .
*+ ,- * " ,./ !
BC D ,./+ E/ ! 2010-2006 @'% A$4 8 1 = >6 ? .*2; 3#$ <$2
D ,./+ G2 ! *6 ? 18 2 = +? . % $ F / #
. +$ H 1;I JH;K B +L @!6 BC
: Mr Souheil MARINE/Ms Christine SUND
Telecommunication Development Bureau (BDT)
ITU
Place des Nations
CH-1211 GENEVA 20
Switzerland
Telephone:
+41 22 730 5323/ 5203
Fax:
+41 22 730 5484
E-mail:
souheil.marine@itu.int
christine.sund@itu.int
: !" #$
. !" #$ %& ' ()* + ,-./0 12
ITU
Sales Service
Place des Nations
CH-1211 GENEVA 20
Switzerland
Fax:
+41 22 730 5194
E-mail: sales@itu.int
http://www.itu.int/publications
: %)*'+ %&'(
© ITU 2010
R !S T+ A;/+ IL UFV% 6 WX- $ 9Y% @G :Z T+ 5[ 9? \/ ]^ .N'O P1Q EM
._
22/1
(2010-2006)
1
:22/1 : !"#$ % &'(
%& '( ) *+ ,* ( - '/0* 1 . !" # $
.12&1 3 41 567 8/& (
iii
22/1
%9
1
......................................................................................................................... 6
........................................ &'#$ %
"#$ !
I ............................................................ 0+ -&/ , *
+ )&$ ($
A.I
.............................................................*
+:
90+ 78 456
1
23
B.I
7
7
10
11
11
14
14
14
20
20
20
........................................................ B&3
A&2
@!
>? <&=
&;/ II .............................................................. 0+ -&/ , *'# )&$ ($
A.II
............................................................... *C
0+ 78 456
1
23
B.II
................................................................................. E
D
A5- III .............................................................. 0+ -&/ , *'# )&$ ($
A.III
............................................................... *C
0+ 78 456
1
23
B.III
................................ O&=EN
?&N
-
0EI
L;
M
:J5
!
4-
5I GH &FE/ IV ............................................................ 0+ -&/ , *
+ )&$ ($
A.IV
.............................................................*
+:
90+ 78 456
1
23
B.IV
23
.................................................................... %&R PQ
V .............................................................. 0+ -&/ , *'# )&$ ($
A.V
.............................................................*
+:
90+ 78 456
1
23
B.V
26
................................................................................... 1
UM&? GT&; 1 SQ0
28
.......................................... &=V
X?
:
&W , <&=
0V 2 SQ0
31
.............................................................. (Spam) &8;
ST&- :1&
-
YZ 78#M
47
......................................................................................... QC
4-
5/ &? 78#M
57
...................................................................................... ^
_?
- ]^ 78#M
23
23
1
22/1
22/1 '( )* +, -.$ / #$ %& ! " ; & <& 7= > '? ) /34 @1 9 .1( -.$ / 01 234 5 67 894
23N4 /MO PK PQR I3 'ST ' /M .-.$ 0GH I# JK H L) A BCD 'EF&
/ 8\ +, .-.$ / #$U V4 W ? 7N X X$Y I$Z J +, [),$&
PG^ d`K .b / ) cHK +, ^ M`4 & M3` a B^ _TK KCD '-.$ / +, ] B^
e& B, / & 0J f g +, '>7T d3 T *h & LMT a ij 2K^ @1
2
.kJ B,1 l3 B$K m?
:n] e o $p t-.$ /s Q4 rF
•
t,* p M? I ( S$& +, B4 u1
•
tK.$ O% E
•
tP v? f 8Mg 1 [) v)g
•
.-.$ /s Dw "7
•
@1 7= i44 d` A .-.$ / 01 ! Q7 / P0J M` B^ x / *, M ey3
. |9 i$T Sz^ , } BM4 )u .z{ *, +, *, GH4
$ ,> 2K# ITU-T X.1205 f ) g +, ' |~ ' "\
B>G 3 >& GD^ i) 0J <& [1 67K 7J l3& K>G 8H&
I>$& ^ >9& >`4 .I>$& ^ >9& K.$ 3 a f 7)< /MO W JM
> M *? '
A*4A >9K^ '
)h '
3N 'g 3 'IH=& '& i? 7
>9> h +, H? Z H] -.$ / )z B#! / .K.$ 3 f K<& ^/ &
:e /s |) k#4 .K.$ 3 f * <& 01 I>$& ^
D
•
* L), >`4 )u W '$
•
u&
•
? g 3 a '
> ? g 3 '? g 3 '-.$ / I u 87H4 87& /
.u x 1 M` * .? d\ g 3 '
>
kp= )h >9K 3, P>, 71 9 (CI) BCD '
H f kH /34 } B] /
/ ,> 5^ +, ^ e / ^ [Q ^ $ g* +, { @1 d)4 ^ 7N4 5Y W $p
>9K w) 'FD , (-3& D& w) , / ? g 3 k#4 .)T B{ f x
& JM4 , >`4 [, 7M 'z ) / "?" 3N /34 )u .(1 M` 9K) (
K3
'g3 T& 'p>M & 'x& '\ ', ' g* ' 'D*& >, 'uN '
A*4A
.27003 27001 !" # .42 () *$
% &+ ,-/0 1 23 0 :(WSIS) $
% &' % 1
2
22/1
2
2K^ 4 >? rF N @1 JT f > T r f B)3 . M? )h ,Nu
)u dD (FDA & >? f U '? g 3 a 'Sz^ [3 5^) ? g 3 7) M`
.5*uA A L7& 8,) / K& B>F /
'
N 'uN N '|*& -3 w '2 h & 2^ 2 *uA ,N x / ENu ]
JM4 +, >,A ] )>4 ) *u f ? ,N x /M .M? i4M& '
H`$&
xo 2 m& 0 +, L )>4 & o^ ,N x BCD '! +, .
A*4A &
? g 3 f d3] N, 5^ v)T BCD '2, .o>,^ BY! k*4 X)z ) )3 [)u f Y '
A*4A & JM4 ENu x) Q P P^ H +, v) B^ 2K#! / >
>? D B^ 6K B#! / .[) ,Nu f 27 0^ +,
.
> ? g 3 eFDA BM>
> ? g 3 / ,D ,> (CIIP) > ? g 3 a .4 '1 M` f 21 ` >]
g 3 4 z / K.$ v? M!^ r / >? -.$ / D .0$ +, -.$ /
.I>$> JTA D4 W )h M3` I#4 '$? ,N 7, )>4 W > ?
N`K M!^ / [dw] PAM!^ z#4 U '? d\ ? > g 3 +, Y4 B^ K.$ vg /MO
[G . guA p `K )h D & >Qo f (botnets) 4 L)< w '[G
v? >`4 )u ' @1 DF .> +, M3` [)u f Y4 W (3< L dH w)
+, [, '(pharming) *<` & u$ g (phishing) nTA )* w ,` d\ N`K^ K.$
N4 mNK E$4 r 'r mNK +, D4 Q7& )4 r A f z{ -.$ Nh .o u
.K.$ <& xo 7>4 T k +, B)3 F4 )u .IK.$ IQ> )
'-.$ / #$ %& ] 0`K1 '? K.$ <& e, [ -.$ / g ( 6R 5^ >`
' kH< d)4 H4 'Nh 84 PG^ M` .vT / r & 5)* f 7 [HA /MO W u1
a +, ),$ B^ -.$ /s )J ( 6K rF B#! / .-.$ /s ( 6K 5^ / P0J 6p [1
H? '
& >9K^ f K<& & a '
,N ., N< > f b$& /, m> / )3 *u
.87 g B>F 'e / K '7>% +,
3
22/1
! "# $%& :1 *
! "#$% &
.'( )+ ,- ./0
(CIIP)
! "
# $%&
*( )
*( )
!" #$%& '( )* +,$ -. //0 1
2 3 -4 3DE B
0
( 2005-2003 A B
C A (WSIS) 90: ;
< :0 2 1 = >?
8 @*6 5 (6( 78
>?
NO( P9 * > - 39 7( K6 LI 3M*8 - 36( 35 J7 )* ?2 5I 0 FG HI8
: ( 6Q R
* S 1 = "6:( HIT( "2 U' -* 90: ;
< :0 2
(
`
O 6QM ^a" (2006 ^ A ;I:) JZ9O: J(R: [\: 71 "2 A 6"9 4 XRY
b"2011-2008
Rd
A -.( 2e H fg A 6Q "(6 //0" (2006 ^ A ;I:) JZ9O: J(R: [\: 130 "2
(c
b"1( 90: I99
(h
3DE 3 >, j= A i (WTDC-06) 1 :0 [\ C(R * ^G - 0: H/I.
$ 9( k"
* +,$ -. 6Rl mN 1( 90: I99 2^( (
T 3(0
//0
r" 390 (2006 C(R) 45 "2 6
* pG( `6Rq ^ED n9%1 1 o^2
22/1
%&'( )*+ ,'+ - #/ 45 !#$ ." 0#01 %:;+ <=> ?8$ 9@2 !7 ,8 9 0#01+ -2 3'4 )5,6
A($/'4 BC DE )5,6 F>: GH 5 I#+ J/# K2$ 9,L4 MN5 $/ A( $
2006 J1 A8@;4 A($/'4 BC DE J/4 )*+ ,'+ - #+ O!5 PQR S$ .2006 J1 A8@;4
3
.http://www.itu.int/md/S06-PP-C-0024-en :T ?@4 O!5
!, \3H$ K]3( )*+ ^+ P\ 17 )/ 'X Y62 Z ;[4 ,5
a13 )/ 'X _ ` Z
2 M3HE ?g3+" K@'1( (2008 9fH:@6) )*+ ^ 41 1,X IbC c+/,5 d> 58 _ `1!\8 Z ,5( m5 d> "' K/!l! kb 9(CIRT) +@!14 iV@j )h 'R$ (g
a)*+ ,'+ P\ 22.1 ]4
J1 A c!R2 d> (GCA) p q41 GH( r14 s@4 ? Mt u# ^ #+ no!#
O!5 0= ? 9<Vl4 F>: </g4 1l g+ m/: K]3( Mt )h 2007 @# 17
: ^,t ,1 ) !* ) )k@
H@H v(/ •
6w$ ' v(/ •
q,&' x •
)/ M'( •
T$/ K$1 •
6w \3H :v[+ Z H@H )#/ $'+ ;= O!5 F>: ,1 ) ,8 "H@H v(/" 0=+$
O!5 "6w$ ' v(/" 0=+$ .I$V @ #\( )*+$ )@!14 6@@'+ )ly O!5 l+4
)\\| 9v MN; Ro4 <VE$ A <z01 G{ V,5 0#01 v(/
x (g$ L'5 3$ H ),gx #@ O!5 "q,&' x" 0=#$ .V,5 v#1$ @=@+$($
)g+ ?8$ O!5 ")/ M'(" 0=#$ .)@!1,! #@j 'l ,&H2 #} 9)z <VE$
0=# 9Ivb2$ .'R@ GH( #@+$ 9m14 H$ 9q5@ <[ )/ M'( )~
5 4
. #N $'+ T$/ u'$ @j$ K$1 O!5 "T$/ K$1"
$ [ M'l H$1+ )g+" K]3( )*+ ) q41 s/'4 F/,5 d> vb 4 d P$3
.MN5 $/ @5/#$ )*+Q T$/ V @5/# kb 96")*+$ )@!14 6@@'+ ,1 $/ DE <yl4 </54 /+ u#R 5 )*+ ,'+ - (H$w )l\) 3 GH \3H2
/1* O!5 p > %/)/ M'( )$V2$ ?#3 Qb 9' K/!l MN5
VQ <N +@($ )
; )$V2 5@,$ (CITP) )@!1,! 6j 'l #}/rR@
.(CIRT) @j 2 iV@j 'R@ (g )/ M'( )$V2 5@,$ )*+Q T$/
45+ 6 ! "# $% &'( ) *#+ ,- ./ & 0123
.&A;B %/ &( *789 :; <$ <2+ &19 <=> &1:?
.D+( :) 5E F: G=) H I J) *3 K & 6 5- %
:( L; D+( :) 5E F: G=) H <3 L; M,N9 6?O
.http://www.itu.int/osg/csd/cybersecurity/gca/docs/Report_of_the_Chairman_of_HLEG_to_ITU_SG_03_sept_08.pdf
:( L; *9T9 *>+ U( D#A; 4 Q% MR( <? S# L; M,N9 6?O
.http://www.itu.int/osg/csd/wtpf/wtpf2009/documents/opinion4.pdf
4
(V
(:
($
(z
(
3
4
5
6
5
22/1
#, @L' O!5 ,1! $V H$1+ l3= 2008 ,@H (COP) t O!5 ;R #} <Vl `!R2
? y( t O!5 ~ @! K]3( )L6@+ /+ Qb 1 M2 ?7 t O!5 l3$ ;R
R@$ Ro4 /#/ (1 : <Vl4 F>x m/: [,+$ .
#b~ M=3$ </4 % )=$
(3 a<V/1 )@' Qb #N$ Ro4( 5@ (2 a MN; l3$ ;R( Z 1N
E L+ ? )t$ m14 Vl+ (4 aRo4 H/+ O!5 A,!14$ ),&'4$ )@j </54 )$V2 ?8$
.@,! )Vl >;'+$ ?8@ $/ g+ )=3
(IMPACT) H )/#/L L6@4 mR <V/1 $/ =3$ )*+Q T$/ V A( K$1 :
!*4 k2 ?7 DE m/Y Z$ 9 )*+Q T$/ VQ q41 ,1 GH( RE %:V@$ %L$ %Yb v@ SV= )x$ t P\ )=y$ )@j M=3$ A
(1 :q: H$1 x F>x m/:$ .1;( H )/#/L L6@ 62 V( MN5 $/!
,!w$ $/ ) ?8$$ =x M3HE (2 aiV@j )h (g$ >Hw$ l,! q45 RE ?8$
C4$ #3l )/ M'( L+ (3 a(CIRT) (@j iV@! (gQ 'R@ [ 9+,&'4$
.1 M2 ?7 #V/14 !*4 k2 A( T$/ K$1 L+ (4 a)5\ ?7
(
(d
22/1
I
6
! !
" # $% &'( )* +, - . /01
.! D-E 7 (B ;?
@ A
+1 ;<9 =>) 2!3 4
25 .6 $ 7 8 9
9#@j Y@!14 'l #} !,5 </54 DE )@j 9dV* F$ q@ ( u!1+ l$
z$g+ {2 ,= /!( d2 5'* )5\ ?7 ,3+ Tj H*5 )@!1,! 'l .{,8$ #,j F>: 0#01+$
#0$ Ik L# K2 K = <V@6@ L!1 d> )@!1,! #@j 'l! 3 ?(\ K]y $ .K/!l V$/h
.!: #V*
,'+ - #@;( )6 V `*o$ .;!4 Ro4$ Vl4 V,5 )h v[( IN#2 K+ #04 F>: K2 O!5
:7T @' O!5 F>: V( )*+
) q1( [ )@!14 )/t , ly = A1N !*4 k2 ?7 )V#E$ + KE
F>: ,3+$ . $ [lt )( ]+ A!,14$ (ISPs) `HHw )/b dV@$ )l3 q!3$
)0Lg$ \' 1 <yl4 $ Q1 +$ @ v(/ + 9*j [4 l O!5 9~
</#/6 )/+ /@+ $ [lt ) K2 h >: /1+ /#0# $ .JhVz +$
)g'4 [) #g ,5p O!5 53 q;N+ {E h .q5y v b~ 1l$ q5y LN1( 9b/!
6E J2 ;+ {2 ,= (\' 5$ 'l$ ! <VN4 !+$ )$v;! <VN4
-5Q \b$ 5 </@4 )1l4 O!5 )@,5 q8+$ +@($ )l3 v6]+) #g ,5p
/1+ O!5 ,1+ !*4 k2 s/ 81 IHh2$ \!| 0@h DE @1 F>: dVC+ T($ .(4 $(
.!34 F>x @!h DE k@
'( {2 O!5 (PSTN) !#/l @,1 'R@ +x ly 1+ 9)@' </1 9K/!l %&1 'R@ ) `! /$
F>x 'l <vl= M062 #g )=3 !B 9K/!l v[= $ . >: O!5 L#} D@+$ 92
)*+$ )@!14 )6@@'+ ?# ?@ K2 v ./LX >: IN1( LN1( ?$ )@j ? `H$1+$ )l3
2 )l!\$ ?(R d>6 v+ i/hE DE sV2 rl *+ ) !Q$ ! *+ )ly ,
= v #/! !#/l @,1 'R@ +x )ly O!5 /,14 )M6E$ ) c1 `lk2 $ )l3
.
>: u </#/X )l!\4 l!
#g ,5$ )@j -H6 K$1 O!5 0= I/#0 )*+$ )@!14 )6@@'+ L/h2 Z )v qN+$
$ .)@!14 )ly$ ,&H2 K@/o#$ 9/t K$#/#$ K$V@#$ K@!S$ K@1N# #> A!,14 sV$ ),&'4 ¡v$
k2 VE K,8 £j c¡2 c K¢ 9)l3 2 dV $/( PQ\8 Kh v[= )@j k@+ Ah
9I1 ,1 Qb $ .J5 c6@( %$ \o !,5 9:$V¤@$ 'l @!3 %L 9A'14 #b~ !*4
>: K]y $ .)@!1,! #@j 'l( !*4 Ro4 <VE $ ,Yb z01# K2 t P\$ @j S
9T$/ /1* O!5$ .1 [=$ %Q4 3( )6@@'$ ) ul\+$ #@\+ ;# K2$ [ 5N# K2 Vw
.$/ h O!5 M=3$ $/ A( u'$ K$1 0#01+$ )@!1,! #@j 'l #} qN+
.(2008 6) ITU-D 1/144 \"&19 <=> &$2E *[5 :*?2R 6 &( YWZ" &>) MR VW
7
7
22/1
A.I
9)@!1,! #@j =x$ #} #N( 'R@ ) s@ O!5 q5@ <[ 1.A.I
.T$/ K$1$ rR@ M6w DE 6j($
.#V4$ H ),gx MN;$ )@!1,! #@j =x #,j 'R$ g+ ?8$
2.A.I
9x d/*$ V/1$ iV@j #@( !* ) 'R@ \3H u'+ DE $/ V@LX =34 3.A.I
.L' 1$
!"# $%&'
B.I
Z m$&$ )6h - #l+ :>;' >o+ Z <V/¥ )@\t K2 /( aK/!l ?7 A( =3 ( m/:
.)@\t F>_ PQ\8 9K/!l v[= 9'R@ )@j D@+ m@$ ./!( = _ V;'#
'l 1N R@$ \bp d/*! rR$ M6E DE 6j( )@j A A$C4 P'E
1.B.I
.) s@ O!5 )3'4 Qb 'R@ H
¦+ D$ <@\t [,+ 9#@j Y@!14 'l A]+$ 0#01+ DE O1+ $V d l'(
.1
¡]( m1# (1) p 'R$ K( d2 K¢ 9J@,1 c6$ O!5$ .'R$ Fl5( (3) 9(8Ro4 ?7 I<V5 $'# G{ ) cL6@+ Z Ro4 V/§ (2) 9/!l DE l'( )@!1,! #@j 'l
? K$1 u#R 5 9 F>: >;'+ ;= J5 c6@( V/§ (4) 9 m/: V/§
.A'14 !*4 k2
'R$ g+ u#R 5 L ?@ S F>: K¢ 9 p 8$ 5 /#/ %# K2 $
K¢ 9 DE 8w($ .>;'( !14 )$ '0 R +$ 9)#@$ ?N+$ 9)$C4$ $V V/
_ ?!\N4 sb $/ \3H 'R@ V@LX IN#2 K1N# / g+$ L!5 d@\'# Z 4( q5@ <V#z d$N K@# / 9 p 5 ?8$ 62 $ .
