{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,30]],"date-time":"2025-12-30T15:39:49Z","timestamp":1767109189340,"version":"3.40.3"},"publisher-location":"Cham","reference-count":21,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030120849"},{"type":"electronic","value":"9783030120856"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-12085-6_6","type":"book-chapter","created":{"date-parts":[[2019,1,29]],"date-time":"2019-01-29T17:17:55Z","timestamp":1548782275000},"page":"61-72","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":10,"title":["Threat Modeling the Cloud: An Ontology Based Approach"],"prefix":"10.1007","author":[{"given":"Salman","family":"Manzoor","sequence":"first","affiliation":[]},{"given":"Tsvetoslava","family":"Vateva-Gurova","sequence":"additional","affiliation":[]},{"given":"Ruben","family":"Trapero","sequence":"additional","affiliation":[]},{"given":"Neeraj","family":"Suri","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,1,30]]},"reference":[{"key":"6_CR1","unstructured":"NIST. National Vulnerability Database. https:\/\/nvd.nist.gov\/"},{"key":"6_CR2","doi-asserted-by":"publisher","DOI":"10.7551\/mitpress\/8896.001.0001","volume-title":"Design Structure Matrix Methods and Applications","author":"S Eppinger","year":"2012","unstructured":"Eppinger, S., Browning, T.: Design Structure Matrix Methods and Applications. MIT Press, Cambridge (2012)"},{"key":"6_CR3","doi-asserted-by":"crossref","unstructured":"Gebala, D., Eppinger, S.: Methods for analyzing design procedures. In: Proceedings of Design Theory and Methodology, pp. 227\u2013233 (1991)","DOI":"10.1115\/DETC1991-0052"},{"key":"6_CR4","unstructured":"Hernan, S., Lambert, S., Ostwald, T., Shostack, A.: Uncover security design flaws using the STRIDE approach. MSDN Magazine (2006)"},{"key":"6_CR5","unstructured":"Hiller, M., Jhumka, A., Suri, N.: An approach for analysing the propagation of data errors in software. In: International Conference on Dependable Systems and Networks, DSN 2001, pp. 161\u2013170. IEEE (2001)"},{"issue":"5","key":"6_CR6","doi-asserted-by":"publisher","first-page":"512","DOI":"10.1109\/TC.2004.1275294","volume":"53","author":"M Hiller","year":"2004","unstructured":"Hiller, M., Jhumka, A., Suri, N.: EPIC: profiling the propagation and effect of data errors in software. IEEE Trans. Comput. 53(5), 512\u2013530 (2004)","journal-title":"IEEE Trans. Comput."},{"key":"6_CR7","doi-asserted-by":"crossref","unstructured":"Kamongi, P., et al.: VULCAN: vulnerability assessment framework for cloud computing. In: Proceedings of IEEE Software Security and Reliability (SERE), pp. 218\u2013226 (2013)","DOI":"10.1109\/SERE.2013.31"},{"key":"6_CR8","doi-asserted-by":"crossref","unstructured":"Manzoor, S., Luna, J., Suri, N.: AttackDive: diving deep into the cloud ecosystem to explore attack surfaces. In: Proceedings of IEEE Services Computing (SCC), pp. 499\u2013502 (2017)","DOI":"10.1109\/SCC.2017.74"},{"key":"6_CR9","doi-asserted-by":"crossref","unstructured":"Manzoor, S., Taha, A., Suri, N.: Trust validation of cloud IaaS: a customer-centric approach. In: Proceedings of IEEE Conference on Trust, Security and Privacy in Computing and Communications (Trustcom), pp. 97\u2013104 (2016)","DOI":"10.1109\/TrustCom.2016.0051"},{"key":"6_CR10","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1109\/MIC.2011.44","volume":"15","author":"D Miloji\u010di\u0107","year":"2011","unstructured":"Miloji\u010di\u0107, D., Llorente, I., Montero, R.: Opennebula: a cloud management tool. IEEE Internet Comput. 15, 11\u201314 (2011)","journal-title":"IEEE Internet Comput."