乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,8]],"date-time":"2024-09-08T01:47:22Z","timestamp":1725760042920},"publisher-location":"Berlin, Heidelberg","reference-count":45,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642394973"},{"type":"electronic","value":"9783642394980"}],"license":[{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-39498-0_2","type":"book-chapter","created":{"date-parts":[[2013,11,28]],"date-time":"2013-11-28T13:05:32Z","timestamp":1385643932000},"page":"25-47","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":8,"title":["To Invest or Not to Invest? Assessing the Economic Viability of a Policy and Security Configuration Management Tool"],"prefix":"10.1007","author":[{"given":"Lukas","family":"Demetz","sequence":"first","affiliation":[]},{"given":"Daniel","family":"Bachlechner","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2013,10,8]]},"reference":[{"key":"2_CR1","first-page":"483","volume":"1\u20133","author":"M. Al-Humaigani","year":"2003","unstructured":"Al-Humaigani, M., Dunn, D.B.: A model of return on investment for information systems security. In: Proceedings of the 46th IEEE International Midwest Symposium on Circuits & Systems, Cairo, vols.\u00a01\u20133, pp.\u00a0483\u2013485 (2003)","journal-title":"Cairo"},{"issue":"1","key":"2_CR2","doi-asserted-by":"publisher","first-page":"12","DOI":"10.1109\/MSP.2005.14","volume":"3","author":"R. Anderson","year":"2005","unstructured":"Anderson, R., Schneier, B.: Guest editors\u2019 introduction: economics of information security. IEEE Secur. Priv. 3(1), 12\u201313 (2005)","journal-title":"IEEE Secur. Priv."},{"key":"2_CR3","first-page":"684","volume":"12","author":"K. Bagchi","year":"2003","unstructured":"Bagchi, K., Udo, G.: An analysis of the growth of computer and Internet security breaches. Commun. Assoc. Inf. Syst. 12, 684\u2013700 (2003)","journal-title":"Commun. Assoc. Inf. Syst."},{"issue":"2","key":"2_CR4","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1145\/1042091.1042094","volume":"48","author":"L.D. Bodin","year":"2005","unstructured":"Bodin, L.D., Gordon, L.A., Loeb, M.P.: Evaluating information security investments using the analytic hierarchy process. Commun. ACM 48(2), 78\u201383 (2005)","journal-title":"Commun. ACM"},{"key":"2_CR5","first-page":"10","volume-title":"Security Metrics and Security Investment Models. Lecture Notes in Computer Science","author":"R. B\u00f6hme","year":"2010","unstructured":"B\u00f6hme, R.: Security metrics and security investment models. In: Echizen, I., Kunihiro, N., Sasaki, R. (eds.) Security Metrics and Security Investment Models. Lecture Notes in Computer Science, vol.\u00a06434, pp.\u00a010\u201324. Springer, Berlin\/Heidelberg (2010)"},{"key":"2_CR6","unstructured":"B\u00f6hme, R., Moore, T.: The iterated weakest link \u2013 a model of adaptive security investment. In: Proceedings of the 8th Workshop on the Economics of Information Security (WEIS), London (2009)"},{"key":"2_CR7","doi-asserted-by":"crossref","unstructured":"Butler, S.A.: Security attribute evaluation method: a cost-benefit approach. In: Proceedings of the 24th International Conference on Software Engineering, Orlando, pp.\u00a0232\u2013240. ACM (2002)","DOI":"10.1145\/581339.581370"},{"key":"2_CR8","first-page":"65","volume":"14","author":"H. Cavusoglu","year":"2004","unstructured":"Cavusoglu, H., Cavusoglu, H., Raghunathan, S.: Economics of IT security management: four improvements to current security practices. Commun. AIS 14, 65\u201375 (2004)","journal-title":"Commun. AIS"},{"issue":"7","key":"2_CR9","doi-asserted-by":"publisher","first-page":"87","DOI":"10.1145\/1005817.1005828","volume":"47","author":"H. Cavusoglu","year":"2004","unstructured":"Cavusoglu, H., Mishra, B., Raghunathan, S.: A model for evaluating IT security investments. Commun. ACM 47(7), 87\u201392 (2004)","journal-title":"Commun. ACM"},{"issue":"1","key":"2_CR10","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1287\/isre.1050.0041","volume":"16","author":"H. Cavusoglu","year":"2005","unstructured":"Cavusoglu, H., Mishra, B., Raghunathan, S.: The value of intrusion detection systems in information technology security architecture. Inf. Syst. Res. 16(1), 28\u201346 (2005)","journal-title":"Inf. Syst. Res."