The economics of information security investment
暂无分享,去创建一个
[1] Lawrence A. Gordon,et al. Using information security as a response to competitor analysis systems , 2001, CACM.
[2] R. Weber,et al. Information systems planning: a model and empirical tests , 1996 .
[3] Allen Roginsky,et al. Hash-based encryption system , 1999, Comput. Secur..
[4] Keith Buzzard,et al. Computer security - What should you spend your money on? , 1999, Comput. Secur..
[5] Detmar W. Straub,et al. Effective IS Security: An Empirical Study , 1990, Inf. Syst. Res..
[6] Dorothy E. Denning,et al. A taxonomy for key escrow encryption systems , 1996, CACM.
[7] Dorothy E. Denning,et al. An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.
[8] Simon R. Wiseman,et al. A Secure Capability Computer System , 1986, 1986 IEEE Symposium on Security and Privacy.
[9] Deborah A. Frincke,et al. Balancing cooperation and risk in intrusion detection , 2000, TSEC.
[10] Houston H. Carr,et al. Threats to Information Systems: Today's Reality, Yesterday's Understanding , 1992, MIS Q..
[11] Giovanni Vigna,et al. NetSTAT: A Network-based Intrusion Detection System , 1999, J. Comput. Secur..
[12] Martin P. Loeb,et al. CSI/FBI Computer Crime and Security Survey , 2004 .
[13] Charles P. Pfleeger,et al. Security in computing , 1988 .
[14] Stefan Axelsson,et al. The base-rate fallacy and the difficulty of intrusion detection , 2000, TSEC.
[15] Lee W. McKnight,et al. Information security for Internet commerce , 1997 .
[16] Ravi S. Sandhu,et al. Role-Based Access Control Models , 1996, Computer.
[17] Lee W. McKnight,et al. Information Security for Electronic Commerce on the Internet: The Need for a New Policy and New Research , 1995 .
[18] Hal R. Varian,et al. How to Build an Economic Model in Your Spare Time , 1997 .
[19] S. Harrington,et al. Risk Management and Insurance , 1998 .
[20] Jonathan K. Millen,et al. A resource allocation model for denial of service , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.
[21] James P Anderson,et al. Computer Security Technology Planning Study , 1972 .
[22] Catherine A. Meadows,et al. A Cost-Based Framework for Analysis of Denial of Service Networks , 2001, J. Comput. Secur..
[23] Michael M. May,et al. How much is enough? A risk management approach to computer security , 2000 .
[24] Ravi S. Sandhu,et al. Configuring role-based access control to enforce mandatory and discretionary access control policies , 2000, TSEC.
[25] 염흥렬,et al. [서평]「Applied Cryptography」 , 1997 .
[26] Eugene H. Spafford,et al. Identification of Host Audit Data to Detect Attacks on Low-level IP Vulnerabilities , 1999, J. Comput. Secur..
[27] Gustavus J. Simmons,et al. Cryptanalysis and protocol failures , 1994, CACM.
[28] Detmar W. Straub,et al. Coping With Systems Risk: Security Planning Models for Management Decision Making , 1998, MIS Q..
[29] Ross J. Anderson. Why information security is hard - an economic perspective , 2001, Seventeenth Annual Computer Security Applications Conference.
[30] Thomas Finne,et al. A conceptual framework for information security management , 1998, Comput. Secur..
[31] David Wright,et al. Towards Operational Measures of Computer Security , 1993, J. Comput. Secur..
[32] Ravi S. Sandhu,et al. The ARBAC97 model for role-based administration of roles: preliminary description and outline , 1997, RBAC '97.
[33] Dinesh Batra,et al. Accessibility, security, and accuracy in statistical databases: the case for the multiplicative fixed data perturbation approach , 1995 .