乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,15]],"date-time":"2024-09-15T16:43:58Z","timestamp":1726418638349},"reference-count":92,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2014,9,1]],"date-time":"2014-09-01T00:00:00Z","timestamp":1409529600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Computers & Security"],"published-print":{"date-parts":[[2014,9]]},"DOI":"10.1016\/j.cose.2014.05.012","type":"journal-article","created":{"date-parts":[[2014,6,7]],"date-time":"2014-06-07T10:01:26Z","timestamp":1402135286000},"page":"172-185","update-policy":"http:\/\/dx.doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":4,"special_numbering":"C","title":["Complexity is dead, long live complexity! How software can help service providers manage security and compliance"],"prefix":"10.1016","volume":"45","author":[{"ORCID":"http:\/\/orcid.org\/0000-0002-3070-7205","authenticated-orcid":false,"given":"Stefan","family":"Thalmann","sequence":"first","affiliation":[]},{"given":"Daniel","family":"Bachlechner","sequence":"additional","affiliation":[]},{"given":"Lukas","family":"Demetz","sequence":"additional","affiliation":[]},{"given":"Markus","family":"Manhart","sequence":"additional","affiliation":[]}],"member":"78","reference":[{"issue":"2","key":"10.1016\/j.cose.2014.05.012_bib1","doi-asserted-by":"crossref","first-page":"36","DOI":"10.1109\/MS.2011.153","article-title":"A distributed access control architecture for cloud computing","volume":"29","author":"Abdulrahman","year":"2012","journal-title":"IEEE Softw"},{"issue":"3","key":"10.1016\/j.cose.2014.05.012_bib2","doi-asserted-by":"crossref","first-page":"145","DOI":"10.1007\/s12599-011-0155-7","article-title":"Automated certification for compliant cloud-based business processes","volume":"3","author":"Accorsi","year":"2011","journal-title":"Bus Inf Syst Eng"},{"key":"10.1016\/j.cose.2014.05.012_bib3","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2014.01.001","article-title":"Protecting organizational competitive advantage: a knowledge leakage perspective","volume":"42","author":"Ahmad","year":"2014","journal-title":"Comput Secur"},{"issue":"2","key":"10.1016\/j.cose.2014.05.012_bib4","doi-asserted-by":"crossref","first-page":"88","DOI":"10.1108\/02686901311284522","article-title":"The utilisation of generalized audit software (GAS) by external auditors","volume":"28","author":"Ahmi","year":"2013","journal-title":"Manag Audit J"},{"key":"10.1016\/j.cose.2014.05.012_bib5","series-title":"Collaboration-based cloud computing security management framework 4th international conference on cloud computing","first-page":"364","author":"Almorsy","year":"2011"},{"year":"2011","series-title":"Summary of the Amazon EC2 and Amazon RDS service disruption in the US East Region","author":"Amazon","key":"10.1016\/j.cose.2014.05.012_bib6"},{"key":"10.1016\/j.cose.2014.05.012_bib7","series-title":"Lecture notes in computer science","doi-asserted-by":"crossref","first-page":"303","DOI":"10.1007\/978-3-642-35890-6_22","article-title":"Policy chain for securing service oriented architectures","author":"Arsac","year":"2013"},{"key":"10.1016\/j.cose.2014.05.012_bib8","doi-asserted-by":"crossref","first-page":"2","DOI":"10.1016\/j.cose.2012.11.010","article-title":"ESPOONERBAC: enforcing security policies in outsourced environments","volume":"35","author":"Asghar","year":"2013","journal-title":"Comput Secur"},{"issue":"1","key":"10.1016\/j.cose.2014.05.012_bib9","doi-asserted-by":"crossref","first-page":"38","DOI":"10.1016\/j.cose.2013.11.002","article-title":"Security and compliance challenges in complex IT outsourcing arrangements: a multi-stakeholder perspective","volume":"40","author":"Bachlechner","year":"2014","journal-title":"Comput Secur"},{"issue":"4","key":"10.1016\/j.cose.2014.05.012_bib10","doi-asserted-by":"crossref","first-page":"286","DOI":"10.1108\/MAJ-05-2013-0861","article-title":"Auditing