L!5 u;4 m/: f@!( K2 @=/# K2 A$C4 MC: O!5 A1#$ .) 5 A$C4 l= A( , .!#@R < # / p
Ob@# K2 ql'# 9 /($ .:v+ S ) ]# K2 p rR$ RE d ql'# .2
m/:2 V/§ K2 R¨ ql'#$ .'#/ Ro4 l (g O!5 </$ H$4( q! )$ Rw ?8$
,1+ K2 @j v )H$ @j )=@! S 91 m/:2 /#/ Qb $ .1 .1$ <M;= [= @' O!5 <4 m/: f@!( 62 I1
9A'14 A=34 ) q![ ? $3+ !,5 Qb H$1+ <@*( 'R@ F>: ?8$ ql'#
.3
s@4 O!5 F>: 3H ql'#$ .'14 )\($ SV= $$ t P\$ 9@j )=@
.@j ^ Qb K@# K2 N;#$ 9rR@
`&;Aa &7#? &2b Nc( K I V# <AR Nc( )Jd I 2 Q % F;( _.#
.(&A % &') +WB #3 6 e &2b f)? *98 gh <AR
8
22/1
8
d> q@j K4 /#/$ arR@ s@4 O!5 3 /LX( PQ\8 T@ </ C$ q noy /#/
2.B.I
10
9
</ )C4 /#/$ a >: 'R@ $C4 cE =@+ 9 @j 2 iV@j (g u# FRE ]3'# K2 ql'#
.'R@ g+ -H@6 -H6 >_ u!14 rR@ /LX <V 9$ !h4 9D@# noy /#/ ( u!1+ <Vl P$3 -!\#
(1
!14 4( VE O!5$ 9) s@ O!5 @j( A!1 noy @:$ 9rR@ s@4 O!5 ql'#$ .t P\ ? 5;# K2$ 9@j )C4 V@L6 u'#$ c6@# K2 ?\#$ 9 (
\! F>:$ .@j ^ DE ;' H¢( K@&§ $ @ H no3 >x K@# K2 [4 h'
@# m@$ .1l LN1( A( 5; DE Z )H A( , u' K,N #$8 s@4 1
./!l p ' ),&'4$ <V c!5 0+# K2 S IC I2 -'4 `@ $2 no3 $/ >_ ?!\N# K2 DE , 6j &+ / 9 ( u!1+ <Vl /!l P3# K2 Vg
(2
./LX >: 5y #>! C4
.
p 'R@ g+ ;!| M062 >;'+$ ?8$ 5 $C4 sb )C4 /#/ A1#
(3
.%:$V2$ t P\$ @j )\!$ 9@j )z@ bV A,Q4 ) q18$$ Mt /#/
)C4$ V ?7 O!5$ .A=34 ?7 A( " " VE 1; 'R@ )M6w -!\+
LH*( K@@#$ {$#/#$ {$V©ª@#$ {@!S$ )@!14 )ly$ ,&H2 K@1N# #> 9L6b$ @j bV
) q1Hk l= O!5 -$ .: ql'# Z )M6w$ c( @1!\N# K2 A1# d> $/ %L;+ 9{@!,1#$
@\t v@+ A'; Mt l= O!5 A1#$ .%YC bV )#@$$ m/: /#/ t P\ <V$
.(@!\4 )M6w zQ R$ L6@
.%L'( ,$ A=34 ?,X H$1 )l+ /#/
*+ ?g3+$ + Z £ v$ £ H$1 )l+ 9M@ O!5 9z01+ K2 'R@ )@! ql'#
q!3 $2 r s@4 O!5 >;'# m@$ .@j$ t P\ A( , )@!14 Vl+$
%
VE$ V@LX F>: u'+ IN#2 ql'#$ .@j v$ @j )C4 N#5 ;R \@(
.)@!14
.rR@ s@4 O!5 t P\ )H=$ )@j A( , K$1! )
E
M
V@LX F>: q5+ K2 ql'#$ .;y$ h@; !,5 Qb 'R@ \t >;'+$ <@!($ ) ?8$ ql'#
.A=34 ?7 «*$
3.B.I
(1
4.B.I
(1
5.B.I
(1
9 #N X14 $/ V@LX 0#01+$ 9A!¥ A=3,! q!¥ s@4 O!5 A$/ M&' /#/
6.B.I
q41 BC4 5 V* 45 >;'( u!14 P$34 GH l5 >bC+ K2 O!5 9</54 V@L6$ )@!14 %+ .(WTDC-06) 2006 J1 )*+ ,'
,!w )#/'4 =34 Qb </54 O!5 rR@ A DE q /LX *
(1
)#/'4 F>: J@+$ .Kh -!2 ,5 ¬$$ )BC y 9-#/$ %!1 @+ K2 S Z $/ $2
S ,= .Y@&'$ Yb$ :2 % K/!l! k; h+E$ 9Mt $5 v@+$ 9#N( q5@ <[(
.i>j 6% fJj &k>9 I U+= l;A <$A \*;( 6% 5- 6 m! F: "i>j 6% fJj &k>9 F:"
A Step-by-Step Approach on ) *9,- Q% 6 I L; n o!( 3# + fJj p &Z( &q, *E F :
*9j &k>9 &:% > "% &: p L; F;b .http://www.enisa.europa.eu/act/cert How to Set Up a CSIRT
I "i>j" u;bT .t.( GW &: 6 # , QJs \(CERTs) &>j r)b *9j Y! &:% % &>j r)b
\*c( \*vw+( .7% \$( <2> L; \Ubx yz H I &;{ )T <A+ i>j 6% fJj &k> F: )2
.n &;T( *H2b \0WWB 5 <A e &;H#( .7
."N-CSIRT" Tc( \")T- \i>j 6% fJj &k>, &#N &: |d )R> \H }~
9
10
9
22/1
@: >:$ .! m/:2 u @ !1 $/$ ,!w ),&'4 #@N1 $2/$ =34 /LX >: /5+ K2
.45 >;'( u!14 P$34 m/:2 /h2
q41 0#01+ $2 A DE O1+ Z mR <V/14 ),&',! h4 \3H$ G =34
b) )*+Q T$/ V mR <V/14 ),&'4 ![2 $ .T$/ K$1 0#01+ R sb2 #R q:
9# $/ ,&'$ 9dV* K/4 ,'$ K$1 ,&'$ 9()@!14 ?, 41 ,! 5%6 ,1
K2 )@! S sb2 )BC ': 9 DE 8w($ .:v$ ­Vx ¥$ ~ dV* K$1 ,&'$
.K#/#v4 BC [ 9 ( !*4 4 K]3( )@!14 L %+
r14 ,1 u# [ 9t P\ :V@# Z V@LX =3 &' IN#2 ql'# 9 DE 8w($
.!,4 sb $/ V@LX$ ®@j h
._ !14 )#@$ ?8$$ ( !14 @ V@LX /#/ Ro,! ! <VE !,5 M3HE
#> K$V@4 ) L!3$ ¯l q$ )@j J2 /h@ l @: Ro4 VE KE
#,! k'1$ @ /#/ 62 '$ t P\$ J1 P\ A( K$1+ M/l (%{@,5/#
'l @( !14 )#@$ ?8$ S 9k'1$ @ F>: /#/ h$ ._ !14 )#@$ ?8$$
'l! "d@j" ?(\ J@L; K2 l 5 -# 2 %L4 $ .¡ h Ll++ $2 )@!1,! #@j
.sb2 h I#@h K@# / h I#@h Fl5 S $ 9'14 j( K@: 2 )@!1,! #@j
d@j ?(\ K2 9_ !14 )#@$ ?N+$ #@j @ : V/ q:$ 9:l5 $/ ?N+ K2 ql'#$
.)!,1 A$ 9 'l$ 96@@' 1;( v# K2 cH]y
#} K2 .I( I#/ 3+ Z @ MN;$ )@!1,! #@j 'l! #,j u /1#$
ul\ qN# E !,1 F>: L!5 d@\'+ Z #@j @$ MN;$ )@!1,! #@j 'l
(@N /#/$ 9-@1$ 1N R@$ Ro4 %+ [) Ro4 <V¢( kt ),4 5@, ,4
)/* q@+ ;=$ Ro4 <VE A!34 S (!5; $ 9>;' (@8$ 9 ;o l$
)$ )gL' )@!1,! 'l d@ sV s/ I@,5 @+$ . %LL PQ\8 h 5
/1$ 9($ 9!k@ )£ K2 /( .{@/# Z )/o! q!1; `@ ?(R DE &'( Ro4 <Vw /
?' u+ 9> gH$ .c -:] $2 \t %( @L( J O!5 </ /§ )@!1,! 'l! r
'l x 1+ Z Ro4$ =34 ( c6$2 %+ t$ J1 A5\ A( K$1 0#01 gH <v[=
.(:v$ 9(:E ),g:$ 96@@'+ \52$ 91lR i@= ) .G )#@$2 ?8$$ I#$V c,+ <V5E$ p ': j %+
% )!,5 c/o S 9% I'R$ I p 'R@ g+ ,N+ K2 ql'#
%+ <V2 J/o( 9K/!l! S$ .%5/4 % /L6 $2 -#/ M0g= FzhE d d> J/! >
m/: ? + u !,5 3'+ K2$ rR@ :RE ',4 )[$ <@ R@ V/ K2 9=3
¯l #}/rR@ /1* O!5 p > %! )$V2 )*+ ,'+ - ]3H2) .<@64
.(),4 N]( !14 @ F>x lh* K@+ q (CIIP) )@!1,! 6j
.L ;=$ -#/ )l!\ /#/
K]3( j c+ ? # >: <V@ _ Ok@4 ),4 N2 H4 g'= 9K/!l /h2 / /
j K@# /$ .A DE ( '1 cH( -H@6 ': K2 9()[! ! M6E d2) v @! X14 </#/6 @ $2 AH@ k [) IH@H $2 (</#/X ) $2 <0L6 [) I'+
#3l )/ M'( /#0 DE Z = 5 IN#2 )[ ! 3# /$ .I,&'+ $2 (%Q4
.(-#/)
(2
(3
7.B.I
(1
(2
8.B.I
(1
9.B.I
(1
22/1
II
10
)* +, " #$ %& '(
BG H
I ) J% 0K L! EM
NO )<P Q( &'( R
0 !! 9 2 S T <2! H< H YZ ;.S+
G .2 S ) US SV
% W!P X- ;?
@ A
+1 ( .6 L! <9
! )[ 8V[ H ) _` L! JVaG bc H
<d e[ ) .-\ ] X 7 ^U,[ !<
!G ) US S )
S ] <S D-E <E HfK ;
G g5 hS i0SG !3 jS k! !G
] US l mO n2S5
.c G _( )* p
8V $% Mq H JVa" ) i!k 8V[ D-E /<
BG H
HfK ;W- .,o
K¢ 9 O!5 °M'($ .)/* q@+ O!5 Y/$ 'l H$ K,8 ,V !* t P\$ @j $
'l! #,j @# K2 /h$ K S cH 0#01 q2 2 t$ J1 A5\ A( =3
K2 >l¥ , 9t P\ L!3( J@# $2/$ =@! <v[= K/!( H 'l u %&1 K2 DE &'($ .L!(
t$ J1 A5\ A( K$1 ± qN#$ .V: #\( °I1 ,1( 9c( @'4 $/ = 95'*$ @j J@+
.[ (3) a)$C4$ $Vp 8$ k$ (2) aK$1 >: ,( 8$ 5 (1) :: k'5 Q @+
( J @j L Z ?'4 [,+$ .t P\$ @j M=3 A( Vl4 ?'4 /#/ O!5 =34 ± @#
:l 9@! )k*b \H b I<V5 ?+ Z )/ v@( L!3$ 'l dV@
aK/!l v[= $ 9<v[= )5\ #@j 'l %&1 <VE$ !
•
a)/ :v$ 9JL4$ 9u4$ 9,&H$ 9)l3$ 9@k %L;+
•
aiV@! (g #/ $2 <t
•
a)6h O!5 I1# 0=+ </#/6 )6@@'+$ )/b$ )g' v@+$ ( O!5 </
•
.LHk$ YVE$ L!3+$ :3H$ 41 `HHw ly %,*+
•
'l #} 0#01 @j ? ,1 8$ 1;' ': K¢ 9t P\ DE l'( , 5 %( u!1# ,$
:L'( 9l V/1( H$1 Q1 F>: , z01+ K2 )@! S$ . $ )@!1,! #@j
'l c6@+ Z Ro4 K]3( 9-'4 `@ 9</;4$ 1,$ /$ !! )@!14( A!34$ Q4 /#$0+
•
a#@j a#@j 'l #, !14 )$ )Vl4 ?8$ #/l >' t P\ yE
•
,5 s@ O!5 °M@ ¥ ?'4 9yl4 *+($ @,1 ¥ u#R 5 9)C4 <V 8@+ K2
•
a%_ kt #g ,5 )g+ V z$g+ '2 v(/+ ,[ u#R 5 q@ s@ $2
\H O!5 @l4$ ,! ' ),4 V,5( 5@R J@+ q )=3! 0@j %5V$ ?g3 ( Y
•
#g Lj* cl!\+ \H b ' Y$ Y!,5 A$ #/( 9MN -h 9J$ 9?$
a<V$/¥
aLhQkE $2/$ L#} O!5 </54$ _ kt )#@$ /#/$ x JL /#/ t P\ ? ,1
•
a#@j )@!14 #} $>l4 V@LX l 0#01 zQ i@l! %5/ v@+
•
)$/'$ )l#/ u#R 5 9)5\ A( =3 !y )/( PQ\8 =3,! zQ V@4 /#/
•
a,5 !k@4 \o 62 ) c6@+ %5V 5 ;# (@j 6>,'$ l#/ )$/$
11
22/1
) )/t$ 'l u4 ¬1Hw$ Qkw( u!14 %5/ v@+$ '0 j ) )@!14 %+ h+E
.iV@j )$2 Qb #@$
•
$
)*) )"
S$ . ( u!1# , ,L' = )$C$ $V I=3 I¡;+ I#@ 1N+ K2 t P\$ @! S
'l @+$ K,8 -!\# @j , K¢ 9[4 l O!5$ .#,j V@LX <V$ u' @+ K2 @!
q'+ $/( J@+ K2 @! S 9 DE 8w($ . Y/b$ LL %5/ @j H \3Hp #V4
S$ .A1 iVj (gQ V@4 DE t P\ L ;# Z )j </54 L'S $2 = P@$ h
% @=@+$($ ) ?8$ 9
A 62 t P\! 5@\ V@LX ?g3+ z01+ K2 @!
d> \' b 0#01+ 62 t P\! 0@j v@+$ 9Ro4 K]3( `@ 'h$ </;4$ !! )@!14
#@B$ #@\$ l( J$ )V M6E )!,5 O!5 m3+ K2 @! S 9Ivb2$ .)C4 «* V$/h cl!\+
.Y$V2$ )!,5 A 62 )!,1 F>:
,+
A( Vl4 )Q1 0#01+$ #@\+$ Vw z [ K2 ,= .5'*$ @j A( K$1 g' q2 *'5 q: [
)j( q5@ z01# K2 @j$ t P\ A( )@!14 Vl+$ d@ K$1 K]y $ .t P\$ @j
Qb $ .¬1Hw$ (g \3H2 %5V$ H Ro4 <VE O!5 </54$ 9g+ 4 K]3( K$1 v+$
Vl+$ 91N R@$ Ro4 /#/ IV/5E N2 t P\$ @j K@ 9L!!$ )@!14 %+ A
.@$ ;;o V@4$ )
.t P\ ? {$1+ s/ l5 )@j L1N+ K2 ql'# Z 1 m/: FHV2 /+$
-. A.II
H Ro4 <VE DE 1 3( dVC+ K2 {]y Z t P\$ @j A( H$1 ($ E 1.A.II
. MN; #}$
I/ qN4$ M~ u@+ DE k@ m14$ @k$ )@&'4 5@' 5@, A( ?,g!
v@+ 2.A.II
.rR@ s@4 O!5 A 62 I1
/ !"# $%&'
._ !*4 V@LX$ >;'+$ ?8@ <l4 h4 t P\( !14 )@&'4 VE
d$ kb ! =@! 9L!5 /,1+ Z H k'1$ 9#@j ¯l %&1 K@+ 9</#/5 K/!( 3+ Z )6@@' O!5 ?# @\+ 2\# t P\ )( N;($ .t P\ u#R 5 L!3+
c, c $ . MN;! @+ K2 :V; )@! S cH¢ 9>$ .c,5/+$ MN;
9Ro4 <Vw R2$ p >;'+$ ?8@ )@j x>l+ Z V@LX l'( l
S$ .V@LX F>: #@j 'l! A A!34$ Q4 VE$ t P\ &H )L6$ VE
)@j A( =34 !1 =34 u#R 5 K]3 >: t P\ M
O!5 ?!\+ K2 )@!
u'+$ 9 )g+$ ) ?8$ K]3( t P\ )!1 ,$ 9t P\$
t P\ =3 ;+ K2 @! ql'#$ .)@!14 %+ )
u#R 5 t P\ ),&' ? V@LX
._ ,1 !k@$ :>;'+$ )$ )Vl4 ?8@ $ h4 'l /#/ t P\$ @! # Ro4 <Vw G{ V,5 O!5 t P\$ )@j K$1+ K2 ql'#
;o l /#/$ 9Ro4 5 7' ~ %+$ 91N R@ %+$ 9Ro4 !$ H .~ F>:
B.II
1.B.II
(1
(2
22/1
.H Ro4 <VE m/L+ Z #@\$ l \3H2 1( O!5 t P\$ )@j K$1+ K2 ql'#
t P\ = _ ?!\N# Z )Vl4$ #@\$ l )#@$]( u!1# , #³ @8$ K]y $
%Q 2 O!5 #@\$ l )Vl ?8$$ 91 @ O!5 L/o$ V@4 n* ;# K2 @j$
0#01+ 62 %Q `$ m\4 #{ V/5w / )/t$ G+@' l*+ K2$ 9`@ h
.rR@
12
(3
=34 ' ),: X14 #@j 'l )5'k !| t P\! 2 M3HE O!5 ?g3 2.B.II
.@j ? K$1(
/5+ K2 9 'l )5\ !| 9#g ,5 )\( [ 9 F>: </,4 )@!1,! S
(1
$2/$ g+ 4 O!5 0=+ K2 F>x S$ . =34 )6h L6@ O!5
5@$ 9Ro4 <VE 4 F>: ,3+ K2 S$ .= t P\( !*4 ' @3 <VE$ !3
? =3,! C !,5 F>: t P\ 2 @+$ .7 sb2 $ 9:>;'+$ ) ?8$$
. ( !*4 4 K]3( j )@j M6w s/',= _ H1 S$ )@j
% )5\ q![ A( ?,g! F>: M3H¢( #@j 'l )5\ /#/1 J 9K/!l 1( $
(2
v@( IN#2 F>: J@+ 9<v[= Ḱh2 $ .7' ~$ 91N R@$ 9' Ro4 K]3( )@!14
'l x 1+ Z iV@j
;o! $>l4 V@LX v MN5p q!1; `@ )>Hw$ )Ll'
.L' 1$ iV@j F>x (g$ #@j P\$ )@j d2) MN5 A( )@!14 Vl+$ K$1 + ) V,5 &'+ K2 F>x ql'#$
(3
DE ;' aMN5 #@: 5 *w J/5 :q!# v@+ ),4 F>: 1( ,3+ /$ .c( @@ s/' (t
G+@'$ 1N R@$ Ro4( !14 j G+@' DE ;' a)5\ </1 !3$ @j )@!14
?$ .)'#,$ !3 ),4$ 9­@\ )h (g u'+ K]3( P@8@4 <b$ a!!
!4 @j ?N Z )@!14 #} l VE %L4 9K$1 h+E 62 ),4 F>: &'
.I#µ j )@!14$
. =34 )#/ 3'4 _ @@ )#/' @j$ t P\ 2 A( ?,X
@ ;+ ?8@( Ok@#$ .t P\$ @j A( 6' K$1 0#01+$ M'l #$8 $y </5 ':
.m/x$ #³ %+ DE K@=34 §$ .t P\$ @j A( Vl$ K$1 K]3( )L6@ @#
!k@4 (@!\4 )0 /#/$ 9V@4 n*$ 9)#@$ /#/( #@ ,&' $2 #V; )V J@+$
Q5 RE q,&'$ dV; @! c6@ =3,! /5@ V@6$ IN#2 J0!#$ t$ J1 A5\ A( K$1
.K$1
9),&'4$ V A( K$1 ,( 5 ?8$ /1#$ . ! !($ @,! GH DE K@=34 k@# K2 -$
.t$ J1 A5\ A( H$1 ($ !k@$ #@\ I2 I2 9, F>x 8@ /#/$
.\(4 )5'* A( K$1 ?g3+
iV@h P@$ DE dVC+$ l1+
x K@+ K2 'l /h$ P@H O!5 d@\'+ Z iV@! S
/b$ ;+x )/t \1+ DE dVC# \ P\H K¢ 9[4 l O!5$ . 'l sb2 P@H2
%x ql'# 9kt %Y5\ RE ­@\ )j K@\\¶ ' 1( K2 % 9 O!5 <$Q5$ .`HHw
)@!14 % S$ .sb2 )5\ O!5
iV@j F>x K@# K2 S l5 $>b]# K2 IN#2
O!5 L¡2 x )5\ </5 ,3# @ O!5 iV@j DE (gQ V@LX /5# K2 ¯l !| 5
.rR@ /1*
3.B.II
(1
(2
4.B.II
(1
13
22/1
.iV@j <Vw t P\$ )@j A( H$1+ )l++ ?8$
Vl+$ 9L!5 ?# m1 Qb H iV@j 5 7' 8 ! <v[= )h S
)Q! M6w t$ J1 A5\$ @j A( K$1 J0!# rR@ s@4 O!5$ .LX1$ 9{]3( )@!14
.(g V@L6 u'+$ )>Hw /kE$
<VE A 62 q;[$ q!3$ qg+ u'! RE ?8$ 5'*$ )@j K$1+ K2 ql'#
)( !*4 ,! u'+ )L6 %N# )@!14 % I£ IQy Rw >: ,N# K2 ql'#$ .iV@j
K]3( )@!14 %( !14 )M6w$ ) IN#2 Rw ,3# K2 ql'#$ .!3 )@!14 Vl+$
' )
$ 9(t P\$ @j( kt) !4 !g )@!14 3H$ #}$ 9L'5 #+ /+$ iV@j
K2 S )=3! !g ! ) )@!1 t P\ )@!1 ,N+ Il$ .:3H$ )@!14 F>:
)@!14 K¢ 9[4($ .sb2 l!
d2 DE $2 9$' #5V DE $2 @ n*h <b DE :3H dVC#
zQ ' v(/$ ) ?8$ ql'# · $ .@L,X 1 3'! `$ h $2 # K@+ / @j
K2 )@! S$ .14 @L,X u u!1# , Kz@ u( c+ `@ J ? )@!14 #,j
) !k@ u#R 5 t P\ ? ($ E$ )@!14 %+ ) 0#01+ Qb [ M'( k@+
*# , t P\$ @j A( u'$ *+ )HE K2 H )'#,! IN#2 S$ .%
.!1; )z `$ #,! )
3H u#R 5 L' 1 V@L6$ H iV@! (g(
5.B.II
(1
(2
22/1
III
14
- ./ +01
. s
t ( R%u BV1 vr R
VO I ) ;, !6 ) ;&'( )[ B(r )<P
.
