Measuring Security Investment Benefit for Off the Shelf Software Systems - A Stakeholder Value Driven Approach.
作者: Yue Chen , Barry Boehm , Luke Sheppard , None
DOI:
关键词:
摘要:
econinfosec.org参考文章(45)
Gary Stoneburner, Alexis Feringa, Alice Y. Goguen, SP 800-30. Risk Management Guide for Information Technology Systems National Institute of Standards & Technology. ,(2002)
Anand Nandkumar, Ashish Arora, Rahul Telang, Ramayya Krishnan, H. John Heinz, Yubao Yang, Impact of Vulnerability Disclosure and Patch Availability - An Empirical Analysis ,(2004)
Donald J Reifer, Making the Software Business Case ,(2001)
Jan Trobitius, Anwendung der "Common Criteria for Information Technology Security Evaluation" (CC) / ISO 15408 auf ein SOA Registry-Repository. Informatiktage. pp. 183- 186 ,(2007)
David Leblanc, Brian Valentine, Michael Howard, Writing Secure Code ,(2001)
R. Anderson, Why information security is hard - an economic perspective annual computer security applications conference. pp. 358- 365 ,(2001) , 10.1109/ACSAC.2001.991552
Eugene H. Spafford, Daniel Farmer, The COPS Security Checker System USENIX Summer. pp. 165- 170 ,(1990)
Barry W Boehm, Apurva Jain, None, An Initial Theory of Value-Based Software Engineering Value-Based Software Engineering. pp. 15- 37 ,(2006) , 10.1007/3-540-29263-2_2
Thomas Hardjono, Josef Pieprzyk, Jennifer Seberry, Fundamentals of Computer Security ,(2003)
D. F. Haasl, N. H. Roberts, F. F. Goldberg, W. E. Vesely, Fault Tree Handbook ,(1987)