乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T18:40:04Z","timestamp":1743100804263,"version":"3.38.0"},"reference-count":34,"publisher":"Elsevier BV","issue":"2","license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["European Journal of Operational Research"],"published-print":{"date-parts":[[2012,1]]},"DOI":"10.1016\/j.ejor.2011.05.050","type":"journal-article","created":{"date-parts":[[2011,6,26]],"date-time":"2011-06-26T06:55:31Z","timestamp":1309071331000},"page":"434-444","source":"Crossref","is-referenced-by-count":34,"title":["Information security trade-offs and optimal patching policies"],"prefix":"10.1016","volume":"216","author":[{"given":"Christos","family":"Ioannidis","sequence":"first","affiliation":[]},{"given":"David","family":"Pym","sequence":"additional","affiliation":[]},{"given":"Julian","family":"Williams","sequence":"additional","affiliation":[]}],"member":"78","reference":[{"key":"10.1016\/j.ejor.2011.05.050_b0005","series-title":"Proc. 17th Annual Computer Security Applications Conference","first-page":"358","article-title":"Why information security is hard: An economic perspective","author":"Anderson","year":"2001"},{"key":"10.1016\/j.ejor.2011.05.050_b0010","unstructured":"R. Anderson, R. B\u00f6hme, R. Clayton, T. Moore, Security economics and the internal market, Report to the European Network and Information Security Agency (ENISA), 2007. ."},{"key":"10.1016\/j.ejor.2011.05.050_b0015","doi-asserted-by":"crossref","unstructured":"R. Anderson, T. Moore, The economics of information security. Science 314 (2006) 610\u2013613. Extended version available at .","DOI":"10.1126\/science.1130992"},{"year":"2000","series-title":"Windows of vulnerability: A case study analysis","author":"Arbaugh","key":"10.1016\/j.ejor.2011.05.050_b0020"},{"issue":"4","key":"10.1016\/j.ejor.2011.05.050_b0025","doi-asserted-by":"crossref","first-page":"642","DOI":"10.1287\/mnsc.1070.0771","article-title":"Optimal policy for software vulnerability disclosure","volume":"54","author":"Arora","year":"2008","journal-title":"Management Science"},{"issue":"11","key":"10.1016\/j.ejor.2011.05.050_b0030","doi-asserted-by":"crossref","first-page":"1703","DOI":"10.1287\/mnsc.1060.0568","article-title":"Network software security and user incentives","volume":"52","author":"August","year":"2006","journal-title":"Management Science"},{"key":"10.1016\/j.ejor.2011.05.050_b0035","unstructured":"S. Beattie, S. Arnold, C. Cowans, P. Wagle, C. Wright, A. Shostack, Timing the application of security patches for optimal uptime, in: LISA \u201902: 16th System Administration Conference, 2002."},{"key":"10.1016\/j.ejor.2011.05.050_b0040","series-title":"Managing Information Risk and the Economics of Security","first-page":"141","article-title":"Modelling the human and technological costs and benefits of USB memory stick security","author":"Beautement","year":"2008"},{"key":"10.1016\/j.ejor.2011.05.050_b0045","doi-asserted-by":"crossref","unstructured":"Y. Beres, J. Griffin, S. Shiu, M. Heitman, D. Markle, P. Ventura, Analysing the performance of security solutions to reduce vulnerability exposure window, in: Proceedings of the 2008 Annual Computer Security Applications Conference, IEEE Computer Society Conference Publishing Services (CPS), 2008, pp. 33\u201342.","DOI":"10.1109\/ACSAC.2008.42"},{"key":"10.1016\/j.ejor.2011.05.050_b0050","doi-asserted-by":"crossref","unstructured":"Y. Beres, D. Pym, S. Shiu, Decision support for systems security investment, in: Network Operations and Management