service providers: supporting auditors in cross-organizational settings","volume":"29","author":"Bachlechner","year":"2014","journal-title":"Manag Audit J"},{"issue":"3","key":"10.1016\/j.cose.2014.05.012_bib11","first-page":"91","article-title":"The determinants of total IT outsourcing: an empirical investigation of French and German firms","volume":"44","author":"Barth\u00e9lemy","year":"2004","journal-title":"J Comput Inf Syst"},{"key":"10.1016\/j.cose.2014.05.012_bib12","series-title":"Proceedings of the 18th Euromicro international conference on parallel, distributed and network-based processing (PDP 2010)","first-page":"649","article-title":"Towards a network-independent policy specification","author":"Basile","year":"2010"},{"key":"10.1016\/j.cose.2014.05.012_bib13","series-title":"Securing electronic business processes ISSE 2012","first-page":"64","article-title":"The PoSecCo security decision support system","author":"Basile","year":"2012"},{"issue":"5","key":"10.1016\/j.cose.2014.05.012_bib14","doi-asserted-by":"crossref","first-page":"271","DOI":"10.1007\/s12599-010-0118-4","article-title":"Explanatory design theory","volume":"2","author":"Baskerville","year":"2010","journal-title":"Bus Inf Syst Eng"},{"issue":"1","key":"10.1016\/j.cose.2014.05.012_bib15","doi-asserted-by":"crossref","first-page":"3","DOI":"10.2307\/249403","article-title":"Empirical research in information systems: the practice of relevance","volume":"23","author":"Benbasat","year":"1999","journal-title":"Manag Inf Syst Q"},{"issue":"4","key":"10.1016\/j.cose.2014.05.012_bib16","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1147\/JRD.2009.5429060","article-title":"Security for the cloud infrastructure: trusted virtual data center implementation","volume":"53","author":"Berger","year":"2009","journal-title":"IBM J Res Dev"},{"year":"2012","series-title":"D4.8-prototype: standardized audit interface","author":"Bettan","key":"10.1016\/j.cose.2014.05.012_bib17"},{"issue":"1\u20132","key":"10.1016\/j.cose.2014.05.012_bib18","doi-asserted-by":"crossref","first-page":"8","DOI":"10.1016\/j.cose.2008.08.001","article-title":"A distributed requirements management framework for legal compliance and accountability","volume":"28","author":"Breaux","year":"2009","journal-title":"Comput Secur"},{"key":"10.1016\/j.cose.2014.05.012_bib19","series-title":"2nd International united information system conference","first-page":"59","article-title":"Model-driven security engineering of service oriented systems","author":"Breu","year":"2008"},{"year":"2012","series-title":"Magic quadrant for IT service support management tools","author":"Brooks","key":"10.1016\/j.cose.2014.05.012_bib20"},{"issue":"3","key":"10.1016\/j.cose.2014.05.012_bib21","doi-asserted-by":"crossref","first-page":"431","DOI":"10.3233\/JCS-2003-11308","article-title":"The economic cost of publicly announced information security breaches: empirical evidence from the stock market","volume":"11","author":"Campbell","year":"2003","journal-title":"J Comput Secur"},{"issue":"4","key":"10.1016\/j.cose.2014.05.012_bib22","doi-asserted-by":"crossref","first-page":"280","DOI":"10.1016\/j.infsof.2005.04.007","article-title":"An interactive service customization model","volume":"48","author":"Cao","year":"2006","journal-title":"Inf Softw Technol"},{"key":"10.1016\/j.cose.2014.05.012_bib23","series-title":"Lecture notes in computer science","first-page":"30","article-title":"Transversal policy conflict detection","author":"Casalino","year":"2012"},{"issue":"3","key":"10.1016\/j.cose.2014.05.012_bib24","doi-asserted-by":"crossref","first-page":"212","DOI":"10.1016\/j.intcom.2009.05.003","article-title":"Cultural cognition in usability evaluation","volume":"21","author":"Clemmensen","year":"2009","journal-title":"Interact