w mO iS< x1 i! $ i$ V'( Pt
-. A.III
.H %X$ ( !* ) AH@ !y 5@, ;HE$ 1.A.III
K/!l! )/54 /+$ H$w ) )M6E$ 9Y /h H %X ¸1+ AH@ /!( = §
cH2 @ F>: ;+ 9@ l+ $ .qN J&' /h$ K 9K@+ $2 9AH@ K@+ /$ .sb
u!1+ H@H @*H$ 6w AH@ 5@, DE 8w( H %X 4 K@H /!( = s/ K@
.L!N;+ Z 'l K/!l J/o+ m@ 9j 1l\($ .!* ) Vl4 </54(
/ !"# $%&'
B.III
9Tj q'X cH@H 1# K2 /!l O!5 A1#$ .L#;= /=]! j H@H )\! %+ 1.B.III
: )@\t #$ .(l4$) 8j =34 X14 I= K= E /#/ !* ) )M6w
9,!w )Vl4 9@*t c6$ O!5 9O5+ K2 O!5 9!* ) zQ )1#3 ?8@( 9MN -h 9J
(1
K2 )1#3 F>x ql'#$ .(2001) H SX( '14 ($$2 ^! ;+ 9*j l O!5 ^ 9,3+ Z
9) %5/+ Z 6w )~$ aLQ+E $2 (@j )Hl( 8w 9sb2 !7 9$'+
l ) ,4 T$/ @H K$1 VE$ a DE $ 9$w /# /* ?l+ O!5 </ .( v$ 9V O!5 @*j
K@# 9[4 l O!5$ .{$2 ) 6@@'+ )1@+ DE /'+ c'H@ `H= E , &'# K2 /!( d ql'#
(2
.IN#2 )Hl E ,3# K@H >: [ v+ § /$ . )@* )E ?l+ ¹'# K@H ':
K@+ / Z '14 1#3 )x$ @j )\! ?7 % ?N¶ K2 /!( d H SX K@H ql'#
(3
»hQ# $ .</; < d2 /Y ºh 9'X /1 P@8@ !k x + @$ ºh 9K@H >: !* x
</#/6 6@@'+ DE \! m= v H SX K@H K2 9[4 l O!5 9)@!14 6@@'+ T$C /h2
./!l AH@ q18$ s/ ?$ \H O!5 /1( $1 ` L' /#0 >b
x,1
$2 1( -H6 ! %+ !,1 /!( d2 c( @,14 q'X K@H ?N¶ K]( IN#2 Ok@# 9 DE 8w($
(4
$/$ 9!¥ @j v ),&'4$ 9T$V b P\ q!¼ P d2$ 9q!¥ t P\ : )LX ?7
.A'R@4 )$ 9%_ m14 Mt$ 9SV=
.sb2 K/!( 4 F>: K]3( <@34 ^,!# K2 /!( d S
(5
.H SX X14 Vl4 )/54( kt$ 6w$ '; AH@ V,5$ k
c6$ O!5 l5 <>b
9zQ )1#3 ?8$ 9MN -h 91; =34( K/!l J@+ K]( Ok@#
Ok@#$ .H SX( '14 ($$2 ^! ;+ 9*j l O!5 ^ 9 9,!w )Vl4 @*t
?N+ K2$ 9 0#01+$ H SX T$/$ q,!w K$1 K/!l 3+ K](
)+@($$ <N )$ 9 K$1 A )
.:v$ 9@j
2.B.III
(1
15
22/1
K2 ql'#$ .1#3 )x$ @j )\! ?7 % /!( d2 H SX K@H P$3 ?N¶ K2 ql'#
sb2 d2 $2 )Qb $2 )6@@'+ d2 DE \ ( c!5 u!1! @L,g! IN#2 P$34 >: #
.IQk2 L\+ %+ !,¼
(@j %X [ 9- #/! H %X H %X( b K@H d2 $'# K2 ql'#$
.sb %X( u!1# , )l3 O!5 H$w V #} IN#2 $ 9(@j J )!,5$
,Q v <@*( u1# <g$ H/4 <j /t `18$ Z )Hl #} AH@ v;+ $2 ?@+ J/5 ql'#
.K/!l A( , 'X V u/+
O!5 myw$ %YQ:C /+ K2 9* )!,1( J! A#3 M½ H1 + Z K/!l O!5 A1#
/!l K@H RE <V/¼ <@*( -#/ O!5 @!*§ #> oy /# /$ .* !,5 @R %x,52
O!5 <$Q5$ .Vl4 H@H </54$ 6w qh@'( !14 J kb$ 9= <@*( zQ Jh ?7
)lw / k; DE = <@*( N )t K@!S #> oy &'# K2 /1l4 K¢ 9
AH@! l'( >= @ %{2 E #g AH@ * A!:C4 A#3 Mt 1( ':$ .)j s/hE
.'X
-!\+ / 9[4 l O!1 .;+ c#@ z$g+ )h O!5 @*! sb K/!l ? $3 z@$
Ly2 </4 9`@ 1l L,&H2 l5 '¾+ Z )Hl 1l( ¿;h `HHw )/b dV@ K/!l
-!\+ / $2 a'14 ¡ ) @j iV@h 1l( @j )\! fQ(E DE / $2 9Kh -!2
.IHl OL J/o# K2 l noy d2 %Q 3( #@x )lE
K/!l ()Q#/1+ $2) H %X K@H P$3 O!5 )!1+ 9`@ £ E 9^,!# K2 /!( d z@$
vy2 ,= 9/;4 K@$ 9*oy ;*( )!1 F>: O!5 @*j S$ .mR <V/14 ),&'4$ sb
.Yb DE IV' K/!l /#/1 &H )L6$ O!5 @*j 9FQ52
) '14 )LX )!1+ 9('R@ )M6w$ u;# ) ' !h (2 >= -!\# K2 /!l O!5 A1#$
!¥ @j v ),&'4$ T$V b P\ q!¼ P d2$ q!¥ t P\ :P@8@4( c( m14 J,:
.%:v$ Al'4 v A,L4 A'R@4$ SV= $/$
.H %X( '1 'R$ )/h$ /#/ $2 M3HE
d O!5 O!5 2 </ 9LE k$ Z ,' s@ 5 &' m*( 9/!( = s/ K@# K2 %L4 K2 S$ 9' K/!l ºh <@( ?+ / #@!t +@x J/o K¢ 9[4 l O!1 .H %X 5
)l3 DE )$v; E$ À$ @ #@$ h ,52 + #@!t +@x F>: J/o+
. DE $ 9)g;4 1yE$ H$w
%X 5 )#( n H %X u! </h@ -#/ @# K2 $2 ¶ K2 /!( = O!5 A1#$
K2 A1# Z K@H ;HE $V $2 <V /#/ Kh 1( 8@ K@$ .rR@ s@4 O!5 H
m@$ 9b >: O!5 Kh 1( d2 '4 K@H ;HE )=$ 1( ! /$ .>( ?!\N+
8j `@ noy d2 /!l >: /6@# cH2 Al+ E ºh$ .l1k ) >o+ K2 !1 )\! O!5 A1#
I,L K K@H ;HE q;@ I/h$ ': K]( IN#2 @ * K¢ 9zQ )L4( ?,#
. >: I/ qN4$ /#04 %!1+ O!5 @,R c#/$ H$w 6@@'(
qL .A¥ V$/¼ V/5 K@+ `H= E ºh 9%5/ DE H %X ) )/h$ $
-H6 %5/ >: ]# /$ .-#/ ,$ )l3( @1 <@*( L!5 /,1# )Qk@+$ [#/h )/1 DE
.t P\ L/# Z '4 $2 sb K/!l $2 $/ ,&'4 $2 /!l @h
.®@j O53 -\ 9 O!5 92 </ )/h@ s/ K@# K2 I' K@# ,[h @*4 $
</ F>: v@+ >14 cH2 q¾ E$) .8E )l#/+$ ( )$V2 @+ </ F>: -!\+ m@$
9m$& 1( $ .(£h #N ºh £h V2 P8 ,h Il l+ K2 K/!l O!5 A1# 9q53 -\
(2
(3
(4
(5
(6
(7
(8
3.B.III
(1
(2
(3
(4
22/1
53 ) O!5 -#/ K¢ 9 O!5 <$Q5$ .'1 #N sb2 K/!( N </5 @+ /
)j (g u# u'+ 0= J/# 9[4 l O!5$ .'14 ),&'4 $2 sb2 K/!( # / H
-#/ 1( (http://www.cert.org) </4 )#@ K@! Á qH= 16 (@j ­@\
. CD-ROM 2 Qb $2 <yl t O!5 #! N;o' 1]( $2 ( K$V H 53 )
sb K@H ;HE $V s/ Y/$ :V@6$ 5 KQ5w H %X </h$ M3HE Vg A1#$
,!E <@ `H= E ,k1 H %X 4 </h$ /6@+ K2 /;4 ^$ ./!l A1 A5/,!$
%X 4 </h$ ': K2 d/+ {2 E H$E V2 ,N+ 5$ S6 u( J@+ K@H ;Hw
9Iv[= ?3 K¢ p$ .sb2 )/5 /+ $2 r14 @j l )!,1( J@+ K2 S H
%X 4 </h$ c#/ /!l K]( #V L#/ ^ /!l AH@ ;HE D@+ Z C4 K2 91 M2 !| .H
DE A$/ M=3 ? )Qk %+ K2 9>( J L'S Z )/h@ $2 H %X )/h@ ql'#$
K@H ;HE ),&' $2 9sb K/!l </h@ M3HE K]3( <@34 @+ 9D$ h4 q; .
/h O*2
9sb K/!l )$ <0L6 ºh $2 <v[= y]( -#/ @# 9hQ h4 $ .$/
F>: K@+ m@$ .t P\ $ mR <V/14 '14 ),&'4 $ $/ K@H ;HE ),&' $
L6 </54 -!\# K2 /!l ?\# K2 VR( c\(+ /#0# 5 %L4 K¢ :b
-l ,L )Q*
.K@H ;Hw 6b
bV ,L4 $2 !* ) )5\ P\ = ? )Qk %+ K2 H %X )/h@ ql'# ,=
t P\ )H=$ 9®@j iV@j (g 2$ !¥ @j v ),&'4 l 9{/!(
#+ /+ ;= 1$ 9L1 K$1 %L'S %{]($ 9Y/($ </h@ V@6@( %LQ5E K,N SV= $$
.!,¼ H %6 d2 5
.t P\$ rR@ p 'l sb k'1 ? H$1+ )Q5 E
P\$ rR@ p 'l sb k'1$ @j )H A( , H$1 )Q1 1+
:l2 </1 ,L t
6@@'+ ': K2 $2 /#/6 K@H v; d cH2 5 fQ(w [) )5@, F>: A( , )@!14 Vl ( 2
a(i/ / </#/6
=3 i$/h HE s+ : 9@\t !+ uH O!5 I/#/6 IH@H '18$ E :" [) &' )L6$ Vl (
M6E ,4 &# q 6@@' !+ v+ xQb S !$ #2 /6@+ :" $2 "Âk@*t( u!1+
a("Â1 Q( u!1+ 5$3 l2 ': `H= E $w /# ?l+ !,5
a@! )j %&1 t P\ c/# m@ -#/ K2 % O!5 -#/ Vl (
a1N R@ $2 \b K]3( )>Hw Vl ( V
)h M'2 %L'( , [ M'l q;# </6 <@*( 1l( %LN1( )5\ !| ' m1# q ( :
.­@\
oy( #1+ , ?8@( ' [=2 $2 /h$ J@# K2 )Q1 F>: 3+ </X D$ <@\t [,+
.)*o3 F>_ *+ ;= 5 )@!1 , F>: /+ K2 S$ ./!l !* ) )5\ ?7 F>: `6V2 Z *o3 K]3( )5* -'g £ v <@*( , F>_ ¿;h N K@# $
.L /+ Z $2 ,
</5 \H O!5 d@\'+ Z !* ) )5\ /#/1 /!( = /6@# K2 ,¥ $
P\$ SV= $$ ®@j iV@j (g $ @j v ),&'4$ )z@$ K@534 Á
.=2 l'62 )H I1(+ b~ 1l$ nt q!¥ \' O!5 MC: 1( K@# /$ .V$ t
16
(5
(6
(7
4.B.III
(1
(2
(3
17
22/1
.H %X #N A534$ <N$ AÃ1 A5Ã/4 A( %L; ,'+
#V O!5 <N$ K@Ä1 K@5Ã/4 K@# K2 %L4 9H SX #N %Q4 @' O!5 d/* 62 K2 ql'# 9[4($ .H$w Vp </#04 ¡ O!5 <$Q5 )l3$ )$ -@j [ )g @1
.m= @ O!5 H SX ¸1+ %:/!( AH@ `H= E $ )5@8@4 F>_ #/ /( K@534 ?,#
.!34 F>x @!j /h2 @: -#/$
:/!l V@ - ;!| V* ]# K2 , 9I(@!\ q r -#/ K= E$
5.B.III
(1
(2
a)@!14 6@@'( kb <z$ d2 $2 R3 <VE [ '+ )k*b( ?,+ !¼ <z$ $2 <VE d2 ( 2
al'6 )@j (
amR <V/14 '14 ),&'4 (
aq!¥ t P\ ( V
aq!¥ s@4 O!5 ,52 c#/ K= E (I#*h ^ $) kb$ T$/ t P\ ( :
a!* ) SV= $ ( $
a6t $2 !¥ ®@j iV@j (g ( z
.!* ) l'6$ !¥ @j v ),&'4 (
)l3 ' \b O!5 %:v$ A@j A;@4$ ) q1Hk l= -#/+ /;4 K@# /$
H$w )l3 L8;+ Z )/#/L 5$ ('R@ m*4 ly 7L _ %# Z ; [) H$w
-#/ @# K2 ql'#$ .(q'X µ %xQ M;1N ;R ?@ /#/ `HHw J/o [)
.FQ52 LE 34 V*4 H$w )l3( kt -H@X( u!1# ,
v $2 H %X( kt ),=¥( u!1# , <N$ A1 A5/,! I(@!\ -#/ K@# /
.T$/ K$1 O!5 @*j $ K]3( $2 H$w V J/o $2 H$E V2 O!5 d@\'+ Z %X
:
-#/ @# K2 S$
(3
(4
a/1 <z$ $2 J1 q5/4 - [ * )k*b( ?,+ Z !¥ <z@ $2 <Vw ( 2
al'6 )@j (
amR <V/14 '14 ),&'4 (
a!* ) SV= $ ( V
a!* ) l'6$ !¥ @j v ),&'4 ( :
.K@'14 V ( $
6/4 )5@, -#/ >: @# K2 S$ .H@H * -#/+ O!5 @*j /!l -# /
c#/ K= E (I#*h ^ $) kb$ 9T$/ t P\$ q!¥ t P\ ©Å3# /$ .FQ52 <; K@+ m@ t P\ )H= K2 @: 6 K2 v .<o! !,¼ V* 9q!¥ s@4 O!5 ,52
AH@$ 'X )M6w$ H %X L' [=2 H$w <g AH@ </54 O!5 <V
.Vl4 H@H )/54( !14 $/
l#/+ )/h$ 1+ / $2 -\ /!l L;'( -#/ @+ K2 V*4 1+ / 9-#/ P@H2 ?,X l'($
1( $ .%L;H]( -#/ )!,5 M6E /!l K@(/4 L/o# K2 S (5@l\ $2 H$E)
S 94.3.B.III % cE 34 (@j ­@\ )j (g u'+ 0= -#/ [ 9)j
.#! !8 J@ $2 J@ K$V -#/ >: /+
(5
(6
22/1
l= J/4 %5/ [,# H %X #N( rR@ q5@ <[ q *'1 K= 9K/!l 1( $
$ .)H04 K@,# #> $2 , $ 9@;H d vl= $C Kh 1( ºh $2 9A$C4
1+ / 9@j ( $ − c+z$ K¢ 9 ( J,: /#/y Mz@ /h2 K= E cH2 I/6 m$14
. >: Mqy z±E K@$§ #> A!1 $2 O!5 N2 I,5V
.(7/24) 5 / O!5 I@# h@;4 H %X ly *+ H =34
)2/( 1 6@@' %Æ '1 5 5@, (G8) s H,[ 5'* $/ 5@, 1997 J5 )]3H
$/ </54 A $ G8 5@, !b/$ /1 z$ <V¢( 24/7 *+ \H ly RE ,1+
(@1k Ç K2 H %X A¥ v[ s2 /$ .H$E V2 ,N+ Z !61 ) )h 9 O!5 <$Q5$ .sb K/!l 1# )/5 O!5 c' @*j S d> K4 O!5 m1 </#/y
O!5 9
,N+ Z @\ 1# )j /5+ Vl4 H@H )/54 )/:1 K2 A¥ v[ s2
%N+ `lk2 ºh l3 F>: `'+ /$ ./!l! 4 ,&H ! *' @! ) 9[4 l
/+ O!5 zQ </ c#/ K@+ /!( d2 J,NH h@; l3 F>:$ .2008 J5 $2 I/!( 50 # .FHV2 Al4 @' O!5 </54
7$ J@ 5 24 @R LE @k@ S *+ L6 J/+ K2 9l3 F>: DE %N'+ q 9K/!l O!5 A1#$
@k@ %# I*oy *+ L6 K@+ K2 S$ ."24/7 l3" q£ v % M6 ': $ Á P@l J#2
S ºh 96@@' (1 :My2 Q no3 >: %L;# K2 A1#$ .-+4 /h2 u#R 5 $2 <yl <@*( cE
(3 ano3 >: /!( d q!¥ K@H (2 a@\4 6@@' $3 cl!\+ d> vb] K$V )l!\ E
L6 s/ # E$ .sb K/!l </54 _ J( no3 >x q!¥ K@H _ ,# Z ,5 q: ON E @; O!5 @k@ O!5 IV K@# K2 c!5 A1# 9m14 Q[ F>: I*oy *+
. >: </54 /( c IH$] K@# c@h !:2 d noy d2 DE (T ,1 J@# Qb V ^$)
!,4 *+ L6 DE A /!l 24/7 l3 *+ L6 9 O!5 #/l 9)Q4 -:>+ K2 A1#$
sb2 -+4 *+ )@!1 *+ )L6 J/+ K2 A1# cH2 r1#$ .
$ + K,N B /!l <@ [) -\ -4 5 (H $ T$/ *+ dµ K2 *+ )L6 O!5 A1# /($ .{/!(
-'+ K2 9 `l E 9*+ LX z@ 9
#/!( A( T$ K$1 E /1($ .{/!( (!¥ K@H ;HE
.B /!l( <yl <@*( *+ A /!l !* ) !¥ K@H ;HE x +$ ) K F>: *+ ly K2 $2 I,V IN1( LN1( /5 {2 9l3 F>: DE L,NH( 9K/!l ,N+ $
-\ /!l *§ K2 s@ ,N+ *+ ly K¢ I/($ .
#/!l A( #V1 Vl4 H@H )/54
(-!\+ $2) K/!l -!\+ / 9$2 )/5 d2 /1($ .! *' ºh <yl <@*( V$ ÈP$ J,: O!5
.I\( [= Vl4 )/54 )@' J/o
A¼$ @j <0L62 A1 V/1( { 0É L -4 K2 J@ 5 24 V/ O!5 @ r1# $
[ K/!l %&1 #/+ $ .$w /#( $2 ;+x )44 O!5 V K$&'# H %X O!5 A;@4 V/5 ) K@H ;HE q;@ /h2 ': K@# K2 @: 9I5@y [= $ .-4 >:
clHÆ$ J@' DE /!¶ K2 c1@( K@# $ − +x u#R 5 cE @k@ S K/!l /h2 ($' 2
.d@!b +:
18
(7
6.B.III
(1
(2
(3
(4
(5
19
22/1
5@, 1 6@@' %Æ r14 q5; u#; ^( *+ 9l3 F>x %N'+ q 9K/!l O!5 A1#$
h (G8) H,[ 5'* K/!l 5@, MN52 O!5 l3 F>: #@N5 *+ ) (G8) H,[ 5'* K/!l
);+ d2 !,1 F>: -!\+ $ .11<v* \( <, M A1#$ .(I/!( 50 [=2 8j `@ x q,'#
)LX ql3 ( )BC$ -#/ 7/24 ly @+ 9b~ K
$ .)/:1 $2 %:;+ <=> [ £ $V
.j ON -h )BC4 F>x )#;! )H5E `/ /$ .*+
%X )/h$ $2 sb '14 R3 )Vw + K2 $C l3 DE %N'+ Z </h@ ,+$
./!l b )*+ M6E )/54 / :@+$ :V@6@( %!1 :/!( H
)q \&? &?;( &>j =Z + \24/7 &?2R \F+#( &# l7 +1 202 514 6113 G L; )A>9 p >)d Ux2#
.richard.green@usdoj.gov 4?B 5 5 "% >)d 6?O .&? 1( *9 \&A3 6b#{ \&? (6
(7
11
22/1
IV
20
=&-> $> 19-4 ;'< :20 3104 56 78-(
9 2 S T &'( R
0 H
0 y
3 i# 8 r R
VfG <9 p1 H _i )
A
+1 <9 V
< BG H
U( z
Vc $i% G
#c -Vu S] iO p
i )0 !!
.{ .| }P$
[ s }?
@
H iV@j <VE$ /k V/5w rR@ s@4 O!5 X1 )@! $V /h2 u!1#$
6@@' )/$ -#/$ #3l V@4$ #@, )l5 &' iV@! 1; <Vw -!\+$ .x (g$
t P\ ?$ @j )#@4 ?7 O!5 K$1 1#$ .H@H )l!\4$ t P\$ )@j A( )Q1$
@k zQ )@\t$ !,¥ iV@j( q5@ <[$ iV@j <Vw I#$8 I*'5 $/ ),&'4$ SV= $/$
.)H F>: A( u' K,N q $V )@!$ .Q1
A.IV
:q!# 9L'( , ( </#/3 \3H !! iV@j <VE 'R$ )/ M3HE -!\#
1$ x (g$ L5V$ L1l+$ H iV@j Q MN; (gQ u' rR$ J&H E
1.A.IV
.L'
;HE *'5 ) @j ,L4 k'1 LX F>: %N+ H iV@j <Vw u'+ L6 M3HE 2.A.IV
.iV@j </h ;o$ Ro4 /j ( #V@4$ 'l q!3 k'1$ (K@H
.{]3( )@!14 %+$ x (g$ _ >Hw$ iV@j l )
=34
3.A.IV
M'( ;# L!5 #,$ 9:lb$ 9­@\ )j (g K]3( )@=@+$$ )M6w$ \t ?8$ 4.A.IV
.)z `$ 1; %{$1+$ @j v$ @j )LX AH$14 A( [
!"# $%&'
B.IV
@j iV@j (gQ 'R$ $2 'R$ </ M3H¢( 2/l+ 6 !#@R ,L iV@j <Vw 'R$ </ M3HE /1#
.13 ،12(CIRT)
.(CIRT) ; 'R$ )/ M3HE $2 /#/
@+ K,8$ )@!14 ,&H]( u!+ Z 8 /j DE <vl H iV@! 1; (g dVC+ /
t$ J1 A5\ ? K( A1#$ .c;+$ ¬1HQ JzQ `@ /2 @R /j$ (gQ 1 $
u!1# , kb$ @j ? *+ Lg= ,1! (CIRT) I'R$ '14 ®@j iV@j (g V@6$
,1+ K2 9)j F>: A1#$ .x d/*$ H iV@j /8 P/ u' 'R@ ¡ ) iV@j(
.Ll $2 L\3H2 c6@( J@+ K2 K$V )@!14$ AH@ ;HE )\! ? ®@j iV@j (g ( !* ) #N Q %5/$ )/t v@( (CIRT) ®@j iV@j (g J@+ K2 ?@#
) )*+$ u'$ iV@h 5 fQ(¨ </h$ *+ Lg= ,1$ x (g$ 1N R@ /j$ )@!14 %+$ >Hw$ ! 'R@ ; F>: JL ,N+ K2 A1#$ .!*
>j 6 fJj &k>, &#N &
1.B.IV
L; ;2 I F;b .*9T9 GH &( &Ak; 58 )H VW
.(N-SIRT) i>j fJj &k>, &#N & % (NCSIRT)
.p *>)A( <:% 6 Z L; 58 )H Y7 *9T9 GH Mb n ;b % e A _=W os % 6?O
CIRT
(1
(2
12
13
21
22/1
; J@+ K2 9@*t c6$ O!5 9ql'#$ .6j )@!1,! 'l! 'R@ ¬1H V@L6 H$1$ ;o$
*+ K2 K$V q!# rR@ s@4 O!5 @ /#/1( ®@j iV@j (gQ 'R@
:c!5
a O!5 t 3' /#/$ /k •
aH \b( >Hw( !14 )@!14 3H$ 1N R@$ H Ro4 ! •
Mb$ K$V@4 9sb )LX L5z@+ Z 1N R@$ iV@j( !14 )@!14 ?,µ$ ! •
aA,L4 !*4 k J/# %+ v@ 6@@'
) #N X1$ )@!14 % !*4 k2 A( , )*+ v+$ _ @@ )*+ )
E •
a ( !*
a!,¥ =34$ 1N R@ ;o( !14 )@!14 9l4 >Hw )@!1 v@+ •
aiV@! '4 (g 1;+$ (g$ ;o! )g+ ?8$ •
a!(4 (g$ iV@j 5 )@!14$ )Hl %+ •
a6 !#@R Q1 )g+$ ):µ /#/ )@!14 /k$ ?l+ •
.LQ+$ iV@! (g( !14 )L6@$ ( !14 1 ),4 N2 3H •
.@j$ H/4 )=@ A( u'! @j bV )
$2
E
)@!14 9)@!14 3H ®@j iV@j (gQ 'R@ ;! $V /h2 [,#
k2 /h2 '14 @j )=@ [B$ .A'14 !*4 k2 O!5 j \b$ 1N R@ 5
.(g \3H2 L=yE A1#$ 1, !*4
ly O!5 ?@ E :q!# 9[4 l O!5 9L' y2 </5 )H F>: ? 1; u' >o# K2 S$
):µ #+$ #lbw )3' )Q4 %@ u#R 5 )@!14 v@+ a)@!14 Vl -#@
-H@6 !| 5 )@!14$ </;4 $ )Ll' ,N+ Z )5@l\4 V/5E a!$
.G'$ \b$ 1N R@$ </#/X )6@@' 2.B.IV
(1
(2
x (g$ L1l+$ rR@ s@4 O!5 H iV@j L6@4 V/1Q 5'* $V ? )=y E 3.B.IV
.L' 1$
P\ K I&H$ .t P\ ? ®@j iV@j (gQ 'R@ ;$ )@j K$1+ K2 A1#
(1
A1# 9)@!14 6@@'+ @k2$ )@!1,! #@j 'l = M0X !S K/!l v[= t
.iV@! 1; <Vw( t ?X L/: u t P\ ? ,1 )@j O!5
-H@6 v[ ,1 <&H = )@! 9[ O!5 ,$ 9t P\ ? H$1 )Q1 +
(2
/5# K2 '$ t$ J1 A5\ A( K$1! S$ .t P\ :#/#$ L!S Z #@j 'l
1 s@ O!5 P8$( 5@ u$ 97' ~$ 1N R@$ H \b( \l+4 Ro4 <VE
.Vl4 )=34$ 95@$ 9)@!14 %+ Qb !3 )@!14 %+ # @j$ t P\ A( )@!14 %+ ) #@\+ O!5 ?g3
(3
.q!1; `@
9t P\$ @j = O!5 V@1+ Z ?'4 /#/ L' )=3 F>: ?g3 @ 1( ':
(4
K]3( t$ J1 A5\ A( =3 ,5 2 M3HE$ 9j !4 )H( #} ,N+ G( >;'+$ ?8$$
K$1$ 9-#/ V@$ YVE$ iV@! (g ) N2 %+$ 9iV@j <VE$ H Ro4 <VE
, )@=@+$( ?8$ $ iV@j <VE t P\$ @j( kt )$C4$ $V /#/ .`@ O!5 Cl' O!5 <V$
22/1
22
K$1$ $3 v A$/ M=3$ t P\$ @j )=@ bV *+ )L6 $2 L6 E 4.B.IV
.(CIRT) iV@! (g 5 $C4 rR@ K ? )@!14 Vl+$
I*'5 )@!14 Vl+$ K$1$ $3 H$1+ ,5 )Q5 E$ ,Q4 *+ )L6 /#/ 1#
(1
>Hw )Q1 F>: z01+ K2 S$ .iV@! (g( '14 $/$ 'R@ 1;$ '4 Ê I2
(g )H= A( , )(g$ \b$ ):µ 5 )@!14 Vl+$ !,¥ H iV@j( l4
.