Symposium Workshops (NOMS Wksps), 2010 IEEE\/IFIP, 2010, pp. 118\u2013125. doi:10.1109\/NOMSW.2010.5486590, ISBN: 978-1-4244-6037-3 (INSPEC Accession Number: 11502735).","DOI":"10.1109\/NOMSW.2010.5486590"},{"issue":"3","key":"10.1016\/j.ejor.2011.05.050_b0055","doi-asserted-by":"crossref","first-page":"586","DOI":"10.1016\/j.ejor.2010.03.010","article-title":"Technology choice under several uncertainty sources","volume":"206","author":"Bobtcheff","year":"2010","journal-title":"European Journal of Operational Research"},{"issue":"4","key":"10.1016\/j.ejor.2011.05.050_b0060","doi-asserted-by":"crossref","first-page":"657","DOI":"10.1287\/mnsc.1070.0794","article-title":"Security patch management: Share the burden or share the damage","volume":"54","author":"Cavusoglu","year":"2008","journal-title":"Management Science"},{"key":"10.1016\/j.ejor.2011.05.050_b0065","unstructured":"M. Collinson, B. Monahan, D. Pym, Semantics for structured systems modelling and simulation, in: Proc. Simutools 2010, ICST: ACM Digital Library and EU Digital Library, 2010. ISBN: 78-963-9799-87-5."},{"year":"2005","series-title":"Distributed Systems: Concepts and Design","author":"Coulouris","key":"10.1016\/j.ejor.2011.05.050_b0070"},{"year":"1980","series-title":"Point Processes","author":"Cox","key":"10.1016\/j.ejor.2011.05.050_b0075"},{"key":"10.1016\/j.ejor.2011.05.050_b0080","unstructured":"Demos2k. ."},{"key":"10.1016\/j.ejor.2011.05.050_b0085","doi-asserted-by":"crossref","unstructured":"S. Frei, M. May, U. Fiedler, B. Plattner, Large-scale vulnerability analysis, in: Proceedings of SIGCOMM\u201906 Workshop, Association for Computing Machinery, 2006. Available at .","DOI":"10.1145\/1162666.1162671"},{"key":"10.1016\/j.ejor.2011.05.050_b0090","doi-asserted-by":"crossref","unstructured":"M.P. Giannoni, M. Woodford, Optimal Interest-Rate Rules I: General Theory, Working Paper Series 9419, National Bureau of Economic Research, 2002. ISSU 9419, ISSN 0898-2937.","DOI":"10.3386\/w9419"},{"key":"10.1016\/j.ejor.2011.05.050_b0095","unstructured":"Gnosis. ."},{"issue":"2","key":"10.1016\/j.ejor.2011.05.050_b0100","first-page":"1","article-title":"Information security expenditures and real options: A wait-and-see approach","volume":"19","author":"Gordon","year":"2003","journal-title":"Computer Security Journal"},{"issue":"4","key":"10.1016\/j.ejor.2011.05.050_b0105","doi-asserted-by":"crossref","first-page":"438","DOI":"10.1145\/581271.581274","article-title":"The economics of information security investment","volume":"5","author":"Gordon","year":"2002","journal-title":"ACM Transactions on Information and Systems Security"},{"year":"2006","series-title":"Managing Cybersecurity Resources: A Cost-Benefit Analysis","author":"Gordon","key":"10.1016\/j.ejor.2011.05.050_b0110"},{"issue":"2","key":"10.1016\/j.ejor.2011.05.050_b0115","doi-asserted-by":"crossref","first-page":"370","DOI":"10.1016\/j.ejor.2010.12.013","article-title":"Defending against multiple different attackers","volume":"211","author":"Hausken","year":"2011","journal-title":"European Journal of Operational Research"},{"key":"10.1016\/j.ejor.2011.05.050_b0120","doi-asserted-by":"crossref","first-page":"936","DOI":"10.1287\/mnsc.28.8.936","article-title":"Sources of bias in assessment procedures for utility functions","volume":"28","author":"Hersey","year":"1982","journal-title":"Management Science"},{"key":"10.1016\/j.ejor.2011.05.050_b0125","series-title":"Proceedings of Financial Cryptography and Data Security \u201909","first-page":"148","article-title":"Investments