Comput"},{"issue":"4","key":"10.1016\/j.cose.2014.05.012_bib25","doi-asserted-by":"crossref","first-page":"357","DOI":"10.1016\/j.jsis.2005.07.001","article-title":"IT outsourcing configuration: research into defining and designing outsourcing arrangements","volume":"14","author":"Cullen","year":"2005","journal-title":"J Strateg Inf Syst"},{"key":"10.1016\/j.cose.2014.05.012_bib26","series-title":"Lecture notes in computer science","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1007\/3-540-44569-2_2","article-title":"The Ponder policy specification language","author":"Damianou","year":"2001"},{"key":"10.1016\/j.cose.2014.05.012_bib27","series-title":"International conference on advanced information networking and applications","first-page":"113","article-title":"Business compliance governance in service-oriented architectures","author":"Daniel","year":"2009"},{"issue":"12","key":"10.1016\/j.cose.2014.05.012_bib28","doi-asserted-by":"crossref","first-page":"130","DOI":"10.1109\/MCOM.2011.6094017","article-title":"Toward an architecture for monitoring private clouds","volume":"49","author":"De Chaves","year":"2011","journal-title":"IEEE Commun Mag"},{"issue":"5","key":"10.1016\/j.cose.2014.05.012_bib29","doi-asserted-by":"crossref","first-page":"325","DOI":"10.1016\/j.cose.2006.06.004","article-title":"Continuous auditing technologies and models: a discussion","volume":"25","author":"Flowerday","year":"2006","journal-title":"Comput Secur"},{"year":"2013","series-title":"D1.6-integrated prototype","author":"Gallego-Nicasio Crespo","key":"10.1016\/j.cose.2014.05.012_bib30"},{"key":"10.1016\/j.cose.2014.05.012_bib31","series-title":"32nd Hawaii international conference on system sciences","article-title":"Analyzing IT outsourcing relationships as alliances among multiple clients and vendors","author":"Gallivan","year":"1999"},{"issue":"7","key":"10.1016\/j.cose.2014.05.012_bib32","doi-asserted-by":"crossref","first-page":"577","DOI":"10.1016\/S0167-4048(01)00706-4","article-title":"From risk analysis to security requirements","volume":"20","author":"Gerber","year":"2001","journal-title":"Comput Secur"},{"issue":"5\u20136","key":"10.1016\/j.cose.2014.05.012_bib33","doi-asserted-by":"crossref","first-page":"124","DOI":"10.1016\/j.cose.2008.07.009","article-title":"Information security requirements \u2013 interpreting the legal aspects","volume":"27","author":"Gerber","year":"2008","journal-title":"Comput Secur"},{"issue":"2","key":"10.1016\/j.cose.2014.05.012_bib34","doi-asserted-by":"crossref","first-page":"185","DOI":"10.1007\/s10796-008-9067-6","article-title":"Structure of service level agreements (SLA) in IT outsourcing: the construct and its measurement","volume":"12","author":"Goo","year":"2010","journal-title":"Inf Syst Front"},{"key":"10.1016\/j.cose.2014.05.012_bib35","series-title":"21st Annual computer security applications conference","article-title":"Automated and safe vulnerability assessment","author":"Guo","year":"2005"},{"issue":"3","key":"10.1016\/j.cose.2014.05.012_bib94","first-page":"224","article-title":"Mixed methods research designs in counseling psychology","volume":"52","author":"Hanson","year":"2005","journal-title":"J\u00a0Couns Psychol"},{"key":"10.1016\/j.cose.2014.05.012_bib36","series-title":"The evaluator effect: a chilling fact about usability evaluation methods","first-page":"421","author":"Hertzum","year":"2001"},{"issue":"1","key":"10.1016\/j.cose.2014.05.012_bib37","doi-asserted-by":"crossref","first-page":"75","DOI":"10.2307\/25148625","article-title":"Design science in information systems research","volume":"28","author":"Hevner","year":"2004","journal-title":"Manag Inf Syst Q"},{"issue":"2","key":"10.1016\/j.cose.2014.05.012_bib38","doi-asserted-by":"crossref","first-page":"127","DOI":"10.1080\/0144929031000081341","article-title":"Trends