{"id":"https://openalex.org/W7128527337","doi":"https://doi.org/10.1109/ojcs.2026.3663493","title":"Risk Model for Choosing Signature Thresholds for Software Updates","display_name":"Risk Model for Choosing Signature Thresholds for Software Updates","publication_year":2026,"publication_date":"2026-01-01","ids":{"openalex":"https://openalex.org/W7128527337","doi":"https://doi.org/10.1109/ojcs.2026.3663493"},"language":"en","primary_location":{"id":"doi:10.1109/ojcs.2026.3663493","is_oa":true,"landing_page_url":"https://doi.org/10.1109/ojcs.2026.3663493","pdf_url":null,"source":{"id":"https://openalex.org/S4210176459","display_name":"IEEE Open Journal of the Computer Society","issn_l":"2644-1268","issn":["2644-1268"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Open Journal of the Computer Society","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1109/ojcs.2026.3663493","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5095881066","display_name":"Brian Romansky","orcid":"https://orcid.org/0009-0005-9356-5872"},"institutions":[{"id":"https://openalex.org/I193531525","display_name":"George Washington University","ror":"https://ror.org/00y4zzh67","country_code":"US","type":"education","lineage":["https://openalex.org/I193531525"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Brian Romansky","raw_affiliation_strings":["George Washington University, Washington, DC, USA"],"affiliations":[{"raw_affiliation_string":"George Washington University, Washington, DC, USA","institution_ids":["https://openalex.org/I193531525"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5050432319","display_name":"Thomas A. Mazzuchi","orcid":"https://orcid.org/0000-0002-4584-4018"},"institutions":[{"id":"https://openalex.org/I193531525","display_name":"George Washington University","ror":"https://ror.org/00y4zzh67","country_code":"US","type":"education","lineage":["https://openalex.org/I193531525"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Thomas Mazzuchi","raw_affiliation_strings":["George Washington University, Washington, DC, USA"],"affiliations":[{"raw_affiliation_string":"George Washington University, Washington, DC, USA","institution_ids":["https://openalex.org/I193531525"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5109336689","display_name":"Shahram Sarkani","orcid":null},"institutions":[{"id":"https://openalex.org/I193531525","display_name":"George Washington University","ror":"https://ror.org/00y4zzh67","country_code":"US","type":"education","lineage":["https://openalex.org/I193531525"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Shahram Sarkani","raw_affiliation_strings":["George Washington University, Washington, DC, USA"],"affiliations":[{"raw_affiliation_string":"George Washington University, Washington, DC, USA","institution_ids":["https://openalex.org/I193531525"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5095881066"],"corresponding_institution_ids":["https://openalex.org/I193531525"],"apc_list":{"value":1750,"currency":"USD","value_usd":1750},"apc_paid":{"value":1750,"currency":"USD","value_usd":1750},"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.34641416,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"7","issue":null,"first_page":"480","last_page":"491"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.40209999680519104,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.40209999680519104,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.23909999430179596,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.05570000037550926,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/compromise","display_name":"Compromise","score":0.6413999795913696},{"id":"https://openalex.org/keywords/signature","display_name":"Signature (topology)","score":0.6183000206947327},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.6062999963760376},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.6036999821662903},{"id":"https://openalex.org/keywords/digital-signature","display_name":"Digital signature","score":0.5309000015258789},{"id":"https://openalex.org/keywords/risk-management","display_name":"Risk management","score":0.41600000858306885}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7164000272750854},{"id":"https://openalex.org/C46355384","wikidata":"https://www.wikidata.org/wiki/Q726686","display_name":"Compromise","level":2,"score":0.6413999795913696},{"id":"https://openalex.org/C2779696439","wikidata":"https://www.wikidata.org/wiki/Q7512811","display_name":"Signature (topology)","level":2,"score":0.6183000206947327},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.6062999963760376},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.6036999821662903},{"id":"https://openalex.org/C118463975","wikidata":"https://www.wikidata.org/wiki/Q220849","display_name":"Digital signature","level":3,"score":0.5309000015258789},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.43549999594688416},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.42719998955726624},{"id":"https://openalex.org/C32896092","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Risk management","level":2,"score":0.41600000858306885},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.3788999915122986},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.3718999922275543},{"id":"https://openalex.org/C12174686","wikidata":"https://www.wikidata.org/wiki/Q1058438","display_name":"Risk assessment","level":2,"score":0.34529998898506165},{"id":"https://openalex.org/C149091818","wikidata":"https://www.wikidata.org/wiki/Q2429814","display_name":"Software system","level":3,"score":0.31439998745918274},{"id":"https://openalex.org/C136197465","wikidata":"https://www.wikidata.org/wiki/Q1729295","display_name":"Variety (cybernetics)","level":2,"score":0.3093999922275543},{"id":"https://openalex.org/C82214349","wikidata":"https://www.wikidata.org/wiki/Q657339","display_name":"Software metric","level":5,"score":0.30880001187324524}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/ojcs.2026.3663493","is_oa":true,"landing_page_url":"https://doi.org/10.1109/ojcs.2026.3663493","pdf_url":null,"source":{"id":"https://openalex.org/S4210176459","display_name":"IEEE Open Journal of the Computer Society","issn_l":"2644-1268","issn":["2644-1268"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Open Journal of the Computer Society","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:a54451f516404808ab133194fcbd4dc5","is_oa":true,"landing_page_url":"https://doaj.org/article/a54451f516404808ab133194fcbd4dc5","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Open Journal of the Computer Society, Vol 7, Pp 480-491 (2026)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/ojcs.2026.3663493","is_oa":true,"landing_page_url":"https://doi.org/10.1109/ojcs.2026.3663493","pdf_url":null,"source":{"id":"https://openalex.org/S4210176459","display_name":"IEEE Open Journal of the Computer Society","issn_l":"2644-1268","issn":["2644-1268"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Open Journal of the Computer Society","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.6344881057739258}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"The":[0,61,107],"timely":[1],"installation":[2],"of":[3,32,47,55,63,73],"software":[4,20,126],"updates":[5],"has":[6],"become":[7],"an":[8],"accepted":[9],"best":[10],"practice":[11],"for":[12,29,95],"protecting":[13],"connected":[14],"systems":[15],"from":[16],"persistent":[17],"threats.":[18],"Modern":[19],"update":[21,37],"frameworks":[22],"and":[23,69,99,112],"trust":[24],"anchor":[25],"management":[26],"protocols":[27],"allow":[28],"the":[30,42,56,70],"use":[31,66,76],"multiple":[33,67,105,121],"digital":[34,49,58],"signatures":[35,68,74,122],"on":[36,80],"messages":[38],"to":[39,65,75,114,123],"protect":[40,124],"against":[41],"potential":[43],"compromise":[44,54],"or":[45,53],"loss":[46],"a":[48,81,87,116],"signature":[50,59],"private":[51],"key":[52],"underlying":[57],"platform.":[60],"choice":[62],"whether":[64],"specific":[71],"number":[72],"should":[77],"be":[78],"based":[79],"risk":[82,93],"assessment.":[83],"We":[84],"have":[85],"developed":[86],"probability":[88],"model":[89,108],"that":[90,103],"provides":[91],"relative":[92],"metrics":[94],"several":[96],"different":[97],"policy":[98],"system":[100,110],"design":[101],"options":[102],"include":[104],"signatures.":[106],"enables":[109],"architects":[111],"operators":[113],"make":[115],"risk-based":[117],"decision":[118],"when":[119],"considering":[120],"critical":[125],"updates.":[127]},"counts_by_year":[],"updated_date":"2026-03-18T14:38:29.013473","created_date":"2026-02-11T00:00:00"}