#b~ !*4 k2$ iV@!
l )@!14 Vl+ !*4 k2 $V ? *+ )@'$ /¼ *+ )L6 E @+ K2 S$
(2
E 9
/h O*2 DE 9%L4 $ .(g( Pw$ \b$ ):µ( u!1# , -'4 `@ $
V # /'5 ºh h@; *+ )@' &+ K2 K,N V DE ^$ )Vw $ DE /'+ )*+
I+ [=2 )l++ DE @\+ K2 ql'# {2 E A'1 V2 ? [ M'l( Kh v[= )Q1 2/l+$ .,&'4
.qC4$ q&' ?(\(
.T$/ s@4 O!5 )@!14 %+ \3H2$ H$1 \3H =34
(g (1) :O!5 P@8@4 >_ A'14 #b~ Mt$ A1l$ ),&'4 ? K$1 @j ?g3+ K2 ql'#
®@j iV@j (g ; )Hw %5/+$ z01+ K2 (2) .@!! 45 </5 :l5( iV@! l4
6@@' cE `!k@+ b
A 62 )/ M'( ( 9,!w$ $/ ¥$ )BC4 DE J,NHQ
DE LQ(E$ rR@ s@4 O!5 CIRT V@ ,'+ K$1 (3) 9q,!w s@4 O!5 iV@! (g
.1;( CIRT )\!
.@j )H! H V@4 #,j )M6E$ )$V2 ?8$
@k #,j '2 )$V2$ )gL'$ )M6E$ ) >;'+$ ?8$ IN#2 iV@! 1; <Vw !,5 -!\+
iV@j (g ; l'( 9 ,N# K2 S$ .L;$$ Yly$ L,&H2$ )@! H
k2 ? u'! '2 )$ 6t$ !b/ !,1! L6@+ ­Vl$ #14 3 )M6E 9®@j
A1#$ .)*+ A]+$ ®@j iV@j (g )!,1 '~ )@!14 )ly >;'+$ !*4
b~ LN1( ? u' 9iV@! (g K]3( *+ L6 L;k@( 9®@j iV@j (g O!5
-#/ @+ K2 )@j O!5 A1#$ .sb iV@! (g )H= ? K$1 A, </54$
.iV@! (g K]3( Aj$ V/X A;@4 ?,X ,4
5.B.IV
(1
6.B.IV
(1
),gL! (gQ @j )!,1 u'+ O!5 </ M3H¢( iV@! (gQ 'R@ ; Qb J 7.B.IV
.L' 1$ \' 1$ H
@j )H ? u'! #0= *+ L6 V@6$ J0! 9'R@ ¡ s@ DE O+ Vh P@$ h (1
V/1 ;+ Z )M6w$ \t ?8$ %L4 $ .t P\ [ 9
#b~ !*4 k2 ?$ sb
.,¼ iVh d d/*! iV@! (gQ 'R@ ;
.H 'l Q$ )!,1 #} 62 $C4( %+ Z *w ) O!5 ?g3
E ql'#$ .) $2 )0Lg= )@!14 6@@'+ )g' 18 R@ 3+¾ / 9b~ Ah M¾# 9</h O!5 h = 2 O!5 @L,g! 1N R@ kt )@!14 3( kt )
.F>: )@!14 5 3 )!,5 !,5 d2 l A1l! `@ h+E ql'#$ .)@!14 F>: ,1
8.B.IV
(1
23
22/1
V
!? @A
%< p\ H ;
~
7 4
1 %< H ;$
G q ^] ) 3\ Y9 J! n2S5 8V
)- B
.6 L! B ;q 7 D-, $9 ' g5 H ;$
G D
V q c
3c !
) -\ H ;&'( )[ 0] _iK ! <S" H\( @ ^$O <! .G H1
_$ &'( )[ K
1 V 7 ^$
1 p
qG W( H <2! /kS .
<S T 7 E$ Y
R%u
.),o B
$i%
-. A.V
914 p 45 ME 957/239 </4 %p 1 1,X ? u# p 'R$ [ G#$ 1.A.V
.15)@!1,! #@j ¯l #}$ ®@j MN; 45 ME 958/199 $
9)@!1,! 'l J/o$ 3+ A]+ @j $/ ^ p 'R$ [ G#$ ] \+
(1
>: K¢ 9[4($ .V$ 9/4 ?,$ 9t P\ 5@ IN#2 $ 9@j :#/+ Z ,&H $ 9' -H@X O!5 l4 )' bVE$ 9kt$ @j ,&H q!,1 -#/+ ,3# *'1
.<N )$ 9 $ 9k@*t ,3+ : sb2
O!5 p d 1/ s@ K¢ 9dV* K/4 ,'$ K$1 ,&' #+ c+V$2 4 I$$
(2
9> gH$ .)@!1,! #@j 'l #}$ 9Y/b$ H$w @j )l\+ [,+ rR@ s@4
)/t v@+$ !b/ Y!,5 A 62 H$w @j )/b$ )l\+ >;'+ 'R@ )V¨ ql'#
9- q6@@'+ @&' )@!14 )ly$ ,&H2 2 ] $'+ ql'# $ .A'R@4$ t P\! N
,&' )2$ .A/o4 5@+$ 9Ro4 <VE$ 9Ro4 Q+ l k'5 @&'4 >: ,3# K2 ql'# $
<Vw z$g# DE H [,# H$w @j \3H /;4 v] K2 dV* K/4 ,'$ K$1
3H 0#01+ @ 5N *'1= `!,5 / H$w @j )Vl K2 $/l#$ .V$ t P\ @k 1
.
)**o V/1 G{ /,1+ K2 );+ P@H Qb N$ 9H$1 L\3H2 Qb K/!l! ql'#
(3
) >;' s@4 ? <VE : M3H¢( LN1( J@#$ 9 >;'+ MzE !*4 k2 V/1$
E$ ),4 N2 %+ -HÆ 9¡ vl= -H6 O!5 5@$ q5@ <[ )Vl 1+$ .'R@
.$/ v#14 J/o$ A=34 A( , )=3
v+ ,!w ),&'4 $V ? -'6 DE Il'6 9
p 0#01+ ( ¡2 T$/ K$1 q#$
(4
.)Vl$ )Q5;
!"# $%&'
.@j :#/+ Z ,&Hp ' \t >;'+
K2 ql'#$ .'R$ '2 \b >;'+$ ?8$ :#/+ Z ,&H A]+ DE q q@j M6¨ $ <@\t ,N+
= %+ <V5E b~ K
ql'#$ .F>;'+$ p \| %,*+ 5 IQN 9Ro4 <VE DE \t F>: V/5E \#
ql'# ,= .:>;'+ $2 \t )' DE Z ) /#/$ J/+ u :>;'+$ \t !14 )Q*$ ¬1H$ >Hw$ l4$ (g 9iV@j <V¢( u!1+ Ih2 \t ,N+ K2
B.V
1.B.V
http://www.itu.int/osg/spu/cybersecurity/docs/UN_resolution_57_239.pdf
http://www.itu.int/osg/spu/cybersecurity/docs/UN_resolution_58_199.pdf
(1
14
15
22/1
24
F>: q/o -#/ 2.B.V <; `l!R Z )M6w ' \t ¸1+ K2 ql'# ,= .)@!14 %(
1+$ .' )Vl4$ )l#/ K]3( /4 ?,$ t P\$ @j A( , K$1$ @j ,&H
.LX1# K2 -#/ O!5 A1# Z #N %L$C$ A/o4 5@+
.@j )l3$ ,&H q/o4 ' 5@ )Vl$ G( >;'+
@L,X 5 A( , ( 5@ z01# K2 ( 5@! 1 rR$ GH( d ql'#
62 A@j A**o4 ? ($ E$ 9)1, F>: bV$ )1,$
':$ . ( !*4 4 F0#01+$ K$1 ,'+$ 9 )Vl K]3( )@!14 %+
!*4 k2 yE$ 5@+ (1) : >: 5@! GH( ?8$ s/ L &' A1# ;$ k'5 Q
<V#z 62 SV= $$ @j$ t P\ A( , [ :V@+ ($ 0#01+$ M'( DE dVC#
K]3( K$1 ;# K2 cH]y d> u' (2) a MN;! q!1; u$ ( q5@
0= ? 9$ )*+ Vl+ (3) a@j )5\ !| A( ( !*4 \3H$ iV@j
)=@) 6t )*+$ 9(GH >: 5 $C4 @j =@ bV) !b/ )*+ ,'+ O!5
.(@L,X 5$ 90'4 -@j q!,1$ 9,!1 )C4$ 95'* $V$ 9sb @j
.#g ,5 )C bV p VE O!5 ?g3
v[ c¤6$¾ / .<l4 l V/5 u#R 5 #g ,5 )C bV p VE S
@j /5# K2 S$ .%gj \@4$ <v* #g )À3'4 s/ q5@ <[ @ @j )Vl4
>;'+$ %,*+ O!5 )Vw 9 '$ t$ J1 A5\ A( )=3 $2 ,5 $V ($ ? 9q@j
v #\($ I<yl t O!5) )@!14 h+E :)Vl4 F>: O!5 ![ A( $ .-#/$ 5@! )Vl
-#@ ly O!5 ?@ M3HE$ a%:;4$ 6@,' )$ #Vyw )l$ V$ )l [ 9(<yl
O!5) -#/ v@+$ a
#b~ !*4 k2$ %gj \@4$ <v* #g )À3'4 DE kb <@*( L6@
0@h d2 $2 qlN %5/$ 4 </54 5$ a<yl t O!5 > %! )$V2 v@+$ a(<yl t
. A l )@\½ J $2 H@] ,&H2 HE 0#01+ ( sb2
2.B.V
(1
3.B.V
(1
d$ oy$ l3$ ;R )6h b J,: c6@+ ? /4 ?,g,! J/+ Z #Vyw )/t %5V 4.B.V
.A!,14 sV$ kt )6h
ql'# Z v(/$ y' \b( A'R@4 q5$ <[ ,5 P\ ? )@j 1( `H$1+
(1
2 0#01 < v(/+ ? )@!14 2 P@l2 $2 J@# [ <V/¼ )l' K/!l 1( %&'+$ .LL6@4 L/o
kt )6h d$ oy$ l3$ ;R 5@+ DE )Vl4 %&1 m/Y$ .J1 @L,X s/ )@!14
V@4 V* #l+$ .c6@ V@4 yl4 ?#z@ Qb $2 M(~ $2 <>+ $2 A/4 Qb M@ Q\$
- $2 #/# )\l DE <yl t O!5 )$V $2 1 $2 -#@ ly ?@ IM/( 9/o4 H$14
M(Ê l#/ )$/ %&'+ )Vl4 F>: O!5 @!14( %:/#$0
)H M6E$ a1$ / - ?8$$ a)@!14 ]( !* ) ,!1 %L!+ M'2 <yl
.-#@ O!5 ~ ;* ;( #1! z2 V/5E$ 9)@!(/ '$
%!1$ 9A!,14 -#/+$ ' \t ?8$ :l= Z $/ Vl# K2 t P\$ @j ?@($
(2
.)@!1,! !¥ ¯l 2 A O!5 ,1$ aK$b~ Lh Z )($ g' n* J1 @L,X$ 1 !1 /$ ,5 $V − A=34 ?7 ,# ºh 5@! y rR$ GH G#$ 5.B.V
. MN; %:$V2 A]+ d#/$ A!,14 -H6 ( q5@ n' gH )@!14 ,&H2 1N R@ v[ /6@#
(1
K2 S$ .)C4 ^$ )@!14 q;@ l=$ A/4$ )/#@ q;@$ )6@@' q18$$ ,&H
.Y =x F>: I!1 IM06 F>: + E ºh =x O!5 ,6 R| F>: 1N R@ 3+
−
25
22/1
.C,! ' \o! 18 \H 3# Iv[= ,&H d#/ s/ r q5@ nH K¢ 9[4 l O!5$
m@ A;@,! ?$ \H O!5 @l '2 )VLy V,5$ A;@4 -#/+ t P\ V@L6 0#01+ K¢ >$
5@$ Vy¨ 'R@ \3Hp q@j u' K¢ 9sb2 hH $ .F>: 1N R@ /j /5+
S$ .=3 $C 5 <l5 .t P\ ? [ IN#2 rl# m@ A,!
$V$ @j )=@ A, 5@! rR$ GH( ?8@ </;
3# K2 -#@ O!5 ?@$ >' M3Hw
%_ kt M06 q, Z v(/( J$ !* ) )@!14 O!5 @*j A!L4 sV$ ,5
. MN;
.#@\$ l$ 6@@'$ %!1( '14 \3H 0#01+
'l 2 @k :V@L6 1( c6@+ A1# 9#@\$ l$ 6@@'$ %!1 )@j c( %5/+ d> /(
#@\+ 9 #@\$ i@l )#@$2 :/#/ Qb 9/5+ K2 K/!l ?@l .)@!1,! \3H]( PQ\8 c( %# d> /($ .l1* ' )#/ X1 5 IQN 9+> ' @t ) )g'4
. )Vl Q\ yw ; + / 9SV= )C4 #@\$ l
.yl4 t ( %Q c[#/$ / k@*t J&H 1
K$1 ,&' [ 9$/ ),&'4$ K/!l !| Y/,5 Z k@*t )
1 >: &'# K2 ql'#
u/+$ k@*t #} K]3( ,&'4 F>: L18$ Z L6@ @\t `z $ .dV* K/4 ,'$
c6@ K]3( M~ I$V I@+ [B 91980 ,l 23 )/,5 Z @\t q:$ 9V$/j 5 *o3 )Hl
$/( 92 ­Vl c18$ 9L6@ @\t F>: ?!\N+$ .*o3 )@!14 <VE$ ?,Æ u!14 J1
*o3 )Hl$ k@*t #,j %:V@L6 A!L4 q![$ ,5 $V$ )@j </5 q
.<yl v <@*( $2 <yl t O!5 M@ V$/j 5 )Hl u/+ O!5 #$N v V@ ME $
.h4 @!j$ H Ro4( q5@ ,'+
?8@ I1 ,1 A!,14 sV$ /4 ?,$ #g ,5$ )@j ++ ' #N $'+ qN#
@! $2 #b L6@ ­Vl4 [) (v#14 d2) (%<) ! *'5 A( G/+ Z v(/ >;'+$
.(),4 N2 d2) $K[ *'5$ 9(0w
V/5 ':$ .<N ) [ R| _ l+# $ H Ro4 O!5 ![ /h2$
-'6 DE Il'6 ,1+ 917 ]4 5 $C4 )*+ ^+ P\ 17 )/ 'X L 9),&'4
.N F>: K]3( s@4 1 !y ¥ J/# d> A u!4 &H . ( !14 #N
V/5 ':$ . )6h !| X14 6@@'+ <V2 V@6$ O!5 ![ /h2 q: #@x <VE$
J/#$ .#@x <VE -'6 DE Il'6 ,1+ 9)*+ ^+ P\ 17 )/ 'X 9),&'4
.N F>: K]3( s@4 1 !y #³ B u!4
6.B.V
(1
7.B.V
(1
8.B.V
(1
(2
(3
22/1
1
26
­Vx ¥$
K/!l #V* 5,g! ?( )@!14$ )*+( r14 ,1 u#
(Asia-Pacific Economic CooperationTelecommunications and Information Working Group )
(# </4 )#@) 2003 J1 @!\4 v u#@$ 3h; @* K@H
(Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (USA))
(# </4 )#@ /1 <z$ ) #; !4$ (@j %X( u!14 %
(Computer Crime and Intellectual Property Section (of US Dept of Justice))
(@j ­@\ )j (g u#
APECTEL
CAN-SPAM
CCIPS
CERT
(Computer Emergency Response Team)
(# </4 )#@ K@! qH= 16) (@j ­@\! (g u'+ 0=
(Computer Emergency Response Team Coordination Center (of Carnegie- Mellon University, USA))
(Critical Information Infrastructure) )@!1,! #@j 'l
(Critical Information Infrastructure Protection) )@!1,! #@j 'l #}
(Computer Incident Response Team) (@j iV@! (g u#
(Council of Europe) ($$2 ^!
(</4 !,4) 'R@ 'l #} 0=
(Centre for the Protection of National Infrastructure (UK))
(Computer Security Incident Response Team) ®@j iV@j (g (# </4 )#@) 1$ 1N R@4 =3 ,
(Common Vulnerabilities and Exposures List (USA))
(Department of Homeland Security (USA)) (# </4 )#@) q!b/ <z$
(Department of Justice (USA)) (# </4 )#@) /1 <z$
(European Union) ®$$ V
(Federal Acquisition Regulations (USA)) (# </4 )#@) #V M' @
(Federal Communications Commission (USA)) (# </4 )#@) #V )*+ 'X
(Forum of Incident Response Security Teams) iV@! (g 2 s/'
(Group of Eight (Nations)) H,[ 5'* $/ 5@,
(Information & Communication Technologies) )*+$ )@!14 6@@'+
H )/#/L L6@4 mR <V/1 $/ =3
CERT-CC
CII
CIIP
CIRT
COE
CPNI
CSIRT
CVE
DHS
DOJ
EU
FAR
FCC
FIRST
G8
ICT
IMPACT
(International Multilateral Partnership Against Cyber Threats)
)#@ L!!$ )@!14 6@@'+ )@!1 %+ 0= [ ;!| 0= q:$) L!!$ )@!14 %+ 0=
(Information Sharing and Analysis Centers (various, such as IT-ISAC; USA)) (# </4
L!!$ )@!14 6@@'+ )@!1 %+ 0=
(Information Technology Information Sharing and Analysis Center))
ISAC
IT-ISAC
27
22/1
(Information Technology Association of America) #2 )@!14 6@@'+ \(
(London Action Plan) K/' ,5 \b
(Mobile Service Commercial Message) @,¥ +@x #g /b
(#2 )@!14 6@@'+ \( ?() )@!14 K,N rR@ ^!
(National Information Assurance Council (of ITAA))
(# </4 )#@ @:/#E 16 ) )@!14 5@H K,8 %!1$ -#/! rR@ 0=4
(National Information Assurance Training and Education Center (at (USA) University of Idaho)
(# </4 )#@) 6@@'$ v#1,! rR@ /L14
(National Institute of Standards and Technology (USA))
(# </4 )#@ 9#V )*+ 'X) rl 3$ @@4 ly ^!
(Network Reliability and Interoperability Council (FCC USA))
(# </4 )#@ 9q!b/ <z$) )*+$ p #3 'R@ 'g!
(National Security and Telecommunications Advisory Committee (DHS USA))
(# </4 )#@) 1N R@ K]3( 'R@ )Hl </5
(National Vulnerability Database (USA))
(Organisation for Economic Co-operation and Development ) dV* K/4 ,'$ K$1 ,&'
(Open Vulnerability Assessment Language) 1N R@4 h@;4 %
(Public Switched Telecommunication Network) !#/l @,1 ;+x l3
(Research and Development) #@\$ l
(Science and Technology) 6@@'$ %!1
(Small and medium-sized enterprise) \@4$ <v* #g )À3'4
(Short Message Service) <v* /b
(Standard Operating Procedures) #14 3 )M6E
(Telephone Consumer Protection Act (USA)) (# </4 )#@) +x q!L #} K@H
(United Nations General Assembly) </4 %p 1 1,X
ITAA
LAP
MSCM
NIAC
NIATEC
NIST
NRIC
NSTAC
NVD
OECD
OVAL
PSTN
R&D
S&T
SME
SMS
SOP
TCPA
UNGA
22/1
2
28
! "#$ %$&
!" '($
%'+$ .'R$ #@$]= p #@ ,&H2 ?8$ @ I/ K/!l( HQ `,,k G( gL' FHV2 Al4 GL' J/o#
5 q!# ,$ .c,+$ GH( >;'+ DE )/! T$ % !h /!l '+ <0, ( h iQ DE gL'4 F>:
:h DE %4 GL' >x
!"
