{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T17:30:03Z","timestamp":1767375003158},"publisher-location":"Berlin, Heidelberg","reference-count":29,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540260424"},{"type":"electronic","value":"9783540320401"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2005]]},"DOI":"10.1007\/11429760_4","type":"book-chapter","created":{"date-parts":[[2010,7,13]],"date-time":"2010-07-13T15:47:10Z","timestamp":1279036030000},"page":"45-60","source":"Crossref","is-referenced-by-count":12,"title":["Specifying Legal Risk Scenarios Using the CORAS Threat Modelling Language"],"prefix":"10.1007","author":[{"given":"Fredrik","family":"Vraalsen","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mass Soldal","family":"Lund","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tobias","family":"Mahler","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xavier","family":"Parent","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ketil","family":"St\u00f8len","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"4_CR1","unstructured":"J\u00f8sang, A., Ismail, R., Boyd, C.: A Survey of Trust and Reputation Systems for Online Service Provision. Decision Support Systems (to appear), http:\/\/security.dstc.edu.au\/papers\/JIB2005-DSS.pdf"},{"key":"4_CR2","unstructured":"Egger, F.N.: Towards a model of trust for e-commerce system design. In: CHI 2000: Workshop Designing Interactive Systems for 1-to-1 E-commerce (2000), http:\/\/www.zurich.ibm.com\/~mrs\/chi2000\/contributions\/egger.html"},{"key":"4_CR3","doi-asserted-by":"publisher","first-page":"81","DOI":"10.1145\/355112.355128","volume":"43","author":"S. Jones","year":"2000","unstructured":"Jones, S., Wilikens, M., Morris, P., Masera, M.: Trust requirements in e-business. Communications of the ACM\u00a043, 81\u201387 (2000)","journal-title":"Communications of the ACM"},{"key":"4_CR4","unstructured":"Wahlgren, P.: Juridisk riskanalys - Mot en s\u00e4krare juridisk metod. Jure, Stockholm (2003) (in Swedish)"},{"key":"4_CR5","volume-title":"The Future of Law","author":"R. Susskind","year":"1996","unstructured":"Susskind, R.: The Future of Law. Clarendon Press, Oxford (1996)"},{"key":"4_CR6","unstructured":"Reidenberg, J.: Lex Informatica: The Formulation of Information Policy Rules Through Technology. In: Texas Law Review, vol.\u00a076, pp. 553\u2013593 (1998)"},{"key":"4_CR7","unstructured":"CORAS: The CORAS project (2005), http:\/\/coras.sourceforge.net\/ (visited February 2005)"},{"key":"4_CR8","first-page":"159","volume-title":"I3E 2002","author":"T. Dimitrakos","year":"2002","unstructured":"Dimitrakos, T., Ritchie, B., Raptis, D., Aagedal, J.\u00d8., den Braber, F., St\u00f8len, K., Houmb, S.H.: Integrating model-based security risk managament into eBusiness systems development: The CORAS approach. In: I3E 2002, pp. 159\u2013175. Kluwer, Dordrecht (2002)"},{"key":"4_CR9","first-page":"169","volume-title":"CMS 2002","author":"D. Raptis","year":"2002","unstructured":"Raptis, D., Dimitrakos, T., Gran, B.A., St\u00f8len, K.: The CORAS approach for model-based risk management applied to e-commerce domain. In: CMS 2002, pp. 169\u2013181. Kluwer, Dordrecht (2002)"},{"key":"4_CR10","unstructured":"OMG: UML 2.0 Superstructure Specification (2004) OMG Document: ptc\/2004-10-02"},{"key":"4_CR11","unstructured":"Lund, M.S., Hogganvik, I., Seehusen, F., St\u00f8len, K.: UML profile for security assessment. Technical Report STF40 A03066, SINTEF Telecom and informatics (2003)"},{"key":"4_CR12","unstructured":"OMG: UML Profile for Modeling Quality of Service and Fault Tolerance Characteristics and Mechanisms, Draft Adopted Specification (2004), OMG Document: ptc\/2004-06-01"},{"key":"4_CR13","unstructured":"TrustCoM: Trust and Contract Management in Virtual Organisations (2005), http:\/\/www.eu-trustcom.com\/ (visited February 2005)"},{"key":"4_CR14","volume-title":"HazOp and software HazOp","author":"F. Redmill","year":"1999","unstructured":"Redmill, F., Chudleigh, M., Catmur, J.: HazOp and software HazOp. Wiley, Chichester (1999)"},{"key":"4_CR15","doi-asserted-by":"crossref","DOI":"10.1017\/CBO9780511621192","volume-title":"Modal Logic - An Introduction","author":"B.F. Chellas","year":"1980","unstructured":"Chellas, B.F.: Modal Logic - An Introduction. Cambridge University Press, Cambridge (1980)"},{"key":"4_CR16","unstructured":"Elgesem, D.: The Modal Logic of Agency. Nordic Journal of Philosophical Logic\u00a02 (1997)"},{"key":"4_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"146","DOI":"10.1007\/978-3-540-24747-0_12","volume-title":"Trust Management","author":"G. Br\u00e6ndeland","year":"2004","unstructured":"Br\u00e6ndeland, G., St\u00f8len, K.: Using risk analysis to assess user trust - a net-bank scenario. In: Jensen, C., Poslad, S., Dimitrakos, T. (eds.) iTrust 2004. LNCS, vol.