{"id":"https://openalex.org/W4415826717","doi":"https://doi.org/10.1016/j.ejor.2025.10.027","title":"Optimal information system security investment: A control-theoretic approach to balancing continuous maintenance and periodic upgrades","display_name":"Optimal information system security investment: A control-theoretic approach to balancing continuous maintenance and periodic upgrades","publication_year":2025,"publication_date":"2025-11-03","ids":{"openalex":"https://openalex.org/W4415826717","doi":"https://doi.org/10.1016/j.ejor.2025.10.027"},"language":"en","primary_location":{"id":"doi:10.1016/j.ejor.2025.10.027","is_oa":false,"landing_page_url":"https://doi.org/10.1016/j.ejor.2025.10.027","pdf_url":null,"source":{"id":"https://openalex.org/S103321696","display_name":"European Journal of Operational Research","issn_l":"0377-2217","issn":["0377-2217","1872-6860"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"European Journal of Operational Research","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100615686","display_name":"Joohyun Kim","orcid":"https://orcid.org/0000-0001-7132-5724"},"institutions":[{"id":"https://openalex.org/I102149020","display_name":"University of North Carolina at Charlotte","ror":"https://ror.org/04dawnj30","country_code":"US","type":"education","lineage":["https://openalex.org/I102149020"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Joohyun Kim","raw_affiliation_strings":["Belk College of Business, University of North Carolina at Charlotte, Charlotte, NC, 28213, United States"],"raw_orcid":"https://orcid.org/0000-0001-7132-5724","affiliations":[{"raw_affiliation_string":"Belk College of Business, University of North Carolina at Charlotte, Charlotte, NC, 28213, United States","institution_ids":["https://openalex.org/I102149020"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5004416220","display_name":"Monica Johar","orcid":"https://orcid.org/0000-0003-3903-6804"},"institutions":[{"id":"https://openalex.org/I102149020","display_name":"University of North Carolina at Charlotte","ror":"https://ror.org/04dawnj30","country_code":"US","type":"education","lineage":["https://openalex.org/I102149020"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Monica Johar","raw_affiliation_strings":["Belk College of Business, University of North Carolina at Charlotte, Charlotte, NC, 28213, United States"],"raw_orcid":"https://orcid.org/0000-0003-3903-6804","affiliations":[{"raw_affiliation_string":"Belk College of Business, University of North Carolina at Charlotte, Charlotte, NC, 28213, United States","institution_ids":["https://openalex.org/I102149020"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010908779","display_name":"Moutaz Khouja","orcid":"https://orcid.org/0000-0002-5601-6947"},"institutions":[{"id":"https://openalex.org/I102149020","display_name":"University of North Carolina at Charlotte","ror":"https://ror.org/04dawnj30","country_code":"US","type":"education","lineage":["https://openalex.org/I102149020"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Moutaz Khouja","raw_affiliation_strings":["Belk College of Business, University of North Carolina at Charlotte, Charlotte, NC, 28213, United States"],"raw_orcid":"https://orcid.org/0000-0002-5601-6947","affiliations":[{"raw_affiliation_string":"Belk College of Business, University of North Carolina at Charlotte, Charlotte, NC, 28213, United States","institution_ids":["https://openalex.org/I102149020"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5080954407","display_name":"Jing Zhou","orcid":"https://orcid.org/0000-0001-8611-0064"},"institutions":[{"id":"https://openalex.org/I102149020","display_name":"University of North Carolina at Charlotte","ror":"https://ror.org/04dawnj30","country_code":"US","type":"education","lineage":["https://openalex.org/I102149020"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jing Zhou","raw_affiliation_strings":["Belk College of Business, University of North Carolina at Charlotte, Charlotte, NC, 28213, United States"],"raw_orcid":"https://orcid.org/0000-0001-8611-0064","affiliations":[{"raw_affiliation_string":"Belk College of Business, University of North Carolina at Charlotte, Charlotte, NC, 28213, United States","institution_ids":["https://openalex.org/I102149020"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5010908779"],"corresponding_institution_ids":["https://openalex.org/I102149020"],"apc_list":{"value":3290,"currency":"USD","value_usd":3290},"apc_paid":null,"fwci":2.7507,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.93190243,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":98},"biblio":{"volume":"332","issue":"1","first_page":"209","last_page":"232"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.4271000027656555,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.4271000027656555,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11807","display_name":"Infrastructure Resilience and Vulnerability Analysis","score":0.1257999986410141,"subfield":{"id":"https://openalex.org/subfields/2205","display_name":"Civil and Structural Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11864","display_name":"Supply Chain Resilience and Risk Management","score":0.09960000216960907,"subfield":{"id":"https://openalex.org/subfields/1408","display_name":"Strategy and Management"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/upgrade","display_name":"Upgrade","score":0.6607000231742859},{"id":"https://openalex.org/keywords/schedule","display_name":"Schedule","score":0.5763000249862671},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.5037999749183655},{"id":"https://openalex.org/keywords/information-system","display_name":"Information