in the use of verbal protocol analysis in software engineering research","volume":"22","author":"Hughes","year":"2003","journal-title":"Behav Inf Technol"},{"key":"10.1016\/j.cose.2014.05.012_bib39","series-title":"Proceedings of the 44th Hawaii international conference on system sciences (HICSS 2011)","first-page":"1","article-title":"Cloud hooks: security and privacy issues in cloud computing","author":"Jansen","year":"2011"},{"issue":"2","key":"10.1016\/j.cose.2014.05.012_bib40","doi-asserted-by":"crossref","first-page":"64","DOI":"10.1145\/2408776.2408793","article-title":"New approaches to security and availability for cloud data","volume":"56","author":"Juels","year":"2013","journal-title":"Commun ACM"},{"issue":"6","key":"10.1016\/j.cose.2014.05.012_bib41","doi-asserted-by":"crossref","first-page":"299","DOI":"10.1080\/19393555.2010.514654","article-title":"Security and control in the cloud","volume":"19","author":"Julisch","year":"2010","journal-title":"Inf Secur J A Glob Perspect"},{"issue":"6\u20137","key":"10.1016\/j.cose.2014.05.012_bib42","doi-asserted-by":"crossref","first-page":"410","DOI":"10.1016\/j.cose.2011.03.005","article-title":"Compliance by design \u2013 bridging the chasm between auditors and IT architects","volume":"30","author":"Julisch","year":"2011","journal-title":"Comput Secur"},{"issue":"4","key":"10.1016\/j.cose.2014.05.012_bib92","doi-asserted-by":"crossref","first-page":"571","DOI":"10.2307\/249133","article-title":"Combining qualitative and quantitative methods in information systems research: a case study","volume":"12","author":"Kaplan","year":"1988","journal-title":"Manage Info Syst Quart"},{"issue":"3","key":"10.1016\/j.cose.2014.05.012_bib43","doi-asserted-by":"crossref","first-page":"315","DOI":"10.1016\/j.cose.2012.01.003","article-title":"Applying security policies and service level agreement to IaaS service model to enhance security and transition","volume":"31","author":"Karadsheh","year":"2012","journal-title":"Comput Secur"},{"issue":"1","key":"10.1016\/j.cose.2014.05.012_bib44","doi-asserted-by":"crossref","first-page":"127","DOI":"10.1017\/S1049096506060264","article-title":"Doing a literature review","volume":"39","author":"Knopf","year":"2006","journal-title":"PS Polit Sci Polit"},{"year":"2012","series-title":"KPMG sourcing advisory 2012 global legal pulse survey","author":"KPMG","key":"10.1016\/j.cose.2014.05.012_bib45"},{"key":"10.1016\/j.cose.2014.05.012_bib46","series-title":"IEEE international conference on web services","article-title":"An automated method for web service orchestration based on reusable building blocks","author":"Kraemer","year":"2009"},{"key":"10.1016\/j.cose.2014.05.012_bib47","series-title":"Proceedings of the 14th symposium on reliable distributed systems","first-page":"135","article-title":"A paradigm for user-defined security policies","author":"K\u00fchnhauser","year":"1995"},{"key":"10.1016\/j.cose.2014.05.012_bib48","series-title":"The role of service granularity in a successful SOA realization: a case study IEEE congress on services","first-page":"423","author":"Kulkarni","year":"2008"},{"issue":"2","key":"10.1016\/j.cose.2014.05.012_bib49","doi-asserted-by":"crossref","first-page":"131","DOI":"10.1007\/BF03250890","article-title":"ICT and operations outsourcing in banking","volume":"45","author":"Lancellotti","year":"2003","journal-title":"Wirtschaftsinformatik"},{"key":"10.1016\/j.cose.2014.05.012_bib50","series-title":"Proceedings of the 2nd IEEE international workshop on service-oriented system engineering (SOSE 2006)","first-page":"197","article-title":"A policy framework for collaborative web service customization","author":"Liang","year":"2006"},{"issue":"2","key":"10.1016\/j.cose.2014.05.012_bib51","first-page":"52","article-title":"Transformational