{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,6]],"date-time":"2025-12-06T04:56:31Z","timestamp":1764996991661,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":26,"publisher":"ACM","license":[{"start":{"date-parts":[[2013,9,8]],"date-time":"2013-09-08T00:00:00Z","timestamp":1378598400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100003406","name":"Tekes","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100003406","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100005416","name":"Norges Forskningsr\u00e4d","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100005416","id-type":"DOI","asserted-by":"publisher"}]},{"name":"VTT Technical Research Centre of Finland"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2013,9,8]]},"DOI":"10.1145\/2523501.2523507","type":"proceedings-article","created":{"date-parts":[[2013,10,1]],"date-time":"2013-10-01T18:09:20Z","timestamp":1380650960000},"page":"1-8","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":23,"title":["Metrics-driven security objective decomposition for an e-health application with adaptive security management"],"prefix":"10.1145","author":[{"given":"Reijo M.","family":"Savola","sequence":"first","affiliation":[{"name":"VTT Technical Research Centre of Finland, Oulu, Finland"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Habtamu","family":"Abie","sequence":"additional","affiliation":[{"name":"Norwegian Computing Center, Gaustadall\u00e9en, Blindern, Oslo, Norway"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2013,9,8]]},"reference":[{"volume-title":"Proc. BODYNETS 2012, Workshop SeTTIT","year":"2012","author":"Abie H.","key":"e_1_3_2_1_1_1"},{"volume-title":"Network Security: A Decision and Game Theoretic Approach","year":"2011","author":"Alpcan T.","key":"e_1_3_2_1_2_1"},{"unstructured":"Bartol N. Bates B. Goertzel K. M. and Winograd T. 2009. Measuring cyber security and information assurance: a state-of-the-art report. Information Assurance Technology Analysis Center (IATAC).  Bartol N. Bates B. Goertzel K. M. and Winograd T. 2009. Measuring cyber security and information assurance: a state-of-the-art report. Information Assurance Technology Analysis Center (IATAC).","key":"e_1_3_2_1_3_1"},{"unstructured":"Basili V. Caldiera G. and Rombach H. D. 1994. The Goal Question Metric Approach. Marciniak J. (ed.) Encyclopedia of Software Engineering Wiley.  Basili V. Caldiera G. and Rombach H. D. 1994. The Goal Question Metric Approach. Marciniak J. (ed.) Encyclopedia of Software Engineering Wiley.","key":"e_1_3_2_1_4_1"},{"unstructured":"Burr W. E. et al. 2011. Electronic Authentication Guideline. NIST Special Publication 800-63-1. National Institute of Standards and Technology.  Burr W. E. et al. 2011. Electronic Authentication Guideline. NIST Special Publication 800-63-1. National Institute of Standards and Technology.","key":"e_1_3_2_1_5_1"},{"issue":"1","key":"e_1_3_2_1_6_1","first-page":"35","article-title":"Game Theoretic Approach to Threat Prediction and Situation Awareness","volume":"2","author":"Chen G.","year":"2007","journal-title":"Journal of Advances in Information Fusion"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_7_1","DOI":"10.1111\/j.1539-6924.2009.01247.x"},{"unstructured":"HIPAA. 1996. Health insurance portability and accountability act (HIPAA). U.S. Public Law 104--191 1996  HIPAA. 1996. Health insurance portability and accountability act (HIPAA). U.S. Public Law 104--191 1996","key":"e_1_3_2_1_8_1"},{"doi-asserted-by":"crossref","unstructured":"Herrmann D. S. 2007. Complete guide to security and privacy metrics -- Measuring regulatory compliance operational resilience and ROI. Auerbach Publications.   Herrmann D. S. 2007. Complete guide to security and privacy metrics -- Measuring regulatory compliance operational resilience and ROI. Auerbach Publications.","key":"e_1_3_2_1_9_1","DOI":"10.1201\/9781420013283"},{"unstructured":"ISO\/IEC 15408-1:2005. Common Criteria for Information Technology Security Evaluation -- Part 1: Introduction and General Model. International Organization for Standardization and the International Electro Technical Commission.  ISO\/IEC 15408-1:2005. Common Criteria for Information Technology Security Evaluation -- Part 1: Introduction and General Model. International Organization for Standardization and the International Electro Technical Commission.","key":"e_1_3_2_1_10_1"},{"unstructured":"ISO\/IEC 27005:2008. Information technology - Security techniques - Information security risk management. International Organization for Standardization and International Electrotechnical Commission.  