._ k@$ K$1 Vl GH \b %+$ #/+ − 1 .2
Qb %#$ .L GH ': ! #/+ M6¢( /!l J [,+ D$ <@\t :3
.</h@ %+ <V2 J/o+ Mt
GH( 1N R@$ <@ -H@X I,L #/ !h Qb L17 %# Z )@!14 @+ :4
.V@LX L!5 0=+ K2 ql'# Z ) V/§$ /!l Tj ./!l )6h l! \b ?8@ % !,5 -4 %L; @# :5%
•
•
•
.$1+ GH( >;'+$ ?8$ − 2 .2
\3H M@$ 3+$ %,* A$/ %L&H ? $2 I!bV °M@ K@#\ Mt ?, :6)
7 89
:; <=)
\3H2 ;R O!5 \3H ,3+ K2 S$ .A14 /!l </ m$&$ </#; )6h( M@! zQ
.6 !#@\ #V4 )l!\4 /#/$ K$1$ Vl
.!,1 <@34 /+$ GH >;'( K@$/ $ K@!¥ Mt J@# :89
:; >?@
•
•
.GH ,$ g' $1 GH %+ − 3 .2
c!5 /=]! p $1 GH %+ <V5E b~ K
d :4. <=
' 6)
7 89
:;
H$1 )Vl4 /#04 I5@8@ @* 1+ {2 s# Z ) l*+ /$ .A#\ M&' ? $2 I!bV
/!l GH( %+ Vg K$1 >: M{E S 9sb2 K/!( ? K$1# /!l K= E$ ./#/6 ( !,1 M/($
.1 cH](
•
29
22/1
6; E9 F
G ! ?H 89
:I J-?9 :1 ABC
1; •
Z \3Hp $1+ GH( •
<V/¼ m$$ )6h Ë!+
GH ': j •
/!l b Á
#/ Á
</54$ <@34 v@+ •
Mt -H6
0= )$ <@ R@ •
@\ /#04
l! H$1+ \3H2 \b •
/!l )6h
!! O!5 GL' >: 0=#$ .A$C4 l= O!5 z¥ J/ 5$ >: `@ $ MV @!2 q!# ,
g'( (A;@4 V@$ 4$ `@ !L+ Z \' $2/$ /!l( kt G) )Qb/4 (+ Z \'4 ^
:FHV2 V@ $/X !! F>: Al+$ .( <V#z) m\4 #L'( <V@3'4
:" 5
?
:KI LM
:3& 89;
`@ •
4 •
K@;@4 •
:N
N $OP
: .(# :)
7 $R"
H ST Q A(7
'R@ g+ ?8$ •
,&'$ H@H ^ ?8$ •
iV@j <VE •
5'*$ @j A( )=3 •
•
:N
N A(7 $
.(
22/1
30
:E9 "
H$1 )Vl4 $2 )5,6 •
' qh@'$ ) 5 A$C4 l= ? )*+ •
:N
N $
UV
:3& $UX
H %X( '14 </#/X @!$ AH@ •
;Hw )M6E •
(CSIRT) ®@j iV@j (g )/h$ M3HE
•
5'*$ @j A( =34 5@ G( •
iV@! (g ); •
$/ ),&'4 \3H2 =34 •
$/ L6@ @\t$ );+ DE J,NH •
:&N% 8W
?
@\b$ H %X L6@4 @$ AH@$ 'R$ g+ ?8@ gH R| ;Ì
.A!L,! +> 5@( @L'$ 5@R L6@+
:4 J:
.q41 $ q!¥ <V#z
:W
-? J?
31
22/1
,- )*+
(Spam)
* &. :
&.( #/
33
22/1
ITU-T
X 6
(2009/09)
:X ITU-T X.1240 !"!# $ % &" ! "#$ %&#' . % ( )*+ , -/# 01' 023 42 -5 .
'
22/1
34
,V : @: (ITU-T) )*+ ^+ P\$ .)*+ K/ </4 %p **o =$ )*+Q T$/ V
{]3( )k@ /kE$ 9;#1$ 3( !14 4$ ' 4 V 5 $C @:$ .)*+Q T$/ V
.q41 /1* O!5 )*+ ^+ (
)/ KX L/+ K2 - Z ?8@4 )@' ?(2 = < ?,µ Z (WTSA) )*+ ^ 41 1,X V/$
.{]3( )k@+ /*¾+ K2$ )*+ ^+ P\ 1(
.)*+ ^ 41 1,X 5 V* 1 % 8@4 M6¨ I$ )k@ F>: O!5 @4 %+$
? K$1 2 O!5 zQ v#14 /1+ 9)*+ ^+ P\ *b ,8 ?+ Z )@!14 6@@'+ ) 1( $
.(IEC) $/ '+L 'g!$ (ISO) q /h@! $/ ,&'4
._ m1 3+ =$ O!5 $2 )*+ <VE O!5 M@ <06@ <@*( / <@3'4 F>: "<Vw" ,!= J/o+
1#$ .(IQ[ ul\$ rl 3 !( A]+ m/_) 0w Jh 1( %N+ / {2 v .db <@3'4 F>_ /$
1 [ sb2 0! Ík$ "-" 1 J/o#$ .0w Jh F>: ?,Æ /Ã %# /'5 IQkh <@3'4 F>_ /Ã
.q0E <@3'4 F>_ /Ã K2 Í* F>: ,1 r1# $ 9'1 )l!\ 5 vl1! ' Lk$ "ql'#"
V >o# $ .#; !4 @h uh ,1 J0!# / :>;'+ $2 <@3'4 F>: ul\+ K2 DE FlH V q5#
mR $2 V MN52 @N5 _ -R M@ Ll\+ \H $2 LhQk $2 #; !4 @ !14 @ d2
.@3'4 V/5E !,5 c!,3+ b
>;' _ l\4 S Pb )M( L, # ! I\bE O!+ / V [
# /K=] 9<@3'4 F>: O!5 @4 /'5$
PQR( <@3'4 F>: >;'+ 5 K@$C4 Ok@# 9i/h q: K@+ / )@!14 F>: K2 DE I&H$ 9 ?$ .<@3'4 F>:
.http://www.itu.int/ITU-T/ipr/ ?@4 (TSB) )*+ ^+ - Pb )M( kt )Hl </5 O!5
© ITU 2009
T$/ V ul q\b K¢( E `H= !$ d]( <@3'4 F>: M06 d2 Î' z@ .@;¼ @j ?7
.)*+Q
35
22/1
X 6 !" # $%&' ITU-T X.1240 )*)+ , - * (
)@j ! 1;( d/*! cH2 DE )*+ ^+ P\ X )k@ !! 6 8w v3+
.,5 $V$ !L4 [+$ 96@@'+ )$V2$ 91 AH@ 9GL' 5@' 5@, J/o DE
9h V :l5( @+ q:$ . ] $'+ :RE d Z $/ ¥ 8w F>: 1+$
!3 $'+ K($ # </4 )#@ L1l+ Z - K]3( )@!14 1( 98@
.
^+ P\
X
)k@ !!
6
8w O!5
(2012-2009)
)*+ ^+ P\( 17 )/ 'X `$
.2009 ,l 25 ¦#( )*+
22/1
36
*.
ul\ 1
?64
2
#1
3
<*o4 M£$ )*o4
4
)hQ\k
5
2 )@!1
6
)/#/Y _ *# $ ! 1;( d/* 'R@ GL'
7
( u!1# , ('[$ mR <V/14) $/ )Vl4
8
\3H2 1l h V
9
# </4 )#@
1.9
dg $w /# K@!# 4 )Ry ME K@H
1.1.9
!Q <0L6 O!5 dg $w /# E &h /5@
2.1.9
`HHw O!5 Th /* /! GÏ{
3.1.9
K(
2.9
K@H ;HE
1.2.9
v(/( @L' ^!
2.2.9
&' 0=
3.2.9
V$/j b 25 (@l /
4.2.9
4 K )6@@'+
5.2.9
!'4 )*+ q!3 A( )@!1 Vl+
6.2.9
(CAN-SPAM Act)
(CCC)
(OP25B)
?64 `l
37
22/1
X 6 !" # $%&' ITU-T X.1240 )*)+ , - * (
1
Z 'R@ )V¨ :v@+ 8w F>: m/x$ .)/#/Y _ *# $ @: 8w F>: P@8@
.{]3( )@!14 1( O!5 @*j -+$ x l'( /#/6 J@L; ([ 1+
1( _ ?!\N+ Z ,5 1( *#$ 1 #\( 4 :3H A1# Z )$V DE 8w F>: &'+
</4 )#@ c( ?!\N+ 4 I;k$ 98@ $ h V 9:l5( 8w F>: J/+$ . >: $/ ¥
. 4 K($
2
./6@# 3
: )!\*4 8w F>: m1+
( V@*4 v -#@ ?@ DE b/# q noy O!5 hQ $¼ V @: Á 1.3
.no3 >x *o3 )@!14
!\*4 K2 E 9 ! q41 /1* O!5 c( m1 #1+ /6@# K= $ Á 2.3
u#R 5 !4 $2 $w /# u#R 5 (@!\4 v H$w )*+ %&1 k@ J5 3( J/o#
.((MMS) @ V/1 !4 9(SMS) <v* /b) @,¥ +@x
4
: )*o4 8w F>: ,1+
C4 K/ E )
­Vx ¥$
K/!l #V* 5,g! ?( )@!14$ )*+( r14 ,1 u#
(Asia-Pacific Economic Community – Telecommunication & Information Working Group)
(Author Domain Sending Practices)
(# </4 )#@) 2003 J1 @!\4 v u#@$ 3h; @* K@H
(Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (U.S.))
(®$$ V) )\!( *+ ly
(Contact Network of Spam Authorities (European Union))
K/4 +; O!5 m1 (Federal Communications Commission (U.S.)) (</4 )#@) #V )*+ 'X
(Federal Trade Commission (U.S.)) (</4 )#@) #V <g 'X
(Internet Service Provider) `HHE /b V@
(Japan Email Anti-abuse Group) K( $w /# ,1 <ME u#
(Domain Keys Identified Mail)
ADSP
APEC TEL
CAN-SPAM
CNSA
DKIM
FCC
FTC
ISP
JEAG
22/1
38
(London Action Plan) K/Ð' ,5 \b
(Messaging Anti-Abuse Working Group) !4 ,1 <ME '14 ,1 (Multimedia Messaging Service) @ <V/1 !4 /b
(Mobile service commercial messages) @,¥ +@x #g /b
dV* K/4 ,'$ K$1 ,&'
(Organization for Economic Cooperation & Development)
V$/j b 25 (@l /
(Short Messaging Service) <v* /b
(Sender Policy Framework) 4 ) RE
(Outbound Port 25 Blocking)
LAP
MAAWG
MMS
MSCM
OECD
OP25B
SMS
SPF
!
5
./6@# "#
#$ %&'%
6
p <@\b [=2 !34 v+ DE #µ )HQ5E ,N+ g50 )*+ {@= `@
1.6
)($ )$v; [ [lt ) 3H$ 9P/o! !$ K@+ K2 S 9[4 l O!5$ .
d2) *o3 H )!,5 + uh `$ J/o+ K2 S # )@!1 /+ O!5 A!L4 ME$ 9^g
!8 ;!+ s@ %L;!# K2 K$V noy d 1 K d2 %L! E A!,! S$ .(Th /*
.T$/ K$1 Qb LX1 /( $V !3 1 @:$ .I/6
y2 y d2 K$V noy d2 DE $E /#( # K2 S noy d2 K2 ?$ /;#
2.6
16
@: Th /*$ . `HHw 5 $w /# J&H _ 0,# Z n*t DE s01#$ 9Il#+ K
/* /6@#$ .no3 >x *o3 )@!14 m/_ V@*4 v -#@ ?@ DE b/# q noy O!5 hQ $¼
` {@!+ Z K2 K@=/# %:$ m$1 ?@ /#( q!+ IHh2 K@1@# ' K ?$ \H O!5 Th
k `H= E /#/ -1* K¢ 9$w /# 8 K s@ V@6$ J/1 I&H$ .P$34 /*4
.H$w l3 O!5 /o4 )~( <vl= #V u/ n; >: -!\#$ .$w /# u/ n; K$V
-#@ ly O!5 {$$0# Z ?@4 `H= E u (@1k K$/ ' %&1 K IN#2 Th /* >: i/§$
IHh2$ 9h )@!1 bVE l -#@ ;k O!5 (URL) H$w !k@ k;+ &' u/H IHh2$ .5$3
.L1@ DE @b/! * !k@ q: L± 2 q;+ /#/6 5N# <N ) 8 Il q: K@+ j )@!14 "/*+" !,14 -#@ )/|$
.
#/*4
.IN#2 !: !3 q:$ 9c' KE K$V$ L #V K$V <V2 ;*+ 9<N ) $2 !"
(3 4 .!" #$% &'
( )*+ , -. /01 ?H .=56 1 78 7+! ,!9: ;% <5
3 4 =5 > ?!.@ (5 ,AB C!D E ?1@F GH C: ID
.PQL <R F M@@B <NO ?% FH >&" =J 5 K!83 L ?
3.6
16
39
22/1
//5 6% 7 * % "%
()! *+
#' "
,- ./ 0 "12& 341
7
AH@ ;@+ ?8$ 'R@ g+( u!1# , K/!l O!5 A1# : # $%& '(
1.7
? 1; 1 #\( ,5 $V$ A!L4 5@+$ ),4 N2$ 6@@'+ )$V2$ AH@ ;HE )\!$ 1;
. K@# K2 A1# 9q,&' Rw$ @H ( u!1# , : # )*+$# ,&-. /0
2.7
!* ) AH@ );| /8 )M6w $ u! zQ \! ( !14 4( *o4 )\!!
&'( *o4 )\! s/ K@# K2 A1# ,= .:/!( )v]+ -l+ $2 :/!( -++ Z (
</54 )l!R )#@$2 -++ ql'#$ .l'6 )\! ? K$1! zQ )~ ( !14 4
.( 82 L i/ Z )j $ =34 !*4 ) DE IV' l'6 )\!
oy ?7 K$1# K2 A1# : 89.5 $%& 1& ;8;7(# 1$# &23 45 6#7
3.7
. ( !* ) AH@ );| ?l+ A!L4 )5@,$ ,5 $V$ ;Hw )\! 9A'14
.)@!14 %+ !,5 0#01+$ A!L4 5@+ A!L4 )5@,$ 5'* ? @j ;Hw )=$ 3+ K2 A1#$
4 6@@'+ )$V2 i/ !,5 0#01 t P\ ? K$1+ K2 @j ;Hw )=$ O!5 A1#$
.%L*oy O!5 m1$ F>: q! ?@ /#/ 9
A'R@4 #} l A t P\ ? ,1+ K2 ql'#$ .<v[= Kh2 LÑ@+ S S6 (phishing) Th /*$
.H@]4 K \( #g ,5$ A!L4 5@+$ 9Th /* )$V2 J/o u#R 5 $ [lt ) u DE 6j K]3( @L,X [+ $V MV2 IN#2 )@j ?\+$
.@@4 l@j )'+$ 3 J&H )5@, i/h2 ul\( $ )$v; )( [
"%
()! *+
#
- ' => ("+
1: ;2 8/) "/ 8
8
: 4 )Vl :RE %# Z '[$ mR <V/14 )#/'4 /#/1 ':
6$ *1 <=
1.8
( u!1# , ;Hw K]3( I$V IBC </4 !,4 L#0' <g -$ #V <g 'X `N
. ( !* d ;Hw T$/ K$1 K]3( K/' ,5 \b ?8$ DE BC4 >: sV2 /$ .2004 J5 K/' K/' ,5 \b ?g3+$ .I/!( 25 [=2 t P\ 5 A![$ @h )=$ 2008 @@# ºh 9\t O!5 /k /$
J,NH O!5 t P\ !*4 k2$ ( kt ;Hw )=$ 9'14 mR
.,&'4 #@N1
F>_ !* ) =34 X1$ K]3( ;Hw T$/ K$1 0#01+ @: K/' ,5 \b $
F>: A( )Q5 K/' ,5 \b %+$ .)$v; 3H$ h )!,5$ <yl t O!5 P/t$ h [ v /8 5@$ ;Hw T$/ K$1 K]3( 2 ,5 \b V/ <v* $ DE IV' )H
.,1 \b >;'+ J/+ zhw V@LX N2 >( E A=34 -!\+ h 0! ` @ F>:$ .5$34
.http://londonactionplan.org/
)\! ®$$ V *+ ly ? u( <V5 9#@' ,5 ¬$ /1( (LAP) K/' ,5 \b J@+ 9Y#/( >'$
)\! ®$$ V *+ ly$ K/' ,5 \b `17 92007 (@=2 $ .(CNSA) DE )V2 Z$ 9'6 9K@'
!4 ,1 <ME r14 ,1 u# BC ? ,x =34 ,1 !h ? ,x =34 ,1 y$ CNSA$ LAP = `17 92008 (@=2 $ .t P\ ? AH@ ;HE K$1 L+
.H4]( KVl 4 V #V* H4 ,
22/1
40
6>5 ?
@ A&(# B2 CD 6 E 6#7# *$ *+$ #DF 1&*!
2.8
D9 GH-I E 6#7
4 ")$V2 5@," 2006 #(2 dV* K/4 ,'$ K$1 ,&' ( r14 JL4 u# /k2
!14 %Y c6@+ 5'* !5; k'1$ A,&'4$ ) q1Hk </54 )k@+ ,N+ HÇ )$V 5@, ,N+$ .$w /#$ `HHw [ <V1$ J/o+ Z @!j(
%!1$ 9 )6@@'+$ 95'*! L6@4 @!j$ 9 ,3+ k'5
K]( dV* K/4 ,'$ K$1 ,&' MN5 )@j I=VE$ .q41 s@4 O!5 Vyw$ K$1$ 5@$
AH@ ;HE V$/j 5 K$1 K]3( k@+" O!5 IN#2 `$ 9 q *'5 @: T$/ K$1
? )@!14 %+ ;Hw )\! L'H@ B K2 ,N+ K2 O!5 K/!l Z k@ q:$ 9" .http://www.oecd-antispam.org/sommaire.php3 .1$ 5( 1;+ K2$ sb K/!l
OP# Q 6
CD 6#7
R5 &
7# (5 J7 *7 K8B L.1 M N#$
3.8
6>5 SDT
I@N5$ I/ 30 I1 `17 "\b2 _ *# $ " K]3( V <$/H 2006 #(2 u#; >: /5
.)@!14$ )*+( r14 ,1 u#; 3 ,52 $/6 ?8$$ !3 @\+ 3'4 **o4 :L3' `B Z ?8@4 `',N+$
a@! )H$/$ ;Hw 4 ,&'+ 'R$ ,&H2 ul\+$ ?8$
(1
at$ J1 A5\ A( )=3 5'* $V
(2
a MzE ' 1; V$V
(3
,'$ K$1 ,&' ^! k@+$ H %X( '14 ($$2 ^! ;+ V$/j 5 ;Hw$ K$1
(4
aK$1 0#01 )$V2 L;k@( ;Hw K$1 K]3( dV* K/4 . V*4 L6@4 q5@ <[$ 5@ DE 6j
(5
:J/+ u : O!5 )@!14$ )*+( r14 ,1 u# u$ Z !,1 )@\t ,N+$
)$V2 5@, [ V@4 1( O!5 V,5( )$ @! K]3( )@!14 %+ O!5 ?g3
(1
adV* K/4 ,'$ K$1 ,&' V@4 8w ­Vx ¥$
K/!l dV* K$1 )\! )Q , ?8$
(2
a)*+Q T$/ V$ dV* K/4 K$1$ ,' ,&' L18$ Z !,4
aK@l! - @ ;+ $2 K/' ,5 \b [ q5@\ K$1 )#/' DE J,NH O!5 )#V* ?g3+
(3
ac6@( !14 )Vl4$ )@!14 %+ K]3( dV* K/4 K$1$ ,' ,&' ? K$1
(4
. ? 1 !,1( @L'! ' )V* )/ M'( %5V
(5
"%
()! *+
# "(>
B% "?@$ A "
"#8
9
K/!l 1( \3H2 <; F>: 1+
(CAN-SPAM Act)
280 N 8&
1.9
C' ,#2I 8" 6&
8 U %V WX 6&-
1.1.9
@:$ 9(“CAN-SPAM Act”) 2003 J1 @!\4 v u#@$ 3h; @*( J@gx K@H </4 )#@ `'
¢( A, /8 )(@1 V/§$ 9$w /#( #µ ¢( K@@# #> $ $3 V/§ d> K@H
41
22/1
@l!\# K2 uj A!L4 q\1#$ 9K@H ;o ` E Yg' 5 KQ5w %# Z )=3$ .%LE E 5 @ $w /#( q!
:q!# K@H >x Jh ,3+$
"DE"$ "
" )@!1 K@+ K2 /( Q . U8#$1 E D( M 9 #F H8; &
7 Y
1 Z+ [H8
V/$ /( %+ Á $w /# K@'5$ /*4 % Á sb v )@!1$ $w /#(
.$w /# /* no3
)#@¼ K]3( Òl4 !N+ DE P@8@4 2 dVC# 2 A1# .
9 1&]& /#^ Y
1 Z+ [H8
.L5@8@ $2
$2 $w /# O!5 V! IH@'5 @+ K2 A1# ._# = .8% .*
,#2I `85 a8 6F b
<8
> l4 $w /#( E J/5 ' -!\# K2 l,! + `HHw O!5 /,1+ sb2 V
$t ¶ K2 l,! + )b "," i/+ K2 S$ .)l!\ F>: u K2 !5$ K@'1
b
#2 ,+ K2 A1#$ . #µ d2 M{¢( Ib ,N+ K2 !5 K2 E 9 2 1(
O!+ /'5$ .dg $w /#( E /1( O!5 I@# 30 </4 $t b )l!R 0Lµ $t
'S $ .-\ K@'5 DE $w /# E @ ,5 J#2 10 < $t 'S 9$t b -!R
('( $E /#( ¢( b
° H= !+ K2 $2 K@'1 DE $E /#( E O!5 b
= </5
oy( kt $w /# #$'5 E $2 ?l( J@+ K2 @H v K¢ Ivb2$ .K@'1 DE '5
AB DE I16 K@'1! !#@ # )Q , y ºh $w /#( q!+ J/5 $b #>
.K@H! [ b
K=
A1# .
a CD C8" 6&$7 U*98# 6c1X d-5 C' ,#2I 8" 8e 6&-. b
<8
l J/5 ¶ K2 l4 ?@( K2$ -!R $2 KQ5E F>: K2 O!5 <z($ 8$ <yE ,N+ K2
.* dV4 d/# H@'5 ,N+ K2 A1#$ .' $w /#( sb2 #µ •
•
•
•
$ 3h; @* J@g: K@H ;Hw qH/4 K@H ;HE L#/ Z \! ,1( (FTC) #V <g 'X @
` /'5 91997 J5 >'$ .;| = 5 q#2 $V 11 000 DE *+ H/ )(@5 *$ (CAN-SPAM) 3'( 'g! `h 9" " $2 qÑ!4 cl!\# IH$E I/#( c( `/L ;HE M6E $2 ( #V <g 'X
c( `/L °M6E 31 L'( K= 9°M6E 94 `!( ;HE )M6E Qb ! '2 v$ !!N )
.CAN-SPAM K@H! A;|
3h; @* J@g: K@H n'#$ .'X c+(@5 ;HE \! (DOJ) /1 <z$ CAN-SPAM K@H ¤@¶$
q!4 g `$ MN ,3+ 9,6 '6 )(@5 O!5 # </4 )#@ 2003 J1 @!\4 v u#@$
z@$ 9L#$ ` ?+ Z ),&'4 /8 K@H ;H¢( J@+ K2 )#@! 1(+ $2 #V )=@ S$ . .>= A;o4 q8+ K2 `HHw DE ;' @+ Z )=3!
