1[1]Control Objectives for Information and Related Technology (COBIT) 3rd Edition,Information Systems Audit and Control Foundation, July 2000.
2[2]IT Baselines Protection Manual published by Bundesamt f ür.Sicherheit in der Informationstechnik (BSI)
3[3]A Code of Practice for Information Security (ISO/17799: 2000)
4[4]General Accounting Office, Federal Information System Control Audit Manual (FISCAM). GOA/AIMD-12.19.6,January 1999.
5[5]SSE-CMM(r) (model). System Security Engineering Capability Maturity Model. Model Description, Version 2.0. April 1999.
6[6]Capability Maturity Mode forSoftware. Version 1.1 February 1993
7[7]Trusted Computer System Evaluation Criteria US National Computer Security Center. 1985. NCSC 5200.28-STD.
8[8]Information Technology Security Evaluation Criteria Provisional Harmonized Criteria of France. Germany. Netherlands.and United Kingdom. Commission of theEuropean Communities. 1991
9[9]Communications Security Establishment. Canada. Canadian Trusted Computer Product Evaluation Criteria Version 3.0e. January 993
10[10]Common Criteria for Information Technology Security Evaluation (CC). Version 2.1 .August 1999.
6The International Organization for Standardization.Common Cri- teria for Information Technology Security Evaluation-Part 2: Security Fmction Reauirements[S].ISO/IEC 15408-2:1999(E),1999.
7Hammond J L, O' Reily P J P. Performance Analysis of Local Computer Networks [ M]. Addison-Wesley Publishing Company, 1986. 255- 312.
8Kleinrock L. Performance Evaluation/Analysis of Computer Networks [J]. Proc. IEEE, 1993, (1): 1179-1191.
9逮昭义 王思明.计算机通信网信息量理论[M].北京:电子工业出版社,1997..
10Harris B, Hunt R. TCP/IP security threats and attack methods[J]. Computer Communications,1999,22(10):885-897.
