{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:20:48Z","timestamp":1750306848119,"version":"3.41.0"},"reference-count":18,"publisher":"Association for Computing Machinery (ACM)","issue":"1","license":[{"start":{"date-parts":[[2015,2,6]],"date-time":"2015-02-06T00:00:00Z","timestamp":1423180800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["SIGSOFT Softw. Eng. Notes"],"published-print":{"date-parts":[[2015,2,6]]},"abstract":"<jats:p>During the last ten years, security attacks on information systems have led to a huge number of data breaches all over the globe. Information security risks are causing massive damage to organizations. The security risk could be costlier to handle if not given due attention. We need to build a security culture in which everyone can recognize and evaluate the risks. In the current scenario the risks due to BYOD have emerged as a new challenge to information-security practitioners. The present study focuses on evaluating BYOD risks and their causes well before they become a threat to an organization. A new procedure is proposed to tackle the threats from BYOD and an empirical analysis is provided for validation of the proposed procedure.<\/jats:p>","DOI":"10.1145\/2693208.2693231","type":"journal-article","created":{"date-parts":[[2015,2,10]],"date-time":"2015-02-10T13:19:47Z","timestamp":1423574387000},"page":"1-4","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["A Proactive Procedure to Mitigate the BYOD Risks on the Security of an Information System"],"prefix":"10.1145","volume":"40","author":[{"given":"Rakesh","family":"Kumar","sequence":"first","affiliation":[{"name":"Khalsa College For Women, Amritsar, India"}]},{"given":"Hardeep","family":"Singh","sequence":"additional","affiliation":[{"name":"Guru Nanak Dev University, Amritsar, India"}]}],"member":"320","published-online":{"date-parts":[[2015,2,6]]},"reference":[{"key":"e_1_2_1_1_1","first-page":"1","volume-title":"QoP-2005: Quality of Protection workshop","author":"Atzeni A.","year":"2005","unstructured":"A. Atzeni and A. Lioy . Why to adopt a security metric? A brief survey . In QoP-2005: Quality of Protection workshop , pages 1 -- 12 , 2005 . A. Atzeni and A.Lioy. Why to adopt a security metric? A brief survey. In QoP-2005: Quality of Protection workshop, pages 1--12, 2005."},{"key":"e_1_2_1_2_1","first-page":"141","article-title":"Modelling the Human and Technological Costs and Benefits of USB Memory Stick Security","author":"Beautement","year":"2009","unstructured":"A. Beautement , \" Modelling the Human and Technological Costs and Benefits of USB Memory Stick Security ,\" Managing Information Risk and the Economics of Security, M.E. Johnson, ed., Springer Science+Business Media , 2009 , pp. 141 -- 162 . A. Beautement, \"Modelling the Human and Technological Costs and Benefits of USB Memory Stick Security,\" Managing Information Risk and the Economics of Security, M.E. Johnson, ed., Springer Science+Business Media, 2009, pp. 141--162.","journal-title":"Johnson, ed., Springer Science+Business Media"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.5555\/2017470.2017477"},{"key":"e_1_2_1_4_1","volume-title":"Applying OCTAVE: Practitioners report","author":"Woody","year":"2006","unstructured":"C. Woody . Applying OCTAVE: Practitioners report . 2006 . Carnegie Mellon University . C. Woody. Applying OCTAVE: Practitioners report. 2006. Carnegie Mellon University."},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.5555\/876661.876669"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/986655.986664"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1016\/0167-4048(87)90030-7"},{"key":"e_1_2_1_8_1","first-page":"112","volume-title":"A Guide to Computer Network Security","author":"Joseph Migga Kizza","year":"2008","unstructured":"Joseph Migga Kizza : A Guide to Computer Network Security , Springer , 2008 , pp 112 -- 115 , http:\/\/en.wikipedia.org\/wiki\/Timeline_of_computer_ security_hacker_history Joseph Migga Kizza: A Guide to Computer Network Security, Springer, 2008, pp 112--115, http:\/\/en.wikipedia.org\/wiki\/Timeline_of_computer_ security_hacker_history"},{"key":"e_1_2_1_9_1","first-page":"6","volume-title":"Nancy R. Mead: Software Security Engineering: A Guide for Project Managers","author":"Julia H.","year":"2008","unstructured":"Julia H. Allen , Sean Barnum, Robert J. Ellison , Gary McGraw , Nancy R. Mead: Software Security Engineering: A Guide for Project Managers , Addison Wesley Professional , 2008 , pp 6 -- 8 . Julia H. Allen, Sean Barnum, Robert J. Ellison, Gary McGraw, Nancy R. Mead: Software Security Engineering: A Guide for Project Managers, Addison Wesley Professional, 2008, pp 6--8."