{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,7]],"date-time":"2024-09-07T01:28:03Z","timestamp":1725672483991},"publisher-location":"Berlin, Heidelberg","reference-count":20,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642292309"},{"type":"electronic","value":"9783642292316"}],"license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-29231-6_6","type":"book-chapter","created":{"date-parts":[[2012,4,3]],"date-time":"2012-04-03T01:49:29Z","timestamp":1333417769000},"page":"64-76","source":"Crossref","is-referenced-by-count":6,"title":["Risk and Business Goal Based Security Requirement and Countermeasure Prioritization"],"prefix":"10.1007","author":[{"given":"Andrea","family":"Herrmann","sequence":"first","affiliation":[]},{"given":"Ayse","family":"Morali","sequence":"additional","affiliation":[]},{"given":"Sandro","family":"Etalle","sequence":"additional","affiliation":[]},{"given":"Roel","family":"Wieringa","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"doi-asserted-by":"crossref","unstructured":"Asnar, Y., Giorgini, P., Mylopoulos, J.: Goal-driven Risk Assessment in Requirements Engineering. Requirement Engineering Journal, 1\u201316 (2010)","key":"6_CR1","DOI":"10.1007\/s00766-010-0112-x"},{"issue":"1","key":"6_CR2","doi-asserted-by":"publisher","first-page":"101","DOI":"10.1007\/s10550-007-0013-9","volume":"25","author":"F. Braber","year":"2007","unstructured":"Braber, F., Hogganvik, I., Lund, M., St\u00f8len, K., Vraalsen, F.: Model-based Security Analysis in Seven Steps \u2014 a Guided Tour to the CORAS Method. BT Technology Journal\u00a025(1), 101\u2013117 (2007)","journal-title":"BT Technology Journal"},{"unstructured":"I.S.O. I.E. Commission. ISO\/IEC 9126, Information Technology - Software Product Evaluation - Quality Characteristics and Guidelines for Their Use (1991), \n                    \n                      http:\/\/www.iso.org","key":"6_CR3"},{"key":"6_CR4","doi-asserted-by":"publisher","first-page":"289","DOI":"10.1007\/978-3-642-12544-7_16","volume-title":"Intentional Perspectives on Information Systems Engineering","author":"E. Dubois","year":"2010","unstructured":"Dubois, E., Heymans, P., Mayer, N., Matulevicius, R.: A Systematic Approach to Define the Domain of Information System Security Risk Management. In: Nurcan, S., et al. (eds.) Intentional Perspectives on Information Systems Engineering, pp. 289\u2013306. Springer, Heidelberg (2010)"},{"key":"6_CR5","doi-asserted-by":"publisher","first-page":"579","DOI":"10.1016\/j.datak.2009.02.004","volume":"68","author":"G. Elahi","year":"2009","unstructured":"Elahi, G., Yu, E.: Modeling and Analysis of Security Trade-offs - A Goal Oriented Approach. Data Knowledge Engineering\u00a068, 579\u2013598 (2009)","journal-title":"Data Knowledge Engineering"},{"issue":"1","key":"6_CR6","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/s00766-009-0090-z","volume":"15","author":"G. Elahi","year":"2010","unstructured":"Elahi, G., Yu, E., Zannone, N.: A Vulnerability-centric Requirements Engineering Framework: Analyzing Security Attacks, Countermeasures, and Requirements Based on Vulnerabilities. Requir. Eng.\u00a015(1), 41\u201362 (2010)","journal-title":"Requir. Eng."},{"issue":"1","key":"6_CR7","doi-asserted-by":"publisher","first-page":"73","DOI":"10.1007\/s00766-007-0058-9","volume":"13","author":"A. Herrmann","year":"2008","unstructured":"Herrmann, A., Paech, B.: MOQARE: Misuse-oriented Quality Requirements Engineering. Requir. Eng.\u00a013(1), 73\u201386 (2008)","journal-title":"Requir. Eng."