{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,22]],"date-time":"2024-10-22T16:14:14Z","timestamp":1729613654821,"version":"3.28.0"},"reference-count":30,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016,6]]},"DOI":"10.1109\/cybersecpods.2016.7502351","type":"proceedings-article","created":{"date-parts":[[2016,8,12]],"date-time":"2016-08-12T00:33:28Z","timestamp":1470962008000},"page":"1-6","source":"Crossref","is-referenced-by-count":4,"title":["Designing utility functions for game-theoretic cloud security assessment: a case for using the common vulnerability scoring system"],"prefix":"10.1109","author":[{"given":"Louai","family":"Maghrabi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Eckhard","family":"Pfluegel","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Senna Fathima","family":"Noorji","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"journal-title":"Common Vulnerability Scoring System v3 0 Specification Document","year":"2015","key":"ref30"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.5120\/14148-2314"},{"key":"ref11","first-page":"37","article-title":"The OCTAVE approach to information security risk assessment","volume":"4","author":"panda","year":"2009","journal-title":"Information Systems Control Journal"},{"key":"ref12","doi-asserted-by":"crossref","DOI":"10.21236\/ADA634134","article-title":"Introduction to the octave approach","author":"alberts","year":"2003"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.4236\/jis.2014.54016"},{"journal-title":"NIST","article-title":"Risk management framework (rmf) overview","year":"2014","key":"ref14"},{"journal-title":"Technical guide to information security testing and assessment Recommendations of the National Institute of Standards and Technology DIANE Publishing","year":"2009","author":"scarfone","key":"ref15"},{"key":"ref16","first-page":"67","article-title":"An introduction to factor analysis of information risk (FAIR)","volume":"2","author":"jones","year":"2006","journal-title":"Norwich Journal of Information Assurance"},{"key":"ref17","first-page":"1","article-title":"Prioritizing information security risks with threat agent risk assessment","author":"rosenquist","year":"2009","journal-title":"Intel"},{"key":"ref18","article-title":"RFID security threat model","author":"thompson","year":"2006","journal-title":"Conference on Applied Researchin Information Technology"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.6029\/smartcr.2012.01.007"},{"key":"ref28","first-page":"v3-639","article-title":"A network security assessment model based on attack-defense game theory","volume":"3","author":"wang","year":"2010","journal-title":"Computer Application and System Modeling (ICCASM) 2010 International Conference on"},{"journal-title":"McAfee Centre for Strategic &International Studies","article-title":"Net losses: Estimating the global cost of cybercrime","year":"2014","key":"ref4"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/FGCN.2008.166"},{"journal-title":"Cloud Security Alliance","article-title":"The notorious nine: cloud computing top threats in 2013","year":"2013","key":"ref3"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/ICCSCE.2013.6719955"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-55415-5_2"},{"journal-title":"Cisco Tech Rep","article-title":"Cisco global cloud index: Forecast and methodology, 2014-2019","year":"2015","key":"ref5"},{"key":"ref8","article-title":"A Framework for Assessing 20 Critical Controls Using ISO 15504 and COBIT 5 Process Assessment Model (PAM)","author":"riffat","year":"2015","journal-title":"SANS Institute Tech Rep"},{"key":"ref7","first-page":"2003","article-title":"Implementing a successful security assessment process","volume":"9","author":"hart","year":"2001","journal-title":"Retrieved February"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/ISSA.2011.6027519"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1016\/j.dss.2009.02.005"},{"key":"ref1","doi-asserted-by":"crossref","DOI":"10.6028\/NIST.SP.800-145","article-title":"The NIST definition of cloud computing","author":"mell","year":"2011"},{"key":"ref20","first-page":"160","article-title":"New framework for comparing information security risk assessment methodologies","volume":"5","author":"derakhshandeh","year":"2011","journal-title":"Australian Journal of Basic and Applied Sciences"},{"key":"ref22","first-page":"689","article-title":"Computing optimal randomized resource allocations for massive security games","author":"kiekintveld","year":"2009","journal-title":"Proceedings of The 8th International Conference on Autonomous Agents and Multiagent Systems - Volume 1 ser AAMAS &#x2018;09"},{"article-title":"Review of Security Assessment Frameworks and Their Suitability for Use in an Organisation","year":"2014","author":"bashkel","key":"ref21"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1016\/j.csi.2014.08.007"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1111\/j.1539-6924.2009.01247.x"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1109\/CSSE.2008.1651"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2004.55"}],"event":{"name":"2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)","start":{"date-parts":[[2016,6,13]]},"location":"London, United Kingdom","end":{"date-parts":[[2016,6,14]]}},"container-title":["2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/7502239\/7502334\/07502351.pdf?arnumber=7502351","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,12]],"date-time":"2019-09-12T12:54:53Z","timestamp":1568292893000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7502351\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,6]]},"references-count":30,"URL":"https:\/\/doi.org\/10.1109\/cybersecpods.2016.7502351","relation":{},"subject":[],"published":{"date-parts":[[2016,6]]}}}