ISO\/IEC 27005:2008. Information technology - Security techniques - Information security risk management. International Organization for Standardization and International Electrotechnical Commission.","key":"e_1_3_2_1_11_1"},{"doi-asserted-by":"crossref","unstructured":"ITSEC. 1991. Information Technology Security Evaluation Criteria (ITSEC) Version 1.2. Commission for the European Communities.  ITSEC. 1991. Information Technology Security Evaluation Criteria (ITSEC) Version 1.2. Commission for the European Communities.","key":"e_1_3_2_1_12_1","DOI":"10.1016\/0142-0496(91)90133-P"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_13_1","DOI":"10.20533\/ijds.2040.2570.2010.0029"},{"doi-asserted-by":"crossref","unstructured":"Jansen W. 2009. Directions in Security Metrics Research. U.S. National Institute of Standards and Technology NISTIR 7564.  Jansen W. 2009. Directions in Security Metrics Research. U.S. National Institute of Standards and Technology NISTIR 7564.","key":"e_1_3_2_1_14_1","DOI":"10.6028\/NIST.IR.7564"},{"unstructured":"Jaquith A. 2007. Security metrics: replacing fear uncertainty and doubt. Addison-Wesley.   Jaquith A. 2007. Security metrics: replacing fear uncertainty and doubt. Addison-Wesley.","key":"e_1_3_2_1_15_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_16_1","DOI":"10.1007\/BF02919970"},{"volume-title":"Proc. Design Theory & Methodology, 611--618","year":"1995","author":"Koopman P.","key":"e_1_3_2_1_17_1"},{"volume-title":"Technical Note: Case study scenarios definition, Version 1. Technical Report DAR\/17\/12","year":"2012","author":"Leister W.","key":"e_1_3_2_1_18_1"},{"volume-title":"Proc. BODYNETS 2012, Workshop SeTTIT","year":"2012","author":"Savola R.","key":"e_1_3_2_1_19_1"},{"issue":"4","key":"e_1_3_2_1_20_1","first-page":"358","article-title":"Development of measurable security for a distributed messaging system","volume":"2","author":"Savola R.","year":"2009","journal-title":"Int. Journal on Advances in Security"},{"volume-title":"R. Strategies for Security Measurement Objective Decomposition. In Proc. Information Security for South Africa (ISSA)","year":"2012","author":"Savola","key":"e_1_3_2_1_21_1"},{"volume-title":"Adaptive Markov Game Theoretic Data Fusion Approach for Cyber Network Defense. IEEE Military Communications Conference (MILCOM 2007","year":"2007","author":"Shen D.","key":"e_1_3_2_1_22_1"},{"unstructured":"Shen D. Chen G. Cruz J. J. B. Blasch E. and Pham K. 2009. An Adaptive Markov Game Model for Cyber Threat Intent Inference. Theory and Novel Applications of Machine Learning Meng Joo Erand Yi Zhou (Ed.) ISBN: 978-953-7619-55-4 InTech 317--334. DOI=10.5772\/6690.  Shen D. Chen G. Cruz J. J. B. Blasch E. and Pham K. 2009. An Adaptive Markov Game Model for Cyber Threat Intent Inference. Theory and Novel Applications of Machine Learning Meng Joo Erand Yi Zhou (Ed.) ISBN: 978-953-7619-55-4 InTech 317--334. DOI=10.5772\/6690.","key":"e_1_3_2_1_23_1"},{"volume-title":"Proc 20th National Information Systems Security, 522--533","author":"Wang C.","key":"e_1_3_2_1_24_1"},{"volume-title":"Proc. ICTSM'05","author":"Weiss S.","key":"e_1_3_2_1_25_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_26_1","DOI":"10.1109\/CSSE.2008.949"}],"event":{"sponsor":["SIGMOBILE ACM Special Interest Group on Mobility of Systems, Users, Data and Computing","SIGCHI ACM Special Interest Group on Computer-Human Interaction","SIGSPATIAL ACM Special Interest Group on Spatial Information"],"acronym":"UbiComp '13","name":"UbiComp '13: The 2013 ACM International Joint Conference on Pervasive and Ubiquitous Computing","location":"Zurich Switzerland"},"container-title":["Proceedings of the International Workshop on Adaptive Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2523501.2523507","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2523501.2523507","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T07:34:54Z","timestamp":1750232094000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2523501.2523507"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,9,8]]},"references-count":26,"alternative-id":["10.1145\/2523501.2523507","10.1145\/2523501"],"URL":"https:\/\/doi.org\/10.1145\/2523501.2523507","relation":{},"subject":[],"published":{"date-parts":[[2013,9,8]]},"assertion":[{"value":"2013-09-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}