},{"unstructured":"Herrmann, A., Morali, A.: RiskREP: Risk-Based Security Requirements Elicitation and Prioritization (extended version). Technical Report TR-CTIT-10-28, Centre for Telematics and Information Technology. University of Twente, Enschede (2010) ISSN 1381-3625, \n                    \n                      http:\/\/eprints.eemcs.utwente.nl\/18342\/","key":"6_CR8"},{"doi-asserted-by":"crossref","unstructured":"Islam, S., Houmb, S.: Integrating Risk Management Activities into Requirements Engineering. In: Proc. of the 4th Int. Conf. on Research Challenges in Information Science. IEEE Computer Society (2010)","key":"6_CR9","DOI":"10.1109\/RCIS.2010.5507389"},{"key":"6_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"262","DOI":"10.1007\/978-3-642-14192-8_24","volume-title":"Requirements Engineering: Foundation for Software Quality","author":"P. Karpati","year":"2010","unstructured":"Karpati, P., Sindre, G., Opdahl, A.L.: Visualizing Cyber Attacks with Misuse Case Maps. In: Wieringa, R., Persson, A. (eds.) REFSQ 2010. LNCS, vol.\u00a06182, pp. 262\u2013275. Springer, Heidelberg (2010)"},{"doi-asserted-by":"crossref","unstructured":"Kazman, R., Klein, M., Clements, P., Compton, N.: Atam: Method for Architecture Evaluation. Technical Report CMU\/SEI-2000-TR-004, CMU (2000)","key":"6_CR11","DOI":"10.21236\/ADA382629"},{"unstructured":"Mayer, N., Dubois, E., Rifaut, A.: Requirements Engineering for Improving Business\/IT Alignment in Security Risk Management Methods. In: Proc. of the 3rd Int. Conf. Interoperability for Enterprise Software and Applications, I-ESA, p. 12 (2007)","key":"6_CR12"},{"doi-asserted-by":"crossref","unstructured":"Moore, A.P., Ellison, R.J., Linger, R.C.: Attack Modeling for Information Security and Survivability. Technical Report CMU\/SEI-2001-TN-001, CMU (2001)","key":"6_CR13","DOI":"10.21236\/ADA387544"},{"unstructured":"Morali, A.: IT Architecture-Based Confidentiality Risk Assessment in Networks of Organizations. PhD thesis, University of Twente, Enschede, The Netherlands (2011)","key":"6_CR14"},{"key":"6_CR15","doi-asserted-by":"publisher","first-page":"92","DOI":"10.1109\/52.903174","volume":"18","author":"J. Mylopoulos","year":"2001","unstructured":"Mylopoulos, J., Chung, L., Liao, S., Wang, H., Yu, E.: Exploring Alternatives during Requirements Analysis. IEEE Software\u00a018, 92\u201396 (2001)","journal-title":"IEEE Software"},{"doi-asserted-by":"crossref","unstructured":"Phillips, C., Swiler, L.: A Graph-based System for Network-Vulnerability Analysis. In: Proc. of the 1998 Workshop on New Security Paradigms, pp. 71\u201379. ACM (1998)","key":"6_CR16","DOI":"10.1145\/310889.310919"},{"issue":"1","key":"6_CR17","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1007\/s00766-004-0194-4","volume":"10","author":"G. Sindre","year":"2005","unstructured":"Sindre, G., Opdahl, A.: Eliciting Security Requirements with Misuse Cases. Requir. Eng.\u00a010(1), 34\u201344 (2005)","journal-title":"Requir. Eng."},{"unstructured":"Stamatis, D.: Failure Mode and Effect Analysis FMEA from Theory to Execution. American Society for Quality Press (2003)","key":"6_CR18"},{"unstructured":"van Lamsweerde, A., Brohez, S., Landtsheer, R.D., Janssens, D.: From System Goals to Intruder Anti-goals: Attack Generation and Resolution for Security Requirements Engineering. In: Proc. of RHAS Workshop, Essener Informatik Beitraege, vol.\u00a0Bd 6, pp. 49\u201356 (2003)","key":"6_CR19"},{"unstructured":"Zambon E.: Towards Optimal IT Availability Planning: Methods and Tools. PhD thesis, University of Twente, Enschede, The Netherlands (2011)","key":"6_CR20"}],"container-title":["Lecture Notes in Business Information Processing","Workshops on Business Informatics Research"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-29231-6_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,20]],"date-time":"2019-05-20T19:14:34Z","timestamp":1558379674000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-29231-6_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642292309","9783642292316"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-29231-6_6","relation":{},"ISSN":["1865-1348","1865-1356"],"issn-type":[{"type":"print","value":"1865-1348"},{"type":"electronic","value":"1865-1356"}],"subject":[],"published":{"date-parts":[[2012]]}}}