{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,14]],"date-time":"2026-03-14T18:41:27Z","timestamp":1773513687973,"version":"3.50.1"},"reference-count":21,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1109\/edoc.2002.1137696","type":"proceedings-article","created":{"date-parts":[[2003,6,26]],"date-time":"2003-06-26T01:03:42Z","timestamp":1056589422000},"page":"51-62","source":"Crossref","is-referenced-by-count":45,"title":["Model-based risk assessment to improve enterprise security"],"prefix":"10.1109","author":[{"given":"J.O.","family":"Aagedal","sequence":"first","affiliation":[]},{"given":"F.","family":"den Braber","sequence":"additional","affiliation":[]},{"given":"T.","family":"Dimitrakos","sequence":"additional","affiliation":[]},{"given":"B.A.","family":"Gran","sequence":"additional","affiliation":[]},{"given":"D.","family":"Raptis","sequence":"additional","affiliation":[]},{"given":"K.","family":"Stolen","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/TOOLS.2000.891363"},{"key":"ref11","article-title":"Templates for Misuse Description","author":"sindre","year":"0","journal-title":"Seventh International Workshop on Requirements Engineering Foundation for Software Quality Interlaken Switzerland"},{"key":"ref12","article-title":"Ponder: A Language for Specifying Security and Management Policies for Distributed Systems - Version 2.3","author":"damianou","year":"2000","journal-title":"Department of Computing Imperial College London UK Imperial College Research Report DoC 2000\/1"},{"key":"ref13","article-title":"Dos and Don'ts of Client Authentication on the Web","author":"fu","year":"2001","journal-title":"MIT Laboratory for Computer Science technical report"},{"key":"ref14","article-title":"Security Assessments of Safety Critical Systems Using HAZOPs","author":"winther","year":"0","journal-title":"20th International Conference on Computer Safety Reliability and Security SAFECOMP 2001"},{"key":"ref15","article-title":"Common Criteria for Information Technology Security Evaluation","year":"0","journal-title":"Common Criteria Organisation"},{"key":"ref16","article-title":"Information Security Evaluation Criteria","year":"0","journal-title":"Communications-Electronics Security Group"},{"key":"ref17","article-title":"Information Technology &#x2013;&#x2013; Security techniques &#x2013;&#x2013; Evaluation Criteria for IT Security","year":"1999","journal-title":"ISO\/IEC 15408&#x2013;1"},{"key":"ref18","article-title":"Surety Analysis","year":"0","journal-title":"Sandia National Laboratories"},{"key":"ref19","article-title":"RSDA","year":"0","journal-title":"Reactive System Design Support"},{"key":"ref4","article-title":"AS\/NZS 4360: Risk Management","year":"1999","journal-title":"Standards Australia"},{"key":"ref3","article-title":"Guidelines for the management of IT Security - Part 1: Concepts and models for IT Security","year":"2001"},{"key":"ref6","author":"kruchten","year":"1998","journal-title":"Rational Unified Process"},{"key":"ref5","article-title":"Basic reference model of open distributed processing, part 1: Overview","year":"1995","journal-title":"ITU-T X 901 - ISO\/IEC 10746&#x2013;1"},{"key":"ref8","article-title":"IEEE Recommended Practice for Software Requirements Specifications","year":"0"},{"key":"ref7","article-title":"The CORAS Framework for a model-based risk management process","author":"fredriksen","year":"0","journal-title":"SAFECOMP'92 International Conference on Safety Security and Reliability of Computers"},{"key":"ref2","article-title":"OMG Unified Modeling Language Specification, v1.4,&#x201D; Object Management Group, formal\/01&#x2013;09&#x2013;67","year":"2001"},{"key":"ref1","article-title":"CORAS: A platform for risk analysis of security critical systems","year":"2000"},{"key":"ref9","article-title":"IEEE Guide for Developing System Requirements Specifications","year":"0"},{"key":"ref20","article-title":"COBIT","year":"0","journal-title":"Control Objectives for Information and Related Technology"},{"key":"ref21","article-title":"The Use of the CCTA Risk Analysis and Management Methodology CRAMM in Health Information Systems","author":"barber","year":"0","journal-title":"MEDINFO 92"}],"event":{"name":"EDOC 2002 - 6th IEEE International Conference on Enterprise Distributed Object Computing","location":"Lausanne, Switzerland","acronym":"EDOC-02"},"container-title":["Proceedings. Sixth International Enterprise Distributed Object Computing"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/8230\/25384\/01137696.pdf?arnumber=1137696","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,3,13]],"date-time":"2017-03-13T16:14:53Z","timestamp":1489421693000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/1137696\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"references-count":21,"URL":"https:\/\/doi.org\/10.1109\/edoc.2002.1137696","relation":{},"subject":[]}}