Security attribute evaluation method: a cost-benefit approach
暂无分享,去创建一个
[1] DoD 5200 . 28-STD-DEPARTMENT OF DEFENSE TRUSTED COMPUTER SYSTEM EVALUATION , 2002 .
[2] Thomas Finne,et al. A conceptual framework for information security management , 1998, Comput. Secur..
[3] Gary Stoneburner,et al. SP 800-30. Risk Management Guide for Information Technology Systems , 2002 .
[4] M. Bohanec,et al. The Analytic Hierarchy Process , 2004 .
[5] Detmar W. Straub,et al. Coping With Systems Risk: Security Planning Models for Management Decision Making , 1998, MIS Q..
[6] Gary Stoneburner,et al. SP 800-27 Rev. A. Engineering Principles for Information Technology Security (A Baseline for Achieving Security), Revision A , 2004 .
[7] Gary Stoneburner,et al. Engineering principles for information technology security (a baseline for achieving security) :: recommendations of the National Institute of Standards and Technology , 2001 .
[8] M. E. Kabay,et al. Computer Security Handbook , 2002 .
[9] Carl E. Landwehr,et al. A taxonomy of computer program security flaws , 1993, CSUR.
[10] Lawrence A. Gordon,et al. The economics of information security investment , 2002, TSEC.
[11] G. Stoneburner,et al. Risk Management Guide for Information Technology Systems: Recommendations of the National Institute of Standards and Technology , 2002 .
[12] Jonathan K. Millen,et al. A resource allocation model for denial of service , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.
[13] D. Winterfeldt,et al. Comparison of weighting judgments in multiattribute utility measurement , 1991 .
[14] Thomas Finne,et al. The three categories of decision-making and information security , 1998, Comput. Secur..
[15] Mark Klein,et al. Quantifying the costs and benefits of architectural decisions , 2001, Proceedings of the 23rd International Conference on Software Engineering. ICSE 2001.
[16] Gary Stoneburner. SP 800-33. Underlying Technical Models for Information Technology Security , 2001 .
[17] Jyrki Kontio,et al. A case study in applying a systematic method for COTS selection , 1996, Proceedings of IEEE 18th International Conference on Software Engineering.
[18] Shon Harris,et al. Cissp Certification Exam Guide , 2003 .
[19] Catherine A. Meadows,et al. A Cost-Based Framework for Analysis of Denial of Service Networks , 2001, J. Comput. Secur..
[20] D. A. Seaver,et al. A comparison of weight approximation techniques in multiattribute utility decision making , 1981 .
[21] H. Raiffa,et al. Decisions with Multiple Objectives , 1993 .
[22] Ross J. Anderson. Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .
[23] Gary Stoneburner,et al. Underlying technical models for information technology security :: recommendations of the National Institute of Standards and Technology , 2001 .
[24] G. W. Fischer. Range Sensitivity of Attribute Weights in Multiattribute Value Models , 1995 .
[25] Ching-Lai Hwang,et al. Multiple attribute decision making : an introduction , 1995 .
[26] Christopher M. King,et al. Security Architecture: Design, Deployment and Operations , 2001 .
[27] Matt Bishop,et al. Computer Security: Art and Science , 2002 .
[28] Thomas G. Lane. A Design Space and Design Rules for User Interface Software Architecture , 1990 .