{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,15]],"date-time":"2026-01-15T07:48:23Z","timestamp":1768463303456,"version":"3.49.0"},"publisher-location":"Berlin, Heidelberg","reference-count":29,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540340751","type":"print"},{"value":"9783540340768","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2006]]},"DOI":"10.1007\/11751595_106","type":"book-chapter","created":{"date-parts":[[2006,5,11]],"date-time":"2006-05-11T14:27:59Z","timestamp":1147357679000},"page":"1013-1023","source":"Crossref","is-referenced-by-count":3,"title":["Metrics of Password Management Policy"],"prefix":"10.1007","author":[{"given":"Carlos","family":"Villarrubia","sequence":"first","affiliation":[]},{"given":"Eduardo","family":"Fern\u00e1ndez-Medina","sequence":"additional","affiliation":[]},{"given":"Mario","family":"Piattini","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"106_CR1","unstructured":"ACSA (ed.): Proceedings of the Workshop on Information Security System Scoring and Ranking, Williamsburg, Virginia (May 2001)"},{"key":"106_CR2","doi-asserted-by":"crossref","unstructured":"Adams, A., Sasse, M.A., Lunt, P.: Making passwords secure and usable. In: Proceedings of Human Computer Interaction, Bristol, England (August 1997)","DOI":"10.1007\/978-1-4471-3601-9_1"},{"key":"106_CR3","unstructured":"Bishop, M.: Comparing authentication techniques. In: Proceedings of the Third Workshop con Computer Incident Handling, August 1991, pp. 1\u201310 (1991)"},{"key":"106_CR4","unstructured":"Bouvier, P., Longeon, R.: Le tableau de bord de la s\u00e9curit\u00e9 du syst\u00e8me d\u2019information. S\u00e9curit\u00e9 Informatique, (June 2003)"},{"key":"106_CR5","unstructured":"SSE-CMM Model Description Document, 3rd edn., Carnegie Mellon University, Pittsburgh, Pennsylvania (June 2003)"},{"key":"106_CR6","doi-asserted-by":"crossref","first-page":"43","DOI":"10.15587\/1729-4061.2014.23156","volume":"2","author":"D.A. Chapin","year":"2005","unstructured":"Chapin, D.A., Akridge, S.: How can security be measured? Information Systems Control Journal\u00a02, 43\u201347 (2005)","journal-title":"Information Systems Control Journal"},{"key":"106_CR7","first-page":"64","volume":"57","author":"C. Colado","year":"2003","unstructured":"Colado, C., Franco, A.: M\u00e9tricas de seguridad: una visi\u00f3n actualizada. SIC. Seguridad en Inform\u00e1tica y Comunicaciones\u00a057, 64\u201366 (2003)","journal-title":"SIC. Seguridad en Inform\u00e1tica y Comunicaciones"},{"key":"106_CR8","unstructured":"Departament of the Air Force. AFI33-205. Information Protection Metrics and Measurements Program (August 1997)"},{"key":"106_CR9","doi-asserted-by":"crossref","unstructured":"Halderman, A., Waters, B., Felten, E.W.: A convenient method for securely managing passwords. In: Proceedings of the 14th International World Wide Web Conference, Chiba, Japan, May 2005, pp. 471\u2013479 (2005)","DOI":"10.1145\/1060745.1060815"},{"key":"106_CR10","unstructured":"ISO. ISO 7498-2. Open Systems Interconnection - Basic Reference Model - Part 2: Security Architecture (1989)"},{"key":"106_CR11","unstructured":"ISO\/IEC. ISO\/IEC TR 13335-1. Guidelines for the Management of IT Security. Part I: Concepts and Models of IT Security (1996)"},{"key":"106_CR12","unstructured":"ISO\/IEC. ISO\/IEC 15408. Evaluation Criteria for IT Security (December 1999)"},{"key":"106_CR13","unstructured":"ISO\/IEC. ISO\/IEC 17799. Code of Practice for Information Security Management (2000)"},{"key":"106_CR14","unstructured":"King, G.: Best security practices: An overview. In: Proceedings of the 23rd National Information Systems Security Conference, Baltimore, Maryland, NIST (October 2000)"},{"key":"106_CR15","unstructured":"Marcelo, J.M.: Seguridad de las Tecnolog\u00edas de la