{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:52:17Z","timestamp":1750308737569,"version":"3.41.0"},"reference-count":17,"publisher":"Association for Computing Machinery (ACM)","issue":"6","license":[{"start":{"date-parts":[[2013,11,11]],"date-time":"2013-11-11T00:00:00Z","timestamp":1384128000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["SIGSOFT Softw. Eng. Notes"],"published-print":{"date-parts":[[2013,11,11]]},"abstract":"<jats:p>Information systems are the backbone of almost every business. The rise in the usage and the development of information networks over the years has added to the magnitude and frequent occurrences of threats to these very systems. Therefore, researchers and developers need to fill the gaps between early knowledge about risks and current level of risks and threats posed to information systems. The paper, done qualitatively, explores the various effects on the architecture of the information systems when the systems are exposed to attacks. The conceptual results, presented in the paper explore the relation of security risks to the architectural components of information systems. The findings can help the developer community to design architecturally sound and secure information systems.<\/jats:p>","DOI":"10.1145\/2532780.2532809","type":"journal-article","created":{"date-parts":[[2013,11,27]],"date-time":"2013-11-27T14:13:59Z","timestamp":1385561639000},"page":"1-3","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["A qualitative analysis of effects of security risks on architecture of an information system"],"prefix":"10.1145","volume":"38","author":[{"given":"Rakesh","family":"Kumar","sequence":"first","affiliation":[{"name":"Khalsa College For Women, Amritsar, India"}]},{"given":"Hardeep","family":"Singh","sequence":"additional","affiliation":[{"name":"Guru Nanak Dev University, Amritsar, India"}]}],"member":"320","published-online":{"date-parts":[[2013,11,11]]},"reference":[{"key":"e_1_2_1_1_1","unstructured":"B. Schneier.1999. Attack trees: Modeling security threats. DrDobbs Journal.  B. Schneier.1999. Attack trees: Modeling security threats. DrDobbs Journal."},{"key":"e_1_2_1_2_1","volume-title":"Security in Computing Systems","author":"Biskup J.","unstructured":"Biskup , J. 2009. Security in Computing Systems , 1 st edition, Berlin, Germany : Springer . Biskup, J. 2009. Security in Computing Systems, 1st edition, Berlin, Germany: Springer.","edition":"1"},{"key":"e_1_2_1_3_1","unstructured":"Borodzicz P. E.2005. Risk Crisis & Security Management John Wiley & Sons.  Borodzicz P. E.2005. Risk Crisis & Security Management John Wiley & Sons."},{"key":"e_1_2_1_4_1","first-page":"523","volume-title":"Management Information Systems Quarterly","author":"Bulgurcu B.","year":"2010","unstructured":"Bulgurcu , B. , Cavusoglu , H. , and Benbasat , I . 2010. Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information System Awareness , Management Information Systems Quarterly ( 2010 ), pp. 523 -- 548 . Bulgurcu, B., Cavusoglu, H., and Benbasat, I.2010. Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information System Awareness, Management Information Systems Quarterly (2010), pp. 523--548."},{"key":"e_1_2_1_5_1","volume-title":"Applying OCTAVE: Practitioners report","author":"Woody","year":"2006","unstructured":"C. Woody . Applying OCTAVE: Practitioners report . 2006 . Carnegie Mellon University . C. Woody. Applying OCTAVE: Practitioners report. 2006. Carnegie Mellon University."},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2004.1312850"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.2307\/249191"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2010.55"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.5555\/876661.876669"},{"key":"e_1_2_1_10_1","unstructured":"Soo Hoo K. How much is enough? A risk management approach to computer security.Working paper. http:\/\/cisac.stanford.edu\/docs\/  Soo Hoo K. How much is enough? A risk management approach to computer security.Working paper. http:\/\/cisac.stanford.edu\/docs\/"},{"key":"e_1_2_1_11_1","volume-title":"2010. CSI\/FBI computer crime and security survey","author":"Gordon M. P.","year":"2010","unstructured":"L.A., Gordon , M. P. , Loeb , and W. Lucyshyn . 2010. CSI\/FBI computer crime and security survey . Computer Security Institute (San Francisco 2010 ). L.A., Gordon, M. P., Loeb, and W. Lucyshyn.2010. CSI\/FBI computer crime and security survey. Computer Security Institute (San Francisco 2010)."},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.2753\/MIS0742-1222220405"},{"volume-title":"Hunan","author":"Fang","key":"e_1_2_1_13_1","unstructured":"LIU Fang .2005. Research on the Theories and Key Technologies of Information System Security Evaluation , Hunan , National University of Defense Technology . LIU Fang.2005. Research on the Theories and Key Technologies of Information System Security Evaluation, Hunan, National University of Defense Technology."},{"key":"e_1_2_1_14_1","volume-title":"Signals andCommunication","author":"Benini M.","year":"2007","unstructured":"Benini , M. , and Sicari , S. 2007. A mathematical framework for risk assessment. New Technologies Mobility and Security , Signals andCommunication , Springer-Verlag , 2007 :459--469 Benini, M., and Sicari,S.2007. A mathematical framework for risk assessment. New Technologies Mobility and Security, Signals andCommunication, Springer-Verlag, 2007:459--469"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1016\/0167-4048(87)90030-7"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1330311.1330325"},{"key":"e_1_2_1_17_1","volume-title":"International CIIP Handbook","author":"Analyzing Issues","year":"2006","unstructured":"Analyzing Issues , Challenges and Prospects . International CIIP Handbook 2006 , Vol. II . Analyzing Issues, Challenges and Prospects. International CIIP Handbook 2006, Vol. II."}],"container-title":["ACM SIGSOFT Software Engineering Notes"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2532780.2532809","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2532780.2532809","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T20:22:06Z","timestamp":1750278126000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2532780.2532809"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,11,11]]},"references-count":17,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2013,11,11]]}},"alternative-id":["10.1145\/2532780.2532809"],"URL":"https:\/\/doi.org\/10.1145\/2532780.2532809","relation":{},"ISSN":["0163-5948"],"issn-type":[{"type":"print","value":"0163-5948"}],"subject":[],"published":{"date-parts":[[2013,11,11]]},"assertion":[{"value":"2013-11-11","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}