outsourcing","volume":"45","author":"Linder","year":"2004","journal-title":"MIT Sloan Manag Rev"},{"issue":"5","key":"10.1016\/j.cose.2014.05.012_bib52","doi-asserted-by":"crossref","first-page":"383","DOI":"10.1007\/s11576-008-0086-1","article-title":"Towards systematic achievement of compliance in service-oriented architectures: the MASTER approach","volume":"50","author":"Lotz","year":"2008","journal-title":"Wirtschaftsinformatik"},{"key":"10.1016\/j.cose.2014.05.012_bib53","series-title":"Proceedings of international conference on wirtschaftsinformatik (WI 2009)","first-page":"466","article-title":"Understanding the cloud computing ecosystem: results from a quantitative content analysis","author":"Martens","year":"2011"},{"key":"10.1016\/j.cose.2014.05.012_bib54","article-title":"The Forrester wave: enterprise governance, risk, and compliance platforms, Q4 2011","author":"McClean","year":"2011","journal-title":"Forrester Res"},{"year":"2009","series-title":"Cross-organizational security in distributed systems","author":"Miede","key":"10.1016\/j.cose.2014.05.012_bib55"},{"key":"10.1016\/j.cose.2014.05.012_bib56","series-title":"Proceedings of the 2009 ICSE workshop on principles of engineering service oriented systems","first-page":"18","article-title":"Variability modeling to support customization and deployment of multi-tenant-aware software as a service applications","author":"Mietzner","year":"2009"},{"issue":"3","key":"10.1016\/j.cose.2014.05.012_bib93","doi-asserted-by":"crossref","first-page":"240","DOI":"10.1287\/isre.12.3.240.9709","article-title":"Combining is research methods: towards a pluralist methodology","volume":"12","author":"Mingers","year":"2001","journal-title":"Info Syst Res"},{"key":"10.1016\/j.cose.2014.05.012_bib57","doi-asserted-by":"crossref","first-page":"28","DOI":"10.1016\/j.cose.2012.11.007","article-title":"Distributed security policy conformance","volume":"33","author":"Montanari","year":"2013","journal-title":"Comput Secur"},{"issue":"1","key":"10.1016\/j.cose.2014.05.012_bib59","doi-asserted-by":"crossref","first-page":"59","DOI":"10.1007\/s11761-012-0121-3","article-title":"Domain-specific language for event-based compliance monitoring in process-driven SOAs","volume":"7","author":"Mulo","year":"2013","journal-title":"Serv Oriented Comput Appl"},{"key":"10.1016\/j.cose.2014.05.012_bib60","series-title":"Proceedings of 3rd USENIX workshop on hot topics in cloud computing (HotCloud 2011)","first-page":"1","article-title":"SilverLine: data and network isolation for cloud services","author":"Mundada","year":"2011"},{"key":"10.1016\/j.cose.2014.05.012_bib62","article-title":"Market overview: IT service management support tools","author":"Oehrlich","year":"2010","journal-title":"Forrester Res"},{"issue":"3","key":"10.1016\/j.cose.2014.05.012_bib63","doi-asserted-by":"crossref","first-page":"192","DOI":"10.1108\/09593840910981400","article-title":"Global sourcing: recent trends and issues","volume":"22","author":"Oshri","year":"2009","journal-title":"Inf Technol People"},{"issue":"5","key":"10.1016\/j.cose.2014.05.012_bib64","doi-asserted-by":"crossref","first-page":"283","DOI":"10.1007\/s12599-010-0119-3","article-title":"Consortium research a method for researcher\u2013practitioner collaboration in design-oriented IS research","volume":"2","author":"\u00d6sterle","year":"2010","journal-title":"Bus Inf Syst Eng"},{"key":"10.1016\/j.cose.2014.05.012_bib65","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1016\/j.cose.2013.01.007","article-title":"Selecting a cloud service provider in the age of cybercrime","volume":"38","author":"Ouedraogo","year":"2013","journal-title":"Comput Secur"},{"issue":"2","key":"10.1016\/j.cose.2014.05.012_bib66","doi-asserted-by":"crossref","first-page":"223","DOI":"10.1142\/S0218843008001816","article-title":"Service-oriented