Informaci\u00f3n, cap\u00edtulo Identificaci\u00f3n y Evaluaci\u00f3n de Entidades en un M\u00e9todo AGR, pp. 69\u2013103. AENOR (2003)"},{"key":"106_CR16","unstructured":"McKnight, W.L.: What is information assurance? CrossTalk. The Journal of Defense Software Engineering, 4\u20136 (July 2002)"},{"issue":"6","key":"106_CR17","doi-asserted-by":"crossref","first-page":"15","DOI":"10.1145\/777313.777327","volume":"46","author":"R.T. Mercuri","year":"2003","unstructured":"Mercuri, R.T.: Analyzing security costs. CACM\u00a046(6), 15\u201318 (2003)","journal-title":"CACM"},{"issue":"11","key":"106_CR18","doi-asserted-by":"crossref","first-page":"594","DOI":"10.1145\/359168.359172","volume":"22","author":"R. Morris","year":"1979","unstructured":"Morris, R., Thompson, K.: Password security: A case history. CACM\u00a022(11), 594\u2013597 (1979)","journal-title":"CACM"},{"key":"106_CR19","unstructured":"Nielsen, F.: Approaches of security metrics. Technical report, NIST-CSSPAB (June 2000)"},{"key":"106_CR20","unstructured":"NIST. FIPS-112: Password Usage (May 1985)"},{"key":"106_CR21","unstructured":"NIST. FIPS-181: Automated Password Generator (October 1993)"},{"key":"106_CR22","unstructured":"Payne, S.C.: A guide to security metrics. Technical report, SANS Institute (July 2001)"},{"key":"106_CR23","doi-asserted-by":"crossref","unstructured":"Pinkas, B., Sander, T.: Securing passwords against dictionary attacks. In: Proceedings of the ACM Computer and Security Conference (CSC 2002), November 2002, pp. 161\u2013170 (2002)","DOI":"10.1145\/586110.586133"},{"key":"106_CR24","doi-asserted-by":"crossref","unstructured":"Schuedel, G., Wood, B.: Adversary work factor as a metric for information assurance. In: Procedings of the New Security Paradigm Workshop, Ireland, September 2000, pp. 23\u201330 (2000)","DOI":"10.1145\/366173.366185"},{"key":"106_CR25","doi-asserted-by":"crossref","unstructured":"Swanson, M.: Security self-assessment guide for information technology systems. Tech. Report NIST 800-26, National Institute of Standards and Technology (November 2001)","DOI":"10.6028\/NIST.SP.800-26"},{"key":"106_CR26","doi-asserted-by":"crossref","unstructured":"Swanson, M., Bartol, N., Sabato, J., Hash, J., Graffo, L.: Security metrics guide for information technology systems. Technical Report NIST 800-55, National Institute of Standards and Technology (July 2003)","DOI":"10.6028\/NIST.SP.800-55"},{"key":"106_CR27","doi-asserted-by":"crossref","unstructured":"Vaughn Jr., R.B., Henning, R., Siraj, A.: Information assurance measures and metrics \u2013 state of practice and proposed taxonomy. In: Proceedings of the 36th Hawaii International Conference on Systems Sciences (2003)","DOI":"10.1109\/HICSS.2003.1174904"},{"key":"106_CR28","unstructured":"Vaughn Jr., R.B., Siraj, A., Dampier, D.A.: Information security system rating and ranking. CrossTalk. The Journal of Defense Software Engineering, 30\u201332 (May 2002)"},{"key":"106_CR29","unstructured":"Villarrubia, C., Fern\u00e1ndez-Medina, E., Piattini, M.: Towards a classification of security metrics. In: Proceedings of the 2nd international workshop on security in information systems (WOSIS 2004), April 2004, pp. 342\u2013350 (2004)"}],"container-title":["Lecture Notes in Computer Science","Computational Science and Its Applications - ICCSA 2006"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11751595_106.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,8]],"date-time":"2025-01-08T22:35:15Z","timestamp":1736375715000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11751595_106"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006]]},"ISBN":["9783540340751","9783540340768"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/11751595_106","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2006]]}}}