{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,5]],"date-time":"2026-05-05T01:47:20Z","timestamp":1777945640121,"version":"3.51.4"},"publisher-location":"Cham","reference-count":48,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030754174","type":"print"},{"value":"9783030754181","type":"electronic"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-75418-1_40","type":"book-chapter","created":{"date-parts":[[2021,4,30]],"date-time":"2021-04-30T15:04:51Z","timestamp":1619795091000},"page":"883-904","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Security Architecture Framework for Enterprises"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-5658-6483","authenticated-orcid":false,"given":"Michelle","family":"Graham","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0309-4332","authenticated-orcid":false,"given":"Katrina","family":"Falkner","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2501-1155","authenticated-orcid":false,"given":"Claudia","family":"Szabo","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0401-4197","authenticated-orcid":false,"given":"Yuval","family":"Yarom","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2021,5,1]]},"reference":[{"key":"40_CR1","unstructured":"ASD. Cyber Crime in Australia July to September 2019 (2020)"},{"key":"40_CR2","first-page":"13","volume":"6","author":"T Patterson","year":"2003","unstructured":"Patterson, T.: Holistic security: why doing more can cost you less and lower your risk. Comput. Fraud Secur. 6, 13\u201315 (2003)","journal-title":"Comput. Fraud Secur."},{"key":"40_CR3","unstructured":"Roeleven, S., Broer, J.: Why Two Thirds of Enterprise Architecture Projects Fail. ARIS Expert Paper (2010)"},{"key":"40_CR4","unstructured":"Angelo, S.: Security Architecture Model Component Overview. Sans Security Essentials (2001)"},{"key":"40_CR5","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4842-2740-4","volume-title":"Cyber Security on Azure","author":"M Copeland","year":"2017","unstructured":"Copeland, M.: Cyber Security on Azure. Apress, Berkeley (2017). https:\/\/doi.org\/10.1007\/978-1-4842-2740-4"},{"key":"40_CR6","unstructured":"Gorazo. Enterprise Architecture Literature Review (2014)"},{"key":"40_CR7","unstructured":"Anderson, R.: Security Engineering. John Wiley & Sons, New Jersey (2008)"},{"issue":"7","key":"40_CR8","doi-asserted-by":"publisher","first-page":"580","DOI":"10.1016\/S0167-4048(03)00705-3","volume":"22","author":"R Moulton","year":"2003","unstructured":"Moulton, R., Coles, R.S.: Applying information security governance. Comput. Secur. 22(7), 580\u2013584 (2003)","journal-title":"Comput. Secur."},{"issue":"2","key":"40_CR9","doi-asserted-by":"publisher","first-page":"337","DOI":"10.25300\/MISQ\/2013\/37.2.01","volume":"37","author":"S Gregor","year":"2013","unstructured":"Gregor, S., Hevner, A.R.: Positioning and presenting design science research for maximum impact. MIS Q. 37(2), 337\u2013355 (2013)","journal-title":"MIS Q."},{"key":"40_CR10","doi-asserted-by":"crossref","unstructured":"Hevner, A.R., et al.: Design science in information systems research. MIS Quarterly, pp. 75\u2013105 (2004)","DOI":"10.2307\/25148625"},{"key":"40_CR11","doi-asserted-by":"crossref","unstructured":"Nunamaker Jr., J.F., Chen, M., Purdin, T.D.: Systems development in information systems research. J. Manag. Inform. Syst. 7(3), 89\u2013106 (1990)","DOI":"10.1080\/07421222.1990.11517898"},{"issue":"1","key":"40_CR12","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1057\/ejis.2014.36","volume":"25","author":"J Venable","year":"2016","unstructured":"Venable, J., Pries-Heje, J., Baskerville, R.: FEDS: a framework for evaluation in design science research. Eur. J. Inform. Syst. 25(1), 77\u201389 (2016)","journal-title":"Eur. J. Inform. Syst."},{"key":"40_CR13","doi-asserted-by":"crossref","unstructured":"Sein, M.K., et al.: Action design research. MIS Quarterly, pp. 37\u201356 (2011)","DOI":"10.2307\/23043488"},{"key":"40_CR14","unstructured":"Peffers, K., et al.: The design science research process: a model for producing and presenting information systems research. In: Proceedings of the First International Conference on Design Science Research in Information Systems and Technology (DESRIST 2006). ME Sharpe, Inc. (2006)"},{"key":"40_CR15","unstructured":"Oppenheim, A.N.: Questionnaire Design, Interviewing and Attitude Measurement. Bloomsbury Publishing, London (2000)"},{"issue":"3","key":"40_CR16","doi-asserted-by":"publisher","first-page":"276","DOI":"10.1147\/sj.263.0276","volume":"26","author":"JA Zachman","year":"1987","unstructured":"Zachman, J.A.: A framework for information systems architecture. IBM Syst. J. 26(3), 276\u2013292 (1987)","journal-title":"IBM Syst. J."