TBD Kamu-BİB IV, Ankara, 9, 11, 17, 2005.
29. İnternet: BSI Eurasia “BSI Belgelendirme
Yöntemi” http://www.bsi-
turkey.com/BilgiGuvenligi/ISMStescil/BSItescily
ontemi.xalter?print_only=1, 24.01.2008.
30. İnternet: BSI Eurasia “Bilgi Güvenliği Yönetim
Sisteminin Belgelendirilmesi” http://www.bsi-
turkey.com/BilgiGuvenligi/ISMStescil/index.xalt
er, 24.01.2008.
31. İnternet: OWASP “About The Open Web
Application Security Project”
http://www.owasp.org/index.php/About_The_Op
en_Web_Application_Security_Project,
24.01.2008.
32. İnternet: Web Application Security Consortium
“About Us”
http://www.webappsec.org/aboutus.shtml ,
24.01.2008.
33. Hansche, S., “Official (ISC2) Guide to the CISSP
Exam”, Auerbach Publications, New York, 12,
2003.
34. İnternet: Web Application Security Consortium
“Weak Password Recovery Validation”
http://www.webappsec.org/projects/threat/classes
/weak_password _recovery_validation.shtml
24.01.2008.
Y. Vural ve Ş. Sağıroğlu
Kurumsal Bilgi Güvenliği ve Standartları Üzerine Bir İnceleme
522
Gazi Üniv. Müh. Mim. Fak. Der. Cilt 23, No 2, 2008
35. İnternet: Web Application Security Consortium
“Cross-site Scripting”
http://www.webappsec.org/projects/threat/classes
/cross-site_scripting.shtml, 24.01.2008.
36. İnternet: Amit Klein “DOM Based Cross Site
Scripting or XSS of the Third Kind”
http://www.webappsec.org/projects/articles/0711
05.shtml, 24.01.2008.
37. İnternet: The World Wide Web Consortium
(W3C) “Document Object Model FAQ"
http://www.w3.org/DOM/faq.html#what,
24.01.2008.
38. Chapela, V., “Advanced SQL Injection”
http://www.owasp.org/images/7/74/Advanced_S
QL_Injection.ppt, 24.01.2008.
39. Anley, C., “Advanced SQL Injection In SQL
Server Applications”, Next Generation Security
Software Publication, Surrey, 18- 21, 2002.