computing: a research roadmap","volume":"17","author":"Papazoglou","year":"2008","journal-title":"Int J Coop Inf Syst"},{"issue":"6","key":"10.1016\/j.cose.2014.05.012_bib67","doi-asserted-by":"crossref","first-page":"32","DOI":"10.1109\/MSP.2010.140","article-title":"Cloud provider transparency: an empirical evaluation","volume":"8","author":"Pauley","year":"2010","journal-title":"IEEE Secur Priv"},{"year":"2010","series-title":"Microsoft BPOS cloud service hit with data breach","author":"PCWorld","key":"10.1016\/j.cose.2014.05.012_bib68"},{"key":"10.1016\/j.cose.2014.05.012_bib69","series-title":"44th Hawaii international conference on system sciences","article-title":"Governance, risk & compliance (GRC) software \u2013 an exploratory study of software vendor and market research perspectives","author":"Racz","year":"2011"},{"key":"10.1016\/j.cose.2014.05.012_bib70","series-title":"International workshops of BPM 2011 Clermont-Ferrand, France","first-page":"459","article-title":"Separating compliance management and business process management","author":"Ramezani","year":"2011"},{"key":"10.1016\/j.cose.2014.05.012_bib95","series-title":"Qualitative research in IS: Issues and Trends","first-page":"163","article-title":"Analysis by long walk: some approaches to the synthesis of multiple sources of evidence","author":"Sawyer","year":"2001"},{"key":"10.1016\/j.cose.2014.05.012_bib71","series-title":"Model-based approaches to learning: using systems models and simulations to improve understanding and problem solving in complex domains","first-page":"17","article-title":"Mental models and problem solving: technological solutions for measurement and assessment of the development of expertise","author":"Seel","year":"2008"},{"key":"10.1016\/j.cose.2014.05.012_bib72","series-title":"Proceedings of the 16th international conference on business information systems (BIS 2013)","article-title":"Towards an architecture for collaborative cross-organizational security requirements management","author":"Sillaber","year":"2013"},{"year":"2005","series-title":"Doing qualitative research: a practical handbook","author":"Silverman","key":"10.1016\/j.cose.2014.05.012_bib73"},{"key":"10.1016\/j.cose.2014.05.012_bib74","series-title":"3rd International conference on web science","article-title":"Compliance auditing in future web-based infrastructures","author":"Sinclair","year":"2011"},{"issue":"2","key":"10.1016\/j.cose.2014.05.012_bib75","article-title":"Generalized audit software: effective and efficient tool for today's IT audits","volume":"7","author":"Singleton","year":"2006","journal-title":"ISACA J"},{"issue":"7","key":"10.1016\/j.cose.2014.05.012_bib76","doi-asserted-by":"crossref","first-page":"47","DOI":"10.1145\/233977.233994","article-title":"Employment outsourcing in information systems","volume":"39","author":"Slaughter","year":"1996","journal-title":"Commun ACM"},{"issue":"5","key":"10.1016\/j.cose.2014.05.012_bib77","doi-asserted-by":"crossref","first-page":"14","DOI":"10.1109\/MIC.2009.119","article-title":"Virtual infrastructure management in private and hybrid clouds","volume":"13","author":"Sotomayor","year":"2009","journal-title":"IEEE Internet Comput"},{"key":"10.1016\/j.cose.2014.05.012_bib78","series-title":"Proceedings of the IEEE congress on services part II (SERVICES-2)","first-page":"18","article-title":"Software as a service: configuration and customization perspectives","author":"Sun","year":"2008"},{"key":"10.1016\/j.cose.2014.05.012_bib79","series-title":"IEEE 34th annual computer software and applications conference workshops","first-page":"393","article-title":"SecureCloud: towards a comprehensive security framework for cloud computing environments","author":"Takabi","year":"2010"},{"key":"10.1016\/j.cose.2014.05.012_bib80","series-title":"45th Hawaii international conference