{"id":"https://openalex.org/W1690805376","doi":"https://doi.org/10.1108/ics-12-2013-0090","title":"A comprehensive security control selection model for inter-dependent organizational assets structure","display_name":"A comprehensive security control selection model for inter-dependent organizational assets structure","publication_year":2015,"publication_date":"2015-05-22","ids":{"openalex":"https://openalex.org/W1690805376","doi":"https://doi.org/10.1108/ics-12-2013-0090","mag":"1690805376"},"language":"en","primary_location":{"id":"doi:10.1108/ics-12-2013-0090","is_oa":false,"landing_page_url":"https://doi.org/10.1108/ics-12-2013-0090","pdf_url":null,"source":{"id":"https://openalex.org/S4210195545","display_name":"Information and Computer Security","issn_l":"2056-4961","issn":["2056-4961","2056-497X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information &amp; Computer Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5002317435","display_name":"Maryam Shahpasand","orcid":"https://orcid.org/0000-0003-4585-5240"},"institutions":[{"id":"https://openalex.org/I158248296","display_name":"Amirkabir University of Technology","ror":"https://ror.org/04gzbav43","country_code":"IR","type":"education","lineage":["https://openalex.org/I158248296"]}],"countries":["IR"],"is_corresponding":true,"raw_author_name":"Maryam Shahpasand","raw_affiliation_strings":["Department of Computer engineering and Information Technology, Amirkabir University of Technology (Tehran Polytechnic), Tehran, Iran","(Department of Computer engineering and Information Technology, Amirkabir University of Technology (Tehran Polytechnic), Tehran, Iran)"],"affiliations":[{"raw_affiliation_string":"Department of Computer engineering and Information Technology, Amirkabir University of Technology (Tehran Polytechnic), Tehran, Iran","institution_ids":["https://openalex.org/I158248296"]},{"raw_affiliation_string":"(Department of Computer engineering and Information Technology, Amirkabir University of Technology (Tehran Polytechnic), Tehran, Iran)","institution_ids":["https://openalex.org/I158248296"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053531964","display_name":"Mehdi Shajari","orcid":"https://orcid.org/0000-0003-3961-4168"},"institutions":[{"id":"https://openalex.org/I158248296","display_name":"Amirkabir University of Technology","ror":"https://ror.org/04gzbav43","country_code":"IR","type":"education","lineage":["https://openalex.org/I158248296"]}],"countries":["IR"],"is_corresponding":false,"raw_author_name":"Mehdi Shajari","raw_affiliation_strings":["Department of Computer engineering and Information Technology, Amirkabir University of Technology (Tehran Polytechnic), Tehran, Iran","(Department of Computer engineering and Information Technology, Amirkabir University of Technology (Tehran Polytechnic), Tehran, Iran)"],"affiliations":[{"raw_affiliation_string":"Department of Computer engineering and Information Technology, Amirkabir University of Technology (Tehran Polytechnic), Tehran, Iran","institution_ids":["https://openalex.org/I158248296"]},{"raw_affiliation_string":"(Department of Computer engineering and Information Technology, Amirkabir University of Technology (Tehran Polytechnic), Tehran, Iran)","institution_ids":["https://openalex.org/I158248296"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5004632560","display_name":"Seyed Alireza Hashemi Golpaygani","orcid":null},"institutions":[{"id":"https://openalex.org/I158248296","display_name":"Amirkabir University of Technology","ror":"https://ror.org/04gzbav43","country_code":"IR","type":"education","lineage":["https://openalex.org/I158248296"]}],"countries":["IR"],"is_corresponding":false,"raw_author_name":"Seyed Alireza Hashemi Golpaygani","raw_affiliation_strings":["Department of Computer engineering and Information Technology, Amirkabir University of Technology (Tehran Polytechnic), Tehran, Iran","(Department of Computer engineering and Information Technology, Amirkabir University of Technology (Tehran Polytechnic), Tehran, Iran)"],"affiliations":[{"raw_affiliation_string":"Department of Computer engineering and Information Technology, Amirkabir University of Technology (Tehran Polytechnic), Tehran, Iran","institution_ids":["https://openalex.org/I158248296"]},{"raw_affiliation_string":"(Department of Computer engineering and Information Technology, Amirkabir University of Technology (Tehran Polytechnic), Tehran, Iran)","institution_ids":["https://openalex.org/I158248296"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5079792724","display_name":"Hoda Ghavamipoor","orcid":null},"institutions":[{"id":"https://openalex.org/I158248296","display_name":"Amirkabir University of