},{"key":"40_CR17","unstructured":"EBI. E.B.I., Glossary (2015)"},{"key":"40_CR18","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1016\/S1361-3723(05)70275-X","volume":"11","author":"J Eloff","year":"2005","unstructured":"Eloff, J., Eloff, M.: Information security architecture. Comput. Fraud Secur. 11, 10\u201316 (2005)","journal-title":"Comput. Fraud Secur."},{"key":"40_CR19","unstructured":"ITGI. I.G.I., Board briefing on IT governance. Information Systems Audit and Control Foundation (2001)"},{"key":"40_CR20","unstructured":"Anderson, R.: Why information security is hard-an economic perspective. In: Proceedings 17th Annual Computer Security Applications Conference, pp. 358\u2013365. IEEE (2001)"},{"key":"40_CR21","unstructured":"ISACA: An Introduction to the Business Model for Information Security (2009)"},{"key":"40_CR22","unstructured":"Vaishnavi, V., Kuechler, W.: Design research in information systems (2004)"},{"key":"40_CR23","doi-asserted-by":"crossref","unstructured":"McClintock, M., et al.: Enterprise security architecture: mythology or methodology? In: International Conference on Enterprise Information Systems (2020)","DOI":"10.5220\/0009404406790689"},{"key":"40_CR24","unstructured":"Crotty, M.: The Foundations of Social Research: Meaning and Perspective in the Research Process. Sage, London (1998)"},{"key":"40_CR25","unstructured":"Hirschheim, R.: Information systems epistemology: an historical perspective. Res. Methods Inform. Syst. 9, 13\u201335 (1985)"},{"key":"40_CR26","unstructured":"Fosnot, C.T.: Constructivism: Theory, Perspectives, and Practice. Teachers College Press, New York (2013)"},{"key":"40_CR27","unstructured":"Strauss, A., Corbin, J.: Basics of Qualitative Research Techniques. Sage Publications, New York (1998)"},{"issue":"1","key":"40_CR28","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1177\/160940690600500103","volume":"5","author":"J Mills","year":"2006","unstructured":"Mills, J., Bonner, A., Francis, K.: The development of constructivist grounded theory. Int. J. Qual. Methods 5(1), 25\u201335 (2006)","journal-title":"Int. J. Qual. Methods"},{"issue":"3","key":"40_CR29","doi-asserted-by":"publisher","first-page":"221","DOI":"10.1287\/isre.14.3.221.16560","volume":"14","author":"AS Lee","year":"2003","unstructured":"Lee, A.S., Baskerville, R.L.: Generalizing generalizability in information systems research. Inform. Syst. Res. 14(3), 221\u2013243 (2003)","journal-title":"Inform. Syst. Res."},{"key":"40_CR30","doi-asserted-by":"crossref","unstructured":"Williams, M.: Questionnaire design. Making Sense of Social Research, pp. 104\u2013124 (2003)","DOI":"10.4135\/9781849209434"},{"issue":"2","key":"40_CR31","doi-asserted-by":"publisher","first-page":"234","DOI":"10.1111\/j.1365-2702.2006.01573.x","volume":"16","author":"J Rattray","year":"2007","unstructured":"Rattray, J., Jones, M.C.: Essential elements of questionnaire design and development. J. Clin. Nurs. 16(2), 234\u2013243 (2007)","journal-title":"J. Clin. Nurs."},{"issue":"4","key":"40_CR32","doi-asserted-by":"publisher","first-page":"357","DOI":"10.1111\/j.1365-2575.2009.00328.x","volume":"20","author":"C Urquhart","year":"2010","unstructured":"Urquhart, C., Lehmann, H., Myers, M.D.: Putting the \u2018theory\u2019 back into grounded theory: guidelines for grounded theory studies in information systems. Inform. Syst. J. 20(4), 357\u2013381 (2010)","journal-title":"Inform. Syst. J."},{"key":"40_CR33","doi-asserted-by":"crossref","unstructured":"Starks, H., Brown Trinidad, S.: Choose your method: a comparison of phenomenology, discourse analysis, and grounded theory. Qual. Health Res. 17(10), 1372\u20131380 (2007)","DOI":"10.1177\/1049732307307031"},{"key":"40_CR34","first-page":"273","volume":"17","author":"A Strauss","year":"1994","unstructured":"Strauss, A., Corbin, J.: Grounded theory methodology. Handb. Qual. Res. 17, 273\u201385 (1994)","journal-title":"Handb. Qual. Res."