},{"key":"2_CR11","unstructured":"Computerworld: Honda Canada breach exposed data on 280,000 individuals. Website: http:\/\/www.computerworld.com\/s\/article\/9217094\/Update_Honda_Canada_breach_exposed_data_on_280_000_individuals (2011). Last access 1 Feb 2012"},{"key":"2_CR12","doi-asserted-by":"crossref","unstructured":"Computerworld: RSA warns SecurID customers after company is hacked. Website: http:\/\/www.computerworld.com\/s\/article\/9214757\/RSA_warns_SecurID_customers_after_company_is_hacked (2011). Last access 1 Feb 2012","DOI":"10.1016\/S1353-4858(11)70056-3"},{"key":"2_CR13","unstructured":"Cremonini, M., Martini, P.: Evaluating information security investments from attackers perspective: the Return-On-Attack (ROA). In: Proceedings of the 4th Workshop on the Economics of Information Security (WEIS), Cambridge (2005)"},{"key":"2_CR14","unstructured":"CSI Computer Survey: 14th Annual CSI Computer Crime and Security Survey, San Francisco (2009)"},{"key":"2_CR15","unstructured":"Deloitte: Raising the bar: 2011 TMT Global security study\u00a0\u2013 key findings. http:\/\/www.deloitte.com\/assets\/Dcom-Global\/Local%20Assets\/Documents\/TMT\/dttl_TMT%202011%20Global%20Security%20Survey_High%20res_191111.pdf (2011)"},{"key":"2_CR16","first-page":"619","volume-title":"On the Move to Meaningful Internet Systems. Lecture Notes in Computer Science","author":"V. Franqueira","year":"2010","unstructured":"Franqueira, V., Houmb, S., Daneva, M.: Using real option thinking to improve decision making in security investment. In: Meersman, R., Dillon, T., Herrero, P. (eds.) On the Move to Meaningful Internet Systems. Lecture Notes in Computer Science, vol.\u00a06426, pp.\u00a0619\u2013638. Springer, Berlin\/Heidelberg (2010)"},{"issue":"4","key":"2_CR17","doi-asserted-by":"publisher","first-page":"438","DOI":"10.1145\/581271.581274","volume":"5","author":"L.A. Gordon","year":"2002","unstructured":"Gordon, L.A., Loeb, M.P.: The economics of information security investment. ACM Trans. Inf. Syst. Secur. 5(4), 438\u2013457 (2002)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"issue":"1","key":"2_CR18","doi-asserted-by":"publisher","first-page":"121","DOI":"10.1145\/1107458.1107465","volume":"49","author":"L.A. Gordon","year":"2006","unstructured":"Gordon, L.A., Loeb, M.P.: Budgeting process for information security expenditures. Commun. ACM 49(1), 121\u2013125 (2006)","journal-title":"Commun. ACM"},{"issue":"5","key":"2_CR19","doi-asserted-by":"publisher","first-page":"335","DOI":"10.1007\/s10796-006-9010-7","volume":"8","author":"L.A. Gordon","year":"2006","unstructured":"Gordon, L.A., Loeb, M.P.: Economic aspects of information security: an emerging field of research. Inf. Syst. Front. 8(5), 335\u2013337 (2006)","journal-title":"Inf. Syst. Front."},{"issue":"2","key":"2_CR20","first-page":"1","volume":"19","author":"L.A. Gordon","year":"2003","unstructured":"Gordon, L.A., Loeb, M.P., Lucyshyn, W.: Information security expenditures and real options: a wait-and-see approach. Comput. Secur. J. 19(2), 1\u20137 (2003)","journal-title":"Comput. Secur. J."},{"key":"2_CR21","unstructured":"Guardian, T.: Sony suffers second data breach with theft of 25\u2009m more user details. Website: http:\/\/www.guardian.co.uk\/technology\/blog\/2011\/may\/03\/sony-data-breach-online-entertainment (2011). Last access 1 Feb 2012"},{"issue":"3","key":"2_CR22","doi-asserted-by":"publisher","first-page":"337","DOI":"10.2753\/MIS0742-1222250310","volume":"25","author":"H.S.B. Herath","year":"2008","unstructured":"Herath, H.S.B., Herath, T.C.: Investments in information security: a real options perspective with Bayesian postaudit. J. Manage. Inf. Syst. 25(3), 337\u2013375 (2008)","journal-title":"J. Manage. Inf. Syst."