on system sciences","first-page":"5480","article-title":"Challenges in cross-organizational security management","author":"Thalmann","year":"2012"},{"issue":"2","key":"10.1016\/j.cose.2014.05.012_bib81","doi-asserted-by":"crossref","first-page":"114","DOI":"10.1080\/10658980601051706","article-title":"IT security management and business process automation: challenges, approaches, and rewards","volume":"16","author":"Tracy","year":"2007","journal-title":"Inf Syst Secur"},{"issue":"3","key":"10.1016\/j.cose.2014.05.012_bib82","doi-asserted-by":"crossref","first-page":"636","DOI":"10.1016\/j.dss.2010.08.014","article-title":"Conceptual model for on line auditing","volume":"50","author":"Van der Aalst","year":"2011","journal-title":"Decis Support Syst"},{"issue":"3","key":"10.1016\/j.cose.2014.05.012_bib83","doi-asserted-by":"crossref","first-page":"90","DOI":"10.1109\/MC.2010.61","article-title":"Auditing 2.0: using process mining to support tomorrow's auditor","volume":"43","author":"Van der Aalst","year":"2010","journal-title":"Computer"},{"key":"10.1016\/j.cose.2014.05.012_bib84","first-page":"34","article-title":"Prom 6: the process mining toolkit","volume":"vol. 615","author":"Verbeek","year":"2010"},{"key":"10.1016\/j.cose.2014.05.012_bib85","series-title":"9th International conference on services computing","first-page":"625","article-title":"Accelerating the deployment of security service infrastructure with collective intelligence and analytics","author":"Vukovic","year":"2012"},{"key":"10.1016\/j.cose.2014.05.012_bib86","series-title":"Proceedings of the 17th international workshop on quality of service","first-page":"1","article-title":"Ensuring data storage security in cloud computing","author":"Wang","year":"2009"},{"key":"10.1016\/j.cose.2014.05.012_bib87","series-title":"Basic content analysis, quantitative applications in the social sciences","doi-asserted-by":"crossref","DOI":"10.4135\/9781412983488","author":"Weber","year":"1990"},{"year":"2001","series-title":"Qualitative research interviewing: biographic narrative and semi-structured methods","author":"Wengraf","key":"10.1016\/j.cose.2014.05.012_bib88"},{"key":"10.1016\/j.cose.2014.05.012_bib90","series-title":"IEEE 8th international conference on e-business engineering","first-page":"119","article-title":"Understanding the complexity surrounding multitenancy in cloud computing","author":"Wood","year":"2011"},{"issue":"1","key":"10.1016\/j.cose.2014.05.012_bib91","doi-asserted-by":"crossref","first-page":"55","DOI":"10.1145\/122672.122685","article-title":"The use of think-aloud evaluation methods in design","volume":"23","author":"Wright","year":"1991","journal-title":"ACM SIGCHI Bull"}],"container-title":["Computers & Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0167404814000935?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0167404814000935?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2019,8,11]],"date-time":"2019-08-11T10:15:44Z","timestamp":1565518544000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0167404814000935"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,9]]},"references-count":92,"alternative-id":["S0167404814000935"],"URL":"https:\/\/doi.org\/10.1016\/j.cose.2014.05.012","relation":{},"ISSN":["0167-4048"],"issn-type":[{"type":"print","value":"0167-4048"}],"subject":[],"published":{"date-parts":[[2014,9]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"Complexity is dead, long live complexity! How software can help service providers manage security and compliance","name":"articletitle","label":"Article Title"},{"value":"Computers & Security","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.cose.2014.05.012","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"Copyright \u00a9 2014 Elsevier Ltd. All rights reserved.","name":"copyright","label":"Copyright"}]}}