},{"issue":"2","key":"40_CR35","doi-asserted-by":"publisher","first-page":"141","DOI":"10.1177\/002188638602200207","volume":"22","author":"PY Martin","year":"1986","unstructured":"Martin, P.Y., Turner, B.A.: Grounded theory and organizational research. J. Appl. Behav. Sci. 22(2), 141\u2013157 (1986)","journal-title":"J. Appl. Behav. Sci."},{"issue":"5","key":"40_CR36","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1016\/j.im.2008.12.007","volume":"46","author":"M Siponen","year":"2009","unstructured":"Siponen, M., Willison, R.: Information security management standards: problems and solutions. Inform. Manag. 46(5), 267\u2013270 (2009)","journal-title":"Inform. Manag."},{"key":"40_CR37","unstructured":"Bittler, R.S., Kreizman, G.: Gartner Enterprise Architecture Process: Evolution 2005. G00130849, Gartner, Stamford, CT, pp. 1\u201312 (2005)"},{"key":"40_CR38","unstructured":"Josey, A.: TOGAF Version 9.1 Enterprise Edition: An Introduction. The Open Group (2009)"},{"key":"40_CR39","unstructured":"USG. U.S.F.G., Introduction to the Federal Enterprise Architecture Framework V2 (2013)"},{"key":"40_CR40","unstructured":"DoD, C.: DoDAF Architecture Framework Version 2.02. Website, August 2010"},{"key":"40_CR41","unstructured":"ISO. I.S.O.\/I.E.C. 27000, 27001 and 27002 for information security management (2013)"},{"key":"40_CR42","unstructured":"Zachman, J.A.: The framework for enterprise architecture: background, description and utility. Zachman International (1996)"},{"key":"40_CR43","unstructured":"Sherwood, J., Clark, A., Lynas, D.: Enterprise security architecture. SABSA White Paper, vol. 2009 (1995)"},{"key":"40_CR44","doi-asserted-by":"publisher","first-page":"537","DOI":"10.1016\/j.procs.2010.12.089","volume":"3","author":"M Shariati","year":"2011","unstructured":"Shariati, M., Bahmani, F., Shams, F.: Enterprise information security, a review of architectures and frameworks from interoperability perspective. Procedia Comput. Sci. 3, 537\u2013543 (2011)","journal-title":"Procedia Comput. Sci."},{"key":"40_CR45","doi-asserted-by":"crossref","unstructured":"Oda, S.M., Fu, H., Zhu, Y.: Enterprise information security architecture a review of frameworks, methodology, and case studies. In: ICCSIT 2009. IEEE (2009)","DOI":"10.1109\/ICCSIT.2009.5234695"},{"key":"40_CR46","unstructured":"Zachman, J.P.: The Zachman Framework Evolution (2011)"},{"issue":"4","key":"40_CR47","doi-asserted-by":"publisher","first-page":"361","DOI":"10.1080\/10580530701586136","volume":"24","author":"AD Veiga","year":"2007","unstructured":"Veiga, A.D., Eloff, J.H.: An information security governance framework. Inform. Syst. Manag. 24(4), 361\u2013372 (2007)","journal-title":"Inform. Syst. Manag."},{"key":"40_CR48","doi-asserted-by":"crossref","unstructured":"Claycomb, W., Shin, D.: Mobile-driven architecture for managing enterprise security policies. In: ACMSE 2006. ACM (2006)","DOI":"10.1145\/1185448.1185569"}],"container-title":["Lecture Notes in Business Information Processing","Enterprise Information Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-75418-1_40","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,6,15]],"date-time":"2021-06-15T15:36:52Z","timestamp":1623771412000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-75418-1_40"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030754174","9783030754181"],"references-count":48,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-75418-1_40","relation":{},"ISSN":["1865-1348","1865-1356"],"issn-type":[{"value":"1865-1348","type":"print"},{"value":"1865-1356","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"1 May 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICEIS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Enterprise Information Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5 May 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7 May 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iceis2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.iceis.org\/?y=2020","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"PRIMORIS","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"255","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"90","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"37","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"35% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}