},{"issue":"2","key":"2_CR23","doi-asserted-by":"publisher","first-page":"793","DOI":"10.1016\/j.ijpe.2008.04.002","volume":"114","author":"C.D. Huang","year":"2008","unstructured":"Huang, C.D., Hu, Q., Behara, R.S.: An economic analysis of the optimal information security investment in the case of a risk-averse firm. Int. J. Prod. Econ. 114(2), 793\u2013804 (2008)","journal-title":"Int. J. Prod. Econ."},{"issue":"1","key":"2_CR24","first-page":"71","volume":"70","author":"R.S. Kaplan","year":"1992","unstructured":"Kaplan, R.S., Norton, D.P.: The balanced scorecard\u2013measures that drive performance. Harv. Bus. Rev. 70(1), 71\u201379 (1992)","journal-title":"Harv. Bus. Rev."},{"key":"2_CR25","volume-title":"Forrester Research: The change and configuration management software market","author":"K. Kark","year":"2007","unstructured":"Kark, K., Orlowv, L.M., Bright, S.: Forrester Research: The change and configuration management software market (2007)"},{"issue":"3\u20134","key":"2_CR26","first-page":"215","volume":"28","author":"D. Liginlal","year":"2009","unstructured":"Liginlal, D., Sim, I., Khansa, L.: How significant is human error as a cause of privacy breaches? An empirical study and a framework for error management. Comput. Secur. 28(3\u20134), 215\u2013228 (2009)","journal-title":"An empirical study and a framework for error management. Comput. Secur."},{"issue":"2","key":"2_CR27","first-page":"464","volume":"3","author":"W. Liu","year":"2008","unstructured":"Liu, W., Tanaka, H., Matsuura, K.: Empirical-analysis methodology for information-security investment and its application to reliable survey of Japanese firms. Inf. Media Technol. 3(2), 464\u2013478 (2008)","journal-title":"Inf. Media Technol."},{"key":"2_CR28","doi-asserted-by":"crossref","unstructured":"Matsuura, K.: Productivity space of information security in an extension of the Gordon-Loeb\u2019s investment model. In: Proceedings of the 7th Workshop on the Economics of Information Security (WEIS), Hanover (2008)","DOI":"10.1007\/978-0-387-09762-6_5"},{"issue":"1","key":"2_CR29","first-page":"18","volume":"10","author":"A. Mizzi","year":"2010","unstructured":"Mizzi, A.: Return on information security investment: the viability of an anti-spam solution in a wireless environment. Int. J. Netw. Secur. 10(1), 18\u201324 (2010)","journal-title":"Int. J. Netw. Secur."},{"key":"2_CR30","unstructured":"Oehrlich, E., Lambert, N.: Forrester Research: How to manage your information security policy framework (2006). http:\/\/www.forrester.com\/The+Change+And+Configuration+Management+Software+Market\/fulltext\/-\/E-RES42580"},{"key":"2_CR31","first-page":"149","volume-title":"Business Process Management. Lecture Notes in Computer Science","author":"S. Sadiq","year":"2007","unstructured":"Sadiq, S., Governatori, G., Namiri, K.: Modeling control objectives for business process compliance: business process management. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) Business Process Management. Lecture Notes in Computer Science, vol.\u00a04714, pp.\u00a0149\u2013164. Springer, Berlin\/Heidelberg (2007)"},{"key":"2_CR32","unstructured":"Schneier, B.: Security ROI. Website: http:\/\/www.schneier.com\/blog\/archives\/2008\/09\/security_roi_1.html (2008). Last access 1 Feb 2012"},{"key":"2_CR33","unstructured":"Shirey, R.: Internet security glossary \u2013 RFC 2828. Tech. rep., The Internet Engineering Task Force \u2013 Network Working Group. http:\/\/www.ietf.org\/rfc\/rfc2828.txt (2000)"},{"issue":"1","key":"2_CR34","first-page":"14","volume":"2","author":"N. Sklavos","year":"2006","unstructured":"Sklavos, N., Souras, P.: Economic models and approaches in information security for computer networks. Int. J. Netw. Secur. 