Technology","ror":"https://ror.org/04gzbav43","country_code":"IR","type":"education","lineage":["https://openalex.org/I158248296"]}],"countries":["IR"],"is_corresponding":false,"raw_author_name":"Hoda Ghavamipoor","raw_affiliation_strings":["Department of Computer engineering and Information Technology, Amirkabir University of Technology (Tehran Polytechnic), Tehran, Iran","(Department of Computer engineering and Information Technology, Amirkabir University of Technology (Tehran Polytechnic), Tehran, Iran)"],"affiliations":[{"raw_affiliation_string":"Department of Computer engineering and Information Technology, Amirkabir University of Technology (Tehran Polytechnic), Tehran, Iran","institution_ids":["https://openalex.org/I158248296"]},{"raw_affiliation_string":"(Department of Computer engineering and Information Technology, Amirkabir University of Technology (Tehran Polytechnic), Tehran, Iran)","institution_ids":["https://openalex.org/I158248296"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5002317435"],"corresponding_institution_ids":["https://openalex.org/I158248296"],"apc_list":null,"apc_paid":null,"fwci":0.7946,"has_fulltext":false,"cited_by_count":12,"citation_normalized_percentile":{"value":0.79972223,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":"23","issue":"2","first_page":"218","last_page":"242"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9962999820709229,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11864","display_name":"Supply Chain Resilience and Risk Management","score":0.9739000201225281,"subfield":{"id":"https://openalex.org/subfields/1408","display_name":"Strategy and Management"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6940771341323853},{"id":"https://openalex.org/keywords/interdependence","display_name":"Interdependence","score":0.6252635717391968},{"id":"https://openalex.org/keywords/knapsack-problem","display_name":"Knapsack problem","score":0.5848520398139954},{"id":"https://openalex.org/keywords/asset","display_name":"Asset (computer security)","score":0.5636066794395447},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5014371871948242},{"id":"https://openalex.org/keywords/security-management","display_name":"Security management","score":0.4911470115184784},{"id":"https://openalex.org/keywords/dependency","display_name":"Dependency (UML)","score":0.4548410475254059},{"id":"https://openalex.org/keywords/security-controls","display_name":"Security controls","score":0.4469171166419983},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.4343387484550476},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.29129263758659363},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.08685946464538574}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6940771341323853},{"id":"https://openalex.org/C185874996","wikidata":"https://www.wikidata.org/wiki/Q269699","display_name":"Interdependence","level":2,"score":0.6252635717391968},{"id":"https://openalex.org/C113138325","wikidata":"https://www.wikidata.org/wiki/Q864457","display_name":"Knapsack problem","level":2,"score":0.5848520398139954},{"id":"https://openalex.org/C76178495","wikidata":"https://www.wikidata.org/wiki/Q4808784","display_name":"Asset (computer security)","level":2,"score":0.5636066794395447},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5014371871948242},{"id":"https://openalex.org/C83163435","wikidata":"https://www.wikidata.org/wiki/Q3954104","display_name":"Security management","level":2,"score":0.4911470115184784},{"id":"https://openalex.org/C19768560","wikidata":"https://www.wikidata.org/wiki/Q320727","display_name":"Dependency (UML)","level":2,"score":0.4548410475254059},{"id":"https://openalex.org/C178148461","wikidata":"https://www.wikidata.org/wiki/Q1632136","display_name":"Security controls","level":3,"score":0.4469171166419983},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.4343387484550476},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.29129263758659363},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.08685946464538574},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1108/ics-12-2013-0090","is_oa":false,"landing_page_url":"https://doi.org/10.1108/ics-12-2013-0090","pdf_url":null,"source":{"id":"https://openalex.org/S4210195545","display_name":"Information and Computer Security","issn_l":"2056-4961","issn":["2056-4961","2056-497X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information &amp; Computer Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/17","score":0.4399999976158142,"display_name":"Partnerships for the