ISO 27000系列介绍
- ISO 27000系列标准介绍
- ISO/IEC 27000:2009
- ISO/IEC 27001:2005
- ISO/IEC 27002:2005
- ISO/IEC 27003:2010
- ISO/IEC 27004:2009
- ISO/IEC 27005:2008
- ISO/IEC 27006:2007
- ISO/IEC 27007
- ISO/IEC 27008
- ISO/IEC 27010
- ISO/IEC 27011:2008
- ISO/IEC 27013
- ISO/IEC 27014
- ISO/IEC 27015
- ISO/IEC 27031
- ISO/IEC 27032
- ISO/IEC 27033
- ISO/IEC 27034
- ISO/IEC 27035
- ISO/IEC 27036
- ISO/IEC 27037
- ISO 27799:2008
ISO/IEC 27034
Information technology — Security techniques — Application security (draft)
信息技术—安全技术—应用安全
该标准目前处于起草阶段。
标准介绍:
ISO/IEC 27034将是一个包含多个部分的标准。该标准通过一组与组织的系统开发生命周期相整合的过程,为规化、设计、选择和实施信息安全控制措施提供指南。该标准包含如下部分:
- ISO/IEC 27034-1 - Information technology — Security techniques — Application security overview and concepts
- ISO/IEC 27034-2 - Organization Normative Framework
- ISO/IEC 27034-3 - Application Security Management Process
- ISO/IEC 27034-4 - Application security validation
- ISO/IEC 27034-5 - Protocols and application security control data structure
- ISO/IEC 27034-6 - Security guidance for specific applications