{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T10:51:04Z","timestamp":1725533464259},"publisher-location":"Berlin, Heidelberg","reference-count":19,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642021510"},{"type":"electronic","value":"9783642021527"}],"license":[{"start":{"date-parts":[[2009,1,1]],"date-time":"2009-01-01T00:00:00Z","timestamp":1230768000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-02152-7_28","type":"book-chapter","created":{"date-parts":[[2009,6,17]],"date-time":"2009-06-17T11:49:32Z","timestamp":1245239372000},"page":"375-385","source":"Crossref","is-referenced-by-count":4,"title":["On Business-Driven IT Security Management and Mismatches between Security Requirements in Firms, Industry Standards and Research Work"],"prefix":"10.1007","author":[{"given":"Christian","family":"Fr\u00fchwirth","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"28_CR1","unstructured":"Larsen, A.: Global security survey: Virus attack, \n                    \n                      http:\/\/Informationweek.com\/743\/security.htm\n                    \n                    \n                   (visited, October 2008)"},{"issue":"3","key":"28_CR2","doi-asserted-by":"publisher","first-page":"431","DOI":"10.3233\/JCS-2003-11308","volume":"11","author":"K. Campbell","year":"2003","unstructured":"Campbell, K., Gordon, L., Loeb, M., Zhou, L.: The Economic Cost of Publicly Announced Information Security Breaches: Empirical Evidence from the Stock Market. Journal of Computer Security\u00a011(3), 431\u2013448 (2003)","journal-title":"Journal of Computer Security"},{"key":"28_CR3","unstructured":"Ishiguro, M., Tanaka, H., Matsuura, K., Murase, I.: The Effect of Information Security Incidents on Corporate Values in the Japanese Stock Market. In: The Workshop on the Economics of Securing the Information Infrastructure, WESII (2006)"},{"key":"28_CR4","doi-asserted-by":"crossref","unstructured":"Telang, R., Wattal, S.: An Empirical Analysis of the Impact of Software Vulnerability Announcements on Firm Stock Price. IEEE Transactions on Software Engineering (2007)","DOI":"10.1109\/TSE.2007.70712"},{"key":"28_CR5","volume-title":"The Executive Guide to Information Security: Threats, Challenges, and Solutions","author":"M. Egan","year":"2004","unstructured":"Egan, M., Mather, T.: The Executive Guide to Information Security: Threats, Challenges, and Solutions. Addison-Wesley Professional, Reading (2004) ISBN: 0321304519"},{"key":"28_CR6","volume-title":"Introduction to Computer Security","author":"M. Bishop","year":"2004","unstructured":"Bishop, M.: Introduction to Computer Security. Addison-Wesley Longman, Amsterdam (2004) ISBN-10: 0321247442"},{"key":"28_CR7","unstructured":"ISACA, Information Systems Audit and Control Association (2000), COBIT, \n                    \n                      www.isaca.org\/COBIT\n                    \n                    \n                   (visited, May 2007)"},{"key":"28_CR8","doi-asserted-by":"crossref","unstructured":"Neubauer, Klemen, Biffl: Business Process-based Valuation of IT-Security. In: Proceedings of the seventh international workshop on Economics-driven software engineering research EDSER 2005 (2005)","DOI":"10.1145\/1083091.1083099"},{"key":"28_CR9","doi-asserted-by":"crossref","unstructured":"Roeckle, H., Schimpf, G., Weidinger, R.: Process-oriented approach for role-finding to implement role-based security administration in a large industrial organization. In: Proceedings of the fifth ACM workshop on Role-based access control table of contents, pp. 103\u2013110 (2000) ISBN:1-58113-259-X","DOI":"10.1145\/344287.344308"},{"key":"28_CR10","unstructured":"ISO\/IEC Std. ISO 17799:2005, Information Technology \u2013 Security Techniques - Code of Practice for Information Security Management, ISO (2005)"},{"key":"28_CR11","unstructured":"NVD, U.S. National Institute of Standards and Technology: National Vulnerability Database (NVD), \n                    \n                      http:\/\/nvd.nist.gov\/\n                    \n                    \n                   (visited October 21, 2008)"},{"issue":"1","key":"28_CR12","doi-asserted-by":"crossref","first-page":"69","DOI":"10.1080\/10864415.2004.11044320","volume":"9","author":"H. Cavusoglu","year":"2004","unstructured":"Cavusoglu, H., Mishra, B., Raghunathan, S.: The Effect of Internet Security Breach Announcements on Market Value: Capital Market Reactions for Breached Firms and Internet Security Developers. International Journal of Electronic Commerce\u00a09(1), 69 (2004)","journal-title":"International Journal of Electronic Commerce"},{"key":"28_CR13","unstructured":"Myagmar, S., Yurcik, W.: Why Johnny Can Hack: The Mismatch between Vulnerabilities and Security Standards. In: IEEE International Symposium on Secure Software Engineering, ISSSE 2006 (2006)"},{"key":"28_CR14","unstructured":"DoD, Department of Defense (1983), Trusted Computer System Evaluation Criteria,1983. DoD 5200.28-STD, Library No. S225, 7ll, \n                    \n                      http:\/\/csrc.ncsl.nist.gov\/publications\/secpubs\/rainbow\/std001.txt"},{"key":"28_CR15","unstructured":"CC, Common Criteria, and Common Criteria Recognition Agreement, (CCRA) (2006), http:\/\/www.commoncriteriaportal.org\/ (visited, January 2009)"},{"key":"28_CR16","unstructured":"Schneier, B.: Crypto-Gram Newsletter, Issue (November 15, 2008, \n                    \n                      http:\/\/www.schneier.com\/crypto-gram-0811.html#4"},{"issue":"3","key":"28_CR17","first-page":"1","volume":"15","author":"B. Boehm","year":"2005","unstructured":"Boehm, B.: Value-Based Software Engineering: Overview and Agenda. Value-Based Software Engineering: Overview and Agenda\u00a015(3), USC-CSE-2005-504 (2005)","journal-title":"Value-Based Software Engineering: Overview and Agenda"},{"key":"28_CR18","unstructured":"Biffl, S.: Message from the Track Chairs SPPI. In: 32nd EUROMICRO Conference on Software Engineering and Advanced Applications, EUROMICRO 2006 (2006)"},{"key":"28_CR19","unstructured":"Mell, P., Scarfone, P.: A Complete Guide to the Common Vulnerability Scoring System Version 2.0. National Institute of Standards and Technology 2007 (2007), \n                    \n                      http:\/\/www.first.org\/cvss\/cvss-guide.pdf"}],"container-title":["Lecture Notes in Business Information Processing","Product-Focused Software Process Improvement"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-02152-7_28","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,3,8]],"date-time":"2019-03-08T16:17:27Z","timestamp":1552061847000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-02152-7_28"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642021510","9783642021527"],"references-count":19,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-02152-7_28","relation":{},"ISSN":["1865-1348","1865-1356"],"issn-type":[{"type":"print","value":"1865-1348"},{"type":"electronic","value":"1865-1356"}],"subject":[],"published":{"date-parts":[[2009]]}}}