2(1), 14\u201320 (2006)","journal-title":"Int. J. Netw. Secur."},{"issue":"1","key":"2_CR35","first-page":"55","volume":"38","author":"W. Sonnenreich","year":"2006","unstructured":"Sonnenreich, W., Albanese, J., Stout, B.: Return on security investment (ROSI) \u2013 a practical quantitative modell. J. Res. Pract. Inf. Technol. 38(1), 55\u201366 (2006)","journal-title":"J. Res. Pract. Inf. Technol."},{"key":"2_CR36","unstructured":"Su, X.: An overview of economic approaches to information security management. Tech. rep., Centre for Telematics and Information Technology, University of Twente (2006)"},{"issue":"1","key":"2_CR37","first-page":"34","volume":"5","author":"L.J. Tallau","year":"2010","unstructured":"Tallau, L.J., Gupta, M., Sharman, R.: Information security investment decisions: evaluating the balanced scorecard method. Int. J. Bus. Inf. Syst. 5(1), 34\u201357 (2010)","journal-title":"Int. J. Bus. Inf. Syst."},{"key":"2_CR38","unstructured":"Tsiakis, T.K., Pekos, T.: Analysing and determining return on investment for information security. In: Proceedings of the International Conference on Applied Economics (ICOAE), Chania, Crete, pp.\u00a0879\u2013883 (2008)"},{"issue":"3","key":"2_CR39","doi-asserted-by":"publisher","first-page":"191","DOI":"10.1016\/j.cose.2004.01.012","volume":"23","author":"C. Vroom","year":"2004","unstructured":"Vroom, C., von Solms, R.: Towards information security behavioural compliance. Comput. Secur. 23(3), 191\u2013198 (2004)","journal-title":"Comput. Secur."},{"issue":"1","key":"2_CR40","doi-asserted-by":"publisher","first-page":"106","DOI":"10.1287\/isre.1070.0143","volume":"19","author":"J. Wang","year":"2008","unstructured":"Wang, J., Chaudhury, A., Rao, H.R.: A value-at-risk approach to information security investment. Inf. Syst. Res. 19(1), 106\u2013120 (2008)","journal-title":"Inf. Syst. Res."},{"issue":"3","key":"2_CR41","doi-asserted-by":"publisher","first-page":"329","DOI":"10.1007\/s10844-009-0109-4","volume":"36","author":"S.L. Wang","year":"2011","unstructured":"Wang, S.L., Chen, J.D., Stirpe, P., Hong, T.P.: Risk-neutral evaluation of information security investment on data centers. J. Intell. Inf. Syst. 36(3), 329\u2013345 (2011)","journal-title":"J. Intell. Inf. Syst."},{"key":"2_CR42","unstructured":"Webster, J., Watson, R.T.: Analyzing the past to prepare for the future: writing a literature review. MIS Q 26(2), xiii\u2013xxiii (2002)"},{"issue":"8","key":"2_CR43","doi-asserted-by":"publisher","first-page":"91","DOI":"10.1145\/859670.859675","volume":"46","author":"M.E. Whitman","year":"2003","unstructured":"Whitman, M.E.: Enemy at the gate: threats to information security. Commun. ACM 46(8), 91\u201395 (2003)","journal-title":"Commun. ACM"},{"key":"2_CR44","unstructured":"Willemson, J.: On the Gordon and Loeb model for information security investment. In: Proceedings of the 5th Workshop on the Economics of Information Security (WEIS), Cambridge (2006)"},{"key":"2_CR45","doi-asserted-by":"crossref","unstructured":"Willemson, J.: Extending the Gordon and Loeb model for information security investment. In: Proceedings of the 5th International Conference on the Availability, Reliability, and Security (ARES\u201910), Krakow, pp.\u00a0258\u2013261 (2010)","DOI":"10.1109\/ARES.2010.37"}],"container-title":["The Economics of Information Security and Privacy"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-39498-0_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,19]],"date-time":"2023-01-19T13:53:44Z","timestamp":1674136424000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-642-39498-0_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642394973","9783642394980"],"references-count":45,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-39498-0_2","relation":{},"subject":[],"published":{"date-parts":[[2013]]},"assertion":[{"value":"8 October 2013","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}