2
c N;hg0 Y
1 C' ,#2I 8" fX + 1&
2.1.9
O!5 ( ) (@!\4 v #g q!+ A!L4 #,j /5@ >= </4 )#@ )/,5 /$
/# 9$w /#( #g E 9)M'[ 1( ? 9/5@ &$ .!Q %Y0L62
d+ $ .#g @,¥ 5w )/b @+ Z #@!t +@x [ !Q <0L6 DE *' 1($ $w
v u#@$ 3h; @* J@g: K@H /o4 "#g" #1+ @+ Z O!5 E /5@ F>:
./b $2 #µ 1! $2 G'4 dg G#$ $2 KQ5w @: L' q Z !+ O!5$ − 2003 J1 @!\4
#/( MQ,1 /h2 Í!l+ Z $2 5 -k'4 Ay4 5 [ #g v /5@ F>x ?N $
._h$2 c(h
cH]( m$1) Il IN#@;+ 4 O\52 / cE c6@+ d> # <v* /b J/o &§$
`6V2 / K@+ ) M£2 ,N+ Z #$'1 DE #µ #2 E /5@ F>: &$ .(@l( b y
22/1
42
K2 /( m1# K= E I@# 30 l `$ d2 $2 O!5 I@# 30 </4 $ #V )*+ 'X ,
<0L6 A=34( kt #$'1 /#/ O!5 #g q! </54$ .q! zL6 DE L6@ .!* ) d/# M£]( #V )*+ 'X /#$0+ !Q )/t $V@ D@# K2 /5@ F>: -!\+ 9!Q
V@ c/# $w /# O!5 K@'5 DE xE %# #µ #2 @,¥ +x )/t #g ,N+ K2 S$
J2 DE xE %# Z <v* /b ?N $ .q!Q 34 zLX %!! @,¥ +x /b
.+x q!L #} K@H 1;( L\# l4 +> )M/' K2 E #,j F>x +x
DE *# A( $+ q! O!5 #/H ) ;+ K2 'g! z@ 9#V )*+ 'X /5@ I$$
.*b4 1 /# )=y </h@ ;o,! $V 130 000 DE *# Í!l$ A*b4 v l'( ;| $V 11 000
d2 K@;¶ #> q! /8 ,1 5 $ @( I2 /*+ K2 'g! S 9#/' ) O!5 <$Q5$
cH¢ 9 O!5 <$Q5$ .K@H % _ nb #V )*+ 'X /5@ </5 d2 $2 )*+ K@H Jh2 %h
(@1 DE 8w() /1 <z$ \@( 'X ,=¥ )M6w K@H Jh2 ¶ noy d2 ?N¶ 9)*+ K@H I$
ºh #V )*+ 'X /*+ $ .(< <@*( Al+,! A5 DE $2) /h$ J5 DE *+ <; g c6@# /$ (#/'
.#g F>_ u!1+ ;HE ?$ d2 K~
i--I Y
1 U jkml
3.1.9
1 J/5 q: K@h K$/*4$ @! LE /'# Z 8; K¢ 9FQ52 c3' )6 ,=$
b-IETF RFC 9(DKIM) K/4 +; #1+ 9
#1 (IETF) `HHw /': JL u# /k2 /$ .Ó4 no3
m1 O!5 q! </ '§ K2 ,{]y 9b-IETF- RFC 5617 9(ADSP) C4 K/ E )$ 94871
/h$ ul\+ O!5 IN#2 ':$ .MQ,1! >;' $ h+E K@1l 2/l 9O14 >: MLH s/$ .4 #@: O!5
0=+ 5'k \( @:$ 9(APWG) Th /* r14 ,1 u# </54 V* /h2 [,#$ .14 >x 17
s/' \( @+$ .$w ¹$ Th /* !3 /#0+ 5 7' ^/$ #@x )!,5 O!5 MN O!5
PV@ DE ;'$ 9',4 6@@' @!! ),+$ )lb M6E$ 9(APWG) Th /*( !*4 4 3'4
.(http://www.antiphishing.org/index.html) Th /* )!,1( !14 iV@! d0=
* K= E 9[4 l O!5 9u O!5 </ $2 9"MN( u#/*+ ," h+E S 14 >: Qb $
%: %L#$ $2 %:³/k2 K= E `l[ A!L,! S 914 >: u#R 5$ .IQ1 ( *+ $§ d> @: q*o3
.L17 ^ $ 9Th /* y2 1( / c+ /h 14 >:$ .%_ *+ IQ1 K@$§ #>
65
2.9
6&-. GH-X
1.2.9
#>: k'1 [,+$ . O!5 MN 62 $w /# E / KH@H K( /6@#
:q!# , AH@H
( l @l $2 #h) $w /# 5 )HQ5w E O!5 /5@ ul\¾+
Á
.%L@ O!5 @*j K$V A!l DE $w /# 5 )HQ5w E &¾#
.%LE )HQ5w E /'5 A!l4 @ O!5 / !4 ,&'4 s/ K@# K2 A1#
. DE $ 4 %$ F>: E $ )M6E 5 )@!1 )HQ5w J/+ K2 A1#
- 9)HQ5E l Ll J/1( !4 ,&'4 \bw ,! )M6w !l4 LX `1l+ E
.!l4 LX DE sb2 )HQ5E d2 E J/5 !4 ,&'4 O!5
.UVF C. W X D,Y Z [\ X:!] T C^ _5D 5N3 CH GH `\3 a 5D "T" CN
17
43
22/1
@=@+$( K@'5$ $w /# K@'5 [ 94 5 ;#0 )@!1 , $E /#( E &¾#
.K/4 %$ `HHw
.®@h GH( u#R 5 I
:/@+ %# A!l4 b #$'5 DE $E /#( E &¾#
Á
Á
B2 n55 [&h$ ?
!
2.2.9
¢( kt )l\ )/b dV@$ A'!14$ `HHw )/b dV@ [ '14 mR vl= V/5 %&H
$ v(/( @L'! I! 9c(y $ )Vw$ A!L4 ),&'$ ' )g'4 q1($ HQ5w
." * @" IHQ5E 2008 ,@H ^! /,5 /$ .2008 J5 (CCC)
," o+$ ;p
3.2.9
@j A( u@ K$1 /1( 9<N +@($ G( (*4 @j <0L62 3# d> &' 0= 3H2
:T @' O!5 0=4 >: ,1#$ .A `HHw )/b dV@$ `HHw )/b dV@ kt ),&'4$ H(
+@($ )() <N ) <N \3H l( J@# +@($ )! IVN I,o8 I&H 0=4 #/#
Á
<0L6 `HHw @=@+$( #$'5 ?,Æ +@($ ) J&H J@#$ .(*4 @j <0L62 (<V5
.(+@($ )) <N ) G( );y$ ) F>x !4 @j
Í!l#$ .`HHw )/b dV@ V@ = DE L3= /5@/¦#+$ ;34 `HHw @=@+$( #$'1( %@ +
Á
DE /t V@ # ,= .L' <8 )( *¾+ / %Ll@h K2$ @1 F>_ c=3 `HHw /b V@
.(kw Q1 ($ (-#@ ;* () &' 0= 5 )@!1 c=3
( l' %# 9l <V/¼ v GH <;y `H= ¢ .L1,µ Ô Z G );y !( 0=4 J@#
Á
.LQRE %# · </#/X <N F>: (kw Q1 </#/6
¾+ %&1 `H= 4$ .K( <N +@($ )( (kw \3H2 `l= 3' >: %:#$
.K( !4 /j IN#2 %:# 3' >: K¢ 9<8 +@($ )( (* @h <0L62
(OP25B)
D#3 _= 25 5& 4.2.9
`HHE /b V@ L/# $E /#( /b K@!,1# 9$w /# l$ `HHw /b q=3 E /'5
)/| DE F>: $w /# '( )/o4 F>: J@+ · V@4 /#( )/| DE %L! K@=34 # > .<V5
/*4 LX $w /# )/| DE $w %:/#( K@=34 # $ .<yl /*4 LX $w /#
/# )/| DE + )$v;( $2 <8 +@($ )( (*4 @j <0L62 K2 DE I&H$ .<yl
$ ¯+ ¢ .`HHw )/b dV@4 $w /# )/| 5 B F>: K¢ 9<yl /*4 LX $w
l /# H @=@+$( ,1( `HHw /b V@ ly 5 B Z A=34 @h <0L62 )*+
v[= ?' L$ S cH¢ 9(25 % c( kt /*4 (@( , ' % @=@+$( 5 <l5) (SMTP)
u@ K$1( $ #N !* ) ),&'4$ `HHw )/b dV@$ H( @j `V >$ .
.L'( ,
Á
.b-MAAWG.MP25 9OP25B 14( t ' % @=@+$( bVE /'5 A=34 O!5 ?@ v]
.# H( AH@ RE <V/¼ )*+ / O!5 V@
Á
<ME u#) JEAG u#; -1!#$ . \3H RE OP25B 14 #V@4 v[= ulR 9)/ F>: /1($
bVE O!5 %L[ `HHw )/b dV@4 k@+ 3H Qb !,1 F>: I: I$V (K( $w /# ,1
.OP25B 14
Á
IV@ 52 @ K¢ 9H( `HHw )/b dV@ O!5 I#l6E ^ OP25B 14 bVE K2 % O!5
.2009 @@# ºh OP25B 14 @!bV2 9A #V@4 l!2 %L'( 9`HHw )/b dV@
22/1
44
' % @=@+$ 587 % (@l OP25B 14 bVE /'5 `HHw )/b dV@ v[ @#
E A!,1,! S$ ./t <V@6 ;b -'µ @ I1 9)*+Q #/( @!]= 9SMTP AUTH ?
.V@4 >: /#( J/| DE OP25B 14 /,1# b
`HHE /b V@ u#R 5 $w /# Á
6. g&&$2(
5.2.9
bV¢( k@+ JEAG u#; 3H /$ .$w /# /* K@'5 P/t 3+ )'+ q: 4 K )6@@'+
-H6 /'5 4 K bV¢( !14 x H@H 4" $ )*+$ !b/ K$C3 <z$ )3H$ )' F>:
)/b dV@ 1($ Il#+ !'4 )*+ q!3 = OLH 9Tj `@ $ ."`HHw /b V@ \@( l
4 K )6@@'+ s/hE Rw >: [S$ 9[b-IETF REC 4408] 9(SPF) 4 ) RE bVE `HHw
"JP" #V,! !g4 <@3'4 SPF )Rw lH `!( /$ .y K GH ,1 %L=34 S$
[b-IETF RFC 4871] 9DKIM 14 bVE `HHw )/b dV@ /#/1 2/( ,= .%35,99 @ 2009 ^\2
.,! 8E K !@=
.$ ( )
q> 45 &
7 fD(
6.2.9
# v[ K= 4$ .1 $w /# $/+ HE K( #@!t +@x -!2 !B
-h q! kt )@!14 K@Vl# !'4 )*+ q!3 ?7 K¢ 9K( !' #@!b +@:
: )@\t
,1 <ME ?' K@H" -6@ $ ' +: O!5 @*! /5 J(E -# V d2 #@: m1 n %#
Á
."@,¥ +@x
K@H" ¶ @:$ ¢( J@# d@!b +: ,1 DE !' )*+ /b 3 k@+ E
Á
.
#b~ !'4 )*+ q!3 ?7 DE ,14 >_ kt )@!14 J/¾+ 9"V/¼ $E /#( E %&'+
+@x ,1( /1+ @b/ )(@1k c6@ cH¢ 9d@!b +: ¢( ,1 J E cH¢ 9>
.K( !'4
q! 5 )@!1 J/+ q:$ .L!!$ ?,µ$ ^¼ -=( J@+ !k ) v ,&' ':$
.sb2 K/!( <V@6@4 )=@ 1( ? )@!14 F>: Vl($ K( #V@6@4 `HHw )/b dV@ DE 45
22/1
/0"1 234
[b-IETF RFC 4871]
IETF RFC 4871 (2007), Domainkeys Identified Mail (DKIM) Signatures.
http://www.ietf.org/rfc/rfc4871.txt
[b-IETF RFC 5617]
IETF RFC 5617 (2009), DomainKeys Identified Mail (DKIM) Author Domain
Signing Practices (ADSP).
http://www.ietf.org/rfc/rfc5617.txt
[b-MAAWG MP25]
MAAWG Recommendation (2005), Managing Port 25 for Residential or Dynamic
IP Space Benefits of Adoption and Risks of Inaction.
http://www.maawg.org/port25
[b-IETF RFC 4408]
IETF RFC 4408 (2007), Sender Policy Framework (SPF) fo Authorizing Use of
Domains in E-Mail, Version 1.
http://www.ietf.org/rfc/rfc4408.txt
[b-contr-spam]
Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003
(United States Code). This Act is documented in the following laws: 15 U.S.C. §§
7701-7713; 18 U.S.C. § 1037; 28 U.S.C. § 994; 47 U.S.C. § 227.
http://www.gpsaccess.gov/uscode/index.html
[b-ITU-T cyb]
Messaging Anti-Abuse Working Group Conference reports:
http://www.itu.int/ITU-D/cyb/cybersecurity/spam.html.
47
22/1
49
22/1
ITU-T
X 7 (2009/02)
:X !" #
! "#$ %&#' . %
( )*+ , -/# 01' 023 42 -5 . '
22/1
50
"# $
% &% (ITU-T) ! . '()* +& ,+- /0123 4
5)* 63 4#7 8 4#7 9, :; <=7 &% . .>3 3 ?6; @25*
9, A F9, C GH E B
I& &89 B*,C 4 2 B"D E (WTSA) 3 3"A .'()* +& ,J C 3*
. 3 3"A :; , 1 !, ,2 KI& L2MN OP +& QR% ?6; P& B 3 V9C ?6; W X13 3 / ! YZ :"I B E &63 M&&8S T U3* .(IEC) 82FS 8]6 (ISO) >9
[&6 "\8
.b c23 4
5) ?6; C ,- ?6; L&9 aM& ,&* < ,&)8 QR% ",`" "6 ^7
o31 .(Oi j
k l
k 4
5) 6*! m( cb) a` ^S[e U3* f ! 'C Xg .d,
Z ,&)8 QRb 43P 4i r2ZC a6 s
+ "GH" 43P ^71 .
a` ^S[e QR% B
"p q
1 8; O+[ ,&)8 QRb q
.>a- ,&)8 QRb q
C s
QR% <"39 l31 /8
3 k6 :; Xk36 P8 F5
+ ">5k81"
R1 .12S0 S6 t&[ : j[ <"39 ^a671 ! %R
08 C ,&)8 QR% j
k C u- Qkv >;271
c2w C Lf;C : &f; b Gw L&9 F
k tv C F
[+ C 12S0 S6 t&x 63 :#2 : y!& dC
.,&)8 ;- 6"; {6") 2Zz
R
08 b k :S 2Z L2* F
" 12SP S6~ O,Z- ?6 ! [:S1 }/] /,&)8 QR% ?6; P& 8;
w* ,&)8 QR% R
08 :; &=7 ?+&1 /[e >% &S ! &63 QR% C u- O2\v / B .,&)8 QR%
.http://www.itu.int/ITU-T/ipr/ B!& (TSB) GS 2Z Lo* + v
k ;! ?6;
© ITU 2009
: jk7 >Z * - v 6
9 d(* ,&)8 QR% : LaM dC 789 W&H .&0
t& B
.
51
22/1
ITU-T X.1250
X 7 #$
%!& ' ( !" :S {vC ?6; .F6
5) : m87 2); r ?6; (PSTN) 61k &"3 1
6 0 Sk) :C <8 r2M
(NGNs) 4
A Sk v2v` 4i 3 Z > ;W& &"3 Sk)6 k78* L>) 08* <&
.2 QR :S" <0g` u- PI`* /4"37 2[ 2 S6 2) 4v 8 Sk) QR% 4"37
L9` I23 M&&8S QR% ?6; "# Sk) 43H R% y123 * v2v` <&&2* 2[ 4v :S
/
v2S` ,] /
v2S` 1,] <";e 4i) v2S` B
.m6"37 GvM : <"39
1W j12w :; O
#aM 4!e ?6; FA3 :S 6S) QR% .^&]F6 I23 (
v2S` &S /
v2S` 08 j[ F8 /F
: ki :S : / > Sk) a
FD /m6"37 1&% i
Sk) aFMC 1&% / ^ 4"37 i v"f : O1a 2P& 1& ,- P R .Fk!2 /#
d2P& ?6; m31 E Gv&A : &% o
7 :e Gv&M : GvA R% .
8e 2w"6 @23 4
6* :e :7
: La] lw& r&7 ?6; F
P 2\8 &S6 >5k81 " /l r&7 <";e r&7 ?6; F
P 2\8
.o
7 : 8w&
22/1
52
> 4i) v
4
i" 6"; 4"37 F
P S &63 ,` 6
9 >% /(IdM) 1& ,C [ de :S .( /
To k /Sk) a
FD /Ye /m
#F8 m6"37 "\8
C k6 QR :S /81k 8C k6 Z u- 08 {8S > 1& &3v : 3 ;&"T { &S
.3 B!& M&
>% .v
S m* b t&& ; !- ?6; , 2P& 'e o
7 :e 2+8; : >7
#, 28; >% 1& ,-
/(>6S 08 ?6; ,& 08 ) 08 W
: Xk 0#w : j Of1C K
F8S / 1&% : j ;
8e 9
7 # j
k "I "\8"6 Of1C 1& ,- K
.
S , X
5 [ [ W
X
5 &F9
P /<& +Z .FM,Z "\8 4Z v
S6 08 XP& 1& ,- j12w :; :S .
S )vC k!2 +, j12w :;
/v
S* + 1& ,- XP& /1& : j6 b t&& , 2P&1 C {v( : 1& ,` M k &M
.m3 S* Y 08 k!2 /08 W
GvM u- .
v2S` Sk) u- G6 8; [2 08 mS :e ,- 9[ 28; >% 1& ,-
1 O% O, 1& ,- d= /(9X0 : 1" /^! Bk "\vC /1" #&[ 4i) r2Ze ;P
: Q,* R% y;f1 .1& !29 4
k! : vo
7 #2A : Z Sk &63
v2v` <&&2* Sk <"39 : 27
1 dR 2e /b t&& v&( v2S` 3 C m6"37
.
v2S`
&63 ! 40S G
9C BI l31 R% .
+&* 63 99e "% <8 GH /1& ,` ^\v R
08 8;
.F6MC : 3 E 6 W] @2ge 1& &63 ^9 : 1!& 1&
1
+ : j* v"f : 1a XP& j12w :; :e m7 {v( : O1&
[ Ov&S %,k;* 1& ,- 2F
.1A QR% ()* ; PI` QR% 2P& .1& &63
.Y& {M ?6; *H- + 4S)1 .j6 %83~ 1& ,- u- PI` QR% "1&%" Xk3 <"39 X)1 2
.M&1 3
.X.1205 6767 +& 2#9 y1,3 ?6; w :S
(Identity Management) 1& ,-
IdM
(Internet Protocol) v2v` <&&2*
(Public Switched Telephone Network) 61k &"3 0 Sk)
4
IP
PSTN
5
.M&1 53
22/1
!"# $" %&' (
()*# (+ (& (
,- (./ 0$1 (2
6
8k :C Wa31 C "
6!` 8w& Sk) 9, 1& ,- ,! <"39 67 R
08 ( :
27
9 1& &63 v"I XP& 1,2f ,&e : %R
08 1& ,- 9, 4fPC .
3 Sk)6
.
3 Sk)6 8k
( m6"37 1 <Z : 8w& ,& Z ; 1& ,- ,! <"39 :S
.+ <"39*
m1&7 ?6; *]9 j
78 ; o
7 :e &[ : 1!&6 1& ,- ,! <"39 :S / u- PI`*
& QR% , Bk %&FM j
78 ?6; v
S 67 1& ,- ;7 C :S / U3* . lw&
.Q1
34
5 36 (7.8. 9 :;"5 (./ 0$1
7
/mv
?6; d&8 9 6"; ,w- . Sk) m6"37 : 9 ; /1& ,` y#& :
QR% : j m31 ! /i S6 :e k6 OP .2Z S6 {1&b j63 ( [ ^1 C >5k81
.{W
{8 10S {
P ~ <e S i S ji1 C 4k! (
dC) 1&! u- (27 "6 4"37 9 dC) 0
3I : /L> u- 3f* : 2 9 i : 1&7 8%
8% &S ! 9 : # r&7 2w C :S .((ITU-T X.509) &"3 7
#2 8k
.1&
, [ S O2\v /Oi /2Z : 2iC [ S 9 : ?6;C 1&7
<= :)+' >?
@1' <4
' (./ 4
6 (
A
8
S ?6; , ~ /F
P S Fv
+ b t&& 1& v
* 1 1& ,` r2Ze y#& 4")
. 1& 1,A
W] @2ge F9 : 1& v
* 1! 16 6* ) &63 1"x 9
7 C mv& >f C W&H
>S F6"37 E 6 k78* .r2Ze e 4g&) : 1& v
* + ,2"9 "I .F6MC : 3 E 6
.ki
!& :7[ !* 7
x 69 & ?6; 1& v
* v
+ GH /Lk6 6*! &S
.
5C ! v - P23 1& v
* : j ?6; , 1& v
* &3v 4") C >5k81 /Lf! G7[
(./ 4
(7.8. $
"C
*5"
9
4i) d2P& 3 B1W& ; $
k .!&& 1& v
* "c)" 2SP ?6; Of1C 1& ,- ^&F0 d&81
06 B!& BI& C de 6 ( i XP& W 1& v
k :S /( 4
A Sk v2v`
&S1 8; .06 B!& 1& &63 06 , : 3 "!, 1&% v
S6 &S1 C :S .Sk) ?6;
: # ,* !; !- B!& 1 u- r2Ze v
S 9 /
[2 9 6"; mv
S : [
^&
4 !&& &63 , c) ^&F0 .[2 S 9 6"; 4"S71
x 1& &63
.68 Sk) 1&6 y& <"39
22/1
54
(4')D (.)- "E
10
: ,! 0
& # 1W i a1a3 /2w U0Z /1& ,- 6"; R
08 4MC : S [&8" 1a 4")
4i" /
v2S` &S t
9 .