and trade-offs in the economics of information security","volume":"vol. 5628","author":"Ioannidis","year":"2009"},{"key":"10.1016\/j.ejor.2011.05.050_b0130","doi-asserted-by":"crossref","first-page":"301","DOI":"10.1016\/0377-2217(89)90007-6","article-title":"Some experimental findings on decision-making under risk and their implications","volume":"38","author":"Jaffrey","year":"1989","journal-title":"European Journal of Operational Research"},{"key":"10.1016\/j.ejor.2011.05.050_b0135","doi-asserted-by":"crossref","first-page":"65","DOI":"10.1016\/S0167-9236(02)00137-9","article-title":"A decision support system for multi-attribute utility evaluation based on imprecise assignments","volume":"36","author":"Jimen\u00e9z","year":"2003","journal-title":"Decision Support Systems"},{"issue":"4","key":"10.1016\/j.ejor.2011.05.050_b0140","doi-asserted-by":"crossref","first-page":"235","DOI":"10.1109\/32.588541","article-title":"Quantitative model of the security intrusion process based on attacker behaviour","volume":"23","author":"Jonsson","year":"1997","journal-title":"IEEE Transactions on Software Engineering"},{"year":"1976","series-title":"Decisions with Multiple Objectives: Preferences and Value Trade-offs","author":"Keeney","key":"10.1016\/j.ejor.2011.05.050_b0145"},{"key":"10.1016\/j.ejor.2011.05.050_b0150","doi-asserted-by":"crossref","first-page":"56","DOI":"10.1287\/mnsc.32.1.56","article-title":"Lottery equivalents: Reduction of the certainty effect problem in utility assessment","volume":"32","author":"McCord","year":"1986","journal-title":"Management Science"},{"issue":"489","key":"10.1016\/j.ejor.2011.05.050_b0155","doi-asserted-by":"crossref","first-page":"657","DOI":"10.1111\/1468-0297.t01-1-00149","article-title":"Optimal discretionary monetary policy in a model of asymmetric bank preferences","volume":"113","author":"Nobay","year":"2003","journal-title":"Economic Journal"},{"issue":"1","key":"10.1016\/j.ejor.2011.05.050_b0160","doi-asserted-by":"crossref","first-page":"125","DOI":"10.1016\/S0377-2217(99)00121-6","article-title":"Market entry, phased rollout or abandonment? a real option approach","volume":"124","author":"Pennings","year":"2000","journal-title":"European Journal of Operational Research"},{"issue":"1","key":"10.1016\/j.ejor.2011.05.050_b0165","doi-asserted-by":"crossref","first-page":"393","DOI":"10.1214\/aop\/1024404293","article-title":"The Euler scheme for levy driven stochastic differential equations","volume":"25","author":"Protter","year":"1997","journal-title":"The Annals of Probability"},{"key":"10.1016\/j.ejor.2011.05.050_b0170","unstructured":"B. Schneier, Managed security monitoring: Closing the window of exposure, Counterpane Internet Security, 2000. Manuscript available at: ."}],"container-title":["European Journal of Operational Research"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S037722171100498X?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S037722171100498X?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,3,6]],"date-time":"2025-03-06T18:25:51Z","timestamp":1741285551000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S037722171100498X"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012,1]]},"references-count":34,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2012,1]]}},"alternative-id":["S037722171100498X"],"URL":"https:\/\/doi.org\/10.1016\/j.ejor.2011.05.050","relation":{},"ISSN":["0377-2217"],"issn-type":[{"type":"print","value":"0377-2217"}],"subject":[],"published":{"date-parts":[[2012,1]]}}}