{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T01:58:52Z","timestamp":1743040732732,"version":"3.40.3"},"publisher-location":"Wiesbaden","reference-count":10,"publisher":"Springer Fachmedien Wiesbaden","isbn-type":[{"type":"print","value":"9783658067076"},{"type":"electronic","value":"9783658067083"}],"license":[{"start":{"date-parts":[[2014,1,1]],"date-time":"2014-01-01T00:00:00Z","timestamp":1388534400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2014,1,1]],"date-time":"2014-01-01T00:00:00Z","timestamp":1388534400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-658-06708-3_3","type":"book-chapter","created":{"date-parts":[[2014,10,17]],"date-time":"2014-10-17T06:50:27Z","timestamp":1413528627000},"page":"49-55","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["An Effective Approach for Assessing the Risk of Acquired IT Products"],"prefix":"10.1007","author":[{"given":"Eric","family":"Baize","sequence":"first","affiliation":[]},{"given":"Steve","family":"Lipner","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2014,10,18]]},"reference":[{"key":"3_CR5","doi-asserted-by":"crossref","unstructured":"[AlMR05] Alhazmi, Omar and Malaiya, Yashwant and Ray, Indrajit: Security vulnerabilities in software systems: a quantitative perspective. In: Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security (DBSec\u201905), Springer-Verlag, 2005, p. 281-294.","DOI":"10.1007\/11535706_21"},{"key":"3_CR6","unstructured":"[ISO-AS] International Standard ISO\/IEC 27034-1: Information technology \u2013 Security techniques \u2013 Application security \u2013 Part 1: Overview and concepts, 2011, p. 10."},{"key":"3_CR7","unstructured":"[ISO-CC] International Standard ISO\/IEC 15408-1: Information technology \u2013 Security techniques \u2013 Evaluation criteria for IT security \u2013 Part 1: Introduction and general model, 2009."},{"key":"3_CR8","unstructured":"[ISO-VD] International Standard ISO\/IEC 29147: Information technology \u2013 Security techniques \u2013 Vulnerability disclosure, 2014."},{"key":"3_CR9","unstructured":"[ISO-VH] International Standard ISO\/IEC 30111: Information technology \u2013 Security techniques \u2013 Vulnerability handling processes, 2013."},{"key":"3_CR10","unstructured":"[HoLi06] Michael Howard, Steve Lipner, The Security Development Lifecycle, Microsoft Press, 2006."},{"key":"3_CR11","unstructured":"[Mcgr06] Gary McGraw: Software Security: Building Security In, ISBN 978-0-321-35670-3, 2006."},{"key":"3_CR12","unstructured":"[OCC-13] US Department of Treasury \u2013 Office of the Comptroller of the Currency \u2013 Bulletin 2013-29: Risk Management Guidance, 2013."},{"key":"3_CR13","unstructured":"[Safe11] SAFECode: Fundamental Practices for Secure Software Development \u2013 2nd Edition, http:\/\/www.safecode.org, 2011."},{"key":"3_CR14","unstructured":"[US-NVD] National Institute of Standards and Technology: National Vulnerability Database, http:\/\/nvd.nist.gov\/."}],"container-title":["ISSE 2014 Securing Electronic Business Processes"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-658-06708-3_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,5,3]],"date-time":"2024-05-03T14:13:50Z","timestamp":1714745630000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-658-06708-3_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783658067076","9783658067083"],"references-count":10,"URL":"https:\/\/doi.org\/10.1007\/978-3-658-06708-3_3","relation":{},"subject":[],"published":{"date-parts":[[2014]]},"assertion":[{"value":"18 October 2014","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}