},{"key":"e_1_2_1_10_1","volume-title":"A Life-Cycle View of Architecture Analysis and Design Methods (CMU\/SEI-2003-TN-026)","author":"Kazman R.","year":"2003","unstructured":"Kazman , R. ; Nord , R. L. ; & Klein , M. A Life-Cycle View of Architecture Analysis and Design Methods (CMU\/SEI-2003-TN-026) . Pittsburgh, PA : Software Engineering Institute, Carnegie Mellon University , 2003 . Kazman, R.; Nord, R. L.; & Klein, M. A Life-Cycle View of Architecture Analysis and Design Methods (CMU\/SEI-2003-TN-026). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2003."},{"key":"e_1_2_1_11_1","volume-title":"2010. CSI\/FBI computer crime and security survey","author":"Gordon M. P.","year":"2010","unstructured":"L.A., Gordon , M. P. , Loeb , and W. Lucyshyn . 2010. CSI\/FBI computer crime and security survey . Computer Security Institute (San Francisco 2010 ). L.A., Gordon, M. P., Loeb, and W. Lucyshyn.2010. CSI\/FBI computer crime and security survey. Computer Security Institute (San Francisco 2010)."},{"key":"e_1_2_1_12_1","volume-title":"NIST Special Publication 800-53A (third public draft)","author":"National Institute for Standards and Technology (NIST).","year":"2007","unstructured":"National Institute for Standards and Technology (NIST). Guide for assessing the security controls in federal information systems , NIST Special Publication 800-53A (third public draft) , 2007 . National Institute for Standards and Technology (NIST). Guide for assessing the security controls in federal information systems, NIST Special Publication 800-53A (third public draft), 2007."},{"key":"e_1_2_1_13_1","volume-title":"Leading Security Experts Explain How They Think","author":"Oran","year":"2009","unstructured":"Oran , Andy & Viega, John , ( 2009 ) Beautiful Security Metrics , Leading Security Experts Explain How They Think , Chapter 3 Elizabeth Nichols. Oran, Andy & Viega, John, (2009) Beautiful Security Metrics, Leading Security Experts Explain How They Think, Chapter 3 Elizabeth Nichols."},{"key":"e_1_2_1_14_1","volume-title":"NJ: Pearson Education","author":"Petrocelli T.D.","year":"2005","unstructured":"Petrocelli , T.D. , \" Data Protection and Information Lifecycle Management,\" Upper Saddle River , NJ: Pearson Education , Inc ., 2005 . Petrocelli, T.D., \"Data Protection and Information Lifecycle Management,\" Upper Saddle River, NJ: Pearson Education, Inc., 2005."},{"key":"e_1_2_1_15_1","unstructured":"Security Threat Report 2013 by Sophos Labs. (Private communication)  Security Threat Report 2013 by Sophos Labs. (Private communication)"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.2753\/MIS0742-1222220405"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.11"},{"key":"e_1_2_1_18_1","unstructured":"http:\/\/www.dqindia.com\/dataquest\/feature\/205756\/india-most-vulnerable-cyber-attacks#sthash.Z9TrKNYG.dpuf  http:\/\/www.dqindia.com\/dataquest\/feature\/205756\/india-most-vulnerable-cyber-attacks#sthash.Z9TrKNYG.dpuf"}],"container-title":["ACM SIGSOFT Software Engineering Notes"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2693208.2693231","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2693208.2693231","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T08:10:15Z","timestamp":1750234215000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2693208.2693231"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,2,6]]},"references-count":18,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2015,2,6]]}},"alternative-id":["10.1145\/2693208.2693231"],"URL":"https:\/\/doi.org\/10.1145\/2693208.2693231","relation":{},"ISSN":["0163-5948"],"issn-type":[{"type":"print","value":"0163-5948"}],"subject":[],"published":{"date-parts":[[2015,2,6]]},"assertion":[{"value":"2015-02-06","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}