Security mistakes in information system deployment projects
暂无分享,去创建一个
Muhammad Afzal | Mathias Ekstedt | Teodor Sommestad | Hannes Holm | M. Ekstedt | Hannes Holm | T. Sommestad | M. Afzal
[1] M. Angela Sasse,et al. Making Passwords Secure and Usable , 1997, BCS HCI.
[2] David J. Weiss,et al. Empirical Assessment of Expertise , 2003, Hum. Factors.
[3] Nong Ye,et al. A System-Fault-Risk Framework for cyber attack classification , 2006, Inf. Knowl. Syst. Manag..
[4] Silja Renooij,et al. Probability elicitation for belief networks: issues to consider , 2001, The Knowledge Engineering Review.
[5] Ray Fink. LESSONS LEARNED FROM CYBER SECURITY ASSESSMENTS OF SCADA AND ENERGY MANAGEMENT SYSTEMS , 2006 .
[6] Hironori Washizaki,et al. A survey on security patterns , 2008 .
[7] Jan H. P. Eloff,et al. A framework and assessment instrument for information security culture , 2010, Comput. Secur..
[8] Matt Bishop,et al. A Critical Analysis of Vulnerability Taxonomies , 1996 .
[9] R. Cooke. Experts in Uncertainty: Opinion and Subjective Probability in Science , 1991 .
[10] J. Shaoul. Human Error , 1973, Nature.
[11] Jeffrey M. Stanton,et al. Analysis of end user security behaviors , 2005, Comput. Secur..
[12] F. Nelson Ford,et al. Information security: management's effect on culture and policy , 2006, Inf. Manag. Comput. Secur..
[13] Ray Hunt,et al. A taxonomy of network and computer attacks , 2005, Comput. Secur..
[14] M. Angela Sasse,et al. Safe and sound: a safety-critical approach to security , 2001, NSPW '01.
[15] P. Dourish,et al. Security as a Practical Problem: Some Preliminary Observations of Everyday Mental Models , 2003 .
[16] Pascale Carayon,et al. Human and organizational factors in computer and information security: Pathways to vulnerabilities , 2009, Comput. Secur..
[17] Eugene H. Spafford,et al. Use of A Taxonomy of Security Faults , 1996 .
[18] David A. Schkade,et al. WHERE DO THE NUMBERS COME FROM , 1993 .
[19] P. Carayon,et al. Computer and Information Security Culture: Findings from two Studies , 2005 .
[20] H. J. Einhorn. Expert judgment: Some necessary conditions and an example. , 1974 .
[21] Nir Friedman,et al. Being Bayesian about Network Structure , 2000, UAI.
[22] James Shanteau,et al. Empirical Assessment of Expertise. (Special Section) , 2003 .
[23] Kaplan,et al. ‘Combining Probability Distributions from Experts in Risk Analysis’ , 2000, Risk analysis : an official publication of the Society for Risk Analysis.
[24] Nir Friedman,et al. Being Bayesian About Network Structure. A Bayesian Approach to Structure Discovery in Bayesian Networks , 2004, Machine Learning.
[25] L. C. van der Gaag,et al. Building probabilistic networks: Where do the numbers come from? - a guide to the literature , 2000 .
[26] Ross J. Anderson. Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .
[27] Budi Arief,et al. Computer security impaired by legitimate users , 2004, Comput. Secur..
[28] Jim Alves-Foss,et al. Assessing computer security vulnerability , 1995, OPSR.
[29] Malcolm Robert Pattinson,et al. How well are information risks being communicated to your computer end-users? , 2007, Inf. Manag. Comput. Secur..
[30] E. Salas,et al. Human Factors : The Journal of the Human Factors and Ergonomics Society , 2012 .
[31] Marek J. Druzdzel,et al. Building Probabilistic Networks: "Where Do the Numbers Come From?" Guest Editors Introduction , 2000, IEEE Trans. Knowl. Data Eng..
[32] Evangelos A. Kiountouzis,et al. Information Management & Computer Security Formulating information systems risk management strategies through cultural theory , 2016 .
[33] Marek J. Druzdzel,et al. GeNIe: A Development Environment for Graphical Decision-Analytic Models , 1999, AMIA.
[34] Konstantin Beznosov,et al. On the imbalance of the security problem space and its expected consequences , 2007, Inf. Manag. Comput. Secur..
[35] Marek J. Druzdzel,et al. Elicitation of Probabilities for Belief Networks: Combining Qualitative and Quantitative Information , 1995, UAI.
[36] Sacha Brostoff,et al. Transforming the ‘Weakest Link’ — a Human/Computer Interaction Approach to Usable and Effective Security , 2001 .
[37] Mathias Ekstedt,et al. The Cyber Security Modeling Language: A Tool for Assessing the Vulnerability of Enterprise System Architectures , 2013, IEEE Systems Journal.
[38] Kirstie Hawkey,et al. An integrated view of human, organizational, and technological challenges of IT security management , 2009, Inf. Manag. Comput. Secur..
[39] Ronald F. DeMara,et al. Evaluation of the Human Impact of Password Authentication , 2004, Informing Sci. Int. J. an Emerg. Transdiscipl..