},{"key":"6_CR11","unstructured":"Myagmar, S., Lee, A., Yurcik, W.: Threat modeling as a basis for security requirements. In: Symposium on Requirements Engineering for Information Security (SREIS), pp. 1\u20138 (2005)"},{"key":"6_CR12","doi-asserted-by":"crossref","unstructured":"Nurmi, D., et al.: The eucalyptus open-source cloud-computing system. In: Proceedings of Cluster Computing and the Grid (CCGRID), pp. 124\u2013131 (2009)","DOI":"10.1109\/CCGRID.2009.93"},{"key":"6_CR13","unstructured":"Oladimeji, E., Supakkul, S., Chung, L.: Security threat modeling and analysis: a goal-oriented approach. In: Proceedings of IEEE International Conference on Software Engineering and Applications (IASTED), pp. 13\u201315 (2006)"},{"key":"6_CR14","doi-asserted-by":"crossref","unstructured":"Perez-Botero, D., et al.: Characterizing hypervisor vulnerabilities in cloud computing servers. In: Proceedings of the International Workshop on Security in Cloud Computing, pp. 3\u201310 (2013)","DOI":"10.1145\/2484402.2484406"},{"key":"6_CR15","first-page":"38","volume":"55","author":"O Sefraoui","year":"2012","unstructured":"Sefraoui, O., Aissaoui, M., Eleuldj, M.: OpenStack: toward an open-source solution for cloud computing. Int. J. Comput. Appl. 55, 38\u201342 (2012)","journal-title":"Int. J. Comput. Appl."},{"key":"6_CR16","unstructured":"Swiderski, F., Snyder, W.: Threat Modeling. Microsoft Press (2004)"},{"key":"6_CR17","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1109\/MITP.2011.117","volume":"14","author":"H Tsai","year":"2012","unstructured":"Tsai, H., et al.: Threat as a service?: virtualization\u2019s impact on cloud security. IT Prof. 14, 32\u201337 (2012)","journal-title":"IT Prof."},{"key":"6_CR18","series-title":"Dependable Computing and Fault-Tolerant Systems","doi-asserted-by":"publisher","first-page":"233","DOI":"10.1007\/978-3-7091-9396-9_21","volume-title":"Dependable Computing for Critical Applications 4","author":"CJ Walter","year":"1995","unstructured":"Walter, C.J., Suri, N., Hugue, M.M.: Continual on-line diagnosis of hybrid faults. In: Cristian, F., Le Lann, G., Lunt, T. (eds.) Dependable Computing for Critical Applications 4. DEPENDABLECOMP, vol. 9, pp. 233\u2013249. Springer, Vienna (1995). https:\/\/doi.org\/10.1007\/978-3-7091-9396-9_21"},{"key":"6_CR19","doi-asserted-by":"crossref","unstructured":"Wang, J.A., Guo, M.: Security data mining in an ontology for vulnerability management. In: Proceedings of IEEE Bioinformatics, Systems Biology and Intelligent Computing (IJCBS), pp. 597\u2013603 (2009)","DOI":"10.1109\/IJCBS.2009.13"},{"key":"6_CR20","unstructured":"Wang, P., Lin, W.-H., Kuo, P.-T., Lin, H.-T., Wang, T.C.: Threat risk analysis for cloud security based on attack-defense trees. In: Proceedings of Computing Technology and Information Management (ICCM), pp. 106\u2013111 (2012)"},{"key":"6_CR21","doi-asserted-by":"crossref","unstructured":"Winter, S., S\u00e2rbu, C., Suri, N., Murphy, B.: The impact of fault models on software robustness evaluations. In: Proceedings of International Conference on Software Engineering (ICSE), pp. 51\u201360 (2011)","DOI":"10.1145\/1985793.1985801"}],"container-title":["Lecture Notes in Computer Science","Information and Operational Technology Security Systems"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-12085-6_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,9,11]],"date-time":"2022-09-11T02:56:13Z","timestamp":1662864973000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-12085-6_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030120849","9783030120856"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-12085-6_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"30 January 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"IOSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Workshop on Information and Operational Technology Security Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Heraklion","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Greece","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 September 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 September 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iosec2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.raid2018.org\/cipsecworkshop.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"22","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"11","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"1","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"50% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}}]}}