S >% &S &S "8
[ , 08* + ¢k9e QR% .06S U
0¡ 4MC
.m1,] F#2 &S lw& 3P 2iC L0 2iC Z £ 06S U
0¡ Of1C 7
#2 c%e QR%
Kk >S .O
Sk *2 }; =0S <30 ^9 4i" d /r2Ze v
S ( '( /&S {M&
C F Ba E v2S` ?6; 2w"6 6 d2D C &S ?6; GH /3! [ v2S` &S
: (
v2S` /Oi) v2S` &S 97 3
k G6 C :S .k98 #!& X* R
08* ^&
.1&! 9 z ^9 &S
(./ 0$D (,F& ;
11
+& 4i /1& ,- R
08* 63 6" "
\8 1f : ; "
6!` ;&"¤ 8w& ,` 2\8 C >5k81
&S 4"37 .6 M& m* a` 1&7 /,& 39 /lw& :e /v
k 1
.
8e 8w& 9
7 c%C : B9C 2 k6 r2ZC v
?6; Of1C FI20 C :S :S G7P 1& ,- 8
55
22/1
)*+, -./
:>61 18 QR% m* : .1& ,* 63 4#7 ()* 4"3 ?6; yS3 18 8%
http://www.cdlib.org/inside/diglib/ark/ :(
"!2 v,&0
kS &0
,& 0) (ARK)
&0 ,& 0
:3*e > A3 2
¦ i 4
A 4MC : 2) 2)
3GPP SA3: http://www.3gpp.org/SA3-Security?page=type_url
:
&e &63 "\vC :C "\ve Pf "
2C k* 83 7 4"3 !2P
ETSI TISPAN WG7: http://www.etsi.org/tispan/
:
v2S` 1& !* §,e j12w w,Z
http://ec.europa.eu/information_society/activities/ict_psp/documents/eidm_roadmap_paper.pdf
http://europa.eu.int/idabc/servlets/Doc?id=19132 :
*,e
http://www.fidis.net/ :(§,e
8w& !*
B*) &63 B"T 1& 4k7
http://www.first.org/ :(FIRST)
&6 *]9 :e !2PC r8
http://www.ist:*,C
4MC
:
4"37
1&%
4MC
:
§,e
2)
world.org/ProjectDetails.aspx?ProjectId=4ddb2e61c84343f0acd370607e5a8499&SourceDatabaseId=7cff9226e58
2440894200b751bab883f
Handle: http://www.handle.net/
Higgins: http://www.eclipse.org/higgins/index.php
:1& ,- X13 LoZ 1& !29 : 1!& X13 >S12e lw& F3
http://www.ansi.org/standards_activities/standards_boards_panels/idsp/overview.aspx?menuid=3
http://www.oracle.com/technology/tech/standards/idm/igf/index.html :ORACLE 1&%
,- ,w-
http://www.idtheftcenter.org/ :1&
!29 ,- a2
http://sec.ietf.org/ :v2v`
98% ^F j12P
:1& ,* l3 17 9, 8]6 a
2 j12P ¦ !
www.itu.int/ITU-T/studygroups/com17/fgidm/index.html
:10 (7 /:e* 83 17 9, 8A ¦ !
http://www.itu.int/ITU-T/studygroups/com17/index.asp
:13 (7 (4k7 Sk) 13 9, 8A ¦ !
http://www.itu.int/ITU-T/studygroups/com13/index.asp
http://www.projectliberty.org/ :12
4MC : y 2)
http://lid.netmesh.org/wiki/Main_Page :7k
1& 2)
http://www.egov-goodpractice.org :1&
,- https://www.cosic.esat.kuleuven.be/modinis-idm/twiki/bin/view.cgi/Main/ProjectConsortium
http://www.homeoffice.gov.uk/passports-and-immigration/id-cards/
:
8w& 1& !*
http://en.wikipedia.org/wiki/Identity_document
http://www.oasis-open.org/home/index.php :(OASIS)
"\8 &63 X13~ @&F8 "\8
22/1
9-8
56
/¨128 Trondheim &3 "!2 1& ,- ()* 4"3 , /(OECD) d! "8 3 "\8
http://www.oecd.org/sti/security-privacy/idm :2007 &1
http://www.openmobilealliance.org/ :(OMA)
68 y&F6 &0 y
http://www.opengroup.org :Open
http://osis.idcommons.net/wiki/Main_Page :(OSIS)
http://www.pampas.eu.org/ :(§,e
;&"T
[&0 ,& 1&% ^\v
¨v2*) (PAMPAS) 68 y& }; :e +&* @&F8 1,
,e 1a &63 B"¤ §,e ,k
:*,C 4MC : 1& +& ,-
https://www.cosic.esat.kuleuven.be/modinis-idm/twiki/bin/view.cgi/Main/ProjectConsortium – PRIME
http://www.w3.org/ :
v2S`
Sk)6 >3 B"]
http://yadis.org/wiki/Main_Page :Yadis
"\8
57
22/1
0* ,
)*+!1 21
>v2k
7 : >"3 <";e <M ¨&v ,k; RZ=1 C ?6; /\8 4S)* 3M2 & "#! 1 9
17 9, 8A GvM : R08 4"3 /(WTDC-06) 45 ,2 R
08 2) ¨&v 3 3"A ,2! © "
P ( ! 4Z :e <T 7
#2 9, 8A) ()* <";e ¨#v >v2k
7 :e ()* &63 B"¤ 3 "6 5
M 4"3 Z 3* :; OfP .(149 131 130 ,2 4i) 2006 ^3 mI&0 m*8 2= ,2!
LM% N (&O' (P9Q !R*6 S
T9 U#; .-' V' :I GHIJ
(2.B.I 1.B.I) 1.C.I
:"
2M- @2ge &63 M&&8S <"39 L9- PS" ()* 55/63 3 3"A ,2!
.http://www.un.org/Depts/dhl/resguide/r55.htm
:"
2M- @2ge &63 M&&8S <"39 L9- PS" ()* 56/121 3 3"A ,2!
.http://www.un.org/Depts/dhl/resguide/r56.htm
:"o
7 :e ()* ; P L)v-" ()* 57/239 3 3"A ,2!
.http://www.un.org/Depts/dhl/resguide/r57.htm
M2 ?8k 1 o
7 :e ()* ; P L)v-" ()* 58/199 3 3"A ,2!
.http://www.un.org/Depts/dhl/resguide/r58.htm :"&63"6
4"; ¨v2* ^a 3* &63 B"¤ 3 " :; , y
8M 4"; Z k ;.http://www.itu.int/WSIS/index.html :&63 B"T ()* v&
:(2005) 8C P & :&63 Sk "\vC :C ()* d! >P 3 "\8" F
M& k"
.http://www.oecd.org/document/42/0,3343,en_2649_34255_15582250_1_1_1_1,00.html
:(1 6]") 2006 ^3 &63"6 M2 8k 1 Gª
.http://www.isn.ethz.ch/pubs/ph/details.cfm?id=250
.http://www.itu.int/cybersecurity/ :o
7 :e* 63 ,&
.http://www.itu.int/cybersecurity/gca/ : o
7 : >"3 <";e <M
.http://www.itu.int/cybersecurity/gateway/ :o
7 : *&*
: * "8 GS >v2k
7 :e* + G1& 0+
.http://www.itu.int/ITU-D/cyb/
.http://www.itu.int/cop/ :6 F
M& k ?6; <0we 1" ,k
•
(6.B.I 5.B.I 4.B.I 3.B.I 2.B.I) ! "#$%&
2.C.I
•
•
•
•
•
•
•
•
•
•
•
:&63"6 M2 8k 1" «R C ;&"T/ lw& o
7 :e
.http://www.itu.int/ITU-D/cyb/cybersecurity/projects/readiness.html
•
22/1
8k 1" ^; lw ,w- –
(ETH Zurich)
M&&8S6 1271&7 1 79= :&63"6 M2 .http://www.itu.int/ITU-D/cyb/cybersecurity/docs/generic-national-framework-for-ciip.pdf
P L9,- <T 9," 4fPC : &63 Sk m( :22/1 (7 / "8 !
:o
7 :
58
•
•
http://www.itu.int/ITU-D/study_groups/SGP_2006-2010/documents/DEFQUEST-SG1/DEFQUEST.Q22-1-E.pdf
.http://www.itu.int/cybersecurity/gca/ :o
7 :e ()* >3 <";e <M
:2009 BM2 /
8 <6 o
7 :e 4
.http://www.itu.int/ITU-D/cyb/publications/2009/cgdc-2009-e.pdf
PS ~ /o
7 :e <T 3 a1a3 z : "8 >3 2= :; , 45 ,2
:(2006 /[) ! 4#92
•
•
•
http://www.itu.int/ITU-D/cyb/cybersecurity/docs/WTDC06_resolution_45-e.pdf
E ! +& "#! ¦
4
(7 6 /17 9, 8A / !
: :(* 63 F
6; P&
.http://www.itu.int/dms_pub/itu-t/oth/0A/0D/T0A0D0000090001MSWE.doc
:&63 M&&8S :e – 4 (7 /17 9, 8A / !
.http://www.itu.int/pub/T-HDB-SEC.03-2006/en/
:
! 4#92 ,f To :Sk) :e Gv&A ()* "8 GS 9,
.http://www.itu.int/ITU-D/cyb/presentations/2008/bauer-financial-aspects-spam-malware-april-2008.pdf
:
8C P & :&63 Sk "\vC :C ()* d! "8 3 "\8 F
M& k
.http://www.oecd.org/document/42/0,3343,en_21571361_36139259_15582250_1_1_1_1,00.html
:78 8w& 2S` :e 9
9 ()* d! "8 3 "\8 R
08 Z
.http://www.oecd.org/dataoecd/23/11/31670189.pdf
:"Sk) 1" 1M &­ :o
7 :e" :; 8k 212
•
•
•
•
•
•
http://www-wds.worldbank.org/external/default/WDSContentServer/WDSP/IB/2006/12/12/000020953_200
.61212113151/Rendered/PDF/381170CyberSec1uly0250200601PUBLIC1.pdf
:&63 :C ()* Lf
* !, /(ITAA) &63 M&&8S S12e *2
.http://www.itaa.org/eweb/upload/ITAA%20Infosec%20White%20Paper.pdf
•
'
]
29 ¦
/(2005)
(APEC)
9 d! 3 *2 B* &63 * l3 4"3 j12P
:(2002) *26 o
7 :e
.http://unpan1.un.org/intradoc/groups/public/documents/APCITY/UNPAN012298.pdf
S12e 6k 9
9 :(CITEL) S12e 6k 8]6 t,We ¢S
.http://www.citel.oas.org/publications/azul-fin-r1c1_i.pdf :5.8 4.8 "7
:(2007) m7 2 ,&[ ¦ := &63 B"T 4MC : ]
29 ¦ §,e 6T ,2!
. http://eur-lex.europa.eu/LexUriServ/site/en/oj/2007/c_068/c_06820070324en00010004.pdf
•
•
•
59
22/1
:(2008) o
7 :e ()* [ ;http://www.itu.int/ITU-D/cyb/events/2008/doha/docs/doha-regional-cybersecurity-forum-output-20-feb.08.pdf
•
:(2006) ":= &63 B"T 4MC : ]
29" ()* §,e 9,
.http://ec.europa.eu/information_society/doc/com2006251.pdf
:O8C 2iC v2v- ()* §,e ¨v2*
.http://europa.eu.int/information_society/activities/sip/index_en.htm
"
6Z t&7 :e 1!" ()* 9, & C* /(ENISA) &63 Sk) :e *,e &
.http://www.enisa.europa.eu/pages/analys_barr_incent_for_nis_20080306.htm :(2008)
:(2004) o
7 :e 1 PS (OAS) S12e 6k "\8 ]
29
•
•
•
•
http://www.oas.org/XXXIVGA/english/docs/approved_documents/adoption_strategy_combat_threats_c
.ybersecurity.htm
!
:(CIPMA) 1&
8k 1 4
6 MR"8 29e ¨vo
.http://www.csiro.au/partnerships/CIPMA.html
8w& 1" 9
7 2M :2w We Sk :; , &63"6 1&
8k 1" 4
.http://www.crn.ethz.ch/publications/crn_team/detail.cfm?id=250 :F6
6
:&63"6 8k 1" ve 8w&
•
•
•
http://www.en.bmi.bund.de/cln_028/nn_148138/Internet/Content/Common/Anlagen/Nachrichten/Presse
mitteilungen/2005/08/National__Plan__for__Information__Infrastructure__Protection,templateId=raw,prope
.rty=publicationFile.pdf/National_Plan_for_Information_Infrastructure_Protection.pdf
:(!= 2) &63 :C ()* v*
8w& ]
29
.http://www.nisc.go.jp/eng/pdf/national_strategy_001_eng.pdf
:d! "8 3 "\8 O&f; 11 3 8w& R
08 ]
29
•
•
http://www.oecd.org/document/63/0,2340,en_21571361_36139259_36306559_1_1_1_1,00.html
.http://www.digitalstrategy.govt.nz :861W&
8 "!2 ]
29
:,&P589 &63 :e vi 7
#2
•
•
http://www.ida.gov.sg/doc/News%20and%20Events/News_and_Events_Level2/20080417090044/
.MR17Apr08MP2.pdf
:o
7 Lf0 m( ,&P589 ]
29
.http://www.ida.gov.sg/News%20and%20Events/20050717164621.aspx?getPagetype=21
.http://www.cpni.gov.uk/ :(CPNI) 8w& 8k 1" S6" a2
.http://www.whitehouse.gov / :o
7 Lf0 1" S12e 1&6 8w& ]
29
(8.B.I 07.B.I 05.B.I) -./ %*+$ ,
:4.1 ,+` /(COBIT) b 6 M&&8S &63 k!2 c%C
•
•
•
3.C.I
•
http://www.isaca.org/Template.cfm?Section=COBIT6&Template=/TaggedPage/TaggedPageDisplay.cfm&TP
.(6S 78 4
" 4
]7 m31 ®¤* dR
08 6) LID=55&ContentID=7981
4* ¢&6)
http://www.itil-itsm-world.com/:(ITIL)
&63 M&&8S 8k kS :C ,.(4
"6
•
22/1
¦ :e 8 ¦ &63 M&&8S /27000 6767 /(ISO/IEC) 82FS 8]6/>9
[&6 "\8
.http://www.iso27001security.com/index.html :&63 :C ,- "\vC
:C ,- ¦ :e 8 ¦ &63 M&&8S /13335 6767 /
82FS 8]6/>9
[&6 "\8
: &63 M&&8S :C ,` ­ %0 :1 LaA ¦ &63 M&&8S
^&9, ¢&6) http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=39066
.(4
"6
8 ¦ &63 M&&8S /2005 /17799 6767 /
82FS 8]6/>9
[&6 "\8
:&63 :C ,` 9, v ¦ :e
60
•
•
•
http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=39612
<" &­ ¦ "\ve :C 98% /21827
.(4
"6 4* ¢&6)
6767 /
82FS 8]6/>9
[&6 "\8
:(SSE-CMM®) ,
•
http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=34731
.(4
"6 4* ¢&6)
,f To :Sk) :e Gv&A ()* 9, / * "8 GS
:
! 4#92
.http://www.itu.int/ITU-D/cyb/presentations/2008/bauer-financial-aspects-spam-malware-april-2008.pdf
/¯o7v%&M BM2) "o
7 :e" ()* * 3 3"]6 50 ,2
.http://www.itu.int/dms_pub/itu-t/opb/res/T-RES-T.50-2008-PDF-E.pdf :(2008
"F*,
! 4#92 PS" ()* * 3 3"]6 52 ,2
.http://www.itu.int/dms_pub/itu-t/opb/res/T-RES-T.52-2008-PDF-E.pdf :(2008 :go7v%&M BM2)
!2PC 4
S) B
]) :(2008 /¯o7v%&M) * 3 3"]6 58 ,2
:(
8 6k +Z /
*&9 &6 *]9 8w
•
•
•
•
http://www.itu.int/dms_pub/itu-t/opb/res/T-RES-T.58-2008-PDF-E.pdf
:¢&9 aFMC :e /800-12 !, + 2)8 /(
S12e 1&) M&&8S X13"6 lw& F3
.http://csrc.nist.gov/publications/nistpubs/800-12/ :(1996 /21oP) F3 G
"\ve 2w ,- 4
/800-30 !, + 2)8 /(
S12e 1&) M&&8S X13"6 lw& F3
.http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf :(2002 /&
&1) &63 M&&8S
b ?+& :e *&I /800-53 !, + 2)8 /(
S12e 1&) M&&8S X13"6 lw& F3
:(2007 /o"71) 1 &63 "\ve
.http://csrc.nist.gov/publications/nistpubs/800-53-Rev2/sp800-53-rev2-final.pdf
4
/800-53A !, + 2)8 2) /(
S12e 1&) M&&8S X13"6 lw& F3
:(2007 /o"71) 1 &63 "\vC :e *&I
.http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-53-A
:(* ^; >; L8* /800-50 !, + 2)8 /(
S12e 1&) M&&8S X13"6 lw& F3
:(2003 /2*&C) G1,6 ¨v2* &63 M&&8S
. http://csrc.nist.gov/publications/nistpubs/800-50/NIST-SP800-50.pdf
•
•
•
•
•
61
22/1
2w ,- 4
/800-30 !, + 2)8 /(
S12e 1&) M&&8S X13"6 lw& F3
:(2002 /&
&1) &63 M&&8S "\ve
.http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf
:(OCTAVESM) y3f :w& 6
5) [8 : M2 <&+e 1F :C ,.http://www.cert.org/octave/
•
12$ "34
.http://www.antiphishing.org :(APWG) v2S` &63 ?6; <
[ PS~ l3 4"3 j12P
.http://www.first.org :(FIRST) & [ *]9 :C !2PC r8
.http://www.ieee.org :
v2S` L*2FS >98F F3
.http://www.ietf.org :v2v` 98% ^F j12P
.http://www.maawg.org :O
v2S- 4#92 <k <"39 L9- PS~ l3 j120
.http://www.witsa.org :&63 M&&8S >3 y
.http://www.w3c.org :G1& 2) >3 4.C.I
(6.B.I)
•
•
•
•
•
•
•
•
WO. " U#; (;
&' (.)- 36 !'
(
71 :II GHIJ
2 56 78 9: ;<=
1.C.II
.http://www.csialliance.org/about_csia/index.html :o
7 :e ;8+ y
4#92 I v3 2 ¦ ! 4#92 PS d! "8 3 "\8 C ;&"T
.http://www.oecd-antispam.org/article.php3?id_article=243 :
!
.http://stopspamalliance.org/ :
! 4#92 ?6; Lf y
•
•
•
'
v2S` &S ()* *23 ¨
6 < 3 6¤ 2); B*2 r8 :; 212 :9e t2)
:
v2S`
http://www.zawya.com/Story.cfm/sidZAWYA20080529073202/SecMain/pagHomepage/
.chnAll%20Regional%20News/obj2A17E941-F5E0-11D4-867D00D0B74A0D7C/
•
!
:M2 8k 1" !&& &63 <k Sk :1,] <";e 2# &S m* 29e 2)
•
http://www.tisn.gov.au/www/tisn/tisn.nsf/Page/CIPPrograms_CriticalInfrastructureProtectionModelling
.andAnalysis(CIPMA)
:
S12e 1&* j
78 T (ISAGs) &63 4
6 <k a2
.http://www.fsisac.com/ :
6 ISAC a2 ¦
.http://www.esisac.com/ :>#*2FS 6 ISAC a2 ¦
.http://www.it-isac.org :&63 M&&8S ISAC a2 ¦
•
22/1
62
.http://www.ncs.gov/ncc/ : ISAC a2 ¦
.http://www.nric.org/ :(NRIC) O
8
* F6
5) 6*! Sk) 1";* l3 6¤ ¦
.http://www.ncs.gov/nstac/nstac.html :(NSTAC) lw& : 1,)9 8]6 ¦
j120 ¦ X13"6 >S12e lw& F3 :X13 ()* S12e 1& ;8 &S m* 3 $
%
::e X13 lw&
.http://www.ansi.org/standards_activities/standards_boards_panels/hssp/overview.aspx?menuid=3
:&63 :C ()* S12(* &63 M&&8S *2 Lf
k !,&
.http://www.itaa.org/eweb/upload/ITAA%20Infosec%20White%20Paper.pdf
.http://www.it-scc.org :(SCC) &63 M&&8S ! j
78 >S12e 6¤
.http://www.cyberpartnership.org/ :o
7 : S12e 8w& 2)
: 2 &"8* l3 4"3 j12P :; 212 /(NIAC) &63 :e >S12e lw& 6¤
.http://itaa.org/eweb/upload/NIAC_SectorPartModelWorkingGrp_July05.pdf
.http://www.dhs.gov/xprevprot/programs/editorial_0827.shtm :
8k 1" S12e 8w&
.http://www.dhs.gov/xprevprot/programs/gc_1179866197607.shtm : G7[
S12C Z
.http://www.dhs.gov/xlibrary/assets/IT_SSP_5_21_07.pdf :&63 M&&8S * +Z S12C Z
.http://www.ntia.doc.gov/ :&63 S12e 8w& ,`
>/ ?@ "
: 1A$
•
•
•
•
•
•
•
•
•
2.C.II
.http://www.maawg.org :O
v2S- 4#92 <k <"39 L9- PS~ l3 4"3 j12P
•
!
.http://csrc.nist.gov/ :¢&9 xC :C a2 /
M&&8S X13"6 >S12e lw& F3
:o
7 ,RvN lw& ^\8 /US-CERT *&9 ,&6 >S12e *]9 j12P
.http://www.us-cert.gov/cas/
•
*# 1@ %D "56 ;4E ? "E : *B
3.C.II
•
.http://www.gideonrasmussen.com/article-01.html :lC >; j6Z ¨v2*
.http://www.cisecurity.org/resources.html :79= :(* 83 v2v` :C ,&)8 ,& a2
:le >;&6 2) ]
29
.http://articles.techrepublic.com.com/5100-10878_11-5193710.html
:X5 1,] <"; o
7 : [& 4
.http://www.uschamber.com/publications/reports/0409_hs_cybersecurity.htm
•
•
•
•
63
22/1
:;8 &S6 EDUCAUSE *2 le >;& ,&
http://www.educause.edu/Security%20Task%20Force/CybersecurityAwarenessResource/Browse
.SecurityAwarenessResourc/8770?time=1215527945
•
:(5 3* [) &63 Sk) :e *,e &6 &63 :(* >;& ,k
.http://www.enisa.europa.eu/Pages/05_01.htm
:(2) #2A : 1!&6) F"#2M : 1!& &63 M&&8S :C <T <&*2ve G
9C
.http://www.interpol.int/Public/TechnologyCrime/CrimePrev/ITSecurity.asp
:&63 M&&8S #2M 3f 2)6 <&*2ve "#!
•
.http://www.interpol.int/Public/TechnologyCrime/CrimePrev/companyChecklist.asp
.http://www.noticebored.com/html/posters.html :le >;&6 NoticeBored 2 6
http://www.oecd-:>;& 63 ¦ ! 4#92 PS d! "8 3 "\8 C ;&"T
.antispam.org/article.php3?id_article=242
.http://www.sans.org/resources/policies/ :
8e 9
7 ,& /(SANS) {8
( O
Sk {*, ^\8 ,- 79=
:&63 ¢2[ B!& ¦ le >;& C ;&"T
.http://www.iwar.org.uk/comsec/resources/sa-tools/
:%,& a2 X5 1,] <"; k78* >;& 1W ¦ o
7 : S12e 8w& 2)
.http://www.cyberpartnership.org/init-aware.html
•
•
•
•
•
•
•
!