goals"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":48,"referenced_works":["https://openalex.org/W32063464","https://openalex.org/W45153480","https://openalex.org/W48058385","https://openalex.org/W94067085","https://openalex.org/W146540859","https://openalex.org/W147884860","https://openalex.org/W822889812","https://openalex.org/W1508191694","https://openalex.org/W1530962402","https://openalex.org/W1548918369","https://openalex.org/W1558089875","https://openalex.org/W1767049285","https://openalex.org/W1810489654","https://openalex.org/W1901395146","https://openalex.org/W1969427620","https://openalex.org/W1985999411","https://openalex.org/W2005170618","https://openalex.org/W2006958567","https://openalex.org/W2009495439","https://openalex.org/W2010714243","https://openalex.org/W2026286248","https://openalex.org/W2055083533","https://openalex.org/W2059209509","https://openalex.org/W2062830664","https://openalex.org/W2063544705","https://openalex.org/W2065527711","https://openalex.org/W2073350530","https://openalex.org/W2081657462","https://openalex.org/W2091673436","https://openalex.org/W2100033648","https://openalex.org/W2109203551","https://openalex.org/W2119716788","https://openalex.org/W2121236605","https://openalex.org/W2121805588","https://openalex.org/W2132243817","https://openalex.org/W2143174928","https://openalex.org/W2143396794","https://openalex.org/W2145071552","https://openalex.org/W2168057290","https://openalex.org/W2248383566","https://openalex.org/W2296381317","https://openalex.org/W2339802317","https://openalex.org/W2369295637","https://openalex.org/W2546952811","https://openalex.org/W2548335617","https://openalex.org/W2620244897","https://openalex.org/W6638491064","https://openalex.org/W6996999018"],"related_works":["https://openalex.org/W2058483893","https://openalex.org/W104437095","https://openalex.org/W2531362107","https://openalex.org/W63071447","https://openalex.org/W2482092000","https://openalex.org/W3112099458","https://openalex.org/W2085846385","https://openalex.org/W2625638707","https://openalex.org/W1984679292","https://openalex.org/W3132128985"],"abstract_inverted_index":{"Purpose":[0],"\u2013":[1,52,135,169,207],"This":[2,85,184],"paper":[3],"aims":[4],"to":[5,10,74,79,89,111,199,253],"propose":[6],"a":[7,115,125,239,248,266],"comprehensive":[8],"model":[9,182],"find":[11],"out":[12],"the":[13,25,29,67,75,81,91,122,129,141,147,164,175,180,245,255],"most":[14,99,176],"preventive":[15],"subset":[16,101,153,263],"of":[17,32,54,83,93,128,171,179,189,231,242],"security":[18,22,34,55,76,94,151,213],"controls":[19,95],"against":[20,96],"potential":[21],"attacks":[23,56],"inside":[24],"limited":[26,165,240],"budget.":[27,166],"Deploying":[28],"appropriate":[30],"collection":[31],"information":[33,38],"controls,":[35],"especially":[36],"in":[37,114,146,191,194,212,228,257],"system-dependent":[39],"organizations,":[40,195],"ensures":[41],"their":[42,47],"businesses'":[43],"continuity":[44],"alongside":[45],"with":[46],"effectiveness":[48,92,162,173],"and":[49,109,119,163,203,226,260],"efficiency.":[50],"Design/methodology/approach":[51],"Impacts":[53],"are":[57,138,215],"measured":[58],"based":[59,156,218],"on":[60,157,201,219],"interdependent":[61,229],"asset":[62,68],"structure.":[63],"Regarding":[64],"this":[65],"objective,":[66],"operational":[69],"dependency":[70,224],"graph":[71,78,250],"is":[72,102,154,174,185,251],"mapped":[73],"attack":[77],"assess":[80],"risks":[82],"attacks.":[84,97],"mapping":[86,105],"enables":[87],"us":[88],"measure":[90],"The":[98],"effective":[100],"found":[103],"by":[104,124,187,238],"its":[106,158,161],"features":[107,113],"(cost":[108],"effectiveness)":[110],"items\u2019":[112],"binary":[116],"knapsack":[117],"problem,":[118],"then":[120],"solving":[121],"problem":[123],"modified":[126],"version":[127],"classic":[130],"dynamic":[131,142],"programming":[132,143],"algorithm.":[133],"Findings":[134],"Exact":[136],"solutions":[137],"achieved":[139],"using":[140],"algorithm":[144],"approach":[145],"proposed":[148,181,246],"model.":[149],"Optimal":[150],"control":[152,172,262],"selected":[155],"implementation":[159],"cost,":[160],"Research":[167],"limitations/implications":[168],"Estimation":[170],"significant":[177],"limitation":[178],"utilization.":[183],"caused":[186],"lack":[188],"experience":[190],"risk":[192,258],"management":[193],"which":[196],"forces":[197],"them":[198],"rely":[200],"reports":[202],"simulation":[204],"results.":[205,222],"Originality/value":[206],"So":[208],"far,":[209],"cost-benefit":[210],"approaches":[211],"investments":[214],"followed":[216],"only":[217],"vulnerability":[220],"assessment":[221,259],"Moreover,":[223],"weights":[225],"types":[227],"structure":[230],"assets":[232],"have":[233],"been":[234],"taken":[235],"into":[236],"account":[237],"number":[241],"models.":[243],"In":[244],"model,":[247],"three-dimensional":[249],"used":[252],"capture":[254],"dependencies":[256],"optimal":[261],"selection,":[264],"through":[265],"holistic":[267],"approach.":[268]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}