{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,30]],"date-time":"2026-04-30T06:41:44Z","timestamp":1777531304958,"version":"3.51.4"},"publisher-location":"Berlin, Heidelberg","reference-count":31,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540755623","type":"print"},{"value":"9783540755630","type":"electronic"}],"license":[{"start":{"date-parts":[[2007,1,1]],"date-time":"2007-01-01T00:00:00Z","timestamp":1167609600000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2007]]},"DOI":"10.1007\/978-3-540-75563-0_26","type":"book-chapter","created":{"date-parts":[[2007,11,13]],"date-time":"2007-11-13T07:07:07Z","timestamp":1194937627000},"page":"375-390","source":"Crossref","is-referenced-by-count":52,"title":["A Goal Oriented Approach for Modeling and Analyzing Security Trade-Offs"],"prefix":"10.1007","author":[{"given":"Golnaz","family":"Elahi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Eric","family":"Yu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"26_CR1","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1016\/0167-6423(93)90021-G","volume":"20","author":"A. Dardenne","year":"1993","unstructured":"Dardenne, A., van Lamsweerde, A., Fickas, S.: Goal-Directed Requirements Acquisition. The Science of Computer Programming\u00a020, 3\u201350 (1993)","journal-title":"The Science of Computer Programming"},{"key":"26_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"108","DOI":"10.1007\/3-540-45341-5_8","volume-title":"Advanced Information Systems Engineering","author":"J. Castro","year":"2001","unstructured":"Castro, J., Kolp, M., Mylopoulos, J.: A requirements-driven development methodology, In Proc. of the 13th Int. Conf. on Advanced Information Systems Engineering, CAiSE\u201901. In: Dittrich, K.R., Geppert, A., Norrie, M.C. (eds.) CAiSE 2001. LNCS, vol.\u00a02068, pp. 108\u2013123. Springer, Heidelberg (2001)"},{"key":"26_CR3","unstructured":"Liu, L., Yu, E., Mylopoulos, J.: Analyzing Security Requirements as Relationships among Strategic Actors. In: 2nd Symp. on Requirements Engineering for Information Security (SREIS) (2002)"},{"key":"26_CR4","volume-title":"Security Engineering: a guide to Building dependable Distributed systems","author":"R. Anderson","year":"2001","unstructured":"Anderson, R.: Security Engineering: a guide to Building dependable Distributed systems. John Wiley and Sons, Chichester (2001)"},{"key":"26_CR5","first-page":"151","volume-title":"IEEE Joint Int. Conf. on Requirements Engineering","author":"L. Liu","year":"2003","unstructured":"Liu, L., Yu, E., Mylopoulos, J.: Security and Privacy Requirements Analysis within a Social Setting. In: IEEE Joint Int. Conf. on Requirements Engineering, pp. 151\u2013161. IEEE Computer Society Press, Los Alamitos (2003)"},{"key":"26_CR6","doi-asserted-by":"publisher","first-page":"167","DOI":"10.1109\/RE.2005.43","volume-title":"13th IEEE Int. Requirements Engineering Conf","author":"P. Giorgini","year":"2005","unstructured":"Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N.: Modeling Security Requirements through Ownership, Permission and Delegation. In: 13th IEEE Int. Requirements Engineering Conf, pp. 167\u2013176. IEEE Computer Society Press, Los Alamitos (2005)"},{"key":"26_CR7","unstructured":"Yu, E.: Modeling Strategic Relationships for Process Reengineering, PhD thesis, Department of Computer Science, University of Toronto, Canada (1995)"},{"key":"26_CR8","doi-asserted-by":"crossref","unstructured":"Yu, E.: Towards Modelling and Reasoning Support for Early-Phase Requirements Engineering. In: Proc. of the 3rd IEEE Int. Symp. on Requirements Engineering, pp. 226\u2013235 (1997)","DOI":"10.1109\/ISRE.1997.566873"},{"key":"26_CR9","unstructured":"Szolovits, P., Doyle, J., Long, W.J.: Guardian Angel: Patient-Centered Health Information Systems: MIT\/LCS\/TR-604, Available at: http:\/\/www.ga.org\/ga"},{"key":"26_CR10","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4615-5269-7","volume-title":"Non-Functional Requirements in Software Engineering","author":"L. Chung","year":"2000","unstructured":"Chung, L., Nixon, B.A., Yu, E., Mylopoulos, J.: Non-Functional Requirements in Software Engineering. Kluwer Academic Publishing, Dordrecht (2000)"},{"key":"26_CR11","volume-title":"Software Architecture in Practice","author":"L. Bass","year":"2003","unstructured":"Bass, L., Clements, P., Kazman, R.: Software Architecture in Practice, 2nd edn. Addison Wesley, London, UK (2003)","edition":"2"},{"key":"26_CR12","unstructured":"Horkoff, J.: Using i* Models for Evaluation, Masters Thesis, University of Toronto, Department of Computer Science (2006)"},{"key":"26_CR13","volume-title":"Security in Computing","author":"C.P. Pfleeger","year":"2002","unstructured":"Pfleeger, C.P., Pfleeger, S.L.: Security in Computing, 3rd edn. Prentice-Hall, Englewood Cliffs (2002)","edition":"3"},{"key":"26_CR14","first-page":"55","volume-title":"Proc.15th. IEEE Annual Computer Security Applications Conf.","author":"J. McDermott","year":"1999","unstructured":"McDermott, J., Fox, C.: Using Abuse Case Models for Security Requirements Analysis. In: McDermott, J., Fox, C. (eds.) Proc.15th. IEEE Annual Computer Security Applications Conf., pp. 55\u201364. IEEE Computer Society Press, Los Alamitos (1999)"},{"key":"26_CR15","volume-title":"Secure Systems Development with UML","author":"J. J\u00fcrjens","year":"2004","unstructured":"J\u00fcrjens, J.: Secure Systems Development with UML. Springer Academic Publishers, Germany (2004)"},{"key":"26_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1007\/978-3-540-24625-1_3","volume-title":"Software Engineering for Multi-Agent Systems II","author":"P. Bresciani","year":"2004","unstructured":"Bresciani, P., Giorgini, P., Mouratidis, H.: On Security Requirements Analysis for Multi-Agent Systems. In: Lucena, C., Garcia, A., Romanovsky, A., Castro, J., Alencar, P.S.C. (eds.) Software Engineering for Multi-Agent Systems II. LNCS, vol.\u00a02940, pp. 35\u201348. Springer, Heidelberg (2004)"},{"key":"26_CR17","unstructured":"Mouratidis, H., Giorgini, P., Manso, G., Philp, I.: A Natural Extension of Tropos Methodology for Modelling Security. In: Proc. of the Workshop on Agent-oriented methodologies, at OOPSLA, pp. 91\u2013103 (2002)"},{"key":"26_CR18","doi-asserted-by":"crossref","unstructured":"Mouratidis, H., Giorgini, P.: Manso, Modelling Secure Multiagent Systems. In: the 2nd Int. Conf. on Autonomous Agents and Multiagent Systems, pp. 859\u2013866 (2003)","DOI":"10.1145\/860710.860713"},{"key":"26_CR19","doi-asserted-by":"crossref","unstructured":"Grance, T., Stevens, M., Myers, M.: Guide to Selecting Information Technology Security Products, Recommendations of the National Institute of Standards and Technology, NIST Special Publication 800\u2013836 (2003)","DOI":"10.6028\/NIST.SP.800-36"},{"key":"26_CR20","doi-asserted-by":"crossref","unstructured":"Haley, C.B., Moffett, J.D., Laney, R., Nuseibeh, B.: A framework for security requirements engineering. In: Software Engineering for Secure Systems Workshop (SESS\u201906), pp. 35\u201342 (2006)","DOI":"10.1145\/1137627.1137634"},{"key":"26_CR21","doi-asserted-by":"publisher","first-page":"190","DOI":"10.4018\/978-1-59904-147-6.ch009","volume-title":"Integrating Security and Software Engineering: Advances and Future Visions","author":"S.H. Houmb","year":"2007","unstructured":"Houmb, S.H., Georg, G., J\u00fcrjens, J., France, R.: An Integrated Security Verification and Security Solution Design Trade-off Analysis. In: Integrating Security and Software Engineering: Advances and Future Visions, pp. 190\u2013219. IDEA Group Publishing, USA (2007)"},{"key":"26_CR22","first-page":"3","volume-title":"Enterprise Distributed Object Computing Conference, EDOC \u201906. 