{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,2]],"date-time":"2025-08-02T18:01:12Z","timestamp":1754157672819,"version":"3.41.2"},"reference-count":18,"publisher":"Emerald","issue":"5","license":[{"start":{"date-parts":[[1998,12,1]],"date-time":"1998-12-01T00:00:00Z","timestamp":912470400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[1998,12,1]]},"abstract":"<jats:p>Using new concepts, such as those on which Java is based, it is now possible to define a new framework within which risk analyses can be performed on electronic communications. In order truly to be effective, risk analyses must be done in real time, owing to the dynamic nature of open, distributed public networks. The strength of these public networks lies in the many routes available for a message to travel from point A to point B, thus ensuring that the message will be delivered. These many routes, however, also constitute the biggest security weakness in public networks, as it is impossible proactively to determine the route a message will follow. In a bid to compensate for the said weakness, this article will be devoted to a discussion on a framework in terms of which Real\u2010time Risk Analysis (RtRA) can, henceforth, be performed to determine a risk value for a communications session, rather than for the network components used on routes that need to be fixed and known in advance, as for conventional risk analysis. A communication session is defined as the transfer of data between two hosts; for example, exchanging e\u2010mail messages over open, distributed public networks RtRA produces a risk value that can be used to determine the appropriate countermeasures with which to minimise the risk associated with a communication session.<\/jats:p>","DOI":"10.1108\/09685229810240121","type":"journal-article","created":{"date-parts":[[2002,7,27]],"date-time":"2002-07-27T02:08:10Z","timestamp":1027735690000},"page":"212-217","source":"Crossref","is-referenced-by-count":0,"title":["Real\u2010time risk analysis using Java concepts"],"prefix":"10.1108","volume":"6","author":[{"given":"L.","family":"Labuschagne","sequence":"first","affiliation":[]},{"given":"J.H.P.","family":"Eloff","sequence":"additional","affiliation":[]}],"member":"140","reference":[{"key":"key2022032020403292200_b1","unstructured":"Bowman, C.F. (1997), \u201cWhat price security?\u201d, IBM, http:\/\/www.ibm.com\/java\/education\/whatprice.tml"},{"key":"key2022032020403292200_b2","unstructured":"CCTA (1993), The CCTA Risk Analysis and Management Method (CRAMM) User Guide, Version 2.1, CCTA, UK."},{"key":"key2022032020403292200_b3","doi-asserted-by":"crossref","unstructured":"Ciechanowicz, Z. (1997), \u201cRisk analysis: requirements, conflicts and problems\u201d, Computers and Security, Vol. 16 No. 3, pp. 223\u201032.","DOI":"10.1016\/S0167-4048(97)00004-7"},{"key":"key2022032020403292200_b4","unstructured":"Chong, H. (1998), \u201cInternet security, ActiveX and Java\u201d, IBM, http:\/\/www.ibm.com\/java\/education\/internet\u2010security.tml"},{"key":"key2022032020403292200_b5","unstructured":"CLUSIF (1994), Management of the Information Security Master Plan\u2010 MARION, CLUSIF, Paris."},{"key":"key2022032020403292200_b6","doi-asserted-by":"crossref","unstructured":"Computer Fraud and Security (1998a), \u201cSun premieres Java cryptography toolkit\u201d, Computer Fraud and Security,January, p. 7.","DOI":"10.1016\/S1361-3723(98)90261-5"},{"key":"key2022032020403292200_b7","doi-asserted-by":"crossref","unstructured":"Computer Fraud and Security (1998b), \u201cJAVA risks are hype, say experts\u201d, Computer Fraud and Security, May, p. 6.","DOI":"10.1016\/S1361-3723(98)90065-3"},{"key":"key2022032020403292200_b8","doi-asserted-by":"crossref","unstructured":"De Ru, W.G. and Eloff, J.H.P. (1996), \u201cRisk analysis modelling with the use of fuzzy logic\u201d, Computers and Security, Vol. 15 No. 3, pp. 239\u201048.","DOI":"10.1016\/0167-4048(96)00008-9"},{"key":"key2022032020403292200_b9","doi-asserted-by":"crossref","unstructured":"Gong, L. (1997), \u201cJAVA Security: present and near future\u201d, IEEE Micro, May\/June, pp. 14\u201019.","DOI":"10.1109\/40.591650"},{"key":"key2022032020403292200_b10","unstructured":"Inside\u2010java.com (1998), \u201cJava Security API \u2010 Example\u201d, Inside\u2010java.com, http:\/\/www.inside\u2010java.com\/articles\/crypto\/ index.tml"},{"key":"key2022032020403292200_b11","doi-asserted-by":"crossref","unstructured":"Karjoth, G., Lange, D.B. and Oshima, M. (1997), \u201cA security model for aglets\u201d, IEEE Internet Computing, 1089\u20107801, pp. 68\u201077, also available at http:\/\/computer.org\/internet","DOI":"10.1109\/4236.612220"},{"key":"key2022032020403292200_b12","doi-asserted-by":"crossref","unstructured":"Labuschagne, L. and Eloff, J.H.P. (1996), \u201cActivating dynamic countermeasures to reduce risk\u201d, Information System Security \u2010 Facing the Information Society in the 21st Century, Chapman & Hall, London.","DOI":"10.1007\/978-1-5041-2919-0_16"},{"key":"key2022032020403292200_b13","unstructured":"McGraw, M. and Felten, E.W. (1997), Java Security, Wiley Computer Publishing, USA."},{"key":"key2022032020403292200_b14","unstructured":"Macgregor, Ret al. (1998), JAVA Network Security, Prentice\u2010Hall PTR, USA."},{"key":"key2022032020403292200_b15","unstructured":"SUN Microsystems (1997), \u201cServlet tutorial\u201d, SUN Microsystems Inc., http:\/\/java.sun.com\/products\/jdk\/1.\/docs\/ext\/servlet\/servlet_tutorial.html"},{"key":"key2022032020403292200_b16","doi-asserted-by":"crossref","unstructured":"Von Solms, R. (1997), \u201cDriving safely on the information superhighway\u201d, Information Management & Computer Security, Vol. 5 No. 1, pp. 20\u201022.","DOI":"10.1108\/09685229710168006"},{"key":"key2022032020403292200_b17","unstructured":"Von Solms, S.H. and Eloff, J.H.P. (1997), Information Security, Department of Computer Science, Rand Afrikaans University, Johannesburg, South Africa."},{"key":"key2022032020403292200_b18","unstructured":"XP Conseil (1990), The MARION and MELISA Methods, XP Conseil, Paris."}],"container-title":["Information Management &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/09685229810240121","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685229810240121\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685229810240121\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T00:09:49Z","timestamp":1753402189000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/6\/5\/212-217\/185796"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[1998,12,1]]},"references-count":18,"journal-issue":{"issue":"5","published-print":{"date-parts":[[1998,12,1]]}},"alternative-id":["10.1108\/09685229810240121"],"URL":"https:\/\/doi.org\/10.1108\/09685229810240121","relation":{},"ISSN":["0968-5227"],"issn-type":[{"type":"print","value":"0968-5227"}],"subject":[],"published":{"date-parts":[[1998,12,1]]}}}