{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,6]],"date-time":"2025-11-06T11:52:02Z","timestamp":1762429922687},"reference-count":25,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2003]]},"DOI":"10.1109\/hicss.2003.1174904","type":"proceedings-article","created":{"date-parts":[[2004,6,22]],"date-time":"2004-06-22T16:27:43Z","timestamp":1087921663000},"page":"10 pp.","source":"Crossref","is-referenced-by-count":60,"title":["Information assurance measures and metrics - state of practice and proposed taxonomy"],"prefix":"10.1109","author":[{"given":"R.B.","family":"Vaughn","sequence":"first","affiliation":[]},{"given":"R.","family":"Henning","sequence":"additional","affiliation":[]},{"given":"A.","family":"Siraj","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref10","article-title":"IA metrics development and implementation","author":"bartol","year":"2001","journal-title":"Proceedings of Workshop on Information Security - System Rating and Ranking"},{"key":"ref11","article-title":"The case against numerical measures of information assurance","author":"mccallam","year":"2001","journal-title":"Proceedings of Workshop on Information Security - System Rating and Ranking"},{"key":"ref12","article-title":"Information Assurance operational readiness metrics","author":"connolly","year":"2001","journal-title":"Proceedings of Workshop on Information Security - System Rating and Ranking"},{"journal-title":"Best Security Practices An overview","year":"2000","author":"king","key":"ref13"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-26"},{"key":"ref15","article-title":"Measurements of system security","author":"schneider","year":"2001","journal-title":"Proceedings of Workshop on Information Security - System Rating and Ranking"},{"journal-title":"International Information Systems Security Certification","year":"2001","key":"ref16"},{"journal-title":"About IDART","year":"2001","key":"ref17"},{"journal-title":"Information Protection Metrics and Measurements Program","year":"1997","key":"ref18"},{"key":"ref19","article-title":"Penetration testing &#x2014; The gold standard for security rating and ranking","author":"downs","year":"2001","journal-title":"Proceedings of Workshop on Information Security - System Rating and Ranking"},{"key":"ref4","article-title":"A Report from the Workshop on Information Security System Rating and Ranking","author":"vaughn","year":"2002","journal-title":"Proceedings of the DOD Software Technology Conference"},{"journal-title":"Common Criteria","year":"0","key":"ref3"},{"key":"ref6","article-title":"(SAIC, DIAP). 2001. DoD operational metrics","author":"villasenor","year":"2001","journal-title":"Proceedings of Workshop on Information Security - System Rating and Ranking"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1145\/366173.366185"},{"key":"ref8","article-title":"The bull in the china shop: The &#x201C;Merrill Lynch&#x201D; IA Assessment manifesto","author":"shapiro","year":"2001","journal-title":"proceedings of the Workshop on Information-Security-System Rating and Ranking held in Williamsburg"},{"journal-title":"Information assurance metrics Project overview","year":"2001","key":"ref7"},{"journal-title":"Department of Defense Standard Department of Defense Trusted Computer System Evaluation Criteria","year":"1985","key":"ref2"},{"journal-title":"Proceedings of Workshop on Information Security - System Rating and Ranking","year":"2001","key":"ref9"},{"key":"ref1","first-page":"30","article-title":"Information Security System Ranking and Rating","author":"vaughn","year":"2002","journal-title":"Crosstalk The Journal of Defense Software Engineering"},{"key":"ref20","article-title":"Red team work factor as a security measurement","author":"wood","year":"2001","journal-title":"Proceedings of Workshop on Information Security - System Rating and Ranking"},{"key":"ref22","article-title":"Certification of Intelligence Community Systems and measurement of residual risks","author":"kahn","year":"2001","journal-title":"Proceedings of Workshop on Information Security - System Rating and Ranking"},{"key":"ref21","article-title":"The survivability of network systems: An empirical analysis","author":"moitra","year":"2000","journal-title":"CMU\/SEI-2000-TR-021"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1997.601330"},{"key":"ref23","article-title":"2001. Measuring security","author":"bayuk","year":"2001","journal-title":"Proceedings of Workshop on Information Security - System Rating and Ranking"},{"key":"ref25","article-title":"A Report from the Workshop on Information Security System Rating and Ranking","author":"vaughn","year":"2002","journal-title":"Proceedings of the 14th Annual Canadian Information Technology Security Symposium"}],"event":{"name":"36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the","start":{"date-parts":[[2003,1,9]]},"location":"Big Island, HI, USA","end":{"date-parts":[[2003,1,9]]}},"container-title":["36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/8360\/26341\/01174904.pdf?arnumber=1174904","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,3,14]],"date-time":"2017-03-14T23:13:31Z","timestamp":1489533211000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/1174904\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2003]]},"references-count":25,"URL":"https:\/\/doi.org\/10.1109\/hicss.2003.1174904","relation":{},"subject":[],"published":{"date-parts":[[2003]]}}}