10th IEEE Int.","author":"P. Johnson","year":"2006","unstructured":"Johnson, P., Lagerstrom, R., Norman, P., Simonsson, M.: Extended Influence Diagrams for Enterprise Architecture Analysis. In: Enterprise Distributed Object Computing Conference, EDOC \u201906. 10th IEEE Int., pp. 3\u201312. IEEE Computer Society Press, Los Alamitos (2006)"},{"key":"26_CR23","unstructured":"Moffett, J.D., Haley, C.B., Nuseibeh, B.: Core Security Requirements Artefacts, Department of Computing, The Open University, Milton Keynes UK, Technical Report 2004\/23 (2004)"},{"key":"26_CR24","unstructured":"Mayer, N., Rifaut, A., Dubois, E.: Towards a Risk-Based Security Requirements Engineering Framework, 11th Int. Workshop on Requirements Engineering: Foundation for Software Quality (REFSQ\u201905) (2005)"},{"issue":"1","key":"26_CR25","doi-asserted-by":"publisher","first-page":"66","DOI":"10.1109\/MIC.2003.1167341","volume":"07","author":"R. Sandhu","year":"2003","unstructured":"Sandhu, R.: Good-Enough Security: Toward a Pragmatic Business-Driven Discipline,\" IEEE Internet Computing, Vol. IEEE Internet Computing\u00a007(1), 66\u201368 (2003)","journal-title":"IEEE Internet Computing"},{"key":"26_CR26","unstructured":"US-CERT Vulnerability Notes Database, United States Computer Emergency Readiness Team, http:\/\/www.kb.cert.org\/vuls"},{"key":"26_CR27","unstructured":"Houmb, S.H., Georg, G.: The Aspect-Oriented Risk-Driven Development (AORDD) Framework. In: Proc. of the Int. Conf. on Software Development (SWDC.REX), pp. 81\u201391 (2005)"},{"key":"26_CR28","doi-asserted-by":"crossref","unstructured":"Elahi, G., Yu, E.: A Goal Oriented Approach for Modeling and Analyzing Security Trade-Offs, Technical Report, University of Toronto, Department of Computer Science, Available (2007), at http:\/\/istar.rwth-aachen.de\/tiki-index.php?page=Security+Requirements+Engineering","DOI":"10.1007\/978-3-540-75563-0_26"},{"key":"26_CR29","unstructured":"Sasse, M.A.: Computer Security: Anatomy of a Usability Disaster, and a Plan for Recovery, Workshop on Human-Computer Interaction and Security Systems, CHI 2003, Fort Lauderdale (2003)"},{"key":"26_CR30","doi-asserted-by":"crossref","unstructured":"De Witt, A.J., Kuljis, J.: Aligning Usability And Security-A Usability Study Of Polaris. In: Proc. of the Symp. On Usable Privacy and Security (2006)","DOI":"10.1145\/1143120.1143122"},{"key":"26_CR31","first-page":"401","volume":"29","author":"A. Susi","year":"2005","unstructured":"Susi, A., Perini, A., Mylopoulos, J.: The Tropos Metamodel and its Use. Informatica\u00a029, 401\u2013408 (2005)","journal-title":"Informatica"}],"container-title":["Lecture Notes in Computer Science","Conceptual Modeling - ER 2007"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-75563-0_26","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,4]],"date-time":"2019-05-04T09:56:53Z","timestamp":1556963813000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-75563-0_26"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2007]]},"ISBN":["9783540755623","9783540755630"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-75563-0_26","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2007]]}}}