system","score":0.5001000165939331},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.4415999948978424},{"id":"https://openalex.org/keywords/information-security-standards","display_name":"Information security standards","score":0.4185999929904938},{"id":"https://openalex.org/keywords/continuous-monitoring","display_name":"Continuous monitoring","score":0.4122999906539917},{"id":"https://openalex.org/keywords/investment","display_name":"Investment (military)","score":0.4113999903202057}],"concepts":[{"id":"https://openalex.org/C2780615140","wikidata":"https://www.wikidata.org/wiki/Q920419","display_name":"Upgrade","level":2,"score":0.6607000231742859},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6324999928474426},{"id":"https://openalex.org/C68387754","wikidata":"https://www.wikidata.org/wiki/Q7271585","display_name":"Schedule","level":2,"score":0.5763000249862671},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.5037999749183655},{"id":"https://openalex.org/C180198813","wikidata":"https://www.wikidata.org/wiki/Q121182","display_name":"Information system","level":2,"score":0.5001000165939331},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.4415999948978424},{"id":"https://openalex.org/C139547956","wikidata":"https://www.wikidata.org/wiki/Q6031202","display_name":"Information security standards","level":5,"score":0.4185999929904938},{"id":"https://openalex.org/C2776902269","wikidata":"https://www.wikidata.org/wiki/Q5165493","display_name":"Continuous monitoring","level":2,"score":0.4122999906539917},{"id":"https://openalex.org/C27548731","wikidata":"https://www.wikidata.org/wiki/Q88272","display_name":"Investment (military)","level":3,"score":0.4113999903202057},{"id":"https://openalex.org/C2780980858","wikidata":"https://www.wikidata.org/wiki/Q110022","display_name":"Dual (grammatical number)","level":2,"score":0.4023999869823456},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.36039999127388},{"id":"https://openalex.org/C29122968","wikidata":"https://www.wikidata.org/wiki/Q1414816","display_name":"Incentive","level":2,"score":0.3481999933719635},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.34220001101493835},{"id":"https://openalex.org/C42475967","wikidata":"https://www.wikidata.org/wiki/Q194292","display_name":"Operations research","level":1,"score":0.31839999556541443},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.30390000343322754},{"id":"https://openalex.org/C10184394","wikidata":"https://www.wikidata.org/wiki/Q5165491","display_name":"Continuous modelling","level":2,"score":0.2973000109195709},{"id":"https://openalex.org/C121017731","wikidata":"https://www.wikidata.org/wiki/Q11661","display_name":"Information technology","level":2,"score":0.29249998927116394},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.29019999504089355},{"id":"https://openalex.org/C148976360","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management","level":5,"score":0.28999999165534973},{"id":"https://openalex.org/C29848774","wikidata":"https://www.wikidata.org/wiki/Q61905","display_name":"Management information systems","level":3,"score":0.26260000467300415}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1016/j.ejor.2025.10.027","is_oa":false,"landing_page_url":"https://doi.org/10.1016/j.ejor.2025.10.027","pdf_url":null,"source":{"id":"https://openalex.org/S103321696","display_name":"European Journal of Operational Research","issn_l":"0377-2217","issn":["0377-2217","1872-6860"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320990","host_organization_name":"Elsevier BV","host_organization_lineage":["https://openalex.org/P4310320990"],"host_organization_lineage_names":["Elsevier BV"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"European Journal of Operational Research","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":49,"referenced_works":["https://openalex.org/W618475404","https://openalex.org/W1967820237","https://openalex.org/W1969669878","https://openalex.org/W1985984683","https://openalex.org/W1989167625","https://openalex.org/W2036178246","https://openalex.org/W2036883724","https://openalex.org/W2045814518","https://openalex.org/W2052176782","https://openalex.org/W2056075452","https://openalex.org/W2056202988","https://openalex.org/W2091860459","https://openalex.org/W2096830520","https://openalex.org/W2098376610","https://openalex.org/W2122301719","https://openalex.org/W2129085046","https://openalex.org/W2136015481","https://openalex.org/W2167474990","https://openalex.org/W2336964007","https://openalex.org/W2550763266","https://openalex.org/W2596381156","https://openalex.org/W2610527038","https://openalex.org/W2906939659","https://openalex.org/W2907907364","https://openalex.org/W2999656808","https://openalex.org/W3009241250","https://openalex.org/W3022329878","https://openalex.org/W3026432090","https://openalex.org/W3034631655","https://openalex.org/W3082991229","https://openalex.org/W3088398603","https://openalex.org/W3115362282","https://openalex.org/W3127950237","https://openalex.org/W3132967942","https://openalex.org/W3158968632","https://openalex.org/W3162486746","https://openalex.org/W4200391154","https://openalex.org/W4205613068","https://openalex.org/W4210356834","https://openalex.org/W4281616937","https://openalex.org/W4282826817","https://openalex.org/W4293152942","https://openalex.org/W4308293035","https://openalex.org/W4362661365","https://openalex.org/W4365447587","https://openalex.org/W4389514230","https://openalex.org/W4391179367","https://openalex.org/W4391684681","https://openalex.org/W4399071351"],"related_works":[],"abstract_inverted_index":null,"counts_by_year":[{"year":2026,"cited_by_count":1}],"updated_date":"2026-05-07T13:39:58.223016","created_date":"2025-11-03T00:00:00"}