\u00a02995, pp. 146\u2013160. Springer, Heidelberg (2004)"},{"key":"4_CR18","unstructured":"den Braber, F., Lund, M.S., St\u00f8len, K.: Using the CORAS Threat Modelling Language to Document Threat Scenarios for several Microsoft relevant Technologies. Technical Report STF90 A04057, SINTEF ICT (2004)"},{"key":"4_CR19","unstructured":"Berardi, D., Cal\u00ec, A., Calvanese, D., De Giacomo, G.: Reasoning on UML Class Diagrams. Technical Report 11-03, Dipartimento di Informatica e Sistemistica, Universit\u00e0 di Roma La Sapienza (2003)"},{"key":"4_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11495628_1","volume-title":"Scenarios: Models, Transformations and Tools","author":"\u00d8. Haugen","year":"2005","unstructured":"Haugen, \u00d8., Husa, K.E., Runde, R.K., St\u00f8len, K.: Why timed sequence diagrams require three-event semantics. In: Leue, S., Syst\u00e4, T.J. (eds.) Scenarios: Models, Transformations and Tools. LNCS, vol.\u00a03466, pp. 1\u201325. Springer, Heidelberg (2005)"},{"key":"4_CR21","unstructured":"ISO\/IEC: FCD 15414: Information Technology - Open Distributed Processing - Reference Model - Enterprise Viewpoint. JTC1\/SC7 N2359, ISO\/IEC (2000)"},{"key":"4_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1007\/3-540-44569-2_2","volume-title":"Policies for Distributed Systems and Networks","author":"N. Damianou","year":"2001","unstructured":"Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The Ponder Specification Language. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol.\u00a01995, p. 18. Springer, Heidelberg (2001)"},{"key":"4_CR23","unstructured":"OASIS: eXtensible Access Control Markup Language (XACML) Version 1.0. Technical report, OASIS (2003)"},{"key":"4_CR24","doi-asserted-by":"crossref","unstructured":"Chu, Y.H., Feigenbaum, J., LaMacchia, B., Resnick, P., Strauss, M.: Referee: Trust management for web applications. In: Sixth International World Wide Web Conference, Santa Clara, CA, USA (1997)","DOI":"10.1016\/S0169-7552(97)00009-3"},{"key":"4_CR25","doi-asserted-by":"crossref","unstructured":"Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The KeyNote Trust Management System, Version 2. Request For Comments (RFC) 2704, AT&T Labs and University of Pennsylvania (1999)","DOI":"10.17487\/rfc2704"},{"key":"4_CR26","first-page":"271","volume-title":"16th Annual IFIP WG 11.3 Working Conference on Data and Application Security","author":"J. Biskup","year":"2002","unstructured":"Biskup, J., Karabulut, Y.: A Hybrid PKI Model with an Application for Secure Mediation. In: 16th Annual IFIP WG 11.3 Working Conference on Data and Application Security, Cambridge, England, pp. 271\u2013282. Kluwer Academic Press, Dordrecht (2002)"},{"key":"4_CR27","unstructured":"PERMIS: Privilege and Role Management Infrastructure Standards Validation (2004), http:\/\/sec.isi.salford.ac.uk\/permis\/ (visited December 2004)"},{"key":"4_CR28","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1023\/B:AGNT.0000018806.20944.ef","volume":"8","author":"P. Bresciani","year":"2004","unstructured":"Bresciani, P., Giorgini, P., Giunchiglia, F., Mylopoulos, J., Perini, A.: TROPOS: An Agent-Oriented Software Development Methodology. Journal of Autonomous Agents and Multi-Agent Systems\u00a08, 203\u2013236 (2004)","journal-title":"Journal of Autonomous Agents and Multi-Agent Systems"},{"key":"4_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"674","DOI":"10.1007\/978-3-540-30470-8_78","volume-title":"On the Move to Meaningful Internet Systems 2004: OTM 2004 Workshops","author":"M.T. Sagri","year":"2004","unstructured":"Sagri, M.T., Tiscornia, D., Gangemi, A.: An ontology-based model for Representing Bundle-of-rights. In: Meersman, R., Tari, Z., Corsaro, A. (eds.) OTM-WS 2004. LNCS, vol.\u00a03292, pp. 674\u2013688. Springer, Heidelberg (2004)"}],"container-title":["Lecture Notes in Computer Science","Trust Management"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11429760_4.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,17]],"date-time":"2020-11-17T19:57:28Z","timestamp":1605643048000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11429760_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2005]]},"ISBN":["9783540260424","9783540320401"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/11429760_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2005]]}}}