.http://www.ftc.gov/infosecurity :,]6 S12e ,
0 8]6
:G1, le >;& ¨v2* /(
S12e 1&) M&&8S X13"6 lw& F3"6 800-50 !, 2)8
.http://csrc.nist.gov/publications/nistpubs/800-50/NIST-SP800-50.pdf
•
•
[
\4D' L.4
\ ]
Q/(4M% (XJ Y$ :III GHIJ
:(2001) vo
7 #2A* 83 !0 :§,e 6¤
.http://www.coe.int/t/dg1/legalcooperation/economiccrime/cybercrime/Default_en.asp
:(G8) "i < ;&"¤ 8 ; #2A k
.http://www.usdoj.gov/criminal/cybercrime/g82004/g8_background.html
&v j
78 8w& v&v ¨F8 j
78 ()* 99C & : o
7 :e *&*
.http://www.itu.int/cybersecurity/gateway/laws_legislation.html :0v`
: &63 M&&8S \8 C ;&"T /&63 k3/ .http://www.ictregulationtoolkit.org/
:
8 6k6 4
:
vo
7 2A FP ()* ,&)8
•
•
•
•
•
http://www.itu.int/ITU-D/cyb/cybersecurity/projects/crimeguide.html
:
vo
7 2A 312) )* C ;&"T
http://www.itu.int/ITU-D/cyb/cybersecurity/projects/cyberlaw.html
•
22/1
:&63 M&&8S #2p + <&*2ve ,&
.http://www.interpol.com/Public/TechnologyCrime/
:d! "8 3 "\8 ! 4#92 PS "
\8 ¨F8
.http://www.oecd-antispam.org/article.php3?id_article=1
:d! "8 3 "\8 ! 4#92 PS C ;&"T
.http://www.oecd-antispam.org/article.php3?id_article=265
:"
2M- @2ge &63 M&&8S <"39 L9- PS" ()* 55/63 !, 3 3"A ,2!
.http://www.un.org/Depts/dhl/resguide/r55.htm
:"
2M- @2ge &63 M&&8S <"39 L9- PS" ()* 56/121 !, 3 3"A ,2!
.http://www.un.org/Depts/dhl/resguide/r56.htm
1M 2 !- c,3 m7 ,& /(UNICRI) 3 2A &k >"
!e e F3
.http://www.unicri.it/ :
vo
7 #2A FM&
3
!& v2S` ,] Y&° (UNCITRAL) d,] &v6 e 8]6 M&­ mv&!
:
v2S`
.http://www.uncitral.org/uncitral/en/uncitral_texts/electronic_commerce/2001Model_signatures.html
.http://www.unodc.org/ :2A ,* l3 e GS ,&
64
•
•
•
•
•
•
•
•
'
:
vo
7 #2A* +Z 1,W v
* @2; j# :(APEC)
9 d! 3 *,
.http://www.apectelwg.org/
:
vo
7 #2A* l3 2= :; , 2% ;-
•
•
http://www.coe.int/t/dg1/legalcooperation/economiccrime/cybercrime/cy%20activity%20Cairo/CairoDe
.clarationAgainstCC2007_EN.pdf
:
*&9 #2A ¢&9 ()* 67 < &8&S >M&­ &v!
.http://www.thecommonwealth.org/Internal/38061/documents/
:(2001) vo
7 #2A* 83 !0 :§,e 6¤
.http://www.coe.int/t/dg1/legalcooperation/economiccrime/cybercrime/Default_en.asp
:
vo
7 #2A ()* S12e 6k m* 3 *&* :
S12e < "\8
.http://www.oas.org/juridico/english/cyber.htm
:
*&9 #2A (FBI) ,
0 GS j y
:
*&9 ,&6 *]9 t2P j
78 a2
.http://www.cert.org/tech_tips/FBI_investigates_crime.html
:
vo
7 #2A* + 312)6 >; K7 :
vo
7 #2A &v!
.http://www.cybercrimelaw.net/index.html
:6¤ 6* vo
7 #2A* + 312)6 K7 :§,e 6¤
http://www.coe.int/t/e/legal_affairs/legal_co-operation/combating_economic_crime/
.3_Technical_cooperation/CYBER/Legprofiles.asp#TopOfPage
•
•
•
•
•
•
65
22/1
v2S` 7 ()* S
& mv& :
9z 8 312)6 4
6" :P&92S
2
:"
vo
7 #2A
.http://www.itu.int/ITU-D/cyb/cybersecurity/docs/microsoft_asia_pacific_legislative_analysis.pdf
:d! "8 3 "\8 Lf;e < r ! 4#92 PS mv&!
.http://www.oecd-antispam.org/countrylaws.php3
e :; , "(ESCWA) 9z ¢25 ;"M 1! 8]6 Lf;e < r vo
7 312)6 ­"
. http://www.escwa.un.org/information/publications/edit/upload/ictd-07-8-e.pdf:
:(USDOJ) S12e <3 ,W&* 12S0 S6 *&9 #2A 7 G1& B!&
.http://www.cybercrime.gov
<"39 L9- <
[ &v! ¦ 1 40) *&9 #2A "
()* (USDOJ) S12e <3 ,W G
.http://www.cybercrime.gov/ccmanual/ :(¢&9 <T :
v2S- C ?6; <& 9," 4fPC ¦ S12e Y :e 2#
.http://www.forwardedge2.com/pdf/bestPractices.pdf
•
•
•
•
•
•
_
4D' (6
PQ' `4D' (7 :^$.- 0$D (&O' (,F& G
*41 :IV GHIJ
G6 ?@ H6 ! 8#& I%J ! 8#& K+L
1.C.IV
:
S12e 1& &6
>581, 3p
*&9 ,&6 *]9 t2P j
78 a2
.http://www.cert.org/csirts/
:§&9 :e & lw *]9 j12P L)v- L2M* "#! :
*&9 ,&6 *]9 t2P j
78 a2
.http://www.cert.org/csirts/action_list.html
:Lk6 6"; §&9/:e & lw *]9 j12P L)v- :
*&9 ,&6 *]9 t2P j
78 a2
.http://www.cert.org/csirts/Creating-A-CSIRT.html
:e & 8w& *]9 t20 & ,- 6"; 1 :
*&9 ,&6 *]9 t2P j
78 a2
.http://www.cert.org/archive/pdf/04tr015.pdf :,M 4"; :§&9
:§&9 :e & *]9 t2P u- OXi {M& E 6$9e :
*&9 ,&6 *]9 t2P j
78 a2
.http://www.cert.org/csirts/csirt_faq.html
:§&9 :e & *]9 t2P Y&° G
:
*&9 ,&6 *]9 t2P j
78 a2
.http://www.cert.org/archive/pdf/csirt-handbook.pdf
:0.1 ,+` /& ,- ,! V
! :
*&9 ,&6 *]9 t2P j
78 a2
.http://www.cert.org/archive/pdf/07tr008.pdf
:§&9 :e & *]9 t20 "
\8 ­ :
*&9 ,&6 *]9 t2P j
78 a2
.http://www.cert.org/archive/pdf/03hb001.pdf
:§&9 :e & *]9 t2P Z :
*&9 ,&6 *]9 t2P j
78 a2
.http://www.cert.org/csirts/services.html
(CERT/CC)
•
•
•
•
•
•
•
•
•
22/1
>% ¦ 1 §&9 :e & *]9 j12P m63 ,
Z :
*&9 ,&6 *]9 t2P j
78 a2
.http://www.cert.org/csirts/csirt-staffing.html :±*&6 99e ,F
:§&9 :e & *]9 j120 k78* 4"3 BI :
*&9 ,&6 *]9 t2P j
78 a2
.http://www.cert.org/archive/pdf/03tr001.pdf
:§&9 :e & *]9 8w& t20 L)v- &Z :
*&9 ,&6 *]9 t2P j
78 a2
.http://www.cert.org/archive/pdf/NationalCSIRTs.pdf
.http://www.vte.cert.org/ :
*&9 ,&6 *]9 t2P j
78 a2 (VTE) >I2P G1, $
*
:e & *]9 j12P 4
S) 0
()* &° &Z ¨' :&63 Sk) :e *,e &
.http://www.enisa.europa.eu/pages/05_01.htm :§&9
:6 ,& IMPACT ITU m* 3 $
%
66
•
•
•
•
•
•
http://www.itu.int/ITU-D/cyb/cybersecurity/impact.html
:o
7 :e & *]9 j12P 4
S) :; &63 ¦ §&9 :e & *]9 j120 3 &­
.http://www.govcert.nl/render.html?it=69
:(WARP) ¯*` ,&) £ ,Rv` 8 C ;&"T : S6"* 8w& 8k 1 a2
.http://www.warp.gov.uk/
•
•
'
.http://www.apcert.org/index.html :
9z 8 *&9 ,&6 *]9 j12P
.http://www.ecsirt.net/ :
*&9 ,&6 §,e *]9 j120 Sk) ,&
.http://www.egc-group.org/ :
*&9 ,&6 *,e &S *]9 !2PC j12P
•
•
•
!
.http://www.auscert.org.au :
*&9 ,&6 *]9 29e j120 :
29C
.http://www.cert.at :7"8* *&9 ,&6 *]9 j12P :7"8
.http://www.cert.br/ :41Wo* *&9 ,&6 *]9 j12P :41Wo
.http://www.clcert.cl/ :>6
)* *&9 ,&6 *]9 j12P :>6
.http://www.cert.org.cn/ :m* *&9 ,&6 *]9 t2P j
78 a2 :m
.http://www.cert.fi :8680* *&9 ,&6 *]9 j12P :868P
.http://www.cert-hungary.hu :1,58b *&9 ,&6 *]9 j12P :1,58%
.http://www.cert-in.org.in :8* *&9 ,&6 *]9 j12P :8
.http://security.dico.unimi.it/ :
1* *&9 ,&6 *]9 j12P :
1.http://www.jpcert.or.jp/ :*
* *&9 ,&6 *]9 t2P j
78 a2 :*
.http://www.krcert.or.kr/ :1,&S* *&9 ,&6 *]9 t2P j
78 a2 :1,&
.http://www.cybersecurity.org.my :1a
~ *&9 ,&6 *]9 j12P :1a
.http://www.csirt.dk/ :8&%
.http://www.cert.pl/ :8&k* *&9 ,&6 *]9 j12P :8&*
•
•
•
•
•
•
•
•
•
•
•
•
•
•
67
22/1
.http://www.arnes.si/en/si-cert/ :
8
P&67* *&9 ,&6 *]9 j12P :
8
P&69
.http://www.singcert.org.sg/ :,&P587* *&9 ,&6 *]9 j12P :,&P589
.http://www.sitic.se :1&7* &63 M&&8S &[ a2 :1&7
.http://www.melani.admin.ch :MELANI a2 :271&9
.http://www.thaicert.nectec.or.th/ :v1* *&9 ,&6 *]9 j12P :v1
.http://www.ansi.tn/en/about_cert-tcc.htm :
*&9 ,&6 *]9 j120 B* TCC a2 :v&
.http://www.qcert.org :2!
.http://aecert.ae/ : *23 ,`
:
S12e 8w& *]9 Z
.http://www.dhs.gov/dhspublic/interapp/editorial/editorial_0566.xml
.http://www.us-cert.gov/ :
*&9 ,&6 >S12e *]9 j12P :
S12e 1&
.§&9 :e & *]9/
*&9 ,&6 *]9 r2Ze 8w& t206 G1& B!&
•
"
: 1A$ 9:
2.C.IV
•
•
•
•
•
•
•
•
•
•
aI'$
:<&6 8e y3f :w& :
*&9 ,&6 *]9 t2P j
78 a2
.http://www.cert.org/nav/index_red.html
.http://chiht.dfn-cert.de/ :(CHIHT) & B 43 C ()* &63 <k a2
.http://www.first.org/ :(FIRST) 8e t20 &6 *]9 r8 ,&
.http://www.donelan.com/ispsupport.html :v2v` Z d,& :e ; Z ,&
:'()* *]9 ,Rv` & k!2~ j63 99C & :o
7 : *&*
.http://www.itu.int/cybersecurity/gateway/watch_warning.html
:2Pe X5 1,] <";e 4MC : &63 M&&8S :z ,Rv- ^\v
.http://www.itsafe.gov.uk/
:
! 4#92 PS C ;&"T :d! "8 3 "\8
.http://www.oecd-antispam.org/article.php3?id_article=265
•
•
•
•
•
•
•
'
.http://www.terena.org/ :(TERENA) *,C o; 63 &k Sk *,
•
!
:(WARP)
.http://www.waarschuwingsdienst.nl/render.html?cid=106 :18& 8w& ,Rv` Z :8&%
¯*` ,&) £ ,Rv` v C ;&"T :(
8w& 8k 1 a2) S6"
.http://www.warp.gov.uk/
.https://www.it-isac.org/ :
S12e 1&* F6
6 &63 M&&8S &63 <k a2
•
•
•
22/1
68
,& Z M2 8k :&63 M&&8S :(ISCC) &63 M&&8S ! j
78 >S12e 6¤
:* + 7
#2
.http://www.it-scc.org/documents/itscc/Information_Technology_SSP_2007.pdf
.http://csrc.nist.gov/ :
S12e 1&* (NIST) M&&8S X13"6 lw& F3
•
" N:O ?! "E/"
:
:8z "\vC L)v- ;7"6 To :C (* + &63 B"p :e L8*
.https://buildsecurityin.us-cert.gov/daisy/bsi/home.html
.http://www.cve.mitre.org/about/ :(CVE) @23 y3f :w&~ 2) "#!
.http://oval.mitre.org/ :(OVAL) y3f :w& [&0 5
.http://nvd.nist.gov/nvd.cfm :
To6 k78* (NVD) y3f :w& S12e 8w& v
k ;!
3.C.IV
•
•
•
•
•
LM% N (&O' (=
\b c' :V GHIJ
(7.B.V 2.B.V 1.B.V) 56 "5AP Q.@
1.C.V
:4"; Z /&63 B"¤ 3 5
M 4"3 Z
.http://www.itu.int/wsis/implementation/index.html
.http://www.itu.int/osg/csd/cybersecurity/gca/ :o
7 :e ()* >3 <";e <M
: &63 B"¤ 3 "6 ! 4#92 PS~ l3 >3
I& "M
.http://www.itu.int/osg/spu/spam/meeting7-9-04/index.html
:<e "M #, 212 /&63 B"¤ 3 "6 5
M 4"3 Z
.http://www.itu.int/osg/spu/cybersecurity/2006/chairmansreport.pdf
:i "M #, 212 /&63 B"¤ 3 "6 5
M 4"3 Z
.http://www.itu.int/wsis/docs/geneva/official/poa.html
:6 Okw i "M <";C <M
.http://www.itu.int/osg/csd/cybersecurity/WSIS/meetingAgenda.html
:i "M 212 /&63 B"¤ 3 "6 5
M 4"3 Z
•
•
•
•
•
•
•
http://www.itu.int/osg/csd/cybersecurity/WSIS/3rd_meeting_docs/WSIS_Action_Line_C5_Meeting_Re
.port_June_2008.pdf
:6 Okw i "M <";C <M
.http://www.itu.int/osg/csd/cybersecurity/WSIS/agenda-3_new.html
9
7 >3v+ 4MC : v2v` :C 9 &63 /k9 +&Z :P&92S
2
.http://www.microsoft.com/mscorp/twc/policymakers_us.mspx :}3 LC B
.http://www.oecd.org/sti/cultureofsecurity :%,& B :e P *&* /d! "8 3 "\8
:(2002) "
8C P & :&63 Sk "\vC :C ()* F
M& k" d! "8 3 "\8
.http://www.oecd.org/document/42/0,2340,en_2649_34255_15582250_1_1_1_1,00.html
" o; ) v
k P +& 1 ()* F
M& k" :d! "8 3 "\8
.http://www.oecd.org/document/20/0,2340,en_2649_34255_15589524_1_1_1_1,00.html :(1980)
•
•
•
•
•
69
22/1
""\8 6* &63 Sk "\vC :e Pi ¨12 ()* d! "8 3 "\8 212"
.http://www.oecd.org/dataoecd/16/27/35884541.pdf :(2005)
:
&S 9
7 &63 :C ¦ 8k6 &63 M&&8S :C G
.http://www.infodev-security.net/handbook/part4.pdf
.http://www.un.org/Depts/dhl/resguide/r57.htm :(¢ C P2) 3 3"]6 57/239 !, ,2
•
•
•
'
:(2007) "]8 V
! 9," :&63 :(* ;& ,k" :&63 Sk) :e *,e &
.http://www.enisa.europa.eu/doc/pdf/deliverables/enisa_measuring_awareness.pdf
:(2006) "&63 :(* >;& 1W 0
:m6"37"6 4
" &63 Sk) :e *,e &
.http://www.enisa.europa.eu/doc/pdf/deliverables/enisa_a_users_guide_how_to_raise_IS_awareness.pdf
:(InSafe) v2v` 9 &63 §,e ,
.http://www.saferinternet.org/ww/en/pub/insafe/index.htm
¨' :o
7 :e @231 E 1F PS S12e 6k ]
29 :(OAS) S12e < "\8
:(2004) (60 1R) o
7 : P L9,` "\ve 3 3*e 3
•
•
•
•
http://www.oas.org/XXXIVGA/english/docs/approved_documents/adoption_strategy_
.combat_threats_cybersecurity.htm
!
:
! 4#92 PS GS ,& :41Wo
:CGI.br – v2ve* 83 61Wo {
M& 8]6 v2v` 9 ()* F
M& k :41Wo
http://antispam.br/
•
•
http://cartilha.cert.br/
:(6* 4S) : Pi ¨126 d! "8 3 "\8 ,k
.http://www.oecd.org/document/63/0,3343,en_21571361_36139259_36306559_1_1_1_1,00.html
.http://www.us-cert.gov/ :
S12e 1&* *&9 ,&6 *]9 j12P B!&
:
S12e 1&* >6Z :e ,W& M2 8w& 8k 1" 21& k Z
.http://www.dhs.gov/xres/programs/gc_1159207732327.shtm
.http://csrc.nist.gov/fasp/ :
S12e 1&* 1 &6 8e 9,"
:39 11 7 2 1 LaMe /(FAR) S12e 1&* 1 L8! K#&
.http://www.acqnet.gov/FAR/
:&63 :C o
7 :e Y&° S12e 1&* 1 21& k Z
.http://www.nitrd.gov/pubs/csia/FederalPlan_CSIA_RnD.pdf
:
+& &63 :e S12e 1&* d,)9 6¤
.http://csrc.nist.gov/ispab/
G
2 M2 ³k 1" /HSPD-7 !, {
M& /
S12e 1&* >6Z : >9#2 {
M&
.http://www.whitehouse.gov/news/releases/2003/12/20031217-5.html :"F1 1&C
.http://www.msisac.org/ :S12(* 3 1&6 F6
6 &63 <k a2
.http://www.whitehouse.gov/pcipb/ :o
7 Lf0 m( S12e 8w& ]
29
&k 1&C Y&° &63 M&&8S* 83 S12e 1& #2 1,)9 8]6 212
:o
7 :e <T
.http://www.nitrd.gov/pitac/reports/20050301_cybersecurity/cybersecurity.pdf
•
•
•
•
•
•
•
•
•
•
•
22/1
70
(7.B.V 5.B.V 3.B.V) RS T+ *# 1@ "Q
http://www.internetsegura.org/ :41Wo 8z v2v- 2[
.http://tools.cisco.com/security/center/home.x :(9," 4fPC 7!) : Cisco a2
.http://www.microsoft.com/mscorp/twc/default.mspx :P&92S
2) "3 *&9
:(NIATEC) &63 ;&v "I <T 63 G1,6 lw& a2"6 71, &
.http://niatec.info/index.aspx?page=105
:"\8"6 :e ¦ 8k6 &63 M&&8S :C 4
.http://www.infodev-security.net/handbook/part3.pdf
:
S12e 1&* *&9 ,&6 *]9 j12P :; ,+ 4"3 :e ;- !* 6
.http://www.uscert.gov/reading_room/distributable.html
:
S12e 1&* ;8 2#/>6Z :e ,W& "
vo
7 0+3" 9,
.http://www.dhs.gov/xnews/releases/pr_1158340980371.shtm
2.C.V
(7.B.V 6.B.V 4.B.V) > UV %J@
http://www.safernet.org/ :41Wo* SaferNet "\8 :41Wo
:(SUSI ¦ v2v` ?6; 6 O8C 2ie ^9) ?6; O8z :S
.http://www.besafeonline.org/
.http://casescontact.org/tips_list.php :CASEScontact "\8 8C ,.http://www.childnet-int.org :Childnet <0w Sk) ,&
.http://www.cyberpeaceinitiative.org/ :o
7 ^7 ,k
.http://tcs.cybertipline.com/ : ?6; e j
0
m%2 63 :CyberTipline B!&
.http://www.internetsafetyzone.co.uk/root/ ::1& <0w v2v` C tv ,&
:&63 M&&8S #2M ()* <&*2v + 3M2 "#
.http://www.interpol.int/Public/TechnologyCrime/CrimePrev/privateChecklist.asp
http://www.itu.int/cop/ :6 F
M& k ?6; <0we 1" ,k
.http://kids.getnetwise.org/tools/ :29 GetNetWise "\8 C
.http://onguardonline.gov/index.html :<
[ : 1"6 ,- ¦ ?6; OnGuard B!&
.http://www.makeitsecure.org/en/index.html :3#) v2v` ,ZC :; &63 ¦ MakeItSecure B!&
.http://www.esecurity.org.my/ :1a
2S` :e ,k
.http://www.netsmartz.org/netparents.htm :L
+e :1&6 ,& :NetSmartz B!&
.http://www.netsafe.org.nz :1861W&
8 Netsafe Sk
.http://www.safeline.gr/ :
v&v Xg 1& :; ¯*N SafeLine :Z7
.http://www.securitycartoon.com/ ::e Y&° 1,&S1, ^&9,
.http://www.staysafeonline.info/ : ?6; O8z 4\6P
.http://www.wiredsafety.org/ :WiredSafety "\8
:2P :e ¦ 8k6 &63 M&&8S :C 4
.http://www.infodev-security.net/handbook/part2.pdf
3.C.V
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
71
22/1
.http://www.ceop.gov.uk/ : S6"* ?6; 1" <0we <59 I 1" a2 ,&
.http://www.getsafeonline.org/ : S6""6 ?6; O8z :S6P B!&
:m
8 Xg m6"37"6 1& *&9 ,&6 *]9 j12P
.http://www.us-cert.gov/nav/nt01/
•
•
•
m
#F8 m6"37 r >;& 1a 8w& "
6!` ,k : Xg
22/1
(2010-2006)1
:22/1
2010
