{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,23]],"date-time":"2026-02-23T07:32:03Z","timestamp":1771831923381,"version":"3.50.1"},"reference-count":37,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/OAPA.html"}],"funder":[{"name":"Center for Cyber-physical System Innovation from The Featured Areas Research Center Program within the framework of the Higher Education Sprout Project by the Ministry of Education (MOE) in Taiwan"},{"DOI":"10.13039\/501100004663","name":"Ministry of Science and Technology, Taiwan","doi-asserted-by":"publisher","award":["MOST 105-2221-E-011-079-MY3"],"award-info":[{"award-number":["MOST 105-2221-E-011-079-MY3"]}],"id":[{"id":"10.13039\/501100004663","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100004663","name":"Ministry of Science and Technology, Taiwan","doi-asserted-by":"publisher","award":["MOST 105-2221-E-259-014-MY3"],"award-info":[{"award-number":["MOST 105-2221-E-259-014-MY3"]}],"id":[{"id":"10.13039\/501100004663","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100004663","name":"Ministry of Science and Technology, Taiwan","doi-asserted-by":"publisher","award":["MOST 105-2221-E-011-070-MY3"],"award-info":[{"award-number":["MOST 105-2221-E-011-070-MY3"]}],"id":[{"id":"10.13039\/501100004663","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100004663","name":"Ministry of Science and Technology, Taiwan","doi-asserted-by":"publisher","award":["MOST 107-2218-E-011-012"],"award-info":[{"award-number":["MOST 107-2218-E-011-012"]}],"id":[{"id":"10.13039\/501100004663","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Access"],"published-print":{"date-parts":[[2018]]},"DOI":"10.1109\/access.2018.2868726","type":"journal-article","created":{"date-parts":[[2018,9,5]],"date-time":"2018-09-05T18:47:20Z","timestamp":1536173240000},"page":"50510-50517","source":"Crossref","is-referenced-by-count":21,"title":["A Data-Driven Security Risk Assessment Scheme for Personal Data Protection"],"prefix":"10.1109","volume":"6","author":[{"given":"Shi-Cho","family":"Cha","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0598-761X","authenticated-orcid":false,"given":"Kuo-Hui","family":"Yeh","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/SocialCom.2010.133"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1145\/1330311.1330325"},{"key":"ref31","year":"2017"},{"key":"ref30","year":"2012","journal-title":"Guide for Conducting Risk Assessments"},{"key":"ref37","year":"1993","journal-title":"Information Technology–Open Systems Interconnection–The Directory Public-Key and Attribute Certificate Frameworks"},{"key":"ref36","author":"alberts","year":"2018","journal-title":"OCTAVE SM Threat Profiles"},{"key":"ref35","author":"howard","year":"2002","journal-title":"Writing Secure Code"},{"key":"ref34","first-page":"95","article-title":"A framework for comparing different information security risk analysis methodologies","author":"vorster","year":"2005","journal-title":"Proc Annu Res Conf South Afr Inst Comput Scientists Inf Technol IT Res Developing Countries (SAICSIT)"},{"key":"ref10","author":"whitman","year":"2010","journal-title":"Management of Information Security"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-30"},{"key":"ref12","author":"alberts","year":"2002","journal-title":"Managing Information Security Risks The OCTAVE (SM) Approach"},{"key":"ref13","author":"yazar","year":"2002","journal-title":"A qualitative risk analysis and management tool—CRAMM"},{"key":"ref14","year":"2014","journal-title":"MAGERIT—Version 3 0 Methodology for Information Systems Risk Analysis and Management"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2015.09.009"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1016\/j.dss.2016.02.012"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1016\/j.net.2016.11.004"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2016.05.008"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2017.09.004"},{"key":"ref28","year":"2006","journal-title":"The Security Risk Management Guide Version 1 2"},{"key":"ref4","year":"2017","journal-title":"BS 10012 2017 Data Protection–Specification for a Personal Information Management System"},{"key":"ref27","year":"1998","journal-title":"Information Technology–Security Techniques–Management of Information and Communications Technology Security—Part 4 Techniques for the Management of IT Security"},{"key":"ref3","year":"2015","journal-title":"Personal Information Protection Act"},{"key":"ref6","first-page":"31","year":"1995","journal-title":"Directive 95\/46\/EC of the European Parliament and of the Council of 24 October 1995 on the Protection of Individuals With Regard to the Processing of Personal Data and on the Free Movement of Such Data Official Journal of the European Communities No l 281"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/CSMR.2003.1192442"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-122"},{"key":"ref8","year":"2018","journal-title":"Payment Card Industry (PCI) Data Security Standard—Requirements and Security Assessment Procedures"},{"key":"ref7","year":"1980","journal-title":"Guidelines on the Protection of Privacy and Transborder Flows of Personal Data"},{"key":"ref2","year":"2018","journal-title":"DataLossDB"},{"key":"ref9","year":"2018","journal-title":"Information Technology–Security Techniques–Information Security Risk Management"},{"key":"ref1","year":"2018","journal-title":"Data Breaches"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1016\/S0378-7206(03)00044-2"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/NSS.2010.37"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/CSE.2009.217"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2008.88"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1016\/S0167-4048(03)00313-4"},{"key":"ref26","year":"2013","journal-title":"Information Technology–Security Techniques Information Security–Management Systems–Requirements"},{"key":"ref25","first-page":"124","article-title":"Threat modeling using attack trees","volume":"23","author":"saini","year":"2008","journal-title":"J Comput Sci Colleges"}],"container-title":["IEEE Access"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6287639\/8274985\/08454722.pdf?arnumber=8454722","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,12]],"date-time":"2022-01-12T16:15:39Z","timestamp":1642004139000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8454722\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"references-count":37,"URL":"https:\/\/doi.org\/10.1109\/access.2018.2868726","relation":{},"ISSN":["2169-3536"],"issn-type":[{"value":"2169-3536","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018]]}}}